By Jay Kaplan, CEO and co-founder, Synack, Inc.
Any cybersecurity forecast comes with a caveat: In the cat-and-mouse game of cyber offense and defense, it’s impossible to see around the corner. A year ago, how many experts could have predicted bizarre inputs like “poem poem poem” could coax secrets out of powerful new generative AI programs? Or that old-school hacking tricks like infected thumb drives would stage a comeback in nation-state cyberattacks? Who saw the collapse of Silicon Valley Bank coming – a disruption that reverberated not only through the cybersecurity startup community, but also through the entire U.S. financial sector?
That said, the future of cybersecurity isn’t all guesswork. Ransomware threats are a familiar scourge that show no signs of slowing down. There’s a U.S. election around the corner that could put our technical and societal defenses to the test. And AI technology, for all its uncertainty, is bound to stay relevant this year. Here are 3 top cyber predictions for 2024:
1. AI frenzy
Any company that incorporates cutting-edge AI technology can expect a lift in valuation, given the current craze.
Unfortunately, AI could end up hurting cyber defenders more than it helps in 2024. Organizations have rushed to incorporate large language models into their environments, revealing entire new categories of cyber weaknesses along the way. And while generative AI tools have demonstrated astounding proficiency at producing code, they are still prone to introducing some of the same common vulnerabilities and exposures that can creep in when a human is sitting behind the keyboard.
The real AI wildcard lies in attackers’ hands. Threats will become more sophisticated and pervasive. Phishing emails designed to lure U.S. defenders into opening risky attachments or clicking on malicious links will become more convincing as non-native English speakers use AI tools to up their game.
An upstart ransomware group could leverage AI tools to build a roadmap for targeting potential victims. There are already early and alarming signs that so-called “uncensored” AI programs – which can spit out instructions for, say, building a bomb – are finding purchase among extremist groups. Will ransomware gangs follow suit, using AI to make their attacks even more damaging?
2. Election spotlight
Election season comes with its share of cyberthreats, from scams aimed at would-be political donors to sophisticated attempts at nation-state cyber meddling. Thankfully, so far there’s no evidence cyberattacks have succeeded in tampering with any votes cast in the U.S. This year, the U.S. is gearing up for a bruising political rematch between President Biden and presumptive Republican nominee Donald Trump that is likely to bring with it a bevy of misinformation and hacking risks.
The outcome of the election will also shape the U.S. cybersecurity sector for years to come. Many government actions to date have driven activity in cyber, whether it’s the formation of the Cybersecurity and Information Security Agency under the Trump administration or President Biden’s recent executive order on AI.
I hope cybersecurity would be a priority on both sides of the political spectrum. But no issue can be taken for granted in today’s hyper partisan environment, and the 2024 U.S. presidential election could turn out to be a defining moment for how seriously cybersecurity is treated over the next four years.
3. Market consolidation
Chief information security officers often complain of “tool sprawl,” as in security teams are juggling too many cybersecurity products in their networks. This is a side effect of years of prolific innovation in the cybersecurity industry that has brought creative solutions to nearly every cyber challenge. CISOs want to do business with fewer cyber firms. This year, they may start to see some relief in their software stacks, as big tech companies snap up smaller rivals and integrate their tools into existing technologies.
Last year was a rocky one for many cyber startups that struggled to secure investor funding amid higher interest rates. The stage is set for heightened consolidation and M&A activity in 2024.
A select few startups may seek another exit plan, exploring paths to boost efficiency, accelerate revenue and clear the way to go public. But after a chilly year for tech IPOs in 2023, even some larger, profitable cyber companies may still determine going public isn’t right for their business in the current market environment.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.
Image and article originally from www.nasdaq.com. Read the original article here.