Ransomware attacks on infrastructure and mid-market businesses are tipped to rise, while the use of AI cyber tools will grow as IT customers seek more signal and less noise from vendors.
The year 2023 was a big year for cyber security professionals in Australia.
While IT teams continued to deal with the fallout of some big Australian data breaches, the new 2023-2030 Australian Cyber Security Strategy was released to boost defences against future threats.
Experts from Rapid7 have argued that Australia can expect both advantages and risks from AI cyber tools in 2024.
Rapid7 VP of Global Government Affairs and Public Policy Sabeen Malik said Australia's cyber strategy showed the realisation many would be affected.
More organisations urged to plan approach to ransomware threats.
Organisations should be stepping back now and asking what their policy and program is for ransomware, Malik said.
The use of AI and automation will accelerate in cyber security in 2024.
Rapid7's Malik said this will help with the cyber security skills shortage because some of the functions usually done by analysts can now be automated using advanced technology.
Enterprises using AI to enhance security have also been warned to proceed with caution.
With problems including hallucinations and variables such as whether a model uses open source or in-house data, Rapid7 recommends looking at each cyber security tool that uses AI on its own merits to assess the benefits and risks of using it for the organisation.
Disruptive ransomware attacks on critical infrastructure are likely to increase, in addition to attacks seeking to exploit personally identifiable information.
SEE: Australia's cyber shields strategy aims to protect critical infrastructure.
A lack of in-house cyber security resources and competencies will combine to make them softer targets than some of Australia's larger, better-protected organisations and sectors, said Dooley.
The Federal Government is focusing on smaller businesses as part of its cyber strategy.
This includes a AUD $7.2 million voluntary cyber health check program and AUD $11 million for one-on-one assistance for businesses during cyber challenges, including attack recovery.
Dooley said the mid-market is where businesses could extend a security operations centre methodology; organisations with small cyber teams could team up with a global partner with access to the tech, people and skill set to run a security program around the clock.
Enterprises will seek to further consolidate the number of security vendors they use.
Consolidation of security vendors has been a global trend.
In 2022, Gartner found that 75% of organisations wanted to decrease the number of vendors they use to reduce complexity, leverage commonalities, reduce admin overhead and provide more effective security.
This Cyber News was published on www.techrepublic.com. Publication date: Wed, 20 Dec 2023 20:13:15 +0000