From world occasions to the economic system, 2023 was an unpredictable yr. Cybersecurity didn’t stray removed from this theme, delivering some sudden twists. As organizations start planning their security methods for 2024, now’s the time to look again on the yr earlier than and extrapolate what the longer term might maintain.
The yr kicked off with Generative Synthetic Intelligence (GenAI) hitting the headlines and dominating the dialog unexpectedly. The affect of the numerous new makes use of for GenAI rippled the cybersecurity world and was a prime matter and cybersecurity concern, with a data breach of ChatGPT highlighting the danger. Cybersecurity professionals additionally elevated their use of AI know-how to assist detect and forestall assaults.
Ransomware stayed within the headlines, beginning with a rise in quantity. The month of March alone noticed 400 assaults. Native governments had been a chief goal this yr with greater than 34 assaults, together with one incident that shut down vital programs in Dallas. On the excellent news entrance, the U.S. authorities issued the NIST Cybersecurity Framework 2.0 and the White Home Cybersecurity plan took steps to guard vital infrastructure from cyberattacks.
To get insights into what to anticipate within the cybersecurity trade in 2024, we talked to main consultants. Right here’s what they should say.
2024 would be the yr of deception (Charles Henderson, World Head, IBM X-Power)
2024 goes to be a busy yr for cyber criminals amid ongoing geopolitical tensions, main elections within the U.S. and European Union and the largest sporting occasion on this planet (Paris Olympics) all going down inside a couple of months of one another. It’s an ideal storm of occasions that’s going to see disinformation campaigns on a complete new stage.
Cyber criminals have every thing they should deceive unsuspecting customers, shoppers and even public officers by AI-engineered deception techniques. We’re about to see improved deep fakes, audio fakes and really convincing AI-crafted phishing emails in cyber criminals’ efforts to deceive the general public and advance their malicious goals.
GenAI is about to make “buyer acquisition” a lot simpler for cyber criminals (Charles Henderson, World Head, IBM X-Power)
Till now, cyber criminals have been very restricted in how they will monetize from their knowledge spoils collected from the billions of information compromised over time. However all that’s about to alter because of GenAI. GenAI goes to assist filter by, correlate and categorize these large knowledge units in minutes and put them collectively in a programmatic method for cyber criminals to create profiles for potential targets. GenAI’s skill to optimize goal choice is not any completely different from the way it’s enhancing the shopper acquisition course of in advertising and marketing — it’s only a completely different gentle of legality.
Enterprises will see an inflow of “doppelgänger customers” (Dustin Heywood, Chief Architect, IBM X-Power)
With tens of millions of legitimate enterprise credentials on the Darkish Net proper now and the quantity persevering with to rise, attackers are weaponizing id, viewing it as a stealthy technique of entry to overprivileged accounts. Within the subsequent yr, I count on we’ll see extra “doppelgänger” customers popping up in enterprise environments, with customers behaving a sure method at some point and one other method the subsequent — this irregular conduct needs to be enterprises’ signal of compromise. Attackers are assuming reliable customers’ digital identities unbeknownst to them, with this development solely exacerbating in 2024. Safety and password hygiene have by no means been extra essential.
Prepare for the AI model of Morris Worm (John Dwyer, Head of Analysis, IBM X-Power)
The Morris worm is broadly believed to be the primary cyberattack ever reported again in 1988. I believe within the comparatively close to time period we’ll see a “Morris Worm-like” occasion the place AI is confirmed getting used to scale a malicious marketing campaign. With AI platforms beginning to turn out to be usually obtainable to companies, adversaries will start testing the nascent AI assault floor, with exercise growing as AI adoption begins to scale. Whereas we’re nonetheless far out from the day when AI-engineered cyberattacks turn out to be the norm, these items don’t occur in a single day — however the “premiere” is probably going across the nook.
Amid midlife disaster, ransomware is heading for a makeover (John Dwyer, Head of Analysis, IBM X-Power)
Ransomware could also be going through a recession in 2024 as extra nations pledge to not pay the ransom and more and more fewer enterprises succumb to the strain of encrypted programs — selecting to divert funds to rebuilding programs versus decrypting programs. Ransomware operators are beginning to face a money circulate downside, making it difficult to maintain up with their resource-intensive campaigns.
Whereas we anticipate an even bigger pivot to high-pressure knowledge extortion assaults, ransomware isn’t going wherever, as we count on it to shift focus to a shopper or small enterprise goal base the place risk actors’ leverage stays sturdy. However contemplating that ransom calls for towards small and medium-sized companies are more likely to be lower than enterprise victims, it’s clear that ransomware is heading for a makeover.
Generative AI adoption will drive CISOs to concentrate on vital knowledge (Akiba Saeedi, Vice President, Data Safety, IBM Safety)
With enterprises starting to embed GenAI into their infrastructure, they’re coping with new dangers launched by centralizing numerous sorts of knowledge into AI fashions, numerous stakeholders accessing these fashions and knowledge they’re ingesting, in addition to the precise inference and stay use of the mannequin. This threat will drive CISOs to redefine what knowledge can introduce an existential risk to the group if compromised (e.g., elementary IP) and reassess the security and entry controls surrounding it.
Data security, safety and privateness measures are the linchpin to the success of an AI-driven enterprise mannequin. However with knowledge changing into extra dynamic and energetic throughout the setting, the invention, classification and prioritization of vital knowledge will probably be a prime motion for security leaders in 2024.
GenAI will stage up the function of security analysts (Chris Meenan, Vice President, Product Administration, IBM Safety)
Corporations have been utilizing AI and machine studying to enhance the efficacy of security applied sciences for years, and the introduction of generative AI will probably be aimed squarely at maximizing the human factor of security. On this coming yr, GenAI will start to tackle sure tedious, administrative duties on behalf of security groups — however past this, it is going to additionally allow much less skilled crew members to tackle more difficult, higher-level duties.
For instance, we’ll see GenAI getting used to translate technical content material, resembling machine-generated log knowledge or evaluation output, into simplified language that’s extra comprehensible and actionable for novice customers. By embedding any such GenAI into present workflows, it won’t solely unencumber security analysts’ time of their present roles however allow them to tackle more difficult work — assuaging a few of the strain that has been created by the present security workforce and expertise challenges.
From risk prevention to prediction — cybersecurity nears a historic milestone (Sridhar Muppidi, CTO, IBM Safety)
As AI crosses a brand new threshold, security predictions at scale have gotten extra tangible. Though early security use instances of generative AI concentrate on the entrance finish, enhancing security analysts’ productiveness, I don’t suppose we’re removed from seeing generative AI ship a transformative affect on the again finish to utterly reimagine risk detection and response into risk prediction and safety. The know-how is there, and the improvements have matured. The cybersecurity trade will quickly attain a historic milestone: attaining prediction at scale.
A brand new method to security’s “id disaster” (Wes Gyure, Director, Identification and Entry Administration, IBM Safety)
As organizations proceed increasing their cloud providers and functions, each brings its personal disparate id capabilities — creating an online of disconnected id profiles and capabilities throughout cloud, on-premise programs and functions. Prior to now, organizations hoped to consolidate these identities through a single id resolution or platform, however in as we speak’s actuality, organizations are coming to phrases with the truth that this method is neither sensible nor possible.
Within the coming yr, organizations will transfer to embrace an “id material” method which goals to combine and improve present id options somewhat than exchange them. The objective is to create a much less complicated setting the place constant security authentication flows and visibility might be enforced.
“Harvest now, decrypt later” assaults to turn out to be extra widespread with quantum developments (Ray Harishankar, IBM Fellow, IBM Quantum Secure)
Quantum system efficiency continues to scale nearer to the purpose of being cryptographically related, with research performed by World Financial Discussion board, Nationwide Safety memorandums and timelines printed by CNSA suggesting quantum computer systems may have the power to interrupt probably the most broadly used security protocols on this planet by as early because the 2030s. And proper now, classical programs are nonetheless weak to “harvest now, decrypt later” assaults — the place dangerous actors steal and retailer knowledge for later decryption on the possibility of accessing such future quantum computer systems. With quantum computing advancing quickly, we imagine these assaults will turn out to be extra widespread over the subsequent a number of years.
Recognizing these dangers, the U.S. Nationwide Institute of Requirements and Expertise (NIST) has already begun the method of creating new quantum-safe cryptography requirements and is predicted to publish its first official requirements in early 2024. In anticipation of this, organizations ought to begin the method as we speak of figuring out cryptography used of their environments to organize for the transition to quantum-safe cryptography to make sure their knowledge and programs stay protected against threats posed by quantum decryption. With dangerous actors already finishing up “harvest now, decrypt later” assaults, and a few estimates exhibiting this transition may take so long as 15 years, the sooner organizations begin, the higher.
2023 was an unpredictable yr, and 2024 will definitely maintain many extra surprises. However with correct planning and agile cybersecurity methods, your group can meet these challenges as they arrive.