Cybersecurity Snapshot: What’s in Store for 2024 in Cyberland? Check Out Tenable Experts’ Predictions for OT Security, AI, Cloud Security, IAM and more
2023-12-29 22:0:0 Author: www.tenable.com(查看原文) 阅读量:14 收藏

What’s in Store for 2024 in Cyberland? Check Out Tenable Experts’ Predictions for OT Security, AI, Cloud Security, IAM and more

The new year is upon us, and so we ponder the question: What cybersecurity trends will shape 2024? To find out, we asked Tenable experts to read the tea leaves. Their 2024 forecasts include: A bigger security role for cloud architects; a focus by ransomware gangs on OT systems in critical industries; an intensification of IAM attacks; and much more! 

1 - Cloud architects will take on security

Cyber-savvy organizations understand that security is key in the delivery and deployment of applications – and that it shouldn’t be something that’s tacked on as an afterthought right before moving them to production. 

As a result, we’ll see more cloud architects assuming responsibility for the security of their applications. Simultaneously, solutions originally designed for security practitioners will provide more capabilities for developers, so they are able to continuously improve the security of their applications without slowing down development.

Cloud architects will take on security

For more information about software development security, “shift left” and DevSecOps:

2 - Orgs will consolidate, unify cloud security tool sets

It’s become clear to cybersecurity leaders that cloud native security allows their organizations to break up silos and provide a unified, contextual risk picture. Thus, organizations will accelerate their efforts to consolidate cloud security products and vendors. This will in turn yield not only more secure applications, but also better optimization of resources, skills and time, during a period when organizations are stretched to the limit.

Orgs will consolidate, unify cloud security tool sets

In fact, this move away from tool and vendor sprawl, and towards unified tool sets will not be limited to the cloud security realm. Demand from CISOs for integrated security suites and platforms will reach new heights, because they allow security teams to see the big picture, assess their complete attack surface and prioritize remediation of their most critical weaknesses.

For more information about the benefits of integrated security tool stacks, suites and platforms:

3 - Cyber insurers will tighten the screws on industrial companies

Industrial companies will be less able to rely on their cyber insurance for covering the cost of damages from a cyber incident. Why? Before issuing coverage, cyber insurers will conduct their due diligence process more stringently. And when they do offer policies to industrial companies, the scope of coverage will be more limited. As a result, industrial companies will need to be more proactive about managing their cyber risk, as opposed to being reactive and hoping that their cyber insurance will cover the costs of an attack.

Cyber insurers will tighten the screws on industrial companies

And speaking of lowering cyber risk, CFOs and CISOs of organizations with OT systems will realize that now, more than ever, investments in OT security will yield a better cost-benefit than investments in IT security. In other words, spending in OT security has a much biggest impact on reducing risk.

For more information about cyber insurance trends:

4 - Proliferation of energy-monitoring sensors will heighten OT risk

Seeking to lower energy costs and avoid carbon-usage fines, organizations will increase the number of OT-based sensor deployments and controls. This will allow organizations to better manage their energy usage. However, having more internet-connected IoT and OT devices in smart buildings and in factory- and building-management systems will also expand their attack surface.

For more information about OT/IoT cybersecurity:

VIDEO

The top threats to ICS systems (Tenable)

5 - Ransomware groups will target OT, collaboration technologies

Ransomware gangs will set their sights on two attractive targets: OT systems and collaboration technologies.

The allure of targeting businesses that depend on OT systems resides on two factors. First, it’s highly lucrative to go after these organizations, especially in the manufacturing industry. Second, the publicity that these high-profile attacks garner boosts ransomware gangs’ brands. This motivation fuels hacktivist groups in particular, as they look to give visibility to their causes by attacking organizations they oppose.

Ransomware groups will target OT, collaboration technologies

Meanwhile, ransomware groups will continue to evolve their tactics to hit multiple organizations with collaboration technologies. Targeting of a zero-day vulnerability in MOVEit Transfer – a secure managed file transfer (MFT) software made by Progress Software – was just the beginning. We'll continue to see these groups target zero-days and n-days in order to claim as many victims as possible.

Tenable experts also predict that while dozens of nations have pledged to not pay ransoms in cyberattacks, organizations of all sizes will continue to pay, even with no guarantees that the attackers will delete the stolen data. In fact, data will be 2024's most sought after resource for ransomware groups and their affiliates.

For more information about ransomware trends, check out these Tenable resources:

VIDEOS

Tenable.ot Security Spotlight - Episode 1: The Ransomware Ecosystem

Tenable CEO Amit Yoran discusses MOVEit Transfer Hack on BBC Asia

Anatomy of a Threat: MOVEIt

6 - Spending on IAM security will skyrocket

Investment in identity and access management (IAM) tools will continue to grow in 2024, as ransomware groups and “hack-the-human” attackers, such as phishers, continue to compromise digital identities across organizations of all sizes.

Spending on IAM security will skyrocket

As they grapple with higher cloud adoption and with a shortage of qualified cyber pros, organizations will heavily invest in IAM products, with the hope of being better able to stay ahead of bad actors and protect 2024’s most valuable resource: data.

For more information about IAM security:

Bonus: Stocking stuffers

And here are several quick takes from our experts:

  • The expected Bitcoin Halving event in 2024 will be ripe for exploitation, as cybercriminals aggressively target it with AI-generated and deepfake video content, leading to the theft of tens of millions of dollars.
  • In 2024, investment scams, including pig butchering, will increase exponentially around the world, exceeding $5 billion in losses.
  • There will be an increase in attacks against AI platforms that will far exceed our understanding and ability to protect them, resulting in data leaks, data poisoning and cyberphysical effects.

Juan Perez

Juan Perez

Juan has been writing about IT since the mid-1990s, first as a reporter and editor, and now as a content marketer. He spent the bulk of his journalism career at International Data Group’s IDG News Service, a tech news wire service where he held various positions over the years, including Senior Editor and News Editor. His content marketing journey began at Qualys, with stops at Moogsoft and JFrog. As a content marketer, he's helped plan, write and edit the whole gamut of content assets, including blog posts, case studies, e-books, product briefs and white papers, while supporting a wide variety of teams, including product marketing, demand generation, corporate communications, and events.

Related Articles

  • Active Directory
  • Cloud
  • Cybersecurity Snapshot
  • Exposure Management
  • Federal
  • Government
  • Internet of Things
  • OT Security
  • Threat Management
  • Vulnerability Management

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Thank You

Thank you for your interest in Tenable Vulnerability Management. A representative will be in touch soon.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Thank You

Thank you for your interest in Tenable.io. A representative will be in touch soon.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Thank You

Thank you for your interest in Tenable Vulnerability Management. A representative will be in touch soon.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Try Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Thank You

Thank you for your interest in Tenable Lumin. A representative will be in touch soon.

Request a demo of Tenable Security Center

Formerly Tenable.sc

Please fill out this form with your contact information.

A sales representative will contact you shortly to schedule a demo.

* Field is required

Request a demo of Tenable OT Security

Formerly Tenable.ot

Get the Operational Technology Security You Need.

Reduce the Risk You Don’t.

Request a demo of Tenable Identity Exposure

Formerly Tenable.ad

Continuously detect and respond to Active Directory attacks. No agents. No privileges.

On-prem and in the cloud.

Request a Demo of Tenable Cloud Security

Exceptional unified cloud security awaits you!

We’ll show you exactly how Tenable Cloud Security helps you deliver multi-cloud asset discovery, prioritized risk assessments and automated compliance/audit reports.

See
Tenable One
In Action

Exposure management for the modern attack surface.

See Tenable Attack Surface Management In Action

Formerly Tenable.asm

Know the exposure of every asset on any platform.

Thank You

Thank you for your interest in Tenable Attack Surface Management. A representative will be in touch soon.

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements

Tenable solutions help fulfill all SLCGP requirements. Connect with a Tenable representative to learn more.


文章来源: https://www.tenable.com/blog/cybersecurity-snapshot-whats-in-store-for-2024-in-cyberland-check-out-tenable-experts
如有侵权请联系:admin#unsafe.sh