“Prediction is very difficult, especially if it’s about the future!” Niels Bohr, the physicist, once said. I couldn’t agree more with his statement. Nevertheless, predicting the future is fun, so let me enjoy it a bit and give it a try. And remember to look at this with a dose of cynicism. Since the toughest predictions are made in a noisy environment with rapid changes, predicting what’s in store for AI & security in 2024 might seem like a complete guess, as this market is evolving rapidly before our eyes. Exciting, isn’t it?
Anyway, onto the main dish, my 5 Predictions on AI & Security for 2024:
- The OpenAI & Microsoft monopoly will be fragmented.
Without a doubt, they have won the race so far: More precisely, they created the game. But, as the saying goes, ‘sic transit imperium’ (thus passes the glory of the world), and according to my observations and a bit of a gut feeling, they will lose their monopoly. Why so? Well, they execute really well and really fast, and they have the means and resources to continue doing so, but when it comes to the uniqueness in the technology, there is nothing secret in their recipe. I would expect the open-source community, alongside vendors such as Google, Facebook, Anthropic, Cohere, Mistral, AI21 and others, to start putting up a fight soon.
- Users will move from leveraging a single LLM to leveraging multiple ones.
Today most people use OpenAI’s GPT3.5 and 4. This is what we see in the majority of our customers too. But related to what I mentioned in my previous point about the ever-growing options in the realm of LLMs, organizations will start using multiple of them, sometimes within the same GenAI application. This will be a matter of optimization for each use case, considering quality, cost, latency, privacy, and additional factors. No one solution fits all.
- Going ‘all in’ with GenAI applications, not just for limited use cases.
It’s one thing to use ChatGPT to revise emails, it’s a completely different challenge to maintain a real GenAI application in production. Today, most companies do not have any GenAI Application in their production. By the end of 2024, I forecast that more than 50% of software companies and more than 25% of all organizations will have some sort of GenAI application of their own in production, likely using third-party LLMs (vendors or open source/weights). I also expect the concept of Agents to thrive, while LLMs will become the center of the application, orchestrating and interacting with different services like databases, APIs, code interpreters, etc., moving beyond being ‘fancy wrappers’ of GPT.
- GenAI-related Security breaches.
Combining my previous points, I assume there will be some game-changing incidents in the security and privacy areas.
Two different areas for concern:
- Data Privacy: Most employees of any company these days are using GenAI tools, often trained on received data. I expect a massive leakage of training data that will change organizations’ perspectives on this topic. This is not a regular DLP (Data Loss Prevention) effort.
- Prompt Injection: As more GenAI Apps reach production, I suspect we will soon witness a malicious prompt injection leading to painful consequences, in the spirit of remote code execution, privilege escalation, or unauthorized data access to critical assets of a massive enterprise.
5. AI Security Budget —
As the saying goes ‘with any major security breach comes a major increase in the security budget’ (is that it?) I expect that due to this new frontier of generative AI everywhere, most companies will allocate a designated budget for AI security in 2024. It will also be an interesting development to follow on who’s desk this will land: IT, SecOps, engineering, AI,…? We’ll definitely be monitoring it.
See you next year, we have so much in store.
I can’t wait.
