When was the last "easy" year for security teams? Certainly not last year, this decade or even this century. Every year in recent memory has seen its share of noteworthy and novel cyberattacks.
It doesn't take a crystal ball to predict 2024 will be more of the same. If anything, the pace and scale at which threats and challenges compound will only expand the threat landscape further and overwhelm current enterprise defenses more quickly than ever. Cybercriminals aren't going to let up, and neither should enterprise security teams' efforts to protect networks, systems, applications and data.
Cyberthreats aren't the only security challenge for 2024, however. Newly adopted technologies bring their own vulnerabilities to address, and perennial issues make "top challenges" lists year after year.
Here's a look at the top seven trends and challenges security teams and organizations need to be aware of in 2024.
1. AI and generative AI phishing
AI experienced a banner year in 2023 with the introduction of generative AI (GenAI) platforms, such as ChatGPT. With their release came a slew of security challenges, especially when it comes to phishing.
This article is part of
GenAI can improve grammar and spelling to help attackers craft more convincing social engineering and phishing scams. But it can also gather information about people and companies from social media and other websites to conduct targeted spear phishing and business email compromise (BEC) campaigns.
A major AI phishing concern is deepfakes. This type of AI creates fake yet convincing audio, image and video content to fool people into believing their legitimacy. Deepfakes can lead to misinformation campaigns, blackmail, reputational damage, election interference, fraud and more.
Learn more about AI phishing attacks and how to prevent them:
2. More AI and generative AI -- and more challenges
AI and GenAI are such big topics that they warrant two entries in our 2024 list of security challenges. Beyond attackers using AI in phishing and other types of attacks, organizations face the following concerns related to the increasingly popular technologies:
- Data exposure. Users might inadvertently or maliciously input sensitive data, such as source code, copyrighted material or confidential business data, into an AI-powered chatbot, which could then expose the data to the public, threat actors or the business's competition.
- Data poisoning. Attackers can poison AI models with inaccurate data to fool the models into believing attack behaviors are not malicious or to insert malicious files into AI trainings to trick the models into believing they are safe.
- Compliance issues. AI and GenAI use can cause compliance violations. For example, using personally identifiable information or sensitive data to train large language models can result in data leakage, create data privacy concerns or lead to data breaches. Moreover, GenAI use can result in copyright infringement, fraud and breach of contract, among other legal issues.
- Ethical AI use. AI is shrouded in ethical concerns. Ensuring the moral and ethical use of AI and GenAI is important. Be aware of GenAI ethical issues, such as how it can distribute potentially harmful content and create bias as well as how its use affects employees and company morale. Also be cautious about how trustworthy AI-generated data is.
- AI governance. Ensure GenAI is part of a broader AI governance strategy. AI governance should account for not only effective AI use but also AI risk management compliance and ethical use, as well as justice, data quality and autonomy.
- Vulnerabilities in AI tools. AI tools, like any other tool or software, might have vulnerabilities that attackers can exploit. Monitor and patch AI tools along with all other software. Also, note that attackers use AI tools to test and improve the efficacy of their attacks, so patching and installing updates are of the utmost importance.
- Data sprawl. GenAI models consume and create a lot of data. Be prepared for an onslaught of data, and be sure to scale data protection strategies effectively to keep it safe. This includes not only identifying all the data created by GenAI, but also ensuring secure transport and storage.
- Shadow AI. Be aware of any nonpermitted, non-company-controlled AI use by employees, known as shadow AI. Security policies or acceptable use policies should outline the challenges of shadow AI and prohibit it as needed. Monitor systems for shadow AI use, and assess and remediate any risks.
Learn more about the security challenges of AI and GenAI and how to overcome them:
Many called 2020 the "year of ransomware." Then came 2021 and 2022 and 2023. The trend isn't waning. Verizon's "2023 Data Breach Investigations Report" (DBIR) found that ransomware was involved in 24% of all breaches. Sophos' "The State of Ransomware 2023" found 66% of organizations experienced a ransomware attack in the past year. Simply put, the threat cannot be ignored, especially as attackers are evolving their tactics into double and triple extortion attacks.
Learn how to protect against ransomware:
4. Slashed budgets
Increases in inflation, recession fears, geopolitical uncertainty, interest rates and gross domestic product continue to plague the IT industry. In response, many organizations are taking a hard look at budgets and spending less.
While security is often viewed as safe from budget and staff cuts due to its importance, it's not immune to them. Plus, security has historically been viewed as a cost center because its ROI isn't easily calculated. CISOs and security teams facing budget cuts and spending reductions must plan carefully to maintain the security of their company and colleagues while getting more done with less -- and without burning themselves out.
Learn more about working with a constrained budget security:
5. The skills gap and staffing issues
The security industry is no stranger to the skills shortage. For years, report after report has concluded the industry needs more security employees than there are applicants. To make matters worse, budget cuts and layoffs often equate to fewer staff members on a team that must get the same amount of work completed no matter what.
The most recent "ISC2 Cybersecurity Workforce Study" found that although the cybersecurity workforce is now the largest the nonprofit has ever recorded at 5.5 million people, a worldwide security gap still increased year over year. The industry needs an additional 4 million people to properly protect and defend today's organizations. Yet hiring employees with the necessary skills and retaining those employees is still a challenge. That is the reality even before considering potential budget cuts and layoffs.
Learn more about cybersecurity staffing issues:
Phishing isn't solely an AI issue. It's a never-ending challenge faced by organizations of all shapes and sizes, and no company nor employee is immune to attack. According to the 2023 DBIR, 18% of all breaches involved phishing.
These attacks, which involve malicious actors tricking employees into revealing passwords, credit card numbers and other sensitive data, come in many forms. Those forms include email phishing and the more sophisticated and targeted spear phishing, BEC, whaling, and vishing attacks.
The following are some notable phishing attacks:
- Facebook and Google were scammed out of more than $100 million after attackers impersonated a legitimate partner of the businesses between 2013 and 2015. The phishing scams involved contracts and invoices for funds due.
- Sony Pictures was hacked in 2014 after company executives received phishing emails from a group named Guardians of Peace. The attackers reportedly stole more than 100 TB of data.
- Austrian aircraft supplier FACC was defrauded of $54 million in 2016 after an employee was phished by an attacker, purporting to be the company CEO, who requested a wire transfer to a bank account controlled by the attackers.
Learn more on phishing attacks and prevention:
7. Supply chain attacks and software supply chain security
Organizations must be mindful of the third-party vendors and suppliers they work with. Trust is an inherent value here, but organizations should also do their due diligence in vetting third parties.
Software- and hardware-based supply chain attacks can devastate a company -- just look at the SolarWinds hack reported in December 2020. It involved nation-state actors exploiting an IT performance monitoring system and gaining access to more than 30,000 SolarWinds customers and partners.
Also be aware of what software and software components third parties and services providers use, as evidenced during the 2021 Log4Shell exploit. A defect in the Java-based Apache Log4j library let malicious actors launch remote code execution attacks and potentially take control of target systems. While companies could quickly update the library version they used, the libraries used by their suppliers and partners -- and in turn their suppliers and partners, and their suppliers and partners and so on -- needed to be updated to avoid being vulnerable to attack.
Most companies are unsure of the components in their own software, let alone others' components their software connects to. If one link in the software supply chain is vulnerable, everyone is at risk.
Follow proper patch management to ensure all software is secure and up to date. Use software bills of materials (SBOMs) and request them from third parties to know if components in partners' software are secure.
Learn more about software supply chain security and SBOMs:
AI, ransomware, budget and staffing issues, phishing and supply chains are far from the only information security challenges enterprises will face in 2024.
Beware and prepare for the following issues that increase the attack surface and present cybersecurity risks as the year progresses:
- Cloud security. As more enterprises move data and applications to the cloud -- according to Hornetsecurity, 93% of businesses will be in the cloud by 2027 -- cloud security and mitigating cloud-based attacks are becoming more important than ever. Check out the top cloud security challenges.
- Secure software development. While security is often seen as a software development inhibitor, spending the time and money to securely develop software is necessary to prevent vulnerabilities that could lead to breaches. Learn about security by design in software development.
- IoT security. IoT adoption isn't slowing. Protecting these little sensors -- which greatly expand the attack surface -- is key, yet they are often not designed with security in mind. Learn more about the leading IoT security challenges and how to overcome them.
- Remote and hybrid work security. The COVID-19 pandemic has forever changed the workplace and how it is secured. Read up on the security risks of remote working and how to prevent them.
- Security awareness training. Humans are often called the weakest link when it comes to enterprise security. The 2023 DBIR found 74% of all breaches involve the human element. Learn why employee training is critical and how to build a security awareness training program.