Netwrix: five cybersecurity trends to expect in 2024

Nov. 28, 2023
Dirk Schrader, VP of Security Research, andĀ Ilia Sotnikov, Security Strategist, share five trends expected in the coming year.

FRISCO, TexasNov. 28, 2023 -- Netwrix, a cybersecurity vendor that makes data security easy, today released key IT security trends that will affect organizations of all sizes in 2024.

Dirk Schrader, VP of Security Research, and Ilia Sotnikov, Security Strategist, share five trends expected in the coming year:

  1. Cyber insurance requirements will tighten. With successful cyberattacks leading to increasing payouts, insurers will require more organizations to have strong security measures in place to qualify for a policy or to reduce premiums. Common requirements today include multifactor authentication (MFA), patch management and regular security training for business users. In 2024, identity and access management (IAM) is likely to join that list, especially for the enterprise sector. What's more, we expect insurers to partner with managed service providers (MSPs) to help ensure a minimum level of security at small and midsize companies.

  2. Attackers will increasingly harvest encrypted data, even if they cannot yet unlock it. Quantum computing is advancing rapidly, so forward-thinking cybercriminals will be stealing encrypted data that they cannot unlock with today's technology but that they might soon be able to decrypt. The top targets will be organizations with large volumes of sensitive data, such as government and defense agencies, financial and legal firms, and large corporations with valuable intellectual property. To reduce risk, organizations should not treat encryption as a panacea but instead build a multi-layered strategy that includes data classification, risk assessment and mitigation, and incident detection and response. In addition, they should remember that data harvesting can go unnoticed when there is no immediate ransom demand or other visible consequences, and improve monitoring of activity around their sensitive data, including encrypted content.

  3. AI tools will make it easy for cybercriminals to glean the details they need. AI will enable threat actors to swiftly locate personal details required for convincing phishing emails and to mine databases of stolen credentials to launch effective password-based attacks. To reduce risk, organizations must require strong, unique passwords, tightly control privileged access, and invest in identity threat detection and response (ITDR) solutions. 

  4. Phishing emails will be harder to spot and expand in non-English-speaking countries. In the past, phishing emails were riddled with grammatical errors and typos, and were usually in English. In 2024, however, AI tools will make it much easier for attackers to craft convincing emails in any language. To fight back, organizations need to update their phishing training and make it easy for users to report suspicious messages. IT teams in non-English speaking regions also need to warn users about the growing likelihood of getting malicious emails in their native language. 

  5. Everyone will be at risk from security fatigue. User identities are a key target of adversaries because compromising just a single account gets them into the IT ecosystem. But inundating users with warnings from tools like mail agents and requiring them to attend frequent awareness training can backfire, resulting in security exhaustion that can lead to the errors and negligence that the organization was trying to prevent. A more effective strategy is to adopt a Zero Trust model based on least privilege. In addition, tailor awareness training to the needs of specific groups of employees to make it easier to absorb.

"Criminals will be taking advantage of AI and machine learning — but so should the security community," says Ilia Sotnikov. "These technologies can help quickly connect the dots across multiple data sets, giving them the broader context required to spot even sophisticated cyberattacks in their early stages. Plus, they can respond faster and more effectively because they can see exactly what happened and which accounts, data and other assets were involved."