See their insights and tipoffs on matters related to all things AI, cybersecurity and risk management-related.
If insights and tips on managing generative AI, security investments, cyber risks, AI talent and other technology risks for 2024 are of interest, here are the individual predictions from the team at LogRhythm.
First, generative AI (GenAI) will augment, not replace, security operations center (SOC) analysts in cybersecurity, according to Andrew Hollister, CISO; VP, Labs R&D. “As the cybersecurity landscape evolves, generative AI’s role within SOCs will be characterized by augmentation rather than replacement of human analysts due to its maturity limitations.
For the Asia Pacific region, which faces a critical shortage of 2.7m cybersecurity workers, GenAI will be able to assist and enhance the capabilities of short-staffed SOC teams with the necessary expertise to interpret its output, proving especially valuable for mid-level analysts. Organizations will need to discern genuine GenAI contributions amid marketing hype, and the debate between investing in more technology like GenAI or hiring additional SOC analysts will persist — with the human factor remaining crucial. Success will depend on aligning these tools with analyst workflows rather than relying on superficial intelligence.”
Hollister also feels that GenAI adoption will lead to major confidential data risks. “Just as there was initially a lack of understanding regarding the shared responsibility model associated with cloud computing, we (will) find ourselves in a situation where GenAI adoption lacks clarity. Many are uncertain about how to effectively leverage it where its true value lies, and when and where it should not be employed. This predicament is likely to result in a significant risk of confidential information breaches through GenAI platforms.”
Three other ‘tipoffs’ for 2024
Secondly, according to Deputy CISO Kevin Kirkwood, static security investments will continue to leave organizations vulnerable to evolving threats in 2024: “Organizations (are) repeatedly investing in security measures under the assumption that their security posture is sufficiently fortified. However, a critical perspective often overlooked is that hackers share this same mindset, recognizing when organizations become complacent in their investments. The reality is that security is an ever-evolving landscape, and if a security program is not continually adapting and enhancing its defenses, it remains vulnerable to emerging threats. The new year will underscore the importance of not just initial investments but a sustained commitment to security to effectively thwart evolving cyber threats.”
Kirkwood also believes that the use of AI in cybersecurity will shift from hype to practical application.
“Security companies proudly proclaim their use of AI and machine learning as supportive tools, focusing on how these technologies can accelerate tasks and elevate the capabilities of analysts. However, the hype surrounding AI will begin to wane — prompting a shift from marketing emphasis to practical education on its applications. The question of AI’s mainstream integration into our culture will persist, reflecting the ongoing exploration of its true potential and practical implementation in cybersecurity.
Thirdly, Senior Threat Research Engineer Sally Vincent is predicting surges in AI-enhanced botnets that will pose unprecedented cybersecurity challenges: “In 2024, the symbiosis between AI and botnets will witness a significant surge. The convergence of AI capabilities will empower the proliferation and sophistication of botnets, amplifying their potency to orchestrate complex cyber threats. AI-powered botnets will exploit advanced algorithms to expand their reach and impact, intensifying the challenges faced by cybersecurity. This alarming trend will necessitate innovative defense strategies and heightened vigilance to counter the escalating threat, reshaping the landscape of digital security measures.”
Fourthly, Vice President of International Markets Joanne Wong forecaststhat the continual shortage of skilled AI professionals will stand out as key obstacle to AI adoption in the region: “The lack of skilled professionals remains a barrier to greater adoption of AI solutions. It is evident that despite the advantages AI offers, human expertise continues to play a pivotal role in bridging the gap between the capabilities of an AI solution and the distinct requirements of an organization. ASEAN’s businesses will have to bolster AI skills training and initiatives, and equip the workforce with the skills and tools needed to maximize the full potential of AI at work.”
Wong added that the development of mega projects in the region will drive demand for solutions and experts in infrastructure security. However, as these projects are designed to for digital natives, they will introduce numerous vulnerabilities that malicious actors could exploit. This situation “escalates the demand for cybersecurity professionals specializing in critical infrastructure who can devise and implement solutions to safeguard against the unique threats.”
In 2024, the healthcare industry will be most susceptible to AI-powered attacks, Wong concluded: “As AI becomes more integral in diagnostics, patient data management, and medical tools, there will be a notable rise in targeted breaches, jeopardizing the confidentiality and reliability of vital health information. The vulnerability of interconnected systems will compel a critical reevaluation of cybersecurity measures against AI-powered attacks.”