Three channel experts share their cyber predictions for 2024

Experts from e92plus, Bytes and Crayon Group discuss emerging threats, shifts in procurement and the driving forces behind cyber shifts

Three channel experts share their cyber predictions for 2024

As 2023 draws to a close, the cybersecurity landscape looks vastly different to 12 months earlier. Emerging cyber threats, multiple vendor mergers and demand for new services will continue reshaping the sector in 2024. Below, three cyber experts from share their predictions for the coming year.

Neil Langridge

Marketing & alliances director, e92plus

Image
Figure image
Description

Cybersecurity is certainly one of the star performers in the channel in 2023, showing strong growth despite the fragile economic environment. That's due to the relentless growth in cyber attacks, continually evolving threat landscape, and the simple fact that cybersecurity can't just be turned off - digital transformation is changing our lives and businesses, and that digital estate needs to be protected. Major data breaches can damage brands and incur huge fines, but a ransomware attack on the wrong company and the subsequent downtime can mean the end of that business - it's that brutal.

However, the picture is far from simple - or that sunny. Channel partners and vendors are having to work harder than ever to secure the trust and business of IT leaders on cybersecurity, and there's a few key trends that we're seeing across our partner community.

Business outcomes lead decisions, even in cybersecurity

So much of technology has evolved from a simple requirement to enabler, and then to defined ROI - and now it's about delivering business outcomes. Covid saw the move to a distributed workforce as simple a means to keep business afloat, but as the move to the cloud and digitisation has continued to accelerate, all area of technology investment have followed, and cybersecurity is no different.

This means just simply taking endpoint renewals, or looking to move customers from EPP to EDR (and the latest shiny thing) isn't enough. How can that support BYOD and a more flexible workforce no longer tied to corporate devices? Instead of renewing MFA (multi-factor authentication), can SSO (single sign-on) enable cloud apps to be more easily introduced, reduce time wasted managing multiple passwords, and bring contractors on board without compromising how secure is managed? Instead of simple continuing with VPNs for everyone, can zero-trust limit access to only the apps that are needed, reducing licensing costs and minimising security risks and so using the IT team in a more effective way?

Partners want market validation, not vendor enablement

When I'm delivering training for partners, I often joke about the classic vendor slide deck - pictures of HQ, how many employees they've got, customer logos and then 37 slides on their products. It's enough anymore, even when it includes competitive analysis. They want the insights needed to answer customer challenges and objections - and it's not comparing Product A and Product B. Validation of success that's relevant to their customers is more essential than just displacement, and helps frame a more progressive conversation around outcomes rather than simply another alternative technology product.

ARR vs TCV vs consumption billing

"There's a huge variation in pricing and commercial models right now - and often that means that competing interests can clash. The reporting requirements for the vendors has seen a strong growth in ARR due to how revenues can be booked, but we're seeing partners still often preferring TCV to be able to recognise longer term deals and commitments.

"There's also a rise in interest in consumption billing that's available through MSP partner programs from vendors - but without the managed service, to be able to meet customer demands for paying for exactly what they use. This has meant that distribution in particular needs to be agile and offer a range of options, and facilitate bringing the competing interests together (rather than only offering inflexible third party financing), and ensure that it plays its role helps channel business flow as smoothly as possible."

Read on for predictions from Bytes' Jeremy Edwards and Crayon Group's Aleksandr Vara...

Three channel experts share their cyber predictions for 2024

Experts from e92plus, Bytes and Crayon Group discuss emerging threats, shifts in procurement and the driving forces behind cyber shifts

Jeremy Edwards

Head of networking and security solutions, Bytes

Image
Figure image
Description

Identity and chain attacks on the rise

"This has been a year of significant increase in attack on identity and chain attacks using credentials attached to social engineering and corporate espionage on a grand scale. Distances between IT teams (of all types) and their old friend ‘the user' is potentially greater than ever following significant attachment to digital debt reduction projects after lockdown and gradual recent tightening of the corporate purse.

"We have seen phishing and 3rd party attacks decimate Enterprise and SME organisations alike, as both private and nation state adversaries use the cloak of that aforementioned technical debt and social instability to break identity and connectivity chains.

"The broadsheets' (ok, internet-based news) regular mention of significant and powerful corporates, as well as tech dreadnaughts being caught napping is alarming. AI and eastern state-based concerns consistently raise the eyebrow at board level across the world with threat Intelligence streams pulling grey matter away from the cyber quick wins.

"Getting back to basics and enhancing the engagement and skill levels of our users should be the priority. Locking out and pro-actively managing your vulnerabilities (once an unfavoured and poorly executed task), has to be top of the list of objectives and include your users and device lifecycle in that tower. As AI and more intelligent conversational social engineering creeps up, we must look to pull our cyber socks up from the ground, potentially think less about the shiny new toys and look to use our people as a first line of defence."

How cybersecurity procurement is evolving, and the changing priorities in cyber purchasing

"If I'd been asked this question 12 months ago, I'd have said enterprise licensing agreements (ELA) and platform is the dish of the day - and still is in many cases - platform definitely so, with organisations looking to concentrate or lean on their skills base to drive cost efficiency and management capability.

"But….. the ELA is stalling in the wind of truncated priorities and consistently changing digital demands. An ELA is appetising due to the forward spend confidence it brings, but with it comes a technical lock in that could upset future planning. Part of this current wobble on commitment has been fuelled by the re-design of technology adoption through subscription-based cloud-native solutions, the spiralling costs of which businesses have struggled to contain.

"Mountains of technical debt, early adopters and lack of skills means that the acceleration of digital platform availability is 100% ‘a thing', but so too is the distance between the majority of organisations, their infrastructure at large as well as their cost/spend models.

"I've had some really exciting discussions over the last 18 months where at the beginning of projects and medium term strategies, both procurement AND technical stake holders have been present to explore the art of the possible and kudos to those organisations creating greater lines of communication. Cost optimisation and procurement isn't just about the bottom line or the ‘in-term' budget value of individual purchases, it's about the strategy of aligning an organisations spend with their digital growth.

"For the channel, this has meant that procurement timescales are lengthening which can cause unease and in terms of solutions, augmenting current technology stacks seems to be a favoured path - adding new features to in-situ technology has been prioritised and to credit our technology friends on the other side, their acquisitive and platform focused development over the last 2 years is paying dividend for customer choice. Let's hope the increasing interest in identity & collaboration security as well as asset and vulnerability tools converts.

Three channel experts share their cyber predictions for 2024

Experts from e92plus, Bytes and Crayon Group discuss emerging threats, shifts in procurement and the driving forces behind cyber shifts

Aleksandr Vara

Technical services sales director, Crayon Group

Image
Figure image
Description

Adapting to the ever-changing landscape

These cybersecurity forces underscore the necessity for organisations to remain adaptable in the face of a continually shifting threat landscape. Embracing emerging technologies and evolving processes is crucial. Regulatory efforts and the growing maturity of customers are propelling the adoption of cybersecurity standards. Consequently, businesses must prioritize the unification of security management across hybrid environments and the reinforcement of their security posture. By doing so, they will be better prepared to navigate the complexities of cybersecurity and safeguard their valuable assets in the digital era.