In an environment of continual evolution, business leaders must remain vigilant. Understanding upcoming security trends is crucial for their strategic awareness in the coming year.
Corporations increasingly recognize the correlation between cyber and business risks, with the focal point shifting towards security within the C-suite and the board. Whether executives are substantiating the return on investment for security endeavors, preparing for more covert and pernicious ransomware attacks, or facilitating the development of novel cyber defense mechanisms employing generative AI, the year 2024 will witness an elevation of security as a top concern, starting from upper management and permeating throughout the organization.
Gary Steele, Splunk President and CEO, said, “There will be a noticeable shift in organizations as they integrate greater cyber expertise within their boards and expand the responsibilities of their CISOs, positioning them as influential business leaders. Despite the longstanding presence of cybersecurity discussions in boardrooms, the emphasis on this domain is anticipated to escalate significantly.”
Amidst the heightened scrutiny and the enforcement of new regulations mandated by the Securities and Exchange Commission (SEC) in the United States, emerging technologies such as generative AI play a dual role. It serves as a tool for security professionals while posing threats wielded by cybercriminals. Potential threats encompass AI-designed evasive malware, deepfakes, sophisticated social engineering, and looming data privacy concerns within large language models (LLMs). Despite the risks, experts anticipate leveraging AI to fortify cyber defenses and alleviate talent shortages, allocating resources more efficiently. However, whether the benefits will outweigh the associated costs remains uncertain.
Navigating the complex landscape of evolving cyber legislation, disruptive technologies, and escalating security risks demands unified efforts among teams sharing a joint mission. As organizations increasingly embrace AI, edge computing, and multi-cloud infrastructure, obtaining comprehensive visibility across expanding environments becomes imperative. Achieving this panoramic perspective hinges on alignment among relevant teams and stakeholders. Consequently, organizations should integrate security seamlessly into all operational processes and developmental phases.
In the upcoming year of 2024, fostering collaboration becomes indispensable as resilience evolves into a non-negotiable attribute. By enabling robust communication trust and nurturing shared strengths, organizations can fortify their resilience in the face of adversities in the coming year and beyond.
5 Security Predictions for 2024
#1 AI Adoption for Security Tasks
The persistent influence of AI in cybersecurity is an undeniable trend, shaping the landscape well into 2024 and beyond. The scarcity of skilled cybersecurity professionals drives this evolution amid an ever-increasing demand. The current burden on security analysts, often engrossed in mundane tasks, impedes the potential to enhance an organization’s security stance and foster a robust security culture.
Enter generative AI—a solution poised to alleviate these challenges. Rather than displacing jobs, AI is envisioned as an indispensable assistant, adept at managing repetitive, labor-intensive tasks such as policy creation, process documentation, and data enrichment. It aims to complement human capabilities, akin to an invaluable aid in streamlining operational efficiency. However, the expanded incorporation of AI in cybersecurity introduces new vulnerabilities, potentially expanding organizations’ attack surfaces.
Mike Horn, SVP and GM of Splunk Security, said, “The looming prospect of security incidents propelled by AI is on the horizon. Concerns revolve around malicious manipulation of AI training data, disrupting the model’s decision-making—a threat vector known as AI poisoning. Addressing this imminent challenge entails understanding how to secure AI systems while devising strategies to counter AI-driven threats, thereby fortifying cybersecurity defenses in the evolving digital landscape.”
#2 Threats are Poised to Decentralize and Democratize
Cyberwarfare remains persistent and poised for escalation in 2024, with nation-state actors leveraging AI to weaponize cyber threats in alignment with their political agendas.
Ryan Kovar, Security Strategist and SURGe, mentioned, “The speed of disinformation dissemination is set to accelerate. This utilization of AI tools won’t be confined to amateur hackers; instead, it will extend to nation-states seeking to exploit AI for politically motivated attacks, hacktivism, and sabotage amid high-profile global conflicts and national elections.”
Mike Horn, SVP and GM of security highlights the unfortunate integration of disinformation into national conflicts, predicting an uptick in misinformation and targeted hacking across various organizations during an upcoming U.S. election year. Kovar emphasizes the evolving landscape, citing instances in Russia and Ukraine where joint cyber and kinetic strikes targeted non-military entities, indicating a shift in cybersecurity focus towards unconventional attacks, diverging from traditional power plant takedowns.
The advent of 5G technology introduces new vulnerabilities, expanding the attack surface in unprotected ways. Paul Kurtz, the chief cybersecurity advisor at Splunk, emphasizes the intertwined nature of data and software in 5G, potentially complicating critical operational technology. The nascent state of 5G security prompts concerns regarding its distributed infrastructure and organizational responsibility for safeguarding it. Kurtz stresses the necessity for delineating responsibility for edge infrastructure and broadcast networks in 2024, acknowledging the complexities and the need for clarification in this evolving landscape.
#3 Elevated Stakes for CISOs on the Horizon
With the evolving technological dependencies, CISOs have transitioned from advisors to integral C-suite members. Previously tactical, they’re now set to become influential cyber champions and business leaders in 2024, aligning closely with boards and gaining more sway in shaping cybersecurity strategies.
As per Splunk’s research report, 79% of line-of-business stakeholders perceive the security team as a reliable information source or a pivotal facilitator of the organization’s mission.
However, this heightened status comes with increased responsibility, particularly in navigating stricter regulations. Recent SEC rules require prompt disclosure of cybersecurity incidents by public companies, underscoring the link between cybersecurity and information system value. Boards are urged to improve their technical understanding of cybersecurity matters.
Paul Kurtz stresses the need for boards to understand the potential impact of cyber events. CISOs, while not solely responsible for assessing effect, play a crucial role in bridging technical and board-level perspectives. This evolving landscape demands that CISOs manage intensified scrutiny, increased financial and organizational risk, and higher liability for cyber risks. Prompt incident disclosure is essential to avoid legal or financial repercussions.
#4 Ransomware Actors to Broaden Tactics
Ransomware remains one of the most significant threats in the foreseeable future. Cybercriminals are actively exploring new avenues for expansion, capitalizing on ransomware’s profitable and relatively low-risk nature. Findings from Splunk’s recent CISO Report reveal that 83% of organizations affected by ransomware attacks opted to pay the ransom, with over half paying amounts exceeding $100,000.
While the destructive nature of ransomware might not notably escalate in 2024, cybercriminals are expected to diversify their strategies and targets, employing inventive approaches. CISO Jason Lee points out an increasing reliance on zero-day threats, i.e., security vulnerabilities lacking a known patch, to breach networks. “These vulnerabilities hold immense value,” Jason notes. “Exploiting a zero-day is a costly endeavor.”
Traditionally, leveraging untested zero-day vulnerabilities posed significant risks. Ransomware attackers favored well-established vulnerabilities, counting on the likelihood of them remaining unpatched and slipping past defenses. However, as cybersecurity teams bolster ransomware security measures, attackers devise innovative methods to circumvent these heightened defenses. The emergence of newly-created zero-day threats offers an answer to these challenges.
Despite these challenges, there is a silver lining in potential law enforcement crackdowns on ransomware due to its escalating global costliness. This could lead to increased international prosecutions. Nevertheless, the prospect of data recovery remains uncertain and protracted when falling victim to ransomware.
#5 Growing Challenge of Software Vulnerabilities
Addressing software vulnerabilities will present more significant challenges. Throughout 2023, frequent software vulnerabilities emerged, leading to vulnerabilities in supply chains like the Moveit attack. Continuously emerging vulnerabilities, commonly addressed during Microsoft’s Patch Tuesday, pose an increasingly formidable task for organizations.
Compounding this issue is the inadequate responsiveness of many firms to the warnings they receive. Even after disclosing and providing appropriate fixes for security issues, many entities disregard the alerts or exhibit sluggishness in applying the necessary patches.
Wright anticipates heightened scrutiny of suppliers in the forthcoming year to ensure prompt action. In light of this, he strongly advocates that firms prioritize asset management and bolster vulnerability programs.
Future Outlook
Cybersecurity will undergo significant changes in the future, different from what we see today. AI adoption is set to revolutionize business operations, enhancing creativity while posing substantial privacy concerns. This period is expected to witness the transformation of CISOs into pivotal business leaders, necessitating strong alliances across diverse sectors. The convergence of geopolitics and cyber threats could lead to cyber warfare becoming a facet of kinetic conflict. Furthermore, stringent global cybersecurity regulations will likely be enforced, emphasizing accountability for cyber attackers. Organizations should proactively adapt to evolving technical standards that will profoundly influence future societal structures and functions. Amidst these changing trends, it becomes imperative for companies to acknowledge the impact of technical standards on the future society. Investing in proactive measures and understanding the impending changes in internet functioning is crucial for navigating the upcoming shifts.
Kirsty Paine, Field CTO and strategic advisor for EMEA emphasizes, “Industry can’t remain apolitical. Companies should understand that their politics and ethics influence technical standards, reshaping the internet’s functionality. It’s crucial to consider the implications on the future and societal norms. Investing in these changes beforehand is vital as they will inevitably affect your business.”
FAQs
1. How is AI influencing the future of cybersecurity?
AI is expected to play a vital role in streamlining security tasks, such as automating repetitive tasks, enhancing analysis, and improving efficiency. However, its increased integration may also introduce new vulnerabilities and challenges.
2. What challenges might Chief Information Security Officers (CISOs) encounter in the upcoming year?
CISOs will likely face intensified scrutiny, greater responsibility for incident disclosures, and increased pressure to bridge technical and board-level perspectives amidst evolving cybersecurity landscapes.
3. How are ransomware attacks expected to evolve in 2024?
Ransomware attackers are anticipated to diversify their strategies, possibly relying more on zero-day threats to exploit unpatched vulnerabilities, posing significant risks to organizations.
4. Why are software vulnerabilities becoming increasingly challenging to address?
The frequency of software vulnerabilities is rising, compounded by slow response rates from entities even after receiving alerts and fixes. Prioritizing asset management and vulnerability programs is becoming essential.
5. What is the role of AI in addressing cybersecurity challenges, and what risks does it pose?
AI aids in automating tasks and enhancing efficiency but introduces new concerns like AI-driven threats, such as AI poisoning, which can disrupt AI decision-making and pose security risks.
[To share your insights with us, please write to sghosh@martechseries.com]
