As an industry, we’re catching up when it comes to holistic application security as a part of cloud security strategies and budgets – and Generative AI (GenAI) tools are also now evaluated as part of the overall stack.
I constantly hear from CISOs that they need to protect the apps and identities running in their networks, but they’re not sure of the best approach. From evaluating AI tools to leveraging data and securing countless human and machine identities in their network, CISOs are up against quite a few challenges in 2024. GenAI might solve many issues, and we’ll see this play out more later this year.
Here are some challenges and solutions for security pros to consider:
Challenge: Budgetary constraints on security teams.
Solution: See where AI can fill in.
When it comes to budgeting and planning for next year, cloud security belongs at the top of a CISO’s priority list. With the infiltration of AI technologies in the enterprise, CISOs are having to sift through new and existing AI technologies in their tool stack when budgeting for next year. That said, CISOS must identify the value and ROI in all of the tools they use, regardless of AI functionality. The addition of GenAI to the tech stack brings serious benefits and problem-solving for our customers. It helps to prioritize and better understand alerts, future-proofing them with queries and money-saving automated tasks.
Evaluate existing tools in the company’s stack needs with this in mind and ask: Is this tool saving my team time, effort, and money? Does it create additional efficacy and benefits? When that’s done, take a more ruthless analytical approach in deciding what to do with AI as well as what the team can cut to make budgetary room for more advanced tools.
Challenge: Deciphering network data.
Solution: GenAI tools for data analysis.
CISOs and security teams are always challenged to find ways to make sense of all the data in their networks. From the security operations center (SOC) to managed service security providers (MSSPs), there’s a significant opportunity to use machine learning and AI to sift through massive amounts of data to help make security analysts more efficient. But what tools should CISOs use to do that?
To figure this out, ask: “What security problem can I solve next year by using new GenAI data analysis tools?” GenAI benefits around efficiency will come up in all tooling conversations around cloud, application, and networking security. If the tool in question can help decrease SOC response time and the number of false positives, it’s likely worth considering adding to the stack.
Challenge: Identity security.
Solution: Use GenAI to put the pieces together.
As part of the cloud access security broker (CASB) and data loss prevention (DLP) promises that were never delivered, the CISO community has a right to be skeptical about where this new identity technology is headed. However, identity security has become top-of-mind for me and it comes up often in my conversations with other CISOs.
GenAI can help solve a lot of the identity challenges that have plagued organizations for years. CISOs need to know when identities in the cloud – whether SaaS tools, humans, or machines – are behaving abnormally. That’s why GenAI in cloud security can ultimately lead to CISOs understanding trends that help them spot and prevent major threats.
As we look to 2024, AI will continue to dominate the headlines in the consumer and business press. From the benefits of automation and efficiency to policy debates in Congress and security risks to stay wary of, the conversation won't slow down. I’m looking forward to collaborating with the CISOs in my network as we look to intelligently evaluate, leverage, and roll out new tools that help solve some of the biggest security challenges of 2024.
Tim Chase, Field CISO, Lacework
