
Vice President, Solution Engineers, Asia Pacific & Japan, CyberArk
1) AI & Generative AI Adoption for Cybercrime:
The adoption of AI and generative AI for cybercrime will continue to accelerate. According to the PwC 2024 Global Digital Trust Insights survey, most respondents (52%) indicated that Generative AI will lead to a survey of ‘catastrophic’ cyber attacks within 2024. One key trend for using Generative AI by cyber attacks is the increasing use of real-time deep fake technology to augment social engineering tactics, making it more mainstream in cyberattacks. Attackers are leveraging advanced AI capabilities to create convincing fake identities and manipulate individuals or systems for malicious purposes.
2) Cloud Tier-0 Assets as High-Value Targets:
With more organizations migrating to cloud infrastructure, Tier-0 assets such as Azure Active Directory (AzureAD), AWS Identity and Access Management (IAM), and Identity-as-a-Service (IDaaS) are emerging as the new “keys to the kingdom.” As a result, they are becoming increasingly attractive targets for cyberattacks. We can expect to see a surge in attacks and attempts aimed at compromising these cloud Tier-0 assets. Additionally, attackers may employ cascading supply chain attacks to access these valuable assets.
3) Cascading Supply Chain Attacks:
According to CyberArk 2023 Identity Security Threat Landscape Report, 61% of organisations in APAC indicated that they would not be able to stop -or even detect – an attack stemming. We expect supply chain attacks, particularly cascading supply chain attacks, to increase in 2024. Cascading supply chain attacks are a type of supply chain attack where a hacker gains access to one system and then uses that access to compromise other systems that are connected to it. Such attacks are on the rise due to their effectiveness in circumventing hardened targets. Attackers exploit vulnerabilities in interconnected, trusted, but softer targets to infiltrate more secure systems.
4) Session Hijacking and Cookie Theft:
Session hijacking and cookie theft are becoming more commonplace in cyberattacks. These techniques involve stealing user session information and cookies to gain unauthorized access to web services and accounts. These attacks will likely escalate with the increasing reliance on online services and applications.
5) Secure Browser and Web Isolation:
The increase in the adoption of secure browser and web isolation technologies is driven by the need to mitigate the risks associated with session hijacking, cookie theft, and other web-based threats. Many organisations recognise the growing vulnerability of web browsers and are exploring or implementing technologies that isolate web content to enhance security.
6) Passwordless Authentication with Passkeys:
Passwordless authentication is gaining momentum, especially with major technology companies like Google, Apple, and Microsoft integrating passkey technologies into their systems. Organisations planning or preparing for passwordless projects will likely initiate pilots and projects to adopt this more secure authentication method. Passwordless authentication eliminates the vulnerabilities associated with traditional passwords.
7) Legislative Loosening on SaaS Adoption for Regulated Industries:
Regulated industries, such as Financial Services (FSI) and Critical Information Infrastructure (CII), have historically been hesitant to adopt Software-as-a-Service (SaaS) security offerings due to a lack of legislative endorsement or regulatory ambiguity. However, regulatory agencies in many countries in the region are in the process of amending, loosening, or clarifying guidelines related to SaaS adoption for security solutions. This legislative shift will enable more regulated industries to embrace and deploy cutting-edge security offerings, including those based on AI and Big Data, to enhance their cybersecurity posture.
You may also like
-
Splunk Report: Agentic AI Takes Center Stage in CISOs’ Path to Digital Resilience
-
96% of APAC CIOs report a shift beyond technical responsibilities, as global AI adoption rises by 282%
-
Diligent Survey Finds Nearly Half of Responding Organisations in Asia Will Make AI a Priority by 2026
-
Trend Micro Predicts 2026 as the Year Cybercrime Becomes Fully Industrialised Inbox AI Overview
-
Salesforce Study Finds 91% of Singapore Tech Leaders View Data Overhaul as Key to AI Success
