Experts at identity access management firm, Ping Identity share their 2024 cybersecurity predictions.

The themes of the predictions include:

• Welcome to the year of verify more, trust less
• Completely eliminating the risks associated with passwords
• CIOs will become AI leaders
• Challenging our normal level of trust with deepfake awareness
• Government action in decentralising identities

Welcome to the year of verify more, trust less – Andre Durand, Co-Founder and CEO, Ping Identity

“Identity has always been a gatekeeper of authenticity and security, but over the past few years, it’s become even more central and more critical to securing everything and everyone in an increasingly distributed world.

“As identity has assumed the mantle of ‘the new perimeter’, and as companies have sought to centralise its management, fraud has shifted its focus to penetrating our identity systems and controls at every step in the identity lifecycle, from new account registration to authentication.

“2024 is a year when companies need to get very serious about protecting their identity infrastructure, and AI will fuel this imperative. Welcome to the year of verify more, trust less, when ‘authenticated’ becomes the new ‘authentic.’ Moving forward, all unauthenticated channels will become untrustworthy by default as organizations bolster security on the identity infrastructure.”

Completely eliminating the risks associated with passwords – Peter Barker, Chief Product Officer

“Traditional passwords leave organisations susceptible to data breaches, while leaving users – both employees and consumers – craving more simple, secure digital experiences, especially given the proliferation of AI. In fact, a recent study found that a staggering one-third of consumers say they must replace their passwords every 6 months (31%) due to user errors such as misplacement or forgetting their password, and 34% of consumers globally are open to using a passwordless login option if it were as or more secure than using a password. 

“As cybercriminals continue targeting antiquated login options to gain unauthorised access into systems, IT departments must take measures to bolster protection – with 2024 being the year when the risks associated with passwords are completely eliminated across the enterprise. Next year, enterprise leaders will make the leap towards increased adoption of passwordless authentication, to not only safeguard business, but meet users’ heightened demands related to digital experience and security.”

CIOs will become AI leaders – John Cannava, Chief Information Officer

“Artificial intelligence has infiltrated the workforce at an unprecedented rate, adding greater IT complexity to today’s hybrid work model. To date, CIOs have played an important role in implementing the emerging technology within organisations in a secure, effective and efficient manner. But in 2024, CIOs will become AI leaders, collaborating closely with the CISO, CHRO and Legal to ensure continued secure and ethical use of AI in internal processes and external innovations. 

“We’ll also see the emergence of new C-suite roles, like Chief AI Officer, who will partner with CIOs to ensure AI adoption continues to grow and emerging regulations are adhered to across the enterprise.”

Challenging our normal level of trust with deepfake awareness – Alex Laurie, SVP

“In 2024 our trust will be challenged in ways we haven’t faced before as the names, faces and voices of those people closest to us are used against us. We have seen the proliferation of artificial intelligence this past year, which has brought with it a rise in deepfake scams and an increase in fraudulent activity.

“Deepfake technology that impersonates a person’s likeness both through audio and visual means is only going to become more authentic, and therefore harder to detect by the average consumer. This is especially true for the digitally vulnerable people within the population, such as the elderly who may not have as much experience dealing with sophisticated scams, as well as those in lower-income households who may turn to discounted items to make an essential purchase, but in their haste they may make the wrong decision as in-fact a link is malicious in nature pointing to a fake website or service.

“We must remain vigilant to these advanced scams, which we can do by challenging our normal level of trust. Always double-check what you’re taking action on is real by contacting the verified organisation or known person that it came from, and help raise awareness of these scams by calling them out publicly to increase public education.”

Government action in decentralising identities – Alex Ryals, SVP Channel

“As more companies and organisations shift away from conventional – and antiquated – authentication methods, we will see decentralised identity become more prevalent. This transition will be spurred by local and national government agencies as they grapple with the increased volume of credential and identity-based attacks. 

“China’s successful breach of government systems this year was likely a turning point in governments taking stronger actions to prevent future threats. I expect to see both federal agencies and eventually state and local organisations adopt decentralised identity to better allow users to manage their own credentials and entitlements to various required services.”

More UK Security News