The world of cybersecurity is constantly changing, and at what seems to be an increasing pace. As we look ahead in 2024, we’ve been exploring the trends, both on the side of the attacks and breaches we can expect, and also how we respond to those threats, with the leading security and risk management approaches shaping the landscape.

Across those trends, there are two overarching influences – the human factor and the machine-led. Which is going to have the most influence on cybersecurity over the coming year? Here’s what some of our leading technical experts at Red Education have to say.

Bigger, more frequent and more expensive attacks

Research indicates that cyber-attacks are getting bigger, more frequent and more expensive. It certainly feels that way, with hardly a day going by without another high-profile attack making the headlines, and that’s just those we know about.  According to Web Arx Security, 30,000 websites are hacked every day across the world and the University of Maryland found that there is a new attack somewhere on the web every 39 seconds. Cybint Solutions research shows that 64% of companies worldwide have experienced at least one form of cyber attack in the past year. The average cost of a data breach in 2022 was over $3.80 million according to IBM, and Check Point’s 2023 research showed that global cyberattacks increased by 38% in 2022, compared to 2021 and CPO Magazine reports that the cost of global cybercrime is expected to increase 15% over the next five years, reaching $10.5 trillion per year by 2025.

“We have been seeing this trend for quite a while,” said Rodolfo Nutzman, Senior Instructor with cybersecurity training experts, Red Education.

“Over the last years, the skill requirements to perpetrate cyber attacks and electronic fraud have drastically lowered. This highly lucrative crime is well-organized it is increasingly easy for the scammer to operate.

There is considerable R&D put into techniques and technologies that help gather, analyze, treat, and present data related to cyber-attacks and security breaches.

With so many important breaches over the past years, there is a growing amount of sensitive and personal information available to criminals.

This information is used for targeted and highly believable scams, making it extremely difficult for the victim to detect the scam.”

AI and automation

Love it or hate it, AI is having a huge impact on all aspects of society, and cybercrime is no exception.

“The use of AI technologies like generative AI and Machine Learning help software engineers develop and deliver applications more efficiently,” said Jerry Soloman, Senior Technical Instructor, Red Education. “They accelerate the software development process, leading to increased innovation and productivity. These same technologies provide the same benefits to bad actors, also helping them to develop, deliver and deploy ever more complex and targeted malware.

The Cyber-Resilient CEO 2023 report by Accenture suggested that generative AI holds the potential to introduce a greater level of advanced security threats, with new challenges that even best-practice cybersecurity may not fully address. Nearly two-thirds (64%) of CEOs surveyed said that cybercriminals could use generative AI to create sophisticated and hard-to-detect cyberattacks, such as phishing scams, social engineering attacks and automated hacks.

ChatGPT is already being used to create malware that allows hackers to impersonate others or create phishing emails that are indistinguishable from actual communications from a specific business or organization.

But there is another side to the story, as Jerry Solomon points out.

‘To successfully defend against these attacks in real-time, automated threat defence implementations must also leverage AI and ML,’ he said.

Rodolfo Nutzman agrees, pointing to AI coming to the rescue. as well as going on the attack.

“Threat actors will employ AI systems increasingly specialized in planning, orchestrating, controlling, project managing and running an attack,” he said.

“So our defence mechanisms must also leverage AI models and train them to analyze, recognize, rank and score indicators of attacks or compromise.”

There is a growing need for collaboration and information sharing in the defence field, according to Nutzman.

“Data consolidation from multiple sources will prove to be the biggest asset against the adversary.  Security-driven coalitions have the power to greatly improve the protection game and should become more common in 2024 and in the years to come.”

Automation will be another critical factor in our defence, says Nutzman, as the “standards-based approach” will continue to evolve to reduce complexity and produce reliable, fast, and predictable results.

“More and more vendors are implementing ZTP – Zero-Touch Provisioning in their devices, making it easier than ever to integrate new devices into an infrastructure,” he said. Most importantly, this will help maintain security policy consistency with consolidated configuration and events management.

Hybrid deployments with cloud-based controllers consolidating on-prem gear and cloud instances will see great improvements and could possibly evolve to the next level by employing AI for network traffic analysis and events correlation.”

The Human Factor

While the influence of AI and automation are increasing, let’s not forget the human factor. According to a study by IBM, 95% of cyber security breaches result from human error. With the increase in the number, cost and scope of cyber threats, comes a growing need for security and awareness training at diverse roles, levels, and responsibilities within all organisations.

Rodolfo Nutzman agrees that we need to keep our focus on people. “At the individual, organizational, and government levels, people need to be taught, trained, and reminded to remain vigilant, spot anomalies, follow procedures, develop a security-oriented mindset,” he says. “We need to include security into business strategy, and ultimately contribute to improving the overall security levels.”

Zero trust and beyond

Is a change of mindset needed? We hear a lot about Zero Trust, which simply means assuming that everything and everyone is a threat, ensuring that corporate network traffic is logged and analyzed and employee access must be verified. Demand for zero-trust products and support has grown with the market expected to hit $51.6 billion by 2026 — a substantial jump from just $19.6 million in 2020, according to CPO Magazine.

This is not enough, says Rodolfo Nutzman, who believes we need to go beyond Zero Trust in 2024 and beyond.

“Today, communications legitimately sent by the correct sender cannot be trusted – an attacker could have gained control over the account.

Sensitive private information is used to convey trust and render highly sophisticated phishing campaigns highly effective.

There needs to be continuous scrutiny, examination and validation, employing multiple checking points and techniques. Data analytics are becoming vital, and there is an urgent need to plan and implement efficient telemetry streaming strategies, contributing and consuming consolidated security intelligence.”

Compliance, Trust and Education

Questions of trust, education and compliance, are all bound up together, according to Nutzman.

“Customers trust merchants to take care of their information. Companies expect certain security and process maturity from their partners.

Industry and regulating body certifications are all important ways in which companies show their customers they are committed to the best practices. In many cases, certifications are mandatory for companies to be able to conduct business in a particular field.

Leading certification examples include NIST, ISO 27001, PCI & HIPPA in the USA, GDPR in the EU, CISSP, and vendor certifications such as those from Palo Alto Networks, Fortinet, Check Point, F5, ForgeRock, and other leading vendors in their fields within the vast span of cyber security disciplines.

Cybersecurity is not the core of most organizations’ business. With the rise and simplification of cloud-based management for network infrastructure, application delivery, and cyber security systems, it becomes imperative to count on professional help from an experienced solutions architect or systems engineer to design their systems and the professional skills development training, so the staff adequately uses the innovation and provides effective support.”

 

Education and insurance

Cyber attacks are expensive. In their What’s New in Cyber, report, Palo Alto Networks found that the average cost associated with recovering from a breach was $2.4M USD (Source: What’s New in Cyber, Palo Alto Networks, 2022). IBM was more pessimistic in its Cost of a Data Breach Report, estimating that the cost of a data breach averaged USD 4.35 million.

In 2024 we can expect to see businesses and organizations investing more in cyber insurance. While the best first line of defense against an attack is a trained team of cybersecurity specialists, cyber insurance is becoming ever more relevant and necessary.

Insurance could make the difference for business continuity in the face of disaster.

“It could also be required as a means of protecting end customers’ values or assets, said Rodolfo Nutzman. “Cyber insurance contracts include detailed and often very technical clauses that need to be fully met. Organizations not fully meeting the clauses might be denied the insurance claim when the worst happens.

It becomes of paramount importance to ensure that professionals at all levels are continuously educated about security best practices.”

 

Blurring the lines

Zeki Turedi, CTO Europe at CrowdStrike, predicts that 2024 will see new opportunities to enhance organisational resilience by converging enterprise IT and security teams.

“Traditionally operating in separate silos, these teams are finding their objectives and daily operations increasingly intertwined. This shift is driven not only by the rapid advancement of technology but also by the evolving landscape of security risks that directly impact IT infrastructure.

“This convergence is particularly timely and necessary as singular threats now simultaneously target both infrastructure and security, demanding a unified response,” said Turedi.

Empathy

In the coming year, as we continue to navigate the realm of cybersecurity with its intricate web of interconnected systems, protocols, and devices, there exists a critical yet often overlooked element: empathy,” says Red Education Senior Instructor, Tsung Chung.

“At its core, empathy denotes the ability to understand and share the feelings of others, stepping into their shoes to comprehend their perspectives and emotions. The human factor remains both the greatest strength and the weakest link in the cybersecurity chain. Despite the proliferation of sophisticated tools, human error and behaviour remain significant contributors to cyber vulnerabilities. This is where empathy emerges as a pivotal ingredient in the pursuit of robust digital security.

Empathy prompts cybersecurity professionals to adopt a human-centric approach, recognizing that end-users, employees, and even adversaries are individuals with distinct motivations, challenges, and vulnerabilities. By understanding the user’s behaviour, motivations, and limitations, security measures can be tailored effectively.

Much more can be said about the specifics of how empathy plays an ever-growing and important role in cybersecurity. An essential starting point is the realisation that it is sorely needed,” said Tsung Chung.

Into 2024: Man vs machine?

As we navigate our way through the cybersecurity landscape of 2024, there is little doubt that AI and automation will be a powerful force in increasing the number and scale of threats on our organisations and infrastructure. According to our experts, however, our best defence will be to take a human approach with a focus on our people and their outlook and education, moving beyond zero trust, rethinking organisational silos and understanding the importance of empathy in the future of cybersecurity.