Zero Trust security experts offer cybersecurity predictions for 2024. Agnidipta Sarkar, VP CISO advisory; and Rajesh Khazankchi, CEO and co-founder, at ColorTokens; predict we can expect to see a rise in digital resilience, Zero Trust microsegmentation cyber defenses, and cyber-attacks on ICS/OT environments.
Agnidipta Sarkar, VP CISO advisory, ColorTokens
Realization about Digital Resilience
Early adopters of digital transformation will begin to see the fruits of their vision and execution as some digital transformation projects. However, this will also begin the realization that many enterprises have not planned for digital resilience, and as enterprises begin moving into digital-only business models, they will seek retrospective attempts to build digital resilience. Many enterprises are already there and the emergence of disruption in digital business-as-usual will help enterprises realize the value of digital resilience. This will result in the evolution of a new market in Digital Resilience to build digital immunity at an enterprise scale.
The emergence of “poly-crisis” due to pervasive AI-based cyber-attacks
We saw the emergence of AI in 2022, and we saw the emergence of misuse of AI as an attack vector, helping make phishing attempts sharper and more effective. In 2024, I expect cyberattacks to become pervasive as enterprises transform. It is possible today to entice AI enthusiasts to fall prey to AI prompt injection. Come 2024, perpetrators will find it easier to use AI to attack not only traditional IT but also cloud containers and, increasingly, ICS and OT environments, leading to the emergence of a “poly-crisis” that threatens not only financial impact but also impacts human life simultaneously at the same time in cascading effects. Critical Computing Infrastructure will be under increased threat due to increasing geo-political threat. Cyber defense will be automated, leveraging AI to adapt to newer attack models.
Microsegmentation will be a foundational element of cyber defense
With the increase in digital business-as-usual, cybersecurity practitioners are already feeling lost in a deluge of inaccurate information from mushrooming multiple cybersecurity solutions coupled with a lack of cybersecurity architecture and design practices, resulting in porous cyber defenses. In 2024, business leaders will realize that investments in microsegmentation will force the IT and security teams to begin developing digital business context-based cybersecurity architecture and design because microsegmentation is the last line of defense during a cyber-attack. Security and Risk leaders will leverage the pan-optic visualization capability of microsegmentation to build immediate cyber defenses to protect digital business as usual, even during severe cyber-attacks.
ICS/OT Cybersecurity needs will use AI innovation to solve mundane operational problems.The increased need for distributed Business Decisions by connecting IT and OT will force AI-based solutions to address human safety, operational reliability and highly efficient ICS/OT cybersecurity solutions that can solve mundane issues like patch and vulnerability management and OT access management. Enterprises will begin to see the loss of ICS/OT data impacting business outcomes and, therefore, will begin investing in ways to regulate the flow of ICS/OT using AI tools. ICS/OT micro segmentation will bring in unparalleled visualization to augment cybersecurity practices, especially to regulate the use of Active Directory within ICS/OT.
Rajesh Khazankchi, CEO and co-founder, ColorTokens
Ransomware attacks will continue to evolve in sophistication, with attackers targeting high-value assets. Organizations must enhance their defenses and incident response capabilities.
AI and ML-Powered Threats and Defenses
Both cyber attackers and defenders will increasingly rely on artificial intelligence and machine learning. Attackers may use AI to automate attacks, while organizations will use it for more effective threat detection and response.
OT/IoT Security Challenges
As the number of Internet of Things (IoT) devices grows, securing these devices, including OT, will remain a significant concern, with the need for robust security measures and vulnerability management.
Cloud Security Focus
With widespread cloud adoption, ensuring the security of cloud environments will be paramount. Organizations must implement strong cloud security strategies and configurations to protect their data and applications.
Zero Trust Security Adoption
The Zero Trust security model, which assumes zero trust even within an organization, will gain momentum. Organizations will prioritize identity and access management, along with least-privilege access controls, to enhance overall security.