In 2023, over 45 per cent of businesses have experienced one or more cyber incidents in the past three years.
As we approach 2024, Danny Jenkins, chief executive officer of ThreatLocker, has given his predictions of the issues that will continue to face businesses throughout the year that they can prepare for.
Every new year brings new challenges for the cybersecurity industry - and experts have long been warning of the need for serious action in order to stem the tide of increasing attacks.
Last year was proof of that. Spanning across all sectors in Ireland, both private and public which included 200 C-suite leaders, 46 per cent of respondents had experienced one or more cybersecurity attacks in the past three years. Expressing concern, 20 per cent of companies admitted they experienced a financial loss as a result of these cyber incidents.
The Health Service Executive (HSE) experienced a severe cyberattack in May 2021, in which the repercussions of the incident remain.
This cyberattack was the largest in the history of the Irish State. As cyber incidents continue to grow across the country, a Cyber Readiness Report 2023 has revealed that business email compromise are a fraudsters' most used cyberattack of choice in Ireland.
Ongoing worldwide conflicts and the rapid evolution of AI has diversified and increased the types of threats Ireland now faces - leaving the country with more issues to address as we head into a new calendar year.
Here are some of the topics and challenges that will prove prominent in cybersecurity in 2024, which Mr Jenkins has shared with BreakingNews.ie.
Cyber Skills Gap
With human error remaining one of the largest contributors to cyber-attacks and nine out of 10 of all data breaches being caused by employee mistakes, the pressing issue of the cyber skills gap will continue to threaten businesses into the new year if the digital literacy of employees is not addressed.
However, phishing attacks, weak passwords and social engineering are just a small part of the wider issue facing the cybersecurity of businesses. Recruitment and retention of cybersecurity professionals as a whole is plaguing the industry.
Internal issues like workload complexity, staffing shortages and budget deficits combined with external issues like the dangerous threat landscape and regulatory compliance challenges have made this profession progressively more difficult.
The Challenges of AI in Cyber
This year, AI has been one of the most talked about trends across the technology industry following its recent advancements. One thing that makes it more of a threat to the cybersecurity sector is the ability for natural language and closeness to match human ability.
AI also makes it more difficult to recognise phishing attempts by removing language barriers - producing a clearer, cleaner message that may be misconstrued as legitimate.
Previously, AI has been a tool developed by machine learning and driven by data, but as it’s continued to rapidly develop, the ability to simulate human behaviour has become apparent. AI now has the ability to write malware and make it easier for cyber criminals to access code they would only usually see on the dark web.
During a testing phase, we compared a piece of code found online against one created in ChatGPT. Both pieces were functional and looked almost identical. When ran through the system, the piece found online was blocked. However, the ChatGPT code infiltrated the system. Security measures need to continue to advance alongside the development of AI in order to maintain effectiveness and mitigate threats.
State Sponsored Cyber Attacks
As nations continue to advance their cybersecurity capabilities, defending against state-sponsored attacks is becoming a critical aspect of cybersecurity strategies.
Coordinated attacks by governments and their intelligence agencies are becoming more frequent and sophisticated, especially during times of war.
This year will see more attacks carried out by state-actors, and these need to be expected and defended against.
Readiness for Threats
It’s becoming more apparent that in the aftermath of a cyberattack, businesses are finding themselves more likely to contemplate paying the ransom for their data. With high chances of being attacked, companies are factoring ransom payments into their budget and business strategy, rather than increasing funding for their cybersecurity defences.
This decision often stems from the immediate need to regain access to their accounts and data in the face of operational disruption and financial losses, but this approach creates a problematic cycle.
Paying ransom incentivises cybercriminals to persist and continue to attack. The reluctance to invest in more robust cybersecurity measures poses long-term risks to businesses as it does not address the root cause of vulnerabilities within the companies systems and leaves them, and others, more susceptible to future threats. A proactive and comprehensive approach towards cybersecurity is essential to mitigate threats effectively.
Businesses are also operating in the naivety of thinking they won't be attacked because the data they hold is not important enough, and they don’t operate in a target-rich area. Although businesses in the public sector are slightly less at risk of an attack than those in the private sector, it’s crucial that their legacy IT is updated regularly and continues to evolve to match the increasing threat level.
Cyber Regulations
As we continue to see advancement in cybersecurity and the abilities of cybercriminals, governments and organisations need to be more aware of the risk to the national sector posed by cyber threats.
We’ve seen the introduction of more resilient and robust cybersecurity strategies over the last year, put in place by governing bodies globally.
It’s predicted that during 2024, more countermeasures will be developed and set out for businesses to follow in order to continue to operate against the threat of cyberattacks. Strategies such as this need to be a priority for government organisations and continuously be assessed and developed.
Supply Chain Attacks
One thing we will see more of in 2024 is not just supply chains being attacked, but more supply chains being responsible for breaches. You have so many pieces of software running on your computer that all have access to all your data, most people don’t realise just how much software they have.
What we’re going to see more of, as we did last year, is either through vulnerabilities or weaponization - as we saw with 3CX - is that supply chain attacks are going to happen through the software being used already.
It’s going to be a challenging year - but implementing a serious cybersecurity strategy is the first step towards successful defence.
