1 of 20
2 of 20
3 of 20
4 of 20
5 of 20
6 of 20
7 of 20
8 of 20
9 of 20
10 of 20
11 of 20
12 of 20
13 of 20
14 of 20
15 of 20
16 of 20
17 of 20
18 of 20
19 of 20
20 of 20
Foreword

The Complexity of the Interconnected World Leads to New and More Sophisticated Challenges

As the importance of data continues to increase, and being online has become the new normal - from spending long hours on social media to using connected pillows, online shopping, and taking part in virtual meetings - improving data security and the infrastructure that supports online services has become a top priority for all businesses. This report presents some of the challenges in these areas for 2024, projecting trends that could alter digital defense and cybersecurity strategies, addressing key issues for understanding and adapting to changes in this domain.

The first topic, the "Zero Trust" approach, stands out as a central pillar for modern security. This concept, based on the premise of never trusting and always verifying, reshapes security strategies, requiring continuous authentication and rigorous monitoring, even within presumably secure networks. The implementation of this approach is essential to mitigate risks.

Next, programmable and autonomous security emerges as a vital component, allowing a more agile and adaptive response to threats by offering great customization power in mitigating attacks and responding to incidents. Static security solutions - buillt on a signature-based approach - are no longer sufficient to protect against simple attacks, let alone complex and targeted ones, like those that use polymorphism techniques, which alter the attack's signature, making it difficult or impossible to detect.

Artificial intelligence (AI) is also playing a transformative role, both in threat detection and in responding to security incidents. AI is the ally that empowers security systems to learn and evolve, bringing visibility to threats that would go unnoticed and offering an additional layer of protection against increasingly smart, automated, and fast attacks.

In 2024 we will see an increase in the number of attacks that exploit the use of AI to infiltrate systems, gaining persistence in them and materializing C2 (Command & Control) attacks, for example. AI-driven threats will become increasingly sophisticated, from the creation of highly advanced deepfakes for phishing and other forms of social engineering, to the dissemination of malware with advanced evasion and autonomous propagation capability.

API protection emerges as a critical topic, especially considering its fundamental importance in service integration and facilitating communication between different digital platforms. With the extensive use of APIs - which have already surpassed the volume of transactions performed by users - the security of these interfaces becomes essential to prevent unauthorized access and data injection or theft attacks, or even to increase the reliability of these services. This report highlights the need to implement robust security strategies, including rigorous authentication and authorization and the encryption of data in transit and at rest.

Additionally, we highlight the critical need to implement rigorous security management practices in the software development supply chain. Ensuring integrity and security at each stage of the software development life cycle is essential to prevent vulnerabilities that could be exploited by cybercriminals.

This involves adopting a proactive approach in risk assessment, implementing robust security controls, and conducting regular security audits across all supply chain components. Such a strategy not only strengthens the software security posture but also ensures that the final products align with the best security practices, thus minimizing the potential for exploitation by external threats.

Lastly, the report explores the growing importance of cyber insurance, a trend that highlights the emerging need for approaches to mitigate the financial risks resulting from security breaches and data losses. As the cyber threat landscape becomes increasingly complex and the financial consequences of security incidents amplify, cyber insurance emerges as a vital tool for businesses of all sizes.

They not only offer a financial safety net, but also encourage the adoption of rigorous security practices by setting minimum requirements for coverage. Thus, integrating cyber insurance into risk management strategies represents a prudent step to protect against the adverse financial impacts of security incidents, reinforcing the importance of a holistic approach to cybersecurity.

This report provides a detailed and comprehensive analysis of the predicted trends for 2024 in the field of cybersecurity, offering valuable insights for professionals and organizations to effectively anticipate and mitigate the challenges that arise in this dynamic and ever-evolving environment.

We encourage everyone to delve deeply into this document in order to equip themselves with the necessary knowledge to successfully navigate the risks and opportunities of cybersecurity in the near future.

Maurício Pegoraro

CISO, Azion Technologies

Introduction

"The Best Way to Predict the Future is to Create it."

Peter Drucker

US$ 8 trillion. That was the estimated global cost of cybercrime in 2023, according to a study by Cybersecurity Ventures [1]. If it were a country, this illicit activity would be the third largest economy in the world, behind only the U.S. and China. 

A market report from Checkpoint Security pointed to an 8% growth in the weekly number of cyberattacks worldwide in the second quarter of 2023 [2], the highest growth in the past two years. In the first half of the year one of the most well-known groups for ransomware, Lockbit [3], increased its number of victims by 20%.

Regardless of the industry, no business is safe. Companies of all types and sizes can fall victim to threats such as ransomware, data theft, and information leaks, which can damage business continuity, harm reputations, and even lead to legal repercussions.

In addition to protecting yourself against current threats, it's important to be aware of what's to come. As Wayne Gretzky once said, "I skate to where the puck is going to be, not where it is". To assist in this task, we have prepared this report on edge computing security trends.

Drawing on the experience of our executive team, we have discussed the most common themes in the market to identify those that will most significantly impact the development and delivery of applications on the edge in the coming year.

With this, we hope to help identify potential risks before they materialize at your doorstep, or opportunities that, if seized, may offer a competitive advantage. Happy reading!

143% was the growth in the global number of ransomware victims in the first quarter of 2023.

Source: Cyber Security Trends 2023, Allianz Commercial [3].

Trend Overview

1 Zero Trust Security

What is it? A new way of thinking about security. There are no trusted users, devices, or networks, all access must be validated.

Why is it a trend? It is essential in modern networks, where resources are globally distributed and there is no clear perimeter to protect, in contrast to legacy networks.

What is the impact? It helps to prevent attacks and also to maintain compliance with security standards and local legislation.

2 Programmable Security

What is it? The ability to customize and control security settings and protocols through code and automation routines.

Why is it a trend? Emerged as a response to the lack of flexibility of traditional security solutions in the face of complex IT environments in modern organizations.

What is the impact? It allows for a quicker response to unknown threats and has better integration with mixed environments.

3 Artificial Intelligence

What is it? Machine learning models designed to interact, understand, and generate responses similar to a human, based on training data.

Why is it a trend? It is increasingly used in IT operations and software development, automating routines and increasing productivity.

What is the impact? It facilitates attacks, but also enhances protection and simplifies the migration of legacy applications to modern environments.

4 API Protection

What is it? Measures to protect essential components of modern applications, which allow communication between modules and simplify development.

Why is it a trend? APIs carry valuable information, such as financial transactions and personal data, and can be manipulated to facilitate attacks.

What is the impact? Failure in protection can lead to data leaks, financial losses, and even legal repercussions.

Chapter 1

Zero Trust Security

What Is It?

Proposed in a paper published by Forrester Research [4], Zero Trust Security is a security approach based on continuous monitoring and verification, which can be summarized as "never trust, always verify".

It establishes that any and all access to resources in a system must be validated, users and workloads should have only the minimum privileges necessary to complete a task, and micro-segmentation should be used to limit access to the network as a whole.

It is important to keep in mind that Zero Trust Security is not a tool or product. It's a process that involves redesigning the security architecture of your operation according to the above principles. 

Why Is It a Trend?

In the legacy security model, a network is protected by a firewall that controls access to resources behind it. It is assumed that the devices, systems, and users within the perimeter delimited by the firewall are "trusted" and that threats always come from outside. Therefore, access control measures are focused on the border between the trusted and untrusted parts of the network.

This approach is unsustainable in modern networks, which can have a global reach and millions of connected users and devices, with threats originating from the inside or outside. It is difficult to "close the perimeter" when it is practically non-existent.

By focusing authentication on access, and not on users or devices, and segmenting resources, Zero Trust Security minimizes the risk of attacks and the scope of damage if they happen. In addition, it helps maintain compliance with privacy and information security standards that demand strict control over who can access sensitive information, and under what circumstances.

Impact

Zero Trust Security reduces the risk of attacks and helps to maintain compliance.

  • In Zero Trust Security, there are no "trusted" or "untrusted" users, networks, or devices. Trust should not be applied to packets, interfaces, or data.

  • It reduces the risks of privilege escalation and "zero-day" attacks, when attackers exploit vulnerabilities that are not yet publicly known.

  • Zero Trust Security is an ally in preventing data leaks [5], which can lead to financial damage, reputation harm, and legal repercussions against your company.

How to Benefit From It

  • There is no turn-key solution for Zero Trust. The implementation of this architecture goes through several steps [6], such as identifying the components of your ecosystem, mapping solutions, micro-segmenting the infrastructure, and finally the journey, which includes planning and implementation itself.

  • Preparation is essential for the implementation to be not only successful, but also to meet the requirements of an efficient Zero Trust architecture. Without it, any action aimed at implementing the model becomes empty.

  • "It is dangerous to go alone!". Choose an experienced security partner, with solutions that allow for granular permissions, network micro-segmentation, and robust visibility and analysis tools. This will simplify the process and help keep costs under control.

US$ 4,45 million. This was the average cost of a data breach in 2023. An increase of 15.3% over the last 3 years.

Source: Cost of a Data Breach Report 2023, IBM Security [7].

Chapter 2

Programmable and Autonomous Security

What Is It?

Programmable security refers to the ability to customize and control security settings and protocols through code and automation routines. This concept encompasses several other technologies, such as Software Defined Networks (SDN), Network Function Virtualization (NFV), behavior-based threat detection using AI, Cloud Access Security Brokers (CASB), Next Generation Firewalls (NGFW), and edge-based Intrusion Detection and Prevention Systems (IDS/IPS).

The programmable nature of this approach results in more dynamic and flexible protection, as security measures can be quickly and easily adjusted according to changes in the threat landscape and the availability of resources to maintain security tools.

For example, the return to the office has introduced challenges, from talent retention to office spaces that accommodate the return. Both cases can result in a reduction in staff and even create difficulties for talent retention. This is where another advantage of programmable and autonomous security comes into play: doing more with less to implement and operate security tools.

It's important to note that, although Programmable Security offers significant advantages over the traditional approach, it doesn't completely replace it. A complete cybersecurity strategy involves combining traditional and programmable solutions, joining the strengths of each to create a robust defense system against threats.

Why Is It a Trend?

Programmable security emerged in response to the lack of flexibility of traditional security solutions in facing the complex and dynamic IT environments in modern organizations, composed of a mix of on-premise, cloud, and edge solutions and resources, with equipment ranging from IoT sensors to an increasing number of mobile devices.

Traditional solutions, such as legacy firewalls, antivirus software, and access controls, are fixed and not easily adaptable to emerging threats, making them ineffective against new attack vectors. The need for manual intervention in configuration and monitoring combined with a lack of real-time threat intelligence exacerbates this scenario. This results in delays in identifying and responding to attacks, especially the more sophisticated ones, which can be highly targeted.

Impact

Programmable security is a response to the lack of flexibility in traditional solutions.

  • Programmable security promotes the consistent application of security policies across your network infrastructure, including edge environments, cloud and virtualized networks.

  • Automation reduces the risk of human errors, which can lead to vulnerabilities, and optimizes the use of resources, reducing the overall cost of security operations.

  • Programmable security solutions can be extended to edge computing and cloud environments, providing localized protection for distributed systems and IoT.

How to Benefit From It

  • When creating applications, prefer an edge-native approach, which will allow you to take advantage of the high availability, better performance, and advanced security offered by edge computing platforms.

  • Use edge firewalls to protect legacy applications with sophisticated security features that can be quickly deployed, without code modification, and are easy to automate and manage.

  • Combine data streaming solutions to collect data from events occurring in your company's applications with a SIEM (Security Information and Event Management) to gain real-time intelligence about anomalous events and possible threats.

69 zero-day vulnerabilities, those that are exploited before they are even known to the affected software's developer, were identified between January and September 2023. 44 of them were being actively exploited by criminals.

Source: Infosecurity Magazine [8].

Chapter 3

Artificial Intelligence

What Is It?

Last year, we saw an explosion in the popularity and number of artificial intelligence tools based on Large Language Models (LLM), such as OpenAI's ChatGPT, Microsoft's Bing Chat, and Google's Bard, to name just a few. Suddenly, these "Artificial Intelligences" started to be present in web browsers, text editors, design tools, software development environments, and more.

Analyzing billions of parameters built from immense amounts of pre-existing data, they are able to interpret requests in natural language and quickly produce convincing results, be it a high school student's essay or Python code for a specific problem. These capabilities also apply to the field of security.

Why Is It a Trend?

AI tools can be extremely useful for criminals, whether it's generating scripts for exploiting vulnerabilities, automating penetration testing, or even compiling and correlating personal information resulting from multiple data breaches for social engineering attacks.

On the other hand, they are also being used for good. A large part of the Security Orchestration, Automation, and Response (SOAR) tools on the market already incorporates machine learning and artificial intelligence capabilities for real-time threat detection or configuration failures that could be exploited in the future.

AI can be valuable in transforming legacy monolithic applications into microservices ready for modern edge computing platforms. This includes code refactoring, a normally tedious and error-prone process, validation according to the best design standards and practices, and test automation, to prevent flaws that can be exploited in the future from reaching production code.

Impact

AI is a double-edged sword, which can be used to facilitate attacks or enhance defense.

  • The use of AI for behavior analysis is an ally in the fight against zero-day vulnerabilities, those that are exploited by criminals before a fix is available.

  • AI co-pilots help developers write code in languages they are not familiar with and simplify tedious tasks, boosting their productivity.

  • The ability to compile information to create detailed profiles of potential victims and new deepfake techniques [9] will lead to increasingly sophisticated phishing attacks.

How to Benefit From It

  • Establish task forces to identify which AI tools can assist in your processes, how, and what the associated costs are. Don't forget to include representatives from each involved sector.

  • Before adopting an AI tool, analyze the privacy policy related to the information given to it. Some companies reserve the right to reuse the content provided by users for the training and enhancement of their AIs, which could cause a user-written prompt to resurface in response to another user with a similar problem. This could cause serious issues if the AI has been "fed" confidential information about your business's products and processes.

  • Use AI tools to analyze past events, data, and outcomes and, through predictive modeling, generate insights about the future to assist in decision-making.

92% of developers in the United States are already using AI tools, according to a survey of 500 professionals in the field conducted by GitHub.

Source: Survey reveals AI’s impact on the developer experience, GitHub [10].

Chapter 4

API Protection

What Is It?

APIs (Application Programming Interfaces) are one of the pillars of modern computing. They provide a means for different parts of the same application (such as the front-end and back-end) to communicate or integrate with third-party modules and services. They are like railways, enabling the exchange of information in a standardized way.

For example, an online store can use partner APIs to calculate shipping costs, process credit cards, or manage a loyalty program, without their developers having to implement these functions from scratch.

It quickly becomes clear that APIs deal with critical information for the operation of an application and, consequently, the businesses that depend on it. And where there is information, there are criminals on the lookout, waiting for a chance to attack.

Why Is It a Trend?

A recent report [11] showed a 400% increase in the number of unique attackers targeting APIs over a period of just six months. Additionally, 94% of participants reported security issues with APIs in production over the past year, and 17% stated that their companies suffered data leaks due to API security flaws.

The purpose of API protection is to prevent these attacks, which can impact the operation of your applications or cause data leaks that can lead to financial losses for you and your clients. It's no wonder that API security has become a common theme among the top executives (the so-called "C-Level") of many companies in the past year.

Impact

Believe it: service unavailability is the least of the consequences of an API attack.

  • Vulnerabilities in APIs can lead to service unavailability, information leakage, application contamination, system invasion and more.

  • In 2021, researchers found flaws [12] in the APIs of Peloton, a fitness equipment manufacturer, that allowed anyone to obtain information about users.

  • In 2022, a researcher discovered a flaw in a Coinbase API [13] that could "destroy the market," as it allowed for the use of non-existent funds in cryptocurrency transactions.

How to Benefit From It

  • Following the principles of Zero Trust Security (see the first trend in this report), any and all access to an API must be authenticated and authorized. It's not enough to verify that the user exists and is legitimate, it's also necessary to make sure they are authorized for the current level of access.

  • Authentication with "username and password" is not enough, as these are pieces of information that can be easily obtained by criminals. Implement a mutual authentication scheme [14] like mTLS (Mutual Transport Layer Security) to ensure the identity of clients and servers before a connection is established.

  • Use features of a Web Application Firewall (WAF) such as Rate Limiting and DDoS Protection to prevent attacks that can lead to the unavailability of your APIs. WAFs also protect against other threats from the OWASP Top 10 [15], such as Broken Access Control, Code Injection, and Server-Side Request Forgery (SSRF).

78% of the attacks against APIs come from legitimate users whose authentication credentials have been stolen by criminals.

Source: API Security Trends 2023, Salt Security [11].

Also Consider These Themes

In addition to the four trends presented, there are a few concepts that we consider worthy of attention for any company that takes the security of its operations seriously. Think of them as bonuses that will ensure an extra layer of protection to prevent the worst and bring peace of mind in case it happens.

Supply Chain Security Management

This concept refers to managing the risks associated with suppliers, partners, and external service providers. Your applications do not exist in a vacuum: they depend on external libraries and tools, and they are most likely hosted and executed in an infrastructure that is not entirely under your control.

In software development, the concept of an SBOM (Software Bill of Materials) is emerging, basically a list of all the "ingredients" required to build a specific application.

It's necessary to establish procedures to ensure all these components are up-to-date and protected, and that there are communication channels with suppliers so that any security alerts are received and incidents resolved. Similarly, when choosing a service provider, pay attention to their security history, SLAs for problem resolution (especially critical incidents), and available communication channels.

Cyber Insurance

The increasing number of cybersecurity incidents and the associated recovery costs have led to the emergence of a cyber insurance [16] industry that helps reduce the financial impact on attacked companies.

These policies can cover both direct costs, such as those related to recovering lost data and repairing compromised systems, as well as indirect costs, such as legal fees and compensation to affected customers.

On the other hand, they do not cover pre-existing faults, infrastructure failures, or incidents caused by employees. They also exclude coverage of incidents caused by known but unpatched vulnerabilities. In other words, it's not enough to just buy the insurance, a proactive security stance is required.

US$ 84,62 billion. This is the estimated size of the cyber insurance market by 2030.

Source: Cyber Insurance Market Size, Share & COVID-19 Impact Analysis [17], Fortune Business Insights.

The Tools You Need to Increase the Security and Effectiveness of Your Business Are Within Your Reach

The modern hyperconnected economy brings countless opportunities, but also a series of challenges that, at first glance, can be considered insurmountable, like the need to protect a virtually global "perimeter" against increasingly complex and sophisticated onslaughts. To make matters worse, the characteristics of this scenario change all the time, as criminals quickly adapt to defense strategies and respond with new forms of attack.

Fortunately, trends like Zero Trust Security, programmable security, the use of AI, API protection, and IoT security provide us with the necessary tools to safely navigate these turbulent waters. Implementing them quickly and effectively is key to reducing operational costs while enhancing the protection of your business. Count on Azion's experience in this journey.

References
[1] 2022 Official Cybercrime Report. eSentire, 2022.
[2] Surge in Cybercrime: Check Point 2023 Mid-Year Security Report Reveals 48 ransomware groups have breached over 2,200 victims. Check Point Security, Aug. 23, 2023.
[3] Cyber security trends 2023. Allianz, Oct. 5, 2023.
[4] No More Chewy Centers: The Zero Trust Model Of Information Security. Forrester Research, Mar. 23, 2016.
[5] Understand Zero Trust Security's Approach to Data Protection. Azion Technologies, Mar. 20, 2023.
[6] First Steps to Simplify the Zero Trust Model Adoption. Azion Technologies, Mar. 27, 2023.
[7] Cost of a data breach 2023. IBM Security, 2023.
[8] A Guide to Zero-Day Vulnerabilities and Exploits for the Uninitiated. Infosecurity Magazine, Sep. 28, 2023.
[9] Fraudsters Cloned Company Director’s Voice In $35 Million Heist, Police Find. Forbes, Oct. 14, 2021.
[10] Survey reveals AI’s impact on the developer experience. The GitHub Blog, Jun. 13, 2023.
[11] API Security Trends 2023. Salt Security, 2023.
[12] Tour de Peloton: Exposed user data. Pen Test Partners, May 05, 2021.
[13] Retrospective: Recent Coinbase Bug Bounty Award. Coinbase, Feb. 18, 2022.
[14] Learn How mTLS Can Make Your Applications More Secure. Azion Technologies, May 17, 2023.
[15] How to Mitigate OWASP Top 10 Risks with Azion's WAF. Azion Technologies, Mar. 06, 2023.
[16] What Is Cyber Insurance?. Trend Micro, date unavailable.
[17] Cyber Insurance Market Size, Trends | Overview Report [2030]. Fortune Business Insights, Apr. 2023.

Credits

Text

Rafael Rigues, Thiago Silva, Mauricio Pegoraro, Rafael Umann

Editorial Council

Fernanda Mizzin, Marcelo Messa, Marcos Besse, Marcus Grando, Maurício Pegoraro, Júlio Silvello, Rafael Umann

Graphic Design

Caio Ogata, Guilherme Ganc

Project Management

Marcelo Messa, Marcos Besse

Discover how to elevate your company's security in a world where networks, and threats, are increasingly distributed.