Cyber Risks January 2024
- AI-powered threats and defences—Cyber-attackers are expected to leverage artificial intelligence (AI) and machine learning to launch more sophisticated attacks. AI-powered attacks will range from deepfake social engineering attempts to automated malware that adapts intelligently to evade detection. On the other side, cyber-security professionals are using AI to detect and respond to threats more effectively.
- Ransomware attacks—Ransomware, a malware attack that blocks IT system access until the victim pays a ransom, is a concerning threat that shows no signs of abating. In 2024, expect even more sophisticated ransomware attacks to continue. Organisations will need robust cyber-security measures and employee training to avoid these attacks.
- Next-level phishing attacks—Generative AI tools (such as ChatGPT) enable more attackers to make smarter, more personalised approaches, and deepfake attacks will become even more prevalent in 2024. The best response to this includes organisation-wide awareness and education, although AI tools and zero trust will likely play increasing roles.
- Internet of things (IoT) cyber-attacks—With many employees now working remotely, there is an increased risk posed by these workers connecting or sharing data over improperly secured devices. This will continue to be a cyber-security weak spot in the upcoming year.
- Cyber-security workforce shortage—There is a shortage of cyber-security professionals across all industries. Businesses will need to invest in training and retaining talent and consider outsourcing their needs to professionals.
- Supply chain risks—The supply chain has become an attractive target for cyber-criminals. Organisations will need to protect their networks from third-party vendors as well as internal access.