Over the last few years, we have borne witness to an era defined by rapid technological advancements and while this has led to numerous positive outcomes, it has also created a complex and dynamic battleground over digital assets. Now, as we head into 2024, the cyber security industry is only set to become more of a labyrinth. From the continued integration of emerging and established technologies to the ever-evolving threat landscape, the next 12 months will not be simple for cyber security teams.
Setting the scene
As we approach the new year, Richard Starnes, Chief Information Security Officer at Six Degrees highlights that, “We can expect a significant rise in state-sponsored and organized crime cyber attacks, particularly focusing on critical infrastructure and key industries. This will continue to lead to exploitation of smaller companies further down the supply chain.”
Agreeing, Martin Rothe, Security Operations Team Leader at Node4, adds that, “There are big elections in both the UK & US coming up in 2024 which are likely to have a few cyber security implications, such as nation-state attacks against political-campaigns, local government organizations, and voter-registration systems, as we saw in 2016.”
Furthermore, 2023 has assured itself a spot in the history books as the year in which Generative AI burst onto the scene. Looking specifically at how it is helping cyber attackers, Rothe elaborates: “AI will enable faked voice/video calls for social engineering and more personalised phishing messages that are harder to identify. 2024 will likely be the start of this, as the technology continues to develop, but the good news is that it doesn’t look like a large wave is imminent.”
Threat intelligence – are shiny shields overshadowing the more robust ones?
AI has been a transformative agent for the development of organizational defence. For example, Avkash Kathiriya, Sr. VP – Research and Innovation at Cyware, predicts that the integration of threat intelligence with AI and ML will continue to accelerate. He explains: “This integration will work to enhance threat prediction and response capabilities. The trend of cross-industry collaboration in sharing internal and external threat intelligence will also become more commonplace, underlining its role in building robust and adaptable cyber security strategies. It will drive change within the industry and we will see trusted community intelligence become more valuable than commodity intelligence.”
On the other hand, Laurie Mercer, Security Architect at HackerOne, argues that: “Business and security leaders risk being distracted by AI and not focusing on basic cyber security hygiene, such as password protection, authentication methods, and security logging.” He continues:
“As their focus gets diluted, the chances they’ll become a victim of an attack through their cloud infrastructure, or even a simple mistake in a web application, massively increase.
“Security leaders must maintain a focus on traditional threat vectors, keep up with the latest threat intelligence, and invest in regular security assessments by skilled security professionals, testers, and hackers. Businesses that work with ethical hackers to continuously test the robustness of their attack surface are less likely to fall victim to cyber attacks as potential vulnerabilities can be identified and fixed at scale with an additional force of defenders.”
New tactics, new attitudes
With technologies and the threat landscape constantly evolving, organizations in 2024 will need to constantly reassess their security methods to ensure that they are maintaining a holistic approach. This is especially important considering that cybercriminals never plateau – they are forever finding new tactics and utilising new technologies to find more efficient ways of inflicting harm.
For example, “Previously, when ransomware attackers gained access to their victim’s data, they would either steal or lock it – now they do both,” states Christopher Rogers, senior technology evangelist at Zerto, a Hewlett-Packard Enterprise company. “This double extortion tactic now means that, even if an organization can recover its data, the attackers leak the information regardless. In conjunction with this, we are also seeing more cybercriminals specifically going after the tools that help businesses recover from attacks – making disaster recovery harder than ever.” He continues:
“The changes we are expecting to see in 2024, however, go beyond a shift in tactics and technology. As the prevalence and lethality of ransomware attacks continue to increase, we are seeing a significant change in people’s attitudes when it comes to cyber attacks. The conversation has moved from ‘I haven’t been hit’ to ‘I haven’t been hit yet’, or even ‘I was lucky – I wasn’t badly hit’.
“Unfortunately, this change in acceptance has made it far more difficult to obtain quality cyber insurance. Not only are insurance policies getting more expensive, but they are also frequently designed to catch out the organization it’s supposed to be supporting or, at the most, cover the ransom but not the fallout from downtime and damaged brand reputation.”
Identification barriers and detection watch towers
One way that organizations can protect their data is through identity-based security. Stuart Hodkinson, VP EMEA, PlainID, explains: “Next-generation authorisation will be the difference between a nagging headache for security teams, and a full-blown breach.”
“We can expect to see a shift towards advanced data access controls that are identity-aware, dynamic, fine-grained, and governed by policies. Rather than wait for legislation to dictate how your company protects its workload, I encourage data owners to think of identity-first security as part of their data access control strategy and to research their options.”
SIEM has also evolved, boosted by automation, to improve its data protection capabilities.
Concurring, Egon Kando, Vice President EMEA at Exabeam, elaborates: “AI is projected to bolster new detection capabilities and act as a co-pilot in incident response, transforming how security teams respond to threats. The role of behavioural analytics will be more critical in the threat landscape, especially since valid credentials are the key to obtaining valuable data.”
Creating your robust strategy for 2024
Clearly, there is a lot at stake in 2024. Criminals have established new routes to ‘trojan horse’ themselves into organizations’ infrastructure and AI has enabled them to establish even more sophisticated and complicated phishing campaigns.
With this in mind, “As we approach the New Year, I would remind anyone looking to consolidate in 2024 to evaluate their current stack, identify which tools can be replaced, and develop a roadmap tailored to your specific security goals”, concludes Connie Stack, CEO of Next DLP.
“Consolidation involves more than adopting new technology or embracing an aggressively discounted license that finance teams adore; it’s about reshaping your security strategy, leveraging Big Tech and other specialist solution providers, quantifying the total cost of ownership, understanding your gaps, and aligning them with your organization’s goals and security needs.”