Cybersecurity is a constantly evolving field, with new threats and challenges emerging every year. As we enter 2024, organisations must stay ahead of the game to protect their sensitive data and digital assets.
From the rise of generative AI to the increasing threat of nation-state attacks, it is crucial for businesses to understand and adapt to emerging trends to ensure their security posture remains strong.
Bernard Montel, EMEA Technical Director and Security Strategist, at Tenable commented, “Cyber crime costs in the United Kingdom (UK) reached an estimated 320 billion U.S. dollars as of 2023 — and businesses should only expect that number to keep rising.”
Ransomware has been a persistent and damaging threat in recent years, and it shows no signs of slowing down in 2024.
Cybercriminals are becoming increasingly sophisticated in their attack techniques and targeting. One of the key drivers of this trend is the global nature of ransomware gangs.
Previously dominated by Eastern European and Russian individuals, these groups are now diversifying, with more members from Western societies joining their ranks.
This change enables them to better understand social norms and launch more effective social engineering attacks.
In addition to the changing composition of ransomware gangs, their tactics are also evolving.
They are actively targeting third-party tools and software providers to exploit vulnerabilities and gain access to multiple targets simultaneously.
This approach allows them to maximise their profits and cause significant disruptions. As a result, organisations must remain vigilant and implement robust security measures to prevent and mitigate ransomware attacks.
Whilst we haven’t seen the use of Generative AI to help with the social engineering behind ransomware targeting yet, we may in 2024. Mike Gillespie the MD with the Cyber Security company, Advent IM, says, “Ransomware is claiming more victims’ because organisations keep failing to adequately educate.”
As technology advances, nation-states are increasingly involved in cyber warfare. In 2024, we can expect to see a surge in state-sponsored cyberattacks and espionage, particularly targeting critical infrastructure. These attacks can have significant geopolitical implications and disrupt vital services.
The UK is lucky as the National Cyber Security Centre (NCSC) is proactively monitoring and advising on APT and state actors.
However, what is really needed globally is the establishment of a Cybersecurity Geneva Convention, aimed at deterring nation-state attacks and holding perpetrators accountable.
The closest attempt to create this was the Tallinn 2 manual published in 2017 and it is unlikely we will see anything else in 2024.
That means the world remains a free-for-all for APTs and Nation State actors and the increasing global instability is leading to a sharp rise in their ‘below the threshold’ activities, i.e. those that are below the threshold that would constitute a formal attack.
While external threats often dominate headlines, insider attacks are a growing concern for organisations. Insider threats can be either malicious or unintentional, with employees or trusted individuals compromising security either intentionally or accidentally.
Mike Gillespie thinks, “Cyber security is becoming dysfunctional,” however, organisations will continue focus on enhancing their monitoring and detection capabilities to identify insider threats promptly.
Key to this is ensuring employee training and awareness programs play a crucial role in mitigating these risks.
Striking a balance between trust and vigilance is essential, as organisations seek to protect their sensitive data from insider threats.
Info stealer malware is on the rise, posing a significant threat to organisations in 2024. This type of malware is designed to steal sensitive information, such as authentication data, personal details, and financial information, from infected browsers.
Cybercriminals leverage this stolen data to impersonate legitimate users and gain access to corporate networks, enabling them to carry out sophisticated cyberattacks without detection.
To combat info stealer malware, organisations must implement comprehensive malware remediation strategies.
Monitoring the dark web for stolen data and invalidating compromised sessions and vulnerable APIs are critical steps in protecting against this evolving threat.
Artificial Intelligence (AI) and Generative AI (GenAI) have become powerful tools in various industries, including cybersecurity.
In 2024, we can expect to see an increased use of AI and GenAI in cyber-attacks. This technology enables threat actors to carry out more intelligent and personalised phishing campaigns, leveraging data scraped from social media platforms.
Moreover, deepfake technology, which creates realistic but fabricated content, poses a significant challenge in determining the authenticity of images and videos.
While AI and GenAI present challenges for cybersecurity professionals, they also offer opportunities for defence.
Organisations can leverage AI to enhance risk analysis, threat detection, and automate alerts and responses.
By adopting an adversarial mindset and training AI models with offensive and defensive samples, companies can stay one step ahead of cyber threats.
Additionally, hosting AI models in secure environments and implementing model assurance and stress testing are critical for safeguarding these technologies.
The relationship between Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs) is crucial for effective cybersecurity management within organisations.
However, in many companies, these two roles are not fully aligned. The CISO is responsible for creating security policies, while the CIO is tasked with enforcing them.
This misalignment often leads to project delays, budget overruns, and conflicts over priorities.
To address this issue, organisations will increasingly focus on aligning the objectives and responsibilities of CISOs and CIOs.
Process automation projects, particularly those driven by cloud technology, will play a crucial role in facilitating this alignment.
By incorporating security by design into new processes and fostering collaboration, companies can ensure that cybersecurity is an integral part of their IT and business strategies.
Greater responsibilities being placed at board level through increased regulation with push changes in this dynamic.
In 2024, compliance and regulations will continue to shape the cybersecurity landscape. Companies will face increasing data protection and breach disclosure requirements, with stricter penalties for non-compliance.
As the use of AI expands and cyber threats become more sophisticated, organisations must ensure they meet regulatory standards and adopt best practices.
Embedding security into product development and adopting secure access protections are essential for complying with evolving regulations.
Proactive measures, such as regular stress testing and model assurance, will help organisations stay ahead of regulatory requirements and protect their data.
As we look into 2024, the cybersecurity landscape is filled with both opportunities and challenges with the biggest challenge and biggest opportunities possibly being issues we haven’t yet identified.
What is clear is the world is increasingly unstable and interconnectivity is more important; that leads to cyberspace being an increasing focus for malign actors.