Cody Cornell is co-founder and chief strategy officer of Swimlane, an independent leader in low-code security automation.
getty
In 2023, the digital Wild West got even wilder. We saw major events like the cyberattack on MGM Resorts that caused widespread disruptions and led to an estimated $100 million hit to its third-quarter results. The City of Oakland ransomware attack took systems offline for weeks and led to leaked data stolen from the city. Most notably, we saw the exploitation of a vulnerability in MOVEit that allowed cybercriminals to impact thousands of organizations.
Aside from the various attacks and breaches, many new trends have also impacted the wider industry. Generative AI likely comes to the top of our minds, regardless of industry. From the increased sophistication of attacks to leveraging it to automate defense tactics, generative AI heavily shaped conversations across the cybersecurity industry.
The outlook may seem overwhelming with so many evolving trends putting pressure on today’s CISOs and security leaders. With that in mind, it’s helpful to look back at our experiences to better prepare for what could come our way this year. Security leaders must arm themselves for whatever the year may bring by adopting the right technologies and strategies for a successful 2024.
What We Can Expect In 2024
As we forge ahead this year, here are some cybersecurity predictions to keep an eye on.
• Generative AI will face a trough of disillusionment. While generative AI usage is poised to surge in 2024, organizations may encounter a gap between expectations and reality. To bridge this gap, they'll need to clearly define their desired outcomes and assess if AI is the optimal tool/enabler to achieve them. This may lead to a "trough of disillusionment" period in 2024, not signifying the failure of generative AI, but rather highlighting the need for realistic timelines and understanding of its capabilities.
• Private LLMs will win the debate against public LLMs. Organizations have leveraged public large language models (LLMs) like OpenAI and Gemini for various tasks, from building chatbots to analyzing large amounts of security data. However, concerns about data security and limited effectiveness for specific domains, particularly cybersecurity, will lead to a shift toward the use of private LLMs. From enhanced data security and domain-specific expertise, organizations will lean on private LLMs to foster trust and transparency.
• AI will supercharge automation to change the future of security operations. AI is the best thing that ever happened to automation. While automation excels at streamlining repetitive tasks, AI's decision-making capabilities add a powerful layer of intelligence. This synergy allows AI to not only analyze data but also translate insights into actionable automation, addressing a critical need for security teams overwhelmed by alert fatigue. This potent combination promises to be a catalyst for both innovative security solutions and enhanced cyber resilience.
• Third-party risk assessments will get a total overhaul. Responding to the wake of high-profile third-party breaches in 2023, organizations will shift their approach to third-party risk assessments. This move signifies a departure from the traditional "check-the-box" tool verification and signifies a deeper dive into a vendor's overall cybersecurity posture. Assessments will delve into specific aspects of vulnerability management, analyzing how companies handled highly publicized incidents. This shift goes beyond simply evaluating tools in place, focusing on the processes and procedures that underpin their efficacy.
• 2024 will be a light at the end of the tunnel for the tech industry. There's a growing sense of optimism about 2024, and we will see thawing budgets and an overall improvement in the economy. This, combined with a positive outlook on interest rates and the political environment, leads me to believe that the tech industry, and cybersecurity in particular, is poised for a strong year, especially going into the second half.
Looking Ahead
We’re faced with many unknowns as we continue through 2024, and the trends we see developing now are just a glimpse into what may be on the way. It’s a critical time for organizations to assess their current tools and ensure they have adopted the right strategy for their needs, ultimately helping combat the attacks they may encounter or the unforeseen shifts in the economy that may arise.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
