As the number of high-profile cybersecurity incidents continues to rise, businesses are keen to understand what they should expect in the year ahead.
With large-scale data breaches and ransomware attacks causing disruption and losses, businesses are keen to understand how the threat landscape will evolve and what protective measures they should have in place.
Some of the key security trends that will shape the coming 12 months include:
1. The cyber skills gap will remain:
The persistent talent shortage in cybersecurity will continue to be of concern throughout 2024. Addressing this gap will require a multipronged approach, emphasising deployment of modern technology that prioritises usability, training, education, and fostering global partnerships to develop the next generation of cyber professionals.
2. AM attacks will continue:
The high-profile attacks against platforms like Okta underscore the complexities of Identity and Access Management (IAM) in cloud-dominated environments. Companies must prioritise understanding IAM intricacies to ensure robust security postures. It's a reminder that, even with advancements in cloud security, fundamental principles like IAM can't be overlooked.
3. Expect a rise in repeated stolen access tokens
In the wake of the Okta incident, there is likely to be a concerning new trend – repeated attacks aimed at stealing access tokens. These incidents underscore the value attackers place on such tokens and raise questions about how companies safeguard these crucial access points.
During 2024, there is likely to be a twofold response. Firstly, businesses will likely invest more in securing these tokens, making them less vulnerable to breaches. Secondly, there will be a push towards innovative solutions beyond traditional token-based access, potentially introducing newer, more secure authentication methods.
4. Attackers will adapt as more businesses undertake 'cloud-first' strategies:
Businesses will continue mass migrating to cloud platforms, and cybercriminals will follow suit. The next 12 months will see an increase in sophisticated cyberattacks targeting cloud infrastructure.
Data will continue to be recognised as an invaluable asset of the utmost importance and so attackers will shift tactics to adapt as businesses move towards a cloud-first approach - especially when migrating their data to cloud platforms. Their primary motivation is the amount of sensitive data they can obtain from successful breaches.
5. The widespread lack of cloud logging will remain a hot topic:
During the coming year, there is likely to be more controversy over the lack of detection and investigation available to respond to high-profile state-sponsored cyberattacks. These logs, crucial for security analysis, might lead organisations to pay substantial sums for access. The importance of such logs was demonstrated in past incidents, and cyber adversaries are anticipated to exploit similar vulnerabilities, compelling organisations to invest more in their cybersecurity defences.
6. Elevated Focus on Forensics and Incident Reporting
There is a clear need for deeper forensics, especially as incident reporting mandates and requirements are increasing in number and scope globally. Indeed, the complexity of modern cyberattacks targeting cloud-based technologies increases the need for forensics capabilities that can help security appropriately manage risk across the next-generation of services, including containers and serverless resources. There is also a speed factor here. When it comes to incident reporting mandates, security teams need tools that enable speedy investigations.
7. Expect tighter legislation and regulation:
Regulatory bodies are likely to impose stricter cyber regulations as incidents increasingly influence stock markets and investor sentiments. These impending regulations respond to the growing cyber challenges with financial and societal implications. It's expected that more stringent oversight and guidelines will emerge to protect investor interests and ensure market stability.
8. Regulated industries will increase their cloud adoption:
Throughout 2024, mature industries that operate under rigorous regulatory standards will make significant strides in cloud adoption. These sectors - historically known for their caution due to the high stakes associated with compliance breaches and data security - recognise cloud infrastructure's benefits.
From healthcare to finance, controlled industries seek the agility, scalability, and efficiency that cloud solutions offer. However, with this transition, there's an imperative need for specialised cloud security measures. As these sectors house sensitive and proprietary data, ensuring its safety while harnessing the benefits of the cloud will be paramount.
This evolution not only underscores the trust that is being placed in advanced cloud security solutions but also highlights the need for continuous innovation in this realm to cater to the specific demands of highly regulated industries.
9. Anticipate increased intelligence sharing:
The Five Eyes alliance united the international message of domestic geopolitical future and education. They are coming out publicly of having common nation-state enemies for industry and other governments to help solve the problem. The unified message from the Five Eyes intelligence alliance emphasises the importance of international collaboration.
As cyber threats grow more complex, nations will likely make more public declarations, joining forces to mitigate risks and share intelligence. These joint global initiatives will only rise in number and expand from security intelligence alliances to hyper-focused security intelligence agencies collaborating to bring down more bad actors.
When it comes to achieving effective cybersecurity, it's clear that the coming year will be a challenging one for organisations of all sizes. New threats need to be understood, and measures need to be put in place to protect against them. Organisations will realise that responding in cloud is not as straightforward, and more will seek answers to how to triage and investigate a detection and its potential risk to the enterprise.
By taking time to understand the evolving threat landscape and the portfolio of protective measures that are available, organisations can be best placed to withstand attacks and avoid disruption and losses.