IT security trends: What experts expect for 2024

The year is coming to an end. Many IT managers are now taking stock of security and preparing for the coming year. Unfortunately, the outlook is anything but rosy.

Panic and alarm don't help anyone. However, given the enormous sums that security incidents cost, according to the market research company Cybersecurity Ventures, it is not always easy to remain calm. For the current year, the analysts estimate the global costs of cyber attacks at a whopping eight trillion US dollars. With an annual growth in the damages caused of 15 percent assumed by Cybersecurity Ventures, this figure will reach more than 10.5 trillion dollars in 2025.

Why IT security is an ongoing task with increasing spending

Spending on IT security is also steadily increasing. According to the Bitkom association, more than nine billion euros will be invested in the defense against cyber attacks in Germany for the first time in 2023. In 2024, it is already expected to be more than ten billion euros and in 2025 even around 11.6 billion euros. “Any company can be the victim of cyber attacks,” comments Bitkom Chief Executive Officer Udo Littke. It is therefore "a good signal" if companies ramp up their spending on IT security.

Sabotage, espionage and data theft caused around 206 billion euros in damages to companies in Germany in 2023. Cyber attacks alone constitute 148 billion euros of this sum alone. “The attackers are becoming more professional and organized and the boundaries between organized crime and state-controlled actors are fluid,” says Littke. IT security is therefore “a permanent task for all companies and must be anchored at the top of management.”

Current and future cyber threats

Advanced persistent threats (APTs), ransomware, and attacks on supply chains and critical infrastructures are the most important current and future cyber threats, according to independent security expert Niels Groeneveld. In particular, blackmailers are expected to further diversify their goals in the future and increasingly target small and medium-sized enterprises (SMEs), municipalities and healthcare institutions.

Groeneveld proposes that the attackers are no longer satisfied with encrypting data but are increasingly stealing data in order to put pressure on their victims. Vulnerabilities in increasingly networked supply chains represent another major threat. Even small vulnerabilities could have an impact on many companies with catastrophic effects.

Fighting generative AI with AI in IT security

Author and keynote speaker Bernard Marr has compiled ten cybersecurity forecasts for 2024 for Forbes magazine. One of the biggest problems is the continuing shortage of skilled workers. This leads to rising salaries, but also to higher necessary investments in education and training. The success of generative AI such as ChatGPT will lead to increasingly sophisticated cyber attacks.

At the same time, many manufacturers are already relying on AI to combat AI. Who will win the race in the end is still open. Marr is convinced that the importance of Zero Trust will also continue to increase in the coming year. Zero Trust will then “no longer be just a technical network security model, but something adaptive and holistic, supported by continuous AI-powered real-time authentication and activity monitoring,” says Marr.

The recently published study “2024 Global Digital Trust Insights” by PricewaterhouseCoopers is particularly interesting in this context. 52 percent of the 3,800 CISOs and CIOs surveyed expect “catastrophic cyber attacks” in the next twelve months due to the successes of generative AI. 77 percent therefore want to use AI “ethically and responsibly” themselves.

For example, AI is “able to synthesize extensive data on a cyber incident from different systems and sources,” according to the study. This helps those responsible to understand incidents more quickly. AI could also pose complex threats in easy-to-understand language and help with mitigation strategies, as well as research and investigations. PricewaterhouseCoopers therefore calls such AI capabilities “DefenseGPT”.

Why VPN solutions are vital for a wide range of industries

Another area that is expected to grow strongly in the coming years is virtual private networks (VPNs), such as those offered by NCP. Analysts at Technavio forecast an average annual growth rate of 16.3 percent for VPNs by 2028. If the global VPN market was still $16.3 billion in 2018, it is expected to reach nearly $48 billion ten years later.

One of the main reasons for the strong growth is the increasing use of VPN solutions in a wide range of industries. “Businesses are realizing the benefits of VPNs, such as improved security and fast, reliable connections,” writes Technavio in its study. VPNs are critical to ensuring an uninterrupted flow of critical business data, minimizing packet loss, and addressing security concerns.

In a nutshell: Keep calm and carry on

The market research company Gartner has also already dealt with the IT security trends for the current and coming year. Among the most important advice from experts is remaining calm and resilient. “While there is no question that CISOs and their teams need to focus on what's happening today to ensure that their organizations are as secure as possible,” says Richard Addiscott, senior director analyst at Gartner. “But they also need to take the time to look beyond their day-to-day challenges and see what might come in the years ahead for their security programs.”

Learn more about centrally managed VPN solutions from NCP.