Replace ChatGPT predictions with key resolutions

It’s that time of year again—time for the annual tradition of cybersecurity predictions. Here at Rapid7, we’ve seen a lot of threats and exploited vulnerabilities in 2023, many in the form of zero days. So it can be a little overwhelming to think about what could be in store for us in the coming year.

We thought we’d start by asking ChatGPT for its predictions.

Unsurprisingly, it gave the answer, “increased emphasis on AI and machine learning”. ChatGPT explained that AI-driven systems can better analyze and detect anomalies, and that we may see even more AI-powered tools for threat detection, response and automation.

Well there you have it folks, ChatGPT TO THE RESCUE!

This “prediction” is pretty obvious, and everyone in the cybersecurity industry knows it. But more importantly, it doesn’t address a huge problem that exists in the cybersecurity industry: We’re all focused on what could be without the underlying mechanisms to deal with what is.

So instead of making 2024 cybersecurity predictions, we suggest you make the following three resolutions and promise to lay the groundwork to make them happen in 2024.

Resolution 1: Just implement MFA already

Every CISO seems to have spent 2023 perfecting AI. Artificial intelligence will certainly play an important role in 2024, both in the opportunities it presents to defenders and the security challenges it brings.

However, from a cybersecurity perspective, it’s still important for your business to focus on the basics, such as properly implemented multi-factor authentication (MFA). This is because in 2024, a business is far more likely to be disrupted due to weak MFA than an advanced AI cyber attack.

Our year 2023 Semi-annual threat report found that 40% of incidents in the first half of the year stemmed from non-existent or poorly enforced MFA. Our message is simple: implement MFA now, especially for VPNs and virtual desktop infrastructure. It is the best and most important achievement you can achieve if you haven’t already.

Solution 2: Learn what file transfer vendors have done right

2023 was undoubtedly the year of file transfer vulnerabilities, p Transfer MOVEit dominating headlines. However, we expect 2024 to be slightly different based on our experience with these vendors’ response processes.

The file transfer software providers that Rapid7 researchers discovered were extremely responsive, patching vulnerabilities in half the time it usually takes, and proactively looking for ways to mature their vulnerability detection programs.

In fact, some of these organizations now have more established patch cycles and vulnerability detection mechanisms (hooray!), as well as security programs implemented where products are reviewed more frequently. These proactive cycles should lead to more mature software development practices in 2024 that strengthen security – at least for these solution providers and those who have learned from them.

Solution 3: Take control of your data

Lots of data does not equal effective security analysis. We all get tired and miss things when we feel overwhelmed and overwhelmed. And the same thing happens to security teams when they get massive amounts of raw data. Context is everything! It is the missing piece of the puzzle to improve the security posture and effectiveness of the solution.

Spending more money or collecting more data won’t improve your cybersecurity posture, but understanding data, and more importantly, what kind of data is needed to make better decisions, will. Less is more is our credo for 2024. For example, take the time to understand what data you’re already collecting from a log perspective. Understand what type of data is in these logs and how this data can indicate a possible attack technique. If you only have the right information partially, what type of data would you need to enrich it to get enough context to make decisions or prioritize events?

Bonus: Take time to decompress

Trust us, we know that decompressing time is easier said than done for defenders, but it’s so important to take care of yourself and avoid burnout. Our advice to you is to put your coverage plan in place, communicate it well, and most importantly, take the time you need. Even Gartner predicted that 25% of cybersecurity leaders will change roles completely by 2025 due to job stress. So make sure you find time to decompress, relax and enjoy life.