top of page

Quorum Cyber 2024 Outlook: AI-Enabled Phishing Attacks, Cybercrime-as-a-Service, LLMs, IoT & OT Monitoring, and Security Posture Management Advancements

This guest post was contributed by Steven Marandola, VP of Innovation; Penny Allen, Solutions Director;  Paul Cullimore, Solutions Director,  Quorum Cyber  There are many well-known proverbs warning people to avoid trying to accurately predict the future but in cybersecurity we have lots of data that points us to the general direction of travel.

So, although many outcomes are certainly possible in our fast-moving industry, here are some of the main trends that we believe you can expect to come to fruition in the next year.

Advancements in generative artificial intelligence (AI) will lead to voice and video phishing attacks becoming much more frequent and also more difficult to identify. A video of someone talking about a particular subject won’t mean it’s actually true. Unfortunately, we haven’t yet developed the countermeasures to be able to detect which videos or voice recordings are genuine and which are fake.

AI will certainly alter the jobs market, but we very much doubt it will alleviate all of its pressures. As the cyber threat level increases, organizations will require more senior and experienced talent to tackle the most complex work, so this will likely lead to a shortage of talent. However, at this stage, it’s impossible to know exactly where the demand will shift to.

While nothing is guaranteed, of course, we think that the next 12 months could very well see quite a few other interesting developments unfold.

For a start, we foresee improved data analysis to inform decisions in cybersecurity. Today’s large language models (LLMs) will provide much more machine-led feedback of a higher quality than we receive today. LLMs will also enable us to improve the quality of incident tickets to speed up the work of security analysts and allow them to communicate much more clearly to people in other roles, especially to their non-technical colleagues. Overall, the information flow from systems to technical employees to non-technical employees will be significantly smoother than it is today.

It’s already becoming evident that employees who don’t utilize AI in some way will likely be left behind as it is certainly a force multiplier that enables companies’ employees to be more productive. In cybersecurity it will be used for alert handling, response guidance, vulnerability assessments, designing red teams and tests, and much more. As AI tools are developed further, we’ll find more appropriate ways to combine them with human ingenuity to allow us to achieve even more.

However, cybercrime-as-a-service will continue to grow – attackers will sell access to offensive tools or sell specific capabilities – enabling less capable criminals to create and distribute malware and conduct cyber-attacks or fraudulent acts. We are seeing an increasing number of companies that have clearly been hit by attacks where more than one criminal group is involved.

Cybersecurity monitoring of the Internet of things (IoT) and Operational Technology (OT) will continue to become more mainstream with the release of new products, making it more practical for businesses to monitor devices that cannot be covered by on-device agents. In particular, we’re already seeing manufacturing, food processing, healthcare, and similar industries (which haven’t previously had the pressure that the critical national infrastructure space has) increasingly monitoring their OT in this way.

For years, the industry has been heavily weighted to reacting to incidents once they have occurred. It’s time for it to invest as much time in preventing the incident in the first place. Enter the fast-growing domain of security posture management. Today, this can be achieved across different cloud platforms. However, in 2024 it’s the ability to measure security posture management that will get more interesting as companies expand the features and toolsets of their services (including third parties) to include preventative controls and extensive exposure management scoring to lower everyone’s security risk profile. Expect to see new dashboards, across-the-board product integrations and naturally a splash of AI to bring it all to life.

And here’s a prediction that we’ve been making for years and perhaps this time it will become a reality. There are several approaches which have enabled people to go password-less in certain scenarios. This year, FIDO PassKeys helped to start making the password-less approach viable for websites whilst being supported by all the major players. This could be the year that passwords finally start to die off.

Founded in Edinburgh in 2016, Quorum Cyber is one of the fastest-growing cybersecurity companies in the UK and North America with over 150 customers on four continents. Its mission is to help good people win and it does this by defending teams and organizations across the world and all industry sectors against the rising threat of cyber-attacks, enabling them to thrive in an increasingly hostile, unpredictable and fast-changing digital landscape. Quorum Cyber is a Microsoft Solutions Partner for Security and member of the Microsoft Intelligent Security Association (MISA). 

bottom of page