Close up shot of hands typing on a keyboard with floating icons overtop.

Risk Trends in 2024 and Beyond: Cyber Security

Risk Trends in 2024 and Beyond: Cyber Security

Synopsis
4 Minute Read

Shifts towards remote and hybrid work policies, cloud-based technologies, and digital transformations have amplified cyber risk and made organizations more vulnerable to cyberattacks.

Hackers are increasingly targeting cloud service providers and colluding with insiders to facilitate cyberattacks. More sensitive information is ending up on the dark web, and the widespread adoption of ChatGPT and other generative AI tools is poised to increase the risk of data leaks even further.

Organizations need to be vigilant about these ever-evolving risks and may even consider utilizing a service that can scan the dark web to beat the hackers at their own game.

This insight is one of 15 risks in our 2024 Risk Trends Report. Navigate back to the main page for the full list of risk trends that you should be monitoring for in the year ahead.

The dark web advantage: Can you beat the hackers at their own game?

In keeping with the risk outlook over at least the past 10 years, it’s almost certain that cyberattacks will grow even more aggressive and brazen in 2024. The pandemic continues to be one of the driving forces behind this uptick, as more organizations than ever before now have remote or hybrid work policies in place and operate on cloud-based technologies.

Cloud service providers are a lucrative target for hackers as the entire business model of these providers is predicated on operational servers. Even if they’re unwilling to pay a ransom, such a hack could also reveal a back door to thousands of other clients who may be more inclined to do so.

Remote work also provides a unique opportunity for insiders to initiate or collude with hackers to facilitate a cyberattack on their employers. These attacks have become more common since 2020, and organizations should expect them to increase in frequency as threat actors innovate new ways to recruit and train insiders via financial or punitive (e.g., extortion) incentives.

Other transformation initiatives also have the potential to increase cyber risk. Many organizations have rapidly adopted digital platforms and tools without performing the necessary risk assessments and/or updating policies and procedures to reflect these changes. Any new hardware or software implementation could be a source of risk. One area of particular concern in the year ahead will be the ungoverned use of ChatGPT and other generative AI tools, which have a high potential for misuse and could lead to leaks of sensitive and proprietary data.

The 2022 invasion of Ukraine has also increased tensions between Russia and many developed nations and raised questions about China’s intentions with Taiwan. At the very least, this should lead organizations to be more mindful of state-sponsored hacking in the coming years, as Russia and China may seek to improve their posture and establish cyber superiority. Organizations that should be especially vigilant include the public sector, major infrastructure (energy and utilities, oil and gas, etc.), those that have an outsized impact on national GDP, and those that collect and store large volumes of personal and proprietary data.

Finally, organizations should consider the possibility that they may be the target of an ongoing attack or were the victim of a past attack that hasn’t yet been detected. The incident need not have resulted in a disruption to normal operations for hackers to steal sensitive data — including login credentials and employees’/customers’ personal information — and sell it on the dark web. It is now possible to beat the hackers at their own game by utilizing a service that can scan the dark web and determine what might be the hacker's next move.

Related risks

  • Insider threat causing cyber risk or data exfiltration
  • Ransomware attack
  • Deepfake social engineering
  • Weak operations technology governance
  • The Internet of Things creating cyber exposure
  • Critical infrastructure at risk
  • Controls weakened by the shift to a hybrid workforce
  • Data privacy breach
  • Supply chain risk
  • Non-compliance

""Key questions to ask

  • What actions have you taken to verify that cloud service providers have the appropriate practices and controls in place to anticipate, respond to, and mitigate cyber risks?
  • Is the frequency and intensity of cyberattacks against your organization increasing over time, and/or what is the (changing) nature and vectors of these attacks? What measures has your organization taken to mitigate the likelihood and/or impact of the attacks?
  • Do you complete background checks on all new employees who have access to confidential or private data?
  • Do you have software to identify and escalate inappropriate access to data / attempts to transfer confidential or private data outside your organization?
  • Do you know how often confidential or private data is emailed outside your organization to private email addresses?
  • Have you found ransomware on an internal server or drive? If yes, was a root cause analysis completed to determine who saved it there and when?
  • Have you ever utilized a Dark Web scan to determine what the hackers are saying about your organization?
  • Do you have sufficient training and tabletop exercises with leadership to discuss how to respond to and manage a ransomware attack?

""Red Flags

  • Employees do not receive any training on cybersecurity risks
  • Internal phishing programs continue to see multiple employees clicking on links that could be genuine phishing attempts
  • Your IT security function has not taken steps to obtain assurance over the security measures implemented by your cloud service provider
  • The Internal Audit function has not conducted cyber security audits in an extended period
  • The Dark Web identifies that hackers are discussing your organization or trading in your stolen data

Internal Audit Project Opportunities

Information Security Policy and Procedure Audit
This audit reviews the organization's information security policies and procedures to ensure they are comprehensive, up-to-date, and aligned with industry best practices.
Access Controls Audit
This audit assesses the effectiveness of access controls in place to protect sensitive information and systems from unauthorized access.
Network Security Audit
This audit examines the organization's network infrastructure to identify potential security weaknesses and ensure the implementation of appropriate security measures.
Vulnerability Assessment and Penetration Testing Audit
This audit reviews the results of vulnerability assessments and penetration tests conducted on the organization's systems and applications to identify and remediate potential vulnerabilities.
Security Patch Management Audit
This audit assesses the organization's processes for identifying, testing, and applying security patches to address known vulnerabilities.
Data Protection and Encryption Audit
This audit evaluates the organization's data protection measures, including data encryption, to ensure that sensitive information is adequately safeguarded.
Incident Response Preparedness Audit
This audit assesses the organization's readiness to handle cybersecurity incidents effectively, including the existence of incident response plans and the training of staff to respond to incidents.
Security Awareness Training Audit
This audit examines the effectiveness of cybersecurity awareness training provided to employees to reduce the risk of human-related security incidents.
Physical Security Audit
This audit reviews the physical security measures in place to protect critical infrastructure, data centers, and other sensitive areas.
Endpoint Security Audit
This audit evaluates the security controls implemented on endpoints (e.g., laptops, desktops, mobile devices) to protect against malware and unauthorized access.
Data Backup and Disaster Recovery Audit
This audit ensures that data is regularly backed up, data restoration has been tested, and disaster recovery plans are in place to restore critical systems and data in case of a cybersecurity incident or natural disaster.
Identity and Access Management (IAM) Audit
This audit examines the organization's IAM processes and technologies to ensure that user access is appropriately managed and monitored.
Third-Party Vendor Security Audit
This audit assesses the security practices of third-party vendors and service providers with access to the organization's systems or data.
Regulatory Compliance Audit
This audit reviews the organization's compliance with relevant cybersecurity laws, regulations, and industry standards.
Cybersecurity Governance Audit
This audit evaluates the effectiveness of the organization's cybersecurity governance structure and oversight processes.

Risk Trends in 2024 and Beyond

View all the risk areas featured in this year’s report. 

Insights

  • Agility

    November 05, 2024

    Agronomy 101: Navigating the trends shaping crop farming

    As crop farming evolves, so do the challenges — from soil health to chemical-resistant weeds. That’s where agronomy comes in.

  • Progress

    November 05, 2024

    Outsourced HR: Your partner in support

    Feeling overwhelmed as the only HR professional in your company? You’re not alone.

  • Confidence

    October 31, 2024

    How can the mortgage industry comply with FINTRAC’s anti-money laundering obligations?

    FINTRAC expanded its regulatory scope to include the mortgage industry starting on October 11, 2024. How can your business comply with the new AML requirements?