Quantcast
Channel: Tenable Blog
Viewing all articles
Browse latest Browse all 1935

Cybersecurity Snapshot: What’s in Store for 2024 in Cyberland? Check Out Tenable Experts’ Predictions for OT Security, AI, Cloud Security, IAM and more

$
0
0

The new year is upon us, and so we ponder the question: What cybersecurity trends will shape 2024? To find out, we asked Tenable experts to read the tea leaves. Their 2024 forecasts include: A bigger security role for cloud architects; a focus by ransomware gangs on OT systems in critical industries; an intensification of IAM attacks; and much more! 

1 - Cloud architects will take on security

Cyber-savvy organizations understand that security is key in the delivery and deployment of applications – and that it shouldn’t be something that’s tacked on as an afterthought right before moving them to production. 

As a result, we’ll see more cloud architects assuming responsibility for the security of their applications. Simultaneously, solutions originally designed for security practitioners will provide more capabilities for developers, so they are able to continuously improve the security of their applications without slowing down development.

 

Cloud architects will take on security

 

For more information about software development security, “shift left” and DevSecOps:

2 - Orgs will consolidate, unify cloud security tool sets

It’s become clear to cybersecurity leaders that cloud native security allows their organizations to break up silos and provide a unified, contextual risk picture. Thus, organizations will accelerate their efforts to consolidate cloud security products and vendors. This will in turn yield not only more secure applications, but also better optimization of resources, skills and time, during a period when organizations are stretched to the limit.

 

Orgs will consolidate, unify cloud security tool sets

 

In fact, this move away from tool and vendor sprawl, and towards unified tool sets will not be limited to the cloud security realm. Demand from CISOs for integrated security suites and platforms will reach new heights, because they allow security teams to see the big picture, assess their complete attack surface and prioritize remediation of their most critical weaknesses.

For more information about the benefits of integrated security tool stacks, suites and platforms:

3 - Cyber insurers will tighten the screws on industrial companies

Industrial companies will be less able to rely on their cyber insurance for covering the cost of damages from a cyber incident. Why? Before issuing coverage, cyber insurers will conduct their due diligence process more stringently. And when they do offer policies to industrial companies, the scope of coverage will be more limited. As a result, industrial companies will need to be more proactive about managing their cyber risk, as opposed to being reactive and hoping that their cyber insurance will cover the costs of an attack.

 

Cyber insurers will tighten the screws on industrial companies

 

And speaking of lowering cyber risk, CFOs and CISOs of organizations with OT systems will realize that now, more than ever, investments in OT security will yield a better cost-benefit than investments in IT security. In other words, spending in OT security has a much biggest impact on reducing risk.

For more information about cyber insurance trends:

4 - Proliferation of energy-monitoring sensors will heighten OT risk

Seeking to lower energy costs and avoid carbon-usage fines, organizations will increase the number of OT-based sensor deployments and controls. This will allow organizations to better manage their energy usage. However, having more internet-connected IoT and OT devices in smart buildings and in factory- and building-management systems will also expand their attack surface.

For more information about OT/IoT cybersecurity:

VIDEO

The top threats to ICS systems (Tenable)

5 - Ransomware groups will target OT, collaboration technologies

Ransomware gangs will set their sights on two attractive targets: OT systems and collaboration technologies.

The allure of targeting businesses that depend on OT systems resides on two factors. First, it’s highly lucrative to go after these organizations, especially in the manufacturing industry. Second, the publicity that these high-profile attacks garner boosts ransomware gangs’ brands. This motivation fuels hacktivist groups in particular, as they look to give visibility to their causes by attacking organizations they oppose.

 

Ransomware groups will target OT, collaboration technologies

 

Meanwhile, ransomware groups will continue to evolve their tactics to hit multiple organizations with collaboration technologies. Targeting of a zero-day vulnerability in MOVEit Transfer– a secure managed file transfer (MFT) software made by Progress Software – was just the beginning. We'll continue to see these groups target zero-days and n-days in order to claim as many victims as possible.

Tenable experts also predict that while dozens of nations have pledged to not pay ransoms in cyberattacks, organizations of all sizes will continue to pay, even with no guarantees that the attackers will delete the stolen data. In fact, data will be 2024's most sought after resource for ransomware groups and their affiliates.

For more information about ransomware trends, check out these Tenable resources:

VIDEOS

Tenable.ot Security Spotlight - Episode 1: The Ransomware Ecosystem

Tenable CEO Amit Yoran discusses MOVEit Transfer Hack on BBC Asia

Anatomy of a Threat: MOVEIt

6 - Spending on IAM security will skyrocket

Investment in identity and access management (IAM) tools will continue to grow in 2024, as ransomware groups and “hack-the-human” attackers, such as phishers, continue to compromise digital identities across organizations of all sizes.

 

Spending on IAM security will skyrocket

 

As they grapple with higher cloud adoption and with a shortage of qualified cyber pros, organizations will heavily invest in IAM products, with the hope of being better able to stay ahead of bad actors and protect 2024’s most valuable resource: data.

For more information about IAM security:

Bonus: Stocking stuffers

And here are several quick takes from our experts:

  • The expected Bitcoin Halving event in 2024 will be ripe for exploitation, as cybercriminals aggressively target it with AI-generated and deepfake video content, leading to the theft of tens of millions of dollars.
  • In 2024, investment scams, including pig butchering, will increase exponentially around the world, exceeding $5 billion in losses.
  • There will be an increase in attacks against AI platforms that will far exceed our understanding and ability to protect them, resulting in data leaks, data poisoning and cyberphysical effects.

 


Viewing all articles
Browse latest Browse all 1935

Trending Articles