The Increasing Volume of Data and its Security Challenges
“The volume of data a typical organization needs to secure will jump by 42% in the next year and increase by a staggering 7X in the next five years.” – Steven Stone
In recent years, the growth of computer data has exceeded expectations. This trend is expected to continue in 2024, causing organizations to face the challenge of securing data across a rapidly expanding and changing surface area. With the increasing prevalence of data-generating digital devices and the adoption of AI systems that require massive data, the need for effective cybersecurity measures has become crucial.
The Shifting Focus: Cybersecurity as an Interconnected Caravan
“It’s no longer about protecting individual castles but rather an interconnected caravan.” – Steven Stone
As organizations become more sophisticated in securing traditional targets like computers and mobile devices, attackers have shifted their focus to other infrastructure components such as SaaS and Linux applications, APIs, and bare-metal hypervisors. These types of attacks, particularly ransomware breaches, are becoming more prevalent as attackers exploit vulnerabilities in various technologies. This trend highlights the need for organizations to recognize the interconnected nature of cybersecurity and adapt their security strategies accordingly.
- Expectations for 2024:
- – Increased incidents of breaches targeting edge devices
- – Greater emphasis on the use of AI in cybersecurity
- – Election-related concerns regarding AI-driven deepfakes
- – CISOs facing increased regulatory compliance pressures
- – Shift in private/public sector discussions due to changing geopolitical landscape
Edge Devices: A New Battlefront for Cybersecurity
“Edge devices almost certainly will be a major cybersecurity battlefront in 2024.” – Steven Stone
In 2024, expect edge devices to become a major focus in the cybersecurity landscape. Attackers view targeting edge devices as an opportunity to differentiate themselves and demonstrate their technological prowess. These intrusions are difficult to detect and can cause significant damage. It is likely that government intrusion groups will engage in attacks on edge devices, which may even lead to conflicts between different cybercrime groups vying for control over these access points.
The Role of AI in Cybersecurity
“When it comes to cybersecurity in 2024, AI will be everywhere.” – Steven Stone
In the coming year, AI will play a central role in cybersecurity discussions. Both attackers and defenders will leverage AI technology. Attackers will use AI to generate malware, automate attacks, and enhance social engineering campaigns. On the other hand, defenders will incorporate AI-based tools, such as machine learning algorithms and natural language processing, into their cybersecurity strategies. Additionally, AI’s potential for solving the persistent cybersecurity talent gap will be explored, with AI-powered systems taking over routine operations in security operations centers.
Regulatory Compliance and Public Sector Discussions
“The CISO role will take on a heavier regulatory compliance flavor.” – Steven Stone
With new SEC rules on cybersecurity and disclosure of breaches, CISOs will have to pay increased attention to regulatory compliance and documentation. Compliance requirements will become more stringent, and organizations will need to adhere to incident reporting and governance disclosure guidelines. The entire C-suite will also need to recalibrate their private/public sector discussions, influenced by the changing geopolitical landscape and recent cybersecurity incidents involving major companies.
In 2024, the cybersecurity landscape will be marked by the increasing volume of data, a shift in focus towards interconnected security, the emergence of edge devices as a battlefront, the widespread use of AI in cybersecurity, and the need for heightened regulatory compliance. The year ahead promises to be an interesting and challenging one for the cybersecurity industry.
Steven Stone is the head of Rubrik Zero Labs at zero trust data security company Rubrik.