This week, the people at Cynet are sponsoring Graham Cluley Security News. I appreciate the team there for their assistance.
My team and I get to work closely with risk management executives at small- to medium-sized businesses ( SMEs ) all over the world as Cynet’s COO. I’ll summarize our collaboration’s insights into three key trends for 2024 in this piece, supported by data and research from various cybersecurity practice areas.
These emerging patterns apply to businesses of all sizes and shapes, but there is no doubt that SMEs, where lean security teams with tight budgets are the norm, will experience the greatest effects. According to IBM, the average cost of a data breach for businesses with 1,000 to 5,000 employees reached$ 4.87 million in 2023, an increase of nearly 20 % year over year.
For a thorough understanding of the security technologies, services, and initiatives required to manage risk in the coming year, I strongly advise business leaders to use tools like the 2024 Cybersecurity Planning Checklist.
You can also view an on-demand webinar where we link our findings with practical suggestions you can use to safeguard the most important assets and operations of your company.
1. SMEs will be exposed to recognizable risks on an unprecedented scale.
Executives will face a challenge to increase capability, expertise, and security awareness without increasing their expensive headcount.
Artificial intelligence has the potential to strengthen or circumvent cybersecurity measures, but this is far from news. But do n’t worry, this forecast avoids the canned predictions you’ve been reading ever since ChatGPT became well-known.
At first, there was a lot of rumor that adversaries would use GenAI to instantly create previously unheard-of malware. That did n’t take place. Instead, my team has seen how GenAI is being used to spread existing threats at an unheard-of rate. Automated attacks will continue to follow this pattern.
GenAI also has the parallel effect of causing havoc in 2024 for inexperienced hackers. Alternatives like FraudGPT get around the restrictions that traditional platforms put in place to stop illegal activity. It is simple for script kids to find and use automated malware on dark web forums where malware and ransomware are offered as services. These dynamics give unprepared organizations an asymmetric advantage over inexperienced threat actors. Numerous new threat actors will emerge as a result, attempting to enter your environment.
For SMEs, the impact will be particularly severe. As the number of inbound threats grows exponentially, Gartner predicts that cybersecurity spending will rise by 14 % in 2024. PwC further emphasizes this disparity by estimating that one in five businesses will reduce or eliminate their 2024 security budget. With a fraction of the personnel, budget, or bandwidth, lean security teams must protect against the same threats that face large enterprises. Corporate culture can aid in bridging this gap. Employee incentives can increase awareness and strengthen resilience, such as risk-linked performance bonuses. By 2026, 50 % of C-suite leaders will have performance requirements related to cybersecurity risk incorporated into their contracts, according to a Gartner survey.
For advice on increasing employee awareness, pg. The main elements of a holistic security training program are identified in section 5 of the 2024 SME security plan checklist. SME executives can lower organizational risk by promoting responsible best practices, increasing organizational awareness, and giving employees the tools they need to react appropriately to incidents.
2. The evolution of malware increases financial harm.
By prioritizing preventative capabilities, SME executives can reduce their exposure and be eligible for favorable insurance coverage.
Threat actors are modifying malware to evade detection and cause the greatest amount of financial harm. The widespread adoption of customizable infostealers like Stealc by cybercriminals in 2024 will serve as an example of this ongoing evolution. Attackers can pick and choose the data they want to take from their victims ‘ machines using Stealc, which is based on the Vidar, Raccoon, Mars, and Redline stealers.
Infostealers may use vulnerabilities in your software, hijack legitimate websites, or conceal themselves in seemingly innocent email attachments in order to avoid detection. Once they’ve gained a foothold, they can use keyloggers to record every keystroke you make, steal browser cookies to access your online accounts, or even target particular programs like email clients and instant messaging services. In the dark web forums where threat actors congregate, the stolen data can be extremely valuable. Then, buyers can use it to steal identities, empty bank accounts, or extort money from organizations.
Executives can take the initiative to reduce organizational risk as cybersecurity’s financial stakes soar in 2024. An increasingly common layer of protection is offered by cyber insurance. In 2024, the market is anticipated to surpass$ 20 billion, up from$ 7 billion in 2020. The majority of agreements cover the cost of damage and recovery, but some also include ransomware payments, investigations, forensics fees, fines, and lawsuits.
Providers typically require organizations to demonstrate certain cybersecurity capabilities in order to qualify for optimal coverage. To lessen the likelihood and impact of cyber incidents, these requirements aid in ensuring that the organization has a minimum level of security. Pg. The most crucial abilities to actively identify and eliminate covert threats are listed on page 8 of the 2024 Cybersecurity Planning Checklist.
Compliance is also important, particularly in industries with strict regulations. Executives must get ready to inform regulators of their impact and limit reputational harm. A plan with roles and responsibilities, processes, and an action item checklist can be defined using resources like an incident response template.
3. Cyber threats will be spread to new sectors by geopolitical chaos.
Cyberattacks with ideological motivations will make up a larger portion of threat actor activity.
With rising nationalism, ideological clashes, and a growing mistrust of international institutions, the world is entering an era of heightened geopolitical tensions. This unpredictability opens up new possibilities for security leaders and provides fertile ground for ideologically driven cyberattacks.
Cybersecurity adversaries have historically been oversimplified into two categories. Threat actors who are motivated by money are the first and most frequent. They seek financial gain, for example, when a social engineer asks for credit card numbers or the ransomware gang demands payment. Governments support the second group of threat actors, who are state-sponsored. They want to advance their state’s national security interests.
Business leaders can anticipate a significant rise in activity in 2024 from an ideologically motivated threat actor, also known as “hacktivists” or” cyberterroristes” depending on one’s opinion of their targets. Cyberattacks with ideological motivations seek to destroy vital infrastructure and sow discord within the target countries. Power grids, transportation systems, financial institutions, or even businesses that are thought to be taking a diametrically opposed social stance and causing significant disruption and financial harm are some of their targets. However, their objective is not to make money off of the harm, as in the case of a financially motivated cybercrime, or to gather information for analysis like in cases of state-sponsored espionage. For these actors who are ideologically motivated, disruption is a goal in and of itself.
Small businesses in industries once considered” safe” from cybercrime must acknowledge that ideological rivals may view them as low hanging fruit as hacktivism soars this year. As an illustration, let’s say you run a fashion blog. It is unlikely that your website contains the sizable cash reserves targeted by financial crimes or the type of classified IP sought by Boeing’s China-backed breach. There’s nothing to be concerned about, right?
Wrong. Spreading propaganda and false information online is a common strategy used by actors with ideological motivations. Hackers can use social media algorithms, infiltrate online communities, and even hijack media outlets to disseminate false information. That fashion blog could easily get caught in the crosshairs when TTPs are designed to polarize public opinion, undermine trust in institutions, and cause confusion.
As a result, executives in all industries must integrate security into the fabric of their operations and recognize it as an organizational enabler rather than just for technical experts. You can get a head start by reading books like” How to Build s Security Framework” to help you get started. For SMEs, more recent all-in-one cybersecurity platforms provide a cost-effective and practical way to acquire enterprise-grade defenses without incurring the exorbitant costs and complexity of creating and maintaining an integrated multi-vendor tech stack.
Conclusion
Cybersecurity breaches can be disastrous for a growth-focused SME. Every decision-making process, from product development to supply chain management, must include protection. Business leaders can get ready to increase organizational resilience in 2024 by comprehending new opportunities to manage risk holistically in collaboration with technology teams.
You can find more information here if you’re interested in sponsoring my website for a week and connecting with an IT-savvy, cybersecurity-focused audience.