Industry executives and experts share their predictions for 2024.  Read them in this 16th annual VMblog.com series exclusive.

Surging AI Investments Will Reshape the Cybersecurity Landscape

By JP Perez-Etchegoyen, Chief Technology Officer, Onapsis

The Cloud's Evolution and Lessons for AI

When the cloud first emerged, people were hesitant to adopt this new technology. Questions about data security, privacy, and reliability loomed large. Fast forward to today, and the cloud is an integral part of the digital infrastructure. Gartner predicts public cloud services are forecasted to grow 20.4% to a total of $678.8 billion in 2024. Trusting this new technology, yet unknown to many, was cultivated through shared knowledge and responsibility, establishing boundaries, and implementing robust regulations. This framework ensured that while the cloud handled vast amounts of data, security remained paramount.

From Hesitance to Integration  

AI is experiencing a similar trajectory. Its advent brings forth exciting opportunities intertwined with cybersecurity concerns. Just as the cloud once did, AI is met with hesitance. However, it is poised to become an indispensable part of the technology landscape. With appropriate controls and a shared responsibility approach, the risks associated with AI can be mitigated. The key lies in establishing a comprehensive regulatory framework that spans across industries and involves governmental oversight-something already in motion, as evidenced by President Biden's recent Executive Order on AI. This directive underscores the ongoing efforts to craft regulations aimed at mitigating risks associated with AI while fostering its responsible development and deployment. Organizations, particularly governments, are pivotal in this endeavor, aligning with the administration's commitment to ensuring the safe and trustworthy advancement of AI technology. Like the cloud's journey, this regulatory landscape will shape how AI operates, ensuring data protection, ethical use, and security.

Much like the cloud's integration into our daily lives, embracing AI while maintaining robust security measures is essential for its widespread adoption. As society adapts to this new technological paradigm, establishing a secure foundation for AI is not just feasible but imperative. 

The Global Landscape of AI Security  

In 2024, the surge in AI investment drives a pivotal shift in AI security. AI models, especially large language models and generative AI, permeate every facet of the software chain across industries. The demand for safeguarding these technologies against evolving threats like prompt injection and other malicious attacks will reach unprecedented levels. Furthermore, one of the most critical issues with these novel models is the training phase, where organizations need to put special attention into curating, anonymizing and restricting the usage of certain types of data (depending on its classification or compliance obligations) during the training phase of these models, to ensure that after training, no data comes out of those models that has not been properly processed and approved.

Despite the relative novelty of these advancements, the imperative for stringent security measures will gain traction, marking a watershed moment in the journey of AI technology. While innovation continues to thrive evidenced by the thousands of AI startups created and funded during 2023, there will be a parallel emphasis on embedding heightened security within AI models. As big tech companies compete to leverage their data for competitive advantage, a remarkable level of innovation will be observed, intertwined with an increasing focus on integrating security measures into AI technology. This underscores a concerted effort to fortify boundaries and ensure the responsible growth of this transformative technology.

This surge in AI, however, parallels a growing customer demand for heightened security measures and assurance across diverse sectors. Next year, there will be a growing demand for enhanced security measures and assurance from customers across various sectors. With a growing emphasis on safeguarding against a wide array of threats, the year ahead will witness an uptick in supply chain attacks, driven by geopolitical tensions and evolving attack vectors. This increase in the threat landscape will have global ramifications, manifesting in a surge of ransomware incidents, email compromises, and the exploitation of zero-day vulnerabilities across various sectors. Therefore, organizations must prepare for a heightened cybersecurity challenge to protect their digital assets and customer trust. This also comes in tandem with increased scrutiny for budgets all over the board, including on security, so organizations will have to prioritize what matters most when deciding the priorities for security spending.

##

ABOUT THE AUTHOR

JP Perez-Etchegoyen, Chief Technology Officer, Onapsis

Juan Pablo Perez-Etchegoyen is the Chief Technology Officer at Onapsis. JP leads the innovation team that keeps the company on the forefront of the Business-Critical Application Security market, addressing some of the most complex problems organizations face while managing and securing their ERP landscapes. JP helps manage the development of new products as well as support the ERP cybersecurity research efforts that have garnered critical acclaim for the Onapsis Research Labs.