We heard from a panel of distinguished cybersecurity experts from AT&T Cybersecurity, Deep Instinct, True Anomaly, Immersive Labs, Appfire, Ping Identity, Amplitude, and Silverfort, who share their insightful predictions for AI's role in the evolving cybersecurity landscape in 2024.
Bindu Sundaresan, Director, AT&T Cybersecurity
With budgets tightening across the board and competition for a limited pool of IT and security talent growing fiercer, cyber as a service providers have become an optimal solution for many companies. I predicted this in 2023, and the same theme rings true for the coming year. Over the last year, cybersecurity has become an increasingly important aspect of doing business, with more and more companies falling victim to cyber-attacks each year. As a result, many businesses are turning to Cyber Security as a Service (CSaaS) solutions to protect themselves and their customers from cyber threats.
CSaaS is a subscription model that offers organizations cybersecurity protection on demand. CSaaS can help organizations reduce the cost of ongoing security investments while allowing businesses to focus on what’s really important to them. In response, knowing they can count on their partners to focus on specific vectors, internal security teams can concentrate on their core missions. This could be high-priority or critical items within security or something completely outside of cyber that simply needs more attention at a given time. Most importantly, the flexibility of CSaaS allows the services utilized to change over time and be periodically realigned to ensure the customer’s business needs are being met.
John Cannava, Chief Information Officer, Ping Identity
Artificial intelligence (AI) has infiltrated the workforce at an unprecedented rate, adding greater IT complexity to today’s hybrid work model. To date, CIOs have played an important role in implementing the emerging technology within organizations in a secure, effective and efficient manner. But in 2024, CIOs will become AI leaders, collaborating closely with the CISO, CHRO and Legal to ensure continued secure and ethical use of AI in internal processes and external innovations.
We’ll also see the emergence of new C-suite roles, like Chief AI Officer, who will partner with CIOs to ensure AI adoption continues to grow and emerging regulations are adhered to across the enterprise.
Diana Lovati, CISO, True Anomaly
In 2024, geopolitical instability will continue with hacktivist activities accounting for a large portion of cyberattacks. The rise in AI use will create more AI-directed cyber attacks as threat actors see immense opportunities to move faster and create widespread effects. There will be increased emphasis on securing supply chains and protecting critical infrastructure. Zero Trust Architecture principles will also become front and center as the first line of defense, requiring verification of anyone connecting to systems, regardless of whether they are in or outside of networks.
Kev Breen, Director of Cyber Threat Research, Immersive Labs
Too much time for exploitation
Despite government intervention to try and strengthen transparency and guidance around cybersecurity practices, many standard implementations still haven’t kept pace. For example, FedRAMP guidelines say organizations have 30 days to remediate high-risk threats — yet attackers just need one day to discover a vulnerability and take advantage to wreak havoc on systems and cause costly damage to organizations. Cybercriminals will likely continue to have first mover advantage, so it is security teams' responsibility to assume compromise and remain cyber resilient as it is unlikely that guidelines such as FedRAMP's will be updated to meet the standards of today's threat landscape.
Ransomware isn’t going anywhere, so be prepared
One can hope that organizations have learned from the major data breaches we’ve seen over the last year, but we unfortunately continue to see a lot of organizations who are simply not ready to handle the impact of a ransomware attack. Organizations still fall victim to the tried and true tactics that cyber criminals use to gain access to their most sensitive information and despite government advisories saying otherwise, they continue to pay the ransom — which is why this attack style is still popular. We should expect to see ransomware groups leveraging new techniques in Endpoint Detection & Response (EDR) evasion, quickly weaponizing zero days and as well as new patched vulnerabilities, making it easy for them to bypass common defense strategies. As a result, security teams can't rely on an old security playbook. Companies should not worry about how they can detect everything, and instead just assume at some point it will go badly so you should have plans in place to best respond.
Doug Kersten, CISO, Appfire
Defending against AI-powered threats will require more cross-team collaboration within organizations
With the advent of generative AI, many aspects of security — that we thought were solidly resolved — have become less predictable and, therefore, more difficult to address. For example, it has been believed for some time that the security bases were covered with specific rules around the handling of protected data in non-production environments. However, AI used in the development process now has the potential to expose protected data and intellectual property in unexpected ways. In the short term, it will be critical for cybersecurity teams to re-evaluate the impact of AI on the workplace and project management. This means a more hands-on approach by legal, privacy, and security teams working with DevOps teams, and product teams rethinking how they approach AI and its integration into products and workspaces. This will lead to longer-term solutions that will involve tighter technical and non-technical cross-team collaborations than we have seen in the past.
Carl Froggett, CIO, Deep Instinct
Quantum computing will continue to collide with AI, causing destruction
While there are still a lot of unknowns, the intersection of quantum computing and Artificial Intelligence (AI) will take the cybersecurity and tech industry by storm—and blow traditional computing capabilities out of the water. Quantum computing is likely to become disruptive—if not destructive—the more it integrates with AI and gets into the hands of bad actors. Recently, the Cybersecurity and Infrastructure Security Agency, the National Security Agency, and the National Institute of Standards and Technology published a quantum “fact sheet” to help industries prepare now for the inevitable future—which is coming sooner than we think.
Terry O’Daniel, Head of Security, Amplitude Customers will demand more from data security, from code to runtime
More digital privacy regulations are being released all the time, leading to a fragmented regulatory landscape in which companies must meet a minimum bar to do business in the global marketplace, while still addressing the specific requirements on a national or state level. Misconfiguration of infrastructure assets that contain sensitive data continues to be one of the most likely attack chains for a data breach, and customers will become increasingly sensitive to the story SaaS providers can tell around their data classification and protection capabilities.
2024 will be the year of AI governance models
Companies have had a wide range of reactions to the explosion of AI/LLM integration into products and services. Neither of the extreme approaches (allow all/deny all) will work here because AI is quickly becoming a competitive advantage for those companies who are able to take advantage of the benefits. But we are likely to see an increase in calls for AI governance models as vulnerabilities are exploited, data leaks occur, and security teams tie the threads together to form robust attack-chain models that incorporate AI.
Yaron Kassner, Co-founder and CTO, Silverfort
From Backstage to Spotlight: Identity's Role in 2024
As we approach 2024, the ever-changing cybersecurity landscape demands a radical shift in how organizations tackle identity management. Historically, identity and access management handled access to systems and devices, Multi-Factor Authentication (MFA), and governance, pushing security concerns into the background. However, recent high-profile breaches, such as Okta, MGM, and Caesars, underscore the need to secure identities beyond MFA. In 2024, securing identity blind spots (e.g., service accounts, legacy on-prem systems, command-line interfaces, IT/OT infrastructure) and the identity infrastructure will finally take center stage.
Compromised identities will remain a favored weapon for cybercriminals. Countless organizations struggle to modernize their access systems amidst legacy constraints and a tangled web of identity providers. Adding to the complexity, the lines between IT, operations, and security teams are blurring, creating ripe opportunities for malicious actors. Identity infrastructure is the most unprotected part of the technology stack and needs protection just like any other cloud, endpoint, or network, and organizations are realizing this.
In the new year, I hope to see a shift in priorities, with organizations actively seeking to secure identities beyond human identities and identity infrastructure.