By Guest: Steve Winterfeld (LinkedIn)
Company: Akamai (Twitter)
Show: 2024 Prediction Series
Akamai started with content delivery on performance but over 50% of their business is now securing companies and making the customer experience safe. Steve Winterfeld, Advisory CISO at Akamai, shares his 2024 predictions.
📹 Going on record for 2026? We're recording the TFiR Prediction Series through mid-February. If you have a bold take on where AI Infrastructure, Cloud Native, or Enterprise IT is heading—we want to hear it. [Reserve your slot
The hottest topic is currently around AI and how anyone can make use of LLMs or generative AI. However, it is a two-edged sword and while LLMs offer a lot of opportunities, they can also be used for malicious purposes. We will likely see increasing jailbreaks, and people using the technology to send better phishing emails, malware, or deepfakes.
Organizations are working to raise awareness of the social engineering attacks. OWASP has released the top vulnerabilities for LLMs, and NIST is coming out with a new incident response framework in which they are adding governance. Organizations will need to look at how governance is integrated into their incident response. There are also industry standards like PCI DSS (Payment Card Industry Data Security Standard) and the EU Digital Operational Resiliency Act (DORA) coming out that will drive the conversation around resiliency.
Even though standards and frameworks are coming out to better deal with these challenges, staffing will continue to be an issue. On the one hand, there is a talent shortage CSOs need to deal with but they also need to help navigate the stress the current talent is under. This is calling for new approaches to staffing whether by adopting flexible staffing approaches or by moving things out to managed service providers to help cope with the talent shortage. CSOs are also shifting some of their budgets to get visibility to minimize dwell time and transitioning from prevention to rapid detection.
Transformation within the business, not only as business models change or if businesses are engaging customers differently but also adopting new mandates will continue to be complex. Although many businesses are developing use cases that involve generative AI to help transform the business, security is still an issue. Organizations need to consider how they are developing people to protect generative AI which doubles back to the issue of staffing.
In the coming year, Akamai will be focusing on API transformation as Akamai’s customers want to make sure their APIs are understood and they can mitigate threats and do investigations and audits. Secondly, the company is focusing on minimizing dwell time and impact zones by segmenting the customer network to enable organizations to mitigate quicker and reduce that impact.
This summary was written by Emily Nicholls.
