Five cybersecurity trends for 2024

2024 marks a paradigm shift in cybersecurity. Defined by the rise of generative AI and in the context of the ubiquity of technology in our daily lives (approximately 15 billion connected devices were in circulation last year), cyber professionals now find themselves at the frontiers of security in the modern world, where threats are constantly evolving in sophistication.

By 2025, the global cost of cybercrime is expected to reach $10.5 trillion, an annual rise of 15%, and Gartner forecasts, that 45% of global organizations will grapple with supply chain attacks within the next two years. Add the ongoing global skills shortage, supply chain vulnerabilities, and geopolitical challenges, and you’d be forgiven for feeling concerned about the scale of the task.

To help prepare for this new era, we’ve identified five key cybersecurity trends we believe will take precedence in the year ahead:

• Zero trust goes mainstream

Zero trust is the gold standard of cybersecurity architecture which emphasizes a shift from traditional perimeter-based security to a model where trust is never assumed, even within the network.

Governments and many companies have already made zero trust strategies mandatory, reflecting the framework’s critical role in combating evolving cyber threats. As attacks increase and grow in sophistication, Zero trust must become more than the gold standard, it must become standard practice. It is, quite simply, the most effective strategy we have, and we expect more widespread adoption in 2024. Learn more about zero trust here.

• Generative AI transforms capabilities

Generative AI is expanding capabilities for both attackers and defenders with myriad applications. If we look at the glass as half full, stretched security teams will feel more supported and empowered than they have in recent years, and we expect organizations in 2024 to explore their transformative impact for compliance, data analysis, and accelerated means of defending against the evolving nature of cyber threats.

At the same time, questions surrounding the ethical use and security of generative AI will be at the forefront of cybersecurity discussions, and the rise of sophisticated AI-driven phishing attacks will be a major concern. There are many unknown unknowns, but there are also many unknown possibilities. Either way, organizations should be exploring generative AI’s security capabilities before threat actors control the playing field.

• Compliance builds transparency and spurs investment

The growth in compliance standards, spearheaded by regulations like the EU Cyber Resilience Act and the Digital Operational Resilience Act (DORA), emerges as a third significant trend. Compliance makes investment in security necessary, with no excuses. With new rules, such as the SEC disclosure requirements in the US coming in last year, companies will have to be far more transparent on company breaches when they occur. With the EU Cyber Resilience Act now agreed upon, manufacturers and suppliers will also have to prioritize cybersecurity throughout the life cycle of hardware and software, as well as supporting businesses and consumers to use technology more securely. All of this sets up 2024 to be a busy year for cybersecurity regulation across the globe.

• Convergence of IT, OT, and IoT Security

Another important trend is the convergence of IT, operational technology (OT), and Internet of Things (IoT) security. This is expected to standardize IP security and place higher demands on production and product security.

As organizations embrace Industry 4.0, there’s a growing emphasis on securing manufacturing processes and IoT devices throughout their lifecycle, and we can expect AI and machine learning to play a crucial role in analyzing the vast amounts of data generated by these interconnected systems.

• When cyber meets quantum

Quantum technology is now advancing faster than expected. Major players like Google and IBM are investing in quantum security to address the challenges posed by quantum computing. Its rapid progress may soon render obsolete the current encryption standards like RSA and ECC, and so the development of quantum-resistant algorithms is therefore becoming a pressing necessity for maintaining data privacy and security in the future.

While it may not take off in 2024, it certainly will in 2025, and as a result we expect quantum security to demand increased attention from cybersecurity professionals this year.

An era of disruption and opportunity

Advances in computing power must be matched by strengthened digital defenses. Beyond AI and ML and zero trust, new threats like quantum promise to upend the very foundation of cybersecurity standards worldwide. All business leaders and technology professionals will be impacted by this approaching milestone, as more and more organizations begin their quantum transition.

The convergence of these trends demands a proactive and adaptive approach from organizations in 2024. Leaders will find a strong defense in zero trust architecture and discover new capabilities in generative AI that will be critical to navigating the evolving cybersecurity landscape. Increasingly stringent compliance standards, driven by global regulations, are not only forcing organizations to invest in cybersecurity, but are also driving transparency, creating a more robust cybersecurity ecosystem at a time when IT, OT, and IoT are converging.

In the face of these challenges, 2024 is not just a year of disruption, but a year of unprecedented opportunity. The path forward may be uncertain, but with the right strategies and technologies in place, organizations can move forward into a new era of cybersecurity resilience with confidence.

Contact Capgemini to understand how we are uniquely positioned to help you structure cybersecurity strength from the ground up.