The year of 2023 has seen a wave of more sophisticated cyberattacks and data breaches impacting essential services and industries.
Threat actors have been using new tactics in order to threaten or extort victims, leading both lead customers to fall victim to phishing scams, data breaches, or fake payment portals. As a result, businesses are having to rush to keep pace by utilising innovative cybersecurity strategies.
With this in mind, Cyber Magazine hears from some of the cybersecurity leaders at specialist organisation, Integrity360, about what the threat landscape could look like in 2024.
Continuous threat exposure management likely to become mainstream
Integrity360 has predicted further evolution of threat exposure management and prioritising risks moving forward. With both established and newer technologies currently focused on continuous threat exposure management (CTEM), the company sees these strategies becoming more mainstream in 2024.
Brian Martin, Director of Product Management at Integrity360, says: “CTEM will enable organisations to be more proactive about identifying and assessing key problem areas in the attack surface that have grown substantially in the last couple of years. However, this will extend beyond simply identifying and addressing vulnerabilities, enabling organisations to alter their posture, looking at users, security controls and other key pieces of the puzzle needed to change to ensure best practices are embraced.
Industry professionals embracing CTEM is also likely to accelerate the convergence of key security tools, according to Martin.
He says: “When we talk about threat exposure management, there’s a few different pillars, products and capabilities including: external attack surface management, cyber asset management, attack path management, digital risk protection, vulnerability assessment and management, continuous testing. Currently, these are all separate products – something that’s likely to change in the year ahead.
“Consolidation is going to be a theme for 2024, as previously standalone products continue to become features of broader overarching solutions, such as CTEM programmes.”
Clarity on generative AI and security
The hope across the cybersecurity sector is that the impact of generative AI will become clearer in 2024. Director of CST Services at Integrity360 James Hinton says: “In surveying 205 IT security decision makers in August 2023, Integrity360 found that more than two thirds (68%) are worried about cybercriminals’ use of deepfakes in targeting organisations, for example.
“The impact of deepfakes has already been demonstrated. These are not things that could happen, but something that is happening. Today, it isn’t all that difficult to use small snippets of audio conversations to replicate someone’s voice. So, how do we regain trust and ensure we’re able to confirm people are who they say they are beyond being able to see and hear people to prevent fraud?”
While AI is being used by so-called bad actors in this way, Hinton highlights that the technology does have the potential to be used for good in security solutions.
He continues: “In 2024, we’ll see the proliferation of AI and generative AI platforms being integrated into security tools, allowing huge amounts of data to be processed much more quickly, which will speed up operations such as instant response. Where AI can triage data really quickly and provide the results, organisations won’t necessarily require skilled analysts to write custom queries.
“AI can be used to complete such tasks, freeing up highly skilled security professionals to focus on higher value tasks. We’re also seeing how technology is making it significantly more difficult for threats such as malware to bypass detections.
“Where AI is becoming increasingly good at learning what’s normal for specific environments, malware now needs to be tailored to meet the specific rules in individual environments to even stand a chance of bypassing detection. In this sense, while the threats will grow, defences will also advance with AI.”
Threat actors bribing employees “ramping up” insider threats
With AI starting to be built into security tools and external perimeter controls are improving, cybersecurity professionals are now starting to see ransomware groups simply bribing employees.
“Ways of working with threat actors are becoming harder to detect, with insider threats pretending to accidentally slip up in providing attackers access to systems and/or information,” says Zach Fleming, Head of Red Teaming at Integrity360.
“If you’re a disgruntled employee and you work in a company as a helpdesk engineer, they’ll send you an email where you’ll deliberately click on a link where you’ll give them credentials to access a company portal. If they’re successful in extorting the company, they’ll pay that employee up to 70% of whatever the extortion amount was.
“If you’re that insider threat actor/employee, it’s a high reward and it is low risk – you can’t go to prison for being bad at spotting a phishing email. Now, for an extra 10% fee, they’ll start washing the money through legitimate shell companies.
He adds: “That’s becoming rampant – a couple of ransomware groups have started doing it, and we’re picking up on it quickly.”
Please also check out our upcoming event - Sustainability LIVE Net Zero on 6 and 7 March 2024.
BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.
BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.