Cybersecurity Market Forecast: Top Trends That Will Affect Cybersecurity in 2024

Defending against cyberattacks in 2024

Cyberattacks are steadily increasing in both volume and scale across countries and industries, and this trend doesn’t show signs of letting up. In fact, while investigating cyber threats for 2024, researchers at NordVPN uncovered a troubling development: a new generation of cybercriminals is seeking tutorials on the dark web.

The cybersecurity sector follows patterns set by malicious actors, and Google Cloud’s Cybersecurity Forecast 2024 identifies several directions cybercriminals may go in the coming year. For example, political and social events like elections in the US and Taiwan and the 2024 Summer Olympics could be targets for state-sponsored cybercriminals.

Another key trend discussed in the report is the potential for improved and scaled phishing campaigns as generative artificial intelligence (AI) makes infiltration attempts more convincing. Grammatical and colloquial errors that distinguished suspicious messages in the past will be reduced or eliminated as language models improve.

With that in mind, one of the most important current topics of discussion in cybersecurity is the development of AI-powered technology designed to combat AI attacks. Generative AI poses the most significant threat to online security because it can learn how to circumvent even newly implemented security features.

EY Canada Cybersecurity Leader Yogen Appalraju told INN that 2024 is likely to bring increased use of generative AI across the board. “(We will) find generative AI being used by the attackers to be more efficient in terms of gathering information, social engineering, etc. But also the defender will be (relying on) it much more to be more efficient,” he said.

Just as attacks powered by generative AI will learn to work around security measures, safeguards that use generative AI will learn from attacks and infiltration attempts, identifying and repairing vulnerable points of entry. AI can also be used to enhance and secure biometric systems, further strengthening multi-factor authentication.

Yogen advised businesses to be alert to phishing attempts, which include fraudulent emails and phone calls. “Companies must (conduct) ongoing phishing testing campaigns internally to become more resilient to that. These are becoming much more sophisticated, especially spear phishing attacks, where (attackers) do the homework (of) intelligence gathering, and they send very believable emails with context,” he explained.

Simplification could be the best defense

Yogen believes cyber defense measures should be as streamlined as possible and predicts that cybersecurity programs will be simplified in 2024. “One of the reasons why it’s so much easier for an attacker today is because most large organizations have very complex IT environments,” he pointed out. “Some of them are built through acquisitions, so they’re very complex with lots of different technologies that they support. (So) simplification is going to be a theme. The more you simplify, the more you can get better visibility about your entire environment.”

EY’s 2023 Global Cybersecurity Leadership Insights Study reveals that 84 percent of companies are looking to add two or more new cybersecurity technologies to their existing measures. The authors point out that “technology clutter” makes it harder to spot abnormalities that indicate threats, and suggest relying on a single cybersecurity platform.

Amazon (NASDAQ:AMZN), Google (NASDAQ:GOOGL) and Microsoft (NASDAQ:MSFT) are the dominant players in tech, and all three have taken an interest in cybersecurity, acquiring private companies and integrating their technologies into their respective cloud platforms to create more comprehensive and integrated suites of security services.

“These folks are building rich, very sophisticated feature functionality (for their) platforms,” said Yogen. However, while having a few large platforms available certainly makes things simpler for businesses, he noted that these tech giants represent a real threat to smaller security vendors, which run the risk of being closed out of the market.

IBM (NYSE:IBM) is pursuing a different strategy by been investing in private cybersecurity companies without necessarily acquiring them or integrating their technologies into its cloud platform. Instead, it has been partnering with these companies to offer their solutions to its customers as part of its security portfolio. This innovative partnership approach allows IBM to offer a wide range of security solutions from multiple vendors, while also allowing the private companies to retain their independence and serve other customers beyond IBM.

Cybersecurity labor shortage a growing concern

As the cybersecurity industry’s rapid growth continues, labor is becoming a major challenge.

According to the International Information Systems Security Certification Consortium’s 2023 Cybersecurity Workforce Study, the cybersecurity workforce grew by 8.7 percent between 2022 and 2023. However, the talent gap grew at a faster rate, increasing by 12.6 percent year-on-year. In a mid-2023 article, Canadian cybersecurity company Field Effect discusses some of the reasons behind the talent gap, which include a lack of diversity in STEM fields.

Yogen recognized that while universities are making more of an effort to address this issue, the actions they are taking may not be enough to fully address the problem. “We’re seeing a trend towards (schools getting more people interested in cybersecurity now), especially with women,” he explained to INN. “There’s more training, awareness and education around a career in cyber. There are a lot of other roles in cyber than just being a software developer. So I do think there are a few things that will help us along the way, but it’s a real issue and a real gap. There is a feeling that (the gap) is quite significant, and in the millions in terms of the shortage of cyber talent.”

A cybersecurity talent shortage could have a significant and far-reaching impact on the broader economy, including increased cyber risks, reduced competitiveness and innovation, higher costs, reduced productivity and supply chain interruptions. At the company level, attacks can have a lasting negative impact, including a loss of stock value, eroded trust and a decline in clients as users switch to the services of another company in the wake of an incident.

The bottom line

The cybersecurity industry is growing rapidly as cyberattacks rise, and businesses need to take steps to protect themselves. Investing in security measures, staying up to date on the latest threats, educating employees about cybersecurity risks and simplifying cybersecurity solutions are all important in today’s world.

When it comes to cybersecurity stocks, there are a number of factors that could impact their performance in 2024. These include the continued growth of the sector, the development of new technologies and the evolving threat landscape. The biggest names in tech are dominating the market, but moving forward it’s possible that smaller companies with innovative solutions may have a chance to thrive in this constantly changing industry.