8 cybersecurity trends & threats for 2024
Mention the word ‘cybersecurity’ today and the term AI is not far behind. But the cyberattack footprint extends much further. On the other hand, new and solid defence mechanisms are also available. Proximus NXT and its security partners explain.
1. Human-operated ransomware
Human-operated ransomware attacks have increased by more than 200% in one year, according to research carried out by Microsoft. Security officer Bart Asnot explains: “With this form of ransomware, cybercriminals remain in control during an attack. It allows them to continually adjust their tactics and it creates a direct connection between the attacker and the victim. This increases the risks because the hacker can see whether their victim is trying to scale up the security mechanisms. Based on this information, they further adjust their attack plan. Human-operated ransomware usually affects SMEs, which often have less maturity and experience to prevent and combat such practices.”
2. IT versus OT security
Against a background of automation and mutual connections, the flawless integration of OT and IT is crucial. Silos between operational technology and information technology hinder the deployment of a cybersecurity strategy. “In an industrial environment, for example, applications were once created to operate within an isolated network,” says Filippo Cassini on behalf of Fortinet. “Now that they are connected to the wider corporate network and the outside world, exposure to cyber threats is increasing. It is therefore important to let IT and OT interact optimally with each other. This often requires a cultural change within the company. So, there is a need for a security solution that breaks through silos.”
3. Generative AI
Generative AI, the IT concept of 2023, is making its mark on cybersecurity. “The technology is a welcome tool for criminals,” explains Andy Quaeyhaegens of Netskope. “For example, generative AI writes malicious code in a relatively simple way. Which means hackers require less knowledge and skills to attack organisations. The so-called script kiddies, who mainly hack for the thrill of it, are inflicting damage with the help of generative AI, often without being aware of the consequences.”
4. AI malware
Malware no longer looks like the ridiculous message from an unknown uncle asking for an advance on an inheritance. Generative artificial intelligence compiles messages that are almost genuine. “Attempts at business email compromise are increasing within company walls. This is where a hacker gains access to an email account of a company to incite employees to take action and hand over their cash," says Lieven Van Rentergem of Check Point. “On the other hand, artificial intelligence and machine learning help to identify subtle nuances and intercept such malicious emails.”
5. Simplification
According to Steven De Ruyver of Cisco, simplification manifests itself within different dimensions of cybersecurity. “Organisations implement platforms that centrally control the security environment. Within such platforms, there is room for applications from different suppliers. Security is becoming more and more invisible to the end user. For example, if they log in the same way every day, from the same location and with the same device, they will not have to enter a password every time to access the application. If this happens suddenly from another place or device, stricter controls will take effect. For the IT departments of companies, security providers bundle their offerings into packages that bring together different applications around a certain security domain. This also counts as a simplification.”
6. The ripple effect of NIS2
Organisations not only have to comply with the NIS2 directive themselves, but they also have to identify and address the security risks among their suppliers. In this way, they prevent a situation in which an incident with a supplier brings their own services to a standstill. Wouter Vandenbussche of Proximus NXT explains: “It means that even smaller SMEs must indirectly comply with NIS2 requirements. Within many small and medium-sized companies, the IT and security infrastructure has often grown historically, which does nothing to simplify matters. An assessment is often necessary in order to gain additional insights and to simplify the architecture where possible."
7. Security Consolidation
In recent years, the number of applications within each organisation has risen sharply. “That has led to a proliferation of security solutions for each company,” explains Bart Salaets of F5. “Many applications are often located within different (cloud) environments. Consequently, there is a need for consolidation. More and more companies are opting for a central platform that helps them tackle security and business problems. Through a step-by-step migration of security tools to those platforms, you can often also reduce the number of software suppliers. The managed security provider has an important role to play here.”
8. AI Act and cybersecurity
The AI Act is the first European regulation that specifically focuses on artificial intelligence. “That act is also closely linked to cybersecurity,” says Jesper Bork Olsen of Palo Alto Networks. “There can be no question of secure AI use when the systems are susceptible to cyber threats. From that perspective, it is therefore also important to map out all processes and safety measures. A major challenge is to find out how your suppliers and partners use AI. Accurately documenting all processes is worth its weight in gold.”
Ready to dive deep into this topic?
Latest insights & stories
CLEAN POWER FOR TRANSPORT
To fulfil climate targets, we need to make mobility greener. In doing so, we need to focus not only on making current mobility solutions greener, but also on shifting to more environmentally friendly forms of transport. Thus, the Clean Power for Transport action plan focuses on greening the vehicle fleet across all segments and rolling out the necessary infrastructure. For this, the Department of Mobility and Public Works also works together with foreign partners where possible for knowledge exchange and cross-border solutions.
MOBILITY AS A SERVICE
To promote sustainable combimobility, we are working on Mobility as a Service (MaaS) in Flanders. MaaS gives users access to multimodal transport solutions with greater user-friendliness, putting the end user at the centre. But organising mobility is a complex task. Users want control and reliability, but also freedom and flexibility. For this, we need reliable apps and agreements with providers and all MaaS actors. A full-fledged MaaS ecosystem, as it were. We are on the lookout for international knowledge sharing and cooperation to ensure combimobility reaches far beyond our own borders.
Vandersanden's new Pirrouet® factory extracts up to 2280 tons of CO₂ annually
Vandersanden, Europe's largest family-owned brick manufacturing company, has officially opened the first Pirrouet® factory in Lanklaar. It involves an investment of 32.5 million euros. The plant produces 20 million CO₂-negative Pirrouet® facing bricks annually when at maximum capacity. One ton of these bricks absorbs 60 kg of CO₂ during curing, and the entire production process is powered by green energy from the factory’s solar panels and wind turbine. “With the plant, we are making a significant contribution to CO₂ reduction and reinforcing our ambition to operate completely CO₂ neutral by 2050,” said Johan Deburchgrave, CEO of Vandersanden.