Gregory further discusses the trend of companies dropping college degree requirements, emphasizing the need for focused training and certifications in cybersecurity. He predicts that 2024 might be the year when cyber insurance policies reflect actual cyber breach risk factors. He also talks about the high costs of cloud computing, suggesting that some organizations might consider returning to on-premises computing. He concludes by stating that while the issues vary from year to year, the potential for disruption and innovation in cybersecurity remains high.
Key takeaways:
- AI tools should be used responsibly by cybersecurity professionals for idea generation and quality assurance, and organizations need to develop AI governance processes.
- Third-party risk management needs to shift to a credit score and credit reporting model, with neutral marketplaces collecting and distributing cyber risk information about suppliers and service providers.
- Open-source software is critical to all computing, but many software organizations are reluctant to disclose their use of open-source components in a software bill of materials (SBOM), creating a balance between the protection of trade secrets and the need for responsible disclosure.
- Cloud computing costs are often higher than anticipated, leading some organizations to consider returning to on-premises computing.