Cybersecurity Developments & Priorities: November 2024

Cybersecurity is at a critical turning point, with recent developments revealing the urgency and high stakes of today's challenges. Over the past month, the tension between security and speed in software development garnered increased attention, exposing a difficult balance for many organizations. Meanwhile, ransomware remained an unrelenting threat, and the demands for more substantial safeguards in operational technology and AI systems continued to grow.

This roundup covers the latest security research and events—plus insights on what IT professionals should prioritize moving forward.

Security vs. Speed in Software Development

Endor Labs’ “Dependency Management Report” highlighted a fundamental challenge: keeping security in lockstep with the rapid pace of software development. As organizations strive to stay competitive, their priorities lean toward faster releases and efficiency, particularly in agile and DevOps environments, while security falls by the wayside. With each new release, unchecked vulnerabilities multiply, creating a high-risk backlog.

Recommended Actions: To counter this trend, developers should hone their secure coding skills and adopt a “shift-left” approach, embedding security testing and vulnerability management early in the development cycle. Organizations can reinforce DevSecOps practices by adding security tools and automated scans into development pipelines, making security as integral as speed. 

Consequences of Inaction: Ignoring these vulnerabilities increases the likelihood of exploitation, especially as AI-driven tools make it easier for attackers to discover weak points in software. 

Further Reading:

Ransomware’s Summer Resurgence

Research from NCC Group reported a 14% increase in ransomware incidents from July to August, with one Fortune 50 company paying a record ransom of $75 million. This resurgence, led by threat groups like RansomHub, points to the evolving tactics of ransomware operators and the heightened threat to critical sectors such as healthcare and industry. 

Recommended Actions: Organizations should adopt a holistic security approach spanning prevention, incident response, and recovery plans. Public-private collaboration and investment in advanced cybersecurity initiatives are needed to fortify defenses against future threats.

Consequences of Inaction: Without proactive measures, organizations risk substantial financial loss—ransom payments, recovery costs, regulatory fines—and damage to their reputation, which can drive away business opportunities. 

Further Reading:

The Urgent Need for OT Security

The “Principles of Operational Technology Cyber Security,” published by the NSA in collaboration with global cybersecurity agencies, reflects a growing acknowledgment of operational technology (OT) vulnerabilities, especially as our dependence on interconnected systems for essential services—like water, energy, and transportation—intensifies. 

Recommended Actions: Organizations should follow the six NSA-recommended principles, which include prioritizing safety, taking stock of critical assets, protecting OT data, segmenting networks, securing the supply chain, and fostering a cybersecurity-focused culture.

Consequences of Inaction: Neglecting OT cybersecurity could lead to catastrophic failures in critical infrastructure, such as power outages and water-supply contamination, and potential legal and regulatory repercussions. 

Further Reading:

‘Deceptive Delight’ Manipulates Chatbots

Advanced AI, particularly large language models (LLMs), are vulnerable to manipulation techniques such as the “Deceptive Delight” prompt injection method, which combines benign and malicious queries to exploit chatbots. Deceptive Delight, with a 65% success rate across various LLMs, poses risks to organizations that increasingly entrust AI with sensitive operations. 

Recommended Actions: Organizations should mitigate these risks by enforcing strict access controls on LLMs, incorporating human oversight for critical tasks, establishing trust boundaries for LLMs, and regularly auditing LLM interactions. 

Consequences of Inaction: Unaddressed vulnerabilities may lead to data breaches and potential non-compliance with regulatory standards. 

Further Reading:

More Recent Stories To Note

U.S. Election Security

Data Breaches

Social Engineering Attacks

Insider Threats

Top Security Tips and Guides