Every December, global experts examine trends and international focus areas for the next 12 months and beyond. For 2024, top topics range from upcoming elections to regional wars to space exploration to advances in AI.

Naysayers will ask: How accurate are these security predictions? It is an important question to keep considering, especially as we are wrapping up a year in which generative AI (GenAI) stole the show — despite little mention last December. (Before you dig into the 2024 predictions, take a look back at what did make the list for 2023.)

While the top cybersecurity industry reports are well-refined, clearly presented documents with video support and more, other forecasts, predictions and trends are buried in YouTube videos, conference overviews and online webcasts that are highly informative, but difficult to find.

Gartner, Forrester, IDC, IBM Security and others have excellent prediction and trend materials that normally cost hundreds or thousands of dollars to buy or to access via a subscription. They are included in my annual analysis only when referenced materials are freely available via link. In fact, I encourage you to read the details at the references provided to learn more.

COMMON THEMES FOR 2024

AI will revolutionize everything and everyone — for better and for worse. Here are some specific predictions around AI and GenAI:

• More effective cyber attacks than ever before against everyone, with bad actors leveraging GenAI tools to find vulnerabilities in critical sectors.
• More AI threat actors, AI threat vectors and AI code assistants introduce further vulnerabilities (BeyondTrust).
• Use of AI-based cyber defense is a must for enterprises to keep up.
• Bring your own AI (BYOAI) for 60 percent of us, as enterprise solutions lag (Forrester).
• Shadow AI will grow along with governance challenges.
• Productivity improvements will drive rapid and widespread adoption of GenAI tools.
• More regulation, laws, policies, data privacy and ethics rules regarding appropriate use.
• Uptick in sophisticated deepfakes and Business Email Compromise (BEC) using GenAI to attack.
• More voice and video impersonations, including particular accents and targeted executive account takeover using social media and personal accounts.
• Focus on various attacks against LLMs.

Election cyber attacks globally will be center stage. Specifically:

• Misinformation on elections in social media.
• Voting machine and virtual cyber attacks.
• Data surrounding voter lists, people, process and technology cyber attacks.

Attacks on global events — for example, the 2024 Summer Olympics in Paris — to gain attention will increase.

THE TOP 24 SECURITY PREDICTIONS REPORTS FOR 2024 FROM SECURITY INDUSTRY COMPANIES

Reminder: This ranking covers organizational reports and not just individual predictions. Most reports offer six to 10 predictions or more, and the top reports group their predictions and themes into categories. Also, the research and details behind each security prediction offer vital context. I urge readers to visit these companies’ websites, read their full prediction reports and see the details on each item — often in video format. My goal is to point you in the right direction for more details and solution-specific research.

1) Google Cloud/Mandiant — This team never disappoints, and they have climbed into the top position for the first time ever with a global set of forecasts, predictions and global security trends that are simply outstanding. For this year, they offer Cybersecurity Forecast 2024: Insights for Future Planning. They also outline four broad trends in this helpful infographic.

Google Cloud organizes their report differently than others with an opening section on AI and nation-state threat actors, including “The Big Four” of China, Russia, North Korea and Iran.

Only then do they issue global forecasts in many areas, along with a regional forecast. Here are their top global trends, with more details in their document.

• Continued use of zero-day vulnerabilities (and edge devices).
• Cyber activity targeting U.S. elections.
• Rise of disruptive hacktivism.
• Wipers become a standard capability in all nation state cyber arsenals.
• Targeting of space-based infrastructure.
• Attacks targeting hybrid and multi-cloud environments mature and become more impactful.
• Serverless services in the cloud more heavily used by threat actors.
• Extortion operations continue.
• Espionage and “sleeper botnets.”
• Revival of ancient techniques.
• Continued migration to modern programming languages by malware authors.
• Developers targeted in supply chain attacks via software package managers.
• Growing prevalence of mobile cyber crime.
• Cyber insurance premiums remain steady.
• Consolidation around SecOps.

Their themes are described here in this video:

Also, see these related Google Cloud Cybersecurity Forecast 2024 videos:

2) Trend Micro once again offers an excellent report that fought for the top prize with an amazing report entitled Critical Scalability: Trend Micro Security Predictions for 2024. Trend Micro’s presentation, references, detailed descriptions of each prediction and overall approach to this report sets them apart again, but they have shortened their material, which dropped them slightly into the second slot for 2024.

Here’s how Trend Micros opens:

Here are their top five themes:

• Security gaps in cloud environments will set the stage for successful cloud-native worm attacks.
• Data will be weaponized against fledgling cloud-based machine learning models.
• Generative AI will allow fraudsters to level up their social engineering lures in targeted attacks.
• Software supply-chain attacks will serve as a clarion call to protect suppliers’ CI/CD systems.
• Attackers will look to the blockchain for fresh hunting grounds and extortion plans.

3) WatchGuard again wows with an amazing security prediction report, including interesting videos — and even a new blooper reel that wins the most creative twist for 2024. I also like their historical look and grading of themselves from last year’s predictions.

4) Kaspersky — Kaspersky’s APT predictions always offer an abundance of amazing security and privacy material for the new year. Once again, their forecasts and predictions are harder to find than many of their competitors’. I rank Kaspersky so high on this list due to the huge amount of research and excellent material that is well-thought-out and timely from a global perspective. They also offer many siloed reports on different topics and in different regions around the world.

We start with their Kaspersky’s Advanced Persistent Threats Predictions for 2024 (much more specific detail at every link).

5) Fortinet continues to impress with their Cyberthreat Predictions for 2024: An Annual Perspective from FortiGuard Labs.

Fortinet leads with the evolution of old favorites, but quickly pivots to ”Fresh Threat Trends to Watch for in 2024 and Beyond”:

“Next-level playbooks: … Looking ahead, we predict attackers will take a ‘go big or go home’ approach, with adversaries turning their focus to critical industries—such as healthcare, finance, transportation, and utilities—that if hacked, would have a sizeable adverse impact on society and make for a more substantial payday for the attacker. They’ll also expand their playbooks, making their activities more personal, aggressive, and destructive in nature.

“It’s a new day for zero days: … We’ve observed a record number of zero days and new Common Vulnerabilities and Exposures (CVEs) emerge in 2023, and that count is still rising. Given how valuable zero days can be for attackers, we expect to see zero-day brokers—cybercrime groups selling zero days on the dark web to multiple buyers—emerge among the CaaS community.

“Playing the inside game: … We predict that attackers will continue to shift left with their tactics, reconnaissance, and weaponization, with groups beginning to recruit from inside target organizations for initial access purposes.

“Ushering in ‘we the people’ attacks: … We expect to see attackers take advantage of more geopolitical happenings and event-driven opportunities, such as the 2024 U.S. elections and the Paris 2024 games.

“Narrowing the TTP playing field: Attackers will inevitably continue to expand the collection of tactics, techniques, and procedures (TTPs) they use to compromise their targets.

“Making space for more 5G attacks: … A successful attack against 5G infrastructure could easily disrupt critical industries such as oil and gas, transportation, public safety, finance, and healthcare.”

6) Splunk — Splunk offers a very impressive security prediction report again for 2024. They named it Security Predictions 2024: From ransomware to resilience, and how AI will impact a changing threat landscape. This 17-page report is packed with material from eight named contributors (on p. 16) and leads with AI (parts one and two), before discussing CISOs and the board, cyber threats, ransomware, resilience and a 20-year security outlook. (My view: wow! That just bumped this report up two slots.)

Splunk starts with an interesting set of AI predictions that are good and bad at the same time.

• “AI – Part 1: AI will take on security tasks (and you’ll be better off, trust us). If we can bet on anything, it’s that AI won’t be going away anytime soon. Far from it. It will continue to shape the face of cybersecurity well into 2024, and into the foreseeable future. …
• AI – Part 2: AI will open a Pandora’s box of escalating privacy and security woes. Did we mention that no tool is perfect? What has the power for good also has the power for more malicious aims. While security practitioners will reap the benefits of AI, it’s equally likely that cybercriminals will explore ways to wield it as yet another weapon in their arsenals.
• Next, CISOs will have more at stake. … [Read much more on this at the report…]
• Power to the people: Threats will become more distributed and democratized.
• Ransomware actors will diversify their portfolios. (Hint: more use of zero days…)
• Collaboration and integration will become critical for resilience.
• 20-year outlook: A more integrated security future.”

Finally, I love their material on “7 Disruptions You Might Not See Coming: 2023-2028.” See the video below for details on each item.

• What If Geomagnetic Storms Knocked Out Your Internet Access?
• AI Driven Legacy Modernization.
• Regulation: Limit the Evolution of AI, laws rights, (Trust AI providers will emerge).
• AI Creates a Golden Age for “Silver Workers” – (helps solve tech talent crunch).
• Laggards Leapfrog Leaders – Startups for Sale .
• “Engineering Innovation Pace” – No pain no gain.
• Space Race 2.0.

8) Forrester – Like Gartner, Forrester has a paid model to receive their excellent research and prediction report for 2024. But there are many sources which offer their highlights, and even better YouTube videos that can be viewed to do a deep dive into various topics.

Also see these excellent YouTube videos/podcasts:

Predictions 2024: Where Will AI Go Next?

(Top item: Bring-your-own AI will be in store for 60 percent of us in 2024.)

To start, visit IBM’s 5 Trends for 2024:

• Organizations move from “plus-AI” to AI-plus.
• People who use AI will replace people who don’t.
• The data conversation moves out of IT and into the C-suite.
• Operating models bend so they don’t break.
• Ecosystems are not part of the strategy, they are the strategy.

Next, watch these great IBM Security Event videos (for free) at the WSJ website:

10) BeyondTrust — A different type of cyber trend list is offered by BeyondTrust’s Top Cybersecurity Trend Predictions for 2024. Like many others, they lead with:

“Evolution of the AI Threat:

• Part I – AI Threat Actors Take the Stage – Human threat actors will be increasingly augmented with AI capabilities. These capabilities will act as a force multiplier, rapidly extending the reach and technical capabilities attackers can wield. …
• Part II – New AI Threat Vectors Emerge – AI will continue to enhance existing attack vectors, like phishing, vishing, and smishing. It will also create new attack vectors that are crafted based on the quality of results of generative AI itself.
• Part III – AI Code Assistants Introduce Further Vulnerability – The increased adoption of AI assistants will, perhaps counterintuitively, introduce more errors in software development. Namely, writing security vulnerabilities into the source code. Researchers from Stanford published study findings showing that developers using AI assistants to write code are more likely to introduce security vulnerabilities than those who don’t rely on AI assistants.”

Unlike other reports, they jump into new areas like:

• Dedicated Applications Start the Course Toward Extinction.
• Down with VOIP and POTS—UCS is the Future.
• Subscription Overload: There’s a Subscription for That.
• Juice Jackers Exploit the Standardization of USB-C.
• Exploit Mapping for Ransomware.
• The Standardization of Cyber Insurance.

“Artificial Intelligence and Machine Learning:

• Rise of AI-directed cyberattacks: Artificial intelligence and machine learning have dominated the conversation in cybersecurity. Next year will see more threat actors adopt AI to accelerate and expand every aspect of their toolkit. Whether that is for more cost-efficient rapid development of new malware and ransomware variants or using deepfake technologies to take phishing and impersonation attacks to the next level.
• Fighting fire with fire: Just as we have seen cybercriminals tap into the potential of AI and ML, so too will cyber defenders. We have already seen significant investment in AI for cybersecurity, and that will continue as more companies look to guard against advanced threats.
• Impact of regulation: There have been significant steps in Europe and the US in regulating the use of AI. As these plans develop, we will see changes in the way these technologies are used, both for offensive and defensive activities.
• Hackers will Target the Cloud to Access AI Resources – GPU Farming
• Supply chain and critical infrastructure attacks (will lead to more Zero Trust implementations)
• Cyber insurance (will be transformed by AI)
• Nation state attacks and hacktivism (will mask ulterior motives)
• Deepfake technology will be weaponized (will sway opinions, alter stock prices or worse)
• Phishing attacks continue to plague businesses (will lead to log-in rather than break-in)
• Ransomware: Stealthy Exploits, Enhanced Extortion, and AI Battlefields (will cause more bad actors to ‘live off the land.’)”

12) Trellix — The Advanced Research Center at Trellix has put together an impressive report called Trellix 2024 Threat Predictions. Here is their outline (with many details on each item at their website):

The Threat of Artificial Intelligence

• Underground Development of Malicious LLMs
• The Resurrection of Script Kiddies
• AI-generated Voice Scams for Social Engineering

Shifting Trends in Threat Actor Behavior

• Supply Chain Attacks Against Managed File Transfers Solutions
• Malware Threats are Becoming Polyglot
• Even More Layers of Ransomware Extortion
• Election Security Must Start with Protecting the Human-in-the-Loop

Emerging Threats and Attack Methods

• Unmasking The Silent Surge in Insider Threats
• The Growing Battle of the (QR) Codes
• The Stealthy Assault on Edge Devices
• Python in Excel Creates a Potential New Vector for Attacks
• LOL Drivers Are Becoming a Game Changer

13) BAE Systems — Another report that comes from a slightly different perspective is BAE’s The future is now: Top five defense technologies to watch in 2024. This has a mix of cyber and other topics:

• “The end of platform-obsessed strategies in the move to Multi-Domain Integration – Multi-Domain Integration (MDI) is about looking at the whole digital ecosystem as one and considering the digital threads that stitch it all together.
• Dual-use space capability gets its launchpad – Dual-use space assets, those which can be used for both military and civil purposes, have grown in importance throughout recent years and through 2023. However, within the UK and internationally, customers are still lacking the frameworks and structure required to tap into the multiple opportunities that dual-use presents. This will change over the coming 12 months …
• Building resilience and protecting elections in pursuit of Cyber Power …
• Prepare for an AI assurance surge — 2024 will see an assurance market surge, with regulations (national, multinational and global) moving front and center. AI standards and emerging certification regimes will hit hard as public and private sector organizations put a greater emphasis on understanding if and how AI systems are safe, responsible and trustworthy.
• Quantum sensors to enable disruptive military advantage.”

14) Proofpoint —Proofpoint’s 2024 Predictions: Brace for Impact is a solid list for the coming year with helpful insights like: “As we reflect on 2023, it becomes evident that threat actors possess the capabilities and resources to adapt their tactics in response to increased security measures such as multi-factor authentication (MFA). Looking ahead to 2024, the trend suggests that threats will persistently revolve around humans, compelling defenders to take a different approach to breaking the attack chain.”

• Cyber heists: Casinos are just the tip of the iceberg
• Generative AI: The double-edged sword
• Mobile device phishing: The rise of omni-channel tactics take center stage
• Open-source and generative AI: Leveling the ground for malware developers
• Identity-centric breaches: The Achilles’ heel

15)  IDC Predicts —

Start withTop 10 Worldwide IT Industry 2024 Predictions: Mastering AI Everywhere.” Here are their top five items, with details on the first:

• Prediction 1: Core IT Shift – IDC expects the shift in IT spending toward AI will be fast and dramatic, impacting nearly every industry and application. By 2025, Global 2000 (G2000) organizations will allocate over 40% of their core IT spend to AI-related initiatives, leading to a double-digit increase in the rate of product and process innovations.
• Prediction 2: IT Industry AI Pivot
• Prediction 3: Infrastructure Turbulence
• Prediction 4: Great Data Grab
• Prediction 5: IT Skills Mismatch

Next week, I’ll release the second part of this report, “The Top 24 Security Predictions for 2024 (Part 2),” including:

• Reports 16 to 24
• Six bonus reports to examine
• Honorable mention reports and prediction lists
• Awards for the best reports and predictions in various categories
• My final thoughts on what may be missing from these 2024 security predictions