It’s not officially the holiday season until industry analysts start offering predictions for the upcoming year. So now that the leaves have fallen and holiday decorations are up, here are my thoughts on what might be the top five security trends in 2024.
1. Multiple, sizable breaches will stem from misconfigured SaaS applications
I’m cheating a little on this one. The new Securities and Exchange Commission’s cybersecurity reporting requirements make it almost certain we’ll see more breach disclosures than we have in the past. More specifically, I believe we’ll see multiple disclosures of sizable data breaches that stem from the misconfiguration of connected, third-party SaaS applications in 2024.
SaaS usage is ubiquitous, yet many organizations still struggle with SaaS security. TechTarget’s Enterprise Strategy Group research, “The Cloud Data Security Imperative” (April 2023), found that 39% of organizations have suffered data loss of cloud-resident sensitive data, and an additional 20% suspect they have but can’t be certain. Of the organizations that have suffered or suspected they’ve suffered cloud data loss events, 42% indicated SaaS applications were the target. The most common factor contributing to these incidents wasn’t sophisticated malware or advanced adversaries but the misconfiguration of SaaS, cited by 33% of organizations.
At the same time, the SaaS landscape is changing dramatically due to connections with third-party applications, into which security teams often have limited visibility. Combine all these facts, and this issue will rise to the forefront in the coming year.
2. DDoS attacks continue to see a resurgence
DDoS attacks have been around since almost the beginning of the internet era, yet they are often overlooked compared to ransomware, phishing and other types of high-profile attacks. That said, attention tends to ebb and flow, and 2023 was fairly busy in terms of DDoS attacks. In fact, Netscout’s “DDoS Threat Intelligence Report” identified 7.9 million DDoS attacks in the first half of 2023, an increase of 31% from the first half of 2022.
Google and Amazon both reported having been targeted by massive attacks, with Google claiming a peak rate of 398 million requests per second. The ease of launching these attacks, the massive amount of compute available to attackers, the continued threat of hacktivism due to ongoing global conflicts and the ultimate effectiveness of these attacks all point to DDoS continuing to be a significant issue in 2024. On the positive side, however, as AI-powered automation improves in effectiveness and gains acceptance, DDoS mitigation is arguably one of the areas that could see the most benefit.
3. Forget network and security convergence — network and endpoint convergence accelerates
Network and security convergence has been in focus for the last few years. Secure Access Service Edge (SASE) has been a key example of this from an architecture perspective, and many network vendors have expanded into the security space. While this will continue, the ongoing shift to distributed architectures and the use of unmanaged devices has highlighted some of the gaps in network security.
Examples of endpoint-based enforcement of network security policies have been around for some time. Bitglass, acquired by Forcepoint, and dope.security are both endpoint-based secure web gateway providers that fall into this category. The emergence of enterprise browsers has accelerated this trend, exemplified by Palo Alto Networks’ stated intention to acquire enterprise browser company Talon. With some of the continuing changes to network protocols — including DNS over HTTPS and the proposed Encrypted Client Hello — it might become critical to have an integrated endpoint presence to ensure consistent protection across all types of traffic, devices and access.
4. Time for a billion-dollar network security acquisition
Despite the previously mentioned Talon acquisition, high-profile mergers and acquisitions (M&A) in the network security market have been too quiet for too long. Obviously, the last 18 months have slowed funding and M&A activity. Purse strings might be loosening in 2024, however. Even if the overall economic outlook doesn’t completely turn around, the number of vendors competing for budget and mindshare makes consolidation of some kind increasingly likely. Some SASE acquisitions have taken place over the last year, but they were on the smaller side. The time feels right for a major move to occur in this space.
5. AI begins a cybersecurity insurance industry ‘reset’
I’ll stray from my network security lane a little bit on this one. The cybersecurity industry has seen significant change over the last four years with the rise of ransomware. Increasing cybersecurity insurance premiums have made it incredibly difficult for many business to afford coverage. Many policies have begun to exclude ransomware, nation-state attacks and other specific types of devastating attacks. To better assess the cyber-risk of prospective customers, insurers have acquired or partnered with technology providers for penetration testing and posture assessment. The continued maturation in this area, coupled with the use of AI to enhance the effectiveness of these tools and improve the accuracy of underwriting, will help level out premiums. Over time, this should help open cyber insurance back up as an option for many of the organizations that have been priced out over the last few years.
John Grady is a principal analyst at TechTarget’s Enterprise Strategy Group who covers network security. Grady has more than 15 years of IT vendor and analyst experience.
Enterprise Strategy Group is a division of TechTarget. Its analysts have business relationships with technology vendors.