The cybersecurity space is constantly evolving. With the rise of AI, increasing reliance on Cloud and the ever-growing Internet of Things, vulnerabilities are popping up left, right and centre. With deepfakes taking hold and cyber criminals leveraging AI to impersonate business leaders in sophisticated vishing attacks, threats are becoming harder to spot. So, what’s on the cards for cybersecurity in 2024 and beyond? Our Avec experts, as well as clients from our parent company, Talent, have weighed in (their insights are so exclusive, we’ve had to conceal their identities).
Regulation will increase
To protect against risk, cybersecurity clients predict that there will be greater regulation for companies when it comes to cybersecurity. Across Australia, a Head of Information Security at an insurance firm foresees that there will be “Greater scrutiny from regulators (APRA, ASIC) for regulated entities”, while a Head of Information Security at another insurance company expects “increased regulation from APRA and regulatory bodies i.e., CPS 230.”
AI will present new risks
With the explosion of ChatGPT and other AI tools, comes a whole new ball game of cyber threats. Think – cyber criminals leveraging AI technology to generate convincing phishing emails, or the potential of using these tools to generate automated malware. Resultantly, a Head of Information Security client in the insurance space foresees the growing need to “defend against the increasing volume and sophistication of AI-enabled threats” while a SOC Manager at a Digital Solutions client predicts that there will be “more sophisticated attacks across the board as AI really takes hold.” A Cyber Services Manager at a cyber consultancy also cautions “We’ll see a lot more in the [AI and Machine Learning] space as new ideas off the back of these concepts emerge and mature. What we need to really watch for is how adversaries use the same concepts. As always in the information security space, attackers tend to harness new technologies for evil before we’re ready to defend against them.” Anthony Tockar, Data & AI Practice Lead at Avec, states that “The convergence of GenAi and cybersecurity heralds a new era where automated attacks are not just relentless, but cunningly intelligent. As such, AI can craft threats that combine brute force with strategic acumen, demanding a proactive and sophisticated response from our cyber defences.”
Digital fraud will rise
The rapid advancement of technology comes with both benefits and risks. An Information Security Manager at a major bank anticipates that we will see an “increase of digital fraud due to criminals being able to use the capabilities of artificial intelligence, deep-faking, and super-computing.” This is an issue which permeates through the Financial Services space, with an Information Security Lead at an insurance provider foreseeing that the next 1-2 years will involve a “focus on dealing with AI-powered attacks and the capability of organisations to be on top of these. Organisations wouldn’t be able to deal with these standalone and there would be an emergence of a more collective effort between companies.”
Security will receive more investment
Cybersecurity is the hottest topic at the moment, but there is still some way to go when it comes to business investment in this space. A 2022 survey revealed that only 36% of medium-sized business and 42% of larger companies consider cybersecurity a top budget priority in the US, and it appears things are similar across the globe. In the coming years, an APAC Security Officer at an insurance client company, predicts that “Compliance and governance will continue to be a focus area. Hopefully with this, information security will not be seen as a domain under IT but will get more visibility from the business. With recent breaches, litigation, and the government’s cybersecurity strategy, the board and executives may support the information security team more when it comes to understanding organisational risks, and allocating budget, including uplifting existing capability.”
So, where do we come in?
We can support your teams with securing your projects. At Avec, we offer specialised cybersecurity services, supporting leading-commercial companies through to government clients across Australia and New Zealand. Offering a full suite of strategic consulting, advisory, incident response, and managed security capabilities, we can help you strengthen your cybersecurity defences.
If you’re ready to ensure your projects are secure as possible get in touch with the Avec team today.
To discover more exclusive insights around the current cybersecurity market, check out Avec’s parent company Talent’s Cybersecurity Market Snapshot.