In the year ahead, it will be prudent to increase or defend continual investments following cybersecurity functions:

• API security: This is to protect and support new business models and customer and partner engagement
• Phishing-resistant multi-factor authentication: As firms wean off password authentication, phishing-resistant MFA is what firms should aim for: especially in cases where high-value targets such as administrators, product developers, and executives are involved
• Protection against third-party risks: To break the cycle of reactionary response, and unforeseen costs related to third-party breaches, leaders should invest in upscaling both processes and technologies related to these risks

For the next financial year, firms are recommended to decrease or avoid investments in these categories, which include but are not limited to:

• On-premises security appliances: With cloud adoption and hybrid work models in place, it makes less sense to continue with use of many on-premises security appliances. Technology leaders should reassess on-premises deployments of secure web gateways, network access controls, intrusion prevention systems, and data loss prevention solutions
• Low value consulting engagements: Leaders should use the deteriorating macroeconomic conditions to prune one-time and project-based consulting engagements
• Standalone governance, risk, and compliance tools: Mapping each tool’s capabilities against current requirements can help leaders identify redundancies and gaps in such tech stacks.

In the upcoming fiscal budget cycle, security and risk professionals are recommended to also consider evaluating four security technologies and funding proof of concepts.

1. Cyber Asset Attack Surface Management: These solutions consolidate cyber asset information and provide contextual asset information on other assets and exposures. This builds a comprehensive view of an organization’s proactive posture across all organizational assets, allowing it to measure security controls and identify gaps holistically rather than in silos. Such attack surface management tools also accelerate a cyber risk quantification program. With an organized view of assets and exposure, firms can measure risk exposure and quantify their security ROI
2. AI and ML security: Security leaders need to anticipate “bring your own AI” initiatives and a proliferation of finely tuned generative AI models customized to department-specific tasks. That will necessitate introducing a new set of protocol to protect these controls. This emerging segment within cybersecurity addresses not only pure security use cases but also AI/ML model stress testing and audits
3. Distributed Digital Identity: This technology allows users to granularly control individual privacy attributes and what information is stored in their credentials. It also helps control how these attributes are divulged to third parties. The technology also includes verifiable credentials and related schemas for mobile drivers’ licenses, identity verification, authentication, and authorization capabilities to improve user experience, improve Know-Your-Customer processes, reduce costs, automate processes, and lower overall risks.
4. Zero Trust Edge or Secure Access Service Edge: This architecture combines wide area networking capabilities with security inspection. Management is provided from a unified portal, with a single agent for the remote workforce, and a unified data lake for analytics and diagnostics. Today, highly distributed organizations with easy repeatable site builds (think retail and small offices) are using such edge solutions to streamline networking and security deployments while replacing MPLS, VPNs, and hardware firewalls. However, large and complex sites such as like big manufacturing, hospitals, and data centers should wait until the architecture sufficiently matures.