According to Forbes, by the end of 2024, “the cost of cyber-attacks on the global economy is predicted to top $10.5 trillion”. Technology constantly advances with modern infrastructure, allowing for even greater capabilities. Unfortunately, so have the advancements in cyber-attacks, which have become more sophisticated and scalable.
The constantly changing landscape of online threats highlights the criticality of integrating cybersecurity measures into every business operation. As we kick off the 2024 work year, it’s crucial to stay several steps ahead of cyber criminals and know what to expect in the coming 12 months.
Conventionally, passwords and usernames were solely relied on for online information protection. However, over time, this was no longer enough to protect business and personal data. This prompted the widespread adoption of Multi-Factor Authentication (MFA). MFA requires a user to verify their identity using two methods, such as an Authenticator app.
While MFA remains a key part of any cyber security strategy, a new threat has emerged in the form of “MFA Fatigue Attacks”. This involves cyber criminals acquiring an individual's username and password and sending a large number of MFA notifications in the hope that the user will unwittingly approve access to one of these notifications and give the hacker access to the account or system.
In the current market, cyber insurers are now requiring minimum security measures to be in place prior to them considering offering terms. Note that this is industry-wide (no matter the size of the organisation), which, as you can imagine, has had an impact on smaller businesses' ability to obtain cyber insurance.
The measures required will vary depending on the nature of the business activities, in addition to the sensitivity of data. Each insurer has a slightly different approach, but this diagram (see below) outlines the key areas to consider – if a business ticks off all components, it would be better positioned for its renewal.
The emergence of Artificial Intelligence (AI) has revolutionised industries and brought in a new era of technological advancements. While the future of AI is exciting, it also brings a new generation of cyber threats that are advancing at a concerning rate. Machine learning algorithms can be trained to find and exploit software vulnerabilities, enabling more precise and efficient attacks.
Some examples of Artificial Intelligence used in cyber-attacks include creating deepfakes (video or audio) that can be used to convince victims in social engineering attacks, using AI to create new malware that can contain zero-day vulnerabilities, or analysing and collecting data quicker to identify new methods of attacks.
In 2024 cyber criminals will continue to target modern SaaS applications by exploiting security weaknesses. With the ongoing impact of the pandemic and the prevalence of remote work, these tactics continue to fly under the radar and create vulnerabilities in organisational defences. Basic hygiene measures, such as application patching, are becoming increasingly pertinent.
The cybersecurity industry is growing rapidly and cyberattacks continue to rise. It’s more important than ever for businesses to take the necessary measures to protect their organisational data. Proactively investing in security measures, educating your team about cyber security risks and having a multi-layered cybersecurity approach are all important factors to consider in 2024. If you’re interested in learning more about how your business can strengthen its cyber security armour, email us at hello@itpartners.co.nz or visit: Cyber Security (itpartners.co.nz)
