As we launch 2024, we, once again, recognize the escalating significance and pressing demand for treating cybersecurity as a priority, for organizations, individuals, and governments alike. Cyber insurance underwriters continue to look for their insureds (or prospective insureds) to have a myriad of IT security controls in place to mitigate various cyber exposures. One particular emerging technology that is giving the risk management and insurance industry reason for concern is Artificial Intelligence (AI).
As Artificial Intelligence gains popularity, many industries are adopting this new technology, as it will, without a doubt, have significant impact as an increasing risk. In fact, there is a scarcity of professionals possessing the skills needed to protect organizations from AI related cyber-attacks.
Many of us have realized that AI is not only gaining traction, but also sophistication, and that means ‘smarter’ AI-powered attacks. This can range from automated malware that, intelligently, adapts in order to evade detection, to fake social engineering attempts. Generative AI tools, like ChatGPT, allow more attackers to take smarter, more personalized approaches as well. I saw a quote in the Forbes article, The 10 Biggest Cyber Security Trends in 2024 Everyone Must Be Ready for Now, and thought it was very fitting. It stated, “If cyber-attack and defense in 2024 is a game of chess, then AI is the queen- with the ability to create powerful strategic advantages for whoever plays it best.”
In addition to AI, there are other risks to be aware of, like Internet of Things (IoT) Cyber Attacks. This means, the more devices there are that are ‘talking to each other’ the more opportunity there is for cyber attackers to access the internet and take advantage of individuals and businesses. With people continuing to work from home, there is an increase in risks presented by workers when connecting or sharing data over improperly secured devices. Home consumer IoT devices could also be at risk because of inadequate security protocols and passwords. That is why we are finding it more important, especially in this coming year, to effectively, measure your cyber resilience. Resilience measures are intended to guarantee continuity of operations even in case of a successful data breach.
Finally, in light of 2024 being an election year, there is a growing awareness among governments and organizations regarding the potential risks posed by cyber threats to both national security and economic growth. The potential societal and political consequences of extensive data breaches are also significant on a global scale. This has led to the creation of new regulations addressing cybersecurity issues internationally. Businesses in the UK, for example, have until April 2024 to ensure they are compliant with the Product Security and Telecommunications Act, which sets out minimum-security requirements to which networked products must adhere.
While there is a bevy of minimum-security standards that Cyber underwriters focus on, a certain few will greatly enhance your Cyber security standing:
- Multifactor Authentication
- Endpoint Detection and Response (EDR)
- VPN for remote connections
- Complex Passwords
- Backups (onsite and offsite)
As we move further into 2024, it is becoming clearer that cybersecurity is rapidly evolving. Individuals, businesses and even government agencies are seeing a heightened focus on the necessity of prioritizing security measures across all sectors. We must not only adapt to these emerging technologies, but also secure our cyber strategies in the face of this ever-evolving digital world.
At The ALS Group we believe that you can’t be too careful when it comes to your data. We work with clients to get the right coverage for the data exposures that are specific to their respective industries.
If you need more information on any of the topics covered in this blog, or need help with any risk related issues, please contact Jon Edwards, Managing Director, at 732.395.4281 or jedwards@thealsgroup.com.