BeyondTrust has released its annual forecast of cybersecurity trends emerging for the New Year and beyond. These projections, authored by BeyondTrust experts Morey J. Haber, Chief Security Officer; Christopher Hills, Chief Security Strategist; and James Maude, Director of Research, are based on shifts in technology, threat actor habits, culture, and decades of combined experience.
Prediction #1: The Evolution of the AI Threat in three stages:
- Part I – AI Threat Actors Take the Stage: Human threat actors will increasingly incorporate AI capabilities, acting as a force multiplier, enhancing their reach and technical prowess. Weak AI, specializing in narrow tasks, will be a key enabler for threat actors, assisting in discovering vulnerabilities and evading detection.
- Part II – New AI Threat Vectors Emerge: AI will enhance existing attack vectors while creating novel ones based on Generative AI’s results. The implications are profound, encompassing the generation of fake content that will challenge the line between reality and deception.
- Part III – AI Code Assistants Introduce Further Vulnerability: The surge in AI assistants will paradoxically lead to more security vulnerabilities in software development, as AI-generated code may contain errors and misconfigurations.
Prediction #2: Dedicated Applications Start the Course Toward Extinction – Generative AI is set to make dedicated applications obsolete. The flexibility and power of AI could replace them with voice commands, facilitating the building of trust in a common interface. Complex user interfaces may become obsolete as the focus shifts to results-driven and function-specific applications.
Prediction #3: Down with VOIP and POTS, UCS is the Future – Unified Communication Services (UCS) will phase out POTS and dedicated VOIP. Vulnerabilities and hacks may compromise this once-secure communication medium.
Prediction #4: Subscription Overload, There’s a Subscription for That – Expect everyday items to transition to subscription-based models. While electronic payments replace cash, the trend of licensing products and services via subscriptions will grow. However, subscription gaps may pose data security risks.
Prediction #5: Juice Jackers Exploit the Standardization of USB-C – The proliferation of USB-C connectors brings convenience but also poses security challenges. A single standard connection type simplifies the job for threat actors, increasing the risks of attacks.
Prediction #6: Exploit Mapping for Ransomware – Ransomware attacks will shift from data extortion to selling exploitable data about organizations. Threat actors will sell information related to vulnerabilities, exploits, identities, privileges, and hygiene, focusing on potential threats and attack vectors.
Prediction #7: The Standardization of Cyber Insurance – Cyber insurance is expected to become more standardized across providers, enhancing risk reduction and liability management for businesses. A framework-based approach will standardize cyber policies.
BeyondTrust also envisions longer-term cybersecurity trends over the next five years:
Prediction #8: The Age of Malware Comes to an End – Malware is on the decline, as identity compromise and native tools replace software exploits. The focus will shift to identifying compromised identities and detecting unusual behaviors.
Prediction #9: AI Supply Chains in the Crosshairs – Nation-states will exploit AI supply chains to introduce vulnerabilities. AI code assistants and their training data become targets, potentially compromising AI infrastructure and creating new attack vectors.
Prediction #10: The Comeback Special – Vintage Tech Returns – Vintage electronics will make a modern comeback, combining nostalgia with modern connectivity. These devices may open new vulnerabilities and attack vectors.
Prediction #11: Identity Trust Chains Evolve to Take on Modern Threats – Identity verification services will emerge as a response to identity-based threats, with third-party solutions providing high-confidence identity verification in the electronic world.
Prediction #12: Evolving AI Sets Moving Target for AI Governance – AI governance and compliance fields will evolve, focusing on responsible AI regulation, ethical standards, and privacy. Regulations will vary by region, creating a moving target for AI usage.
Prediction #13: The Remote Control Gets Lost…And No One Cares – Physical remote controls are being phased out as dedicated phone applications and voice commands become prevalent. While reducing e-waste, this transition may introduce new network security challenges.
“Looking ahead helps us anticipate where cyber threat actors will undoubtedly head, and preparing for what’s ahead makes all the difference in risk management effectiveness,” said Morey Haber, Chief Security Officer at BeyondTrust. “At BeyondTrust, we plan to provide the best security solutions to address current and future attack vectors, which our customers and partners expect.”