7 Security Predictions for 2024

Key Trends and Threats in Cyber Security for 2024

The views and opinions expressed in this article are solely those of the author and do not necessarily reflect the official policy or position of any other agency, organization, employer, or company.

Overall, I believe 2024 will be a great year for cyber security. The new wave of AIs that are now widely available will spark some interesting discussions around use cases, capabilities, and risk. In addition, I believe regulatory compliance in the EU with NIS2, might have the same effect as GDPR once did, which is very interesting. This article delves into seven key predictions for 2024, highlighting the trends, challenges, and opportunities in the dynamic world of information security.

Here are the 7 predictions:

1. 🤖 AI/LLM Poisoning: The intentional skewing or leakage of AI or Large Language Model datasets poses a growing threat to the confidentiality and integrity of AI-driven decisions and outputs.

2. ☁️ Cloud Misconfigurations: Increasing reliance on cloud services leads to heightened risks of data breaches due to common configuration errors.

3. ✂️ Supply Chain Attacks: Sophisticated cyber-attacks on supply chains will likely escalate, targeting vulnerabilities to compromise the end products, vendors, it personnel, or services.

4. 🇪🇺 NIS2 Directive: The NIS2 Directive in the EU is set to bring comprehensive changes, enhancing cybersecurity resilience across member states.

5. 🔐 Schrems III: A potential new legal decision that could further tighten EU-US data transfer regulations, impacting global data privacy and management practices.

6. 👩🏻‍💻 Application Security Posture Management: A shift towards a unified, continuous approach in managing application security, integrating various security practices under one framework.

7. 🌎 Democratic Effects of AI: The growing influence of AI in democratic processes, particularly in elections, raises concerns about its potential to manipulate public opinion and sway election outcomes. Particularly with larger elections coming up this year.

---

1. AI/LLM Poisoning

☝🏽 What It Is: AI or Large Language Model (LLM) poisoning is the intentional manipulation of training datasets for language models, resulting in skewed, inaccurate, or purposefully altered outputs. e.g:

• Jailbreaking LLMs¹

🌿Why It Is Important: With the rising trend of companies developing proprietary LLMs, the threat of LLM poisoning escalates. Critical applications in decision-making, content generation, and data analysis hinge on the integrity of training data. Compromised data can lead to widespread misinformation, biased AI decisions, or even data breaches by malicious actors.

✨ In 2024: The increasing adoption of customized LLMs in business environments heightens the risk of manipulation or misuse, particularly if robust guardrails are lacking. For instance, a company-wide LLM, serving as a centralized knowledge base, could be exploited through 'jailbreaking' or unauthorized commands if not properly safeguarded. In scenarios where LLMs have extensive system access (like sending emails, reading documents, and searching databases), the potential damage from security lapses can be significant.

🔥 Side note: A notable development is Microsoft's planned launch of Security Co-pilot in 2024. Security co-pilot will most likely require high-level access, akin to a global admin account in Azure, either for a short or longer period, for effective security management and triage across various systems. Interested to see the new attack vectors and attack primitives that might come from that.

2. Cloud Misconfigurations

☝🏽 What It Is: This refers to incorrect configuration in cloud services, leaving systems vulnerable to breaches. These mistakes often occur in the configuration process and can leave systems or applications exposed to unauthorized access and data breaches. e.g:

• Unsecured S3 buckets or Azure Blob storage

🌿 Why It Is Important: With an increasing number of businesses and services moving to the cloud, these misconfigurations can lead to significant data leaks and security breaches.

✨ In 2024:
Key areas that may see increased attention regarding cloud misconfigurations include:

1. Infrastructure as Code (IaC) and Cloud Storage Configurations:

   • The rise in IaC adoption for automating and managing cloud resources might lead to complex configuration scenarios. Missteps in these configurations can expose cloud storage to unauthorized access, leading to potential data breaches.

2. Service Account Mismanagement:

   • There may be instances where service accounts are granted excessive privileges for convenience or due to lack of oversight.

3. Insecure Test Environments and Accounts:

   • Test services and accounts, often used for development and trial purposes, may not receive the same level of security scrutiny as production environments.

3. Supply Chain Attacks: Still relevant

☝🏽 What It Is: Supply chain attacks are cyber-attacks that target vulnerabilities in the supply chain. This chain includes different elements such as vendors, processes, or technologies involved in creating value, products, or services. Attackers exploit weaker parts in this chain to compromise the final product or service.

🌿 Why It Is Important: Supply chains often rely on trust, which can be misused - The interconnectedness of supply chains has amplified the potential impact of these attacks, posing significant risks to entire industries. The frequency of supply chain attacks has been on the rise², and this trend is unlikely to diminish soon. These attacks not only disrupt business operations but can also lead to substantial financial losses and erosion of customer trust.

✨ In 2024: In addition to the effort around the Software Bill of Materials(SBOM) The landscape of supply chain attacks is expected to evolve further in 2024. Factors contributing to this increase include:

1. Geo-Political Tensions:

   • The changing global political landscape is likely to influence the frequency and nature of supply chain attacks. As nations engage in cyber warfare and espionage, supply chains could become prime targets for disrupting an adversary's economic and technological capabilities. Particularly with the Russia-Ukraine and Israel-Palestine conflicts.

2. The sophistication of Cyber Criminals - similar to LastPass:

   • The continuous advancement in the skills and methods of cyber criminals means that supply chains, often comprising multiple layers and processes, present numerous opportunities for exploitation. There might be an increase in attacks similar to LastPass, meaning sophisticated attacks against developers or IT personnel with elevated privileges in their home network.

3. Increased Reliance on Third-Party Vendors:

   • As businesses increasingly rely on third-party vendors for various components and services, the security of these external entities becomes a critical factor. Any vulnerability in these third-party systems can provide a gateway for attackers to infiltrate more secure areas of the supply chain. Conducting comprehensive due diligence and due care for third-party vendors can be challenging, as the visibility and observability might not accurately reflect reality.
     

4. NIS2 Directive: Elevating Cybersecurity Standards in the EU

☝🏽 What It Is: The NIS2(Network and Information Security Directive) Directive represents a significant step in EU legislation, designed to strengthen cybersecurity resilience and response across member states. This directive updates and expands upon its predecessor, the NIS Directive, reflecting evolving cyber threats and the need for a more robust, cohesive cybersecurity framework within the EU. NIS2 includes:

Corporate Accountability, Strengthening Security Measures,
Harmonizing Reporting Obligations,
Promoting National Supervision and Cross-Border Collaboration, Risk Management, Business Continuity,
Incident Handling and Vulnerability Disclosure,
Supply Chain Security and Use of Cryptography³

🌿 Why It Is Important: This directive signifies an acknowledgment of the crucial need for cybersecurity standards and practices across national borders in critical infrastructures or businesses.

✨ In 2024: Looking ahead to 2024, we can anticipate a heightened focus on compliance with the NIS2 Directive, going beyond the realms of privacy and data protection emphasized by the GDPR.

5. Privacy: Schrems III and the saga continues?

☝🏽 What it is: Schrems III is a potential upcoming decision following the Max Schrems II ruling. The new ruling might further impact data transfer regulations between the EU and other regions, especially the US.

🌿 Why It Is Important: This anticipated ruling highlights the complex challenge of balancing stringent EU data privacy rights with the global dynamics of internet-based data flows.

✨ In 2024:

• Tighter or Invalidating current Data Transfer Rules: New restrictions may force companies to significantly revise their data management and privacy practices.

• Reevaluation of Data Transfer Agreements: The ruling could necessitate a reassessment of current data transfer mechanisms like the Privacy Shield or Standard Contractual Clauses.

• Focus on Data Localization: Companies might increasingly adopt data localization to simplify compliance with EU privacy standards.
  

Application Security: Application Security Posture Management as the future?

☝🏽 What It Is: Application Security Posture Management (ASPM) refers to the process of monitoring and improving the security of software applications. It is a comprehensive approach that uses DevSecOps processes and technologies, focusing on various capabilities such as vulnerability management, Software Composition Analysis, and Static/Dynamic Application Security Testing. This approach is designed to continually assess and enhance the security measures in place for applications. E.g

• This article by TL;DR Sec provides a more in-depth overview of the topic. ⁴

🌿 Why It Is Important: The increasing complexity of applications makes managing their security posture a pivotal aspect of cybersecurity. Implementing effective vulnerability management, prioritizing security in the design phase (security by design), and leveraging virtualization technologies are key to the resilience of applications against breaches. As cyber threats evolve, so must the strategies to counter them, making ASPM an essential component of a robust cybersecurity framework.

✨ In 2024:

• Similarities to CPSM: Looking towards the future, it's likely that more companies will gravitate towards a unified approach in their application security tooling, opting for integrated solutions over isolated tools with singular capabilities. This predicted trend is similar to Cloud Security Posture Management(CPSM) but focuses specifically on enhancing the security of application workloads.
  

• 👀Security Education for Developers👀: In the realm of educational application security education, there's a growing possibility that Application Security Posture Management (ASPM) will emerge as a significant alternative to traditional platforms like HackTheBox, Secure Code Warrior, and similar offerings. One of the most notable challenges with these existing platforms is the substantial time commitment required for learning. In my experience developers often find it difficult to dedicate time specifically for training, which can hinder the effectiveness of these platforms. While this idea is still relatively new and evolving, it could lead to more effective and practical cybersecurity education in the industry.

Democratic Effects by AI: A Critical Look at the Intersection of Technology and Democracy

☝🏽 What It Is: The role of AI in shaping public opinion, particularly in democratic processes like elections, is an evolving and significant phenomenon. A prominent early example is the Cambridge Analytica scandal during the 2016 U.S. election, where personal data was used to influence voter behavior. This incident serves as an early bird moment in understanding the potential impact of AI on democracy.

🌿 Why It Is Important: AI's ability to create and disseminate disinformation, manipulate public perception, and potentially sway election outcomes cannot be overstated. With major elections looming in various countries, including the U.S., Russia, and Taiwan, the implications of AI-driven interference are global. The issues raised in "The Age of Surveillance Capitalism" by Shoshana Zuboff, are still very relevant. ⁵

✨In 2024: Looking forward to 2024, we may witness an escalation in the use of sophisticated AI tools, such as Large Language Models (LLMs) and deepfakes, to manipulate public opinion. If these AI systems are further trained on extensive marketing data from ad platforms like Facebook or Google, their influence could be really powerful and harmful for democracies worldwide. This scenario raises serious ethical concerns, as the line between legitimate political campaigning and covert manipulation becomes increasingly blurred.

---

I hope you found these predictions insightful, most of them are based on observations in real life. 🔐

As always - Stay curious and keep learning! ✨

Made this with DALL-E!

Subscribe for more content - I have a weekly newsletter with 3 security tips, 2 security and privacy news and 1 weekly discovery :)

1

ChatGPT - Jailbreak

2

https://www.crowdstrike.com/cybersecurity-101/cyberattacks/supply-chain-attacks/

3

https://pecb.com/article/a-comprehensive-guide-understanding-the-nis-2-directive

4

https://tldrsec.com/p/supply-chain-security-overview

5

https://www.amazon.com/Age-Surveillance-Capitalism-Future-Frontier/dp/1610395697