Cyber and privacy leaders' agenda

Cyber and privacy leaders must act now to tackle today’s most pressing security challenges.

Join the conversation 

#TransformationRealized

 

 Linked in twitter

It is harder than ever to stay one step ahead of cybersecurity threats. New, more sophisticated adversaries — some operating autonomously and learning from generative AI models - are thriving in a landscape with multiple attack surfaces opened by hybrid and distributed work, cloud computing at scale, and the digitalization of everything. The stakes are high for CISOs.

Here are four actions CISOs can take to better prepare for today and tomorrow: 

Cybersecurity leaders are looking to improve capabilities in the following areas:

  • Generative AI and machine learning

    AI is both friend and foe to CISOs. To tip the balance toward friendship, cybersecurity leaders are investing in AI- and machine learning-enabled tools to improve vulnerability testing, detect threats more quickly and build more adaptive security systems.

    Generative AI models like generative adversarial networks (GANs) can create synthetic data that mimic real-word cyberattacks, making attack testing and response easier. In the real-world, generative AI-enabled threat detection tools are able to analyze large amounts of data in real time, allowing them to quickly detect anomalies and patterns that may indicate a cyberattack. If a threat is realized as a cyberattack, organizations can employ quickly-adaptive response systems that have been informed by huge datasets of historical breaches.

  • Passwordless authentication

    No matter the complexity, passwords by themselves are not as secure as they used to be. Organizations are using passwordless authentication to eliminate the risks associated with traditional password-based authentication methods.

    Passwordless authentication replaces passwords with more secure methods, such as biometric authentication, hardware-based authentication or one-time passcodes sent via email or text message. This reduces the risk of phishing attacks, credential stuffing and password-related vulnerabilities.

  • Zero trust

    A growing tech stack brings an expanded attack surface. Cybersecurity leaders are building zero trust architectures to deal with the near constant threat posed by attackers.

    Zero trust architectures use a mix of technology and protocols to identify and grant access to users within and outside an organization’s network. By default, users are not trusted and are given the least amount of privilege possible within a network. Networks are segmented to prevent widespread access if one wall is breached and barriers like multifactor authentication (MFA) are deployed to make unauthorized access more difficult.

    Organizations must adopt technology, but doing so doesn’t mean they have to be less secure.

  • DevSecOps

    Rapid technology development can create security gaps. DevSecOps (development, security and operations) can close these gaps by building cybersecurity into the development lifecycle, from design to production.

    DevSecOps encourages collaboration and communication between developers, security professionals, and operations teams, allowing for a more holistic approach to cybersecurity. Building these practices into technology governance enables rapid deployment of security updates and patches, ensuring that systems are always up to date and protected against the latest threats.

Case study: creating a smarter, safer grid for new meters

EY teams are helping a national electricity company reinforce its legacy power infrastructure for a trusted, cyber-safe future.

Read more

 

detail electricity meter
Young woman using laptop at dawn above the city, Barcelona, Spain

How technology fights FinCrime while enhancing regulatory compliance

EY enabled a large global bank to lead the fight against FinCrime in a way that also helped it improve efficiency and increase compliance.

Read more

woman walking along the road to the mountains

Transformation Realized™

Consulting at EY is building a better working world by realizing business transformation through the power of people, technology and innovation.

 

Discover more

Contact us

Like what you’ve seen? Get in touch to learn more.