Discover the five biggest cybersecurity concerns for IT managers

Brazil is one of the countries most affected by cyberattacks. Among the various studies confirming this information is the most recent survey by CheckPoint Research, which indicates an average of 2,831 weekly cyberattacks per organization in the second quarter of 2025, a 31% increase compared to the same period in 2024.

“The acceleration and large-scale adoption of cloud computing and remote work have also led to attempted invasions of personal devices and local networks used for home office connections,” says Thiago Tanaka, Cybersecurity Director at TIVIT, a multinational company that connects technology for a better world. According to him, it is important to pay attention to the concerns arising from accelerated digital transformation and the growth of cybercrimes.

With this in mind, the expert consulted with the major players in the technology sector and listed five key points for IT managers to keep an eye on: 

Cloud cybersecurity management: Many managers believe they are securing their infrastructures simply by migrating to the cloud—whether public, private, or hybrid—since they rely on services from major providers. However, besides potential failures that disrupt access, there are various types of cloud-specific attacks that need to be mitigated.

One of the solutions is “Cybersecurity Mesh,”, a trend representing the ultra-distribution and application of security controls, or “security mesh,” where they are most needed. Previously, such security controls were implemented only at the organization's perimeter, using firewalls, for example, but today they require expansion due to remote professionals accessing various cloud resources.

Increased attention and technology for data and privacy: With the General Data Protection Law (LGPD), privacy-enhancing computation techniques are already available on the market to protect data during processing, sharing, international transfers, and secure data analysis, even in untrusted environments. The trend is for stakeholders to form a task force to implement privacy from the initial design of solutions, in addition to promoting responsible data use.

IoT and OT – Evolution of attacks and defenses: The popularization of Internet of Things (IoT) devices was essential for the boom rise of denial-of-service attacks, known as DDoS, by redirecting simultaneous access from thousands of infected devices to the same address to make the website or service unavailable. Now, we are seeing a shift in the modus operandi of cybercriminals, who are hacking devices to violate user privacy, intercept data, and commit fraud. The evolution of connectivity, with the consolidation of 5G and the imminent arrival of 6G, will require defense levels to keep pace with new attack methods.

Data-driven and cyber decisions – AI to map and combat threats: Investment in Security is considered a priority in IT by managers. Although most are aware of this, in practice, budget realities hinder investments that are harder to justify and do not bring immediate returns, such as cybersecurity. For this reason, data analysis gains importance by highlighting where, how, and how much should be invested, based on the history of attempted attacks and threat types, vulnerability points, among others. Artificial Intelligence is the greatest ally in the coming years for mapping the most critical points and the most efficient solutions.

Increase in Ransomware and Fileless attacks: Data hijacking via malware remains a trend in 2025, and Ransomware and Fileless attacks, which do not require malware file installation, have become sources of a data industry. Part of the money extorted by hackers is reinvested in intelligence and methodology to refine attacks, making them more frequent and sophisticated. As a result, there is a need for greater attention to the entire ecosystem defense mechanism, from the manufacturer to the user, through infrastructure updates to expand monitoring. 

According to Tanaka, “As we advance in certain areas of society, we must also prepare to protect data and businesses. Investing in security is like purchasing insurance; it does not bring immediate results but prevents much greater losses from disaster recovery.”.

With technological advancements, not only large companies but also cybercriminals have advanced their methodologies for attacking and stealing information. “If we can highlight a period when investment in security is essential, that time is now,” he concludes.