最后更新于2024年1月19日星期五15:24:50 GMT
By 凯特琳康登, Rapid7漏洞研究高级经理,以及 克里斯蒂安·发现Rapid7威胁分析高级主管
It’s that time of year again — time for the annual tradition of cybersecurity predictions. Here at Rapid7 we’ve seen a whole lot of threats 和 exploited vulnerabilities in 2023, 很多是以零日的形式. So it can be a little overwhelming to think about what 可能是 in store for us in the year ahead.
We thought we’d start off by asking ChatGPT for its predictions.
Unsurprisingly, it gave the answer, “increased emphasis on AI 和 machine learning.” ChatGPT explained that AI-driven systems can better analyze 和 detect anomalies, 和 that we may see even more AI-powered tools for threat detection, 响应, 和自动化.
好了,朋友们,这就是“聊天救援”!
This “prediction” is pretty obvious, 和 everyone in the cybersecurity industry knows it. But 更重要的是, it doesn’t solve the huge issue that exists in the cybersecurity industry: 我们都在关注什么 可能是 without having the basic mechanisms in place to address what is.
所以,与其预测2024年的网络安全, we suggest you make the following three resolutions 和 a promise to yourself that you will lay the groundwork to make them happen in 2024.
解决方案1:只需执行MFA即可
It seems like every CISO has spent 2023 getting up to speed on AI. 当然,人工智能将在2024年发挥重要作用, both in the opportunities it presents to defenders as well as the security challenges it brings.
从网络安全的角度来看, 然而, it’s still important to keep your business focused on the basics such as correctly implemented multi-factor authentication (MFA). 那是因为在2024年, a business is significantly more likely to be breached due to weak MFA than it is by an advanced-AI cyber attack.
我们的 2023年中威胁报告 found that 40% of incidents in the first half of the year stemmed from non-existent or poorly enforced MFA. 我们的 message is simple: implement MFA now, particularly for VPNs 和 virtual desktop infrastructure. It’s the best 和 most important accomplishment you can make if you haven’t yet done so.
Resolution 2: Learn from what file transfer vendors did right
Without a doubt, 2023 was the year of file transfer vulnerabilities, with MOVEit转移 头等大事. 然而, we expect 2024 to be slightly different based on our experience with these vendors’ 响应 processes.
The file transfer software providers Rapid7 researchers disclosed vulnerabilities to were extremely responsive, fixing vulnerabilities in half the time it usually takes 和 proactively looking at ways to mature their vulnerability disclosure programs.
事实上, some of these organizations now have more established patch cycles 和 vulnerability disclosure mechanisms in place (hooray!), as well as security programs implemented where products are reviewed more frequently. 这些积极主动的循环应该会导致更成熟, security-bolstering software development practices — at least for these solution providers 和 those who have learned from them — in 2024.
解决方案3:控制好你的数据
Lots of data does not equal effective security analysis. We all get fatigued 和 miss things when we feel overwhelmed 和 overstretched. And well, the same happens to security teams when they are just given enormous amounts of raw data. 背景就是一切! It’s the missing piece of the puzzle to improving security posture 和 the effectiveness of solutions.
Spending more money or gathering more data is not going to improve your cybersecurity posture, 但是理解数据和, 更重要的是, what kind of data is needed to make better decisions will. 少即是多是我们2024年的信条. For example, take time to underst和 what data you are already collecting from a log perspective. Underst和 what type of data is inside those logs 和 how that data might indicate a possible attack technique. 如果你只有部分正确的信息, what type of data would you need to enrich that for enough context to decide or prioritize events?
额外好处:花点时间减压
相信我们, we know that for defenders taking time to decompress is easier said than done, but it’s so important to look after ourselves 和 avoid burnout. 我们给你的建议是制定你的保险计划, 好好沟通, 最重要的是, 慢慢来. 就连高德纳(Gartner)也预测到了这一点 25%的网络安全领导者 will change roles entirely by 2025 due to work-related stress. So, make sure you take the time to decompress, relax, 和 enjoy life.
For insights from the Rapid7 team on what 2024 could bring, watch the 网络安全预测 按需网络研讨会.
