A leading provider of security operation services offers an outlook on IT security trends for 2024 that CIOs and IT managers should be on the radar of. Important topics include the geopolitical situation, NIS2, the increase in cybercrime, the shortage of skilled workers and, above all, the topic of AI in companies.
Cybersecurity of critical infrastructure and supply chain is more important than ever. The Russia-Ukraine war, the tensions in the Middle East, the Taiwan conflict and China in its dual role as an important trading partner and systemic rival to the West: the geopolitical situation is tense, and at the same time the cyber threat situation is worsening. We are increasingly seeing attacks on countries and critical infrastructure, with technology increasingly being used as a political and military weapon. On the other hand, private companies in the globalized world are highly networked, and supply chains extend across several national borders.
Geopolitical situation is getting worse
This makes them particularly vulnerable to cyber threat actors. Since the geopolitical situation is not expected to calm down in the near future, neither companies nor countries can allow themselves a break when it comes to security. Governments, companies and operators of critical infrastructure should therefore strengthen their cyber resilience and carefully monitor their attack surface at all times in order to close vulnerabilities as quickly as possible and to be able to react quickly in the event of an attack. With legal regulations such as the European Commission's Cyber Resilience Act (CRA), legislators are also trying to strengthen the security of hardware and software products.
NIS2 is coming
The fact that cybersecurity is a challenge of economic, social and political proportions has become increasingly common in recent years. The above-mentioned escalation of the geopolitical situation is a key driver. Politics and business are reacting with legal regulations and mandatory safety standards. For example, EU member states must implement the NIS2 directive on the protection of critical infrastructure into national law by October 2024. The aim is to make critical infrastructures, but also supply and value chains, more resilient across Europe by significantly expanding the scope of the directive.
Expanding the scope is the right step, because in our highly distributed and specialized value chains, the failure of a single link due to a cyber attack in the supply chain can quickly lead to major economic damage. This increases the pressure on companies to increase their investments in IT security in order to meet the requirements. A study by PwC already shows that an increase in investment in cyber security can be expected: 84% of companies want to increase their budget in the future.
Professionalization of cybercrime
Cybercriminals are becoming increasingly sophisticated in their actions and are increasingly organizing themselves as professional organizations. According to Bitkom, every second company was attacked with ransomware within a year. Professional gangs also give attackers less technical experience, e.g. For example, Ransomware-as-a-Service provides you with the tools you need to carry out widespread attacks. Companies of all sizes and industries are targeted by criminals - including SMEs. It is all the more important for companies to become aware of the risk of attacks, to upgrade their IT security and to professionalize themselves.
Solutions like Zero Trust and SASE will become the new standard in the future and replace traditional VPN connections. Firewalls and virus scanners have long been no longer sufficient for state-of-the-art protection. It also requires consistent 24/7 monitoring of the IT landscape and responsive detection and response solutions. If companies do not have the expertise and resources for such internal professionalization, they should work with external security partners who have the necessary know-how and technology, because doing nothing is not an option.
AI as an accomplice to threat actors
Experience has shown that criminals are always the first to take advantage of new technology. This is also the case in cyberspace. They are adapting generative AI in their attack chain, and the approach is becoming increasingly sophisticated. Sending phishing emails, e.g. B. Business Email Compromise (BEC) is one of the proven fraud methods. According to Bitkom, phishing is currently at the top of the most common cyberattacks on German companies at 31%. In 2022 it was still 25%. The fact that AI tools like ChatGPT are becoming more and more powerful also plays into the hands of cyber attackers. By perfecting the creation of individually tailored and personalized emails in the victims' native language, phishing emails appear even more real. The embedding of deep fakes in video telephony or fraud calls is also on the rise and will be used more and more widely in the future. Companies must not lose touch here and must stay on the ball with AI technologies.
Shortage of skilled workers and lack of in-house expertise
Increasing numbers of cyber attacks and stricter legal requirements mean that companies are increasingly relying on preventative and reactive upgrades to their cybersecurity. But there are challenges: implementing solutions is complex, the investment costs are high and there is a lack of know-how. Since qualified employees are either missing or very expensive due to the shortage of skilled workers, outsourcing IT security is becoming a key factor in reducing cyber risk and effectively warding off attacks. Accordingly, the demand for external support is increasing and security partners like Arctic Wolf form the extended workbench of the IT department. They continuously monitor the company's entire IT landscape, support the response to security incidents and use their security knowledge to help improve cyber protection in the long term. Using external security services is often significantly cheaper than building up personnel, know-how and technology in-house.
From Best-in-Class to Best-to-Integrate
In the past, when selecting security solutions, the main question was which solution offered the best protection and performance, e.g. E.g. which virus protection or firewalls are most effective and which solution is market leading (best-in-class). But these aspects are no longer the only ones. The trend is towards best-to-integrate and the demand for integrated solutions is increasing: How can the solution be integrated into the existing security controls? How complex are implementation, configuration and operation? How many specialists and training are needed?
Best-to-Integrate solutions reduce the time spent on configuration, maintenance and security investigations. At the same time, a consolidation of the manufacturing landscape can be observed. Large players – e.g. Amazon, Google, Microsoft, CISCO – who are able to easily integrate various security solutions into their platforms, buy up smaller companies and thus strengthen their own market position as providers of best-to-integrate solutions. Because more and more applications are being used in companies overall, it can be assumed that these trends will become even more pronounced in the future.
More at Arctic Wolf.com
About Arctic Wolf Arctic Wolf is a global leader in security operations, providing the first cloud-native security operations platform to mitigate cyber risk. Based on threat telemetry spanning endpoint, network and cloud sources, the Arctic Wolf® Security Operations Cloud analyzes more than 1,6 trillion security events per week worldwide. It provides company-critical insights into almost all security use cases and optimizes customers' heterogeneous security solutions. The Arctic Wolf platform is used by more than 2.000 customers worldwide. It provides automated threat detection and response, enabling organizations of all sizes to set up world-class security operations at the push of a button.
Matching articles on the topic