17 cybersecurity trends & threats for 2024

Human-operated ransomware attacks have increased by more than 200% in one year, according to research carried out by Microsoft. Security officer Bart Asnot explains: “With this form of ransomware, cybercriminals remain in control during an attack. It allows them to continually adjust their tactics and it creates a direct connection between the attacker and the victim.

This increases the risks because the hacker can see whether their victim is trying to scale up the security mechanisms. Based on this information, they further adjust their attack plan. Human-operated ransomware usually affects SMEs, which often have less maturity and experience to prevent and combat such practices.”

Against a background of automation and mutual connections, the flawless integration of OT and IT is crucial. Silos between operational technology and information technology hinder the deployment of a cybersecurity strategy. “In an industrial environment, for example, applications were once created to operate within an isolated network,” says Filippo Cassini on behalf of Fortinet.

“Now that they are connected to the wider corporate network and the outside world, exposure to cyber threats is increasing. It is therefore important to let IT and OT interact optimally with each other. This often requires a cultural change within the company. So, there is a need for a security solution that breaks through silos.”

Generative AI, the IT concept of 2023, is making its mark on cybersecurity. “The technology is a welcome tool for criminals,” explains Andy Quaeyhaegens of Netskope. “For example, generative AI writes malicious code in a relatively simple way. Which means hackers require less knowledge and skills to attack organizations. The so-called script kiddies, who mainly hack for the thrill of it, are inflicting damage with the help of generative AI, often without being aware of the consequences.”

Malware no longer looks like the ridiculous message from an unknown uncle asking for an advance on an inheritance. Generative artificial intelligence compiles messages that are almost genuine. “Attempts at business email compromise are increasing within company walls. This is where a hacker gains access to an email account of a company to incite employees to take action and hand over their cash," says Lieven Van Rentergem of Check Point. “On the other hand, artificial intelligence and machine learning help to identify subtle nuances and intercept such malicious emails.”

“AI makes our world better,” says Microsoft's Bart Asnot. “But it also comes with new opportunities for hackers. Generative AI and Large Language Models are building ethical boundaries to protect us from a negative impact. The legislator provides additional tools with the AI Act and NIS2. As a result, every organization thoroughly examines how to apply AI in a responsible and safe way.

In contrast, cybercriminals don't obey rules and security mechanisms. Which means they can use AI faster and without limits. That’s why it is important to link regularization around AI to an accelerating framework, so that companies do not lag behind malicious organizations.”

Many organizations operate within a multi-cloud environment. “APIs ensure that the applications from different environments communicate with each other, obtain data, and work together,” says Bart Salaets of F5. “They often grant access to sensitive data, specific data, or certain parts of an application. In addition, AI brings new threats at the API level, for example through misleading API requests, the identification of API vulnerabilities, or cracking API accesses. That makes them a favorite target of cybercriminals. A modified API security policy is therefore more desirable than ever.”

With the imminent NIS2 legislation, organizations that are attacked risk fines based on their turnover. “In addition, the regulations make board members personally liable,” says Andy Quaeyhaegens of Netskope. That huge liability bizarrely acts as an additional weapon for cybercriminals. If a hacked organization refuses to pay a ransom, the cybercriminals may threaten to report the data leak and failure to comply with the reporting obligation to the authorities and, as a result, make the final bill much higher. This approach has already been applied in practice and puts even more pressure on the CISO.”

According to Steven De Ruyver of Cisco, simplification manifests itself within different dimensions of cybersecurity. “Organizations implement platforms that centrally control the security environment. Within such platforms, there is room for applications from different suppliers. Security is becoming more and more invisible to the end user. For example, if they log in the same way every day, from the same location and with the same device, they will not have to enter a password every time to access the application.

If this happens suddenly from another place or device, stricter controls will take effect. For the IT departments of companies, security providers bundle their offerings into packages that bring together different applications around a certain security domain. This also counts as a simplification.”

Organizations not only have to comply with the NIS2 directive themselves, but they also have to identify and address the security risks among their suppliers. In this way, they prevent a situation in which an incident with a supplier brings their own services to a standstill. Wouter Vandenbussche of Proximus NXT explains: “It means that even smaller SMEs must indirectly comply with NIS2 requirements.

Within many small and medium-sized companies, the IT and security infrastructure has often grown historically, which does nothing to simplify matters. An assessment is often necessary in order to gain additional insights and to simplify the architecture where possible."

In recent years, the number of applications within each organization has risen sharply. “That has led to a proliferation of security solutions for each company,” explains Bart Salaets of F5. “Many applications are often located within different (cloud) environments. Consequently, there is a need for consolidation. More and more companies are opting for a central platform that helps them tackle security and business problems. Through a step-by-step migration of security tools to those platforms, you can often also reduce the number of software suppliers. The managed security provider has an important role to play here.”

The AI Act is the first European regulation that specifically focuses on artificial intelligence. “That act is also closely linked to cybersecurity,” says Jesper Bork Olsen of Palo Alto Networks. “There can be no question of secure AI use when the systems are susceptible to cyber threats. From that perspective, it is therefore also important to map out all processes and safety measures. A major challenge is to find out how your suppliers and partners use AI. Accurately documenting all processes is worth its weight in gold.”

An eSIM is a digital version of a standard SIM card built into your device. So, you no longer need a physical SIM card. Filippo Cassini of Fortinet explains: “An eSIM offers several advantages. For example, those who travel internationally often don't have to change SIM cards. At the same time, connected devices using such technologies may be a new target for hackers, if the security of the device or the network provider is not sufficient. That said, the various parties are increasingly incorporating the necessary protective measures.”

“Many organizations invest heavily in technologies that detect incidents and anomalies,” says Wouter Vandenbussche of Proximus NXT. “However, they are not always able to adequately follow up the detected deviations and take the necessary actions. A SecOps framework bridges the gap between an organization’s security and operational teams to improve infrastructure and information security. Therefore, in the process of monitoring, detecting and resolving network vulnerabilities, there are gains in terms of speed, efficiency, and decisiveness.”

CISOs are getting more and more work on their plate and are also personally liable for cybersecurity incidents under NIS2 regulations. “Because of the shortage of security experts and the high wage costs, recruitment does not always offer a conclusive answer,” says Lieven Van Rentergem of Check Point. The integration of AI within security tools results in higher efficiency for the same number of workers. AI makes it easier for experts to carry out their work and increases the accessibility of certain tools for employees with less in-depth knowledge.”

For many organizations, the exponential growth of cybercrime is difficult to reconcile with increasing complexity and the intended cost savings. “It seems like the perfect storm,” says Jesper Bork Olsen of Palo Alto Networks. “Companies want to protect themselves optimally and operate in accordance with the new regulations, but they do not have the resources to realize those plans. They are looking for ways to simplify their infrastructure. Part of the solution often lies in eliminating unnecessary overlapping licenses and automated processes. If the software you buy today doesn’t simplify your work, you haven’t made the right choices.”

“When it comes to security, the focus today is often more on people than on things,” says Steven De Ruyver of Cisco. “Nevertheless, the number of connected devices is still increasing sharply. Applications are interconnected inside and outside company walls, but not necessarily equally secure. They are often seen as a welcome gateway for people with less good intentions. The emergence of, among other things, the electric car forms an additional access route. I advise companies to check where those vulnerabilities are located and look for incremental benefits.”

Wouter Vandenbussche of Proximus NXT notices that there is a strong shift from the traditional security of networks and hardware to a SASE architecture. “SASE, which is short for Secure Access Service Edge, connects end users and employees to the various business applications. The technology provides a secure connection to a company’s data centers. You manage the network from a single portal, which centralizes a whole range of security solutions. I am already noticing that many companies are going to take the step or draw up plans to implement a SASE security architecture in 2024.”