AI’s Revolutionary Influence on Software Development in 2024

The landscape of technology saw immense shifts in 2023, with AI revolutionizing the world of developers. The year 2024 is set to continue this transformation, offering groundbreaking changes for developers globally.

2023 was also notorious for the prevalence of human errors leading to significant security breaches. According to Verizon’s Data Breach Investigations Report of that year, the human element was a factor in 74% of all breaches.

Failures such as privilege misuse, accidental data exposure, and becoming victims of social engineering attacks arose from numerous human mistakes and the dire results of secret compromises, noted Ev Kontsevoy, CEO & co-founder at Teleport, developer of the Teleport open infrastructure access platform.

The frequency of these issues led organizations to adopt biometric hardware and identity verification. However, attackers have shifted their focus from merely stealing passwords to targeting a variety of secrets within an organization’s infrastructure, such as browser cookies, private keys, API keys, and session tokens, he shared.

“To keep up with the speedy evolution of threats, organizations will realize the need to transition to fully secretless authentication in 2024, thereby securing a broader range of sensitive access points that remain vulnerable to attacks,” Kontsevoy opined.

He anticipated that embracing secretless access widely in the upcoming year would render human errors irrelevant and greatly impair the operations of threat actors.

Projecting Shifts in Development and IT Security

Kontsevoy outlines a significant transformation that software developers are expected to face. This involves a major shift in how companies handle network security, moving away from an IT-centric approach reliant on dedicated security teams.

“Security teams will transform into roles akin to consultants and auditors, while engineering teams take on the responsibility of selecting vendors and implementing security protocols,” he added. “Cybersecurity teams will focus on policy and ensuring compliance with security standards for workflows and systems.”

Yoav Abrahami, chief architect and head of Velo at the website building platform company Wix, indicated that OpenAI has initiated a substantial information revolution, and AI tools will continuously enhance various developer integrations.

These innovations will encompass DevOps, data mining, and project management. Core web vitals will become even more critical, compelling developers to prioritize them more heavily.

“Developers are transitioning from local workstations to cloud-based workstations. Those who adapt will maintain a competitive edge,” Abrahami emphasized.

Declining Significance of Legacy Platforms

Leaders at Digibee foresee three primary trends for developers in the upcoming year:

  • The popularity of low-code development will surge as the AI boom continues.
  • Better organizational design will be reinforced through integration.
  • Legacy systems will eventually become obsolete.

AI and low-code platforms are experiencing parallel growth, helping organizations and individuals analyze, interpret, and manage enormous data sets, create initial content drafts, answer questions, and interpret medical images like X-rays, said Digibee CTO Peter Kreslins.

As AI applications expand, low-code platforms also ease the coding workload.

Providing high-level direction takes much less effort, as low-code systems convert these directives into code, akin to how generative AI systems like ChatGPT and Dalle-E generate text or images from high-level instructions.

“As organizations aim to leverage citizen developers to boost productivity and agility, and enable professional developers to focus more on system design and architecture rather than coding, low code facilitates these endeavors. Hence, we anticipate an increase in low-code usage in 2024,” Kreslins predicted.

New IT Integration Practices on the Horizon

The role of legacy systems will diminish substantially in 2024. These systems are often described as functioning systems that are still in place.

“While this is a fair description, legacy software is often a major obstacle to innovation and change,” stated Kreslins.

Modern integration platforms enable the seamless integration of legacy systems with current systems, allowing organizations to continue using legacy systems that perform well within their modern IT stack if they choose to.

“Legacy systems are on their way to becoming obsolete, yet they are costly to replace in certain industries like financial services. Integrating them therefore extends their usefulness and allows them to support innovation and change,” he commented.

Full Speed Ahead with AIOps

Artificial intelligence for IT operations, or AIOps, will play a pivotal role for developers in the future. AI adoption is surging, and although AGI and technological singularity are still distant, humans remain essential to the AI narrative, noted Shahid Ahmed, group EVP of new ventures and innovation at NTT.

“Organizations must prepare not just for the upcoming year but for future technologies, striving to meet sustainability goals,” Ahmed projected.

With the accelerating advancements in AIOps, the concept of a completely automated, maintenance-free network operations center (NOC) is quickly becoming a reality. Ahmed forecasts that within the next year, networking companies will more extensively integrate AIOps into their broader operations to enhance network quality, support engineers, and modernize infrastructures.

He anticipates that the concept of Dark NOC will become a common term in the networking community this year. While automation will be at its core, human expertise will be crucial to its success.

“Network providers must focus on skill development and ensure they are technologically prepared—by standardizing APIs and optimizing data processes,” he advised.

Developers Adopt Interactive Security Innovations

Malicious actors will continue to target the software supply chain, recognizing the high ROI of compromising a single key target that has numerous downstream customers, observed Chris Hughes, chief security advisor at Endor Labs and a CISA cyber innovation fellow.

Attackers understand that it is far more efficient to attack a single software supplier, whether it’s proprietary or a widely used open-source software (OSS) library, rather than targeting individual organizations.

“In 2024, we will witness a rise in software supply chain attacks as malicious actors look to exploit the complex and often neglected software supply chain attack surface that most large enterprise environments possess,” Hughes predicted.

This reality will drive a continued emphasis on Secure-by-Design and software liability initiatives. Hughes mentioned that platform providers will continue to push for systemic changes by implementing secure platform modifications from which many can benefit.

“Software liability will remain a highly debated issue. While some fear it could hinder innovation, others believe it is long overdue for software suppliers to be held accountable for the products they distribute to customers and consumers,” he argued.

Cases like the Progress Software MOVEit breach and related class-action lawsuits are indicative of what the future holds for software suppliers and the potential rise in false claims cases.

Meta’s Initiatives Potentially Enhance Developer Proficiency

As 2023 came to a close, Meta introduced its Purple Llama tool, aimed at empowering developers, enhancing safety, and fostering an open ecosystem.

Purple Llama is an umbrella project that offers open trust and safety tools, along with evaluations intended to provide developers with the means to responsibly deploy generative AI models and applications while adhering to best practices.

“Organizations will focus on implementing cybersecurity best practices to safeguard models and invest in measures to protect AI systems at all stages of the AI lifecycle, preventing unintended behaviors or algorithm hijacking,” said Nicole Carignan, vice president of strategic cyber AI at Darktrace.

She emphasized that ensuring AI safety requires a collaborative effort involving diverse global experts and viewpoints.

“We expect international cooperation and engagement across both public and private sectors to be critical in achieving AI safety on a global scale,” Carignan remarked.

Despite the project being based on a Meta offering, any initiative that helps manage potential risks is beneficial for the ecosystem, added Gareth Lindahl-Wise, chief information security officer at Ontinue, a managed detection and response (MDR) provider.

“We will likely observe similar initiatives from consumer and corporate-focused providers, marking the beginning of a new era of due diligence,” Lindahl-Wise predicted.

Joining Forces to Address Regulatory Challenges

Software developers may experience the push for enhanced cybersecurity more intensely than their IT counterparts. Their industry is expected to face increased regulatory pressures, noted Teleport’s Kontsevoy.

“With so much of the world now controlled by or reliant on software, renowned cryptographic experts like Bruce Schneier have called for more stringent regulations, even suggesting that software should be regulated similar to airspace,” he commented.

While there is no one-size-fits-all solution—and he does not advocate for regulating all software in such a manner—there are undoubtedly critical software systems comparable to airplanes in terms of potential damage that may necessitate this approach, Kontsevoy added.

No surprise, Gartner predicts that 45% of CISOs will broaden their scope beyond cybersecurity due to rising regulatory pressures and expanding attack surfaces.

“Expect this trend to begin in the upcoming year and accelerate rapidly over the next five years,” he projected.

Post Comment