CIO Influence Interview with Richard Vibert, CEO at Metomic

“AI-driven DSPM tools will not only identify critical risks but also recognize and mitigate risks originating from AI systems themselves.”

Hi Richard. Welcome to CIO Influence’s Predictions Series 2024. Please tell us about the evolving role of data security teams.

Security teams will detect and protect data across more platforms in 2024.

Effective data security starts with understanding where your sensitive data is stored. After all, you can’t protect what you can’t see.

Right now, we’re only seeing this in limited silos, like data warehouses. But, what about the many cloud vendors and SaaS applications that a team might be using?

If a customer’s phone number is stored in a database, where else might it be stored?

In 2024, companies will expand their focus beyond data warehouses to encompass all their cloud vendors and myriad SaaS applications. Companies will be better equipped to detect, connect, and protect sensitive data across their entire cloud estate, from one unified platform.

What are your predictions for the new-gen data security software and its integrations hosted on the Cloud?

Data security will integrate seamlessly with other security tools.

In the coming year, Data Security Posture Management (DSPM) tools will seamlessly integrate with other security solutions, such as Security Information and Event Management (SIEM) systems.

We are currently seeing vendor consolidation happening across multiple sectors, but this move will enable security teams to improve operational efficiency and allow for a holistic measurement of security performance.

Please tell us more about DSPM tools.

The world of data security SaaS would move from detections to high-impact insights.

Established security vendors will increasingly focus on DSPM solutions, and industry thought leaders such as Gartner will emphasize its significance.

Major Market Trends and Disruptions CIOs Must Be Ready for in 2024

Expect to hear the phrase much more often as it takes center stage in the security landscape.

In the world of SaaS, there are billions of sensitive data points in rest and motion, at any o*******. DSPM can’t protect that data on a datapoint-by-datapoint level – there will be far too much noise.

DSPM tools will evolve from addressing individual data points to identifying higher-level risk patterns, e.g. there’s a script running in Slack that keeps posting email addresses of people subscribing to a newsletter.

This shift will empower security teams to make more impactful changes by prioritizing risks with substantial financial implications.

What stance should organizational leaders adopt to respond to cyber incidents?

Companies will enable the “Human Firewall.”

With data becoming more pervasive across the cloud, particularly in SaaS tools, it will become more difficult for security teams to manually investigate and respond to a continuous stream of alerts.

Instead, the wider workforce will play a more active role in data security.

Dynamic notifications will enable employees themselves to respond promptly to potential threats they’ve caused, turning them into valuable contributors to the overall security posture.

What are your predictions on the role and impact of Artificial Intelligence (AI) in DSPMs?

Using AI to protect the risk of AI

Artificial intelligence (AI) will play a crucial role in enhancing DSPM capabilities, even managing the risk of AI tools themselves.

Whether it’s employees using ChatGPT to write stronger emails, or customers speaking to AI rather than customer service agents, AI feeds off data. AI-driven DSPM tools will not only identify critical risks but also recognize and mitigate risks originating from AI systems themselves.

Thank you, Richard! That was fun and we hope to see you back on CIO Influence soon.