Industrial Cybersecurity Predictions for 2024 - Part 1

The tools, tactics, bad actors and regulations that will impact the year ahead.

Cybersecurity In A Bubble

As we transition from 2023, some industry experts reached out to share their thoughts on the trends and challenges that will define industrial cybersecurity in the year to come.

Oscar Chavez-Arrieta, Executive Vice President of Latin America, SonicWall:

Regulatory changes, such as Digital Trust, will become more robust. Digital Trust refers to the level of confidence that individuals and businesses have in the security, privacy, and reliability of digital transactions and interactions. It is one of the most important “movements” worldwide because it helps build customer loyalty and drives revenue growth.

The loss of brand value is a huge component in the valuation of every company, but some don’t understand this threat and how the CISO/CTO needs to be heard. Some governments such as Brazil and Chile have already started to take Digital Trust more seriously with regulations and penalties around the safety of customer information. In the coming year, we are expecting Latin American countries to start introducing stricter data protection regulations that are akin to Europe's General Data Protection Regulation (GDPR). This will drive a greater need for compliant cybersecurity solutions.

Chandrodaya Prasad, SonicWall Executive Vice President of Product Marketing:

First, AI and machine learning will be used in cyber offense and defense. In the coming year, we believe both attackers and defenders will leverage AI and machine learning tools to automate and improve their operations. On the offensive side, we can expect to see AI algorithms used to automate vulnerability scanning, phishing attacks, and data exfiltration, making them more effective and harder to detect.

On the defensive side, AI-powered solutions will likely be deployed to monitor networks for anomalous behavior, automatically update security protocols, and even take immediate action to neutralize threats. This tug-of-war between offensive and defensive AI use cases will then escalate, leading to a new cybersecurity "arms race".

Companies and governments will need to invest heavily in cutting-edge technologies to keep up, and cybersecurity strategy will need to focus increasingly on AI-hardening and AI-driven threat detection and response.

Second, supply chain attacks will increase. The complexity and interconnectedness of modern software and hardware supply chains make them attractive targets for cybercriminals and state-sponsored hackers. We've already seen notable examples, such as the SolarWinds and Kaseya incidents, where attackers compromised widely used software to infiltrate multiple organizations at once.

In 2024 we expect to see the trend of attacking suppliers, instead of direct targets, escalate - making supply chain security a significant concern for organizations. Given the potential for such attacks to be highly impactful, affecting not just one company but potentially hundreds or thousands, expect to see increasing pressure from regulators and customers alike to secure supply chains. The result will be stricter regulations and compliance requirements related to supply chain security, forcing organizations to scrutinize their vendors more closely.

Finally, there will be an increased reliance on Zero Trust architectures. 2023 saw the Zero Trust model gaining traction - where organizations automatically don’t trust any entity inside or outside their perimeter, and instead verify everything trying to connect to its systems before granting access. Next year, the Zero Trust model will likely become a default stance for many organizations, driven by a combination of an increase in sophisticated cyberattacks, the ubiquity of remote work, and the adoption of cloud services.

Implementing Zero Trust will necessitate a shift from traditional perimeter-based security models to more identity-centric ones, with multi-factor authentication (MFA), continuous authentication, and least-privilege access becoming widespread. This will include increased adoption of a distributed firewall, aka hybrid mesh firewall.

Rick Jones, CEO, DigitalXRAID: 

First, Critical National Infrastructure (CNI) continues to be the prize bullseye for cybercriminals and nation-state actors alike. A whopping 90 percent of CNI industries have fallen prey to a successful ransomware attack in the past year, underscoring the urgent need for fortified defenses. Further ratcheting up tensions, nearly 80 percent of CISOs feel that we've crossed into an era of constant cyber warfare.  

In 2024, critical sectors such as energy and utilities will face particularly sophisticated tactics like double extortion. It's high time organizations double down on basic but powerful defenses—cyber security training, patch management, and network segmentation. 

Second, AI can be both a transformative ally and a formidable foe in the world of cybersecurity. While innovations like machine learning algorithms have fortified our defenses, the dark side of AI also looms large. Security teams need to be on their toes to leverage AI as a defensive tool as well. As exhilarating as it is to use AI for good, it's equally chilling to think about its misuse. Imagine phishing scams so cunning that they evade traditional filters or automated malware so sophisticated it bypasses conventional firewalls. Even platforms like ChatGPT are chiming in to raise the alarm against the impending AI-driven threats in the next year and beyond.  

Third, the corporate boardroom will be increasingly responsible in the battle against cyber threats over the next year. The notion of accountability is indeed climbing up the corporate ladder at a rapid pace. Just take the case of Uber, where the CISO faced a custodial sentence for a data breach cover-up.  

It is a clear requirement from the Digital Operational Resilience Act (DORA), which is in the process of coming into effect for the Financial Services industry, that the Board of Directors and the CEO must have the knowledge and skills necessary to assess cybersecurity risks, challenge security plans, discuss activities, formulate opinions, and evaluate policies and solutions that protect the assets of their organization. Under DORA, the Board has ultimate responsibility for the covered entity's ICT risk management and operational resilience strategy. 

Finally, over the next year, we will see more regulation,  compliance and formal processes mandating Board responsibility in the case of an attack. Boards must go beyond mere discussions. They need to critically evaluate, challenge, and oversee an organization's cyber strategy. The ever-evolving threat landscape necessitates that they actively manage risk. 

More in Cybersecurity