1. AI will be the ultimate cybersecurity paradox, both shield and sword
AI will provide bad actors with a new ”sword” enabling more ways to quickly unleash new and more sophisticated attacks such as targeted spear phishing. However, it will also provide new “shields” for organizations to both prevent and recover from cyber attacks. For example, smarter signature-less and predictive threat detection can spot an attempted breach faster than existing prevention tools could. Despite the high likelihood of increased cyber risks over the coming year, if Security/IT teams avail themselves of the latest ever-evolving cyber threat prevention and recovery tools, they have an opportunity to be more resilient than ever.
2. Automation will be at the heart of recovery
In 2024, we see IT and cyber disaster recovery operations becoming truly executable with more and more automation for reliability and predictability, reducing the time it takes organizations to recover from a cyber attack from days or even weeks to hours.
Here are some of the ways automation will change recovery:
- Automation will speed up recoveries by integrating tools such as IT service management, infrastructure as code, and communications for better visibility and control
- Automated orchestration across people and technology will streamline recovery management and reduce siloed efforts
- Structured data derived from recovery automation will help calculate whether an application hosted in a particular way is able to achieve expected Recovery Time Objectives
- AI will build recovery runbooks in minutes rather than hours
- AI will enhance decision making during a recovery by reducing complex choices that might number in the thousands to a weighted and risk-analyzed choice for people to decide on
3. Regulators will create stricter policies on the systemic and concentration risks of cloud
With dominant cloud providers such as AWS, Microsoft Azure and Google Cloud Platform, there are growing concerns about the systematic risks of one of these cloud providers experiencing an outage or cyber attack that impacts important business services. This increased risk will likely lead to stricter regulations and closer scrutiny of cloud providers. Financial services, healthcare and other regulated industries will need to adopt diversification and multi-cloud strategies to avoid vendor lock-in and mitigate risks.
4. AI will add value and help to automate increasingly complex recovery activities
With increased digitization via automated runbooks and 3rd party datasets, there is more data on previous recoveries (whether exercises or live invocations) available to train AI models to generate the potential paths to recovery.
AI will also be able to take an active role in execution through accessing the detailed recovery task graph structure via technology like Cutover runbooks and be able to support decision making via discrete reasoning tasks in the graph to determine the best path forward as contextual data changes.
5. Simulating black swan events will become easier
One major limitation against cyber and disaster recovery preparedness in the past has been the difficulty of practicing these recoveries in a realistic way. With increased AI capabilities and more software-defined applications than ever before, simulating multi-dimensional outage and threat vectors will become possible. Organizations will also have the opportunity to run tests multiple times a day, rather than annually as many do now.
6. “Strong” AI will enable predictive decision making for resilience
As automation and AI become more widely adopted, there will be both “weak AI” and “strong AI” models. Weak AI models are where machines are constantly running pre-determined algorithms for processes where the outcome is known to be correct. Strong AI on the other hand will focus on predictive outcomes that are harder to prove and will enable people to make key decisions based on inferred relationships across datasets. Strong AI reflects a future where humans and machines play hybrid and complementary roles, each leveraging their strengths for the greater resilience of the organization.
For example, strong AI will infer signal-to-noise KPIs between complex networking, application and third-party datasets before they fail. These new AI resilience models will provide predictive analytics to help teams take the right actions at the right time to avoid outages and reduce recovery times.
What do you think 2024 holds for cyber and IT disaster recovery? Join the conversation via our LinkedIn and Twitter.