Info@NationalCyberSecurity
Info@NationalCyberSecurity

The Top Cybersecurity Issues Facing Businesses in 2024 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


Nearly half of businesses (46%) have experienced one or more cyber incidents over the past three years, with 20% admitting to some financial loss as a result.

Reported incidents have only grown since 2021 when the HSE suffered the largest cyber attack in the history of the State, and global conflicts and the rapid evolution of AI has only diversified the type of threats organisations now face.

Here are ThreatLocker CEO Danny Jenkins‘ predictions for the main cybersecurity issues that companies will face in 2024.

Cyber skills gap

With human error remaining one of the largest contributors to cyber-attacks and nine out of 10 of all data breaches being caused by employee mistakes, the pressing issue of the cyber skills gap will continue to threaten businesses into the new year if the digital literacy of employees is not addressed.

However, phishing attacks, weak passwords and social engineering are just a small part of the wider issue facing the cyber security of businesses. Recruitment and retention of cyber security professionals as a whole is plaguing the industry.

Internal issues like workload complexity, staffing shortages and budget deficits combined with external issues like the dangerous threat landscape and regulatory compliance challenges have made this profession progressively more difficult. 

The challenges of AI in cyber

This year, AI has been one of the most talked about trends across the technology industry following its recent advancements. One thing that makes it more of a threat to the cyber security sector is the ability for natural language and closeness to match human ability.

AI also makes it more difficult to recognise phishing attempts by removing language barriers – producing a clearer, cleaner message that may be misconstrued as legitimate.

Previously AI has been a tool developed by machine learning and driven by data, but as it’s continued to rapidly develop, the ability to simulate human behaviour has become apparent. AI now has the ability to write malware and make it easier for cyber criminals to access code they would only usually see on the dark web.

During a testing phase, we compared a piece of code found online against one created in ChatGPT, both pieces were functional and looked almost identical. When run through the system, the piece found online was blocked, however the ChatGPT code infiltrated the system. Security measures need to continue to advance alongside the development of AI in order to maintain effectiveness and mitigate threats.

State-sponsored cyber attacks

As nations continue to advance their cyber security capabilities, defending against state-sponsored attacks is becoming a critical aspect of cyber security strategies.

Co-ordinated attacks by governments and their intelligence agencies are becoming more frequent and sophisticated, especially during times of war.

2024 will see more attacks carried out by state-actors, and these need to be expected and defended against.

Readiness for threats

It’s becoming more apparent that in the aftermath of a cyber attack, businesses are finding themselves more likely to contemplate paying the ransom for their data. With high chances of being attacked, companies are factoring ransom payments into their budget and business strategy, rather than increasing funding for their cyber security defences.

This decision often stems from the immediate need to regain access to their accounts and data in the face of operational disruption and financial losses, but this approach creates a problematic cycle. Paying ransom incentivises cybercriminals to persist and continue to attack.

The reluctance to invest in more robust cyber security measures poses long-term risks to businesses as it does not address the root cause of vulnerabilities within the company’s systems and leaves them, and others, more susceptible to future threats. A proactive and comprehensive approach towards cyber security is essential to mitigate threats effectively.

Businesses are also operating in the naivety of thinking they won’t be attacked because the data they hold is not important enough and they don’t operate in a target-rich area. Although businesses in the public sector are slightly less at risk of an attack than those in the private sector, it’s crucial that their legacy IT is updated regularly and continues to evolve to match the increasing threat level.

Cyber regulations

As we continue to see advancement in cybersecurity and the abilities of cybercriminals, Governments and organisations need to be more aware of the risk to the national sector posed by cyber threats.

We’ve seen the introduction of more resilient and robust cyber security strategies over the last year, put in place by governing bodies globally.

It’s predicted that during 2024, more countermeasures will be developed and set out for businesses to follow in order to continue to operate against the threat of cyber attacks. Strategies such as this need to be a priority for government organisations and continuously be assessed and developed.

Nearly half of businesses have experience cyber incidents in the past three years.

Supply chain attacks

One thing we will see more of in 2024 is not just supply chains being attacked, but more supply chains being responsible for breaches. You have so many pieces of software running on your computer that all have access to all your data, most people don’t realise just how much software they have.

What we’re going to see more of, as we did last year, is either through vulnerabilities or weaponization – as we saw with 3CX – is that supply chain attacks are going to happen through the software being used already.

It’s going to be a challenging year – but implementing a serious cybersecurity strategy is the first step towards successful defence.

(Pic: Getty Images)

——————————————————-


Click Here For The Original Source.

National Cyber Security

FREE
VIEW