Newcastle Consulting’s founder and CEO J. Kelly Stewart was featured in the 2023 Influencers Edition of International Security Journal (ISJ). Below is his expanded article on the Dynamic Security Trends for 2024 and Beyond, originally published in ISJ.
When looking at the entire security landscape, I see it through the perspective of a risk assessor mainly because this predominates my business. Risk Assessment is the epitome of proper security master planning. Without security risk assessment and master planning, we trust assumptions rather than observations and facts. The very nature of what we are trying to protect becomes blurred and we possibly fail in assisting the business in achieving its objectives. While security in all its facets is a small segment of a business, whatever vertical line we represent, we are extremely important and necessary to ensure the company’s profitability and success.
My perspective further involves a holistic view of security that includes the physical, cyber, and operational pieces. Segmenting any part of these aspects can lend to major vulnerabilities and taint predictions of potential eventualities. So, what can we expect in 2024 and beyond regarding threats that regions will face? How those regions can mitigate those prevailing threats and simultaneously embrace emerging security technologies to support that endeavor will be critical to our future in remaining safe and secure. This will advance our knowledge aimed at finding solutions to problems, expand that very knowledge, and advance our understanding of the world.
The Sectors
When analyzing this, I took the US Department of Homeland Security’s Critical Infrastructure designation: “There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security.” These sectors would probably cover a majority of how other parts of the world designate their critical sectors and regions.
At the forefront of trends of 2024 will be the carryover of the Cybersecurity of Physical Security. Essentially, this will fall in conjunction with a holistic approach to security – looking at physical, cyber, and operational security and how they are integrated with one another. It is an inevitable aspect that must be understood or face consequences of not addressing the potential risks that face any organization. This goes to the very nature of AI Trust, Risk, and Security Management. Those who actively use these controls will move more of their AI projects into a state that will achieve more business value and a heightened capability in model precision and consistency. Doing this further lends itself to an AI model application that must be persistently tested via model monitoring. This ensures that original explanations and interpretations of AI models remain as the original design intended.
Since we are talking AI, we should further focus and pay attention to our Supply Chain security, which gained greater notoriety during the recent pandemic. The importance of the supply chain has always been there, but it was taken for granted. Now, you are witnessing the issues and opportunities that come along with how a business will thrive or fail depending on its protection of the supply chain.
Almost intertwined with convergence, AI focus, and supply chain security is continuous threat exposure management or CTEM. As Gartner recently researched in their trend report, it is “a pragmatic and systemic approach to continuously adjust cybersecurity optimization priorities.” Placing attentiveness to this aspect will enable organizations to adapt to the constant changes in the threat landscape and ensure the growth of the business, fostering a real-time situational awareness adaptation business value-based prioritization of exposure mitigation.
My final aspect would be the attention on Security as a Service. This will become increasingly prevalent as there is a constant need for all things security to be cloud-based. While this does present specific vulnerabilities, this approach can and should address prevailing threats more effectively and efficiently. The added benefit is the recurring/business revenue generated. According to the Security Industry Association’s 2023 Megatrend Report, “591.8B global total of projected spending by end users on all public cloud services in 2023. This will only grow exponentially in the years to come.
It is exciting to see where the world of security is trending. There are many more avenues that can be addressed, covered, and discussed. But these few areas encompass a vast majority of where security design, process, and fulfillment will focus their attention in the months and years ahead.