back Back

What are the key insights for cybersecurity planning in 2024?

By Puja Sharma

January 11, 2024

  • AI
  • AI in Cybersecurity
  • cybersecurity breaches
Share

CYBERSECURITY

Google Cloud has released its annual Cybersecurity Forecast report for 2024, compiling forward-looking thoughts from security leaders and experts from different teams across Mandiant, Google Cloud and VirusTotal, who are on the frontlines of the latest and largest attacks. Aiming to empower the cybersecurity industry, this comprehensive report provides essential insights and strategies to frame the fight against cyber adversaries in the year ahead.

While new technologies will aid security teams, they can also expand the attack surface. In 2024, the rapidly evolving world of generative AI will provide attackers with new ways to conduct convincing phishing campaigns and information operations at scale. However, defenders will use the same technologies to strengthen detection, response, and attribution of adversaries – and more broadly reduce toil, address threat overload, and close the widening skills gap.

Renze Jongman, Strategic Threat Intelligence Specialist, MEA at Google Cloud said, “While the rapid development of new technologies like AI will allow attackers to speed up and scale their criminal operations, it also offers unique ways for defenders to combat the threat. The ability to scale cybersecurity talent is particularly exciting to me: the GCC region has a growing number of young and talented cybersecurity graduates, keen to contribute to defending their countries and organizations against cyber attacks. They can now start to have an exponential impact and rapidly grow and expand their skill set by leveraging AI in their investigations and operations.”

The cybersecurity landscape is constantly evolving, sometimes in new and unexpected ways. Defenders, often with limited resources, have the monumental task of keeping up. Here are some of the key takeaways from the Google Cloud Cybersecurity Forecast 2024 to help prepare for the year ahead:

  • AI for attack and defense: AI is set to revolutionize cybersecurity for both attackers and defenders. Attackers are expected to leverage generative AI and large language models to create more sophisticated phishing and social engineering tactics, as well as to add scale to information operations. Defenders will utilize AI to enhance threat detection, response and attribution capabilities, as well as speed up analysis and other time-consuming tasks like reverse engineering.
  • Continued use of zero-day exploits: An increased reliance on zero-day vulnerabilities by attackers is anticipated by both nation-state and cybercriminal groups, aiming to evade detection and maintain prolonged access to compromised systems. Edge devices and virtualization software are particularly attractive to threat actors because they are challenging to monitor. Cybercriminals know using a zero-day vulnerability will increase the number of victims and, based on recent mass extortion events, the number of organizations that may pay high ransomware or extortion demands.
  • Growing prevalence of mobile cybercrime: Expect an increase in mobile cybercrime, with scammers using advanced and novel social engineering tactics like fake domestic help services, counterfeit social media, bank, or government communications, and deceptive pop-up alerts to trick victims into installing malicious apps on their mobile devices. Jongman adds: “This type of social engineering has grown rapidly across the Middle East in recent years, and while governments and organizations are already taking measures to protect their customers, this threat is likely to grow both in volume and sophistication across the region.”
  • Maturing of attacks targeting hybrid and multicloud environments: With organizations around the world moving to the cloud, threat actors will look to exploit misconfigurations and identity issues to move laterally across different cloud environments.
  • Escalating espionage and “sleeper botnet” tactics: Espionage activities will evolve and find more ways to scale, including the use of “sleeper botnets” created from vulnerable IoT, and small/home office or end-of-life devices. These botnets can be used and discarded as needed, complicating attribution efforts.
  • Resurgence of older attack techniques: There is an expected revival in using older, less common cyberattack techniques which aren’t widely understood. These methods, often overlooked in modern detection systems, could provide attackers with a stealthy means to breach defenses.

 

Previous Article

January 09, 2024

Cybersecurity predictions for 2024 put generative AI at the forefront

Read More
Next Article

January 12, 2024

AML and Regulatory fines on global banks soared in 2023, study shows

Read More





Weekly Case Study

Chart of the Week

FinTech insights exclusively curated by the IBSi’s Research Team

Other Related News

July 19, 2024

SMEs leverage cloud to gain competitive edge, study shows

Read More

July 16, 2024

Rise in sophisticated attacks, state-level threats, and increased ransom DDoS Incidents

Read More

July 15, 2024

Global wealth growth rebounds with major shifts expected by 2030, research reveals

Read More

Related Reports

Sales League Table Report 2024
Know More
Global Digital Banking Vendor & Landscape Report Q2 2024
Know More
NextGen WealthTech: The Trends To Shape The Future Q4 2023
Know More
IBSi Spectrum Report: Supply Chain Finance Platforms Q4 2023
Know More
Treasury & Capital Markets Systems Report Q1 2024
Know More

IBSi Global FinTech Innovation Awards 2024

Here’s to the coolest in FinTech!
Nominate Now!
close-link
Nominate now! IBSi Global FinTech Innovation Awards 2024