Major innovations, known threats and new regulations – the cybersecurity trends for 2024.

In terms of cybe security, 2024 is likely to be dominated by regulations, including the implementation of the European NIS-2. At the same time, EU citizens are facing a major digital innovation in the form of the EU Digital Identity Wallet. Two important trend topics that will be particularly important next year. However, some topics reappear year after year, continue to develop but remain fundamentally the same. In the area of cybersecurity, this is undoubtedly the threat of ransomware, which will once again be one of the biggest, if not the biggest, threat in 2024. We also take another look at the enduring issue of artificial intelligence and show how it will affect cyber security in the near future. Hovering over all of this, however, is a massively growing threat situation, which is having an impact on measures to protect against cyber attacks and on experts in the industry alike. Accordingly, we will look at this aspect from several angles below.

1. The threat situation continues to grow

Cybercrime has already experienced a strong and steadily growing boom in recent years. A trend that will continue in 2024, forcing companies, organizations and authorities to implement stronger security measures. Ransomware must still be mentioned here as the biggest threat. In this context, the topic of app security and compliance with a certain level of cyber hygiene in companies as a basis for cyber security is currently of particular importance.

1.1 Ransomware still the greatest threat
It is more relevant than ever: the threat of ransomware. As this is likely to remain the greatest cybersecurity risk in 2024, it should be explicitly pointed out once again. Because even if the topic is known in principle, the methods of attack are constantly evolving. With the ransomware-as-a-service business model, criminals are filling a gap in the market, since an order via the dark web is now sufficient to have a ransomware attack carried out. In-house expertise is no longer necessary. Cases of double ransomware attacks, in which two types of ransomware are used for the same target, are also becoming more common and will continue to be a popular tool in 2024. According to the BSI situation report, the attacks are also shifting in terms of their targets. In addition to large, financially strong companies, attackers are now also focusing on small companies and public authorities. This makes a comprehensive, effective cybersecurity strategy all the more important for all companies and organizations in the coming year.

1.2 App security – the sleeping giant of cybersecurity
A huge amount of data is already flowing through the mobile devices of private and business users today and this amount of data will continue to grow. Nevertheless, app security has tended to be a sleeping giant that has often been neglected in comparison with stationary infrastructures in companies. This is likely to change, as the large number of apps that are loaded onto smartphones, tablets and similar devices every day massively increases the potential attack surface for cyber criminals, which is why the number of attacks on corresponding apps and devices will also increase. The automation of processes, for example to detect malicious code in apps, will therefore play a much greater role in the future. Artificial intelligence will also become more of a focus here.

1.3 Cyber hygiene – Companies must continue to lay the foundations for cybersecurity
Although regulation can set the course for stabilizing the cybersecurity situation in Germany, this by no means guarantees sufficient security. Companies and authorities must create the foundation in everyday life. The keyword “cyber hygiene” is therefore an important factor in the cybersecurity of every company and must once again become more of a focus in 2024. This includes technical aspects such as the rapid patching of new vulnerabilities and the maintenance of an offline backup system. Given that ransomware will still be one of the biggest threats in 2024, it is also all the more important to include the human aspect and offer regular awareness training for employees.

2. Regulation as a consequence

One EU-wide consequence of the growing threat situation is the tightening of regulations in various areas. A major issue in 2024 in this context will be the transposition of the NIS-2 Directive into national law. The new and mandatory EU wallet will also be a huge step towards secure digitalization. However, the already established protection mechanisms, attack detection systems and business continuity management systems will also become even more relevant in the future due to the adaptation of regulations.

2.1 NIS-2 is about to be transposed into national law
The latest situation report from the German Federal Office for Information Security (BSI) highlights a development that everyone should be aware of by now: The cybersecurity situation in Europe is becoming increasingly critical. The EU is responding to this with regulations that are intended to ensure a higher level of security for authorities and companies in the future. In particular, the national implementation of the NIS-2 Directive through the NIS2UmsuCG (NIS-2 Implementation and Cybersecurity Strengthening Act) will lead to a significantly longer list of affected companies. Added to this are entire supply chains, a focus topic of NIS-2.

2.2 Attack detection systems continue to gain ground
In the future, more companies will be required to use systems for attack detection, such as a Security Operations Center. Although NIS-2 does not explicitly require the use of those and the German NIS-2 Implementation Act (NIS2UmsuCG) only restricts this to operators of critical facilities, systems for attack detection are now an indispensable part of an effective and comprehensive cybersecurity strategy, which is certainly required by the regulators. As a result, companies and organizations affected by NIS-2 will have to deal with these systems in the coming year – even without an explicit obligation.

2.3 Business Continuity Management (BCM) gains further importance
The trend is clear: the need to implement a business continuity management system (BCMS) to safeguard time-critical business processes will also increase in 2024. In addition to considering common threat scenarios (e.g. fire, blackout, damage to buildings and power lines etc.), the challenge of increasing cyber resilience at companies is growing in particular.

As the global threat level rises and cybercrime becomes increasingly professionalized, the demand for protection mechanisms is bound to increase. Added to this is the use of innovative technologies (AI), which makes sophisticated attack strategies even more effective. One in two organizations has been the victim of a cyberattack to date and 82% of organizations fear a continued negative development in the coming year (source: Human Risk Review 2023).

In line with this development, the regulatory requirements for business continuity are also being increased by the EU (CER Directive). This directive is being implemented in Germany with the KRITIS umbrella law and explicitly prescribes measures for the resilience of critical infrastructure operators. In addition, significantly more companies will be affected by increased requirements as part of the implementation of NIS-2. With the implementation of the DORA Regulation, the digital operational resilience of companies and institutions in the European financial sector will be regulated, among other things.

2.4 Digital Identity Wallet becomes mandatory throughout the EU
One of the biggest and most important developments in the field of electronic identities (eID) and Trust Services in the coming year will undoubtedly be the new EU Digital Identity Wallet, or EUDIW for short, which will be introduced with the new eIDAS Regulation (eIDAS 2). The wallet can be installed on any smartphone. For the first time, EU citizens will be able to use it to carry their proof of identification, such as the German ID card, and other documents, such as driving licenses, diplomas, birth certificates, etc., on their smartphone in a legally binding manner. A qualified electronic signature function will also be integrated. In future, the wallet will not only simplify administrative procedures, but also other everyday matters, such as opening a bank account. The EU Commission has made it clear that all functions of the wallet will be implemented in full compliance with data protection regulations and will be comprehensible and transparent for the user. All EU states will be obliged to offer the EUDIW to their citizens.

3. The challenge of staff shortage

The shortage of specialist staff is nothing new and affects almost every industry. However, the lack of experts in the field of cybersecurity poses a huge challenge this year when it comes to supporting companies quickly and competently in the implementation of necessary and desired security measures, which means that security companies have to rethink their personnel policy on the one hand and ensure that existing experts remain healthy on the other. After all, burnout is also becoming an increasingly important issue in the industry.

3.1 Staff shortage will lead to a rethink in companies
The shortage of well-trained specialists has been a growing problem across all industries for years and is also becoming an ever greater challenge in the area of cybersecurity. On the one hand, this leads to an overload for those responsible for cybersecurity in the company and, on the other, there is a risk of a gradual loss of quality in the coming years. As a result, talent management will become even more important in the area of cybersecurity in 2024. Companies cannot hope to be supplied with specialised personnel, but will have to become even more active themselves in order to train and regularly develop their experts. The shortage of personnel will also lead to more automation. The sensible and secure use of artificial intelligence plays a major role here and will play a more important role in the industry than ever before.

3.2 Burnout continues to increase among cybersecurity experts
The shortage of specialised employees is becoming increasingly problematic not only for HR managers, but also for security experts themselves. According to forecasts, they will increasingly be struggling with burnout and stress-related absences from work in the future. One factor fuelling this development is the understaffing of teams in many companies, particularly in view of the constantly growing threat situation, which is putting cybersecurity employees under further pressure. Experts are therefore already calling for extended measures to protect CISOs, security analysts and other managers. In future, they should receive more support and appreciation for their extremely demanding work.

4. Artificial intelligence as an attack and defence tool

Finally, the topic of artificial intelligence should and must also be mentioned. Although this is no longer a new cybercrime tool, attacks using AI will continue to increase in quality and quantity. This is partly due to the fact that these tools are becoming more and more mainstream, making them even easier to access in the future. Cyber criminals will probably focus on new types of social engineering measures. Deepfakes and voice cloning realised using AI could be used for very realistic phishing attacks. However, even more artificial intelligence will also be available for defence against cyberattacks in the future. AI-based methods for recognising attack patterns and the automation of security-relevant processes will take centre stage.