Page 170 - Cyber Defense eMagazine January 2024
P. 170

consultants.  These  providers  offer  well-defined  and comprehensive  virtual  CSO (vCISO)  services  that
            focus more on small and medium businesses.

            For large enterprises, incident response assessments improve understanding of cyber resilience maturity
            and determine detection, response and recovery capabilities across their security operations.



               5.  Cybersecurity risk quantification gains traction

            Enterprise  boards and senior leadership teams are starting to ask how their cybersecurity  investments
            address  evolving  threats  to the  business  and  how to  quantify  the  reduction  in risk  they  deliver.  Enter
            cyber  risk quantification  methods  that  use actuarial  models  to  provide  tangible,  practical  and easy-to-
            understand estimates of cybersecurity value.


            In this area, organizations  will be hyper-focused on risk analysis from the perspective of AI-driven cyber
            threats, risks that stem from the organization’s use of AI and the cyber implications of the internal use of
            AI.  This  will  lead  to  a  reactive  flurry  of  policies  and  guidelines,  such  as  acceptable  use  policies  for
            ChatGPT, Grok, Copilot and others.

            In  2024,  more  IT  and  cyber  leaders  will  add  cyber  risk  quantification  to  their  portfolio  of  tools  to
            communicate  cybersecurity  value.  Solutions  range from  those  that  are highly  customized  and  require
            significant  training  for cyber  and risk  teams  working  with  actuarial  and  risk modelling  experts,  to risk-
            quantification-as-a-service  leveraging  available  market  and  organization  data  on  platforms  with
            proprietary actuarial models.

            Investments  in  advanced  security  tools  and  solutions  alone  will  not  ensure  business  continuity.  The
            multitude  of  challenges  enterprises  face,  including  cyber  risks,  threats  and  cyberattacks,  compliance
            obligations and more, require them to double down on achieving cyber resilience in 2024.





            About the Author

            Doug Saylors leads the ISG Cybersecurity business in the Americas, ANZ
            and  Asia  Pacific.  He  offers  expertise  in  cybersecurity  strategy,
            administrative  and  operational  models,  large-scale  transformation
            projects, infrastructure, digital enablement, relationship management and
            service delivery, and a strong focus on minimizing the risk of loss. He has
            helped  dozens  of  the  firm’s  most  prominent  global  clients  in  multiple
            industries,  including  Aerospace  &  Defense,  Life  Sciences,  Financial
            Services,  Healthcare  and  Manufacturing,  with  operational  assessments
            and  strategy  development  to  select  optimal  delivery  alternatives  and
            achieve the client’s overall business objectives. Doug can be reached on
            LinkedIn and at our company website https://isg-one.com/.






            Cyber Defense eMagazine – January 2024 Edition                                                                                                                                                                                                          170
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   165   166   167   168   169   170   171   172   173   174   175