REI Insights

2024 Global Cybersecurity: Leadership Top Ten Challenges & Best Practices
September 6, 2024
2024 Global Cybersecurity: Leadership Top Ten Challenges & Best Practices
Reading Time: 12 minutes

Introduction

Consider the recent massive Microsoft Office 365 global cyber outage, impacting millions of customers in government agencies, airlines, banking, and health care globally, all caused by a defective CrowdStrike Falcon software upgrade. With this event, it is now even more readily apparent that there is a compelling need to assess the interoperability of systems and enhance cyber resiliency in the public and private sectors worldwide. According to Cybersecurity Ventures, the global damages from cybercrime in 2023 was 8 trillion dollars and is expected to rise to $9.5 Trillion in 2024 and to over $10.5 Trillion in 2025. With the continual expansion of digital technologies, artificial intelligence (AI), and quantum computing in both the public and private sectors worldwide, there has been significant growth in cyber vulnerabilities leading to increased cyber-attacks by organized criminal cyber-attack groups, Nation-State (China, Russia, Iran, & North Korea) cyber-attack groups, and cyber hacktivists. These include the SolarWinds supply-chain cyber-attack, the various Microsoft platform based cyber-attacks, and the numerous ransomware cyber-attacks against many government agencies nationwide. 

Working professional businessman on laptop working with security-lock symbols in the background.Cybersecurity Ventures predicts the annual global spending on cybersecurity products and services by both governments and companies continues to increase at an annual growth rate of about 15 percent year-over-year. In the same report, according to McKinsey & Company, the corporate sector is poised to spend $213 billion on cybersecurity software in 2024. Deltek forecasts the demand for vendor supplied cybersecurity products and services by the U.S. federal government will increase to over $20 billion by 2027. Unfortunately, growth in cybersecurity spending has not proven effective in decreasing the tremendous global damages from cybercrimes. Furthermore, according to Interpol, the U.S. Department of Justice, and the Federal Bureau of Investigation (FBI), only about 25% of all global cybercrimes are typically reported to law enforcement.

As a result, cybersecurity leaders in both the public and private sectors are struggling to defend their valuable data assets, ensure data privacy, and provide cyber resiliency from malicious cyber-attacks worldwide. During the past 15 years, an exponential growth in demand for cybersecurity talent has emerged, resulting in a global talent shortage. It is estimated that there are over 3.5 million available cybersecurity jobs worldwide, with over 500,000 available cybersecurity jobs in the U.S., and the demand for cyber professionals continues to grow, outpacing the talent supply, according to CyberSeek. Thus, the Chief Information Security Officer (CISO) role has become increasingly important and challenging in the public and private sectors worldwide. This article will discuss the top ten global cybersecurity leadership challenges and proven, effective best practices to enhance cybersecurity in the U.S. and internationally. Awareness of these challenges and these practices can help organizations overcome the gap in cybersecurity talent by making better use of the staff who are available.  

 

Top Ten Global Cybersecurity Leadership Challenges

Based upon REI Systems’ experience and research, we have developed the following list of the top ten global cybersecurity leadership challenges facing CISOs worldwide:
Technology Shield abstract Image

 

Global Shortage Of Cybersecurity Talent

The shortage is especially critical for individuals with expertise and professional cyber certifications in the following areas: identity credential and access management (ICAM), cyber malware forensics, cyber threat hunting, cyber threat intelligence (CTI), cyber penetration testing, cyber red-team testing, defensive cyber operations (DCO), cyber advanced data analytics, cloud security architects, cybersecurity solution architects, cyber zero trust architects, offensive cyber operations (OCO), and experienced CISOs. The demand is even greater for cybersecurity professionals with the above-stated skill sets with Top Secret (TS) or higher security clearances.

 

Lack Of Cybersecurity-By-Design Architecture For Legacy Information Technology (IT) Infrastructure

Public and private sector organizations often invest significantly in hardware and software, which do not adequately provide built-in cyber protections and typically lack an appropriate security-by- design architecture. Thus, replacing the legacy IT infrastructure is often very expensive, complex, and time-consuming. Applying cyber security measures as a “bolt-on” afterthought tends to be more expensive and they may not integrate well.

 

Unrealistic Cybersecurity Expectations By C-Suite And Senior Executives

Too often, the organizations’ senior executive leadership lacks the understanding or genuine appreciation of the significance of cybersecurity challenges, potential cyber risks, and possible cyber damages that the organization faces, resulting in inadequate cybersecurity funding and a lack of resources for appropriate cybersecurity education, cyber staffing, cybersecurity tools, and managed cybersecurity services.

 

Over-Dependence On Cybersecurity Risk And Compliance Frameworks

While cybersecurity risk and compliance frameworks are excellent and necessary, they are insufficient to ensure real cyber defense against new and emerging cyber threats. Organizations depend too heavily on various well-established industry-based cyber risk and compliance frameworks (ISO 27001, NIST CSF, PCI-DSS, CIS, HITRUST, HIPAA, NYDFS 500, etc.) to determine adequate cybersecurity. Especially as threats evolve, such general frameworks can also leave unique organizations without full protection specific to their threat context and needs.

 

Failures Of Perimeter-Based Data Security

Many organizations still depend too heavily on perimeter-based data security composed of firewalls with anti-virus and anti-malware software for their primary cyber defense, which is inadequate against a range of current cyber-attacks, including business email compromise (BEC) cyber-attacks, spear phishing cyber-attacks, trojan horse malware attacks, distributed denial of service (DDoS) cyber-attacks, embedded ransomware cyber-attacks, and supply chain cyber-attacks.

 

Continued Growth Of The Cyber-Attack Surface Area

The growth of cloud computing, rapid adoption of artificial intelligence (AI), easy access to internet-based software applications, and the expansion of global supply chains have collectively increased the cyber-attack surface area for nearly all organizations.

 

Lack Of Interoperability Of IT Systems, Poor Systems Integration, And Lack Of Security Orchestration Of Cybersecurity Software And Tools

Cybersecurity analysts struggle with the lack of interoperability of various IT and cybersecurity systems and tools, which complicates and delays their ability to provide timely cyber detection and remediation.

 

Lack Of Focus On Cyber Threat Intelligence To Drive Cyber Defense Planning

In both the public and private sectors too, many organizations are not adequately investing in gathering or obtaining cyber threat intelligence (CTI) to analyze threat information as the basis for determining the appropriate defensive cyber operations needed to protect their vital data assets, ensure data privacy, and enhance mission assurance through cyber resiliency.

 

Lack Of Persistent Cybersecurity Education, Training, And Simulations

Cybersecurity is a dynamic technology area that is continually changing with new, emerging technologies and constantly evolving global cyber threats. CISOs face the challenge of effectively mitigating the risk posed by human error and malicious insider threats, while simultaneously fostering a culture of security awareness and empowering employees to actively protect organizational assets. Thus, cybersecurity education and training should be ongoing, not just once a year. Cybersecurity awareness education and training should be provided from the top down in every organization worldwide. Cybersecurity analysts should be trained via advanced cyber ranges using emulated networks and continuously simulated cyber-attack scenarios.

 

Perception That CISOS Are Being Used As Scapegoats

Many CISOs have a real and growing perception that they are being fired or used as scapegoats by the senior executive leadership of many government agencies and commercial companies worldwide whenever a major cyber data breach occurs, even when the organization’s senior executive leadership does not approve the CISO’s recommendations for cybersecurity investments.

 

Top Ten Global Cybersecurity Best Practices

Our experience has led us to develop the following list of the top ten global cybersecurity leadership best practices to address the previously stated top ten global cybersecurity challenges and enable CISOs worldwide to improve data privacy, data security, and cyber resiliency:

Hand touching screen technology connection abstract image

Decorative Icon1. Hire The Best Cybersecurity Talent (Addresses the cyber challenge: Global Shortage Of Cyber Talent)

While this may sound easy, it is often challenging because of the high demand for cybersecurity talent worldwide. The average annual salary of a cybersecurity professional in the U.S. is $105,000, with top Global CISOs being paid over a million dollars a year, according to research by Trend Micro. Finding, hiring, training, upskilling, and retaining top cybersecurity talent is essential to enhancing an organization’s data privacy, integrity, and cyber resiliency. Because of the global shortage of cyber resources, many organizations are leveraging the cyber talent and capabilities of managed security services providers (MSSPs) who provide a wide range of cybersecurity support services to numerous customers worldwide.

 

Decorative Icon AI text in the middle of a brain2. Leverage The Power Of Artificial Intelligence (AI) To Assist Cybersecurity Professionals (Addresses the cyber challenges: Global Shortage of Cyber Talent, Failures of Perimeter-based Security, and Lack of Persistent Cybersecurity Education, Training, and Simulations)

As a result of the tremendous growth and popularity of third-generation self-learning AI and machine learning (ML) technologies like ChatGPT and many others, it is vital to leverage these exciting emerging technologies to enhance cybersecurity services, perform time-consuming cyber operations, and reduce costs. Many organizations, such as the USCYBERCOM, U.S. ARMY CYBER COMMAND, and DHS/CISA use AI/ML software to increase the speed of cyber incident detection; enhance cyber threat hunting; automate cyber incident response to known cyber-attack tactics, techniques, and procedures; and assist security analysts in cybersecurity training, governance, risk management, and compliance documentation. Many companies are implementing AI/ML capabilities into their cybersecurity software applications, Software-as-a-Service (SaaS), and Platform-as- a-Service (PaaS) solutions for Network Detection & Response (NDR), Endpoint Detection & Response (EDR), Extended Detection & Response (XDR), and Managed Detection & Response (MDR) services.

 

Decorative Icon hand holding bag of money3. Obtain Executive Commitment And Funding For Adopting Threat-Based Cybersecurity (Addresses the cyber challenges: Lack of Focus on Threat-based Cybersecurity and Unrealistic Expectations by C-Suite Executives)

CISOs often fail because of their inability to communicate cyber-attack threats, risks, and costs. They then gain commitment for appropriate funding for a comprehensive threat- based cybersecurity plan to and from the organization’s most senior executives. Too often, the organization’s senior executives do not truly understand the cyber threats it faces to data privacy, data integrity, and mission operational resiliency. Executive commitment and funding are essential to transform the organization from traditional compliance- based cybersecurity to threat-based cybersecurity. For threat-based cybersecurity to work effectively, the organization must conduct threat-hunting operations or engage a cyber threat intelligence (CTI) provider, such as Google/Mandiant or Palo Alto Networks Unit 42.

 

Decorative Icon lock symbolizing security4. Implement Zero Trust Architecture (ZTA) As A Critical Element Of Cybersecurity By Design (Addresses the cyber challenges: Lack of Cybersecurity Architecture for Legacy IT Infrastructure and the Lack of Interoperability)

Both public sector and private sector organizations are adopting cybersecurity zero trust architecture (ZTA) business principals and design concepts enterprise-wide (see NIST SP800-207) based upon the simple premise of “never trust, always verify.” Fundamental ZTA design tenets include implementing least privilege access per session basis, conducting dynamic identity verification, implementing micro-perimeters and data segmentation, conducting continuous data monitoring and end-point detection, and implementing security orchestration and automated response (SOAR) technology. Those cybersecurity ZTA capabilities can be provided by a wide range of cybersecurity software companies or via an integrated solution from an extensive system integration (SI) company.

 

Decorative Icon symbolizing encryption5. Enhance Cybersecurity Via Quantum Data Encryption Technology (Addresses the cyber challenge: Continued Growth of Cyber Attack Surface Area)

The growth of quantum computing technology is both real and significant and a potential major threat to all current software encryption, making it relatively fast and easy for cyber-attackers with quantum computer access to de-encrypt encrypted data. The need for quantum-resistant technologies (QRT) is recognized, and quantum-resistant algorithms (QRAs) are available today and being actively pursued by the National Institute of Standards & Technology (NIST) Cybersecurity Center of Excellence, and numerous companies, such as IBM, Quantum Xchange, Secured2, and many others worldwide.

 

Decorative Icon fingerprint6. Integrate Bio-Metric Authentication Into Identity And Access Management System (Addresses cyber challenge: Failure of Perimeter-based Security)

Implementing multi-factor authentication (MFA) using various passwords and password- less technologies is a proven, effective global cybersecurity best practice. Likewise, integrating biometric authentication methods such as voice recognition, fingerprint recognition, or facial recognition combined with security passwords, security questions, and security access codes (via random number generators, i.e., security tokens or security keys) has become an essential upgrade to identity verification.

Decorative Icon Metrics7. Apply Advanced Data Analytics To Accelerate The Speed Of Cybersecurity Actions (Addresses cyber challenge: Global Shortage of Cyber Talent)

Advanced data analytics software is vital for cybersecurity professionals to manage data’s exponential growth, cyber-attack expansion, and the overwhelming number of cyber alerts generated by various automated intrusion detection systems (IDS). Proven, effective Security Information and Event Management (SIEM) software, such as IBM Q-Radar, Elastic SIEM, Splunk SIEM, or ArcSight SIEM, is helpful but insufficient as their databases can become overloaded with cyber alerts. Thus, it is necessary to supplement the SIEM software with more advanced data analytics platforms to reduce further the cyber alert fatigue often faced by security operation center (SOC) analysts worldwide. The Department of Defense and the Department of Homeland Security, Cybersecurity Infrastructure Security Agency (CISA) are both implementing advanced data analytics platforms to reduce security analyst fatigue.

 

Decorative Icon Cloud Technology8. Use Cloud-Based Internet Isolation (CBII) Technology For Improved Cloud Security (Addresses cyber challenges: Failure of Perimeter-based Security and Growth of Cyber Attack Surface Area)

Enhancing cloud-access security, providing security for cloud-based software applications, and protecting internet-based searches from potentially bringing malicious software/ malware into an organization’s network is critical in today’s internet-based and hybrid/ multi-cloud global IT environment. Thus, leveraging cloud-based internet isolation (CBII) technology from companies such as Zscaler, Menlo Security, and others is important.

 

Decorative Icon person in the middle of a magnifying glass9. Build A Holistic Cybersecurity Insider Threat Program (Addresses cyber challenges: Over-dependence on Compliance Framework and Need for Persistent Cyber Education, Training, and Simulations)

While people are indeed the greatest cybersecurity assets, they are also the weakest links. They have repeatedly proven vulnerable to human espionage tactics, bribery, and coercion methods often used by organized criminal cyber-attack groups and nation-state cyber- attack groups. Thus, CISOs must ensure they have built a comprehensive and holistic cyber insider threat program, providing cyber insider threat training for everyone, staffing, detection technologies, reporting structure, investigations, and remediation services in coordination with their organization’s information technology (IT) department, human resources (HR) department, legal department, and the appropriate law enforcement community. Furthermore, organizations should prioritize human-centric approaches rooted in behavioral science to sustain the security behavior and culture change required to reduce risk of breaches and increase cybersecurity effectiveness.

 

Decorative Icon gear with continious arrows 10. Create A Cybersecurity-Supply Chain Risk Management (C-SCRM) Program (Addresses cyber challenges: Continued Growth of Cyber Attack Surface Area and Perception of CISOs as Scapegoats)

For many CISOs, the two most significant risk factors or weakest links in cybersecurity are the people in the organization and the supply chain partners/vendors their organization works with – meaning the numerous companies, both large and small businesses, that provide a wide range of products and services. Unfortunately, many small and mid-sized companies have not adequately invested in appropriate cybersecurity education, training, technologies, and tools to ensure data security. Thus, it is a proven cybersecurity best practice for CISOs to coordinate with the contracts, procurement, and supply chain management department(s) to implement cybersecurity standards for suppliers/vendors with external third-party organizations conducting audits and attestation services, such as ISO 27001, PCI-DSS, HITRUST, and the new DOD CMMC 2.0 program and leveraging advanced AI/ML powered Software-as-a-Service (SaaS) capabilities from leading C-SCRM service providers such as WhiteHawk.

 

Summary

Hand holding a technology globe with a connection backgroundThe job of a CISO is a demanding, complex, and multi-faceted leadership position, whether in the public or private sector. The challenges that CISOs face globally vary based upon several critical factors, including criticality of the industry, location, level of senior executive commitment to cybersecurity, size of the organization, perceived value of the data assets, level of cybersecurity maturity of the organization, and the extent of cybersecurity outsourcing or use of Managed Security Service Providers (MSSPs). Based on our experience and research, we have shared the top ten global cybersecurity leadership challenges and best practices in this article. We hope organizations will compare and contrast their respective cybersecurity challenges and best practices to those discussed in this article and then take appropriate actions to enhance data security, privacy, and cyber resiliency.

 

About the Author:

Gregory A. Garrett, COO, REI SystemsGregory A. Garrett, Chief Operating Officer, REI Systems
He has been recognized as one of the “7 Major Cybersecurity Leaders in the U.S.” by Executive Biz Magazine and one of the “Top 10 Most Dynamic Cybersecurity Leaders” by Executive Gov Magazine. He has been selected for the prestigious “U.S. Cyber Defenders Award” by Meritalk in both 2023 and 2024. In the past 25 years, he has served as the President and General Manager of three IT and Cyber companies, served as a CIO, Global CISO, Head of Global Cybersecurity, and Vice President of Cybersecurity for three Fortune 500 companies (Peraton, BDO International, and Lucent Technologies). He is the best-selling author of 24 published business and technology books, including “Cybersecurity in the Digital Age.” He also serves on the Advisory Board for the George Mason University Government Cybersecurity Center of Excellence.

 

Contact Gregg at: gregory.garrett@reisystems.com