Alex - stock.adobe.com
For IT services companies, the 2024 cybersecurity outlook features emerging technologies that dramatically alter the task of protecting enterprises.
Generative AI (GenAI), the expansion of edge computing and the steady march of quantum computing will all complicate the security landscape this year, according to industry executives. The partner ecosystem can expect to encounter numerous customers seeking advice across those developments.
At the same time, however, service providers will ensure clients continue to plug away at the security essentials that transcend the latest innovations.
With that in mind, here are four cybersecurity market trends to consider:
1. GenAI cuts both ways
Much of the cyber discussion this year will revolve around GenAI, which paradoxically opens vulnerabilities and augments security measures. IT services executives must navigate a technology that can cut both ways.
Srinivasan CR, Tata Communications' chief digital officer and executive vice president, cloud and cybersecurity services, said he takes a positive view of GenAI and its effects on security. He said the technology can bolster malware analysis and speed up responses to incidents and alerts through AIOps. GenAI is also incorporated in tools such as Microsoft Security Copilot, he noted.
"Every tool and every application you use to secure the enterprise is becoming a lot more intelligent," Srinivasan said. "Generative AI puts you in a better place."
He acknowledged, however, that GenAI will "be used for both good and bad."
As for the latter, security concerns include prompt injection and other large language model vulnerabilities, noted Miles Ward, CTO at SADA, a technology and business consulting firm. In addition, API attacks as well as inadvertent data leaks or exfiltration are issues with AI-based chatbots.
On the other hand, GenAI can accelerate and simplify security tasks.
Srinivasan CRChief digital officer, Tata Communications
"Generative AI tools are super powerful for automating or augmenting what is being done in existing cyber workflows," Ward said.
AI technology, for instance, can facilitate security log management, a typical workflow element for a security operations center (SOC). GenAI can help review logs, make sense of data and support activities such as threat hunting, Srinivasan said. But GenAI can't offer those advantages entirely on its own. An enterprise would first need to pool its security data in a data lakehouse, he noted.
"Generative AI is going to be a useful addition to the SOC and, in some sense, reduce the complexity of daily tasks," Srinivasan said.
2. Edge computing complicates security, governance
Enterprises are bringing more compute power, devices, applications and workloads to the edge. That means more security concerns for service providers and their customers.
Businesses are becoming more comfortable with edge networks and associated use cases, said Ally Adnan, managing director, cyber and strategic risk, at Deloitte Risk and Financial Advisory. He said edge applications have expanded across the healthcare, retail, energy and utilities industries. But wider adoption comes at a cost.
The increasing scale of edge deployment "is absolutely increasing the risk," Adnan said. "It should make security at the edge a higher priority."
Cybersecurity concerns could overshadow the business advantages of moving more processing to the edge, Srinivasan said. He said the edge requires robust controls and "rock solid" cybersecurity processes.
"It's basically distributed computing," he said. "It widens the surface area for cyber events and attacks."
Those attacks are increasing in sophistication, according to Adnan. Threat actors execute attacks in combination -- a man-in-the-middle attack and an exfiltration, for example. This approach complicates efforts to prevent and address attacks, he added.
Against that backdrop, enterprises must plan for cybersecurity from the very beginning as opposed to building an edge network and trying to secure it later, Adnan said. And planning for edge security calls for the involvement of more people than previous IT security initiatives. The scope includes users, C-level executives and vendors, he noted.
"In the past, people worked in siloes," Adnan said. "The roles and responsibilities with an edge network have become more complex and they tend to overlap. Having the right governance model is key here."
Adnan said he expects to see business and technology leaders spend more time developing edge network governance models that clearly delineate roles and responsibilities. The governance task will occupy organizations this year and, potentially, well beyond.
3. Post-quantum cryptography reaches a milestone
This year might also see more enterprises start planning for post-quantum cryptography.
Julian van Velzen, chief technology innovation officer and head of Capgemini's Quantum Lab, said it's long been known that quantum computers will eventually be able to break conventional encryption algorithms.
"But now, that moment is getting much closer," he said. "We need to take it very seriously."
This year will prove to be pivotal in the evolution of this security concern, van Velzen said. He cited the expected release this year of NIST's final standards for quantum-resistant algorithms. The regulations will set the stage for a migration to post-quantum cryptography. Organizations managing critical infrastructure and companies supplying U.S. government agencies will be among the first to implement the new cryptography, van Velzen noted. Other enterprises will follow in the coming years in what he described as a complex and time-consuming process.
"This will not be easy," he said. "We have to think about how this migration will look and then it is probably going to take us many, many years."
Retooling training for AI-based attacks
Service providers might find opportunities this year to help clients adjust their security training programs to reflect the expected increase in AI-based attacks.
Training programs should raise awareness of how threat actors can use the emerging technology to enhance social engineering attacks such as phishing, said Clare Mohr, U.S. cyber intelligence lead at consultancy Deloitte.
"Understanding AI-powered threats is fundamental and, moving beyond that, [it's important to recognize] AI-enhanced attacks, especially with social engineering," she said.
The updated training should also cover a wide range of employees, she added. That is, not just employees in technology roles, but those in areas such as marketing, finance and human resources.
"The organization's security posture is really only as strong as the weakest link," Mohr said.
4. Basic cyber hygiene remains a must
Businesses might pay more attention to AI, edge computing and post-quantum cryptography this year. But they should also stay focused on the basics of cyber hygiene.
SOCs, 24/7 monitoring, proactive alert response and threat hunting remain among the core security essentials, Srinivasan noted.
"Those things are really fundamental," he said. "Many enterprises still don't have a tick against all of them."
A report from the Capgemini Research Institute suggested that enterprises view the security stakes as higher and plan to spend accordingly. The investment priorities report found that 61% of the business leaders polled consider cybersecurity threats "a leading risk to business growth." Only 39% of respondents rated cyber as a business growth risk in last year's survey.
The respondents ranked cybersecurity as their third highest technology priority in 2024, following AI/GenAI and cloud. Capgemini Research Institute surveyed 2,000 executives at the director level and up.
John Moore is a writer for TechTarget Editorial covering the CIO role, economic trends and the IT services industry.