Industry executives and experts share their predictions for 2024. Read them in this 16th annual VMblog.com series exclusive.
Fortifying Critical Infrastructure Against Evolving Threats – A 2024 Focus
By Roman Arutyunov,
Co-Founder & SVP Product at Xage Security
If cybercrime were treated as a
nation, it would rank as the world's third-largest economy in 2023. With it
projected to cause $8 trillion in global damages by the end of
the year, it would exceed the wealth of entire countries, trailing only behind
the U.S. and China. It's clear there's a pressing need for robust cybersecurity
measures on a global scale, and swift action is needed now. Here is what I
predict will happen in 2024 as cybercrime continues to reach epidemic
proportions.
Addressing Risks Posed by Attacks like
Ransomware-as-a-Service
As we approach the new year, I
predict that the escalation of geopolitical tensions will pose a serious threat
to critical infrastructure. While nation-state threats loom, opportunistic
ransomware groups taking advantage of these situations also pose significant
risks. Ransomware-as-a-service (RaaS) continues to rise, following the same
repeated pattern of credential theft, privilege escalation, and lateral
movement.
RaaS is a business model created
by more sophisticated ransomware groups. Leveraging their technical
proficiency, these groups develop portable ransomware packages, also known as
kits, which they subsequently sell to individuals or entities seeking to initiate
their own ransomware attacks. RaaS has become so widespread that the U.S.
government officially re-classified ransomware as a national
security threat in 2023.
To counter these threats in 2024,
emphasis should be placed on proactive solutions, eliminating compromised
credentials, securing access, and controlling any east-west access between
machines, devices, or apps. As such, investments should prioritize a strong
foundation in protection rather than detection and response strategies.
Additionally, we can expect to see more CISA-driven regulation and enforcement
for key sectors beyond the Transportation Security Administration (TSA) and
Environmental Protection Agency (EPA), such as critical manufacturing,
particularly given the recent Clorox attack having a lasting impact on
operations.
A promising sign is that we are
beginning to see a shift in cybersecurity investment strategies that better
reflect the current threat landscape. Companies are recognizing that threat
hunting and responding to endless detections and false positives uses too much
of their precious security resources, and they're growing tired of chasing
needles in a haystack. They are now turning their attention to reducing the
attack surface by proactively protecting their assets. By prioritizing tangible
protection solutions that enhance productivity while complying with expanding
regulations, organizations can ensure they can address emerging threats from
around the globe in 2024 and beyond.
The Zero Trust Technology Revolution
As society grapples with emerging
regulations and the vast challenges posed by bad actors, it's clear that
solutions powered by zero trust will be crucial in 2024. Those who don't
embrace the zero trust principle model and corresponding solutions risk leaving
systems and sensitive information vulnerable to exploitation. It would not only
open the door to financial, reputational, and legal problems for nations and
corporations, but could cause widespread environmental and health impacts that
extend beyond the organizations, affecting customers - and citizens like you
and me.
Take Citrix Bleed as an example.
CISA and the Federal Bureau of Investigation (FBI) recently published an advisory around this critical software
vulnerability due to its successful efforts in retrieving sensitive information
and hijacking user sessions. With at least four threat groups leveraging Citrix
Bleed and researchers estimating around 20,000 instances of Citrix devices
having session tokens stolen, additional security measures need to be
implemented urgently.
Zero trust is particularly
successful in combating these types of threat actors because it operates on the
premise that trust cannot be automatically granted to anyone, whether they are
inside or outside the organization. I predict this zero trust approach will
continue to pick up steam in 2024 - as it diverges from the traditional
"trust but verify" model, necessitating continuous authentication and
verification for all users and devices attempting to access resources. By doing
so, layers of defense are created that have the ability to protect our world's
most critical infrastructure and our digital-first society as a whole - all
while complying with regulations in 2024.
Securing Our Nation Now to Protect Our Digital Future
In the face of evolving
nation-state and RaaS-fueled cyber threats, embracing a proactive and
comprehensive cybersecurity approach anchored in zero trust is imperative for
the year ahead. This will not only safeguard the fabric of our society, but
align seamlessly with the surging wave of cyber regulations. The need for swift
and resolute action is clear, and the path to a secure digital future begins
now, in 2024.
##
ABOUT THE AUTHOR
Roman Arutyunov
is the Co-Founder & SVP Product at Xage Security. Prior to Xage, Roman held
Vice President of Product and Engineering roles at ABB, Tropos Networks, and
Mimosa Networks solving networking, security, and data analytics challenges for
industrial and commercial enterprises enabling millions of IoT devices in
production today. Earlier in his career, Roman developed the first generation
of Content Distribution Networks (CDN) and secure proxy servers at Blue Coat
Systems (Symantec).
Roman holds a
Bachelor's in Applied Mathematics with an emphasis in Computer Science from the
University of California, Berkeley and an MBA from Columbia University.