Edgio reveals 2024’s key cyber threats at Black Hat Europe
As we stand at the crossroads of an ever-evolving digital landscape, the role of cybersecurity in safeguarding our interconnected world cannot be overstated.
Edgio, the platform of choice for speed, security, and simplicity at the edge, identifies the most common cyber threats and the top four priorities for leaders to get their cybersecurity up to scratch in 2024.
AI will bridge the cyber skills gap
One of the greatest challenges organisations face is the skills gap. Fifty percent of all UK businesses have a basic cybersecurity skills gap, meaning they’re unable to perform some of the most basic cybersecurity tasks, and there is an estimated shortfall of 11,200 people to meet the demand of the cyber workforce.
Moving into 2024, AI could offer a solution by lowering the barrier of entry for cybersecurity roles. Once we build more trust in GenAI in the cyber community, this tech can help to overcome the breadth and complexity of cybersecurity tools and open roles up to a wider talent pool.
However, businesses must remain vigilant. While this tech will lower the barrier of entry for industry professionals, it will do the same for cybercriminals. In 2024, businesses must prepare for criminals to keep pace with their own AI advancements. These tools are enabling attackers to quickly and easily write malware, ransomware, phishing emails, phishing sites, discover vulnerabilities, and much more.
DDoS and Ransomware attacks will reach a new level of maturity
Another challenge for companies is the continuing growth, frequency, and evolution of DDoS attacks. This growth is driven by a change in technique. In the past, attackers targeted comprised IoT devices, but now hackers are better resourced and can even buy and utilise cloud providers.
In 2024, businesses should expect to defend themselves from ransomware that doesn’t just lock up data, but exfiltrates it and holds it ransom. Reputations are on the line even for reporting these events. Attackers are weaponizing the SEC to file formal complaints should a victim fail to report the event. They should also look to upskill employees in social engineering and spotting phishing attacks to reduce points of entry.
Building a security-first culture will become non-negotiable
Traditionally there has been a top-down approach to cybersecurity. As attacks have become more sophisticated, this can no longer be the case, and upholding the security of business and customer data is a continual process that requires constant attention.
In 2024, businesses need to shift their mindset and consider security more as bottom-up than top-down. CISOs need to incorporate security into the fabric of their company's culture and look at their software development life cycle through that lens. By incorporating security into every stage of the process and every role, it becomes part of company culture rather than an afterthought. In 2024, they must insert security into every conversation to ensure that operations and strategy are up to par.
AI will drive zero-day attacks
Another type of cyberattack that is gaining momentum is zero-day attacks. Recently, attacker-side source code has been leveraging AI to pick out vulnerabilities, especially with open-source products.
Going into 2024, businesses should continue to prioritise and patch but should expect zero days to grow. While businesses have gotten better at patch and vulnerability management, attackers have been leveraging more zero-day vulnerabilities to combat these good processes. Even though the attackers may have less low-hanging fruit, they continue to get creative — and with the ability to scan source code with AI, these threats will only increase further. On the other side of this coin, in 2024, we will start to see defensive solutions that leverage AI to nearly automate the entire process, from identification to bug-fix enabling businesses to keep in step with these actors.
“Security is a team sport. By working together as a cohesive team, sharing knowledge, and staying ahead of technological advancements, we can create a digital ecosystem that is not just resilient but also trustworthy. The war against cyber threats is ongoing, and victory lies in our collective effort to outpace, outsmart, and outmanoeuvre those who seek to undermine our digital security,” said Tom Gorup, Vice President Security Services at Edgio.