Unless you have explicit PCI compliance directives to only retain session data for a specific window – there isn’t any real security concerns. The session data doesn’t hold any sensitive information.

By extending the window, the only concerns I can think about would be.

1. You are giving a longer/greater chance for the session/customer to be vulnerable to an XSS attack on the existing session (not that this wouldn’t perhaps otherwise be the case anyway).
2. You run the risk of the session directory becoming excessively large – causing any session clean-up cron’s to have to iterate through an increased number of files.
3. If you are storing anything else in the session that you shouldn’t be doing (ie. that makes it larger than the default 4kb); then you’ll be rapidly consuming disk space.
4. If you are using memory storage for sessions (Memcache/Redis) – then you’ll eventually run out of available space and auto-truncate older sessions. So you’ll have to commit a fairly large amount of RAM purely for legacy/archived session storage.
5. If you are using DB storage for the sessions – then you’ll end up in a bad way. Magento’s DB based session storage is horrendous and falls over at the slightest hint of use – avoid
6. A potential security concern could perhaps be if the customer’s machine is a shared computer. At least with a 24 minute (or otherwise) session volatility, chances are the session would have expired before another user can take advantage of it.

But there is a better solution

Rather than just extend session time on site, have you perhaps thought of investigating a more sophisticated solution, whereby if the cart has been abandoned, you can alert the customer of such via email and give them a link to re-instate the cart contents/wishlist/session etc.

This would obviously give you the underlying solution and the advantage that you could pro-actively convert the customer – and all it would require is capture of an email address.