Ask the Expert: Lightwire Solutions Provides Cybersecurity Predictions for 2024
Multifactor Authentication Shifts Towards Authenticator Applications: As SMS (text message) usage is gradually phased out, the transition to authentication applications on mobile devices will be needed. Employers will need to educate their employees on how to handle personal cell phones for this purpose.
Email Security Records Must be Set: Any email being sent from your domain will need to make sure that the correct DMARC and DKIM records are set. This includes third-party apps like Constant Contact, Mailchimp and any software that sends email on your behalf. All major email providers are now automatically rejecting emails that do not have those records set correctly.
Transitioning Away from Outdated Operating Systems: With Windows 10 reaching its end of life in 2025, transitioning all devices to Windows 11, or a new supported OS will be required. Making sure that all devices connected to the internet have the most up to date security patches is a must. Having proof that patches are done monthly from either your Managed Service Providers (MSP) or third-party security vendor is recommended.
Heightened Emphasis on Vendor Management: Vendor management is often overlooked in cybersecurity. Companies need to maintain a list of all vendors they use, monitor their access to network resources and assess the risk associated with each vendor. If using a cloud solution from a vendor, implementing risk assessments and communication protocols are essential to mitigate potential security risks.
Having a Zero Trust Solution Will Become Mandatory for Compliance and Cyber Liability Insurance: Zero trust software prevents unauthorized applications from running on a computer. This means that even with administrator privileges, you cannot run an application or process that has not been approved.
Security Concerns Around AI Will be Validated: Phishing emails have already increased by 464% from 2022 to 2023 due to AI being used to send the emails. AI is already being used to spoof phones calls, voices and video to steal sensitive information.
Cybercrime Costs Will Increase: Current predictions for the cost of cybercrime in 2024 is $9.5 trillion. With the rising costs, requirements for cyber insurance will increase.
Mandatory User Cybersecurity Training and Testing: Training users on how to spot phishing emails and testing their awareness is already required for most cyber liability insurance policies.