Cody Cornell is co-founder and chief strategy officer of Corridoran independent leader in low-code security automation.
In 2023, the digital Wild West has become even wilder. We have attended major events like the cyberattack against MGM Resorts this caused widespread disruption and resulted in an estimated $100 million loss on its third-quarter results. THE Ransomware attack in the city of Oakland took systems offline for weeks and led to a leak of stolen data in the city. We have notably seen the exploitation of a vulnerability in MOVEit which has allowed cybercriminals to impact thousands of organizations.
Apart from various attacks and breaches, many new trends have also impacted the entire industry. Generative AI is likely coming to the forefront of our minds, regardless of industry. From the increasing sophistication of attacks to their use to automate defense tactics, generative AI has strongly shaped conversations in the cybersecurity industry.
The outlook can seem overwhelming given the evolving trends that are putting pressure on today’s CISOs and security leaders. With that in mind, it’s helpful to look back on our experiences to better prepare ourselves for what might happen to us this year. Security leaders must arm themselves to face whatever the year throws at them by adopting the appropriate technologies and strategies for a successful 2024.
What we can expect in 2024
As we move forward this year, here are some cybersecurity predictions to watch.
• Generative AI will face a trough of disillusionment. As the use of generative AI is poised to increase in 2024, organizations may find themselves facing a gap between expectations and reality. To close this gap, they will need to clearly define the desired outcomes and assess whether AI is the optimal tool/enabler to achieve them. This could lead to a period of “trough of disillusionment” in 2024, not signifying the failure of generative AI, but rather highlighting the need for realistic timelines and an understanding of its capabilities.
• Private LLMs will win the debate against public LLMs. Organizations have leveraged public extended language models (LLMs) like OpenAI and Gemini for a variety of tasks, from creating chatbots to analyzing large amounts of security data. However, concerns over data security and limited effectiveness in specific areas, particularly cybersecurity, will lead to a shift towards the reliance on private LLMs. With enhanced data security and domain-specific expertise, organizations will rely on private LLMs to foster trust and transparency.
• AI will power automation to change the future of security operations. AI is the best thing that ever happened to automation. While automation excels at streamlining repetitive tasks, AI decision-making capabilities add a powerful layer of intelligence. This synergy allows AI to not only analyze data, but also translate the insights into actionable automation, meeting a critical need for security teams overwhelmed by alert fatigue. This powerful combination promises to be a catalyst for both innovative security solutions and increased cyber resilience.
• Third-party risk assessments will be completely overhauled. In response to high-profile third-party breaches in 2023, organizations will change their approach to assessing third-party risks. The move marks a departure from the traditional “check the box” verification tool and signifies a more in-depth analysis of a vendor’s overall cybersecurity posture. The assessments will delve into specific aspects of vulnerability management, analyzing how companies have handled high-profile incidents. This shift goes beyond simply evaluating the tools in place and focuses on the processes and procedures that underpin their effectiveness.
• 2024 will be the light at the end of the tunnel for the technology industry. There is a growing sense of optimism about 2024, and we will see a thawing of budgets and an overall improvement in the economy. This, combined with a positive outlook regarding interest rates and the political environment, leads me to believe that the technology industry, and particularly cybersecurity, is poised for a strong year, especially in the second half.
Looking forward
We face many unknowns as we progress through 2024, and the trends we see developing now are just a preview of what could lie ahead. This is a crucial time for organizations to evaluate their current tools and ensure they have adopted the right strategy for their needs, helping to combat attacks they may face or changes unforeseen economic events that may arise.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Am I eligible?