Virtualization Technology News and Information
Article
RSS
Delinea 2024 Predictions: Cyber in 2024 - AI, Cyber Insurance, Passwordless and Beyond

vmblog-predictions-2024 

Industry executives and experts share their predictions for 2024.  Read them in this 16th annual VMblog.com series exclusive.

Cyber in 2024: AI, Cyber Insurance, Passwordless and Beyond

By Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea

As we prepare to close the curtain on another year, it's time to reflect on the significant developments within cybersecurity over the past 12 months. While 2023 marked continuous escalation of cyber threats, it also brought waves of innovation and improvements in cybersecurity technology.  

Existing threats like ransomware continued, causing chaos and widespread damage across the digital landscape. Many governments did step up throughout the year with efforts to crack down on ransomware gangs, even leading to some arrests and prosecutions. Unfortunately, however, some governments continue to provide safe havens for cybercriminals to operate beyond the reach of authorities and ransomware gangs have upped their attack efforts to focus on countries with less cyber capabilities and fewer laws around ransomware payments. 

This year, cloud computing also continued to shape the modern business landscape, with organizations increasingly relying on cloud services and infrastructure. As a result, we witnessed an uptick in cloud-based cyberattacks targeting misconfigured cloud resources. API attacks also proliferated, as the technology becomes the backbone of modern applications. In 2023, there was a surge in API-related security breaches, with attackers exploiting vulnerabilities in API endpoints to gain unauthorized access to data and systems.

Throughout 2023, the cybersecurity community was also alarmed by the increasing threats to critical infrastructure, including power grids, water treatment plants, and transportation systems. Ransomware attacks on these systems and their suppliers underscore the importance of securing privileged access to critical infrastructure assets.

This year, more organizations than ever also started implementing passwordless authentication as a way to enhance security and improve the user experience. The more we move passwords into the background and the less humans need to interact with them, the better and safer our digital world will become.  Most significantly, in 2023, Google announced that they would be making passkeys the default sign-in option across Google accounts, so users are no longer required to remember or choose passwords. A massive step in improving security in the authentication process.    

As we look ahead to 2024, it's clear that cybersecurity will remain a top priority for organizations and governments worldwide. But what are some of the things that businesses should prepare for? Well, here are some trends organizations should expect to see emerge in the new year.

AI-Driven Attacks and Defenses

Cybercriminals will increasingly use artificial intelligence (AI) to automate and enhance their attacks. In response, cybersecurity defenses will rely more on AI and machine learning for threat detection and automated incident response, creating a continuous battle of algorithms.

Increased Demand for Cyber Insurance

The demand for cyber insurance will surge as organizations recognize the financial risks associated with cyberattacks. Insurance providers will also continue to refine their offerings and assess premiums based on cybersecurity maturity. Our recent cyber insurance survey at Delinea found that there is an increasing list of exclusions that could make cyber insurance coverage void, including lack of security protocols in place (43%), human error (38%), acts of war (33%), and not following proper compliance procedures (33%). Even if organizations are able to get or renew cyber insurance policies they can afford, their claim may get denied or reduced because of the fine print - a trend expected to continue in 2024.

Geopolitical Tensions in Cyberspace

Geopolitical tensions will continue to spill over into cyberspace, leading to nation-state-sponsored cyber espionage and disruptive attacks. Cybersecurity professionals will need to monitor and respond to evolving geopolitical threats.

AI Compliance Accelerate

In 2024, the landscape of cybersecurity compliance is expected to evolve significantly, driven by emerging technologies, evolving threat landscapes, and changing regulatory frameworks. Privacy regulations like the GDPR and CCPA have set the stage for stricter data protection requirements. We can expect more regions and countries to adopt similar regulations, expanding the scope of compliance requirements for organizations that handle personal data. 

Artificial intelligence and machine learning will play a more prominent role in cybersecurity compliance. These technologies will be used to automate threat detection, analyze vast datasets for compliance violations, and provide real-time insights, making it easier for organizations to stay compliant. 

Passkeys Pave the Way for Passwordless Authentication

Multi-Factor Authentication (MFA) will become a standard requirement for most online services and applications. Traditional methods like SMS-based MFA will decline in favor of more secure options, such as time-based one-time passwords (TOTP) generated by authenticator apps. The move toward passwordless authentication will continue, reducing reliance on traditional passwords. Methods like passkeys, biometrics, hardware tokens, or public-key cryptography will replace or supplement passwords for access to accounts and systems.

##

ABOUT THE AUTHOR

Joseph Carson

Joseph Carson 

Joseph Carson is a cybersecurity professional with more than 25 years' experience in enterprise security and infrastructure. Currently, Carson is the Chief Security Scientist & Advisory CISO at Delinea. He is an active member of the cybersecurity community and a Certified Information Systems Security Professional (CISSP). Carson is also a cybersecurity adviser to several governments, critical infrastructure organizations, and financial and transportation industries, and speaks at conferences globally.

Published Monday, November 13, 2023 7:30 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2023>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789