In a rapidly changing digital world, it's crucial to be aware of the latest developments, especially when it comes to cybersecurity. We expect that 2024 will bring new challenges in the field of digital security. From targeted extortion to threats stemming from digital supply chains on which organizations depend. In this blog we delve into the five most important security trends this year and provide insights into how organizations can raise their awareness and preparedness.
1) More targeted extortion based on data theft by cybercriminals
Last year saw a notable change in ransomware attacks. Previously, attackers asked for ransom both for a decryption key and for the encrypted backup, in order to prevent data disclosure. Now we see a trend where criminals limit themselves to demanding ransom to keep data confidential. This shift stems from improved backup strategies by organizations. As a result, it's not necessary to pay for a decryption key to make backup data accessible again. In 2024, it is expected that more criminal groups will embrace this strategy.
This development means companies must revise the way they are preparing for cyberattacks. Where ransomware previously posed a threat primarily to business continuity, the focus is shifting to the public disclosure of confidential information. Organizations are advised not only to take preventive measures but also to be able to detect information theft. Questions about the stolen data and potential damage due to disclosure are becoming crucial. Organizations must be able to defend themselves adequately in light of this new method of extortion.
2) The focus is shifting from prevention to detection of incidents
The cybersecurity landscape is evolving rapidly, so fast that it's almost impossible to stay ahead of attackers. Although ‘to prevent’ is always better than ‘to cure’ - to continue the metaphor - organizations actually need to be able to detect early symptoms of illness. Previously, criminals mainly targeted unprepared victims, but today we see more advanced attacks, such as exploiting unknown vulnerabilities ('zero-days') and exploiting vulnerabilities at IT service providers or SAAS platforms. This year, we will therefore see more advanced attacks against which existing preventive measures are not sufficient.
This change in the threat landscape requires a rethinking of security strategies. Organizations need to (also) shift attention to measures that enable early detection of possible attacks. 'Detection' will provide an essential additional layer of protection in 2024. Organizations must be able to monitor their attack surface to prevent an incident from getting worse. This is in line with the first trend, where the unnoticed theft of data is an important shift in the working methods of cybercriminals.
3) Security is increasingly becoming a supply chain responsibility
In 2024, the cybersecurity world faces major changes in the areas of law and regulation. Important examples of this are the adoptation of NIS2 and the arrival of other specific legislative frameworks like DORA and CRA. In line with these legal developments, we see a growing trend where evidence based control over security is required. The trend we observe is that security is becoming more and more a matter of compliance. While it's commendable that organizations are increasingly focusing on managing their cybersecurity risks, there is a risk that the pressure of compliance prompts companies to create ‘paper trails’ and discourages openness about incidents and threats.
The forthcoming legislation, and the growing importance of security standards frameworks such as ISO or NIST, also underscores the growing importance of supply chain responsibility in cybersecurity. Organizations are no longer solely responsible for their own security but also for the secure operations of their supply chain partners. For organizations that do not yet pay sufficient attention to their cybersecurity risks, it will become increasingly difficult in the future to build successful relationships, as stakeholders in the supply chain will increasingly set specific – and demonstrable – requirements for the security measures to be taken.
4) Financing of damages from cyber risks will become easier
In 2024, there is good news for companies that previously struggled to get cyber risks insured. Previously, they faced relatively high premiums and strict policy conditions, making it a challenge or just very expensive to obtain such insurance. Fortunately, this situation is changing: the costs of cybersecurity insurance are becoming lower, and the criteria for acceptance are becoming more flexible. Although these improvements show a positive trend, the lag in services offered by the insurance during and after a cyber attack remains a point of concern, particularly as it is questionable how well the service aligns with the capabilities that organizations themselves have, in terms of detecting and responding to incidents. Also, the criteria of insurers must be able to evolve more quickly with developments in the threat landscape: for example, there is a lot of attention for the security of backups while the prevention of, or being able to detect, data theft becomes much more important.
5) Demonstrably being in control of security becomes essential
Security is increasingly becoming a mature discipline. This is reflected in (new) legislation. As a result, organizations are increasingly being challenged to demonstrate they are in control; from governments, customers and other stakeholders. In recent years, we have worked hard together to raise the level of security in the Netherlands. Now it's time for the next phase: making certain that we not only work on being in control of security on paper but ensuring our defense against attacks is proven to be effective. It will always involve a combination of preventive, detective, and responsive measures to remain as protected as possible against changing attack vectors and new technologies deployed by adversaries. By continuously challenging each other, we will remain alert and focused. Daring to share knowledge and experience about attackers and incidents will also help us move past shame and shift towards a more resilient society."