BeyondTrust today released its annual forecast of cybersecurity trends emerging for the New Year and beyond. These projections, authored by BeyondTrust experts Morey J. Haber, Chief Security Officer; Christopher Hills, Chief Security Strategist; and James Maude, Director of Research, are based on shifts in technology, threat actor habits, culture, and decades of combined experience.
Prediction #1: The Evolution of the AI Threat in three stages:
- Part I – AI Threat Actors Take the Stage: Human threat actors will increasingly incorporate AI capabilities, acting as a force multiplier, enhancing their reach and technical prowess. Weak AI, specializing in narrow tasks, will be a key enabler for threat actors, assisting in discovering vulnerabilities and evading detection.
- Part II – New AI Threat Vectors Emerge: AI will enhance existing attack vectors while creating novel ones based on Generative AI’s results. The implications are profound, encompassing the generation of fake content that will challenge the line between reality and deception.
- Part III – AI Code Assistants Introduce Further Vulnerability: The surge in AI assistants will paradoxically lead to more security vulnerabilities in software development, as AI-generated code may contain errors and misconfigurations.
Prediction #2: Dedicated Applications Start the Course Toward Extinction – Generative AI is set to make dedicated applications obsolete. The flexibility and power of AI could replace them with voice commands, facilitating the building of trust in a common interface. Complex user interfaces may become obsolete as the focus shifts to results-driven and function-specific applications.
Prediction #3: Down with VOIP and POTS, UCS is the Future – Unified Communication Services (UCS) will phase out POTS and dedicated VOIP. Vulnerabilities and hacks may compromise this once-secure communication medium.
Prediction #4: Subscription Overload, There’s a Subscription for That – Expect everyday items to transition to subscription-based models. While electronic payments replace cash, the trend of licensing products and services via subscriptions will grow. However, subscription gaps may pose data security risks.
Prediction #5: Juice Jackers Exploit the Standardization of USB-C – The proliferation of USB-C connectors brings convenience but also poses security challenges. A single standard connection type simplifies the job for threat actors, increasing the risks of attacks.
Prediction #6: Exploit Mapping for Ransomware – Ransomware attacks will shift from data extortion to selling exploitable data about organizations. Threat actors will sell information related to vulnerabilities, exploits, identities, privileges, and hygiene, focusing on potential threats and attack vectors.
Prediction #7: The Standardization of Cyber Insurance – Cyber insurance is expected to become more standardized across providers, enhancing risk reduction and liability management for businesses. A framework-based approach will standardize cyber policies.
“Looking ahead helps us anticipate where cyber threat actors will undoubtedly head, and preparing for what’s ahead makes all the difference in risk management effectiveness,” said Morey Haber, Chief Security Officer at BeyondTrust. “At BeyondTrust, we plan to provide the best security solutions to address current and future attack vectors, which our customers and partners expect.”
More detail and color on each prediction can be found at the following BeyondTrust blog post: https://www.beyondtrust.com/blog/entry/beyondtrust-cybersecurity-trend-predictions