Peter Klimek says “most organizations are still in the early stages of understanding API security and don’t
            yet  have  a  nuanced  strategy  for  protecting  their  APIs”.  Further,  he  believes  organizations  “haven’t
            implemented the right defenses or controls in place to manage identity and access management.”


            Lebin Cheng, VP, API Security, Imperva, believes that will start to change this year. “In 2024, as pressure
            to mitigate API-related security incidents continues to grow, security leaders will look for, and invest in,
            solutions that integrate seamlessly into their existing Application Security technology stack,” says Cheng.
            “This approach will give organizations a more coordinated and unified view of automated threats that
            target APIs and critical applications—all of which connects to data stores where the businesses’ data is
            located.”

            Alan  Ryan  predicts  that  relying  on  homegrown,  in-house  API  and  bot  management  will  be  a  “risky
            strategy”  as  automated  attacks  become  more  sophisticated  and  adept  at  evading  simple  defenses.
            According to Ryan, global vendors have an opportunity to leverage the vast amount of data they collect
            from millions of endpoints around the world to provide customers with the actionable insights they need
            to effectively defend themselves against modern threats.



            How Organizations Approach Data Security Will Change

            In 2024, businesses won’t just continue to invest in the same old solutions—they will increasingly look to
            innovate  in  ways  that  help  them stand  out  from  their  competitors.  Many  will  invest  in  new  analytics
            capabilities or leverage new or expanded cloud workloads—and they will assume the risk that comes
            along with them.

            Dan Neault, SVP and GM of Data Security, believes organizations will need to explore new data security
            technologies that can “help them understand and manage their data risk and actually make their overall
            IT more secure.” Neault also points out that the rise of hybrid and multicloud environments makes it even
            more imperative for customers to have effective data security protection, insights, and risk mitigation
            across all of these systems.

            There will also be a shift toward consolidation. Moshe Lipsker, SVP, Product Development, states that
            industry consolidation will lead to a rise in comprehensive solutions, creating end-to-end solutions that
            empower CISOs to “deliver a layered model of protection.”

            Terry Ray, SVP, Data Security GTM and Field CTO, agrees, pointing out that “niche and single solution
            products  and  vendors  find  themselves  increasingly  in  demand  for  acquisition  and  partnerships  as
            consumers  look  to  answer  data  security  and  regulatory  requirements  while  minimizing  necessary
            expertise, costs, and effort.” Ray expects consumers to see “rapid increases in enterprise data asset
            coverage,  decreased  skill  requirements,  and  better  collaboration  between  technologies  that  were
            traditionally  segmented.”  For  most  businesses,  that’s  good  news—consolidation  will  allow  them  to
            streamline their security solutions and rely on fewer vendors.









            Cyber Defense eMagazine – December 2023 Edition                                                                                                                                                                                                          38
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.