Kevin Weiss, the CEO of Sectigo, says deep fakes will become a mainstream component of spear phishing

Tell us about the cybersecurity trends for 2024.
In 2024, transitioning to quantum-resistant cryptography will become a mainstream boardroom discussion. No longer a buzzword or a topic to be tabled, becoming crypto-agile to prepare for post-quantum encryption will be a key focus for the C-suite next year. This shift has been strongly supported by NIST’s development of quantum-resistant encryption and its impactful educational campaign on quantum’s threat to decryption. They have now transformed a once theoretical discussion about decryption into a mainstream business focus.

Deep fakes will become a mainstream component of spear phishing and social engineering attacks and will make headlines around the globe for this. Our ability to trust the genuine nature of any apparent recording of reality, such as an image, video, or audio file, will be destroyed. Unfortunately, the public’s understanding of this complete loss of reliability in previously trusted media types will lag behind reality, and many people will become victims of scams as a result.

In 2024, certificate automation is poised to mark another significant milestone, transcending its previous enterprise-level boundaries to redefine businesses and sectors of all scales. The surge in automation will intricately weave together our already interconnected digital infrastructure, transforming it into a seamless entity of automated services.

Which products and solutions will you be showcasing at GISEC 2024?
We will be showcasing the launch of SCM Pro, the first-of-its-kind solution to bring the robustness of enterprise CLM to SMEs, which will level the playing field between large enterprises and the mid-market. The industry is witnessing a shift towards shorter certificate lifespans, with big tech companies like Google driving toward a maximum SSL certificate validity of 90 days, as opposed to the full year we have today.

Certificates expiring within 90 days bring at least five times more certificates under management, meaning five times more work for companies still doing this manually. This illustrates the critical need for automated CLM solutions. The release of SCM Pro means enterprises who formerly could only manage their certificates by hand now have a single automated view of every public certificate in their IT estates regardless of the issuer. They no longer have to worry about renewals, revocations, or replacements. This offers SMEs a robust, automated, and cloud-native CLM solution previously only available to large enterprises.

How are you equipped to help companies overcome digital security and privacy challenges?
At Sectigo, we are dedicated to helping businesses overcome their unique challenges. We offer a comprehensive range of solutions that include digital certificates, PKI management, IoT security, and managed services. Our digital certificates are trusted by all major browsers and devices, ensuring that client websites, software, and documents are secure. Our PKI management platform allows companies to easily issue, manage, and revoke digital certificates at scale, supporting various use cases.

In addition, we provide end-to-end security solutions for IoT devices, such as device identity management, secure boot, and secure firmware updates. With a strong focus on innovation and customer satisfaction, we always aim to help businesses of all sizes and industries address their digital security and privacy challenges.

Is there a skills gap in the cybersecurity industry? What needs to be done to bridge that gap?
The cybersecurity industry faces a vast skills gap, with reports suggesting a global shortfall of up to four million qualified professionals. This is evident in studies showing that 71% of organisations report being impacted by the shortage, leading to increased workloads for existing security teams and a rise in unfilled cybersecurity positions.

While initiatives to increase the number of skilled IT professionals can help a little, it’s difficult to see the traditional response catching up with this decades-long pain point. Enterprises should look to automation and AI as the tech-savvy responses to this persistent problem. These approaches can eliminate vast amounts of inefficient manual labour and allow our constrained technical human resources to focus on the high-value work that only humans are suitable to deliver.