JOHN FOKKER , HEAD OF THREAT INTELLIGENCE , TRELLIX

With implementation largely still being in its infancy , the Edge represents a new frontier for businesses and APT groups alike . ooking back over the past year ,

2023 has been both uncertain and innovative . Organisations are becoming increasingly digitalised and employee gaps have become more prominent . We have become more connected than ever with the use of Edge devices and IoT keeping us online . However , this has led to a growth in employees using personal devices to access work applications and data , offering more access pathways for hackers to potentially get hold of confidential and sensitive data .

Additionally , we ’ ve also seen a significant evolution in next generation technology , especially AI . The use of Generative AI and other smart technology has disrupted the tech space , leading to a market that has become more diverse and accessible than ever . Although , this has been a doubleedged sword , lowering the barrier for entry for impressionable cybercriminals , leveraging AI tools for more indiscriminate and wide-reaching attacks .

Insider compromise and Edge vulnerabilities

Insider threats have increased by 47 % over the last two years , incurring a totals loss of US $ 15.38 million for the containment of these incidents . In fact , our research has identified that 45 % of business compromises arise due to employee error , and almost two-fifths ( 39 %) due to malicious insider threats .

There has been an increased need for organisations to look introspectively and work to plug internal vulnerabilities and protect internal systems . However , the increase in digitalised processes and connected devices in recent years has resulted in a significant shift within the threat landscape – especially when considering the often-overlooked realm of the Edge .

Businesses have never been more connected , and components like firewalls , routers and gateways offer a greater challenge to security teams than physical Edge device hardware . With implementation largely still being in its infancy , the Edge represents a new frontier for businesses and APT groups alike , and as a result , will be harder to navigate in 2024 .

AI and accessibility , but in the wrong direction ?

2023 saw a shift into fifth gear for Generative AI and Machine Learning ( ML ) capabilities . Progress and innovation have been so dynamic and fast that we ’ ve seen the introduction of new legislation and regulation to discuss the possibilities and risks of the tech . While AI has certainly improved opportunities within the security industry , it can also have negative effects that we ’ ll need to be mindful of in 2024 .

For instance , Generative AI has drastically eased the pathways for young individuals to enter the cybercriminal world . Whilst output can be rudimentary , open-source tools plug the skills gaps needed for code generation simplifying threat activity . At the same time , security professionals have needed to adapt to accommodate these tools and protect systems from more diverse threats .

We can also expect to see the use of Generative AI and innovative media generation continue to simplify and heighten the sophistication of social engineering initiatives . Threat actors are now able to enhance their phishing and vishing activity , creating convincing emails and realistic phone and video media to trick employees at all levels .

Overall , in the year ahead , businesses will need to adapt and fortify their systems both with and from improved technology in the right way . Having greater scrutiny over the integration of Edge devices and making use of AI and ML to reinforce existing and legacy security infrastructure will be vital to protect them from unknown elements .

28 WWW . INTELLIGENTCISO . COM