ccording to GlobalData ’ s Advisory

Report , 2024 Enterprise Predictions : Secure by Design , cybercriminals are predicted to be quick to innovate and improve their use of methods like social engineering and deceptive practices . In this digital era , innovation is often poised as a pinnacle of technology evolution . However , as quickly as decision-makers are willing to invest time , energy and money into deploying new technologies like Artificial Intelligence ( AI ), bad actors and hackers are gearing up to seize those efforts with the same force .

Social engineering has featured in many industryleading predictions for 2024 and sounds like it is already maturing into an even more impactful state . GlobalData reported that attacks leveraging social engineering tools became more frequent and more expensive in 2023 , meaning the profitability and ease of these cyberattacks is likely to drive an even higher volume of incidents this year .

It shouldn ’ t be mistaken that AI is the only tactic used , however , cyberthreats are more familiar with this technology . Darktrace found that due to AI ’ s monolingualism , it left the Asia Pacific region – home to diverse and complex languages – a relative safe-haven from attackers . However , Generative AI ( GenAI ) has dramatically dropped the barrier to entry for composing text in foreign languages . It should be expected that attackers will add new capabilities to their belts and this threat will be compounded by employees coached to look out for phishing emails written in English , but not their own language . Darktrace emphasised that this could provide fertile ground for attacks and create a weak spot for APAC businesses .

The National Cyber Security Centre ( NSCS ) recently revealed , in its The Near-Term Impact of AI on the Cyber Threat report , that cyber-resilience challenges will become more acute as technology develops . To 2025 , GenAI and Large Language Models ( LLMs ) will make it difficult for everyone , regardless of their level of cybersecurity understanding , to assess whether an email or password reset request is genuine , or to identify phishing , spoofing or social engineering attempts .

“ Threat actors continue using different tools and methods in their attack campaigns , making it critical for organisations to keep abreast of the latest tactics to fortify their security strategy ,” said Corey Nachreiner , Chief Security Officer , WatchGuard . “ When it comes to attacks that employ social engineering tactics , the end-user becomes the last line of defence between malicious actors and their success in infiltrating an organisation .

“ It ’ s important for organisations to provide social engineering education as well as adopt a unified security approach that provides layers of defence , which can be administered effectively by managed service providers .”

A realistic way of ensuring compliance from every member of an organisation should likely revolve around encouragement , empowerment and lack of ridicule and repercussions . Building resilience against cyberthreats is by no means easy , however , adopting a workplace culture that emits individual value in employees is likely to reduce risks falling on deaf ears .

We receive insight from industry experts at Rapid7 , Illumio and Integrity360 , who share their strategies to defend against social engineering tactics .

WWW . INTELLIGENTCISO . COM 27