Industry executives and experts share their predictions for 2024. Read them in this 16th annual VMblog.com series exclusive.
Braving the Digital Risk & Email Security Landscape: 7 Predictions for 2024 from an Expert
By Eric
George, Director of Solution
Engineering, Digital Risk & Email Protection, Fortra
The digital future is here, folks. And while most of us in the cybersecurity space embrace the
new technologies that have ushered it in (some of which
we have introduced into the landscape ourselves), it's still important
to remember that with digital transformation always comes some scrambling.
But with the advent of
more cloud-based email security options out there - such as integrated cloud email
security (ICES) solutions - moving from on-premise to a hybrid or purely cloud-based
environment has never been easier (or shall we say, more streamlined. . .)
However, we're not the
only ones to benefit from burgeoning advances in technology - cybercriminals
are too and there are a myriad of surreptitious techniques emerging. Here are 7 that we are
keeping our eye on in 2024:
Social engineering lures continue to diversify
Traditionally, attackers have leveraged email and SMS as
the primary ways to attack enterprise targets and the public at large. As
additional options for data sharing and access arise, attackers are also
presented with less conventional, but effective, options for attack delivery.
We've seen new lure delivery tactics to include scams that leverage QR Codes,
lures that are delivered via search engine and social media ads, and scams that
leverage collaboration tools, such as Slack and Microsoft Teams. To combat
these threats, enterprises will need to combine advanced identity-based
defenses with up-to-date and organizationally specific security awareness training programs, and making them engaging to boot.
Phishing attacks will become more believable and harder to
detect
A combination of generative AI and advanced detection
evasion tactics will combine to make attack lures more believable and harder to
detect. In fact, the recent popularity of technologies, such as Chat GPT, are
not going unnoticed by the criminal underground. By training such models on PII from data leaks that are readily
available on dark marketplaces, attack lures that are much more personal and
enterprise-specific can be created at scale. In addition to being more
believable, detection evasion tactics ensure that the attacks only present
themselves to the intended target and otherwise ‘play dead' for detection
processes. This combined increase in plausibility and deliverability increases
the attacker's ROI, as well as the damages incurred for businesses.
Mobile device targeting increases overall
Mobile devices have become an integral part of our lives
and hold an assortment of valuable information - making them attractive targets
for cybercriminals. In 2024, we can expect an increase in mobile-specific
threats, including malware, vishing attacks, and phishing (or
smishing) attacks targeting mobile users.
Compounding the problem, mobile attacks are more difficult for the security
community to prevent, track, and respond to than traditional attacks. While
many advances have been made in mobile defenses, there is still a large gap in
the protection as compared to traditional attack vectors.
ICES - more than enticing; it's becoming the new normal
The adoption of ICES solutions continue to gain in popularity.
Organizations are migrating to cloud-based email solutions that are more than capable of covering the basics of enterprise email
protection (antivirus, anti-spam, archiving, etc.) While cloud-based email
providers, such as Outlook and Gmail, can often match the level of protection
and capabilities provided by traditional secure email gateways (SEGs),
additional protection is needed to combat advanced attacks, such as business email
compromise, spear phishing attacks and more, many of which leverage brand and
individual impersonation to gain entrance into email architecture. To fill this
gap, organizations will look to cloud-based advanced email solutions that
leverage data science (AI and machine learning) and organizational-specific
intelligence (threat indicators).
Continued adoption of email authentication (DMARC)
Email authentication adoption and development will be
driven by cyber insurance and government and industry regulation. We already
see examples of email authentication being mandated at both the industry (ex.,
necessary for PCI compliance, bank TLDs, etc.) and government (ex.,
DHS mandates) levels. To obtain cyber insurance, DMARC continues to
be included among required cybersecurity controls. A positive byproduct of the
directives, the increase in required adoption has served as the catalyst for technical improvements to the DMARC
framework that may help to motivate voluntary adoption by experts who were
previously opposed.
Threat experts and data scientist UNITE
There's no doubt that data science and machine learning (ML)
will take a greater role in the fight against cybercrime, but an expert data
scientist can only get so far without threat-specific knowledge. Developing an effective machine learning model requires clarity and context on the problem to be solved, selection of
the most effective and applicable algorithms, training on relevant threat data,
and ongoing tuning according to performance on known outcomes. Both threat-specific
and data science expertise applies throughout.
AI and ML - the good, the bad, and in the case of
generative AI, sometimes the ugly
AI and ML will enhance capabilities on both sides of the
cyber landscape - for good and bad. On the defensive side, those protecting the
targets will use advanced data science to recognize the advanced identity
deception attacks that are personalized and capable of evading traditional
detection processes. However, malicious actors will continue to use generative AI to create more believable
and personalized social engineering attacks.
One thing that's clear as we enter
2024 is that cyber attackers continue to innovate by adopting more sophisticated
tactics and employing identity-based deception techniques via dark web
marketplaces and other sketchy avenues-forcing SaaS technology providers like
Fortra to out-innovate them. Luckily, new ICES solutions that have recently come
onto the market, like Fortra's Cloud Email Protection, can supplement on-prem appliances, such as SEGs, as well as
off-the-shelf security packages, like Microsoft 365. So whatever stage
customers are at in their journey to the cloud, Fortra can make migrations more
seamless and their overall email security defenses stronger.
##
ABOUT THE AUTHOR
Eric George is the Director of Solutions Engineering for Fortra’s Digital Risk and Email Protection solutions.
Eric began his career at PhishLabs as an analyst in its Security Operations Center. He then advanced to multiple lead roles and built considerable knowledge while specializing in the detection, analysis, and mitigation of account takeover attacks and other digital risks that target enterprises from multiple industries.
Eric then transitioned to Solutions Engineer, supporting sales and business development efforts before taking on his current role where he leads solution engineering, targeted intel, and technical client support efforts. PhishLabs was acquired by Fortra in October 2021 and since the acquisition, his team has expanded its scope to include Fortra’s Email Protection solutions.
In addition to his work at PhishLabs, Eric has held over 10 industry certifications including CISSP and serves as a Technical Malware Co-Chair for the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG). He is currently completing a Master of Science degree in Information Security and Cyber Leadership.