Timothy Liu is the CTO and co-founder of Hillstone Networks.
As we turn the page on another year, it’s a great time to look at what we’re likely to see in cybersecurity in 2024. From a big picture perspective, a lot will stay the same: ransomware and data leaks will remain the key elements. concerns – but new technologies and threat vectors will ensure that security programs continue to be of critical importance. Here’s a quick recap of what we’re looking at, in no particular order:
The impact of AI
Last year, the use of artificial intelligence (AI) by consumers and businesses exploded, spurred by the release of ChatGPT late 2022. AI is actually a fairly old technology; it has been used across many industries, including by cybersecurity vendors, for a decade or more. New availability to end users through ChatGPT, Bing, Bard and others can be invaluable tools for sparking creativity, propelling productivity and improving workflows overall.
AI remains a field in disarray, even though regulation is in progress. At the same time, there are many threat vectors of concern in the AI space. For example, data must feed the AI model, and that data simply becomes a new target for hacktivists and other actors, while potentially providing new entry points into your network.
Phishing and other social engineering exploits are another area to watch out for. In the past, phishing scams were fairly easy to identify due to spelling mistakes, poor grammar, and stilted language. Now, with AI, these tactics have become more careful, precise and targeted. For example, imagine receiving an AI-generated deepfake voicemail from your “CEO” requesting confidential information. How would you react?
And finally, consider that some AI bots can even be used to create malicious code for deployment by hackers. Essentially, the new freely available chatbots have democratized AI for good, but also for evil. It remains to be seen how this will all play out.
The Persistent Risks of Cloud Security
Another trend we’re seeing is that cloud adoption continues unabated, driven in part by enterprise AI efforts. AI is extremely CPU intensive and the cloud makes it much easier to mobilize the necessary resources. However, while many organizations have made progress in securing their cloud resources, there are some caveats.
In general, the shared responsibility model Cloud security and compliance are not well understood, particularly at the executive and board level. Cloud instances managed by shadow IT groups (i.e. non-IT staff) may not adequately address security concerns, and even experienced IT teams may not have considered all attack surfaces that the cloud presents.
A rapidly expanding attack surface
We’ve long talked about the proliferation of edge devices, starting with SSL VPNs and BYOD (bring your own device). But recently, there has been an acceleration in the emergence of new endpoints such as IoT (Internet of Things) devices, 5G-connected remote facilities and workers, and even interfaced electric vehicles (EVs). network.
All of this is leading to an evolving cybersecurity threat landscape, with a new target-rich environment for hackers. Of course, we still need to protect existing infrastructure, but these defenses must now extend well beyond the traditional network edge to cover new attack surfaces and entry points.
The human factor
Despite all the concerns about AI, cloud and endpoints, we cannot forget that people (employees, contractors and others with network access) remain one of the most common attack vectors. currents. THE largest breach of US military systems occurred when someone inserted an infected USB drive into a single computer. More recently, MGM Resorts was hit by a crippling attack that allegedly began via a convincing but spoofed phone call (aka vishing).
That’s why it’s so important to focus on the basics first: staying up to date with patches and providing training to staff and management. In other words, cybersecurity is not just about technology; It’s a people problem. And by systematically focusing on people, policies, procedures and practices, cyberattacks can be avoided.
Transforming digital trust and security
Increasingly, businesses are relying on digital transactions at all levels; thus, build digital trust has become vital. If the trust of customers and others is damaged by a cyber incident or other disruption, regaining it may be difficult or impossible. Cybersecurity strategies and technologies contribute to digital trust, and while the aforementioned basics are essential, many organizations look well beyond them to a more holistic security posture.
Security operations, or SecOps, is starting to receive much more attention as a means to move from a pre-breach to a post-breach posture, from simple attack detection to aggressive response and mitigation. As a result, there has been an increasing emphasis on tools such as SIEM (security information and event management) and XDR (extended detection and response), the latter of which aggregates data from other security devices, then normalizes, correlates and analyzes it to discover potential threats. Other major trends in this area include SASE (Secure Access Service Edge – pronounced “sassy”) and ESSthe forefront of security service.
While security transformation and a holistic security posture are the holy grail, we are really only at the beginning. Too often, security solutions are deployed in a siled architecture, with little or no communication with other security devices. Ultimately, visibility across the entire digital domain will be necessary to respond quickly and accurately to threats and attacks.
That said, technology is now evolving so quickly that something may appear that we didn’t even anticipate. Stay alert and stay safe.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Am I eligible?
