As we have entered a new year, I will make three quick predictions for the cyber-/information-security landscape in 2024.

Generative AI with large language models will continue to make it more difficult for employees to protect the organization and themselves from fraud attempts. The classical “red flags” for a phishing email will be significantly reduced, and the volume of “well-crafted” phishing attempts will continue to increase.

The cyber and information security field will continue to be led by technologists. This will lead to a continued lack of focus on the human element and the untapped potential of well-trained employees. From history, we know that technology and humans will occasionally fail, and we need to build more robust defenses where we utilize both humans and technology as one.

Since Formula 1 has seen significant growth in popularity in the last few years, primarily due to the Netflix series “Drive to Survive,” I’m sure I’m not the only one who has spent more time following this sport in the last few years.

Now that this year’s season has ended, I spent a few minutes reflecting on whether there are any similarities between this sport and the information security area. There are at least two obvious ones.

If you ever find yourself setting up identity and access management (IAM) in a startup where you can make all the bold choices, what do you do?

The most apparent limitation that you will need to work around is the budgetary limitations that exist in most of all companies. In a startup, it’s probably a bit stricter than what you are used to working within an established company. Despite this, most startups expect some IT and security costs to get off the ground.