A key change to the European cybersecurity landscape in 2024 will be the impact of the NIS2 Directive on businesses operating in EU member states. While a positive step, the legislation will lead to 12 months of confusion as impacted businesses (those classed as core critical infrastructure) discover how to comply with the new regulations. The objective of this new European Union directive is to establish a higher level of cybersecurity and resilience within organizations of the EU. Since member states will have until October 17th, 2024, to transpose NIS2 into their national legislation, we can expect lots of confusion in 2024 as different countries implement and react to the legislation differently.
For individual companies, many will hope for a “magic on switch” to make them compliant – but the idea of the NIS2 objective is not just technology, it is also about practices and the operation. The impact of this will correlate to where the company is in their security maturity journey. The implementation of this directive may require a lot of effort for many companies if it is a brand-new way of thinking about security. On the other hand, for others who have prioritized modern security practices, the impact of this legislation could be negligible. In any case, 2024 will be a period of adaptation within EU businesses’ cybersecurity practices.
Intelligence Sharing / Victim Notification
The cultural shift towards more open and collaborative intelligence sharing is set to become a cornerstone of cybersecurity practices in 2024. Currently, there exists a noticeable gap in the extent and effectiveness of intelligence sharing post-cyber incidents. This gap is partly due to victims’ reluctance to share information, often fueled by a fear of victim blaming and the stigmatization that can follow cyber incidents. Such hesitancy not only hinders the collective understanding of new threats but also impedes the development of robust defense mechanisms.
Recognizing this issue, local governments and regulatory bodies are expected to play a pivotal role in reshaping the landscape of intelligence sharing in 2024. By enforcing policies that encourage or mandate the sharing of cybersecurity incidents and threat intelligence, they aim to foster a more collaborative and less victim-blaming environment. This shift is not just about compliance; it’s about cultivating a mindset where organizations view intelligence sharing as a communal responsibility, vital for collective cyber resilience.
As we move towards a culture that prioritizes protection, education, and prevention over penalization, we can expect a more unified front against cyber threats, benefiting organizations and individuals alike. The emphasis will be on learning from incidents, spreading awareness of emerging threats, and collectively devising strategies to prevent similar attacks, thereby creating a more secure and informed digital ecosystem.
Continued Rise of Social Engineering Attacks
Identity based attacks will continue to be the main weapon for threat actors in 2024, for the simple reason that it continues to be a very fruitful method. As revealed in CrowdStrike’s latest Threat Hunting Report, 80% of breaches occur through compromised identities. Adversaries are not relying solely on compromised valid credentials, either — rather, they abused all forms of identification and authorization, including weak credentials purchases from the underground, and they elevated their phishing and social engineering tradecraft.
Social engineering is the highlight here, as businesses strive to educate their employees about the common ways to recognize they are being deceived. This makes identity protection the most critical protection that companies should look to strengthen in 2024. Otherwise, adversaries will continually target this weak spot – and they will be successful often.
Convergence of IT and Security Teams
As new threats emerge in 2024, blurring the lines between IT and security responsibilities, there is an opportunity to enhance organizational resilience by converging IT and security teams within enterprises. Traditionally operating in separate silos, these teams are finding their objectives and daily operations increasingly intertwined. This shift is driven not only by the rapid advancement of technology but also by the evolving landscape of security risks that directly impact IT infrastructure.
This convergence is particularly timely and necessary as singular threats now simultaneously target both infrastructure and security, demanding a unified response. By fostering closer collaboration, sharing technologies and platforms, these once-disparate teams can combine their expertise to bolster defenses against sophisticated cyber threats. The advent of new cybersecurity platforms, tailored specifically for IT teams, is a testament to this trend. These platforms are designed to seamlessly integrate with IT operations, providing real-time insights and automated responses to security incidents, thereby reducing the response time, and enhancing overall security posture.
Organizations that take security seriously are more likely to survive security threats.
This won’t come as a surprise, but it’s worth saying – organizations that priorities cybersecurity are significantly better positioned against emerging threats than organizations that do not. Forward-thinking teams are not only investing in advanced security infrastructure but are also fostering a culture of cyber awareness among their employees.
By integrating robust cybersecurity measures, including state-of-the-art encryption, multi-factor authentication, and real-time threat monitoring systems, they create a formidable defense against even the most sophisticated attacks. A proactive approach to cybersecurity will remain a critical factor to mitigating risks, safeguarding digital assets, and maintaining trust in 2024.