He predicted that in 2024, highly motivated cybercriminals, state sponsored attackers and hacktivists will continue to innovate, expand and exploit victims. Here the five cybersecurity trends to watch out for:

    1. Watch out for hacktivists and state-sponsored threat actors
      With significant events like the Olympics, the Euro 2024, and regional elections coming up, hacktivists will seek to advance their cause, reaching audiences in the millions. Previously, a high level of technical expertise was necessary, but since the availability of the cybercrime-as-a-service model, the barrier to entry has been lowered. Now, it only requires an extremely motivated activist with sufficient funds.

      Most hacktivist activity is via Distributed-Denial-of-Service (DDoS) attacks. In 2024, organizations should evaluate their risk profile according to the evolving threat landscape and ensure coverage not only for financially motivated attacks but also for hacktivism and state-sponsored attacks.

    2. For good or for bad, AI’s role in cybersecurity will evolve
      Despite having guardrails, generative AI tools can be abused to generate phishing emails that sound “surprisingly human” at an immense scale in deepfakes and vishing scams. Hence, one of the AI cybersecurity trends expected is the rise of more attackers exploiting such tools to further their goals.

      On the other hand, the increased use of generative AI for legitimate use cases will also help defenders improve security controls, vulnerability management and threat monitoring activities. With their ability to summarize, weed through noise, and give concise summaries of security events, generative AI cybersecurity tools can boost human analysts’ vigilance, especially at the scale of modern security operations centers in 2024.

    3. Operational Technology (OT) will remain the low-hanging fruit
      As organizations scramble to resolve OT-related cybersecurity woes, they will face a lack of specialized solutions that cater to niche industry needs. Many organizations still believe OT environments are protected by an air gap, whereas IT/OT convergence has resulted in OT being more connected than ever to IT and also, in many cases, to the Cloud. This has expanded the attack surface and greatly increased the risk to OT networks, without the investment in cyber controls.

      In 2024, a Zero Trust architecture will protect the most critical OT systems from threats. ZT will allow organizations to focus on their digital transformation while protecting their most important business systems and reducing cyber risks to an acceptable level.

    4. A time to consolidate vendor spread and system complexities
      According the Palo Alto’s own data, security teams in 2023 took approximately four to six days to resolve a security alert, due to organizations using disparate security tools that are not well integrated, automated and orchestrated. Organizations with siloed solutions were having a hard time securing their rapid digital transformation initiatives amid macroeconomic headwinds and workforce challenges. This was a major setback in speeding up response time to suspicious network activities.

      In 2024, more enterprises will look into consolidating their vendor spread and reduce complexities. Put simply, it is way easier to manage the cybersecurity stack if there is one point of contact when a crisis inevitably strikes. Over the long term, it reduces costs and yields better results.

    5. Securing cloud platforms will be high on the agenda
      Last year, organizations across Southeast Asia polled by Palo Alto were concerned with the security implications of their reliance on cloud, with many adjusting their cybersecurity strategy to adopt stronger cloud security.

      Early adopters of cloud computing typically start with a single hyperscaler. Naturally, the single cloud model would involve the use of native security tools from a specific Cloud Service Provider (CSPs). However, through the course of time, many users of these services had experienced issues and outages that can only be addressed by adopting a multi- or hybrid-cloud strategy. As native CSP security tools do not seamlessly translate to different CSPs, this multi-cloud journey will likely necessitate a review of their existing cloud security paradigm.

      In 2024, organizations that have to contend with multi- or hybrid-cloud projects will move to establish a more unified approach to security when dealing with more than one cloud provider. Rationalizing cloud security tools across the entire development lifecycle will also be a focus, as this provides much higher visibility, correlation and security monitoring.