new cyber 2024

ProMiles Cyber has reviewed several sources and considers these cyber risks at the top of its mind in 2024.

Ransomware: As of February 2024, Malwarebytes Labs reported that January experienced 261 ransomware victims, but that is limited to their insights. The USA represents around 55% of their reported number. Threat actors also add double extortion tactics, where attackers threaten to release sensitive data unless a ransom is paid, further complicating the defense landscape.

Supply Chain Vulnerabilities: Supply chain risks can be highly complex depending on the organization’s size. Attackers tend to target less secure elements within the chain to compromise larger entities, including the smaller organizations with which they do business. For example, the SolarWinds incident is a stark reminder of the potential fallout from such attacks, highlighting the need for enhanced scrutiny and security practices with our business partners.

AI and Machine Learning Threats: Many signs we traditionally look for in phishing emails and sites are becoming more challenging for the human element to detect. AI lends itself to increased sophistication when crafting customized attacks and makes the likelihood of success much higher.

Cloud Security Challenges: Businesses have been working with cloud security for years, but exploiting those resources is still of significant concern. When we look at misconfiguration, inadequate access controls, and the shared responsibility model of cloud security, we must remember that the cloud is not a one-stop shop. Organizations still maintain much of the liability for ensuring they have securely implemented their cloud infrastructure. The rise of multi-cloud and hybrid cloud architectures introduces additional layers of complexity, necessitating comprehensive security strategies and continuous monitoring.

IoT Device Security: IoT devices are commonplace in small restaurants to significant enterprises. They are no longer straightforward devices and, in many cases, are highly connected and capable of being utilized as a foothold for an attacker on your network. Understanding what is required of these devices, segmenting, and patching them regularly can significantly reduce your business risks concerning IoT.

Quantum Computing Threats: Quantum computing stands to make encryption standards for existing data protection measures obsolete. While this seems like a simple bullet in the list, the impact could be monumental, considering that many regulatory requirements would then see current (highly secure) encryption standards as obsolete and require an update to be considered safe.

Regulatory Compliance and Privacy Concerns: The industry is not new to regulatory compliance and privacy concerns. Still, as technologies become more complex and breaches continue to hit the news feeds of millions of people daily, they are sure to have a ripple effect on future cyber and privacy-related practices.

The cybersecurity concerns of 2024 reflect a landscape in flux; depending on the next zero-day or news article, these items are subject to change. Addressing these challenges requires a multifaceted approach, combining advanced technological solutions with comprehensive security policies and continuous education on the latest threats. ProMiles Cyber stands ready to assist any organization with questions or concerns.

 

Related Post