Major shifts set to reshape the security landscape in 2024
According to experts at Integrity360, four crucial shifts are expected to shape the security landscape in 2024. Analysts anticipate the mainstream adoption of continuous threat exposure management (CTEM), a possible reversal in the on-prem to cloud transition, the deepening impact of generative AI on security, and an increase in insider threats driven by employee bribery.
Brian Martin, Integrity360's Director of Product Management, predicts the widespread integration of CTEM into business practices by 2024. "CTEM will enable organisations to be more proactive about identifying and assessing key problem areas in the attack surface that has grown substantially in the last couple of years," said Martin. He suggests this trend goes beyond spotting and addressing vulnerabilities, as it promotes a shift in organisational posture towards embracing best practices. Martin expects CTEM's popularity to fuel the convergence of various security tools, leading to a consolidation of the industry.
Carl Shallow, the Director of Compliance at Integrity360, suggests that 2024 may witness a potential backtrack in the shift from on-prem to cloud-based solutions. Despite the immense digital transformations in recent years leading to widespread adoption of cloud tools, security and cost issues raise concerns. Recalling the incidence of high-profile cloud breaches such as Toyota's in 2023 and the 2023 Thales Cloud Security Study revealing 39% of businesses experiencing breaches in the past year, Shallow notes that a reverse transition is not entirely implausible. He points out the economic constraints of cloud solutions, explaining, "Organisations are spending significantly on cloud platforms and supportive security, yet the economic gains that they anticipated are struggling to materialise in many cases."
James Hinton, Director Of CST Services at Integrity360, predicts that the implications of generative AI in security will continue to become more clear in 2024. His prediction rests on the growing concerns about the use of deepfakes in targeting organisations. Hinton notes that AI will also enhance security measures, creating a balance in the threat landscape. "AI can triage data really quickly and provide the results, freeing up highly skilled security professionals to focus on higher value tasks," remarks Hinton.
Zach Fleming, Head of Red Teaming at Integrity360, warns about the growing threat of insider attacks in 2024, fueled by disgruntled employees colluding with threat actors. Citing the practice of ransomware groups bribing employees to gain access to systems, Fleming stated, "I think that's going to increase, particularly in the current economic environment." He goes on to explain that the growing sophistication of threat actors make such insider activities increasingly difficult to detect, heightening the risks for businesses.