Brian Wrozek, Principal Analyst & Janet Worthington, Senior Analyst

Show Notes:

The era of AI holds an amazing amount of promise — and an amazing amount of risk. Powerful new AI tools give bad actors the capability to create more advanced and realistic threats every day. It’s no wonder the level of burnout in cybersecurity continues to be high.  

What are the top new threats CISOs need to be aware of in 2024, and how can they be countered? In this episode Principal Analyst Brian Wrozek and Senior Analyst Janet Worthington review the top five security threats for 2024 as outlined in a new Forrester report.  

The discussion starts by focusing on the current state of cyber attacks, with Worthington sharing some unsettling statistics. She says Forrester regularly surveys organizations about how many times their organization has been breached in the past 12 months. Two years ago, 63% said they had been breached at least once in the past year. This year, that number rose to 78%. “Even more concerning is the number of organizations that said that they have been breached anywhere from six to 10 times,” she says. “Last year, that number was only 9%. This year, that number has jumped to 22%. So we’re really seeing more organizations are getting breached and more frequently.” 

With that as a backdrop, the conversation turns to the top five security threats. The first threat discussed is narrative attacks. These attacks are a new AI-enabled way of manipulating, discrediting, or distorting stories and take advantage of cultural biases and emotions. The brand damage of these attacks can be devastating, and Wrozek emphasizes that countering narrative attacks requires early warning through threat intelligence. 

The second threat discussed is another AI-enabled threat: deep fakes. Threat actors use AI to create very convincing fake identities that can lead organizations to take damaging actions. In one recent deepfake scam, a finance clerk in Hong Kong was duped into transferring $25 million to fraudsters. The quality of these fakes is improving rapidly, making it difficult to differentiate between real and fake videos or audio. They can be used to amplify narrative attacks as well. The CISO’s role is focused on threat intelligence to avoid these attacks and on incident response capabilities to address deep fakes. 

The third threat discussed is AI responses and the risks of prompt engineering, prompt injection, and sensitive data spillage as deployments of applications underpinned with genAI become more common. The role of AI in security tools is also explored in this section, with Wrozek and Worthington discussing how security teams use genAI for content creation, behavioral prediction, and knowledge articulation. 

From there, the conversation turns to the fourth threat: the AI software supply chain. Worthington walks through a variety of risks, including the use of open-source libraries that allow attackers to inject malicious code into the software supply chain that can get into a vendor’s product and provide unauthorized access to their customers downstream. Worthington says traditional software supply chain practices can help organizations avoid attacks. Also, bills of materials for software or models are more available now to help users understand the various components.  

The episode concludes with a short discussion of the fifth threat: nation state espionage. The discussion focuses on the fact that these attacks do impact enterprises, not just governments, and that most cyber insurance policies won’t cover losses from a nation state attack. Overall, the episode provides practical guidance for security leaders on handling the latest threats to their organizations from a variety of attackers.