This past year has shown without a doubt that cybersecurity is a world of constant evolution. Looking back on the findings in our 2023 State of the Threat report as well as other analyst reports and guidance, we saw threat actors adapt regularly and with agility to the changes they saw, and in the cybersecurity industry, we saw the increased importance of extended detection and response along with managed services to stay ahead of the adversary.
So what will 2024 bring when it comes to the platforms SecOps teams use to defend their organizations? While there’s no crystal ball in an industry as fluid as ours, here are three predictions for what will be important for cybersecurity platforms in 2024.
- Speed — With Accuracy
In 2023 we saw threat actors continue to accelerate their time to attack with ransomware dwell times freefalling from around 4.5 days to under 24 hours. Organizations must be able to prevent, detect, and respond effectively to these fast-paced attacks to avoid business impacts.
Compounding reductions in dwell time are the new U.S. SEC reporting requirements, requiring immediate action when breaches occur. It has never been more important to the business to quickly detect and respond to attacks.
Organizations are going to have to move quickly to ensure they can protect and defend ahead of the growing threat, but they must do so with high accuracy. AI and automation are critical to this endeavor, and product vendors continue to release new capabilities to address these challenges. However, organizations should look for technologies that provide out-of-the-box best-practice automation playbooks and have large proprietary training sets to train the AI models to ensure maximum accuracy.
- Proactive Cybersecurity Will Become a Priority
In 2024, we’ll likely see a growing move from a sole focus on reactive cybersecurity — detection and response — to place more emphasis on a proactive preventative approach. For the second year in a row, we’ve seen scan and exploit as a top initial access vector for cyberattacks. Vulnerabilities and misconfigurations present a real digital risk for organizations, but triaging, responding to and rectifying these is a huge challenge.
There is going to be a much greater demand for tools that help to continuously identify and prioritize these risks as organizations move to shore up prevention for known attack vectors. As organizations increasingly understand the risk factors in their environment, they can do more to prevent attacks from known vulnerabilities.
- The Convergence of the Tech Stack
Gartner reports that by 2025, 70% of asset-intensive organizations will have converged their security functions across both enterprise and operational environments. As the divide decreases between information technology (IT) and operational technology (OT), the potential cyberattack surface increases. They must meet the challenge of keeping OT assets safe from increasing threats, remaining compliant, and ensuring business continuity.
As we see this convergence continue through 2024, industries such as manufacturing will need to take a more consolidated approach to cybersecurity. The focus will very much be on solutions that can understand and navigate the complexities of this kind of combined environment.
Stay Vigilant
There’s good reason to believe that many of the cybersecurity trends we saw in 2023 will continue into 2024. Ransomware, business email compromise and infostealers will remain prime threats for most organizations, and state actors such as Russia and Iran will likely keep their current agendas. But as with any year in cybersecurity, there will be surprises as well. New threats will emerge, new vulnerabilities will be discovered, and cybersecurity technology will need to stay on the forefront to reduce risk and secure the mission of organizations around the globe. That’s why it’s so important to equip your cybersecurity team with a platform that offers flexibility, faster detection and response, and more value for your organization.
Request a demo to learn how Secureworks® Taegis™ can help your organization improve its cybersecurity in 2024.