Cyber threats have reached unprecedented levels of sophistication, propelled by the rapid evolution of technologies such as AI. Establishing a robust security culture is essential to fortify an organization’s human firewall.
Anticipated cybersecurity trends for 2024 encompass:
Cloud Service Attacks: The surge in attacks on cloud services implies an unfortunate increase in successful breaches targeting cloud providers or cloud-based applications. Potential repercussions include service unavailability, compromise of personal data, and intellectual property breaches. Notably, the UK remains the most targeted country in the EMEA region, heightening its vulnerability to attacks.
Collaboration and Information Sharing: A heightened emphasis on collaboration and information exchange between national and international cybersecurity agencies, as well as public-private partnerships, will characterize efforts to combat cybercrime. This collaboration aims to proactively detect, respond to, and address emerging cyber threats at a global level.
Legislation on AI: Europe is expected to witness the implementation of much-needed legislation on AI, specifically generative AI, to address the current vagueness and potential misuse. Initiatives like the Digital Service Act and the proposed European Union AI Act aim to enforce transparency and disclosure requirements on generative AI providers, offering clarity to organizations. In Africa, efforts are underway in countries like Mauritius, Egypt, and Kenya, while the Dubai International Financial Centre has already enacted AI-related amendments to its Data Protection Regulations.
Ransomware Targeting Supply Chain Services: Ransomware attacks will intensify but adopt a more targeted approach, focusing on disrupting supply chain services to inflict widespread damage on organizations globally.
Internal Training and AI to Address Skills Gap: A severe shortage of tech workers in the EU and a growing demand for cybersecurity skills in Africa underscore the pressing need for internal training and AI-powered solutions. Organizations will bridge the skills gap by training employees and leveraging AI for improved threat detection and incident response.
Disinformation Campaigns Leading to Extortion: Disinformation campaigns will serve as a smokescreen for cyber attacks or distract from ongoing ones. The emergence of “disinformation as a service” on the dark web will fuel extortion schemes targeting both political and private sector entities, with an increased use of deep fakes.
Privacy by Demand: Privacy regulations will drive organizations towards privacy by design and user experience privacy, especially concerning the use of generative AI. Ethical considerations will play a pivotal role, leading to a broader adoption of privacy-centric practices.
Cyber Resilience as a Priority: Cyber resilience will take center stage as organizations prioritize strategies to ensure continuity in the face of cyber attacks. Emphasizing the development of a security culture will be crucial in swiftly detecting and reporting successful attacks, acknowledging the growing complexity of threats like phishing.
Stu Sjouwerman,
CEO of KnowBe4.
“The need for recurrent security awareness training and simulated phishing to empower employees in identifying and reporting phishing attacks, reinforcing the importance of building a strong security culture in 2024”.