The cybersecurity industry has been experiencing continual transformations, especially in the aftermath of the pandemic and through the swift adoption of digital transformation. During 2023, the industry saw a surge in sophisticated ransomware attacks, state-sponsored cyber espionage, and a pressing need to secure the Internet of Things (IoT).
NTT (News - Alert) Corporation recently unveiled five key trends it says will significantly impact the security landscape in 2024 and beyond.
As organizations leverage technological advancements, things like artificial intelligence and quantum computing will start to advance. There will also be a shift in businesses adopting a Zero Trust strategy and using the latest cybersecurity technologies thanks to ABE (Attribute-Based Encryption) to help fortify, protect, and uphold privacy.
“Zero Trust is no longer a buzzword, but a core concept that organizations will implement to improve their cybersecurity measures,” said Taro Hashimoto, CSIS Visiting Fellow & Senior Manager of Cybersecurity, NTT.
“The concept of Zero Trust is all about risk-based management and continuous process. This includes the implementation of a variety of underlying technologies, including Identity and Access Management (IAM), Endpoint Detection & Response (EDR), Cloud Access Security Broker (CASB), Data Loss Prevention (DLP), Security Information & Event Management (SIEM), etc. that seamlessly integrate within an organization’s cybersecurity strategy.”
Here’s a closer look at the key security trends NTT Corporation says we’ll see more of in 2024:
Security in Artificial Intelligence:
Malicious actors are expected to leverage AI to accelerate the development of malware by automating tasks to find weaknesses. This deployment of AI is anticipated to reduce the cost of cyber-attacks and advance exploits. However, AI will also be used to enhance cybersecurity strategies and technologies with better detection and analysis capabilities.
“Cyber criminals and state actors are already taking advantage of generative AI to create phishing campaigns, write malicious code or identify vulnerable systems to exploit,” said Mihoko Matsubara, Chief Cybersecurity Strategist, NTT. “However, AI capabilities are not only being used for nefarious purposes. Cybersecurity professionals have also found generative AI helpful to automate some tasks, data analysis, and vulnerability research. For example, NTT Security’s research noticed that generative AI maximized the efficiency and accuracy to identify phishing sites quickly.”
Safeguarding Election Results:
With significant political events happening in 2024 like the presidential campaigns in Taiwan and the United States, it's expected generative AI to be used by malicious actors spreading disinformation. There will also be new cybersecurity measures for systems and the physical security of voting machines to ensure the integrity of election results.
Zero Trust Framework:
With more cloud-native security solutions, authentication methods are key. In response to challenges such as bypassing Multi-Factor Authentication (MFA (News - Alert)) through techniques like JSON Web Token (JWT) injection attacks, a Zero Trust framework is expected to transition from a hot trend to a must for organizations.
Preparing for the Looming Quantum (News - Alert) Threat:
In 2024 we will also see the preparation of systems and applications as quantum computing is adopted. The focus will be on managing the security of encryption for entities without access to quantum capabilities and defending against those who possess such capabilities.
Advancing Cryptography and Encryption in 2024:
The evolution of advanced encryption systems, such as Attribute-Based Encryption (ABE), holds promise for real-world adoption. However, concerns about privacy persist, particularly in interactions with AI models. Given that these interactions may involve even more sensitive information than conventional search queries, researchers are likely to delve into enabling private engagements with such models to ensure data privacy in AI-driven contexts.
Edited by
Alex Passett
