Adopting Generative AI and the world of cybersecurity in 2024

Adopting Generative AI and the world of cybersecurity in 2024

A new year is upon us. Technology is changing at an unbelievable pace and looks set to continue to do so. We asked two technology experts for their technology predictions for 2024, focusing on AI and cybersecurity.

David Harrison, UK Technology Strategy & Transformation Practice Lead, KPMG UK:

Without a doubt, 2023 has been the year of Generative AI. However, unlike some hot technology trends, GenAI is here to stay, and I expect it to remain at the top of businesses’ agendas throughout 2024. In fact, the 2023 KPMG CEO Outlook survey revealed that business leaders are investing heavily in Generative AI on an on-going basis as a means of gaining a competitive edge for the future, listing the technology as a top investment priority in the medium-term.

But the journey from a buzzword to extracting business value from this technology is not a simple one, with regulation and ethical challenges likely to significantly slow progress. In the same piece of research, 63% of UK CEOs said that the current lack of regulations and direction for Generative AI within their industry will be a barrier to their organisation’s success. And we are already seeing new regulations, such as the US AI Bill of Rights and the EU AI Act, requiring businesses to consider the consequences of adopting the technology alongside opportunities. Therefore, there will be growing attention to how new regulatory guidelines will shape the technologies’ adoption. As a workaround, more businesses will find ways to use it more securely; for example, it will be common for organisations to develop their own Large Language Models for internal use.

A lack of skills will serve as another barrier to the adoption of Generative AI, with only the most advanced technology companies already having the necessary talent in-house. Consequently, the rest will do their best in the year ahead to either train or hire the right people to support their endeavours. We will also see larger organisations create dedicated teams whose time is devoted to curating and managing their response to the emergence of Generative AI. Their role should include considering the implications of the technology on all aspects of their business and being responsible for cross-enterprise coordination, focusing on finding efficiencies, learning from pilots and prioritising investment. There may also be an uptick in M&A to rapidly acquire Generative AI skills as players race to become market leaders.

In terms of business use cases, there is the potential for Generative AI to be used across a variety of business use cases to save time, money and effort. Generative AI models have the potential to transform businesses by automating and executing certain tasks with unprecedented speed and efficiency. I anticipate some of the most transformative impacts to be in software development and maintenance, enabling the faster delivery of more reliable software products and services; video creation and Virtual Reality, with GenAI creating immersive video game environments and designing videos; the Metaverse, in terms of generating 3D assets; and improved information security, as Generative AI will teach people what key risks specific vulnerabilities represent, helping them write suitable scripts or understand methods of attack by threat actors.

Kurt Hansen, CEO, Tesserent:

Tesserent’s team of 550 cybersecurity practitioners have looked ahead. Based on what they see at the nation’s cybersecurity coalface, these are the most critical trends and predictions for 2024.

We will see a democratisation in access to enterprise grade cybersecurity tools, processes, people and methodologies. Cybersecurity tools that were only affordable and accessible for the big end of town will become more available and affordable for small and medium businesses and start-ups. It will no longer be the case that only organisations with deep pockets can successfully defend their environments. Major vendors are making tools more readily available at a SMB-friendly price point and the Federal Government, through the Australian Cyber Security Centre, is making new tools available that specifically focus on the needs of SMBs.

Cybercriminals will increase use of AI in 2024 to enhance their cyberattacks. AI-powered attacks will create a high speed and high stakes game of cyber whack-a-mole. AI will be used to create highly personalised spear-phishing messages that blend seamlessly with an organisation’s internal communication style. Attackers will also deploy AI to create deepfake voices to impersonate senior executives. These sophisticated attacks may bypass traditional security systems leading to significant disruption. Organisations of all sizes need to be alert.

On the flip side, AI will increasingly be used as a powerful tool for cyberdefence. Cybersecurity professionals will harness advanced algorithms for threat detection in 2024, enabling security teams to respond faster than cyberattackers can move. AI’s ability to adaptively learn and detect novel patterns will help accelerate detection, containment and response. This will ease the burden on security operations centre (SOC) analysts in 2024.

The cybersecurity skills shortage will continue to pose multiple challenges throughout 2024. Demand will continue to increase for skilled cybersecurity professionals and the supply will not keep up. This shortage will create additional cyber risks for organisations and will become a board-level priority in 2024.

Employees must understand their role in helping keep their organisation cyber secure. In 2024, all employees will have a critical role to play in defence. It is no longer just the job of security professionals to secure an organisation. Many employees lack basic knowledge when it comes to cybersecurity awareness. This raises questions around the effectiveness of current security awareness programmes. To address this issue, organisations need to ensure that cybersecurity knowledge and enterprise-wide training focused on security culture is firmly on the agenda in 2024.

Tesserent is addressing this critical area of cybersecurity defence and resilience though its acquisition of ALC Training to form the foundation of Tesserent Academy. Tesserent will educate thousands of entry level practicioners in cyberskills and provide certifications the industry desperately needs.

The cybersecurity challenges for SMBs will continue to rise in 2024. Criminals continually look for new ways to infiltrate systems, steal data and commit fraud. Understanding emerging threats is critical for being ready for tomorrow’s risks and threats.

Browse our latest issue

Intelligent SME.tech

View Magazine Archive