The year 2024 is presented, as has become customary, as a challenge that never ceases for cybersecurity experts. Over the course of 2023, while great lessons were learned, such as with the massive arrival of artificial intelligence, humanity has also faced new problems due to teleworking.

88% of companies experienced problems implementing effective cybersecurity measures in the field of remote work. For 20% of organizations, this was one of their biggest headaches.

The great challenges in cybersecurity for 2024

Gartner predicts a 15% increase in cybersecurity spending next year, reaching $215 billion. This increase is attributed to factors such as cloud security, generative artificial intelligence and stricter regulations.

In fact, it is expected that in the next two years up to 75% of the world's population will be covered by these new regulations. Despite this, It is time to see, according to experts, what lies ahead for the world in terms of 2024. cybersecurity.

Risks in ICS/OT infrastructure: problems for industrial security

Today's complexity and interconnectedness of technology has left industrial control and operational technology (ICS/OT) infrastructure in a vulnerable position.

Attacks on the supply chain and corporate networks exacerbate these risks. Experts point out the need for collaboration between cybersecurity and OT professionals to design resilient systems that avoid very costly operational interruptions.

Real threat of generative artificial intelligence

The arrival of generative AI to everyone poses great and serious threats. In addition to its ability to spread misinformation, malicious code generated by AI can be a serious cybersecurity problem. Training personnel in the use of AI tools and implementing policies at a general level are essential to control these threats.

Apart from this and as NordPass comments, artificial intelligence can help hackers in many ways. For example, AI is likely to be used to improve the spelling and grammar of phishing emails, making it easier for hackers to convince their victims to interact with malicious links and attachments.

“As AI becomes more widely used to augment software development, defenders will use it to find vulnerabilities in their software,” explains Oakley Cox, technical analyst director at Darktrace.

The Internet of Things (IoT) in 2024

The increase in connected IoT devices opens new possibilities for cyberattacks. With remote work already integrated, the threat extends to home devices that employees use to access corporate networks.

The incorporation of zero trust systems in IT security strategies becomes more necessary than ever to curb these risks as much as possible. “More devices communicating with each other and accessing the Internet means more opportunities for cyber attackers to take advantage,” says Forbes.

This revolutionary approach says: “Never trust by default, always verify.” Instead of assuming that someone or something is safe because it is inside the network's “castle,” Zero Trust says that everyone, whether inside or outside, must constantly prove that they are trustworthy..

Threats to important events such as the Olympic Games

The arrival of massive events such as The 2024 US elections and the Olympic Games create a perfect scenario for cyberattacks. It is expected that all types of email impersonations, phishing and deepfakes will occur, so the security of the voting infrastructure and at a general level will bring to the table the improvements and deficiencies of cybersecurity worldwide.

For example, Japan Olympics faced 450 million cyber attacks on its infrastructure. Nathaniel Gleicher, head of security policy at Meta, says the following:

“When we have particularly sophisticated threat actors, in the context of foreign interference, nation states that are trying to execute these campaigns, we have seen a small number of cases where they plan and coordinate the campaign outside of our platforms, which means “Our researchers may not know a campaign is coming until the last minute.”

Monitoring of external suppliers and supply chains

Social engineering and attacks phishing to external suppliers continue to be a threat that does not cease from year to year. Attackers use increasingly smarter and newer tactics to compromise employees and all types of people

All of this makes clear the importance of continuing education in cybersecurity and confirmation to the public that they all keep their employees updated and trained.

Be careful with biometric authentication

While biometrics are more secure than passwords, this security measure also comes with privacy issues:

For example, hackers could access any collection of data, including biometrics, and high-profile biometric data may be an especially attractive target for hackers. Fortunately, these tend to be protected at a stronger level.

However, as biometrics become more common, andYour biometric information is likely to be available in more places that do not rely on the same level of secure storage.

Without going any further, at the end of 2023, the Spanish Data Protection Agency (AEPD) changed its position on the use of these systems, now much more controlled and, in short, prohibited, reflected in its recent Guide to Control Treatments. presence through biometric systems.