7 cybersecurity predictions to look out for in 2024

What’s in store for internet security and privacy next year?

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

It’s that time of the year again, so while we wait for the final tick of the clock, let’s look back over the past 365 days in the world of cybersecurity and predict what’s coming next.

Throughout 2023 we saw the use ofVPN servicesremain high as internet restrictions increased across the world, new privacy threats loomed, and governments enforcedVPN censorship. The same goes for local and national-scale internet shutdowns, with Iran being thebiggest perpetratorin the past 12 months.

It’s not possible to talk about this year’s cybersecurity landscape without mentioningAI. The boom ofChatGPTand similar tools have presented new challenges for online privacy, scams, and disinformation, but they certainly opened up new possibilities within the security software industry as well. At the same time, the race to bring encryption protections up to the post-quantum world has never been so fierce.

So, with these past events in mind, let’s dive into our top 7 cybersecurity predictions to look out for in 2024.

1. VPNs become even more relevant for consumers

As mentioned, in 2023, everyday people have increasingly turned to VPNs to access censored sites and apps, enjoy better online privacy, or simply boost their overall internet performance.

Short forvirtual private network, a VPN is a security software that encrypts internet connections and spoofs IP addresses. As a result, VPNs are an incredibly versatile tool—and they’ve never been more commercially accessible.

Experts expect this trend to consolidate during 2024, as censorship and privacy threats are on the rise. On this topic, Head of Product atPrivate Internet Access (PIA)Himmat Bains told me: “With the increasing of online scams and governments becoming more and more interested in people’s data and what they do online, I think now than ever before VPNs are incredibly useful for customers to protect their most important access: their own digital privacy.”

Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.

Sign up to be the first to know about unmissable Black Friday deals on top tech, plus get all your favorite TechRadar content.

2. Bad actors keep using generative AI tools

We already mentioned how generative AI shook the security industry this year, presenting it with a series of new threats to internet privacy and security.

Hackers have been using ChatGPT towrite more effective malware, for example. Data-scraping practices behind these Large Language Models (LLMs) have also beenworrying privacy experts. Online disinformation,deepfakes, and online scamsare becoming more sophisticated, too, all thanks to AI tools.

Again, experts foresee this worsening throughout 2024—especially considering that we still don’t have proper AI regulations in place.

Andrew Whaley, the Senior Technical Director at Norwegian security firmPromon, said: “The emergence of advanced AI-assisted attacks, including deep fakes for social engineering and bypassing ID controls, can be anticipated. This raises the threat of AI being exploited for disinformation campaigns, with potentially major consequences for the upcoming US election.”

3. A step closer to a passwordless world

As the name might suggest,passwordless authenticationrefers to the act of signing into a service without using a password. Instead, sign-in can be done with certificates, security tokens, one-time passwords (OTPs), or biometrics.

Withdata breaches on the rise, the industry has increasingly been moving in this more secure direction over the past few years, including the big tech giantMicrosoft. Experts now expect a consolidation of the passwordless market in 2024.

Bassam Al-Khalidi, co-founder and co-CEO of passwordless solutions firmAxiad, said: “Next year, we’ll start to see mergers between passwordless and credential management companies, which will create a new category in the authentication space: thinkpasswordless plus. This movement will be similar to the consolidation we saw a few years back between identity management and access management companies, which resulted in the identity and access management (IAM) industry.”

4. Security providers to harvest the power of AI

If, on the one hand, AI brought huge issues to people’s privacy and security online, these powerful tools also have huge potential for doing good. That’s why cybersecurity experts and software engineers will undoubtedly begin to harness their power more and more in 2024.

In August, NordVPN launched a new initiative aiming to do exactly this.NordLabswants to provide a platform for engineers and developers to test new ideas and approaches to ever-changing online security and privacy issues. A month later, the team launchedSonar, an AI-enabled tool to fight back against increasingly sophisticated phishing attacks.

“New emerging technologies raise challenges for cybersecurity, privacy, and internet freedom, but at the same time, they bring new opportunities. NordLabs will allow us to have additional flexibility when it comes to the development of experimental tools and services,” said Vykintas Maknickas, the head of product strategy at Nord Security.

We are sure the new year will bring even more of these innovative AI-powered solutions.

NordLabs by NordVPN is here! NordLabs is a place where cutting-edge cybersecurity tools are born. It will let you try and experience new online security tools, evaluate them, and contribute to overall safety online. Sign up today: https://t.co/hwAScsenEv pic.twitter.com/vGHBylXpzOAugust 28, 2023

5. The internet becomes more and more regulated

The year of policymakers has been characterized by worldwide governments trying to regulate new technologies and the internet at large.

The long-awaitedOnline Safety Bill became law, despite heated debates. Similar proposed legislation, introducing stricter age verification rules and more power to check on people’s communications in an attempt to protect children online, is also on the table elsewhere. So, we expect that we’ll see new policies in 2024.

The race for a comprehensive AI Act has been fierce, too. TheUK AI Summitended with a world-first signed agreement among the UK, the US, China, and 25 more countries to develop safe and responsible AI software. The EU also managed to agree on the backbone of the future law, which is likely to become the go-to model for the West.

When it comes to data protection and privacy laws, the US took positive steps in Colorado and Virginia, finally enforcing privacy laws, but theADPPAis still stalled at the time of writing. What’s certain is that organizations will need to adapt their internal practice to keep up with an ever-changing environment.

6. Internet shutdowns likely to rise

Once again, internet shutdowns surged across the world in 2023. VPN providerSurfsharkcounted42 instances affecting over 4 billion peoplein the first half of the year.

At the time, researchers pointed out how there was a 31% reduction in new internet restrictions compared to the same period in 2022. However, the decrease in new restrictions (from 42 in the first half of 2023 to 61 in the same period the year before) primarily resulted from the drop in cases acrossJammu and Kashmir(from 35 to only 2). Excluding this region, global restrictions suddenly increased by 54% compared to 2022, suggesting that digital freedoms across the world “may have worsened.”

While it’s not possible to say for sure, the data collected from 2015 onwards indicate that a spike in internet andsocial media shutdownsis, sadly, a very likely scenario we’ll need to cope with next year.

7. Spread of quantum-resistant cryptography

Despite being a few years away from becoming commonplace, the threat of quantum computing to current encryption models is looming. That’s because hackers in 2023 began to perform attacks deemed as"harvest now, decrypt later."

It’s in this context that providers have been racing to implement quantum-resistant cryptography in their services. The list so far includes the encrypted messaging appSignal, secure email provider Tuta (previouslyTutanota), and some VPN services, includingExpressVPNandPureVPN.

Again, we expect this trend to consolidate throughout 2024.

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up.She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to chiara.castro@futurenet.com

Undermining your privacy? Session says no and leaves Australia

Are online dating and data privacy an incompatible match?

This new malware utilizes a rare programming language to evade traditional detection methods