Cybersecurity Predictions for 2024

Hey everyone,

Welcome to the first edition of The Sting of Security for 2024! We're diving into the world of cybersecurity, breaking down what's happening every month. In this issue, we're sharing five predictions for cybersecurity in 2024, based on our annual Cyber Security Report where we've analyzed over 45 billion emails.

1. AI & LLMS: A Double-Edged Sword

AI tools, like ChatGPT, have totally changed the tech game. Unfortunately, bad actors are using AI for attacks and even making malware. On the positive side, Large Language Models (LLMs) could be a game-changer for defenders, helping with tasks like log analysis. We're excited to see how these tools can assist security analysts in handling their workload and protecting businesses.

2. MFA Bypass Attacks on the Rise

While businesses are getting serious about strong authentication, attackers are finding ways to get around Multi-Factor Authentication (MFA). In 2024, we expect more MFA bypass attacks using tricks like fatigue attacks and Attacker-in-the-Middle kits. To tackle this, it's a good idea for businesses to explore tech like Windows Hello for Business or FIDO 2 hardware keys, especially for admin accounts.

3. Cloud Complexity Leading to Security Incidents

The shift to the cloud has brought a lot of innovation, but it's also made things pretty complicated. We predict more security breaches and data leaks due to misconfigurations and a lack of understanding about how cloud features work. As more businesses move to the cloud, it's crucial to take a proactive approach to secure configurations and keep a close eye on things.

4. Surge in Supply Chain Attacks

Instead of going after a target directly, attackers are now hitting suppliers to sneak in through a less-protected "back door." Software supply chains are especially vulnerable. Businesses need to make sure their suppliers have solid security measures in place. Recent attacks, like the MOVEit file transfer one, highlight the need for a strong security plan that covers not just your own setup but also your suppliers.

5. More Capable Threat Actors and Shortened Dwell Times

Looking at the trends from 2023, attackers in 2024 will be bolder, smarter, and faster. The time between an attacker getting into a system and launching a full-blown attack is shrinking. Organizations need to step up their defense game to stay ahead. Cybersecurity is a moving target, and being ready for quick and sophisticated attacks is crucial.