Skip to main content

Author: Carol Caley, PMM, Xage Security

As 2024 gets started, everyone’s talking about how things might be different (or stay the same) in 2024. Here’s my curated short list of interesting predictions for what the year might look like in cybersecurity—plus some links for further reading. 

AI Will Be Both Adversary and Aid

Interest in the many applications of generative AI products like ChatGPT hasn’t flagged. Expect to see it used to help improve security, increasing efficiency and usability of tools. But it’s also already being used by bad actors, most notably in making phishing attacks more effective. And NIST is already discussing the ways in which the use of AI could itself become an attack vector.

Read More >

Cybersecurity Strategies will Shift Proactive

Layered, defense-in-depth is a clear requirement for security-conscious organizations, but a lot of focus in recent years has been on the reactive. Roman Arutyunov, Co-Founder and SVP Products at Xage Security notes that “We are beginning to see a shift in cybersecurity investment strategies that better reflect the current threat landscape. Companies are recognizing that threat hunting and responding to endless detections and false positives uses too much of their precious security resources and they’re growing tired of chasing needles in a haystack. They are now turning their attention to reducing the attack surface by proactively protecting their assets.”

Read More >

Attack Surfaces Will Continue to Grow

This long-standing trend is likely to continue through 2024. As technology becomes more complex and interconnected—especially around cloud, OT, and API usage—attackers will have even more potential avenues for illegitimate entrance into protected systems.

Read More >

(Even) More Regulation

We’ve seen increasing cybersecurity regulation, like the TSA Guidelines for Oil and Gas Pipeline Operators, initially published in 2021 and updated annually since, as well as the SEC guidelines that went into effect in late 2023.  Expect that trend to continue, with the pace of new regulation increasing—especially given that AI advances are rapidly changing risk calculations.

Get Help with TSA >

Ransomware Will Continue to Make Headlines

Unfortunately, there are no signs that ransomware will fade away. In 2023, the Verizon DBIR reported that ransomware attacks were a part of 24% of breaches. Adoption of advanced defenses against ransomware is helping, but widespread cybersecurity improvements are likely to be a long road.

Read More >