Skip navigation
padlock Alamy

Cybersecurity Trends and Predictions 2024 From Industry Insiders

From the changing role of the CISO to AI's impact on IT security, IT leaders and industry insiders share their cybersecurity trends and predictions for 2024.

No matter the size of your business, security must be top of mind, as organizations will need to double-down even more in 2024 to protect themselves from more sophisticated cyber-attacks and data breaches.

Part of ITPro Today's mission is to equip security leaders with the knowledge and tools to stay ahead of the bad actors. In addition to a guide to IT security careers and a report on ransomware, in 2023 we published a Cybersecurity Survey Report that offers practical guidance on how to navigate cybersecurity challenges and improve overall security outcomes. We even created an infographic to help you understand today's IT security practices. And if you are aspiring to become a chief information security officer, take our personality quiz to see if you have what it takes to be an effective CISO.

However, with the ever-changing cybersecurity landscape, it would be wise before making any security decisions to first know what industry insiders are expecting this year in the cybersecurity space — as well as what techniques and strategies they suggest using to combat cyberthreats. Below are their predictions, broken into security categories:

AI's Impact — Good and Bad — on Cybersecurity

AI Will Be Used for Both Offense and Defense in 2024

While AI can be used for good, it's only improving the ROI of bad actors, allowing them to attack faster and execute with more sophistication. The attacks themselves won't change, but attackers will be able to automate processes and more easily exploit information. Just as professors can use AI to identify AI-generated papers, organizations must use the same type of models to detect things like phishing attacks.Andrius Useckas, CTO & CISO, ThreatX

Utilization of AI in Enhancing Business Operations and Cybersecurity

Expect AI's role in business operations and cybersecurity to expand, offering both efficiencies — and new vulnerabilities — that will require strategic oversight and management. On a related note, expect to see a rise in AI-enabled cyber-attacks, with sophisticated tactics that could directly affect business operations and customer data security, and potentially exploit AI-driven business processes. Josh Lefkowitz, CEO, Flashpoint

IT Security: Old School Is New School

The total number of data breaches and leaks in 2023 outpaced 2022's number. Organizations need more oversight for regularly managing their security posture against vulnerabilities because bad actors are always a few steps ahead, not behind us. With AI bots poised to become bad actors, I predict digital footprints will only get more extreme for protection. Instead of a hacker manually finding different vectors to break through, AI can issue multi-varied answers and clone patterns for security, including codes, spoofing, and fingerprinting. To protect teams against these threats, organizations should ensure they update the entire network — avoiding reliance solely on an automated system, which themselves can be compromised — and follow the right policies and "old-school" practices. Old is gold. In this new world, private clouds and private infrastructure are a safer place to be. It's critical for security posture, especially for a brand that's been around a long time and its core functionalities haven't changed — it's critical to any modern environment despite the new threats. The basics haven't changed; they've just increased. Organizations need to be critical about their ITOps strategy to ensure configuration management and drift control, which is key to maintaining the security posture for an organization. Organizations will depend more on agents to manage configurations and prevent drift with the right set of technologies while tracking any and every change made to the golden images for configuration in their estate and keep their infrastructure inline as part of the security posture while also being secure in compliance standards.Kapil Tandon, VP of Product Management in the IT Ops Business Unit, Perforce

Threat Actors Find Help in AI/ML

Threat actors may leverage artificial intelligence and machine learning to enhance their attacks. This could involve using AI for more sophisticated phishing attacks, automating malware creation, or evading detection by security systems. Abian Morina, Associate Threat Researcher, P0 Labs

2024 Will Be the Year of AI Security Snake Oil

Cybercriminals have been quick to adopt generative AI tools to advance their goals. Organizations are, rightfully, racing to ensure assets are protected. But the answer to generative AI-enhanced cyber-attacks isn't necessarily generative AI-enhanced security. That fact won't stop startups from claiming that they have used GenAI to create a security silver bullet. While AI, particularly deep learning, will always have a place in solving security challenges, organizations will be better served by avoiding the AI panic and ensuring any security solutions help them optimize the security basics — identity, visibility, zero trust access, and microsegmentation.Robert Blumofe, CTO and EVP, Akamai Technologies

AI-Driven Security Incidents Won't Be as Prevalent as One May Assume

Over the course of 2023, generative AI took the world by storm. However, in the last couple of months, the hype has gone down quite a bit, and while AI will still have influence in 2024, we're only scratching the surface. While AI will help make malware or phishing emails seem more legitimate, for example, and may even increase misinformation by creating more deepfakes of individuals and public figures, security teams should instead prioritize the influx of attacks. This includes supply chain attacks and ransomware attacks targeting "weaker" organizations, which will only increase in volume and sophistication over the next year. Jeremy Ventura, Director of Security Strategy & Field CISO, ThreatX  

GenAI-Fueled Cybersecurity Arms Race

In 2024, we can expect to hear and see much more about the generative AI-fueled cybersecurity arms race. For example, players on both sides (i.e., defensive and offensive cyber) are rapidly adopting and integrating fine-tuned large language model (LLM)-enabled tools in an effort to better attack and defend systems. GenAI-powered capabilities such as automated code generation, reverse engineering, and document exploitation will reach previously unthinkable levels of sophistication and speed. Organizations unwilling to invest in and adopt these next-generation GenAI tools will fall behind and potentially be at a much higher risk of getting compromised. Emerging GenAI-related security risks such as data leakage, model poisoning, or system hallucinations will also get more attention in 2024 as organizations try to weigh the pros and cons and figure out which GenAI security guardrails and usage policies to put in place.Dr. Torsten Staab, Principal Technical Fellow, Raytheon, an RTX business

GenAI Will Make Human-Based Attacks More Convincing

The biggest trend we'll see in cybersecurity in 2024 will be the impact of generative AI on human-based cyber risk. Seventy-four percent of successful data breaches involve some sort of human element, and that was before hackers got ahold of ChatGPT. Now, these bad actors can use generative AI tools to write more convincing phishing messages at scale, create video and audio deepfakes, and more easily collect information on their targets. IT security leaders need to prepare their colleagues for an influx of cyber-attacks that will be better at manipulating people. That calls for sharper, more relevant cybersecurity awareness training.Dr. Shaun McAlmont, CEO, NINJIO Cybersecurity Awareness Training

Social Media Scams Will Become 'Smarter' Through AI-Driven Presentation

Social media scams are already a huge problem, and they'll be made worse as bad actors start to leverage AI-driven scams.Heather Hinton, CISO, PagerDuty

Generative AI Will Continue to Face Organizational Scrutiny

With the rapid growth of generative AI tools in 2023, organizations will intensify their scrutiny of the effects of AI tools on their employees and systems in the new year. One challenge is the persistence of misinformation and questions around the legality of AI tools, including the exposed source codes and the ability to determine the legitimacy of the results that employees are receiving. Leaders will need to establish methods to validate and authenticate information, while defining clear parameters determining how employees can use AI tools within their organization. — Bret Settle, President & Chief Strategy Officer, ThreatX

Rapid AI Adoption Will Require a New Reckoning for Security Professionals

It's been a year since ChatGPT hit the scene, and since its debut, we've seen a massive proliferation of AI tools. To say it's shaken up how organizations approach work would be an understatement. However, as organizations rush to adopt AI, many lack a fundamental understanding of how to implement the right security controls for it. In 2024, security teams' biggest challenge will be properly securing the AI tools and technologies their organizations have already onboarded. We've already seen attacks against GenAI models such as model inversion, data poisoning, and prompt injection; and as the industry adopts more AI tools, AI attack surfaces across these novel applications will expand. This will pose a couple challenges: refining the ways AI is used to help improve efficiency and threat detection while grappling with the new vulnerabilities these tools introduce. Add in the fact that bad actors are also using these tools to help automate development and execution of new threats, and you've created an environment ripe for new security incidents. Just like any new technology, companies will need to balance security, convenience, and innovation as they adopt AI and ensure they understand the potential repercussions of it. Dr. Chaz Lever, Senior Director, Security Research, Devo  

Organizations Will Lean on Technology for Management and Protection

With a global focus on data privacy, organizations must leverage technology to identify and mitigate risks quickly and effectively. In 2024, leaders will invest in AI-driven security to monitor network behavior, detect anomalies, and protect against potential threats — all in real time. This proactive approach will allow organizations to enhance their ability to safeguard data and operations. This technology, however, is only effective when coupled with a robust data strategy that leverages a zero-trust model. In the new year, more leaders will adopt this approach, which requires verification at every step of the data access and transfer process, significantly reducing the potential for breaches. Stephen Franchetti, CIO, Samsara

More Sophisticated Technologies Mean More Sophisticated Threats

This one may be a no-brainer, but it must be said again and again. Bad actors will use AI/ML and other advanced technologies to create sophisticated attack tactics and techniques. They'll use these tools to pull off more and faster attacks, putting increased pressure on security teams and defense systems. The pace of progress is equally fast on both sides — defenders and attackers — and that balance will continually be tested in the coming year. Kayla Williams, CISO, Devo

AI Changes Meaning of Cybersecurity

As a result of AI development, cybersecurity will continue to be a priority for companies and organizations of all sizes. The revolution of AI will change the meaning of cybersecurity. While AI-based solutions will play a significant role in detecting weaknesses or increasing security and reliability, the development of AI will impose new, unforeseen risks due to the availability of new technologies to black hat hackers.Agur Jõgi, CTO, Pipedrive

AI Technology Will Gain Even More Appeal in the Security Space

We're seeing AI being leveraged to attack (FraudGPT, threat, phishing, etc.). In 2024, companies will need to work with security companies that are empowering themselves with AI to defend or protect more proactively. Fei Huang, VP of Security Strategy, SUSE

Will 2024 Be the Year of Misinformation?

Considering how far AI has advanced in 2023, the content quality will only improve. In 2024, we can expect content like imagery, video, and text to advance to the point where fraudsters will use them to their advantage. For example, rather than sending a fraudulent email, attackers may start posing as the family and friends of their targets, using existing images, voice recordings, and videos to ask for money or personal information. Additionally, the 2024 election will likely come with various forms of misinformation, primarily on social media. Filters that identify AI-generated content will need to advance further across platforms. Social media platforms have a responsibility to do so.Tim Brown, Global Identity Officer, Prove Identity

Organizational 'Readiness' Will Be the Key Trend in Navigating AI-Based Cybercrime

Going into 2024, AI will continue to allow for more sophisticated and customized attacks. The reality is that education around recognizing AI-based threats like phishing is difficult; however, organizational "readiness" will be a key area of innovation. While the education piece is one component — such as the ability to recognize more customized phishing emails that appear to come from a colleague, vendor, or partner — better endpoint protection is another factor. Companies can't afford to lose out on reliable tools to scan emails and links, but there's also a component of "trust equity," and all organizations should encourage "reward reporting" of suspicious events. Making security the priority of every individual in the organization will be key. — Gene Fay, CEO, ThreatX


In 2024, Enterprises Need to Get Smarter About Ransomware Defenses

Going into 2024, we can expect to see more specialized ransomware attacks targeting specific industries. Attacks overall will get more significant and cause more damage. Leaders must stay abreast of the threat and market landscapes and focus on the fundamentals — not the latest and greatest new security solutions — including education, preventative planning, and more robust defenses. Partnering with experts will also provide better defensive action. Enterprises that surround themselves with the right people who have experience dealing with ransomware prevention will bode much better than those who take this task on themselves.Danny Allan, CTO, Veeam Software

Ransomware Payment Values Will Increase — but the Number of Payments Will Not

As ransomware attacks become worse and cause more damage, the amount of ransom that attackers demand will also grow. However, expect to see the actual number of ransomware payments flatten as companies push back against bad actors — whether they want to or not. Additional sanctions on nation-state activities by the federal government will likely compel companies to avoid paying ransom to certain groups, setting the stage for an interesting showdown.Danny Allan, CTO, Veeam Software

Ransomware Continuing to Hammer Global Enterprises

In 2024, the continuation of ransomware attacks against major enterprises is expected. While this isn't a groundbreaking assessment, it underscores the crucial need for proactive preparation and intelligence-driven strategies. Effective defense goes beyond acknowledging the threat — it demands a deep understanding of adversary tactics and robust measures to thwart initial access. Organizations should also focus on intensifying their preparedness, from employee awareness to advanced incident response planning, to ensure that ransomware and extortion attacks are met with a fortified and responsive security posture. Josh Lefkowitz, CEO, Flashpoint

Continued Evolution of Stealer Malware in Illicit Communities

In 2024, the growth of stealer malware like Lumma, Silencer Stealer, and StealC is expected to continue, enhancing its role in the cybercrime attack chain. Their ability to discreetly harvest sensitive data makes them a precursor to more disruptive ransomware attacks, as that stolen information — such as cookies — often facilitates targeted ransomware campaigns. This link underscores the criticality of addressing stealer malware in cyberthreat intelligence and cybersecurity strategies. Josh Lefkowitz, CEO, Flashpoint

Increased Focus on Ransomware

In 2024 we will see less cryptomining by commodity actors as those pursuits become less profitable. They are likely to see their focus on more profitable campaign via ransomware. Ian Ahl, SVP, P0 Labs

International Ransomware Payments Will Remain a Business Decision

In November 2023, all 50 members of the International Ransomware Initiative endorsed a policy that "relevant institutions under national government authority should not pay ransomware extortion demands." Unfortunately, this latest declaration will have little to no impact on the payment of ransoms, especially for the private sector, or state and local governments. While these types of statements are made with the best intentions, they will not change the actions of malicious actors or how affected parties respond to them. In 2024 and for the foreseeable future, ransomware payments will be viewed as a business decision. It will be up to organizations and governments to analyze the outcomes and impact of paying or not paying a ransom. Ron Reiter, former member of IDF's Unit 8200 and current CTO & co-founder, Sentra

The Escalating Threat of Dual Ransomware Assaults in 2024

A concerning trend looms as we look forward to 2024: the rise of dual ransomware attacks. It's estimated that 1.7 million ransomware attacks occur every day, equating roughly to 19 attacks every second — a massive growth since 2022, when ransomware only accounted for a fifth of all cyber-attacks. Financial motivation drives most cyber-attacks, but the stakes are even higher recently. As sanctions on Russia increase, there is a renewed surge of innovation and persistence in cybercrime, as seen in a recent trend of "dual attacks." In this type of attack, after an initial breach, attackers strike again, severely hampering victims' recovery efforts and testing the resilience of network defenses. It's a constant cat-and-mouse game, with attackers leading the charge with new tech adoption. Cybersecurity professionals in 2024 must invest in technology and tactics that will help them identify potential vulnerabilities in emerging technologies earlier in their adoption.Andrius Useckas, CTO & CISO, ThreatX

Professionalization of Cybercrime

In recent years, we've seen mass exploitation of internet-facing services take off as a route into a network to get to the valuable data on the inside, whether by APT groups, ransomware actors, or Initial Access Brokers. I believe the success and methodology of the recent MOVEit compromise by the ransomware group Cl0p will begin to inspire more mass exploitation campaigns targeting edge data transfer servers in a similar vein. MOVEit was typically used for reliable transfer of large volumes of important files between organizations. Cl0p exploited MOVEit servers to gain access to and exfiltrate these important, valuable files. For a ransomware group, access to large volumes of valuable data is the end goal; they had no need to go further into the network than the exposed, vulnerable MOVEit servers. I expect to see more copycat attacks where the value is the exploited server itself, not the access it provides to the rest of the network. Stephen Robinson, Senior Threat Intelligence Analyst, WithSecure

Phishing and Other Attacks

Phishing Attacks on the Rise

In 2024, perpetrating fraud using AI will only continue to increase, creating significant risks to intellectual property on consumer and enterprise levels. For example, phishing emails will become more realistic with AI. Attackers will likely see higher success rates if employees and the general public do not receive training on how to identify and avoid cybercrimes. Various forms of phishing will be sent in a higher volume with greater success rates as more individuals may click on these believable, malicious links. This creates considerable concern for all, especially more vulnerable groups like senior citizens who may lack the proper guidance. Tim Brown, Global Identity Officer, Prove Identity

Increasing Prominence of Telegram as a Hub for Cybercriminal Operations

Anticipate a continued reliance on Telegram as a nucleus of cybercriminal activity. This shift reflects a growing preference among cybercriminals for decentralized platforms, which offer greater anonymity and harder-to-trace communication channels. The move toward platforms like Telegram presents new challenges in intelligence gathering and complicates efforts to combat cybercrime effectively at scale, highlighting the necessity for advanced monitoring and response strategies. Josh Lefkowitz, CEO, Flashpoint

GenAI Will Make Phishing-Based Cyber-attacks Exponentially More Successful

In 2023, we saw the rise of generative AI tools such as ChatGPT. While these tools can be very helpful for improving business processes, they can also add massive overhead from a security perspective. The biggest reason for this is generative AI has made phishing attacks readily available to hackers, helping them craft believable emails with context. Whereas individuals used to be able to look for tell-tale signs of fraudulence — such as spelling mistakes, grammatical errors, or tones of misplaced urgency — phishing attacks crafted with generative AI are nearly perfect. If that's not bad enough, they also pull in relevant context found on individuals (e.g., using information posted on social media accounts). This combination makes it more difficult than ever for recipients to distinguish between a real and a fake email. Cybercriminals want maximum results for the least amount of effort and money. Generative AI-based phishing attacks can be executed easily, quickly, and at no cost. So, while we've been able to keep phishing at bay over the past few years, in 2024, we'll see both the rate of phishing attacks and their percentage of success increase dramatically.Bassam Al-Khalidi, co-founder and co-CEO, Axiad

Cybercriminals Will Increasingly Target Account Recovery Methods

With the uptick in phishing attacks and resulting guidance from the U.S. White House Office of Management and Budget (OMB), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST), in 2024, more organizations will strengthen their authentication method by going passwordless. In fact, we're already seeing this move in the market, with large enterprises including Google and Amazon now offering consumers the ability to log in more securely with passkeys. While this is a step in the right direction, it's only half the journey. As the "front door" of the house gets stronger, cybercriminals will shift from stealing credentials (e.g., passwords) to attacking the "back door," or account recovery methods. For example, let's say a cybercriminal enters incorrect information on an account five times. The account recovery process then kicks in. If that process involves calling a help desk to answer security questions or answering them online, there's a good chance hackers will be able to ascertain the information they need to hack their way in by perusing social media. We're already seeing this happen, but, in 2024, we'll see an escalation of cybercriminals targeting account recovery methods to compromise credentials.Jerome Becquart, COO, Axiad

Disruption-Driven, High-Visibility Attacks Will Be Few but Will Be Big

In a variation of "the bigger they are, the harder they fall," high-visibility attacks will continue to be rare, but when they occur, they will be big. Bad actors will shift their attention to building sophisticated campaigns to take down high-visibility and high-value targets that are more financially rewarding for them. Heather Hinton, CISO, PagerDuty

Social Engineering Attacks Becoming More Sophisticated and Targeted

Be prepared for an increase in sophisticated social engineering attacks, potentially leveraging AI technologies, which could target high-level executives and critical business units. Josh Lefkowitz, CEO, Flashpoint

Insider Threats Becoming More Complex and Frequent

Anticipate an increase in insider threat incidents, not just in frequency but also in complexity. As insiders are increasingly being lured across various illicit online communities, visibility into these recruitment and advertising activities is essential. Insider threats could pose heightened risks to sensitive company data, intellectual property, and internal systems across various industries. Josh Lefkowitz, CEO, Flashpoint

2024's Hackers Aren't Your Traditional Bad Actors — They're Eco-warriors

We will undoubtedly see more awareness around ransomware in 2024, given how public these attacks have gotten. In addition to the rise of these public attacks, we will also see a rise in "eco-warriors" hacking establishments to advance awareness for a reportedly "good cause." We've recently just seen this with the MGM Grand Casino cyber-attacks, with threat actors coming forward to claim the hack was to expose how customer information was being mishandled. Should there be a rise in similar attacks in 2024, more consumers will be seeking transparency on what actual security measures businesses can take to ensure their data is protected. To fight against the growing problem of eco-warriors, organizations must have better communication in place. Business leaders will need to have ready-made statements on hand, spokespeople ready to address, and processes around when these types of events occur. And if organizations have already experienced a cyber-attack, they should harvest every bit of information and really dissect it to learn from it. The second attack is always worse, bigger, greater, and more distributed. It should be top of mind for security teams to always ask, "What have we learned?" and "What are we doing differently?" Dave Russell, VP of Enterprise Strategy, Veeam Software

Lower Barriers for Attacks

There will be a lower technical barrier to carrying out attacks as threat actors continue to 1) leverage native functions (web consoles and APIs) and GUI tools to interact with cloud environments and 2) use ChatGPT (and similar tools) for more advanced attack scripting.Ian Ahl, SVP, P0 Labs

Third-Party Data Sharing Will Raise Risks of Security Breaches

More third-party SaaS vendors and cloud platforms are increasingly involved in security incidents. These vendors are creating a compounding and growing set of accessible company information on the Dark Web, which causes a cascading effect. The more information available, the more likely that information can be used to breach an organization. In this environment, having an accurate inventory of what systems are being used by your organization becomes critical for maintaining operational efficiency, but also to help identify all your risks related to third-party suppliers and service attacks. In the digital world we all live in, data flows within and between just about every service we use. Far too often, when a breach happens, security teams and IT leaders don't know their own exposure in terms of corporate data and assets until it is too late. It's critical to understand all the risk factors, and follow the best practices for security, training, and compliance. In the case of homeowners, having a fire extinguisher and an alarm system are the best practices for safety and security. That doesn't mean you won't experience a fire or break-in, but your odds are much better when you can make continual progress to maintain strong compliance and security frameworks. If you take the necessary steps and follow best practices, you will lower your attack surface.Alex Hoff, Chief Strategy Officer and co-founder, Auvik

Identity Theft, Data Privacy, and Fraud

Consumers Will Become More Concerned About Identity Theft

A recent survey found that over half (51%) of consumers have been a victim of identity theft or know someone who has, and 81% are worried about AI-based fraud while shopping online. Consumers and businesses have a societal duty to protect themselves and one another, calling for more security tools to protect personal information. There also must be greater education from business-to-consumer levels to avoid compromised data, such as when shopping online and for shoppers saving their payment information on retailer websites. The importance of authentication tools, such as mobile authentication, will only go up from here.Tim Brown, Global Identity Officer, Prove Identity

Fraud Becomes More Sophisticated

Financial institutions will continue to battle increasingly sophisticated fraud schemes and will seek real-time detection solutions that proactively identify fraud before funds leave their bank or credit union. Daniel Haisley, EVP of Innovation, Apiture

Cybercriminals to Continue Their Assault on Healthcare Systems

Healthcare will continue to be targeted heavily, as the interconnected nature of health devices will present greater opportunities for cybercriminals to attack. Healthcare organizations are increasingly using electronic health records (EHRs) and other digital systems to store and manage patient data. This makes them more vulnerable to cyber-attacks, as cybercriminals can exploit vulnerabilities in these systems to gain access to sensitive data. This threat is exacerbated further by the increasing prevalence of cloud and remote computing systems, essential for accommodating the expanding requirements of distributed healthcare providers. Rodman Ramezanian, Global Cloud Threat Lead, Skyhigh Security

Preventing Account Takeovers Will Be a Priority

Today, hackers now have access to many databases containing stolen credentials, and in recent years they have become increasingly sophisticated, carrying out more notable data breaches that have left a treasure trove of usernames and passwords exposed. This has resulted in more account takeover (ATO) attacks, an issue that is skyrocketing. In fact, by 2025, ATO fraud losses are expected to reach almost $17 billion globally. This validates the urgency for companies to make ATO fraud prevention a key focus in 2024 and ensure that the person behind the screen is who they say they are. However, preventing account takeovers has been challenging in recent years because identity and login security aren't easy, and most internal authentication solutions fall short. As this trend continues to rise in 2024, we can expect companies to look to outsourcing and implementing more advanced detection and prevention solutions that better protect their customers' data from cyber-attacks that prey on identity-related techniques.Brian Pontarelli, founder and CEO, FusionAuth

Deepfake-Based Attacks Will Increase

Toolkits for attackers that allow creation of deepfakes for purposes of voice or video-based social engineering will become more common, leading to an increase in deepfake-based attacks.Jason Martin, co-founder and co-CEO, Permiso

Financial Services at Higher Risk Thanks to Sensitive Data and Rise of AI

The financial services sector remains a high-priority target for cyber-attacks due to its abundance of sensitive data, encompassing financial records, personally identifiable information, and proprietary data. As artificial intelligence rapidly integrates into our daily lives, cybercriminals are poised to exploit its capabilities. AI stands to expedite the discovery of vulnerabilities and enable more sophisticated social engineering attacks. The rise of deepfakes, AI-generated lifelike videos and audio, poses a concerning threat by potentially deceiving financial services personnel into disclosing sensitive data or authorizing fraudulent transactions. Social engineering, reliant on human manipulation for unauthorized access to data or systems, persists as a significant and ongoing threat in this landscape. Rodman Ramezanian, Global Cloud Threat Lead, Skyhigh Security

Demand for a Better Registration Process Will Be on the Rise

As digital interactions increase, companies face the challenge of orchestrating secure yet seamless registration workflows. In 2024, registration will continue to be a key component within customer identity access management (CIAM). However, consumers and companies alike will expect more from the registration process. Over the next year, vendors will be urged to address complex registration workflows like Know Your Customer (KYC) protocols and seamless third-party integrations. These upgraded registration processes will have immense benefit for users, allowing them to experience less UX friction, more transparency with federal legislation such as HIPAA, GDPR, and CCPA, and more self-service options, among others. And as new regulations come into play and digital services expand — especially in key industries such as finance, e-commerce, healthcare, real estate, and cryptocurrency — KYC vendors will play an even bigger role in CIAM to verify identities, monitor transactions, and ensure compliance in the coming year.Brian Pontarelli, founder and CEO, FusionAuth

Credentials, Identities in Bad Actors' Crosshairs

The number of incidents stemming from compromised credentials will continue to grow in 2024 as security teams continue to struggle with leaked API keys, overprivileged identities, and the growth of readily available credentials for purchase on underground markets. In addition, identity providers will remain targets for many threat actor groups in the cloud. Bad actors will continue to target identities with admin privileges to compromise in order to reduce the time they need to spend escalating their privileges once inside the environment. Jared Elder, VP of Marketing, Permiso

Engineering and Security Teams Will Partner to Protect Infrastructure From Growing Identity Attacks

Historically, companies' approach to security was very IT-centric with dedicated security teams — like those responsible for network security — working to ensure the organization was secure. However, with the dissolution of the corporate perimeter, the increasing complexity of cloud computing, and a cybersecurity talent shortage, the role of security teams will change. In 2024, with identity attacks on the rise, we'll see the role of security teams shifting to those of consultants and auditors, with engineering teams responsible for choosing vendors and implementing security protocols. Cybersecurity teams will be responsible for policy and ensuring that workflows and systems meet security requirements.Ev Kontsevoy, CEO & co-founder, Teleport

API Security

Organizations Will Start Taking API Security More Seriously

Over the last five years, we've witnessed major brands like Peloton, T-Mobile, and 23andMe experience API-based attacks. For most organizations, however, API security is not among their top priorities. Knowing that API abuses and related data breaches will nearly double in 2024, API security is becoming more of a priority. The current API security market is complex, with many different vendors focusing on various aspects of API protection. In 2024, we'll likely see more consolidation of tools, and as the market and economy shift, mergers are likely to occur. Jeremy Ventura, Director of Security Strategy & Field CISO, ThreatX

API-Based Data Breaches Will Light a Fire Under the CISO's Seat to Strengthen API Security Posture

Looking back at 2023 data breaches, it's clear that vulnerable APIs were the preferred attack vector for hackers — much as Gartner predicted. Part of the reason why APIs are such an attractive entry point for breaches like Twitter, Optus, and CircleCI is the fact that other companies host third-party APIs: It means that a developer can't see the source code, so they cannot possibly know how their data is used and stored and, most importantly, these assets are not within the traditional perimeter, meaning that traditional security controls don't apply to them. In 2024, CISOs and front-line security professionals will start to truly recognize the importance of a mature API security posture — featuring a complete inventory of APIs and the data they transmit, followed by an automated test program and continuous monitoring. This emphasis on API security will be a stark change from the past three to four years, which focused more on infrastructure-based attacks. Eyal Momo, VP of Engineering, Crowdstrike

The Value of APIs Will Increase and Attackers Will Take Notice

APIs serve as the connection point for organizations to partner with other organizations, and the value that they provide is only going to increase in 2024. Organizations will continue to recognize how APIs make it extremely easy to interact with their technology and their partners' technology. Given this value, we'll also see attackers increase their attention on API-based attacks. The good news is there are a handful of companies and tools available in the market to protect APIs, and budgets to do so will surely increase in 2024. — Gene Fay, CEO, ThreatX

Zero Trust

Zero Trust Policies Will Be Critical for Data Backup Repositories

Zero trust policies have increasingly become a cornerstone of modern, effective cybersecurity. However, most zero trust policies do not include the security of data backup and recovery systems, even though 93% of ransomware attacks target backup repositories and 75% of those attacks are successful. While many organizations are following zero trust frameworks, they also need to apply these tools to data backup and recovery to reduce downtime and become more resilient against ransomware.Danny Allan, CTO, Veeam Software

Zero Trust Security Requires Real-Time Integration

The realization that zero trust architectures demand real-time integrations will drive significant changes in cybersecurity strategies. Companies will seek out purpose-built solutions that can seamlessly integrate with existing systems in real time, enhancing their ability to respond to threats instantaneously. Husnain Bajwa, VP of Product Strategy, Beyond Identity

Zero Trust Will Be Solidified as a Valid Concept That Works

Organizations and vendors have had ample time to develop and implement architectures and products to meet zero trust principles now that they understand it just isn't an industry buzzword — it's a valid concept that works. Remote work will continue to be prevalent, and zero trust is instrumental in ensuring those remote workers are accessing services and resources in a secure manner. Zero trust implementation is continuing to pick up across all verticals in 2024. Max Shier, CISO, Optiv

Zero Trust Controls Will Continue to Be Embedded in the Full Stack

As runtime zero trust controls become more practical, more zero trust controls are being integrated or implemented in the operating system, orchestration platform, and pipeline and software supply chain. Network segmentation plus data segmentation is becoming the first-class security controls that companies are using. Security requires real-time enforcement, not just monitoring. Fei Huang, VP of Security Strategy, SUSE

The Role of the CISO in 2024

As the Stakes Get Higher, CISOs Cannot 'Quiet Quit'

In the wake of the charges against SolarWinds and reassessment of the Uber CISO's conviction, security leaders are facing much higher stakes for their mistakes; it is no longer just a CISO's job on the line — it's their personal liberties too. While it is naive to place all of the blame on security leads following a breach, the SEC's decision serves as a wakeup call for restructuring the CISO job description. CISOs can no longer be passive. They must pay attention to whether they have the proper cybersecurity budget, headcount, tooling, and what their tech stack looks like. If the stated material truth of their cybersecurity posture is lacking, they either have to be brutally honest or face the consequences. They also have to cut through the noise and demand the ear of the CEO when reporting risk. By becoming the company advocate for incident response, CISOs can more accurately estimate risk and utilize their budgets to better protect their companies. By taking on these actions, added layers of reporting and responsibility will ensure that companies are up to the new security standards and that the CISO is not shouldering all the risk alone.Ron Reiter, former member of IDF's Unit 8200 and current CTO & co-founder, Sentra

With New Regulations Proliferating, CISOs Will Have to Take a New Approach to the Role

CISOs' jobs are getting harder. Many are grappling with an onslaught of security threats, and now the legal and regulatory stakes are higher. The new SEC cybersecurity disclosure requirements have many CISOs concerned they'll be left with the liability when an attack occurs. As we've seen with the charges against the SolarWinds CISO, these fears have merit — and we need to prepare ourselves for this. CISOs can't just be technical experts anymore. Their skillset must be more well-rounded in enterprise risk management, requiring a deeper understanding of the laws and regulations in the jurisdictions and industries where their companies operate. They must also tie compliance tightly to corporate objectives. It's also going to require CISOs to (more often) form alliances with other executives who will have to play a bigger role as cybersecurity becomes a board-level issue. Kayla Williams, CISO, Devo

Getting Back to Security Basics Takes Precedence

Ransomware attacks grow more sophisticated. Data leakage concerns are rising. And the ramifications of a breach are stiffening. The ground continues to shift under CISOs' feet, causing many to lose sight of their security foundations. 2024 is the year to get back on track. A rock-solid inventory of all assets and devices is the core of any good security program. Without this, you'll forever be catching up and playing whack-a-mole. CISOs should also ask themselves, "Are we doing everything we can to continuously manage vulnerabilities in both our devices and applications? Do we have the right controls in place to properly regulate access management? Have we tested our data recovery and backup plans? Do we even have full visibility into our environment?" If the answer to any of these questions is, "Our policies and procedures fall short," it's important to fix them before tackling any additional projects. It's easy to get caught up in the hype of a new, shiny solution. But the truth is that without the basics in place, you have a one-way ticket to compromise. Kayla Williams, CISO, Devo

3 Biggest Priorities for CISOs in 2024 

CISOs will have three key priorities in the year ahead to keep their IT infrastructure and teams running smoothly and securely:

  • Enable Generative AI: Businesses and individuals are using all kinds of AI tools today, and it's up to security teams to find a way to support that usage in a safe way. This is the time for security teams to be the vanguard of AI efforts: Teams can use generative AI tools before they are adopted by the full company to understand the applications and potential risks — so you can guide your employees and leaders on how to use them securely.
  • Demonstrate ROI: With budgets shrinking, CISOs are under increasing pressure to understand exactly where money is being spent and whether those are the optimal areas of investment. Posture management can help to show that, whether it is CSPM (cloud posture management), DSPM (data security posture management) or network SPM.
  • Optimize the system: The start of the new year is an important time to review a business's major tools and processes, and overhaul or eliminate anything not working. Make sure software and infrastructure is properly integrated, and existing procedures are streamlined to save valuable time and resources. Attila Torok, CISO, GoTo

Cybersecurity Workforce

Cybersecurity Leaders Will Need to Embrace Entry-Level Positions and In-House Training

Despite popular belief, the cybersecurity industry is not facing a talent shortage, we are facing a skills shortage. Hiring teams all want a skilled practitioner to join the organization, but in reality, this type of person is expensive and rare. Yet there is a surplus of people looking to enter the cybersecurity field. Organizations are getting thousands of applications for open positions, especially entry-level positions. We're not seeing a shortage of people; there is a shortage of training and of a willingness to hire outside of the traditional skill set. In 2024, as the cybersecurity industry continues to face budgetary constraints, leaders will ultimately have to hire entry-level people inexpensively and give them the opportunity to learn. We'll see more corporations and HR departments partnering to make sure job descriptions truly mean entry level. — Gene Fay, CEO, ThreatX

The Cybersecurity Workforce Is a Looming Crisis for CISOs

As we venture into 2024, cybersecurity is one of the fastest-growing professional fields, and yet employers are struggling to find workers to fill open positions. CISOs face a formidable challenge: the widening gap in the cybersecurity workforce. The cyber domain is currently experiencing a scarcity, a trend that experts fear will intensify with more companies grappling to retain and recruit talent. A collaborative effort is required to repair the current decline, and CISOs should turn toward innovative services infused with AI as a potential lifeline. This shift isn't just a fear-based tactic but a wake-up call for CISOs to explore new avenues to reinvigorate cybersecurity-related education and training in the face of a diminishing workforce pool. Jeremy Ventura, Director of Security Strategy & Field CISO, ThreatX  

Cloud Security

Supply Chain Compromises

SaaS providers with delegated access into customer environments via role assumption or persistent keys will see an increase in targeted attacks as threat actors focus on cloud supply chain compromise to target downstream customers of the vendors. Also, in 2024, a major cloud security vendor will be compromised and used as a platform to attack their customers. Jason Martin, co-founder and co-CEO, Permiso

Bull's-Eye on Serverless Architectures

Serverless architectures remain one of the prime targets for attackers in 2024. Misconfigurations in permission policies for IAM roles utilized by Lambda functions can result in significant impact. This gives attackers the ability to breach the cloud environment by granting unauthorized access to cloud accounts and then move laterally across the environment. Andi Ahmeti, Associate Threat Researcher, P0 Labs

Cloud Service Vulnerabilities Requiring Robust Disaster Recovery Plans

Cloud service vulnerabilities and outages will continue to pose risks, emphasizing the need for robust disaster recovery and business continuity planning. Josh Lefkowitz, CEO, Flashpoint

Explosion of the Attack Surface

As organizations undergo digital transformation efforts — including the widespread adoption of cloud services — to improve productivity and stay competitive, the future may see an increase in activities that introduce new technologies and processes that haven't been thoroughly secured. Cloud services, with their new interfaces, APIs, and communication channels, offer additional targets for attackers, thereby expanding the potential attack surface. Misconfigurations occurring in cloud services due to errors or oversights in the setup and management of cloud infrastructure and resources can lead to security vulnerabilities, data exposure, and operational issues. To mitigate these misconfigurations, conduct regular security audits; organizations should follow best practices provided by cloud service providers and implement continuous monitoring for potential issues.Neeraj Singh, Senior Security Researcher, WithSecure

Data Security and Confidential Computing

In 2024, all parts of confidential computing — hardware, software, CSPs — will come together for the first time. With confidential computing, customers have on-site equivalent privacy in the cloud and at the edge. This makes public cloud and edge a secure environment for every business, even for regulated industries and government organizations as well as for those processing highly confidential data or AI/ML workloads in the cloud.Brent Schroeder, Global CTO, SUSE

Confidential Computing Will Emerge as a Leading Force

In 2024, the rise of the zero-trust paradigm will drive a significant shift in security models, with confidential computing emerging as a leading force to implement this transformative approach. In the coming year, we can expect an increase in the integration of hardware-based confidential computing as cloud solutions strategically employ it to entice applications with heightened privacy and security demands. This trend will be especially prevalent in specialized domains such as machine learning, financial services, and genomics. Pankaj Mendki, Head of Emerging Technology, Talentica Software

Security Spending

Prioritization of Cybersecurity Will Become a Necessity

In 2023, we saw an increase in cybersecurity breaches, with more than one-third of IT leaders admitting that their organizations experienced at least two security breaches. Looking toward 2024, I expect an increased focus and spending on security measures, as demonstrated by the 62% of IT leaders increasing their budgets to add new security resources.Vicky Wills, CTO, Exclaimer

Economic Tightening Leads to Rightsizing of Cybersecurity Investments

As companies face economic challenges, there will be a strategic shift toward rightsizing cybersecurity investments. Organizations will focus on optimizing their cybersecurity spend, investing in scalable and efficient solutions that offer maximum protection without unnecessary expenditure. Husnain Bajwa, VP of Product Strategy, Beyond Identity

Technology Rationalization Efforts Will Increase

With many organizations facing flat or reduced security budgets due to the uncertain economy, many will find ways to save money and leverage efficiencies in their security teams by prioritizing technology rationalization. Technology rationalization entails reviewing what vendors and tools you currently use and then evaluating whether you are leveraging all capabilities of the tools you currently have, eliminating tools that you no longer need, and finding ways to integrate and optimize tools. Technology rationalization provides a way to strengthen your security posture without added budget. Max Shier, CISO, Optiv

Higher Cyber Budgets for SMEs

As the largest-at-risk segment in the market, the focus will be on small and medium-sized enterprises (SMEs) in the new year. 2023 was a year of growth and stability in the cybersecurity industry. However, we suspect underlying issues in the market, including increased attacks and contractual requirements from business partners, will cause a major shift in 2024, leading to higher cyber budgets for SMEs. 2024 will also see an increase in attack volume and sophistication as cybercriminals further adopt AI to create more convincing malicious emails and accelerate malicious code development. We expect financial losses from cybercrime to continue to grow as the vast majority of SMEs are underprotected and underinsured. Xing Xin, CEO and co-founder, Upfort

Mergers and Acquisitions

More M&A Activity That Consolidates Tool Sprawl

The uptick in M&A activity within the cyber sector in 2023 (Palo Alto Networks acquiring Dig Security and Talon, Crowdstrike buying Bionic, Thoma Bravo's merger of Forgerock and Ping Identity, etc.) is a compelling trend that will continue into 2024. This surge, although driven by the down market, addresses the fragmentation of cybersecurity solutions. Managing all of these tools, and overseeing the sheer volume of software can be extremely overwhelming for today's CISO. This complexity can lead to significant error, overlapping functions, integration issues, and increased operational overhead. To address these pressing needs for customers to eliminate these challenges, we'll see more vendors in 2024 make strategic M&A moves to broaden their platforms.Ev Kontsevoy, CEO & co-founder, Teleport

More M&A Activity in the DSPM Space as the Cloud Becomes Cybersecurity's Next Battleground

The uptick in M&A activity within the cyber sector in 2023 — such as Palo Alto Networks acquiring Dig Security and Talon — will continue into 2024 as major players in the space try to put their stake in the data security posture management (DSPM)  game. The cloud is cybersecurity's new battleground, with tool sprawl and solution siloes creating backdoors for threat actors. Expect industry leaders to borrow the wisdom of tool consolidation and seek acquisitions that will bolster their platforms and achieve data visibility at scale. It's necessary for cloud security vendors to expand their proactive and reactive offerings for security teams fending off sophisticated AI-powered attacks. Eyal Momo, VP of Engineering, Crowdstrike

Consolidation of Passwordless and Credential Management Companies

In 2024, we'll start to see mergers between passwordless and credential management companies, which will create a new category in the authentication space: think "passwordless plus." This movement will be similar to the consolidation we saw a few years back between identity management and access management companies, which resulted in the identity and access management (IAM) industry. True passwordless technology removes passwords and other shared secrets completely. When you do that, the next step becomes modernizing account recovery. Traditionally, this is where password managers came in. In a passwordless world, however, vendors need to be able to offer passwordless recovery. Given this, the next natural step in the authentication industry will be passwordless technology vendors and credential management companies joining forces.Bassam Al-Khalidi, co-founder and co-CEO, Axiad

Security Threats, Compliance Requirements Will Drive M&A IT Integrations

In 2024, economic uncertainty will continue to slow the pace of M&A, therefore also slowing the pace of IT integrations for older M&A deals. The full integration and consolidation of key cloud and security technologies will hinge on the ability of employees from various organizations to collaborate seamlessly. Organizations may be tempted by the state of the economy to be cautious and delay the final stages of integration. However, if an organization experiences a security breach, fails an audit, or falls out of regulatory compliance, this will accelerate the consolidation process and may escalate to other reputational or financial issues. Ultimately, the need for enhanced security and compliance will take precedence over economic uncertainties and, after a trough in activity, will lead to a sustained push for IT integration. — Sergey Medved, Vice President of Product, Quest Software

Governance, Risk, and Compliance

The Industry Will See More Regulatory Pressure

So much of the world is now controlled by or through software. As a result, world-renowned cryptographic experts like Bruce Schneier have advocated for increased regulation, even going as far as to say we need to start regulating software the same way we do air space. While there is no silver bullet, and I don't recommend we regulate all software like this, there are certainly critical software systems comparable to airplanes in terms of potential damage. It's no coincidence that Gartner predicts that 45% of CISOs will expand their remit beyond cybersecurity, due to increasing regulatory pressure and attack surface expansion. Expect this trend to begin in 2024 and quickly snowball over the next five years.Ev Kontsevoy, CEO & co-founder, Teleport

Privacy Laws Will Continue to Be Implemented in Piecemeal Fashion

Organizations are trying to keep up with state, federal, and industry compliance requirements. In 2023, Colorado and Virginia had privacy laws become effective, and California's amended privacy law also became effective. Several other states in the U.S. and several other countries have privacy laws in process as well. This has added to the numerous privacy laws that companies already have to comply with, making it an extremely daunting task to stay on top of the different requirements. Managing privacy in companies has become a full-time job, and we will see companies change how they approach it with dedicated teams and services to manage data that falls under these requirements. I expect this to continue to be a hot topic in 2024 as more laws are passed. Max Shier, CISO, Optiv

GRC Will Be Profoundly Transformed by Continuous Controls Monitoring

In 2024, governance, risk, and compliance (GRC) teams are going to finally catch a break with the broader adoption and use of nascent continuous controls monitoring (CCM) technologies. At the mercy of mostly manual processes and tools like Excel and PowerPoint to keep track of compliance gaps and issues, GRC teams — especially in large organizations — have been challenged to keep up to date with their organization's security, risk, and compliance posture. GRC professionals will be the key drivers behind the rapid adoption and use of CCM, and they'll be able to track and manage adherence to compliance in near real-time. As a result, we'll hear about dramatic reductions in compliance fines and penalties being levied against large organizations, and we'll start to see cyber insurance carriers mandate the use of CCM in order to obtain or renew insurance.Nicole Bucala, VP & GM, Comcast Technology Solutions

The Responsibility of Security Vendors Will Evolve as Cybersecurity Regulations Change

In 2024, as cybersecurity regulations become stricter, organizations will face an increased pressure to comply, as seen with the new SEC rules on cybersecurity for both public and private companies. This will place a greater responsibility on security vendors to support both the infrastructure and data protection components required for compliance. In an effort to embrace this shift, leaders must evaluate their communication strategies to ensure all employees understand their own responsibility and ownership, ensuring security is not an afterthought. — Bret Settle, President & Chief Strategy Officer, ThreatX

Shift Toward Governance as the Key Focus for Data Security Decision-making

The movement of enormous amounts of data in the cloud presents a new and challenging dynamic for teams trying to manage complex compliance requirements across different regulatory frameworks. Along with stricter data protection laws and growing concerns about privacy, organizations must adopt holistic compliance strategies in 2024 to align with these evolving requirements. Gartner analysts estimate that through 2025, 80% of organizations seeking to scale digital business will fail because they do not take a modern approach to data governance. Governance will be at the forefront of business priorities in 2024 as organizations are facing more risks of financial loss and reputational harm as a result of poor governance practices. Business leaders must bring compliance and legal to the security decision-makers table to ensure adherence to global regulations like GDPR and CCPA, as well as enforce the significant change in behavior security teams will have to make to achieve an effective approach to data governance. Ron Reiter, former member of IDF's Unit 8200 and current CTO & co-founder, Sentra

The CISO Will Step In to Help Govern Compliance and Proper Use of Data and AI/ML

While more than capable of functioning within the DevOps paradigm, data scientists are not security experts. Data scientists should not be the only ones thinking about whether or not the data being used to train AI/ML models contains bias. Rather, the onus is on the CISO to step in and establish standard governance and compliance policies around integrating security into AI/ML pipelines, and models to avoid model bias.Kevin Cochrane, CMO, Vultr

Cybersecurity Techniques and Strategies

SIEM Will Become Irrelevant as Security Teams Turn to Intelligent Threat Analysis

In 2024, next-generation threat intelligence and analytics solutions will phase out security information and event management (SIEM) systems. These modern solutions enable security teams to extend capabilities beyond log analytics to access the context provided by a broader range of data modalities and different types of AI, including generative, causal, and predictive techniques, working together. As a result, organizations will gain access to deeper and more accurate, intelligent, and automated threat analysis, helping to protect their applications and data from increasingly sophisticated threats. Bernd Greifeneder, Chief Technology Officer and Founder, Dynatrace

Trend Toward Best-of-Breed Solutions

The previous year's trend toward bundled cybersecurity solutions will face a correction in 2024. Companies will realize that a one-size-fits-all approach does not effectively address their unique security needs. This will lead to a renewed interest in best-of-breed solutions, with organizations selectively integrating specialized tools for more tailored and effective cybersecurity strategies. Husnain Bajwa, VP of Product Strategy, Beyond Identity

Consolidation of Tech Stacks and Increased Adoption of Single-Pass Architecture

The historical divide between Next-Generation Firewall (NGFW) technologies with stateful inspection and proxy technologies with Secure Web Gateway (SWG) will diminish. With advancements in computing and changes in consumption models to be as-a-service, there will be a convergence of these technologies. More organizations will adopt a single-pass architecture for network security. A single-pass architecture allows organizations to benefit from both stateful inspection and proxy-based deep analysis without having to choose between them. It enables comprehensive security measures without compromising on performance or introducing unnecessary complexities and allows organizations to simultaneously address access control, data leakage, and threat protection in an efficient manner. Renuka Nadkarni, Chief Product Officer, Aryaka

Elevating Third-Party Security: Navigating the Unseen Terrain of 2024

In 2024, the reliance on third-party tools will reach new heights, yet the lack of security visibility will make them prime targets for cyberthreats, requiring organizations to shift toward developing proactive measures versus reactive strategies to stay ahead. Tools like runtime protection powered by eBPF offer invaluable observability and blocking techniques, enabling organizations to identify vulnerabilities and block attacks like never before. In the new year, organizations must question vendors on how they monitor for suspicious behaviors that might indicate a potential vulnerability or actual attack vector, marking an evolution in cybersecurity strategies that are, first and foremost, vigilant, adaptable, and strategic. — Bret Settle, President & Chief Strategy Officer, ThreatX

Business-Centric Security Solutions

Organizations will move away from a technology-centric approach to security problem-solving and instead focus on addressing specific business challenges. To that end, enterprises will increasingly adopt a unified Secure Access Service Edge (SASE) architecture. SASE combines network security functions with WAN capabilities to support the dynamic, secure access needs of organizations. The emphasis will be on understanding and solving common business problems related to security, such as access control, threat protection, and data leakage. Renuka Nadkarni, Chief Product Officer, Aryaka

Expect a Move Toward Context Risk Scoring to Discover the Truly Exploitable Vulnerabilities

Since 2016, new vulnerabilities reported each year have nearly tripled. With the number of discovered vulnerabilities increasing at an exponential rate, organizations need to move past CVSS for vulnerability prioritization in 2024 and toward context risk scoring. While CVSS demonstrates how easily a package can be hacked, it fails to provide more detail on how an organization uses an application, where it's deployed, data connections, and exploitability. That context is crucial for rapidly prioritizing and fixing critical threats before they impact the business. By moving toward context risk scoring in 2024, businesses will be able to turn down the noise from irrelevant security alerts and refocus professionals' attention on the 5-10% of alerts that are exploitable and create business risk. This is especially important as the surge in applications and shift to continuous delivery in the coming year will introduce new attack surfaces and attack vectors at an unimaginable rate. Eyal Momo, VP of Engineering, Crowdstrike

Cybersecurity Teams Will Make the Jump Into Data Lakes to Wrangle Siloed Data

It's been the lament of cybersecurity teams for years: All those security tools are producing a ton of great data, but it's really difficult to combine that data quickly and easily to find and take action on threats. Security information and event management (SIEM) solutions help, but they're expensive and limited by storage and ease of access. In 2024, data lakes will beckon, and security leaders will look from beyond their pond to see if they can obtain a little of that beach-front property being used by their colleagues on the IT, data, finance, HR, or other teams. Data lakes for security — or security data lakes — will go mainstream, providing a much better option for bringing together and storing all that siloed security data. The result will be vastly improved cybersecurity through faster threat detection and mitigation, and better adherence to compliance mandates. Nicole Bucala, VP & GM, Comcast Technology Solutions

Organizations Will Prioritize Investment in Proactive Cybersecurity Measures

Instead of playing catchup when it comes to the security of emerging tech like generative AI, organizations will prioritize proactive cybersecurity measures, including employing AI and automation to safeguard against increasingly complex data threats. Heather Hinton, CISO, PagerDuty

Integrating PAM With Enterprise IT Tools

Beyond the IT perimeters, privileged access management will also soon take precedence across every enterprise workflow that requires access scrutinization and monitoring. This is what will give complete visibility and control over all the privileged identities across an enterprise. Thus, PAM tools will become the command center of all identity-related operations when they offer tight integrations with every essential enterprise IT tool. — Kumaravel Ramakrishnan, Director of Marketing, ManageEngine  

Security Automation Will Go Deeper and Wider

As cloud migration grows to the next level, with the tools and platforms more ready, automation became a critical need. The same thing should happen for security solutions. For scale, speed, efficiency, and manageability, security policies will be automated in pipeline and runtime both. Security policy as code will be the preferred approach for security automation. Fei Huang, VP of Security Strategy, SUSE

Secure Software Supply Chain and Certifications

In 2024, certifications such as Common Criteria EAL 4+ for Linux operating systems will be a critical factor for companies and organizations. Common Criteria EAL 4+ certification includes that software production and delivery processes follow a secure software supply chain. This is a huge advantage for customers considering NIS-2 regulations, as this certification provides a significant reduction in legal liability.Brent Schroeder, Global CTO, SUSE

Decoding the Future of Cybersecurity With Next-Gen KPIs

Cyber-related incidents are estimated to reach around 33 billion account breaches by the end of 2023 — meaning in 2024 security professionals must redefine their arsenal of metrics or risk falling behind. Beyond the routine incident counts and response times, a paradigm shift will occur — adopting operational-level metrics. Organizations will seek to predict and demonstrate the true efficacy of their security strategies and will find that integrating innovative risk quantification metrics can translate into better tangible outcomes in revenue, budget allocation, and, most crucially, cyber resilience. Security professionals will begin assessing the impact of cyberthreats on budgets and adopting health score systems reminiscent of credit reports. Jeremy Ventura, Director of Security Strategy & Field CISO, ThreatX

The Indispensable Role of Ethical Hackers in Tomorrow's Cyber Defense

As cyberthreats grow in sophistication, organizations must evaluate their risk levels and vulnerabilities. While automated tools offer valuable assistance, they can only get security teams so far before threat actors' creative techniques outpace them. In 2024, the importance of ethical hackers cannot be overstated. Emerging technologies such as AI/ML still play an important role — but ethical hackers are unique in their abilities to think and act like malicious hackers. Their expertise remains a linchpin, pinpointing vulnerabilities that automated tools might miss at a level of accuracy needed by organizations. With future attacks poised to be more cunning and advanced, ethical hackers are a frontline defense, blending human intuition and technical acumen to guide and fortify organizations' defenses against unseen dangers in the threat landscape.Andrius Useckas, CTO & CISO, ThreatX

Operational Simplicity and Holistic Security Solutions

In a world marked by network and security complexity, the trend of simplification will take precedence over mere cost-cutting measures. There will be a significant shift away from traditional, fragmented network security architectures toward more unified and operationally simple approaches. Enterprises will prioritize simplifying their tech stacks, moving away from siloed point solutions. Unified approaches like SASE will gain traction as organizations seek to streamline network and security management for enhanced customer experiences and cost savings. Organizations will prioritize solutions that reduce the operational challenges associated with managing multiple security technologies, thereby enhancing overall efficiency. There will be a growing trend toward holistic security solutions that can effectively address multiple security challenges simultaneously and offer integrated approaches to access control, threat protection, and data leakage prevention, contributing to a more cohesive and robust security posture. Renuka Nadkarni, Chief Product Officer, Aryaka

Decentralization, Security, and IoT Will Remain Significant

The fundamental priorities have not changed — the need for and use of security and cloud computing accelerated during the pandemic and will continue to be significant in 2024. Monitoring, servicing, and managing office technology and IT devices at scale are essential to help simplify workflows and aid in productivity. To do so, IT must invest in office technologies that enable businesses to remain secure, confidential, and competitive. Having a decentralized footprint is also significant as more employees adopt the "work from anywhere" regimen, prioritizing the need for devices in the field to communicate, store, and transfer data from any place at any time. Additionally, generative AI's rapid expansion into the offices increases the risk of cyber-attacks — forcing technology and IT resources to continue evolving. Companies are upping their security awareness and implementation as legacy equipment might not have the right security measures to take on today's bad actors, and we know that today's hackers are smart. While device security is one component, IT departments must have security measures in place to protect their networks and the confidentiality of documents.Fernando Maroniene, Senior Director of Product Marketing, Brother International

2024 Will Continue to Be a World of Scarcity for IT

The ability to do everything will not exist, and the demands will, if anything, continue to increase, making operations more challenging for IT professionals. Veeam's research continues to show over the last three years that cyber issues are impacting digital transformation goals for businesses, and at the same time, ransomware attacks are rising and often becoming more impactful. The solution is to realize that "You likely cannot do everything, but you can do something." The best plan forward for IT is to begin to address technical debt, starting with patching critical systems and ensuring that the backup systems are properly protected with multi-factor authentication (MFA) and immutability for backup data. Dave Russell, VP of Enterprise Strategy, Veeam Software

Printer and Camera Security

Both printer and camera security will play a huge role in protecting businesses' networks to ensure malicious actors stay out of their mobile operations. Shash Anand, SVP of Product Strategy, SOTI


Mainstream Passkey Adoption Will Quickly Rise

Passkeys are a relatively new security method, but they have proven more secure than traditional techniques. Additionally, it's an attractive option for consumers because it leverages the power of biometric methods (with a fallback to a PIN system if biometrics aren't available) to protect accounts and allow them to go passwordless. Passkeys were first introduced and used in 2022 by major tech giants, including Apple, Google, Microsoft, and Best Buy. And in 2024, we can expect them to be rapidly adopted more widely. Passkeys are gaining popularity because they remove the need for an application or user to save private, valuable data such as a hashed password. Instead, the application stores a public key, and each user's device securely holds the corresponding private key. This makes it virtually impossible for hackers to get users' information because even if they hack into the public key, the private key (or biometric information) is safe because it doesn't leave the device. This will be a game changer for the future of authentication and password management because passkeys are decentralized, consumer-friendly, secure alternatives for protecting your data — and it's what consumers want — which is why we can anticipate it being used more widely in the coming year.Brian Pontarelli, founder and CEO, FusionAuth

MFA Bypass Techniques Become More Sophisticated

Enterprises will have to accelerate movement away from multi-factor authentication (MFA) solutions that don't rely on biometrics or hardware keys as MFA bypass techniques become more effective.Jason Martin, co-founder and co-CEO, Permiso

Continuous Authentication Gains Traction

Continuous authentication, particularly using OpenID Connect's Shared Signals Framework, will become increasingly popular for high-sensitivity applications like human resource information systems (HRIS). This approach, which continuously verifies a user's identity, will be recognized as essential for protecting sensitive data and maintaining compliance with evolving privacy regulations. Husnain Bajwa, VP of Product Strategy, Beyond Identity

Breaches Caused by Human Error Will Lead to Adoption of Secretless Access

2023 was a year defined by human error in costly security breaches –– according to Verizon's 2023 Data Breach Investigations Report, the human element features in 74% of all breaches. Mistakes such as privilege misuse, accidental data exposure, and falling victim to social engineering attacks stem from various human factors, and the critical consequences of the compromise of secrets. This has resulted in organizations embracing biometric hardware and identity verification, but attackers are no longer solely fixated on stealing passwords. They are actively seeking a range of secrets embedded within an organization's infrastructure, including browser cookies, private keys, API keys, and session tokens. To keep up with the pace of threats, organizations will recognize they must move to fully secretless authentication in 2024 to secure the wider spectrum of sensitive access points still vulnerable to threats. As organizations look to eliminate their reliance on static secrets altogether, widespread adoption of secretless access in the coming year will create immunity to human error and significantly hamper how threat actors operate.Ev Kontsevoy, CEO & co-founder, Teleport

For more 2024 trends stories, check out the list below:

About the author

Rick Dagley headshotRick Dagley is senior editor at ITPro Today, covering IT operations and management, cloud computing, edge computing, software development and IT careers. Previously, he was a longtime editor at PCWeek/eWEEK, with stints at Computer Design and Telecommunications magazines before that.
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.