Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Cybersecurity Snapshot: What’s in Store for 2024 in Cyberland? Check Out Tenable Experts’ Predictions for OT Security, AI, Cloud Security, IAM and more

What’s in Store for 2024 in Cyberland? Check Out Tenable Experts’ Predictions for OT Security, AI, Cloud Security, IAM and more

The new year is upon us, and so we ponder the question: What cybersecurity trends will shape 2024? To find out, we asked Tenable experts to read the tea leaves. Their 2024 forecasts include: A bigger security role for cloud architects; a focus by ransomware gangs on OT systems in critical industries; an intensification of IAM attacks; and much more! 

1 - Cloud architects will take on security

Cyber-savvy organizations understand that security is key in the delivery and deployment of applications – and that it shouldn’t be something that’s tacked on as an afterthought right before moving them to production. 

As a result, we’ll see more cloud architects assuming responsibility for the security of their applications. Simultaneously, solutions originally designed for security practitioners will provide more capabilities for developers, so they are able to continuously improve the security of their applications without slowing down development.

 

Cloud architects will take on security

 

For more information about software development security, “shift left” and DevSecOps:

2 - Orgs will consolidate, unify cloud security tool sets

It’s become clear to cybersecurity leaders that cloud native security allows their organizations to break up silos and provide a unified, contextual risk picture. Thus, organizations will accelerate their efforts to consolidate cloud security products and vendors. This will in turn yield not only more secure applications, but also better optimization of resources, skills and time, during a period when organizations are stretched to the limit.

 

Orgs will consolidate, unify cloud security tool sets

 

In fact, this move away from tool and vendor sprawl, and towards unified tool sets will not be limited to the cloud security realm. Demand from CISOs for integrated security suites and platforms will reach new heights, because they allow security teams to see the big picture, assess their complete attack surface and prioritize remediation of their most critical weaknesses.

For more information about the benefits of integrated security tool stacks, suites and platforms:

3 - Cyber insurers will tighten the screws on industrial companies

Industrial companies will be less able to rely on their cyber insurance for covering the cost of damages from a cyber incident. Why? Before issuing coverage, cyber insurers will conduct their due diligence process more stringently. And when they do offer policies to industrial companies, the scope of coverage will be more limited. As a result, industrial companies will need to be more proactive about managing their cyber risk, as opposed to being reactive and hoping that their cyber insurance will cover the costs of an attack.

 

Cyber insurers will tighten the screws on industrial companies

 

And speaking of lowering cyber risk, CFOs and CISOs of organizations with OT systems will realize that now, more than ever, investments in OT security will yield a better cost-benefit than investments in IT security. In other words, spending in OT security has a much biggest impact on reducing risk.

For more information about cyber insurance trends:

4 - Proliferation of energy-monitoring sensors will heighten OT risk

Seeking to lower energy costs and avoid carbon-usage fines, organizations will increase the number of OT-based sensor deployments and controls. This will allow organizations to better manage their energy usage. However, having more internet-connected IoT and OT devices in smart buildings and in factory- and building-management systems will also expand their attack surface.

For more information about OT/IoT cybersecurity:

VIDEO

The top threats to ICS systems (Tenable)

5 - Ransomware groups will target OT, collaboration technologies

Ransomware gangs will set their sights on two attractive targets: OT systems and collaboration technologies.

The allure of targeting businesses that depend on OT systems resides on two factors. First, it’s highly lucrative to go after these organizations, especially in the manufacturing industry. Second, the publicity that these high-profile attacks garner boosts ransomware gangs’ brands. This motivation fuels hacktivist groups in particular, as they look to give visibility to their causes by attacking organizations they oppose.

 

Ransomware groups will target OT, collaboration technologies

 

Meanwhile, ransomware groups will continue to evolve their tactics to hit multiple organizations with collaboration technologies. Targeting of a zero-day vulnerability in MOVEit Transfer – a secure managed file transfer (MFT) software made by Progress Software – was just the beginning. We'll continue to see these groups target zero-days and n-days in order to claim as many victims as possible.

Tenable experts also predict that while dozens of nations have pledged to not pay ransoms in cyberattacks, organizations of all sizes will continue to pay, even with no guarantees that the attackers will delete the stolen data. In fact, data will be 2024's most sought after resource for ransomware groups and their affiliates.

For more information about ransomware trends, check out these Tenable resources:

VIDEOS

Tenable.ot Security Spotlight - Episode 1: The Ransomware Ecosystem

Tenable CEO Amit Yoran discusses MOVEit Transfer Hack on BBC Asia

Anatomy of a Threat: MOVEIt

6 - Spending on IAM security will skyrocket

Investment in identity and access management (IAM) tools will continue to grow in 2024, as ransomware groups and “hack-the-human” attackers, such as phishers, continue to compromise digital identities across organizations of all sizes.

 

Spending on IAM security will skyrocket

 

As they grapple with higher cloud adoption and with a shortage of qualified cyber pros, organizations will heavily invest in IAM products, with the hope of being better able to stay ahead of bad actors and protect 2024’s most valuable resource: data.

For more information about IAM security:

Bonus: Stocking stuffers

And here are several quick takes from our experts:

  • The expected Bitcoin Halving event in 2024 will be ripe for exploitation, as cybercriminals aggressively target it with AI-generated and deepfake video content, leading to the theft of tens of millions of dollars.
  • In 2024, investment scams, including pig butchering, will increase exponentially around the world, exceeding $5 billion in losses.
  • There will be an increase in attacks against AI platforms that will far exceed our understanding and ability to protect them, resulting in data leaks, data poisoning and cyberphysical effects.

 

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training