The start of the year presents an opportunity for organizations to assess whether their data security programs are effective and what projects they should tackle in the coming months. New and familiar challenges are expected in 2024 as companies work to mitigate cyber risk in an environment of heightened regulatory expectations. To get out ahead of those issues, it can be helpful to proactively consider where companies should direct their attention and resources when setting cybersecurity and risk mitigation priorities for 2024. This article presents the top action items, the challenges such efforts may present and how to overcome those hurdles. See “New Pressures Shift Best Practices for Ransomware Crisis Communications” (Feb. 9, 2023).