As Europe is returning from summer breaks, it is time to reflect on the first half of 2024 and look forward to the rest of the year.
Ransomware attacks on hospitals, blue screens across the world crippling airline operations and other industries, deepfakes to sway opinion and possibly elections, deepfake social engineering tactics to extort significant amounts of money - so far the year has kept cybersecurity professionals busy.
While the adoption of AI by cybercriminals has been slower than some predicted, its use is undoubtedly ramping up. Surprisingly, major events like the EU elections, European Football Championships, and Olympic Games passed without significant IT incidents.
Looking Ahead: Key Trends and Developments for the rest of 2024
- NIS2 Implementation: The new EU regulation, NIS2, is set to come into effect. Many organizations are still unprepared, and some member states are behind in passing required national legislation. This regulation will impact all sectors through supply chain compliance requirements, potentially establishing a new cybersecurity standard emphasizing operational resilience and alignment of business and security goals
- Professionalization of Disinformation: The upcoming US elections will likely drive the growth of disinformation-as-a-service, with more sophisticated campaigns across online platforms. Tailored deepfake tools will make these efforts more convincing, especially for those who prefer video content
- Malicious Chatbots and AI Risks: We can expect to see information-stealing chatbots on fake websites and data poisoning attacks on legitimate ones. Organizations must implement proper safeguards and provide guidance on chatbot use. The risk of data leakage through unregulated generative AI use is also a growing concern
- Geopolitical Influences: Russian regime-affiliated threat actors are expected to continue their activities, particularly in disrupting democratic processes in neighboring countries and spreading misinformation to sow division
- Focus on Security Operations: Recent outages highlight the need for organizations to improve their security operations and secure development practices. Many will invest in streamlining these processes to minimize system downtime
- Continued Targeting of Prime Sectors: Healthcare, manufacturing, construction and engineering, technology, and legal and professional services will remain prime targets for cyberattacks. Business Email Compromise (BEC) and supply chain attacks will continue to be significant threats
The Human Factor
Across all these trends, human risk remains a critical factor. Organizations must invest holistically in technology, processes, and people to defend against cyber attacks. Human risk management should be a core element of every cybersecurity strategy.
As we move into the second half of 2024, staying informed and prepared for these evolving threats will be crucial for organizations of all sizes and sectors.
