IT Security Trends 2024
The Russia-Ukraine war, tensions in the Middle East, the Taiwan conflict, and China in its dual role as a major trading partner and systemic rival of the West: the global geopolitical situation is tense, and simultaneously, the cyber threat situation is intensifying. We are seeing an increase in attacks on countries and critical infrastructure, with technology increasingly being used as a political and military weapon. On the other hand, in the globalized world, private companies are highly interconnected, and their supply chains span multiple national borders. This makes them particularly vulnerable to cyber threats. With the geopolitical situation unlikely to calm down in the near future, neither companies nor countries can afford to take a breather when it comes to security. Governments, businesses, and critical infrastructure operators should thus strengthen their cyber resilience and closely monitor potential targets in their enterprise at all times, in order to eliminate vulnerabilities as quickly as possible and be able to respond quickly in the event of an attack. Legislation, such as the European Commission's Cyber Resilience Act (CRA), also seeks to strengthen the security of hardware and software products.
Increasing pressure on companies to invest in cybersecurity
The fact that cybersecurity is a challenge of economic, social, and political proportions has become more widely recognized in recent years. The escalation of the geopolitical situation mentioned above is a key driver. Politicians and business are responding with legislation and mandatory security standards. For example, EU member states have until October 2024 to transpose the NIS2 directive on critical infrastructure protection into national law. The goal is to make critical infrastructure, and supply and value chains across Europe, more resilient by significantly expanding the scope of the directive. This will put pressure on companies to increase their IT security investments in order to meet the requirements. A study by PwC already shows that a surge in investment in cyber security is expected, with 84 percent of companies planning to increase their budgets in the future.
The professionalization of cybercrime
Cybercriminals are becoming more sophisticated in their approach and are increasingly organizing themselves as professional organizations. According to Bitkom, within the span of a year, every second company was attacked with ransomware. Professional gangs also provide less technically experienced attackers with the tools they need to carry out large-scale attacks, for example with ransomware-as-a-service. Solutions such as Zero Trust and SASE may become the new standard in the future, replacing traditional VPN connections. Firewalls and virus scanners are no longer sufficient for state-of-the-art protection. Consistent 24/7 monitoring of IT landscapes and rapid detection and response solutions are also required.
AI leads to an increase in phishing emails and deep fakes
Criminals are using generative AI in their attack chain, and the approach is becoming more sophisticated. Sending phishing emails, e.g. Business Email Compromise (BEC), is one of the tried and tested methods of fraud. According to Bitkom, phishing is currently the most common cyberattack on German companies, accounting for 31 percent of all attacks. In 2022, it was only 25 percent. The fact that AI tools such as ChatGPT are becoming increasingly powerful also plays into the hands of cyber attackers. Perfecting the creation of customized and personalized emails in the victim's native language makes phishing emails appear even more authentic. Embedding deep fakes in video calls or scam calls is also on the rise and will be used more and more in the future. Organizations need to stay on top of this and stay on the ball with AI technologies.
Paradigm shift—from best-in-class to best-to-integrate
In the past, when selecting security solutions, the focus was on which solution offered the best protection and performance, e.g. which anti-virus protection or firewalls were the most effective and which solution was the market leader (best-in-class). However, these aspects are no longer the only ones. The trend is towards best-to-integrate, and the demand for integrated solutions is increasing: How can the solution be integrated into existing security controls? How complex is the implementation? How many specialists are needed? Best-to-integrate solutions reduce the time required for configuration, maintenance and security investigations. At the same time, a consolidation of the manufacturer landscape can be observed. Large players - e.g. Amazon, Google, Microsoft - that are able to easily integrate various security solutions into their platforms are buying up smaller companies and thus strengthening their own market position as providers of best-to-integrate solutions. As more and more applications are being used in companies, these trends will become even more pronounced in the future.
