As the cybersecurity industry closes out 2023, the past 12 months have brought profound changes to a security industry already burdened with responding to (and attempting to mitigate) significant cybersecurity risks.
One area that has made a substantial impact on cybersecurity over the last year is the emergence of generative artificial intelligence (A.I.) platforms such as OpenAI’s ChatGPT and Google Bard. The technology has the potential to disrupt the cybersecurity industry, including how tech professionals approach their jobs and develop their skills to harness these Large Language Models (LLMs). Generative A.I. can also pose new threats to networks and data in the wrong hands.
At the same time, business uncertainty caused by rising interest rates has pressured companies to reduce headcount and tighten cybersecurity budgets, even while thousands of security job openings remain and the need for talent is at an all-time high.
As companies pull back on security dollars, threats continue to mount. The 2023 Verizon Data Breach Investigations Report finds that, of the more than 950,000 security incidents recorded, approximately 255,000 were confirmed data breaches. Of the confirmed breaches, 74 percent involved a “human element” such as an error, privilege misuse, stolen credentials or social engineering. The survey also shows that 95 percent of these incidents were financially motivated.
The latest statistics from the FBI’s Internet Crime Report show losses from cybercrime topping $10 billion in the U.S. in 2022.
These trends point to a cybersecurity industry in transition heading into 2024. It also means big changes for those tech pros looking to make a career in cybersecurity and where there is change, opportunities also exist.
“The cybersecurity industry will continue to flourish as organizations continually update and revise the infrastructure needed to manage risk and prevent against attacks,” said Chad Cardenas, founder and CEO of venture firm The Syndicate Group. “As cyber continues to grow and evolve, we’re going to see a push toward exploring new avenues of growth and establishing market awareness for differentiation and where a company fits into overall cyber defenses.”
As these changes happen, they will affect how tech professionals approach their cyber careers throughout 2024. Several security experts and industry insiders told Dice that these five security trends are the ones to watch next year.
A.I. Will Continue to Dominate the Tech Conversation
The intrigues and concerns surrounding generative A.I. and these platforms will shape cybersecurity and various other industries, and are slated to continue well into 2024 and likely beyond.
Some envision A.I. and machine learning as platforms that will take jobs away. Several experts noted that these technologies can replace many manual tasks—but will not eliminate entry-level or other jobs.
“Those deployments do not replace entry-level staff entirely. Instead, A.I. will enhance teams and help everyone be more productive,” said Paul Baird, field chief technical security officer at Qualys. “For more junior staff, it will support them getting up to speed and being able to make a tangible difference in security tasks faster, rather than replacing them.”
Other experts also see generative A.I. as key to improving security defenses. And while the tech might eliminate some positions, this shift will not occur right away.
“[A.I.] has the potential of greatly improving the efficiency and efficacy of security operations,” said Bryan Willett, CISO at Lexmark. “To a point that security roles will be replaced by A.I., we will see the early signs of this next year, but more so in coming years.”
At the same time, Willett and other observers note that A.I. technologies, when used by threat actors, can pose major challenges for organizations and their security and tech teams. “The bad actors will integrate A.I. into phishing-as-a-service platforms. Highly effective phishing campaigns will result that spear phish people in mass,” Willett added.
In a year that has seen attackers experiment with generative A.I. technologies, including WormGPT and FraudGPT, the coming months are likely to see new approaches and methodologies deployed by cybercriminals and nation-state groups, said Max Heinemeyer, chief product officer at security firm Darktrace.
“The next year will show how more advanced actors like [advanced persistent threat groups], nation-state attackers and advanced ransomware gangs have started to adopt A.I. The effect will be even faster, more scalable, more personalized and contextualized attacks with a reduced dwell time,” Heinemeyer noted. “It could also be the year of attackers combining traditional worming ransomware—like WannaCry or notPetya— with more advanced, A.I.-driven automation to create an aggressive autonomous agent that has sophisticated, context-based decision-making capabilities.”
It’s the Economy, Stupid
For years, and even during the COVID-19 pandemic, cybersecurity budgets had been inching up as threats and risks increased. But over the past year, as economic uncertainty took hold and interest rates increased, belt-tightening took over even as thousands of open positions went unfilled.
A big trend for 2024: organizations will rethink their security budgets. This can affect tech pros looking to start or expand a career.
“Security budgets will tighten. Security teams will need to refocus priorities, sometimes in very uncomfortable ways,” Lexmark’s Willett said. “It's important to remember to focus on the security fundamentals: Strong authentication, hardened systems, security monitoring on systems and vulnerability management.”
Enterprises will also have to rethink and reorganize their security teams, which means recruiting and retaining the right talent.
“The number of open and unfilled security positions continues to grow. Yet not all cybersecurity functions are understaffed to the same degree,” said Bud Broomhead, CEO of security firm Viakoo. “At the Gartner Security and Risk Summit, one example was with a large organization that had 50 people working on data center security but only two on IoT security, despite all the company’s revenues being dependent on IoT systems working properly.”
Cybercrime Continues to Challenge Tech Pros
As the FBI and other statistics show, cybercrime such as ransomware remains on the upswing. This means organizations face increasing risks to their respective businesses, whether it’s the cost of the clean-up and recovery, loss of customer data or potential regulatory scrutiny from a government agency.
To keep up with threats, enterprises and their security teams need to think beyond security measures such as multi-factor authentication (MFA) and look to other methods that require tech professionals with specific talents and skills. This includes a greater focus on identity.
“Many companies are already utilizing multi-factor authentication to protect their identities–but if that’s all you are doing with your identity practice, you need to take the next steps on the journey and mature Identity Governance and Administration to ensure there are no orphaned and unexpected accounts floating around, and access privileges are set properly,” said Robert Hughes, CISO at RSA. “I see organizations maturing their business processes and security controls in 2024 and moving the needle more toward Zero Trust principles.”
Other experts also see identity as the best way to prevent attacks, since many incidents start with stolen credentials as the Verizon DBI report showed.
“We expect identity-based attacks to dominate breaches next year, exploiting vulnerabilities rooted in human behavior and obscured by limited visibility and obfuscation,” said Patrick Joyce, the global resident CISO at Proofpoint. “Organizations must shift their focus from primarily fortifying infrastructure to securing stored credentials, session cookies, access keys and addressing misconfigurations, especially when it comes to ‘very-attacked-persons’ and privileged accounts.”
Besides identity, JT Keating, senior vice president of strategic initiatives at security firm Zimperium, also notes that attackers are creating ransomware that targets mobile devices, adding another layer of risk for organizations and their security teams to consider.
“A cybercriminal can use mobile malware to steal sensitive data from a smartphone or lock a device, before demanding payment to return the data to the user or unlock the device,” Keating added. “Sometimes people are tricked into accidentally downloading mobile ransomware through social networking schemes because they think they are downloading innocent content or critical software.”
International Concerns Bring Cyber Risks Home
By the end of 2023, the world seemed awash in conflicts. Besides the ongoing fighting between Russia and Ukraine, the war between Israel and Hamas threatened to engulf larger portions of the Middle East.
While the physical tolls of war are clearly visible, the cybersecurity component can affect thousands as well. In the last month, a Russian-affiliated group launched a massive cyber operation against Ukraine. As these conflicts drag on, experts see a greater need to protect infrastructure against APTs and nation-state groups even when the network is thousands of miles away from the battlefield.
“Geopolitical issues will broaden the spectrum of attackers’ motivations, extending beyond financial gain. Targets will likely include schools, hospitals, and public utilities, with objectives aimed at causing disorder and gaining influence,” said John Pirc, vice president at Netenrich. “As we bid farewell to 2023 and embrace the uncertainties of 2024, it becomes increasingly clear that the cybersecurity landscape is set for an even more dynamic evolution. Organizations must adapt swiftly to these evolving threats and trends to safeguard their digital assets effectively.”
These types of threats will also cause businesses and organizations to rethink defenses and look for those with the skills to recognize and respond to these incidents.
“Cybersecurity defenders primarily anticipate attacks that have some sort of financial goal—to scam civilians out of their savings or score a lofty ransomware payment, for example,” said Michael Mumcuoglu, CEO and co-founder at CardinalOps, “However, the prominence of nation-state-sponsored actors will demand a defense posture that can defend against attacks of a much more tangible nature.”
Better Software Starts With Security
For the past several years, the cybersecurity industry and the U.S. government have tried to strengthen the software supply chain by getting developers to write better and more secure code. This also includes understanding what code is used in applications and what vulnerabilities that code is vulnerable to.
Experts noted that 2024 is a year when developers need to respond to these concerns.
“As developers and organizations push new applications into production faster, organizations must ensure that security practices happen in real-time in the CI/CD pipeline as software engineers are developing source code,” said Dan Hopkins, vice president of engineering at StackHawk. “In the new year, organizations must also devise and implement strategies that facilitate connection between runtime and testing. Currently, the way that we protect our systems is very disconnected from the way that we test and prevent vulnerabilities from getting out the door. There needs to be more crosstalk between the two.”
This also includes a better look at API use, since vulnerabilities in these applications led to several breaches in 2023.
“API attacks will also continue to increase at an alarming rate in 2024 as organizations struggle to manage the chaos of API sprawl stemming from API-first innovation and digitalization,” said Nick Rago, field CTO at Salt Security. “On the flip side, it is likely organizations will allocate more budget towards API security in the new year given its increased importance.”