With malicious threat actors being further empowered by generative AI, organizations cannot afford to be complacent about their security posture.

Due to advances in generative AI, cyberattack in 2024 will evolve and become more accessible more malicious actors than ever.

Given the widespread dependence on emails despite their vulnerability and popularity as a point of attack, organizations will need to prioritize email security.

To instill a cybersecurity culture within your organization this year, here are three must-dos:


Stanley Hsu, Regional Vice President (Asia), Mimecast

  1. Conduct a comprehensive security audit
    As organizations look to digitalize their systems and implement collaboration-based tools for improved teamwork within the workplace, performing a digital spring clean is essential to evaluate and fortify defenses. Cybersecurity audits can identify any holes in your defenses, determine whether you need to bolster your security efforts, boost the performance of your technology, and reassure employees, clients, and vendors that your data is safe.

    Yearly in-depth audits of your complete IT infrastructure are essential for ensuring that your data is secure. Many security experts recommend planning ahead for security audits and engaging external experts as it helps make the audit process efficient, impartial and accurate.

  2. Upskill IT staff and provide cyber training to regular employees
    Cybersecurity is only as strong as your weakest link: your employees. Upskilling cybersecurity professionals in your organization will be critical when it comes to dealing with an increasingly complex digital and threat landscape. With the emergence of generative AI, cybersecurity professionals need to keep up with closing the skills gap. The top three IT skills gaps in the region are usually:

    • AI /machine learning
    • Cloud computing security
    • Penetration testing

    With the human element perceived as central to most data breaches, organizations should improve their understanding of this factor, and identify and address “employee risk”. Thus, it is important to invest in a robust cyber training program for employees, with a focus on updating them regularly, and raising their awareness of the latest cybersecurity threats.

  3. Implement stronger access controls
    To safeguard sensitive information and prevent unauthorized infiltrations, organizations should take proactive measures such as implementing stronger access controls.

    Identity and Access Management (IAM) is a cybersecurity framework that can secure every personnel and third-party access to your network, cloud applications and digital assets — based on each authorized user or device’s digital identity and assigned access rights.

    By implementing IAM controls, organizations can enhance security and mitigate risk, preventing unauthorized users from gaining entry to sensitive data and resources. Additionally, IAM facilitates the enforcement of security policies such the setting of strong passwords and multi-factor authentication methods, thereby reducing the likelihood of data breaches and unauthorized access attempts.