Shay Levi – CTO and co-founder, Noname Security:
API security evolves as AI enhances offense-defense strategies: In 2023, AI began transforming cybersecurity, playing pivotal roles both on the offensive and defensive security fronts. Traditionally, identifying and exploiting complex, one-off API vulnerabilities required human intervention. AI is now changing this landscape, automating the process, enabling cost-effective, large-scale attacks. In 2024, I predict a notable increase in the sophistication and scalability of attacks. We will witness a pivotal shift as AI becomes a powerful tool for both malicious actors and defenders, redefining the dynamics of digital security.
AI fundamentally disrupting business: AI will continue to be a huge disruptor for current business models, in two ways. In the first instance, AI will be introduced into businesses’ existing processes, helping to streamline operations, increase efficiencies, and broadly change the way the business operates. Secondly, there are businesses that will struggle to adopt AI into their current model, resulting in AI-first organizations replacing them completely. When we reach the tipping point, this will happen very quickly; it will then be up to businesses to decide whether they sink or swim.
Consolidation in AI: AI startups that are building their own models are not going to succeed. As with any industry, consolidation will take place, with Big Tech companies such as Alphabet/Google, and Meta – alongside the likes of OpenAI – operating the foundational models that will enable AI to proliferate. As a result, the generative AI market will soon be limited to a select few companies, limiting scope for new entrants to innovate.
Karl Mattson – Field CISO, Noname Security:
Rising geopolitical tensions will drive global cybersecurity concerns: The increasing prevalence of cyber-attacks as a routine component of geopolitical conflict will undoubtedly lead to a continued escalation in cyber risks, particularly targeting critical infrastructure. Moreover, we can anticipate a ripple effect as adversaries extend their cyber attacks to companies and nations supporting allies. This growing cyber threat landscape will necessitate enhanced security measures and international cooperation to mitigate risks effectively.
Regulatory focus will shift towards managing APIs: In 2024, I predict we will see a notable shift in the regulatory landscape as regulatory agencies identify new “weak links” and opportunities to increase compliance. While asset management, especially in the banking sector, has traditionally been under scrutiny by regulators, APIs are emerging as a distinct category of assets that require management and oversight. Consequently, API inventory discovery and lifecycle management are emerging as focal points for banking regulators, reflecting the evolving technological landscape and the critical role of APIs in modern financial systems.