Attention small and medium-sized enterprises: These three important cyber security trends should be on the radar of company managers in 2024

New year, new challenges for cyber security Small and medium-sized enterprises (SMEs) are particularly popular targets for cyber criminals due to scarce resources and limited specialist staff. Standing still and waiting is no longer an option – too much is at stake.

Dieter Kehl, Director Sales DACH at OpenText Cybersecurity, reveals which threats SMEs will have to face this year and how they can protect themselves against them.

1. Generative AI is causing a stir in the threat landscape

In addition to extremely popular ransomware attacks and ransomware-as-a-service models, generative AI is taking on an even more prominent role in the cybercrime scene this year. WormGPT and FraudGPT are already well-known representatives of malicious AI chatbots that have been trained on the basis of malware data. The coming months will bring even more advanced applications that cyber criminals can use to create deceptively real-looking phishing emails tailored to their victims, among other things.

In view of the rising number of deceptive AI-based phishing attacks, security awareness training is becoming increasingly important for the security of SMEs. Regular, practical and continuously updated training courses sharpen awareness and provide the necessary knowledge to protect SMEs against sophisticated attacks.

2. The software bill of materials is becoming the standard

Increasingly frequent attacks on open source systems endanger every company, regardless of its size. A software bill of materials (SBOM) – or software bill of materials – can help to counteract this. This is a structured record of the individual components of a software product and their relationships to each other within the overall structure. It reveals errors and potential vulnerabilities that have crept into the code, which increases cyber security. Such a code inventory also makes the software supply chain more transparent for partners. This prevents inadequate development and security processes and promotes the provision of secure software.

The second part of the “Cyber Resilience Requirements” (Technical Guideline TR-03183), which the German Federal Office for Information Security (BSI) published in August last year, shows just how important such an inventory list is. It defines the formal and technical requirements for their design. As a result, the SBOM will ensure a more transparent software supply chain and a higher level of security as standard in future.

3. Cyber insurance is booming

Cyber criminals are very inventive and adaptable when it comes to the methods they use to trick their victims and exploit vulnerabilities. The result: the rise of successful ransomware attacks, which in turn has led to a boom in cyber insurance. Fortunately, it’s getting easier and easier to get one – good news for SMEs.