Generative artificial intelligence, unsecure employee behaviour, third-party risks, continuous threat exposure, boardroom communication gaps and identity-first approaches to security are the driving forces behind the top cybersecurity trends for 2024, according to research and consulting firm Gartner Inc.
In 2024, security leaders will respond to the combined impact of these forces by adopting various practices, technical capabilities and structural reforms within their security programmes, with a view to improving organisational resilience and cybersecurity performance, Gartner said.
According to Gartner, the following are the six cybersecurity trends for 2024:
Generative AI: Short-Term Scepticism, Long-Term Hope
Security leaders need to prepare for the evolution of gen AI, as large language-model applications like ChatGPT and Gemini are only the beginning. The technology also promises productivity increases, skills gap reductions and new cybersecurity benefits. Gartner recommends using gen AI through collaboration with business stakeholders to support the foundations for ethical and secure use of the technology.
"There's solid long-term hope for the technology, but right now, we're more likely to experience prompt fatigue than two-digit productivity growth," Richard Addiscott, senior director analyst at Gartner, said. "Things will improve, so encourage experiments and manage expectations, especially outside of the security team."
Cybersecurity Outcome-Driven Metrics
The frequency and negative impact of cybersecurity incidents on organisations continue to rise, undermining the confidence of the board in cybersecurity strategies. Outcome-driven metrics are increasingly being adopted to enable stakeholders to draw a straight line between cybersecurity investment and the protection levels it generates.
According to Gartner, ODMs are central to creating a defensible cybersecurity investment strategy, reflecting agreed protection levels, in simple language that is explainable to non-IT executives.
Security Behaviour, Culture Programmes Gain Traction
By 2027, 50% of chief information security officers of large enterprises will have adopted human-centric security design practices to minimise cybersecurity-induced friction and maximise control adoption. Security behaviour and culture programmes include an enterprise-wide approach to minimising cybersecurity incidents associated with employee behaviour.
"Organisations using SBCPs have experienced better employee adoption of security controls, reductions in unsecure behaviour, and increases in speed and agility. It also leads to a more effective use of cybersecurity resources," Addiscott said.
Resilience-Driven Third-Party Risk Management
With third parties experiencing cybersecurity incidents, security leaders need to focus on resilience-oriented investments. Security leaders must enhance risk management of third-party services and partner with external resources to ensure valuable assets are safeguarded.
"Start by strengthening contingency plans for third-party engagements that pose the highest cybersecurity risk. Create third-party-specific incident playbooks, conduct tabletop exercises and define a clear offboarding strategy involving, for example, timely revocation of access and destruction of data," Addiscott said.
Continuous Threat-Exposure Management Gains Momentum
Continuous threat-exposure management is an approach organisations can use to evaluate the accessibility, exposure and exploitability of digital and physical assets.
By 2026, Gartner predicts that organisations prioritising their security investments based on a CTEM programme will realise two-thirds reduction in breaches. Security leaders must continuously monitor hybrid digital environments for early identification and prioritisation of vulnerabilities.
Focus On Identity And Access Management
As organisations move to an identity-first approach to security, the focus shifts from network security and other traditional controls to identity and access management. While there will be an increased role for IAM in security programmes, focus on fundamental hygiene and improving system resilience will be important.
Security leaders should focus on strengthening their identity fabric and leverage identity threat detection and response to ensure that IAM capabilities can better support the overall security programme.