Specific Criticism of CVSS4
Marc Ruef
As we do every year, we would like to make a forecast for the coming year 2025 at the end of 2024. The following are the topics that we believe will manifest themselves or even develop further. Regardless of this, stay healthy!
In recent years, the internet has been put through its paces by an increase in ransomware activities. Many organizations that have not taken cybersecurity seriously for years have been overwhelmed by the lucrative business model of cybercriminals. However, the risk of such attacks has recently decreased again in the public perception. This is mainly because the media no longer reports on such cases in any great detail, except for particularly large and curious incidents. However, it is a fallacy to believe that the danger has actually decreased. Targeted and professional attacks that can severely impact companies are still to be expected.
Every year, more vulnerabilities are published. From 2021 to 2024, the number of published vulnerabilities has almost doubled. Currently, around 110 new vulnerabilities are made public every day, which will result in around 40,000 vulnerabilities by the end of the year. For the year 2025, a further increase and a total of around 45,000 vulnerabilities must be expected. On the one hand, this is due to the increasing prevalence of computer systems and software, including in everyday life. On the other hand, for several years, security vulnerabilities have been searched for, published and cataloged much more consistently. This trend will continue for the time being.
For the sake of simplicity, patches were distributed sequentially and in their entirety for decades. This meant that the update process often took a relatively long time and usually meant that a device was no longer usable in the meantime. By optimizing this procedure, incremental patches that are small and flexible are increasingly possible. In particular, traditional operating systems and cell phones can be kept up to date in an uncomplicated and almost casual manner. This will lead to greater user acceptance, whereby the security of corresponding systems in operation can be consistently increased with the improvement of the patch level.
Artificial intelligence (AI) will increasingly find its way into our daily lives. On the one hand, through new technical means, such as Microsoft Copilot, which has recently become part of Office 365. On the other hand, however, these new possibilities are also being used in concrete actions. Search queries are shifting from Google to ChatGPT, emails are being optimized with the help of stylization tools, and support request responses are being prepared with a generative AI, to name just a few changes. This technological and social disruption will put a lot of pressure on well-known companies, especially in the field of classic search engines. And it will give new companies the opportunity to present themselves innovatively and grow as a result.
Artificial intelligence is putting young professionals with no experience under massive pressure. Today, generative AI can already carry out a security check of a software’s source code, for example. This enables it to identify specific vulnerabilities with a quality that would require at least about two years of professional experience. As a result, hiring and training people in this sector only pays off after a relatively long time. Other areas will be affected in the same way. As the relevant AI solutions improve, this challenge for employees will become even more pronounced and, above all, will pose a very real problem for the younger generation.
Generative AI solutions, such as ChatGPT, are now reaching their limits. The training material has been used up and further increasing the complexity of the models will not result in the quantum leaps we have become accustomed to. After the euphoric high, a hangover is setting in in some cases, putting a damper on unbridled optimism. Sooner or later, this will also be felt on the stock market and, in the medium to long term, counteract the hyped bubble formation with inhibited growth in profits or even a price correction.
The availability of electricity is not always guaranteed. In recent years, Europe has had to deal with energy shortages, especially in winter. On the one hand, this is due to the energy transition, which has led to the shutdown of proven power generation plants. The alternative energy production cannot yet guarantee the desired stability and reliability. On the other hand, geopolitical crises exacerbate such bottlenecks. Customers are therefore becoming increasingly cost-sensitive and are consciously looking for products with low-energy components. The market has recognized this trend, which can be seen in the reduced power consumption of modern devices. This effect will continue consistently in the following years.
Upscaling mechanisms such as AMD FSR, Nvidia DLSS and Sony PSSR help to generate a considerable increase in resolution, frame rates and details in computer games with relatively little computing effort. Comparable mechanisms are also used to a certain extent in some television sets, which are able to provide a sharper viewing experience by upscaling the image material. These mechanisms will become more widespread and are also conceivable, for example, on mobile devices such as smartphones. The establishment of 8k will probably only be able to be driven forward in a first step by upscaling in order to keep costs and power consumption as low as possible.
Our experts will get in contact with you!
Marc Ruef
Marc Ruef
Marc Ruef
Marc Ruef
Our experts will get in contact with you!