European 2024 Crowdstrike Trends & Predictions

European 2024 Crowdstrike trends & predictions

By Zeki Turedi, CTO Europe at CrowdStrike

Cybersecurity is once again at a pivotal juncture ahead of 2024, marked by a rapidly evolving threat landscape that continues to be driven by a year of technological advancement. The digital world continues to expand its horizons, stretching from the Internet of Things to artificial intelligence (AI), making cybersecurity more crucial and complex. And, just as we come to terms with the developments of the previous year, 2024 promises new trends and patterns in cyber threats that will take the industry in new directions.

NIS2 Directive

A key change to the European cybersecurity landscape in 2024 will be the impact of the NIS2 Directive on businesses operating in EU member states. While a positive step, the legislation will lead to 12 months of confusion as impacted businesses (those classed as core critical infrastructure) discover how to comply with the new regulations. The objective of this new European Union directive is to establish a higher level of cybersecurity and resilience within organisations of the EU. Since member states will have until October 17th, 2024, to transpose NIS2 into their national legislation, we can expect lots of confusion in 2024 as different countries implement and react to the legislation differently.

For individual companies, many will hope for a “magic on switch” to make them compliant – but the idea of the NIS2 objective is not just technology, it is also about practices and the operation. The impact of this will correlate to where the company is in their security maturity journey. The implementation of this directive may require a lot of effort for many companies if it is a brand new way of thinking about security. On the other hand, for others who have prioritised modern security practices, the impact of this legislation could be negligible. In any case, 2024 will be a period of adaptation within EU businesses’ cybersecurity practices.

For businesses in the UK, the NIS2 is one to bear in mind. While it will only really matter to those who are still classed as the core critical infrastructure to the European Union, it is a good learning opportunity on a wider scale about what good cybersecurity compliance looks like and which benchmarks to focus on.

Intelligence Sharing / Victim Notification:

The cultural shift towards more open and collaborative intelligence sharing is set to become a cornerstone of cybersecurity practices in 2024. Currently, there exists a noticeable gap in the extent and effectiveness of intelligence sharing post-cyber incidents. This gap is partly due to victims’ reluctance to share information, often fuelled by a fear of victim blaming and the stigmatisation that can follow cyber incidents. Such hesitancy not only hinders the collective understanding of new threats but also impedes the development of robust defence mechanisms.

Recognizing this issue, local governments and regulatory bodies are expected to play a pivotal role in reshaping the landscape of intelligence sharing in 2024. By enforcing policies that encourage or mandate the sharing of cybersecurity incidents and threat intelligence, they aim to foster a more collaborative and less victim-blaming environment. This shift is not just about compliance; it’s about cultivating a mindset where organisations view intelligence sharing as a communal responsibility, vital for collective cyber resilience. As we move towards a culture that prioritises protection, education, and prevention over penalization, we can expect a more unified front against cyber threats, benefiting organisations and individuals alike. The emphasis will be on learning from incidents, spreading awareness of emerging threats, and collectively devising strategies to prevent similar attacks, thereby creating a more secure and informed digital ecosystem.

Continued Rise of Social Engineering Attacks

Identity based attacks will continue to be the main weapon for threat actors in 2024, for the simple reason that it continues to be a very fruitful method. As revealed in CrowdStrike’s latest Threat Hunting Report, 80% of breaches occur through compromised identities. Adversaries are not relying solely on compromised valid credentials, either — rather, they abused all forms of identification and authorization, including weak credentials purchases from the underground, and they elevated their phishing and social engineering tradecraft.

Social engineering is the highlight here, as businesses strive to educate their employees about the common ways to recognise they are being deceived. This makes identity protection the most critical protection that companies should look to strengthen in 2024. Otherwise, adversaries will continually target this weak spot – and they will be successful more often than not.

Convergence of IT and Security Teams

As new threats emerge in 2024, blurring the lines between IT and security responsibilities, there is an opportunity to enhance organisational resilience by converging IT and security teams within enterprises. Traditionally operating in separate silos, these teams are finding their objectives and daily operations increasingly intertwined. This shift is driven not only by the rapid advancement of technology but also by the evolving landscape of security risks that directly impact IT infrastructure.

This convergence is particularly timely and necessary as singular threats now simultaneously target both infrastructure and security, demanding a unified response. By fostering closer collaboration, sharing technologies and platforms, these once-disparate teams can combine their expertise to bolster defences against sophisticated cyber threats. The advent of new cybersecurity platforms, tailored specifically for IT teams, is a testament to this trend. These platforms are designed to seamlessly integrate with IT operations, providing real-time insights and automated responses to security incidents, thereby reducing the response time and enhancing overall security posture.

Organisations that take security seriously are more likely to survive security threats

This won’t come as a surprise, but it’s worth saying – organisations that prioritise cybersecurity are significantly better positioned against emerging threats than organisations that do not. Forward-thinking teams are not only investing in advanced security infrastructure but are also fostering a culture of cyber awareness among their employees. By integrating robust cybersecurity measures, including state-of-the-art encryption, multi-factor authentication, and real-time threat monitoring systems, they create a formidable defence against even the most sophisticated attacks. A proactive approach to cybersecurity will remain a critical factor to mitigating risks, safeguarding digital assets, and maintaining trust in 2024.

Lack of security budget could endanger UK businesses

There is an apprehension of the impact of reduced budgets, particularly in the UK IT sector, which could lead to a corresponding decrease in funds allocated for cybersecurity. Such financial constraints could leave the UK’s digital defences weakened, as organisations struggle to keep pace with the necessary investments in cybersecurity infrastructure and training.

The concern is not just about current vulnerabilities but also about the potential for businesses to lose focus on cybersecurity due to other pressing priorities. Many companies are heavily invested in digital transformation and the adoption of new technologies, yet there’s a risk that they may perceive security as a conquered challenge rather than an ongoing, integral part of these initiatives. As businesses grow and evolve, the need to continuously invest in and adapt cybersecurity strategies is critical. However, if overlooked, this can lead to gaps in their defence mechanisms.

This situation is not universal across all UK businesses, but it highlights the need for a more proactive, continuous approach to cybersecurity especially at a time of budget challenges. It’s essential for UK enterprises to recognise that cybersecurity is not a static achievement but a dynamic, integral component of all business operations, requiring ongoing attention and investment to ensure robust defence against the sophisticated cyber threats of 2024 and beyond.