If the past year has taught us anything, it’s that the cybersecurity threat environment will continue to be volatile. From ongoing geopolitical conflicts to the usual suspects of ransomware and credentials targeting to technological changes associated with AI, you can expect to see major issues shaping the cybersecurity threat environment.
My colleague, Alex Cox, and I recently shared our predictions for 2024 with VMBlog. Among the highlights:
- Ongoing ransomware threats will elevate the importance of prompt vulnerability patching and boosting defenses in data loss prevention (DLP) to stay ahead of these developments. Given ransomware gangs’ success exploiting vulnerabilities such as Citrix Bleed and the MoveIT issue earlier this year, we expect to see these tactics grow in adoption and drive a further expansion of the zero-day market. With regard to DLP, as ransomware groups rapidly shifted from encryption to data exfiltration, data loss prevention is more important than ever as a cornerstone of ransomware prevention.
- The move to passwordless authentication is becoming a reality. As exposed valid credentials continue to be one of the largest drivers for data breaches and ransomware infections, the need to move to passwordless authentication is clear. As passwordless authentication becomes commercially viable, expect to see more and more technology providers offering this feature.
- Expect AI to accelerate changes in both offensive and defensive measures in cybersecurity. Threat actors are leveraging AI to improve malware development, improve obfuscation, and generate more convincing phishing emails while cybersecurity defenders are adopting AI to detect and stop attacks more rapidly. We can expect to see new developments on both sides as the cyber arms race around AI develops.
Share this post via:
