SECURE horizons
In this month ’ s edition of Intelligent CISO , I have been given the opportunity to write a guest column to promote Lynchpin Media ’ s new community platform – CXO Cyber Connections . Our new community is exclusively for C-level executives in cybersecurity to learn , collaborate and share with each other . The platform features weekly forum discussion topics , regular interviews with experienced CISOs and detailed articles on cybersecurity issues . If you would like to get in contact with me regarding contributions to the community platform or how to join , please contact me at ben . leitch @ lynchpinmedia . com . I have been in contact with cybersecurity experts from different fields to ask them their New Year ’ s resolutions for 2025 . We hear from them below .
Ben Leitch , CXO Cyber Connections and Digital Content Manager
security will involve leveraging automation for high-value benefits while implementing necessary guardrails and controls for systems and people . This approach will be vital in creating more secure and productive work environments as cyberthreats grow increasingly complex .
Chaim Mazal , Chief Security Officer , Gigamon
Data costs will dictate cybersecurity strategy in 2025 . Exorbitant data costs continue to make leaders face tough decisions when it comes to security teams and prioritisation . Overall , it ’ s a tremendous resource and cost drain to transfer data across an organisation , and even those with the most modern infrastructures in place still struggle to do so . As such , we ’ re going to see the use of metadata become a top priority for cybersecurity strategy as it concentrates a significant amount of data , making it more manageable and effectively operational for security teams .
Ev Kontsevoy , CEO , Teleport
2025 is the year I want to see passwords gone for good , and I ’ m not just talking about B2B . No one should be using passwords anymore . And when I say passwords , I mean all forms of credentials based on static secrets , like private keys , API keys or even browser cookies .
Passwords are already on their way out in B2B organisations that manage highly complex digital infrastructures , but arguably not fast enough . I expect this process will accelerate in 2025 , and we ’ ll see more B2C organisations follow suit as their consumers get fed up with having to manage numerous complex passwords .
Security teams are waking up to the fact that passwords embed human risk into infrastructure . They will aim to eliminate this risk altogether by implementing passwordless authentication . When identity is rooted in biometric authentication for humans or secure enclaves for machines , identity cannot be stolen and the attack surface significantly decreases . We also expect security teams will go a step beyond and adopt measures such as per-session multi-factor authentication ( MFA ) and attributebased authentication , safeguarding systems and data even in the event of an identity breach .
Ram Vaidyanathan , IT Security Evangelist , ManageEngine
Managing cyber-risks at all levels of the workforce – and not restricting it to just the top organisational level – should be a priority for security leaders in 2025 . This involves the democratisation of cybersecurity , which essentially makes everyone in an organisation responsible for its defence . While there are some obvious benefits associated with this , such as proactive security management and increased cyber-resilience , businesses also stand to benefit by way of cost savings , increased efficiency and innovation in security practices .
Organisations should ensure employees undergo continuous security engagement programmes , which are different from the usual annual training sessions . Employees should also have access to the appropriate self-service tools and services . This becomes crucial since the biggest challenge to democratising security is poorly equipped employees and ill-defined processes .
Chaim Mazal
Ev Kontsevoy
Ram Vaidyanathan
WWW . INTELLIGENTCISO . COM 71