Artificial Intelligence & Machine Learning , Cybercrime , Fraud Management & Cybercrime

Legal Trends to Watch in 2024

CISO Liability, AI, Ransomware and Shadow IT
Jonathan Armstrong, partner, Cordery Compliance

British attorney Jonathan Armstrong examines four cybersecurity legal trends that will shape 2024: heightened personal liability for security leaders, the impact of ransomware, legal and ethical concerns about AI, and the influence of shadow IT, especially regarding messaging apps.

See Also: The SIEM Selection Roadmap: Five Features That Define Next-Gen Cybersecurity

In 2023, the mutating nature of ransomware became a challenge for cybersecurity response, Armstrong said. Ransomware gangs shifted to "one to many" attacks, targeting third-party vendors to make multiple corporations vulnerable.

Armstrong advised CISOs to prioritize vendor vulnerabilities and consider even lower-tier vendors with sensitive information. Regulatory pressures make data breaches a "competitive sport," as regulators grade organizations against each other. Ransomware gangs exploit this by making reports about their attacks, showcasing a more ruthless and educated approach.

To combat this, CISOs need to adapt training strategies, focus on the evolving threat landscape, and collaborate with vendors for due diligence and contractual measures.

In a video interview with Information Security Media Group, Armstrong discussed:

  • How the landscape of personal liability for CISOs will evolve in 2024;
  • The evolution of ransomware and its impact on CISOs;
  • What legal challenges and ethical considerations arise as AI plays an increasingly crucial role in the space.

Armstrong, an experienced lawyer with Cordery in London, is an expert on data protection and data security law. He advises multinational companies on risk, compliance and technology.


About the Author

Anna Delaney

Anna Delaney

Director, Productions, ISMG

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.