One of the most telling data points in the Dell 2024 Global Data Protection Index (GDPI) survey is that the majority of organizations believe GenAI will help give them an advantage over cyber criminals. This optimism is certainly understandable given that 52% of organizations reported that they experienced a cyberattack in the last 12 months that prevented them from accessing their data. GenAI could deliver much needed automation to cybersecurity management and prevention in a world still reeling from a shortfall in cybersecurity skillsets.
While the promise of GenAI unfolds, half of organizations are turning to their vendor partners to backfill gaps in their cybersecurity skillsets. On the recent Power2Protect Podcast, Securing Tomorrow: Navigating the Cyber Resilience Landscape with Dell and C1, I had a conversation with Dr. Vito Nozza, Director – Chief Advisor for the InfoSec Capabilities Group at C1, a Dell partner. The discussion focused on what tactical steps organizations can take to mitigate their cybersecurity risks while planning for a more comprehensive approach to fend off the inevitable attacks that will emerge across their hybrid multicloud environments.
Backup Data is a Primary Target
Dr. Nozza pointed out that the average “dwell time” for cybercriminals once they penetrate your network is 210 days. During this period, they conduct reconnaissance and discovery to pinpoint weaknesses in the environment, and one of their prime targets is your backup data. This requires organizations to implement proactive measures to identify vulnerabilities so they can’t be easily exploited by cyber criminals and automated tools to detect anomalies so that threats can be quickly identified.
Tactical Choices for Risk Mitigation
Organizations can make many tactical choices to reduce risk levels. Dr. Nozza identifies a few, including immutable data storage, dual-factor authentication and VPN usage for end-users. However, to identify and address the core vulnerabilities, it is crucial to undertake a comprehensive cyber security assessment. Leveraging automated vulnerability scanning tools and conducting tabletop working sessions with IT operations and security staff help pinpoint security gaps, leading to the formulation of best practices for improved security posture.
DevSecOps and Addressing Software Vulnerabilities
In what may be surprising to many, the top vulnerabilities contributing to ransomware attacks, as identified by a recent ESG report, Ransomware Preparedness: Lighting the Way to Readiness and Mitigation, are found within application and systems software rather than end-users falling victim to phishing attacks or clicking on malicious links. Dr. Nozza highlighted the significance of DevSecOps, integrating security into each phase of the software development lifecycle. The cultural shift required for DevSecOps implementation can be a challenge, but the stakes in the current threat landscape are pushing organizations to overcome these barriers.
Cloud Security Challenges and the Role of Automation
As organizations consider moving some workloads from public cloud to on-premises due to security concerns, the challenges of cloud security become apparent. The lack of visibility into cloud workloads and the complexity of managing multiple cloud tools contribute to security risks. Dr. Nozza suggests that automation, particularly driven by GenAI, emerges as a potential solution to bridge the gap, offering predictive tools, personalized training and automated restoration processes post-cyberattack.
The Role of GenAI in Bridging the Skills Gap
One of the biggest challenges IT and security teams have is wading through the overwhelming number of security alerts that flash across their dashboards on a daily basis. This, combined with the dozens of security and data protection tools that IT teams have to manage, make cybersecurity operations extremely challenging. GenAI’s potential to drive automation into security and data protection management could be transformative. In addition to relieving IT teams from manual operations, GenAI can filter through the noise of the heavy volume of security alerts that often consume administrative resources. In addition, by anticipating and proactively addressing threats in real-time, GenAI could significantly bolster cyber defenses while enabling IT admins and security teams to focus on strategic challenges. In short, the integration of GenAI into IT administrative processes can bridge the skills gap in cyber security, data protection, cloud infrastructure management and other key areas across IT.
Looking Ahead: Focusing on Data Protection and Security
As organizations focus on protecting and securing their data across edge, core and cloud, the demand for services such as cyber assessment, managed detection and response, vulnerability patching and cyber recovery is expected to rise. Dr. Nozza provided insights into the future landscape, emphasizing the need for comprehensive data protection strategies and the importance of using modern data protection software with cyber vaults to reduce threat exposure.
Source: dell.com