PQC, AI & sustainability: five cybersecurity trends for 2024

Issue 8 2023 Editor's Choice

The year 2023 will go down as a transitional year for cybersecurity and information technology in general. Quantum Computing is still in its infancy, and artificial intelligence is still limited to creating (mostly) authentic written and visual content rather than Artificial General Intelligence. Transformative technology is coming soon, but in the meantime, we are still struggling with rising rates of online crime and a shaky economy throughout much of the world.

This year, 2024, may be when we start to see these themes begin to change the world, with their impact felt in cybersecurity and, ultimately, our lives. In this article, we will look at some of the most important developments that our experts see coming in 2024, both in technology and the wider world it intersects with.

Nils Gerhardt.


For home computer users, the ‘Y2K bug’ was essentially a myth, and stories of ‘planes falling out of the sky and nuclear reactors shutting down’ were very much over-egged. Yet, the transition from the 20th to the 21st century did produce problems for several vital legacy systems that needed to be addressed.

We see similarities with post-quantum cryptography (PQC), which will protect all computer systems and communication against quantum computer attacks. Unlike with Y2K, we do not have a set date for when quantum computers will be able to break today’s cryptography. Still, when the day comes that quantum computers are able to break today’s cryptography, it will affect all of society. The impact could be particularly dangerous for large organisations and governments that depend on legacy systems. With IBM announcing a 1000 qubit quantum chip and an error-resistant 133 qubit chip, it is clear that advances are being made.

There has already been a concerted effort to develop quantum-safe cryptography, and it is becoming more widely deployed for commercial use. With Y2K, the industry made a concerted effort to reduce the risk of it causing significant impact. The same efforts should be made to prevent a data apocalypse in the future. It is a long process of adapting to the reality of quantum computing and post-quantum cryptography, but one which has already begun in earnest and will accelerate this year.

Artificial intelligence

The year 2023’s most significant digital story will undoubtedly continue to be a central theme in 2024. Like many new technologies, it will go from a novelty to routine, with regulations in place to keep it safe.

We have already seen cybersecurity agencies from governments around the world come together to work on security principles for AI, emphasising design, development, deployment, operations and maintenance. In fact, an agreement has been reached between the Council Presidency and the European Parliament on proposed harmonised rules for artificial intelligence – the so-called AI Law. These regulations aim to ensure that AI systems placed on the EU market and used in the union, are safe and uphold the values of the EU. Much of what the guidance lays out are the proposed safety mechanisms to control and regulate AI effectively and could apply to other areas of software development, such as supply chain security, threat modelling and even something as mundane as proper documentation.

On the other hand, we have already seen AI used for cybercrime (although it has not tended to be used in major hacks of large institutions yet). As with any new technology, there are those who want to use it for good or bad; AI will also help detect attacks and defend networks/companies. I would argue that as it has the potential to do so much, more efficiently than humans can, including the ability to correlate large datasets, it will become a strong ally to improve cybersecurity.

Cybersecurity and sustainability

On the surface, there seems to be little that unites the practices of ensuring that digital systems are secure and that companies and institutions are sustainable. However, there is an increasing consensus that the two are more connected than might be apparent initially.

Firstly, cyberattacks create waste. Time, money, electricity, and countless other resources must be expended to undo the damage of successful attacks. We have also seen attacks directly damaging the environment, such as water treatment facilities being remotely taken offline.

Secondly, achieving sustainability goals, whether in the ESG framework or not, requires deploying and monitoring new technology. These are largely Internet of Things devices – networks of CO2 sensors, micro-solar grids, etc. We have noted that since they involve hundreds or thousands of individual data connections, IoT projects have a vastly increased attack surface compared to traditional deployments. Hence, the same applies to sustainable projects.

Skills gap

A significant gap between the number and training of cybersecurity professionals that we need and the number we have has been an ongoing problem, but we predict that in 2024, progress will finally start being made.

Why? Because a situation in which a cybersecurity skills gap impacts 71% of organisations is not sustainable. It is simply the case that the problem has reached a point where it can no longer be ignored, and enough noise is being made that something will be done.

What will this be? Continually updated university-level training for cybersecurity professionals would be useful, but it would take several years for the next generation of professionals to make it through their training and into the workforce. Cloud-based third-party security solutions can also lower risk, but another potential answer is to cross-train and upskill within companies. For example, Utimaco is invested in the International School of IT Security AG, which offers a Master's in Applied IT Security and onsite and digital in-house training.

Infrastructure resilience

The fragility of our current ecosystem is underscored by the susceptibility of infrastructures to attacks, with the potential to disrupt entire systems. A scenario as simple as severing critical cables could regress us to a technological stone age, highlighting the urgent need for robust defences.

To address this vulnerability, numerous initiatives are underway to augment traditional terrestrial infrastructures with satellite-based solutions for communication and infrastructure. This introduces a new challenge; ensuring these space-based technologies are secure. Layering multiple security measures – such as encryption between satellites – on top of the infrastructure and its fundamental security will provide the high level of security required for critical data.

The future demands technological innovation and a foundation of trust and security to fortify our interconnected world.

As we can see, 2024 will be the year when many of the major themes that have been mounting up for years now will come to a head. It will be an interesting time for many industries. Still, cybersecurity, perhaps most of all, will be at the forefront of many of the major changes happening over the next year and for many more to come.

For more information go to: https://utimaco.com/

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

AI-enabled tools reducing time to value and enhancing application security
Editor's Choice
Next-generation AI tools are adding new layers of intelligent testing, audit, security, and assurance to the application development lifecycle, reducing risk, and improving time to value while augmenting the overall security posture.

2024 State of Security Report
Editor's Choice
Mobile IDs, MFA and sustainability emerge as top trends in HID Global’s 2024 State of Security Report, with artificial intelligence appearing in the conversation for the first time.

Cyberthreats facing SMBs
Editor's Choice
Data and credential theft malware were the top two threats against SMBs in 2023, accounting for nearly 50% of all malware targeting this market segment. Ransomware is still the biggest threat.

Are we our own worst enemy?
Editor's Choice
Sonja de Klerk believes the day-to-day issues we face can serve as opportunities for personal growth and empowerment, enabling us to contribute to creating a better and safer environment for ourselves and South Africa.

How to spot a cyberattack if you are not a security pro
Editor's Choice
Cybersecurity awareness is straightforward if you know what to look for; vigilance and knowledge are our most potent weapons and the good news is that anyone can grasp the basics and spot suspicious activities.

Protecting IP and secret data in the age of AI
Editor's Choice
The promise of artificial intelligence (AI) is a source of near-continuous hype for South Africans. However, for enterprises implementing AI solutions, there are some important considerations regarding their intellectual property (IP) and secret data.

Super election year increases risks of political violence
Editor's Choice
Widening polarisation is expected in many elections, with terrorism, civil unrest, and environmental activism risks intensifying in a volatile geopolitical environment. Multinational businesses show an increasing interest in political violence insurance coverage in mitigation.

Enhance control rooms with surveillance and intelligence
Leaderware Editor's Choice Surveillance Mining (Industry)
Dr Craig Donald advocates the use of intelligence and smart surveillance to assist control rooms in dealing with the challenges of the size and dispersed nature common in all mining environments.

A long career in mining security
Technews Publishing Editor's Choice Security Services & Risk Management Mining (Industry)
Nash Lutchman recently retired from a security and law enforcement career, initially as a police officer, and for the past 16 years as a leader of risk and security operations in the mining industry.

A constant armed struggle
Technews Publishing XtraVision Editor's Choice Integrated Solutions Mining (Industry) IoT & Automation
SMART Security Solutions asked a few people involved in servicing mines to join us for a virtual round table and give us their insights into mine security today. A podcast of the discussion will be released shortly-stay tuned.