2024 Vision: A Look Ahead

Introduction

Looking ahead this year, the ‘Forrester Planning Guide 2024: Security And Risk’ sheds some light on how security and risk leaders should manage existing spending and new budgetary requests given the uncertain macroeconomic environment.

The launch of generative AI tools, the rise of geopolitical threats, and increased cloud complexity are changing the way security teams defend against the emerging threats they face. Simultaneously, established, known security challenges like ransomware and social engineering continue to plague organisations.

But leaders can’t fund and staff every security initiative, so they need to make some tough choices about how to mitigate risk while still supporting growth initiatives.

Forrester’s Budget Planning Survey, 2023 revealed that in the next 12 months, spending will increase in the following areas:

Cloud Spend

Cloud security spending continues to increase to match the scale of migrations, but upgrading on-prem tech is still significant despite the shift to the cloud. While partners must be ready to support their customers through cloud workload, user, and resource protection, they must also still focus on the basics of on-prem tech refresh and upgrade.

Many organisations still believe that security is managed by the hyperscalers. Cloud threat education is therefore still very much required. With the event of AI, we also expect to see a rise in attacks, similar to Cryptojacking, where bad actors will try to “steal” data centre resource for their own use.

Managed Security Services

Security teams have relied on managed security services providers (MSSPs) for multiple reasons, and these MSSPs continue to look for ways to evolve their offerings to meet the new demands of today’s modern enterprise, like the shift to cloud and emerging AI-powered initiatives. The technologies in our portfolio bring MSSPs fresh relevance in 2024. Similarly, our Managed Security Service Distributor (MSSD) service enables partners without managed security service capabilities to tap into this market.

Staffing, Consultants & Integrators

Many security teams need external consultants and integrators to optimise their technology, assess their environment for weaknesses, and continuously evaluate their overall security posture and maturity. Unfortunately, ongoing shortages of qualified hires directly or via an integrator have inhibited staffing budgets. Vendors too have limited Professional Services resource and availability. But by leveraging our bench of qualified engineers across the globe, partners have an opportunity to deliver instant skills their customers to overcome their insufficiencies.

New Tech

Organisations are encouraged to continue investing in security controls and solutions that protect against customer-facing and revenue-generating workloads and supply chain, for example API Security, Detection, Zero Trust and Cloud. While it’s important to stay abreast of the latest technology and challenges, it’s also important for organisations to ensure that basic defence is done well. For so many years, we’ve seen attacks and breaches occur where organisations failed to cover the basics. Good identity hygiene, email security, robust firewall policy reviews, vulnerability management and patching, endpoint security, and clean DNS all remain basic yet fundamental in 2024.

AI truly is a double-edged sword, with implications not only limited to cybersecurity, but to everything we do. Throughout 2024, we will continue to see bad actors and defenders alike leverage this technology. Many organisations already have AI-first strategies, with priorities including better productivity, efficacy, and automation. At the same time, they’re only just starting to understand the associated threats. These include data leakage and the poisoning of AI models that results in provision of wrong answers. The use of AI is happening now, and further education is needed on what this will mean in future to our daily lives.

Identity and the management of identity remains core to all initiatives, whether building firewall policies, physical access policies, ZTNA policies and provisioning, or least privilege initiatives. Identity has been and will be a significant area of growth. Phishing-resistant MFA and passwordless options are becoming more widely adopted for better experiences and security. Our Identity & Access Management vendors are simplifying architecture and enabling an Identity-first security strategy, e.g. Thales, One Identity, and BeyondTrust. Identity is a key component of nearly every compliance framework.

Zero Trust Network Access (ZTNA) is a popular first step towards a Secure Access Service Edge (SASE) architecture and is a key feature of many of our top vendors’ offerings, e.g. Palo Alto Networks, Netskope, and Extreme Networks.

Extended detection and response (XDR) saves time and augments security teams by unifying data from multiple sources, providing the full visibility and context necessary to distinguish threats from normal business, and automating response. These vendors will continue to see fast growth this year, e.g. SentinelOne, Okta, Palo Alto Networks Cortex XDR, and Fortinet.

Attack Surface Management will aid cyber risk quantification and we expect to see an increased requirement as organisations seek to understand and gain control of their complete attack surface landscape. Key vendors in our portfolio include Tenable, and Palo Alto Networks Cortex Xpanse. Here, the responsibility doesn’t stop at understanding an individual organisation’s attack surface landscape, but at that of its third parties. We anticipate an increase in the need for Third-Party Risk Management (TPRM) as it becomes a key requirement in modern compliance and governance frameworks, such as DORA.

Finally, demand for SaaS-based security, networking, and application management platforms that enable customers to deploy, secure, and operate their applications in a cloud-native environment is expected to grow as customers struggle to configure and operate microservices in hybrid environments. Opportunity across our portfolio sits with F5, Thales, Imperva, and Palo Alto Networks Prisma Cloud.

Security Awareness & Training

Spending will continue on security awareness and training as CISOs have matured in their ability to measure its ROI and effectiveness and see its value. Any pressure to cut spending in this area is expected to be fully resisted, offering ongoing opportunity with vendors such as Proofpoint, Mimecast and ThriveDX.

Exclusive Networks Value

As leaders pursue aggressive strategies to reduce or eliminate technical debt, many security teams are reviewing feature overlap between vendors and looking to consolidate platforms and decrease investment in standalone solutions and legacy, on-prem-only security controls that are out of sync with the cloud.

Armed with these spending insights, Exclusive Networks partners are ideally placed to assess their customers’ security portfolios, resource needs and roadmaps and keep them on budget while still mitigating the most critical risks facing their organisations.

To start a discussion about how we can bring this 2024 vision to life, get in touch