In 2023, we brought together risk-management leaders responsible for overseeing cloud adoption, and hosted roundtable sessions for cloud adoption risk-management leaders. Cloud adoption risk, compliance, and control leaders can play a valuable role in 2024 by helping their organizations turn risk management results into a stronger driver of digital transformation goals.

This past year was a watershed moment for patient safety in medical devices. The FDA noted that without good cybersecurity, you cannot have a safe and effective medical device. A new law requires all new medical devices to incorporate secure-by-design practices, have strong ongoing vulnerability and patch management support, and provide a software bill of materials. This security work should align with the manufacturers’ quality management systems, which is important because we expect to see strong enforcement of the new rules.

We’ll see supply chain vulnerabilities drive the conversation. Reliance on global suppliers and the continued convergence of interconnected systems are creating new attack surfaces that bad actors are using to compromise critical infrastructure and disrupt production. We are seeing this play out in multiple areas including in-vehicle hacking, smart energy grid vulnerabilities, operational technology exploitation, and industrial espionage that includes both intellectual property theft and competitor degradation. Customers should start developing plans to transform their security posture by leveraging cloud technologies and augmenting their capabilities with AI where it makes sense.