Cyberattacks happen. That’s not news, it’s just the way the world is right now. Check out these 2023 statistics:
- There were nearly 6,000,000,000 breached records.
- At least 299 hospitals were hit by ransomware attacks.
- In a recent survey we sponsored—96% said the threat of cyberattacks to their industry will increase in 2024 compared to 2023, with almost 4 in 5 saying they have been a victim of a ransomware attack in the past six months.
- The conundrum facing organizations: 93% said they would be willing to pay a ransom and yet 84% also have a policy against paying a ransom.
- According to our survey, none of the 900+ respondents said their company could recover data or business processes within 24 hours of an attack. Only 7% can recover in 1-3 days. Over one-third said they needed 4-6 days. And almost 3 in 5 said they needed over a week to recover data and restore business processes.
Given these sobering facts, security is top of mind. What will happen in 2024? Here’s a look at our top predictions for what to expect in 2024.
Prediction #1: Generative AI and security will come together in the worldwide fight against cybercrime.
The release of ChatGPT in late 2022 took the world by storm, and artificial intelligence (AI) became more than just a buzzword. It’s now a part of our everyday discourse.
Another term you may have heard a lot recently is generative AI. It’s a type of artificial intelligence that uses machine learning (ML) and deep learning algorithms to produce new content like text, images, video, music, and computer code in response to users’ prompts and questions. It has the potential to dramatically transform the way humans create original content for personal, business, and artistic purposes.
Attackers are using AI tools to entice employees via social engineering to click and act recklessly, exploit zero-day vulnerabilities, and much more at a much faster rate. Going forward, we can expect both adversaries and innovative defenders to use AI—and it will be a force multiplier in both of their efforts.
Prediction #2: As businesses move their workloads to multicloud environments, they will need to double down on data security by getting clear visibility of their attack surface—or risk additional breaches.
Worldwide end-user spending on public cloud services is predicted to grow to $678.8 billion in 2024. That’s up 20.4% from $563.6 billion in 2023, according to a Gartner forecast. So, the cloud isn’t going away anytime soon.
Cloud transformation and hybridization are still works in progress, and can be high risk, for organizations moving away from legacy systems. Data Security Posture Management (DSPM) is a growing field to help customers manage this risk. (Note: You can read more about continuous threat exposure management from Gartner, here. Or, check out our recent announcement about adding six DSPM partners to our Data Security Alliance.)
Organizations need to fully understand the security implications of the new attack surface created by moving workloads from on-premises to the cloud.
Prediction #3: Organizations will use generative AI to search, analyze, and discover trends and patterns on both primary and secondary data.
In the past, businesses used AI to gain insights from their primary data. But once that data is backed up, imagine being able to tap that secondary data to identify trends. That has not been possible up to this point. Consider these hypothetical examples: a large global bank wanting to look back on loan performance over a 10-year period or a legal firm trying to uncover compliance issues.
By layering generative AI on top of an enterprise’s own datasets (both primary and archived data), AI can generate more knowledgeable, diverse, and relevant responses. This breakthrough has tremendous potential for innovations with enterprise Q&A (questions and answers) applications and industry search and discovery models.
Technology and business executives will have a unique opportunity to leverage the power of data-driven insights to enhance the quality of AI-driven conversations with generative AI systems. By harnessing the power of data management and security solutions enhanced by AI, organizations can unleash new levels of efficiency, innovation, and growth.
Prediction #4: Customers will increasingly look to engage with tightly integrated ecosystems that include a full range of security, data management, and AI services to combat continuing threats.
As we go forward in 2024, the need for collaboration and resilience remains top of mind. Business leaders, security, and IT professionals must team up on cybersecurity—it’s a team sport. By now, you know that security complexities can’t be solved by one vendor alone. Organizations need to look for vendors that integrate with other best-in-breed solutions for a comprehensive data protection and resilience strategy.
Sharing threat information across public and private partnerships and multi-disciplinary groups is critical for facilitating collaboration and staying agile in a rapidly evolving threat landscape.
This emphasis on partnership and trust is why we formed the Data Security Alliance. With leading industry partners like Cisco, BigID, Palo Alto Networks, Tenable, Microsoft, CrowdStrike, and Qualys, we collectively deliver critical technical integrations, best practices, and thought leadership to improve cyber resiliency for the world’s largest organizations.
Collectively, leading cybersecurity, data security and management, and services vendors partner to seamlessly bridge enterprise IT and security by sharing context and enabling fully integrated cybersecurity workflows.
Prediction #5: Governments will strongly recommend not paying for ransomware. But this won’t deter attackers. And it will not stop cyber insurance firms from insuring against attacks.
A group of nearly 50 countries recently vowed to no longer pay the ransom demanded as part of ransomware attacks. This represents a diplomatic accomplishment, to be sure. But this won’t blunt the frequency or sophistication of attacks made on government infrastructure. Attacks are so cheap and easy to launch, and the consequences are so limited that attackers will continue to probe for weaknesses in an automated, programmatic fashion. Also, nation-state-sponsored attackers often seek to sow chaos, rather than reap financial rewards, from attacks.
Learn more
Cyberattacks and AI dominated the headlines in 2023. 2024 will be no different. The attacks are going to come. CISOs today have to assume they’re going to get breached. And if they get breached, they want to be able to recover. How do you bounce back?
Answering that question will be at the forefront of discussions going forward. Whether you’re concerned with data resilience, cyber resilience, or business resilience—resilience matters.
Be sure to join our experts, including CISO Brian Spanswick and Field CISO Dale “Dr. Z” Zabriskie, for our webinar, “2024 predictions: The future of AI and data security in the cloud.” Register here.
And check out my video below to hear me expand on the predictions for 2024.
