Regulations, cybersecurity and AI concerns dominate enterprise considerations

One person typing on futuristic glowing computer generated by artificial intelligence Image by vecstock on Freepik

In an era marked by profound shifts in the landscape, ranging from the cybersecurity complexities of hybrid work environments to the pervasive integration of AI, there’s now a necessity to look ahead and try to anticipate what’s to come, writes David Critchley, the regional director for UK and Ireland at Armis.

Granted, we can’t predict the future. Yet, the unfolding events and developments of the past 12 months provide valuable glimpses into potential trends that may shape our trajectory. Here are five key areas that are likely to dominate 2024 and beyond.

Regulation will act as a rude awakening for many

This year saw the second iteration of the Network and Information Security (NIS2) directive come into effect, which updates the existing legal framework determining cybersecurity standards in the EU.

The initial legislation, known as NIS, affected critical sectors such as healthcare, energy and transport, but NIS2 includes entities such as the food sector and cloud computing services. Its modernisation intends to strengthen and streamline security and reporting requirements for organisations, providing a minimum list of basic security elements that must be incorporated.

Previously, organisations were fined following a breach, yet this latest directive dictates entities will be fined based on failing to meet legislative standards, irrespective of whether there’s a breach.

The shockwave of NIS2 will force organisations to undergo a risk management transformation. In 2024, we will see manufacturers that you wouldn’t expect being regulated under the NIS2 banner. This shift necessitates a heightened focus on cybersecurity preparedness, with intelligence becoming the centre of security decisions. In doing so, organisations will be able to ensure their compliance with the directive’s rigorous cybersecurity standards.

Further attacks on healthcare organisations, with improved accuracy

Healthcare organisations are under huge pressure and as we saw in 2023, they are actively becoming targets of coordinated cyberattacks. These attacks can be motivated by a variety of factors, including financial gain, espionage or simply the desire to cause disruption.

In recent years, we have seen several high-profile cyberattacks on healthcare organisations, including the ransomware attack on the NHS in the UK and the data breach at Anthem, a major US health insurance company.

These attacks have had a significant impact on the healthcare industry, disrupting patient care and costing organisations millions. As cybercriminals become more sophisticated and develop new attack techniques, we can expect to see even more attacks on healthcare organisations in the coming years. It is therefore of the utmost importance that healthcare organisations continue to invest at a board level in cybersecurity and proactive defence of core infrastructure.

A new “Colonial Pipeline” – a major critical infrastructure attack

Critical infrastructure is the term used to describe the systems and networks that are essential for the functioning of society. These systems include power grids, water and wastewater systems, transportation networks and telecommunications networks.

Critical infrastructure is a prime target, as a successful attack can have a devastating impact on society. In recent years, we’ve seen several high-profile cyberattacks, including on Ukrainian critical infrastructure since December 2022, the attacks on Denmark’s critical infrastructure in May 2023 and the constant targeting of Australia’s ports and critical infrastructure, brought to light in November 2023.

The risk of a successful cyberattack on critical infrastructure in the Western world is real. The UK is the third most targeted country globally for cyberattacks, after the US and Ukraine, and a successful attack on critical infrastructure could cause widespread disruption and economic damage. Governments and businesses must take steps to protect critical infrastructure from cyberattacks. The first step is to gain visibility of the entire attack surface.

Regulations regarding asset inventory management will be enhanced

Asset inventory management is the process of identifying, tracking and managing an organisation’s assets. Asset inventory management is important for a number of reasons, including compliance with regulations, risk management and financial management.

UK regulations regarding asset inventory management are likely to be enhanced in the coming years with the Financial Conduct Authority keen to ensure its rules are fit for the future. Then there’s the Digital Operational Resilience Act (DORA) that financial institutions must also contend with. When financial companies follow DORA regulations, they are considered compliant with NIS2, especially when ‘Lex Specialis’ is considered in international law.

There’s a lot to consider. This will ultimately require organisations to invest in new technologies and processes to manage their assets more effectively, particularly in the face of compliance.

UK organisations can’t afford to wait for AI regulations

The AI arms race is real

As the UK pushes to secure itself as a world-leading AI superpower, with investments of over £1 billion in AI, and a plan to not rush regulations coming off the back of the AI Safety Summit, the UK is positioned to become a strong AI capability. Yet, this strength can incite challenge. Challenge incites conflict. And conflict leads to disaster, opening the nation up to potential AI cyberwarfare threats.

The UK government may be taking their time to understand and evaluate the safety of AI, but organisations can’t afford to wait. Cybercriminals and other bad actors are already exploiting AI in their attacks, so organisations must fight back with AI of their own. This means incorporating AI technologies such as machine learning algorithms and natural language processing into their cybersecurity strategies, alongside traditional tools.

2023 illustrated how quickly AI can evolve. Those organisations that make the right call and adapt will thrive. Those who do not will be left behind.

Preparing for the future

Put simply, navigating the uncertainties of the future demands a proactive stance. Whether it’s gaining better visibility through attack surface management or fortifying cybersecurity measures, businesses must be agile in the face of evolving challenges, even if that means acting before regulations come into effect.

Those organisations that anticipate, look ahead and adapt to the dynamic landscape will ultimately ensure better resilience throughout 2024.

Artilce by David Critchley, the regional director for UK and Ireland at Armis

Comment on this article below or via X: @IoTNow_

RECENT ARTICLES
close up small cars model road traffic conception

Carson City upgrades to Iteris’ advanced Vantage Apex sensors

Posted on: April 26, 2024

Iteris has announced that Carson City, Nevada has chosen to upgrade the city’s intersection detection sensors to Iteris’ Vantage Apex hybrid sensors.

Read more

Make the Intelligent Choice: Embed X103 in Smart City Outdoor Devices

Posted on: April 25, 2024

The adage “less is more” is the current state of digital transformation, starting with existing technology that has already proven successful – and then further adapting and streamlining. The “smart

Read more
FEATURED IoT STORIES
What is IoT answer

What is IoT? A Beginner’s Guide

Posted on: April 5, 2023

What is IoT? IoT, or the Internet of Things, refers to the connection of everyday objects, or “things,” to the internet, allowing them to collect, transmit, and share data. This

Read more
iot adoption

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way

Read more
IoT Now Enterprise Buyers’ Guide Which IoT Platform 2021

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT

Read more
CAT-M1 vs NB-IoT

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more
internet of things isometric illustration of connected things

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for

Read more
iot challenges and issues

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into

Read more