RSA 2024: What CISOs Need to Know

RSA is just a few weeks away and with just a few days to network, discuss challenges, and share ideas, CISOs calendars are going to be full. To help you get the most out of the conference, we recommend considering expert opinions on the most critical security challenges.

Geopolitical Tension Creates Collateral Damage

According to the World Economic Forum’s (WEF) Global Risks Report for 2024, the world has become less peaceful over the last decade. As multipolar powers replace global cooperation the likelihood of conflict containment decreases. It is well established that nations turn to cyber conflict to cause economic damage and destabilize regions.

Cyber attacks by nation-state groups do not just target critical infrastructure, commercial businesses are also deliberated attacked or are collateral damage. Nation-state threat actors are increasingly developing zero-day exploits for network infrastructure. During a Google Cloud event, it was claimed that Chinese hackers have been the top state-sponsored threat actors in zero-day usage over the past three years, being responsible for most of the exploited zero-days in 2023.

CISOs should consider how quickly they can respond to threats targeting the external attack surface. 

AI-Automated Cyber Attacks

In the Center for Security and Emerging Technology (CSET) paper Automating Cyber Attacks, the use of artificial intelligence to conduct cyber attacks is quickly evolving. It is predicted that these systems may eventually allow cyber attackers to more fully automate the reconnaissance, delivery, and lateral movement stages of attacks.

The impact of ChatGPT on phishing is well known; SlashNext has observed a staggering 1,265% increase in malicious phishing emails since the public release at the end of 2022. Recent research has found that AI agents equipped with GPT-4 can exploit most public vulnerabilities affecting real-world systems today, simply by reading about them online.

It is likely that AI will be used to launch machine-to-machine attacks, utilizing exploits that human researchers are unlikely to discover. CISOs should consider what AI-driven tools might be able to uncover about exposures to their infrastructure.

Cybersecurity During Economic Downturn

Reduced budgets can often lead to increased vulnerability as resources for cybersecurity initiatives are constrained. During economic downturns, organizations may face tough decisions about where to allocate funds, and unfortunately, cybersecurity budgets are sometimes seen as an area for potential cuts.

However, it's crucial for CISOs to emphasize to the board that cybersecurity is not an area where corners can be cut. With more hackers taking advantage of vulnerabilities during times of economic uncertainty, it's essential to maintain strong defenses. CISOs should advocate for smart investments in innovation, focusing on technologies and strategies that offer the most significant impact on the resources available. 

One way to approach this is by benchmarking the organization's security posture and prioritizing efforts on the most critical areas of exposure. By ensuring that resources are allocated strategically and efficiently, CISOs can help mitigate the risks posed by reduced budgets while still safeguarding the organization's digital assets.

Facing DevSecOps Challenges

Despite the growing emphasis on DevSecOps as a crucial component of cybersecurity strategy, recent reports suggest that it may not be meeting expectations. While the shift left approach advocated by DevSecOps makes sense in theory, the reality is that many codebases still contain vulnerabilities.

According to the Synopsys Open Source Security and Risk Analysis Report, a staggering 86% of codebases contain at least one vulnerability, with nearly half of them classified as high-risk. With web applications frequently targeted by attackers, it's clear that alternative strategies need to be considered. To address this issue, CISOs should prioritize speeding up production penetration testing of their applications.

By reducing lead time from months to minutes, organizations can provide developers with real-time feedback, enabling them to address vulnerabilities promptly and effectively. This shift toward rapid testing and response is essential for enhancing the security posture of modern software development practices.

Navigating the landscape of cybersecurity requires vigilance and adaptation. While challenges such as budget constraints, code vulnerabilities, and the expectations of DevSecOps persist, proactive measures can mitigate risks. If you're interested in exploring how Hadrian can help fortify your defenses, you can pre-book a meeting with us at the RSA Conference by clicking here.