And with technology playing a more central role in every area of life, annual cybersecurity prediction reports, cyber industry forecasts and advanced research on cyber threat trends and data breaches are more important than ever before. Indeed, as predicted back in 2016, the annual growth in the breadth, depth, value and impact of security industry predictions continues unabated.
Naysayers will ask: How accurate are these security predictions? It is an important question to keep considering, especially as we are wrapping up a year in which generative AI (GenAI) stole the show — despite little mention last December. (Before you dig into the 2024 predictions, take a look back at what did make the list for 2023.)
But answering that question about security prediction accuracy is akin to putting all financial advisers in the same category. Indeed, we have bears and bulls and middle-of-the-road “buy and hold” pragmatists in the cybersecurity industry as well. An appropriate response is generally, “It depends.”
Put simply, new year forecasts are varied, but many companies stand out for their in-depth research, reports, trend analysis and more. Nevertheless, the combined research, data and expert analysis contained in these reports is nothing short of staggering — and very helpful.
While the top cybersecurity industry reports are well-refined, clearly presented documents with video support and more, other forecasts, predictions and trends are buried in YouTube videos, conference overviews and online webcasts that are highly informative, but difficult to find.
Gartner, Forrester, IDC, IBM Security and others have excellent prediction and trend materials that normally cost hundreds or thousands of dollars to buy or to access via a subscription. They are included in my annual analysis only when referenced materials are freely available via link. In fact, I encourage you to read the details at the references provided to learn more.
COMMON THEMES FOR 2024
For 2024, security industry prediction reports highlight common themes:
AI will revolutionize everything and everyone — for better and for worse. Here are some specific predictions around AI and GenAI:
- More effective cyber attacks than ever before against everyone, with bad actors leveraging GenAI tools to find vulnerabilities in critical sectors.
- More AI threat actors, AI threat vectors and AI code assistants introduce further vulnerabilities (BeyondTrust).
- Use of AI-based cyber defense is a must for enterprises to keep up.
- Bring your own AI (BYOAI) for 60 percent of us, as enterprise solutions lag (Forrester).
- Shadow AI will grow along with governance challenges.
- Productivity improvements will drive rapid and widespread adoption of GenAI tools.
- More regulation, laws, policies, data privacy and ethics rules regarding appropriate use.
- Uptick in sophisticated deepfakes and Business Email Compromise (BEC) using GenAI to attack.
- More voice and video impersonations, including particular accents and targeted executive account takeover using social media and personal accounts.
- Focus on various attacks against LLMs.
CISOs will get more power and a broader role for several years (Gartner).
Election cyber attacks globally will be center stage. Specifically:
- Misinformation on elections in social media.
- Voting machine and virtual cyber attacks.
- Data surrounding voter lists, people, process and technology cyber attacks.
More cyber attacks in space, including overall programs, cyber arms race in space including satellites and other next-generation vehicles.
Ransomware growing and evolving, gaining access and targeted ID management using more sophisticated phishing and social media compromises.
Use of breached credentials to log in rather than hack in. This data is available for sale on the dark web from many years of data breaches.
Supply chain attacks will grow and evolve with developers targeted in supply chain attacks via software package managers (Google Cloud).
Cyber insurance market will continue to grow and evolve. Most reports say prices will stabilize.
Attacks targeting hybrid and multicloud environments will mature and become more impactful (Google Cloud). There will also be more cloud-native worm attacks (Trend Micro).
Attackers will look to blockchain for fresh hunting grounds and extortion plans. Also, with the rise of bitcoin and other cryptocurrencies, there will be new crypto wallet attacks.
Growth in hacktivism, with more hacktivism tied to APTs (Kaspersky).
More groups in the “hacker for hire” business (Kaspersky).
“Malinformation” will grow dramatically, as trust is hard to gain and keep (Gartner).
Next-level cyber attacks with a “go big or go home” approach (Fortinet).
New tech, such as QR Codes and VR headsets, attacked in various ways (Watchguard).
Zero-trust models will be more widely implemented.
Attacks on global events — for example, the 2024 Summer Olympics in Paris — to gain attention will increase.
THE TOP 24 SECURITY PREDICTIONS REPORTS FOR 2024 FROM SECURITY INDUSTRY COMPANIES
Reminder: This ranking covers organizational reports and not just individual predictions. Most reports offer six to 10 predictions or more, and the top reports group their predictions and themes into categories. Also, the research and details behind each security prediction offer vital context. I urge readers to visit these companies’ websites, read their full prediction reports and see the details on each item — often in video format. My goal is to point you in the right direction for more details and solution-specific research.
1) Google Cloud/Mandiant — This team never disappoints, and they have climbed into the top position for the first time ever with a global set of forecasts, predictions and global security trends that are simply outstanding. For this year, they offer Cybersecurity Forecast 2024: Insights for Future Planning. They also outline four broad trends in this helpful infographic.
Only then do they issue global forecasts in many areas, along with a regional forecast. Here are their top global trends, with more details in their document.
- Continued use of zero-day vulnerabilities (and edge devices).
- Cyber activity targeting U.S. elections.
- Rise of disruptive hacktivism.
- Wipers become a standard capability in all nation state cyber arsenals.
- Targeting of space-based infrastructure.
- Attacks targeting hybrid and multi-cloud environments mature and become more impactful.
- Serverless services in the cloud more heavily used by threat actors.
- Extortion operations continue.
- Espionage and “sleeper botnets.”
- Revival of ancient techniques.
- Continued migration to modern programming languages by malware authors.
- Developers targeted in supply chain attacks via software package managers.
- Growing prevalence of mobile cyber crime.
- Cyber insurance premiums remain steady.
- Consolidation around SecOps.
Their themes are described here in this video:
- Google Cloud Cybersecurity Forecast 2024 with Phil Venables
- Google Cloud Cybersecurity Forecast 2024 with Sunil Potti
- Google Cloud Cybersecurity Forecast 2024 with Sandra Joyce
2) Trend Micro once again offers an excellent report that fought for the top prize with an amazing report entitled Critical Scalability: Trend Micro Security Predictions for 2024. Trend Micro’s presentation, references, detailed descriptions of each prediction and overall approach to this report sets them apart again, but they have shortened their material, which dropped them slightly into the second slot for 2024.
“On the heels of a year marked by technological leaps, 2024 is poised to be a hotbed for new challenges in cybersecurity. In a fluctuating economic and political terrain where nearly everything from bank transactions to kidnapping has gone digital, enterprises seeking a strategic advantage have come to rely on the likes of artificial intelligence and machine learning (AI/ML), the cloud, and Web3 technologies. The headwinds from these innovations, which offer use cases for defenders and malicious actors like, inevitably herald turbulent times ahead.
“Amid the ongoing conflicts in Ukraine 1 and the Middle East 2 weighing heavily on global leaders, the political landscape is set to be a minefield of cyberthreats that can have far-reaching consequences, with parties from all sides seeking to sway public opinion and shape the course of political events. As the EU, US, and Ukraine gear up for their respective upcoming elections, such electoral periods will prove to be fertile ground for politically motivated cyberattacks, carefully crafted disinformation campaigns, and espionage orchestrated through a web of AI-powered tools and social platforms.”
Here are their top five themes:
- Security gaps in cloud environments will set the stage for successful cloud-native worm attacks.
- Data will be weaponized against fledgling cloud-based machine learning models.
- Generative AI will allow fraudsters to level up their social engineering lures in targeted attacks.
- Software supply-chain attacks will serve as a clarion call to protect suppliers’ CI/CD systems.
- Attackers will look to the blockchain for fresh hunting grounds and extortion plans.
If you don’t want to read Trend Micro’s full report, here is a summary with a paragraph under each topic.
3) WatchGuard again wows with an amazing security prediction report, including interesting videos — and even a new blooper reel that wins the most creative twist for 2024. I also like their historical look and grading of themselves from last year’s predictions.
Their report is entitled WatchGuard’s 2024 Cybersecurity Predictions, and they lead with these top six items (see details at links):
- Prompt Engineering Tricks Large Language Models
- MSPs Double Security Services via Automated Platforms
- AI Spear Phishing Tool Sales Boom on the Dark Web
- AI-Based Vishing Takes Off in 2024
- VR/MR Headsets Allow the Re-Creation of User Environments
- Rampant QR Code Usage Results in a Headline Hack
4) Kaspersky — Kaspersky’s APT predictions always offer an abundance of amazing security and privacy material for the new year. Once again, their forecasts and predictions are harder to find than many of their competitors’. I rank Kaspersky so high on this list due to the huge amount of research and excellent material that is well-thought-out and timely from a global perspective. They also offer many siloed reports on different topics and in different regions around the world.
- More exploitation of mobile devices and smart home tech.
- New botnets will emerge.
- More kernel-level code will be deployed.
- More hacktivism tied to APTs.
- Supply chain attacks as a service.
- More groups in the hack-for-hire business.
- Increase in AI use for spearphishing.
- MFT systems targeting will grow.
- How to mitigate these APT threats.
I also like this overseas take on one of their items on AI-Powered Impersonation:
“Emerging AI tools can streamline spear-phishing message production, even enabling the mimicry of specific individuals, the report warned. Attackers may devise creative automation methods by gathering online data and feeding it to large language models to craft letters in the style of a person connected to the victim.
“The report noted that threat actors will likely broaden their surveillance efforts, targeting consumer devices through vulnerabilities and silent exploit delivery methods, including zero-click attacks through messengers, one-click attacks via SMS or messaging apps and network traffic interception.”
5) Fortinet continues to impress with their Cyberthreat Predictions for 2024: An Annual Perspective from FortiGuard Labs.
“Next-level playbooks: … Looking ahead, we predict attackers will take a ‘go big or go home’ approach, with adversaries turning their focus to critical industries—such as healthcare, finance, transportation, and utilities—that if hacked, would have a sizeable adverse impact on society and make for a more substantial payday for the attacker. They’ll also expand their playbooks, making their activities more personal, aggressive, and destructive in nature.
“It's a new day for zero days: … We've observed a record number of zero days and new Common Vulnerabilities and Exposures (CVEs) emerge in 2023, and that count is still rising. Given how valuable zero days can be for attackers, we expect to see zero-day brokers—cybercrime groups selling zero days on the dark web to multiple buyers—emerge among the CaaS community.
“Playing the inside game: … We predict that attackers will continue to shift left with their tactics, reconnaissance, and weaponization, with groups beginning to recruit from inside target organizations for initial access purposes.
“Ushering in 'we the people' attacks: … We expect to see attackers take advantage of more geopolitical happenings and event-driven opportunities, such as the 2024 U.S. elections and the Paris 2024 games.
“Narrowing the TTP playing field: Attackers will inevitably continue to expand the collection of tactics, techniques, and procedures (TTPs) they use to compromise their targets.
“Making space for more 5G attacks: … A successful attack against 5G infrastructure could easily disrupt critical industries such as oil and gas, transportation, public safety, finance, and healthcare.”
6) Splunk — Splunk offers a very impressive security prediction report again for 2024. They named it Security Predictions 2024: From ransomware to resilience, and how AI will impact a changing threat landscape. This 17-page report is packed with material from eight named contributors (on p. 16) and leads with AI (parts one and two), before discussing CISOs and the board, cyber threats, ransomware, resilience and a 20-year security outlook. (My view: wow! That just bumped this report up two slots.)
- “AI – Part 1: AI will take on security tasks (and you’ll be better off, trust us). If we can bet on anything, it’s that AI won’t be going away anytime soon. Far from it. It will continue to shape the face of cybersecurity well into 2024, and into the foreseeable future. …
- AI – Part 2: AI will open a Pandora’s box of escalating privacy and security woes. Did we mention that no tool is perfect? What has the power for good also has the power for more malicious aims. While security practitioners will reap the benefits of AI, it’s equally likely that cybercriminals will explore ways to wield it as yet another weapon in their arsenals.
- Next, CISOs will have more at stake. … [Read much more on this at the report…]
- Power to the people: Threats will become more distributed and democratized.
- Ransomware actors will diversify their portfolios. (Hint: more use of zero days…)
- Collaboration and integration will become critical for resilience.
- 20-year outlook: A more integrated security future.”
7) Gartner – Gartner offers many free helpful resources regarding 2024 predictions, with the hope that you will buy their full service. Like Kaspersky, it can be hard to find free materials online, although the hunt is worth the effort.
Free Gartner 2024 predictions are listed in this chart.
Two prediction items of note:
- Malinformation is a multifront threat — By 2028, enterprise spending to battle malinformation will surpass $30 billion, cannibalizing 30% of cybersecurity and marketing budgets t combat a multi-front threat.
- CISOs get more power — By 2027, 45% of CISOs remit will expand beyond cybersecurity, due to increased regulatory pressure and attack surface expansion.
· The Next Era — We Shape AI, AI Shapes Us
· Gartner’s Top 10 Tech Trends for 2024
Finally, I love their material on “7 Disruptions You Might Not See Coming: 2023-2028.” See the video below for details on each item.
- What If Geomagnetic Storms Knocked Out Your Internet Access?
- AI Driven Legacy Modernization.
- Regulation: Limit the Evolution of AI, laws rights, (Trust AI providers will emerge).
- AI Creates a Golden Age for “Silver Workers” – (helps solve tech talent crunch).
- Laggards Leapfrog Leaders – Startups for Sale .
- “Engineering Innovation Pace” – No pain no gain.
- Space Race 2.0.
This write-up summarizes the report: “Forrester predicts 2024 will be a year of AI risks and regulatory scrutiny.” Here are their top two items:
- Zero-trust titles will double in 2024
- AI-generated code blamed for at least three data breaches
The Forrester series of great, free podcasts also offers details: What it means.
Also see these excellent YouTube videos/podcasts:
Predictions 2024: Where Will AI Go Next?
Three more great Forrester podcasts on the future offered free as YouTube videos:
- Autonomous Vehicles: Are We There Yet?
- How Tech Leaders Will Tackle Growth, Talent, And AI
- The Future of the Cloud
To start, visit IBM’s 5 Trends for 2024:
- Organizations move from “plus-AI” to AI-plus.
- People who use AI will replace people who don’t.
- The data conversation moves out of IT and into the C-suite.
- Operating models bend so they don’t break.
- Ecosystems are not part of the strategy, they are the strategy.
Plus, these quasi-prediction statements:
“Trust proves hard to earn. And even harder to maintain.”
“Only 55% of CEOs are confident in their organization’s ability to accurately and completely report the information stakeholders demand for data security and privacy.”
“When choosing a brand, 9 in 10 consumers say trust is the most important deciding factor.”
Next, watch these great IBM Security Event videos (for free) at the WSJ website:
- The Threat Actor's View: AI-Generated Attacks, Fact or Fiction
- Pushing the Limits: AI in Cybersecurity in 2024 and Beyond
- Public/Private Collaboration for a Secure AI-Powered Future
- Future of AI in Security: GenAI, Research & Innovation Horizon
- Safeguarding AI: Protecting Your AI Models & Deployment
- Ensuring a Secure AI Foundation for the Next Frontier of Innovation
10) BeyondTrust — A different type of cyber trend list is offered by BeyondTrust’s Top Cybersecurity Trend Predictions for 2024. Like many others, they lead with:
“Evolution of the AI Threat:
- Part I – AI Threat Actors Take the Stage - Human threat actors will be increasingly augmented with AI capabilities. These capabilities will act as a force multiplier, rapidly extending the reach and technical capabilities attackers can wield. …
- Part II – New AI Threat Vectors Emerge - AI will continue to enhance existing attack vectors, like phishing, vishing, and smishing. It will also create new attack vectors that are crafted based on the quality of results of generative AI itself.
- Part III – AI Code Assistants Introduce Further Vulnerability - The increased adoption of AI assistants will, perhaps counterintuitively, introduce more errors in software development. Namely, writing security vulnerabilities into the source code. Researchers from Stanford published study findings showing that developers using AI assistants to write code are more likely to introduce security vulnerabilities than those who don’t rely on AI assistants.”
Unlike other reports, they jump into new areas like:
- Dedicated Applications Start the Course Toward Extinction.
- Down with VOIP and POTS—UCS is the Future.
- Subscription Overload: There’s a Subscription for That.
- Juice Jackers Exploit the Standardization of USB-C.
- Exploit Mapping for Ransomware.
- The Standardization of Cyber Insurance.
What gets BeyondTrust extra points are their trends for the next five years, which can you see at their website.
11) Checkpoint — Some interesting perspectives in this piece entitled “Into the Cyber Abyss: Check Point’s Riveting 2024 Predictions Reveal a Storm of AI, Hacktivism, and Weaponized Deepfakes.”
While I would not call this list “into the cyber abyss,” there are some fascinating predictions for 2024. I encourage you to read the details under each of their items. Again, they lead with AI:
“Artificial Intelligence and Machine Learning:
- Rise of AI-directed cyberattacks: Artificial intelligence and machine learning have dominated the conversation in cybersecurity. Next year will see more threat actors adopt AI to accelerate and expand every aspect of their toolkit. Whether that is for more cost-efficient rapid development of new malware and ransomware variants or using deepfake technologies to take phishing and impersonation attacks to the next level.
- Fighting fire with fire: Just as we have seen cybercriminals tap into the potential of AI and ML, so too will cyber defenders. We have already seen significant investment in AI for cybersecurity, and that will continue as more companies look to guard against advanced threats.
- Impact of regulation: There have been significant steps in Europe and the US in regulating the use of AI. As these plans develop, we will see changes in the way these technologies are used, both for offensive and defensive activities.
- Hackers will Target the Cloud to Access AI Resources – GPU Farming
- Supply chain and critical infrastructure attacks (will lead to more Zero Trust implementations)
- Cyber insurance (will be transformed by AI)
- Nation state attacks and hacktivism (will mask ulterior motives)
- Deepfake technology will be weaponized (will sway opinions, alter stock prices or worse)
- Phishing attacks continue to plague businesses (will lead to log-in rather than break-in)
- Ransomware: Stealthy Exploits, Enhanced Extortion, and AI Battlefields (will cause more bad actors to ‘live off the land.’)”
The Threat of Artificial Intelligence
- Underground Development of Malicious LLMs
- The Resurrection of Script Kiddies
- AI-generated Voice Scams for Social Engineering
Shifting Trends in Threat Actor Behavior
- Supply Chain Attacks Against Managed File Transfers Solutions
- Malware Threats are Becoming Polyglot
- Even More Layers of Ransomware Extortion
- Election Security Must Start with Protecting the Human-in-the-Loop
Emerging Threats and Attack Methods
- Unmasking The Silent Surge in Insider Threats
- The Growing Battle of the (QR) Codes
- The Stealthy Assault on Edge Devices
- Python in Excel Creates a Potential New Vector for Attacks
- LOL Drivers Are Becoming a Game Changer
13) BAE Systems — Another report that comes from a slightly different perspective is BAE’sThe future is now: Top five defense technologies to watch in 2024. This has a mix of cyber and other topics:
- “The end of platform-obsessed strategies in the move to Multi-Domain Integration – Multi-Domain Integration (MDI) is about looking at the whole digital ecosystem as one and considering the digital threads that stitch it all together.
- Dual-use space capability gets its launchpad – Dual-use space assets, those which can be used for both military and civil purposes, have grown in importance throughout recent years and through 2023. However, within the UK and internationally, customers are still lacking the frameworks and structure required to tap into the multiple opportunities that dual-use presents. This will change over the coming 12 months …
- Building resilience and protecting elections in pursuit of Cyber Power …
- Prepare for an AI assurance surge — 2024 will see an assurance market surge, with regulations (national, multinational and global) moving front and center. AI standards and emerging certification regimes will hit hard as public and private sector organizations put a greater emphasis on understanding if and how AI systems are safe, responsible and trustworthy.
- Quantum sensors to enable disruptive military advantage.”
14) Proofpoint — Proofpoint’s 2024 Predictions: Brace for Impact is a solid list for the coming year with helpful insights like: “As we reflect on 2023, it becomes evident that threat actors possess the capabilities and resources to adapt their tactics in response to increased security measures such as multi-factor authentication (MFA). Looking ahead to 2024, the trend suggests that threats will persistently revolve around humans, compelling defenders to take a different approach to breaking the attack chain.”
- Cyber heists: Casinos are just the tip of the iceberg
- Generative AI: The double-edged sword
- Mobile device phishing: The rise of omni-channel tactics take center stage
- Open-source and generative AI: Leveling the ground for malware developers
- Identity-centric breaches: The Achilles’ heel
15) IDC Predicts — Like Gartner and Forrester, IDC has a paid model for their detailed written security prediction reports and forecasts. Still, there is plenty of free material to review online on 2024 in cybersecurity.
Start with “Top 10 Worldwide IT Industry 2024 Predictions: Mastering AI Everywhere.” Here are their top five items, with details on the first:
- Prediction 1: Core IT Shift – IDC expects the shift in IT spending toward AI will be fast and dramatic, impacting nearly every industry and application. By 2025, Global 2000 (G2000) organizations will allocate over 40% of their core IT spend to AI-related initiatives, leading to a double-digit increase in the rate of product and process innovations.
- Prediction 2: IT Industry AI Pivot
- Prediction 3: Infrastructure Turbulence
- Prediction 4: Great Data Grab
- Prediction 5: IT Skills Mismatch
Next, visit: “IDC FutureScape: ‘AI Everywhere’ Will Impact Business Decisions at Every Level.”
Another excellent video: “Artificial Intelligence — Looking Ahead to Forthcoming Regulations.”
Next week, I’ll release the second part of this report, “The Top 24 Security Predictions for 2024 (Part 2),” including:
- Reports 16 to 24
- Six bonus reports to examine
- Honorable mention reports and prediction lists
- Awards for the best reports and predictions in various categories
- My final thoughts on what may be missing from these 2024 security predictions