“The broad availability of generative AI models, and their relative ease-of-use, will have far reaching effects given that the US is currently in an election year. Disinformation at scale, with quality content (faked audio and video of candidates, mass produced fiction masquerading as news etc) will become easier than ever. The inability to trust our senses could lead to distrust and paranoia, further breaking down social and political relations between people.”
Dr Sohrob Kazerounian, distinguished AI Researcher, Vectra AI
“I think AI will be able to be used in a multitude of ways to detect and mitigate threats; some that we haven’t even conceived yet as it’s still early days. A product that verifies whether any page is ‘human’ or ‘AI’ will be immensely powerful. Without this, the internet may become a bit like the Wild West.”
Tom McVey, senior solutions architect, Menlo Security
“We can expect cybercriminals to harness generative AI to create more realistic and sophisticated deep fakes. This will give them a better chance of tricking users into giving up sensitive data or clicking on something malicious through more convincing audio or visual phishing lures.”
Christian Borst, EMEA CTO, Vectra AI
“With several key political decisions to be made in 2024, we may also see state-sponsored attacks that aim to disrupt upcoming elections and seed misinformation, creating havoc in the general population. This increase in activity will have multiple knock-down effects on companies, governments and individuals across the world.”
Simon Hodgkinson, former BP CISO and strategic adviser, Semperis
“It’s nearly certain that malicious nation-state cyber attacks will continue to rise. Countries – primarily Russia, China, North Korea, and Iran – are deploying destructive malware, and more sophisticated attacks are expected which poses major threats to the supply chain.
“It’s positive to see regulatory efforts such as the Digital Operational Resilience Act (DORA) – which will come into effect in January 2025 – and points to more countries introducing and collaborating on like-minded efforts.”
Dave Spencer, director of technical product management, Immersive Labs
“Major elections taking place across the world as well as the continued conflict in Ukraine and Israel will drive increased cyberattacks from state-sponsored groups. Advanced persistent threat groups linked to foreign governments will expand their targets beyond large organisations in critical infrastructure or sensitive industries. Smaller businesses in the supply chain or partner ecosystem will increasingly be attacked as vectors to the true targets.
“Collaboration, management, and cloud tools used by smaller suppliers will be attractive targets for nation state actors. These tools hold sensitive data and access that could provide an easy pathway for lateral movement towards a larger primary target.”
Aaron Kiemele, CISO at Jamf
“Wars have historically played out on land, sea, and air, but the digital domain is fast emerging as the latest battleground. As we approach 2024 major geopolitical confrontations will increasingly involve cyber elements, elevating cybersecurity to a top priority for countries globally. Just as peace treaties are negotiated for conventional wars, 2024 may see proposals for “Cyber Peace Agreements” between nations.”
James Christiansen, VP, CSO, Cloud Security Transformation, Netskope
“Unfortunately, there will be no stopping the continued growth in Distributed Denial of Service [DDoS] attacks and the increasing sophistication of these attacks. DDoS attacks will become multi-vector, meaning concurrent attacks on the same target using multiple different protocols, which increases the effectiveness of the attacks and complicates the ability to identify and mitigate them.”
Dan Teichman, director, Solutions Marketing, Ribbon Communications
“DDoS attacks are back with a vengeance and 2024 is primed to be another record-breaking year for attacks against the financial services sector. Financial Services are a high-value target, with attacks costing on average 50% more than for all other industries combined. The financial services industry is entering 2024 with a large target on its back for cyber criminals armed with the next generation of dangerous tools.”
Akamai’s director of Security Technology and Strategy, Richard Meeus
“Threat Actors will mix and match digital Identities to cause high-profile breaches following last year’s surge in credential harvesting attacks – like the Citrix NetScaler flaw and September’s casino cyberattacks. Cybercriminal groups are now sitting on millions of potential logins. In 2024, we’ll see stolen credentials used to compromise digital identities and breach enterprises more successfully than ever before.”
Christian Borst, EMEA CTO, Vectra AI
“We expect to see an increase in medical device hacks that will enable cybercriminals to target devices to steal patient data, disrupt healthcare operations, or even harm patients. We’ll also see threat actors targeting telehealth platforms – which are becoming increasingly popular, and cybercriminals are taking notice.
Spencer Starkey, VP EMEA, Sonic Wall
“In 2024, we may see some particularly aggressive ransomware attacks on government entities. With the recent pledge by dozens of countries to stop paying ransoms, attackers will aim to test governments’ resolve and break their commitment. Public sector organisations should brace for more attacks targeting critical systems and if not addressed, potential mass disruption of services.”
Dr Jason Nurse, CybSafe’s director of Science and research & associate professor, University of Kent
“Incoming cybersecurity regulations will force businesses to be more transparent about their breaches and attacks. Forthcoming legislation such as the EU’s NIS2 Directive and the Cyber Resilience Act will impose more stringent standards for cyber protection and establish clear reporting timelines in the event of a breach.”
Spencer Starkey, VP EMEA, Sonic Wall
“Next year, the EU will be forced to amend the Cyber Resilience Act, as it’s unworkable in its current form. The Act’s wording around liability for data breaches and open source is worrying. There must be more clarity in the Act’s language around liability, or people writing open source code in the EU could stop contributing.”
Matt Barker, global head of Cloud Native Services, Venafi
“The new SEC regulation will lead to organisations having stronger compliance requirements that protect their investors and customers.
“The new regulation requires a very rapid reporting time. Four business days is an incredibly brief time in these circumstances and, under the pressure of that tight deadline, executives will make mistakes.
“The regulations add another way for attackers to put pressure on organisations. Attackers pull on every lever they can when extorting companies to try and pressure them into paying. The looming threat of SEC action simply adds another pressure point, which adds to the complexity of the situation executives find themselves in when their organisation is under attack.”
Ram Elboim, CEO, Sygnia
“We will see shareholders start to sue companies for not disclosing material security incidents in the manner required under the SEC rules. Why does under-reporting happen in the first place? Because companies define ‘material incidents’ from their own perspective, but shareholders don’t care about nuanced definitions of ‘material’ – they care about what’s important to them in selecting investments. Materiality should be defined from the position of the investor NOT the company.”
Shamla Naidoo, head of Cloud Strategy & Innovation, Netskope.
“Phishing attacks will remain a big problem. Increasing the risk of phishing scams is the use of AI. ChatGPT could be used to write phishing emails without typos, given its real-time intelligent responses in many scenarios.
“Typos in traditional phishing emails is one of the key indicators of spam but ChatGPT could suddenly clean up this aspect for the scammers. Generative AI can also be used to create keyloggers and there are even examples already of ChatGPT being asked to write malware. It could also be used in various scam situations where people are fooled into thinking they are communicating with a real-world authentic person.”
Kevin Curran, IEEE senior member and professor of cybersecurity, Ulster University
“2024 will certainly bring about questions about the unethical uses of AI, with a trend dubbed ‘FraudGPT’ becoming a worrying occurrence. By removing or jailbreaking anti-abuse restrictions on these technologies, cyber criminals can use generative AI to operate at greater speed and scale. “IBM estimates that gen AI tools can reduce the time needed to create phishing emails from around 16 hours to just five minutes. With generative AI removing previously typical hallmarks of phishing emails, such as bad grammar and spelling mistakes, humans will have to be more vigilant than ever before.”
Paul Cragg, CTO, NormCyber
“Many organisations don’t know where their APIs are deployed or what data they’re accessing. This exposes them to risk in magnitudes that they cannot comprehend, or even begin to quantify. In 2024, as pressure to mitigate API-related security incidents continues to grow, security leaders will look for, and invest in, solutions that integrate seamlessly into their existing application security technology stack.”
Lebin Cheng, head of API Security, Imperva
“Regulatory focus will shift towards managing APIs. While asset management, especially in the banking sector, has traditionally been under scrutiny by regulators, APIs are emerging as a distinct category of assets that require management and oversight. Consequently, API inventory discovery and lifecycle management are emerging as focal points for banking regulators, reflecting the evolving technological landscape and the critical role of APIs in modern financial systems.”
Karl Mattson, Field CISO, Noname Security
“We should be concerned about how our internal teams use AI this year — specifically those in application security and software development. While it can be a powerful tool for certain teams like offensive and defensive teams and SOC analysts to enhance and breakdown information, without proper parameters and rules in place regarding AI usage by organisations, it can potentially lead to unexpected risks for CISOs and business executives and leave holes in their cyber resilience to leave the door open for exploitation.”
Kev Breen, director of Cyber Threat Research, Immersive Labs
“Businesses are finally starting to understand that cyber isn’t a topic for the IT department, but an enterprise risk. Earlier this year, Uber’s former chief security officer was sentenced for his role in covering up a data breach.
“Such headlines drive home an important message: Organisations are waking up to the fact that security and operational resilience need to be owned by the boardroom.
“Incoming regulations such as NIS2 as well as the general rise in cyber awareness reinforce this. Operational technology is one area that’s particularly difficult to protect and organisations will need to put mitigating controls in place to counter the risks.”
Simon Hodgkinson, former BP CISO & strategic adviser to Semperis
“It’s no secret the SolarWinds saga has sparked heated discussion among CISOs, with many deeply concerned about personal liability. Some CISOs believe that they and their peers may walk away altogether or shorten their already brief average tenures.
“If these security professionals don’t immediately get C-Suite support in resolving security flaws, is it worth them staying in their role and potentially being held liable for issues leadership isn’t prepared to fix? It may well be too much of a risk for some CISOs.”
Dr Jason Nurse, director of Science & Research, Cybsafe & Associate Professor, University of Kent
“In the coming year, expect to see an increasing number of CISO roles moving from “technical/tactical” towards being board whisperers, cross-functional influencers, and drivers of cultural transformation. The people with these new powers are the right leaders to drive the Digital Trust agenda which is becoming essential to organisational strategies.”
Ilona Simpson, CIO EMEA, Netskope
“In the year ahead, we are expecting more industrial, and manufacturing cyberattacks – particularly as these entities continue to digitize their legacy infrastructure to make room for technology advancements (such as AI and 5/6G) and production enhancements, but are slower to fund, update and fully deploy the required security measures and controls.”
Tom Solell, VP of EMEA, Sygnia
“Particularly in areas such as energy and manufacturing we can expect to see a rise of self-contained OT devices, like wind turbines or manufacturing robots, as well as smart gateways to control multiple devices.
“Importantly, these devices will increasingly run on standardised operating systems, presenting opportunities for huge gains when it comes to cybersecurity management. Traditional security models, such as the Purdue Enterprise Reference Architecture, will no longer be sufficient, and we will see rapid adoption of modern strategies like Zero Trust to boost resilience and protect against AI-enabled cyber threats.”
Trevor Dearing, director of Critical Infrastructure, Illumio
Subscribe to our Editor's weekly newsletter
Newsletter
Share
