Freely subscribe to our NEWSLETTER

Prediction 1 - During 2024, Cybersecurity teams will begin to create dedicated roles to curate, mature and constantly improve the response from AI-powered co-pilots.
Cybersecurity teams have already recognized the value that AI powered “co-pilots” can bring to organization’s by enabling on-demand security input at scale. With this comes a critical need for dedicated roles within their cybersecurity teams to curate, mature and constantly improve the responses from these large language models LLM’s.

Prediction 2 - By the end of 2024, a Large Language Model will be named in at least one forensic incident response report - due to the LLM’s use in a large-scale cybersecurity incident.
It’s not surprising to predict that generative AI and large language models (LLMs) will be utilized by cybercriminals and nation states to augment their existing attacks and information operations, but we expect that at least on forensic incident responsder will go the extra step to determine which LLM was used to make the content and material (including voice and video) appear more legitimate.

Prediction 3 - By the end of 2024, There will be a concerted effort among vendors to address potential misuse by cybercriminals through identity proofing, threat intelligence capabilities and reduction of free tier capabilities.
Recognizing the overlap of criminal misuse with the benign applications of LLMs, particularly in tasks like drafting emails or generating content, vendors will explore multiple strategies to prevent malicious use by implementing robust identity proofing measures, integration of threat intelligence capabilities and reduction of free tier capabilities.

Prediction 4 - Through 2024, there will be a significant increase in attempted extortion attempts that are proven to utilize aggregated data from previous breaches.
It is well known that cybercriminals have collected and are selling vast amounts of data aggregated from previous data breaches. It is seemingly inevitable that cybercriminals will look at other ways to monetize this collection of data, and we expect to see more and more attempts to extort money from these historical data breaches. It is hard for organizations without the appropriate data breach investigation and response capabilities to quickly determine the veracity of compromised data, when confronted with an extortion attempt.

On the surface, the data may appear to originate from the organization and is indicative of a breach, but the data may not necessarily be from a current event, but patched together from multiple prior breaches. With imminent SEC rules putting greater pressure on organizations to disclose suspected material breaches quickly, organizations will be under pressure to verify the compromise quickly, to be able to hopefully refute the attacker claims or be forced to disclose suspected material incidents.

Prediction 5 - By the end of 2024, the percentage of data breaches that involve some form of medical data will increase dramatically as cybercriminals target healthcare institutions as double extortion ransomware targets.
According to the 2023 Verizon Data Breach Investigations Report, less than 10% of breaches involved data of some medical variety. Given our belief that extortion operations remain likely to be the most impactful form of cyber crime to enterprises and societies worldwide, we expect this to grow significantly as cybercriminals continue to target healthcare institutions, due to their importance to society and in search of confidential and potentially embarrassing medical conditions to apply pressure to extortion payments.

Prediction 6 - During 2024, the US will see a proliferation of Deep Fakes in the lead-up to the Presidential Elections.
In the run-up to the U.S. elections in 2024, the deployment of deep fake technology by nation-states and threat actors will become increasingly sophisticated, marking a concerning evolution in cyber warfare and disinformation campaigns. Deep fakes will be weaponized not only for influencing public opinion but also for more insidious purposes, including espionage, impersonation, and targeted social engineering attacks.

Prediction 7 - Through 2025, there will be a noticeable decrease in Cybersecurity IPOs, as well as increase in Private Equity (PE) funded delistings of Cybersecurity organizations.
A convergence of factors will lead to a noticeable change in the trajectory of cybersecurity companies seeking initial public offerings (IPOs) and the decision of some listed companies to delist through private equity (PE) transactions. This shift will be driven by a combination of the ongoing challenges associated with Special Purpose Acquisition Companies (SPACs), regulatory pressures from the Securities and Exchange Commission (SEC), and the significant impact of incident disclosure on cybersecurity companies’ share prices.