As we stand on the horizon of another transformative year in cybersecurity, it’s time to peer into the future. We gathered around our crystal ball and forecast events, accelerating trends and looming decisions that will shape our industry. As we do every year, we developed a set of predictions about what 2024 holds of the industry and ourselves. This year, we decided to focus on the predictions with higher confidence levels only.
Prediction 1 – During 2024, Cybersecurity teams will begin to create dedicated roles to curate, mature and constantly improve the response from AI-powered co-pilots.
Cybersecurity teams have already recognized the value of AI powered “co-pilots”. This use of AI can help scale security teams by enabling on-demand security input across an organization. However the value can be eroded without continious care. Therefore security teams will need to plan for this. We anticipate the creation of dedicated roles to curate, mature and constantly improve the responses from these LLM’s.
Confidence Level: 67%
Prediction 2 – By the end of 2024, a Large Language Model will be named in one forensic incident response report. Attributing Use of the LLM’s use in a large-scale cybersecurity incident.
No surprises here. Cybercriminals and nation states will use Generative AI and large language models (LLMs) more. The use of these models to augment their existing attacks and information operations is inevitable. Determining which LLM was used to make the content and material (including voice and video) may not be front of mind. Nonetheless we expect that at least one forensic incident responder will go the extra attribution step and name the model or service used.
Confidence Level: 72%
Prediction 3 – By the end of 2024, There will be a concerted effort among vendors to address potential misuse by cybercriminals through identity proofing, threat intelligence capabilities and reduction of free tier capabilities.
Criminal misuse often overlaps directly with the benign applications of LLMs, particularly in tasks like drafting emails or generating content. To combat this, vendors will explore multiple strategies to prevent malicious use. This includes robust identity proofing measures, integration of threat intelligence capabilities and reduction of free tier capabilities.
Confidence Level: 89%
Prediction 4 – Through 2024, there will be a significant increase in attempted extortion attempts. A large percentage of extortion attempts will utilize aggregated data from previous breaches.
Cybercriminals have collected and are selling vast amounts of data aggregated from previous data breaches. It is seemingly inevitable that cybercriminals will look at other ways to monetize this collection of data. We therefore expect to see more and more attempts to extort money from these historical data breaches. Organizations struggle to quickly determine the veracity of compromised data in a reasonable time frame. When confronted with an extortion attempt, without the appropriate data breach investigation and response capabilities, they may be forced to make regretable decisions.
On the surface, the data may appear to originate from the organization and is indicative of a breach. However as we’ve seen, the data may not necessarily be from a current event. It could easily be patched together from multiple prior breaches. The radical data breach transparency from imminent SEC rules put greater pressure on organizations to disclose suspected material breaches quickly. Organizations will therefore be under pressure to verify the compromise quickly. Hopefully they can refute the attacker claims within the timeframe or they will be forced to disclose suspected material incidents.
Confidence Level: 93%
Prediction 5 – By the end of 2024, the percentage of data breaches that involve some form of medical data will increase dramatically. In particular, cybercriminals will target healthcare institutions as double extortion ransomware targets.
According to the 2023 Verizon Data Breach Investigations Report, less than 10% of breaches involved data of some medical variety. We are convinced that extortion operations remain likely to be the most impactful form of cyber crime worldwide. As a result, we expect this percentage to grow significantly. Cybercriminals will continue to target healthcare institutions, due to their importance to society and in search of confidential and potentially embarrassing medical conditions to apply pressure to extortion payments.
Confidence Level: 86%
Prediction 6 – During 2024, the US will see a proliferation of Deep Fakes in the lead-up to the Presidential Elections.
In the run-up to the U.S. elections in 2024, the deployment of deep fake technology by nation-states and threat actors will become increasingly sophisticated, marking a concerning evolution in cyber warfare and disinformation campaigns. Nation States will undoubtedly weaponize Deep Fakes for influencing public opinion. In addition, deep fakes will be used for more insidious purposes, including espionage, impersonation, and targeted social engineering attacks.
Confidence Level: 96%
Prediction 7 – Through 2025, there will be a noticeable decrease in Cybersecurity IPOs, as well as increase in Private Equity (PE) funded delistings of Cybersecurity organizations.
A convergence of factors will lead to a noticeable change in the trajectory of cybersecurity companies seeking initial public offerings (IPOs) and the decision of some listed companies to delist through private equity (PE) transactions. A combination of ongoing challenges will drive this shift. This includes the failure of Special Purpose Acquisition Companies (SPACs), regulatory pressures from the Securities and Exchange Commission (SEC), and the significant impact of incident disclosure on cybersecurity companies’ share prices.
Confidence Level: 82%
Next steps
Organizations must shift to focus on data security. The growing importance, complexity, and scale of data being collected and used by organizations cannot be ignored in the light of business pressure to adopt AI. If this sounds like your organization, you can use these predictions to find where future risks and opportunities lie. If you would like to learn more about DSPM or see Symmetry in action, please do not hesitate to reach out to me or the team at [email protected] or register for a demo here: https://www.symmetry-systems.com/demo.
The methodology
Each prediction has a confidence level associated with the prediction. To be selected for this publication, the predictions must be:
- Time bound, i.e. achieved by a certain data or if a trend and measured across a defined period.
- Specific and measurable i.e., there should be no debate on whether it came true.
- Realistic i.e., they must be confident that this will be realized.
This approach will allow us to come back in 12 months and grade the precision and accuracy of our predictions (a set of attributes we value as an organization). This is an exercise that we just recently completed with our 2023 Predictions.
