2024 will be a year dominated by artificial intelligence-created deepfakes and advanced phishing attacks, but also new AI-based detection applications to help defenders.
These are among the predictions from companies that provide cybersecurity solutions. We’ve collected comments from over 30 vendors to give infosec pros an idea of what they will face in the next 12 months:
“Our reliance on AI for cybersecurity is undeniable,” said Sergey Shykevich, threat intelligence group manager at Check Point Software Technologies, “but as AI evolves so will the strategies of our adversaries. In the coming year, we must innovate faster than the threats we face to stay one step ahead. Let’s harness the full potential of AI for cybersecurity, with a keen eye on responsible and ethical use, ”
Next year will see more threat actors adopt AI to accelerate and expand every aspect of their toolkit, the company says. Whether that is for more cost-efficient rapid development of new malware and ransomware variants or using deepfake technologies to take phishing and impersonation attacks to the next level.
Brendan Peter, vice president of global government affairs, SecurityScorecard:
The forthcoming rewrite of Presidential Policy Directive 21 (PPD-21) will create a paradigm shift in critical infrastructure security. Expected in the first half of 2024, this comprehensive update will empower critical infrastructure sectors to embrace data-driven risk management and enhance their resilience against evolving threats.
By tightening requirements and definitions, PPD-21 will foster a culture of data-driven risk assessment and communication across all critical infrastructure sectors in the year ahead. This transformative overhaul will spark critical conversations around the unique needs of each sector, paving the way for a more collaborative and transparent approach to safeguarding the nation’s digital backbone.
The revamped PPD-21 marks a pivotal moment in critical infrastructure security, empowering sectors to stay ahead of the curve and protect the nation’s vital assets.
Jody Westby CEO, Global Cyber Risk LLC:
Cybersecurity will continue to be a top risk for organizations in 2024. The use of generative AI and deepfakes in targeted phishing attacks, AI-generated malware, and automated attacks will present significant challenges to organizations. Looking ahead, cloud and SaaS providers will continue to be favored targets as criminals understand a successful attack on one of these vendors can result in a jackpot of data from many companies. Organizations that have not established a vendor risk management program and integrated vendors into their incident response plans will struggle to manage these attacks.
Rick Howard, CSO N2K Networks:
The SEC fraud charges against SolarWinds and their CISO, Tim Brown, will have a chilling effect on hiring CISOs in the future. At the very least, most CISOs will insist on compensation packages that include directors’ and officers’ liability insurance and golden parachute firing clauses. At the most, companies will start to include CISOs as part of their executive officer team alongside the CEO, the CFO, and the CTO. You won’t see these things immediately, but the climate has changed. This is what CISOs are talking about now.
Zach Capers, manager of research lab and senior security analyst, GetApp:
In 2023, we finally saw some positive signs in the world of security as evidenced by our fifth annual data security report. Businesses appear to have rebounded from an influx of pandemic-fueled vulnerabilities and have begun locking down systems like never before. This means that cybercriminals will increase reliance on social engineering schemes that exploit employees rather than machines.
Moving into 2024, our research finds the number one concern of IT security managers is advanced phishing attacks. And we’re not only talking about email phishing. SEO poisoning attacks are a rising phishing threat designed to lure victims to malicious lookalike websites by exploiting search engine algorithms. This means that employees searching for an online cloud service might find a bogus site and hand their credentials directly to a cybercriminal, have their machine infected by malware, or both. In 2024, it will be more important than ever to educate employees on the sophisticated and increasingly dynamic methods used to trick them into handing over sensitive information that can result in damaging cyberattacks.
Andrew Newman, CTO and co-founder, ReasonLabs:
The MOVEit hacks, which affected more than 620 organizations and over 60 million individuals alone, should be warning enough for cybersecurity leaders everywhere. While building cybersecurity defenses across vast supply chain networks can be challenging, organizations must challenge themselves to further enhance their security, assess the security posture of their partners and vendors, and consistently monitor for abnormal activities within the supply chain to build additional lines of defence.
Michael Mestrovich, CISO, Rubrik:
Gaining access to any enterprise via valid credentials remains the preferred method of access for cyber actors. As generative AI matures over the next year and beyond, social engineering attacks fueled by generative AI will become easier to perpetrate, will increase in scale, and will be increasingly realistic. No amount of training will be able to prevent some of these tactics, so we will surely see an increase in cyberattacks. Therefore, over the next year we’ll see how many organizations have built their defense strategy around a cyber resilience mindset, e.g. micro-segmentation, passwordless authentication, phish-resistant MFA, moving from privilege escalation to separate privileged user accounts, and when it all fails, having immutable data backups.
Alexander Garcia-Tobar, CEO and co-founder, Valimail:
In 2024, there will be an acceleration in disinformation, exacerbated by ongoing global conflicts and the growing availability of AI tools that will create and/or spread false narratives more rapidly and convincingly. This trend will be viewed against a backdrop of declining public trust in institutions, a phenomenon intensified by the U.S. election year. With email being the primary communication tool used, validating sender authentication will become increasingly more important.
Don Boxley, CEO and co-founder, DH2i:
The cybersecurity landscape is rapidly evolving, with more sophisticated and frequent attacks. In response, the adoption of advanced network technologies like software-defined perimeter (SDP) and zero trust network access (ZTNA) will become critical in 2024. These technologies offer a more dynamic and adaptive approach to network security compared to traditional VPNs. SDP provides a way to create secure, context-aware connections between users and network resources, effectively reducing the attack surface. ZTNA, on the other hand, operates on the principle of “never trust, always verify,” ensuring that access to network resources is strictly controlled and monitored. These technologies will be especially important for protecting multi-cloud environments and remote work infrastructures.
John Baird, Co-Founder and CEO of Vouched:
In 2024, the trajectory of Identity Verification (IDV) and cybersecurity is set to leverage advanced technological capabilities – innovations akin to sophisticated identity authentication methods and AI-powered anomaly detection will reshape the landscape, minimizing fraud risks significantly. These advancements will integrate cutting-edge authentication, ensuring robust verification processes that proactively identify and prevent fraudulent activities. The seamless incorporation of these technological advancements into IDV strategies will fortify digital identities against emerging threats, setting new standards for security and trust across industries.
Etay Maor, senior director of security strategy, Cato Networks:
No, the end user is not stupid and it won’t be their fault – there is a tendency to blame the user and couple it with “humans are the weakest link,” but humans are not going anywhere so let’s focus on more productive approaches. Cyber security responsibility is moving upwards, to the CISO, CIO, and board, not downward towards the employees and practitioners. But it is on us (managers, security operation teams, and yes – vendors) to create security tools and processes that will be easier to manage. We are going to see organizations move to products and services that, while being more robust and advanced, offer simpler management with much less overhead of false positives, integration projects, and constant updates.
Shay Levi, CTO and co-founder, Noname Security:
In 2023, AI began transforming cybersecurity, playing pivotal roles both on the offensive and defensive security fronts. Traditionally, identifying and exploiting complex, one-off API vulnerabilities required human intervention. AI is now changing this landscape, automating the process, enabling cost-effective, large-scale attacks. In 2024, I predict a notable increase in the sophistication and scalability of attacks. We will witness a pivotal shift as AI becomes a powerful tool for both malicious actors and defenders, redefining the dynamics of digital security.
Richard Vibert, CEO Metomic:
In the world of SaaS, there are billions of sensitive data points in rest and in motion at any one time. Data security posture management tools can’t protect that data on a datapoint-by-datapoint level – there will be far too much noise. These tools will evolve from addressing individual data points to identifying higher-level risk patterns, e.g. there’s a script running in Slack that keeps posting email addresses of people subscribing to a newsletter. This shift will empower security teams to make more impactful changes by prioritizing risks with substantial financial implications.
JP Perez-Etchegoyen, CTO, Onapsis:
The surging investments in AI will trigger a momentous shift in AI security, reshaping the landscape of technological safeguarding. In 2024, as the investment in AI continues to surge, a pivotal shift will unfold in the realm of AI security. With AI models, particularly large language models and generative AI, being integrated into every facet of the software chain across diverse industries, the demand for safeguarding these technologies against evolving threats like prompt injection and other malicious attacks will reach unprecedented levels. Despite the relative novelty of these advancements, the imperative for stringent security measures will gain traction, marking a watershed moment in the journey of AI technology. As we continue to grapple with the uncharted territory of immense data and new challenges, we will witness a concerted effort to fortify the boundaries and ensure the responsible growth of this transformative technology.
Daniel Trauner, senior director, security at Axonius:
In 2024 it will continue to be imperative for professionals to understand the security implications of applying technology to new areas or expanding its existing use. Organizations that neglect to understand their total attack surface and gaps in defenses will have the highest risk of attack in the new year. Keeping a system’s attack surface small is one of the best ways to reduce the potential for new vulnerabilities. While companies that can’t quickly deploy updated patches may be at a disadvantage, security leaders must be prepared to start contextualizing vulnerability issues within their organizations rather than spinning their wheels to patch every single vulnerability that crosses their security landscape. As CVEs continue to be recognized at a rapid pace, organizations must regularly assess their business goals to determine what security issues must be prioritized and how. This method will result in greater risk reduction overall in 2024.
Ilia Kolochenko, chief architect at ImmuniWeb:
While numerous reports predict a surge of the malicious use of generative AI by cybercriminals in 2024, it will probably be less significant than most of the alarmistic predictions. First, sophisticated cybercrime actors don’t really need GenAI to write malware or phishing emails, they already have advanced skills and experience that will easily outperform any AI-powered chatbots. Some simple tasks may be automated by GenAI, however, it will unlikely cause a tectonic shift in their well-established cybercrime business. Second, inexperienced cybercriminals and newbies may ask a chatbot to create a simple exploit, payload or even primitive malware, however, they will still need an abuse-proof infrastructure to host and operate it, money-laundering mechanisms, and many other instruments that no GenAI can build for them. Most likely they will end up detected, arrested, and imprisoned. More harm will come from imprudent cybersecurity professionals who will try to automate code and config writing with GenAI, eventually producing suboptimal code quality. With Infrastructure-as-a-Code (IaC) in a multi-cloud environment, a single error in code may cost millions.
John Holmes chief legal officer and Brice Cagle, data protection officer, Forcepoint:
As AI becomes more embedded in our industries, the safe and measured adoption of it will become a critical factor in its long-term success and for companies to potentially benefit. And because we can’t put this genie back in the bottle at this point, the goal of incorporating AI should be focused on preventing the improper introduction of sensitive information to the great unknown of public generative AI. Organizations using AI should know exactly which applications employees use and what data they are interacting with to prevent AI from undermining the proprietary rights of a company’s content. And, by extension, to preserve sensitive information like PII.
Joey Stanford, VP of data privacy & compliance at Platform.sh:
We’ll see AI becoming increasingly popular in cybersecurity attacks next year because AI never sleeps – you just turn it on, it runs and learns. This is one reason why AI will find vulnerabilities and new exploits very quickly. In addition, the use of AI to create phishing emails, virtually indistinguishable from a real sender, will leave companies struggling to prevent breaches by spear phishing attacks in 2024. Realistic, fake voicemails and videos will just add to the chaos. While governments are taking steps to regulate AI, no regulation will ever be able to contain it entirely, because laws always embody cultural norms. What’s permissible in China may not be in the EU or the U.S..
The post Predictions 2024 from cybersecurity vendors, Part 1 first appeared on IT World Canada.