Here are a handful of 2024 security trends and predictions from a leading cloud data security solution provider.
Dan Benjamin, CEO and Co-Founder of Dig Security
Prediction 1: Security programs for generative AI
- As companies begin to move generative AI projects from experimental pilot to production, concerns about data security become paramount.
- LLMs that are trained on sensitive data can be manipulated to expose that data through prompt injections attacks
- LLMs with access to sensitive data pose compliance, security, and governance risks
- The effort around securing LLMs in production will require more organizational focus on data discovery and classification – in order to create transparency into the data that ‘feeds’ the language model
Prediction 2: Consolidation of data security tooling
- As organizations moved to the cloud, their infrastructure has become increasingly fragmented. With multi-cloud and containerization becoming de-facto standards, this trend has intensified. Data storage and processing is dispersed, constantly changing, and handled by multiple vendors and dozens of tools.
- To secure data, businesses found themselves investing in a broad range of tooling – including DLP for legacy systems; CSP-native solutions; compliance tools; and more. In many cases two separate tools with similar functionality are required due to incompatibility with a specific CSP or data store.
- This trend is now reversing. Economic pressures and a growing consensus that licensing and management overhead have become untenable are leading organizations toward renewed consolidation. Businesses are now looking for a single pane of glass to provide unified policy and risk management across multi-cloud, hybrid, and on-premises environments. Security solutions are evolving accordingly – moving from point solutions that protect a specific data store toward more comprehensive platforms that protect the data itself, wherever it’s stored.
Prediction 3: Maturation of compliance programs
- Organizations are realizing that compliance needs to be more than an annual box-ticking exercise. With regulators increasingly willing to confront companies over their use and protection of customer data, it’s become clear that compliance needs to be a strategic priority.
- Businesses will invest more in programs that enable them to map their existing data assets to compliance requirements, as well as tools that help identify compliance violations in real time – rather than waiting for them to be discovered during an audit (or in the aftermath of a breach).