Preventative measures remain woefully unmet, the scourge of ransomware is as bad as its ever been, and a wave of new incident reporting and compliance regulations are taking hold. Buckle up for 2024.
The trends that lived rent free in the minds of cybersecurity professionals in 2023 are certain to continue and reshape the landscape in 2024.
Long-trumpeted measures for prevention remain woefully unmet, the scourge of ransomware is as bad as its ever been, and a wave of new incident reporting and compliance regulations are taking hold.
These are the five trends Cybersecurity Dive identified as the most prominent and perplexing heading into 2024.
One of the best ways to make products more secure is to eliminate risk at the design phase.
The technology industry is beginning to embrace simple changes at the development stage that could signal a willingness to build security into the earliest stage of new applications.
Among the most basic elements of developing secure software is to ensure the code is safe. A large number of applications have been developed using C and C++ — these languages have been around for decades and are built for speed.
However, these languages are also considered more at risk to memory safety issues. Two-thirds of software vulnerabilities have been linked to memory safe coding concerns, according to CISA.
The White House In August issued a request for information on open-source security and memory safety. In December, CISA, the FBI and key foreign partner agencies released a road map for manufacturers to embrace the use of memory-safe languages as a way to reduce software vulnerabilities.
The open source community is also taking steps to boost security during the development phase.
“The biggest shift we’ve seen is an emphasis on prevention, not just remediation, both in the open source community and with our enterprise customers,” said Eric Tooley, senior product marketing manager at GitHub.
For example, GitHub provides tools like Dependabot to help developers keep outdated and vulnerable dependencies out of their software. In 2023, developers pulled 60% more automated Dependabot pull requests for vulnerable packages, compared with 2022.
In November, GitHub launched an AI-based code scanning autofix feature, which allows developers to keep secrets and vulnerabilities from creeping into code.
Ransomware attacks against large, high-profile targets were abundant in 2023, resulting in operationally visible impacts.
Attacks against multiple real estate firms disrupted closings, and the Clorox Company is expected to report a financial loss due to order processing delays and product shortages following an attack. MGM Resorts and Caesars Entertainment, the second- and third-largest casino companies in Las Vegas, suffered financial losses and business operation impacts from ransomware attacks.
“Hackers target whatever creates the most pain for an organization,” said Kris Lovejoy, global practice leader of security and resiliency at Kyndryl.
In 2024, cybersecurity experts expect ransomware groups to continue targeting high-value targets, particularly organizations that are more likely to pay ransom demands in a bid to mitigate serious operational disruptions.
“There are advantages to whale hunting with extortion. Bigger companies have the potential to pay larger ransom demands versus small and midsize businesses. Criminals can go the low-volume, high-payout route with their targeting,” said Rick Holland, VP and CISO at Reliaquest.
Attacks on high-profile targets are a validation and continuation of what security leaders at large enterprises already know, according to Allie Mellen, principal analyst at Forrester.
“They need to be prepared to face ransomware attacks and subsequent business disruption as much as possible, from having proper backups, prevention, to detection and response,” Mellen said.
The definitions of high-value targets and impacts are evolving to include software vendors and third-party service providers as well, according to Dave Burg, EY America’s cybersecurity leader.
