The cybersecurity community has never faced more challenges than over this past year. The industry’s leading cyber defenders, Chief Information Officers (CIOs), Chief Information Security Officers (CISOs) and Heads of Cybersecurity, have had to handle an evolving cyber threat landscape, with ransomware actors showing impressive resilience despite many law enforcement blows in 2024. Nation-sponsored threats have also become more aggressive than ever before.
In addition to these threats, the rise in fraud and scams has added another layer of complexity. Cybercriminals have become increasingly sophisticated, employing advanced social engineering tactics to deceive individuals and organizations. Phishing attacks, business email compromise (BEC) and identity theft have surged, exploiting the vulnerabilities in human behavior and organizational processes.
Moreover, the rapid evolution of technology has created a dynamic battlefield where defenders and attackers are constantly adapting. Artificial intelligence (AI) and machine learning (ML) are being leveraged by both sides. While defenders use these technologies to enhance threat detection and response capabilities, attackers exploit them to automate attacks and evade traditional security measures. This ongoing cat-and-mouse game requires cybersecurity professionals to stay ahead of the curve, continuously updating their strategies and tools to protect their assets.
Throughout 2024, Infosecurity spoke to numerous cybersecurity leaders to hear their perspectives on what they consider to be the most significant concerns and challenges they think the cybersecurity industry is experiencing today.
Retaining Cybersecurity Talent
Megan Poortman, Head of Cyber Security, London Gatwick Airport
“[A] big challenge is retaining talent within the cyber industry. There are many worrying statistics about how many people are leaving their cyber careers because of stress and burnout, and we need to work out how to make cyber less scary and more sustainable as a long-term career journey.
We need more career journey mapping to help people find their niche and show them it is a great career with longevity. Cybersecurity leaders need to help them achieve that.
Retention will continue to be a challenge until we make cybersecurity an attractive career path for a diverse range of individuals. Diversity of thought will only make your cyber function stronger.”
Risk Management Concerns
Luke Kiely, Group CISO, GetBusy
“Upcoming compliance requirements, supply chain risk - everything from the cleaner that comes into your organizations to your managed Amazon Web Services (AWS) - and general risk management are my most significant concerns right now.”
Staying on Top of Payment Threats
Gina Gobeyn, Executive Director, PCI Security Standards Council (PCI SSC)
“Our biggest concern is the ever-present criminal element that continues to work to create new ways to attack payments. The number of cybercriminals is growing while the number of cyber professionals continues to struggle to keep up.
Anyone involved with payments must ensure they remain vigilant and make cybersecurity a top priority. We simply cannot let our guard down. We must remain agile and adapt to changes in payments and payment technology.”
Uncovering the Unknown Unknowns
Jason Manar, CISO, Kaseya
“My biggest concerns have always been the ‘unknown unknowns.’ Let’s say the company doesn’t have a process for finding out or knowing if a piece of hardware or software has been added to their environment. That would be an unknown unknown.
We are always looking to put processes in place that discover any unknown unknowns in the shortest amount of time possible. Unknown unknowns can also be geopolitical events and various other global crises that are going on.
Try to stay ahead of that and be predictive about what those events may be so you can have a little bit of preparation.
Almost everyone I talk to tells you about how hard it is to retain cybersecurity talent, they will tell you about how hard it is to recruit and then develop that talent.
The unknown unknowns and getting people in the right positions are the two things I am constantly top of mind thinking about.”
Don’t Trust, Verify
Jerry Geisler, SVP and Global CISO, Walmart
“If Walmart ever paints anything I say frequently on the wall, it will simply be this question: how do we know the things we believe to be true remain true? We work to secure an environment and datasets and have controls in place to do so. But how do we know those controls are still serving us effectively? I’m constantly challenging my team around that.
Alongside that would be what are we not thinking about that maybe we should be? What are we not anticipating, or not thinking about in the proper context or perspective? For us, it’s so critical that we remain students of our business and remain tightly coupled with our business – understanding the business strategy, where the business is going, and what technology is needed to unlock those business strategies. Cybersecurity plays a part in that enablement in protecting the environment.”
Breaking the Taboo of Insider Risk
Jason Clinton, CISO, Anthropic
“Insider risk is probably at the top of my concerns. It's basically impossible to solve, and it’s a difficult topic to talk about at the same time. Even if you had a solution, even talking about insider risk is really hard, people just automatically feel a little threatened by the topic.”
Preserving the Trust
Bob Leek, Chief Information Officer, Clark County, Nevada
“Cybersecurity challenges are multifactor. The continuity of our operations is extremely important. With digitizing local government, which we are well down the path of having done, the capability of our operations to withstand an outage of any type is compromised. This is to the point where some teams have said it would be very difficult for them to go through any kind of manual procedure.
With this wholesale move to digital solutions, the ability to move to something that isn’t digital has gone by the wayside.
Second, I think the impact of a cybersecurity incident has changed. It’s almost as if cybersecurity issues are background noise now. There is such a generally low level of trust in government that having a cybersecurity-based incident is almost expected, not a surprise.
Yes, Facebook, for example, has a lot of your data, but on the government side, we know a lot about you and the people we tend to provide services to come from vulnerable populations.
If you think about housing assistance programs, food assistance programs, the people that get in touch with us for services relating to domestic violence, there’s a lot of very sensitive data involved in that.
Having a cybersecurity incident is not just about systems being down, it is about the impact on the trust level, which is already low.”
Integrating Cyber into Operational Procedures
Friedemann Kurz, Head of IT, Porsche Motorsport
“Keeping cybersecurity manageable. That's what I'm concerned about.
When we’re in operations, we work with a small team and under high pressure with other things that are going on in parallel, and we generally don’t have a dedicated cybersecurity person. We need to be able to handle all of that in a situation at the racetrack during the weekend.
That includes the threats that are potentially coming in but also monitoring the whole solution.”
Preparing for Upcoming Cyber Regulations
Tom-Martijn Roelofs, Global Head of Security Strategy and Data, CISO department, ING Bank
“It's getting the implementations at the right pace for new regulations. That's definitely a challenge.
On a threat level, we are still rearranging and fine-tuning for the geopolitical threats that have popped up as of the invasion in Ukraine, but also earlier than that. That's definitely work to do.”
Supply Chain Security in Complex OT Environments
Anjos Nijk, Managing Director, European Network for Cyber Security
“Unique to the electricity sector is the blend of innovative technologies and legacy systems, which creates a vast attack surface with numerous complex interdependencies.
This underscores the importance of addressing supply chain security, as vulnerabilities within it could lead to large-scale incidents across interconnected infrastructures. These interdependencies often extend beyond the control of individual entities, making collaboration essential.
There are emerging threats from distributed energy resources and consumer equipment that fall outside the control of transmission system operators and distribution system operators and remain unregulated. These external elements introduce further complexity and potential risks to grid security, making it imperative to account for both traditional vulnerabilities and new, decentralized threats.
Additionally, there is the ‘real-time’ requirement: unlike IT environments such as banking, the electricity grid cannot simply be switched off to investigate and repair issues. Any disruption can cause cascading effects, halting other critical infrastructures.”