Analysts share their predictions. Is your organization prepared for the threats the coming year will bring?
As 2023 draws to a close, it's time to take a look at the future cybersecurity trends and predictions that have analysts and industry leaders most excited.
This year in particular has been marked by a flurry of ransomware attacks, many of which have evolved into double and even triple ransomware attacks, where classic encryption and data theft followed by blackmail are joined by, for example, DDoS attacks that completely paralyze components of a company's business that have managed to survive encryption.
Machine learning, which has gained momentum, has also changed the cybersecurity landscape and brought generative artificial intelligence to the forefront of cyber threats, which is increasingly being used maliciously by black hat hackers.
Here are nine cybersecurity predictions and trends for 2024 that you should be aware of anyway, even if not all of them come true.
1. Increase in ransomware attacks using zero-day vulnerabilities.
Attackers may turn to zero-day vulnerabilities even more frequently in the new year to target the enterprise sector, according to Dick O'Brien, principal analyst at Symantec, part of enterprise technology vendor Broadcom. As the high-profile and devastating attack on MOVEit Transfer in May made clear, attackers may well be able to exploit one single vulnerability to attack hundreds of organizations at once using a single vulnerable tool or technology.
"This is quite effective because hackers get multiple victims at once in a single attack or campaign," O'Brien explained. "The damage is done before information about the attackers' methods is even publicly known."
In general, discovering zero-day vulnerabilities is not easy. Attackers need long and stable funding, as well as specialized skills to carry out such attacks. This fact, however, does not mean that there will be fewer such attacks in the future. On the contrary, the Cl0p hackers have shown the entire cybercrime community the effectiveness of such tactics, and have only spurred other black hat hackers to look for Zero-day vulnerabilities with even more enthusiasm.
2. Generative AI and email security and cybersecurity 2024.
Generative AI will dominate the technology industry in 2023, so no list of trends would be complete without considering how it can impact organizations from a threat perspective.
The potential of artificial intelligence is virtually limitless. Where even the most sophisticated fraudster would run out of ideas, ChatGPT or its darker counterparts may well be able to come up with new, completely unique and equally sophisticated options for future attacks.
While attackers are already making heavy use of generative AI to improve phishing campaigns, new trends promise advanced machine learning capabilities in mimicking high-profile individuals or publicly known executives.
"People are very active on social media, where they publish a lot of information and posts. It's easy to take all that data, put it into something like ChatGPT and have it write something in the style of that particular person," said Oliver Tavakoli, CTO of Vectra AI, a cybersecurity provider.
"An attacker can send an email to an employee claiming it is from the CEO, CFO or similar position. Receiving an email that sounds exactly as if it is actually coming from your boss certainly seems much more real than a regular email," Tavakoli explained his train of thought.
To combat such social engineering attacks, the expert recommended that organizations conduct awareness training for employees, regularly determine their overall security posture, and occasionally even stage local sabotage to identify the weakest link in their workforce before it is discovered by the attackers.
3. Passwordless Access Practices
For years, the cybersecurity industry has been talking about how nice it would be to do away with the outdated concept of classic passwords and replace them with modern and more secure passwordless access. Well, 2024 could very well be the year when the long-awaited transition will affect most organizations.
"It's finally going to happen. In the coming year, we're going to really do away with passwords, and biometrics is going to be the winning method," said Blair Cohen, founder and president of AuthenticID, an identity and access management (IAM) provider.
According to Cohen, biometrics has several advantages and is the most common authentication option, as people have been using fingerprint and facial scans on consumer devices for years. Biometrics can also resist attacks and fraud far better than one-time access codes via SMS or email.
Most cybercriminals still won't mess with outright criminals to literally "get the fingers" of employees with the necessary level of access. Well, copying a target's biometric data in the manner of the "Mission Impossible" movies is also far from easy to implement.
Meanwhile, the question of which industry standard for passwordless access will ultimately win out is still a matter of debate. According to Cohen, FIDO2 is a bright contender, but by no means a clear winner.
"I applaud FIDO2 and think it's great for everyday consumer use, but I don't think this standard will be the choice of enterprises, large banks, etc.," Cohen said, emphasizing FIDO2's vulnerability to third-party fraud.
Jack Poller, an analyst in TechTarget's corporate strategy group, disagreed. He said FIDO2 will take the lead in the consumer market because many corporate organizations, such as Google, Amazon and Apple, currently support the standard. And also because FIDO2 is quite resistant to phishing, which is enough for a good level of security in most cases.
4. Closer collaboration between cybersecurity executives, company directors, and community organizations
Increasing economic uncertainty has led to shrinking security budgets. In 2024, CEOs are likely to work more closely with community organizations and CISOs to determine where best to spend their budgets, according to Chuck Randolph and Marisa Randazzo of Ontic. That requires a clear understanding of where risks exist for organizations and how to keep data and employees safe, both in the office and remotely.
"If I'm working in a C-suite, I think about prioritizing risk, optimizing budgets and proactively investing in security. Both digital and physical," Randolph said.
Organizations should conduct risk assessments and make sure stakeholders have a voice in security budgeting, he advised.
Randolph and Randazzo added that IT security can be combined with physical or corporate security, such as identifying and monitoring potential insider threats or disgruntled employees. CISOs can contribute to IT security, while, for example, human rights organizations will look at workplace violence.
5. Advanced identity verification.
In 2024, more and more organizations are expected to conduct advanced identity checks to ensure that all employees, partners and customers are who they say they are during account registration, especially as artificial intelligence improves.
"If I've never met you before, even if you show up on calls in Zoom, how do I know it's really you and not an imposter with access to your computer?" rightly said the CISO of one of the companies surveyed.
Organizations will increasingly use identity verification to secure account access or reset requests. Technology can also compare employee photos and information with government documents, as well as provide fake detection to make sure someone isn't using an image or video created by artificial intelligence.
6. Increase adoption of proactive security tools and technologies and cybersecurity 2024.
"Organizations should invest more in proactive security tools and technologies in 2024 to better identify vulnerabilities and breaches in their systems," said Maxine Holt, senior director of research and content at analyst firm Omdia. With proactive security, she said, organizations will be able to know in advance where best to spend the company's budget for maximum results.
Holt recommended that companies examine proactive security technologies to decide which would be most applicable and effective within the organization in question.
She cited the following technologies as examples:
risk-based vulnerability management;
attack surface management;
application, cloud and data security tools;
attack path management and security controls validation, including penetration testing, breach and attack modeling.
7. Additional rules for devices in the organization
The adoption of the Internet of Things (IoT) continues to gain momentum, as does the lack of proper security measures in embedded devices. In 2024, we may see increased regulatory scrutiny, especially as the threat of artificial intelligence grows and attackers look for additional attack vectors.
"The outlook for regulating connected devices will continue to evolve as governments and regulators develop more comprehensive frameworks to address the increasing use and development of connected devices, as well as the increasing sophistication of attackers," said Veronica Lim, head of product security at consulting firm Deloitte. "We'll see organizations adhere more rigorously to cybersecurity standards."
How organizations will deal with the tightened regulations, however, remains to be seen. Lim explained that many organizations are already having trouble applying security patches in a timely manner, which opens up increased opportunities for hackers to maliciously exploit. "Connected devices are often targeted by attackers because they often contain outdated and vulnerable software," Lim said.
8. Third-party vendors struggle to stay safe
Data breaches by a third party, such as a vendor or partner organization, can yield more lucrative results for attackers. Third parties typically have their own security strategies and infrastructure that may not fundamentally align with their customers' strategies, opening up additional avenues of attack.
"The bad guys have really excelled at identifying these third parties that help them bypass the strong security mechanisms of large organizations like banks, for example," said Alex Cox, director of threat intelligence at LastPass. "A large bank spends a lot of money on security, but the third-party vendors they partner with usually don't. If hackers get access to that vendor, it gives them access to a bunch of other companies as well."
For organizations concerned about third-party vendor security, there's no easy answer either. Cox said that while it's difficult to provide a certain level of security in conjunction with third parties, organizations should consider creating a security checklist for their vendors to follow or require a third-party security assessment before doing business with any vendor.
9. Providers can influence cyber insurance policies
Organizations often purchase cyber insurance policies to mitigate ransomware attacks. At the same time, cyber insurance carriers are improving their underwriting (risk assessment) procedures, and some vendors may be identified as unreliable and may affect an affected company's ability to receive benefits.
According to Jess Byrne, an analyst at consulting firm Forrester, in 2024, organizations may have to spend a little more time vetting the security of their current and potential vendor partners to avoid getting into a nasty insurance denial situation in the future.
Some information security professionals already believe that cyber insurance carriers have too much influence when it comes to incident response decisions. Forrester predicted that this trend will continue next year.
Conclusion
As noted above, the field of cybersecurity is not standing still. It is constantly evolving, with new threats and challenges emerging literally every day. To effectively counter cybercriminals, companies need to be aware of future trends in the industry.
In 2024, attackers' tactics are expected to continue to evolve, including the use of artificial intelligence capabilities. At the same time, new promising defense methods, such as biometric authentication or proactive threat detection technologies, are emerging and being integrated everywhere.
In order to effectively confront the upcoming challenges, companies need to not only follow cybersecurity trends, but also implement modern and reliable solutions in a timely manner. Agility and the ability to adapt to change will be the key to success in this challenging battle, helping organizations save their data, resources, time and money both next year and throughout the lifecycle.