The new year always brings a panoply of possibilities and promises. No one knows the future, so it becomes a blank canvas upon which we can all project our aspirations and whims. However, the future can also be full of peril and danger, especially in the world of cybersecurity. Promise and peril always lurk, and change is the only constant. The year 2024 will be no different. Challenges that we can’t imagine today may emerge in the new year.
I’ve talked to dozens of cybersecurity experts and combed through trade journals to come up with some of the top trends of 2024.
Top cybersecurity trends to expect this year
- The continued rise of AI and machine learning: AI and ML are rapidly transforming cybersecurity, enabling more innovative threat detection, automated incident response, and predictive analysis. On the other hand, AI has enabled cybercriminals with better and cheaper tools, providing bad actors the ability to evade detection. Look for AI to continue to grab headlines in 2024 as it becomes more powerful and widespread.
- Increased focus on IoT security: According to Forbes, by the end of 2024, there will be more than 207 billion devices connected to the worldwide network of tools, toys, gadgets, and appliances that comprise the Internet of Things (IoT). With the explosive growth of IoT, vulnerabilities in these connected systems are becoming prime targets for attackers. Securing these devices, especially in critical infrastructure, will be a top priority. Cybersecurity experts say that manufacturers have skimped on security for too long. Look for increased legislation to force manufacturers to up their game. The threat of looming legislation may cause many to act.
- Mobile malware and phishing: By the end of the year, 85 percent of the USA’s population will possess smartphones, and across the world, the share is growing, totaling a staggering 6.93 billion Androids and Apple iPhones worldwide. The sheer number of these devices and their continuing integration into business and banking will make them increasingly coveted by cybercriminals. Look for the continual rise of advanced malware and sophisticated phishing attacks targeting mobile devices.
- Cloud security concerns: The cloud was the darling of cybersecurity specialists for quite some time, but where the cloud was once seen as impenetrable, now there are storm clouds. While cloud adoption offers many benefits, it also introduces new security challenges. Data breaches and misconfigurations in cloud environments will remain a significant threat, highlighting the need for robust cloud security strategies.
- Zero-trust security will continue its growth: Shifting away from the traditional perimeter-based defense, the zero-trust model focuses on verifying and authorizing every access attempt, regardless of user or location. This approach will become increasingly important to secure complex and hybrid IT environments. There’s plenty of room for growth. According to Packetlabs, only about one percent of organizations currently have a mature program that meets the definition of zero-trust.
- Ransomware evolution: Ransomware is not going anywhere. The attacks will continue to evolve, becoming more targeted and sophisticated. Double extortion tactics, where attackers also leak stolen data, are expected to become more common. Data is currency for cybercriminals; if it has value, hackers will find ways to obtain it. Ransomware soaked in AI-assisted social engineering will continue to wreak havoc. Those emails from trusted brands and even friends could be from hackers doing a better job of making their missives look authentic.
- The growing IT skills gap: Yes, even areas that wouldn’t seem to be cybersecurity issues at first blush, like Labor Department statistics, can be crucial. The demand for skilled cybersecurity professionals continues to outpace the supply, leaving many organizations vulnerable. While AI can bridge some gaps, there is still no substitute for human intelligence, and without a watchful eye on a network, vulnerabilities will continue to be exploited.
- State-sponsored cyber warfare: Cyberattacks as tools of geopolitics are likely to intensify, posing increased risks to critical infrastructure and national security. With wars raging in Ukraine and the Middle East and geopolitical tensions elsewhere, look for bloodless battlefields to increasingly move online.
- Deepfakes and social engineering: As deepfake technology becomes more accessible, expect to see an increase in sophisticated social engineering attacks that leverage convincing audio and video forgeries. We’ve seen startling examples.
- Expect the unexpected: While we can’t tell you what the unexpected is, but usually, every year, there is at least one surprise, a trend, or trouble that comes out of nowhere. The surprise may come from non-cybersecurity-related events which becomes cybersecurity-related in practice. Be prepared and stay vigilant for the unexpected.
These are just some of the top cybersecurity trends to watch for in 2024. By staying informed and proactive, MSPs can be better prepared for the ever-changing cybersecurity landscape, thus better protect customers and themselves from evolving threats.
Photo: hxdbzxy / Shutterstock