A Vision for a New Era of Cybersecurity: 5 Lessons Learned from Vision 2024

Two weeks into the new year, and we’ve already learned so much! If you attended Vision 2024 last week, you know what I mean—it was full of engaging presentations, great advice from security leaders, and best practices that you can start implementing for your organization today.

And if you missed it, never fear! The on-demand version is now available so you can discover what you missed. Prefer to read about it instead? Here are five of my favorite lessons from the conference.

“We are looking at a growing list of malicious generative AI models and large language AI models that are being utilized by bad guys. Just a very short and not extensive list includes Dark Bard, Dark GPT-3, WormGPT, ThreatGPT, WolfGPT, FraudGPT, and SpyEye, among others.”
—Keren Elazari, Ethical Hacker and Cybersecurity Analyst

Every single session of Vision 2024 spoke about the threat of AI to some extent, but none more so than our closing keynote from ethical hacker Keren Elazari. During the presentation, she gave her insights into how AI has changed the threat landscape already, with predictions for how attackers will continue to evolve in the coming year. WormGPT alone can write business email compromise attacks with incredible accuracy—making them indistinguishable from real human communications.

This was also discussed by Evan Reiser, CEO of Abnormal Security, who predicts that AI will enable cybercriminals to send up to 10 times the number of attacks within the next three to four years. The sheer volume of these attacks (to say nothing about the increased sophistication) will result in a world where we simply do not have enough security analysts to keep up with the demand.

In fact, many of our speakers predicted that AI will change the entire cybersecurity landscape within the next few years—and Domino’s CISO Andy Albrecht stated that behavioral analysis will be the only way to prevent these threats.

“It's like the early days of the internet except you can't ignore it because your competitor's not ignoring it.”
—Kevin O’Leary, Investor and Shark

Speaking of AI and behavioral analysis, our opening keynote focused on investing in the right solutions to prevent these coming threats, with advice from Mr. Wonderful himself. Known as one of the most ruthless investors on Shark Tank, Kevin O’Leary shared how he sees AI changing well, pretty much everything, and how he’s thinking about the future of AI for his own businesses. In doing so, he expects there to be a massive transformation similar to what we saw with the Internet two decades ago and reminds the audience that those who stay put will quickly fall behind.

Building on this, our panel of CISOs from the NFL, Choice Hotels, and Domino’s lamented how AI will drastically change the way humans interact with content, starting with the emails they receive and the business communications they read. As criminals begin to rely on AI, organizations must do so too—starting with the tools they implement to protect themselves.

Jason Stead from Choice Hotels showcased how proper AI-native tools can truly make a difference not only in stopping more attacks but also in freeing up the team to focus on larger priorities, stating that Abnormal has “dramatically reduced the volume of unusual or malicious or suspect things that get through to the end user. That's just really allowed us to take those resources elsewhere and stop spending time doing the investigation.”

“From the US Secret Service perspective, we run a Business Email Compromise Mission Desk where we run a rapid response and incident response team, and I can't tell you how much work we did this year compared to prior years.”
—Stephen Dougherty, Financial Fraud Investigator, Secret Service

We continued the conference with insights from the federal government and a session in which Stephen Dougherty from the Secret Service spoke about cybercrime predictions for 2024. Looking back at the 2022 FBI Internet Crime Report, the trends seem to be mostly on investment fraud and business email compromise, with the latter continuing to grow dramatically year after year. Focused on how AI will change the threat landscape, Dougherty expects the report for this coming year to swing back in the other direction with BEC once again coming out on top. Of course, it’s not only BEC that we have to worry about, as phishing and malware remain favorites for email-focused attacks.

As our afternoon panel of CISOs from United Airlines, United Talent Agency, and Haleon reminded us, maintaining a proactive security posture is key to protecting your organization from costly damages due to these attacks. During that session, our speakers focused on the importance of data security as part of a larger cybersecurity strategy. Edmond Mack of Haleon stated, “Data security is not singular… It’s about reducing your risk posture across the organization and being in a state of better protections of knowing what you have, where it's at, who's accessing it, and that it has the correct controls around it.”

“And what he found once he went through that process with us is that he immediately was able to save $100,000 per year for his company just by eliminating that secure mail gateway.”
—Lane Billings, Director of Product Marketing, Abnormal Security

As the sessions turned to tools and how to better protect organizations, one theme was fairly constant: the secure email gateway no longer works. During this session from Abnormal Security, our two speakers showcased the seven lessons they’ve learned from replacing over 100 SEGs, but one of them really stood out: customers are happy with their decision. One customer example included a senior security leader from the F1000 who saw that his SEG was missing VIP impersonation attacks and the unwanted mail it let through was distracting employees. He also felt like he and his team were just way too in the weeds of the tactical reporting on email security. So he decided to replace his SEG—ultimately resulting in a much better security experience and reducing costs along the way.

This idea of new tools beating our incumbents was also key in the session presented by Dazz CTO Tomer Schwartz, during which he focused on autonomous cloud security remediation. We’re no longer in a world where there is a singular data center with a fairly static and contained on-premises environment. Instead, we have organizations with dozens or even hundreds of cloud applications being used across virtualized environments, which is ripe for attacks and breaches. All of this sets us up for a world where cybersecurity is constantly evolving and new startups and new platforms are beating out the incumbents.

“Attackers only have to be right once, but we as defenders need to think about how to be right all the time. They want an easy access point, so if you're making it more difficult for them, they're going to move on to somebody else, which is absolutely kind of a bummer for them, but it saves you. That's a function of thinking about how we can move to a position of supremacy.”
—Joel Spurlock, VP of Data Science, CrowdStrike

One last key theme present throughout the conference was the fact that cybersecurity will get much tougher in the coming year. The rise of AI and the democratization of technology has allowed adversaries to operate faster than ever. However, as speakers from multiple organizations pointed out, we now have the tools and integrations available to thwart actors like never before.

In particular, Spurlock called for a reevaluation of cybersecurity strategies in response to advancements in AI and ML. After all, as long as cybercriminals are successful, they will keep running their attacks. He believes that the only way to stop them is by constantly reevaluating our security platforms and making it so difficult to breach us that they simply stop trying. To do so, it is imperative that security leaders choose cutting-edge tools that protect the organization from next-generation threats, integrate with one another, and enable security leaders to gain back time.

These are only a few of the insights presented by our speakers during Vision 2024. As you can see, there were incredible insights provided by our keynotes, panelists, and sponsors alike—more than anything we can summarize here. To hear these insights for yourself, check out the Vision 2024 recording! Just like our live conference, you can receive one continuing education credit per hour from ISC2 with up to 6 CPEs available by watching the entire conference.

As we wrap up Vision 2024, we want to thank your incredible speakers for their insights and our sponsors for their work to make the conference a success. Huge shoutouts to sponsors CrowdStrike, Cyera, Dazz, and Torq, and thanks to SecureWorld for their partnership.

And finally, Vision 2024 may be over, but there’s still more to come. Check out the Abnormal Resource Center for more insights, and stay tuned for Vision 2025… coming soon!