Brazil is one of the countries most affected by cyberattacks. Among the various studies that confirm this information is the most recent survey by CheckPoint Research, which indicates an average of 2,831 cyberattacks per week per organization in the second quarter of 2025, a 3% increase compared to the same period in 2024.
“The acceleration and large-scale adoption of cloud computing and remote work have also facilitated attempts to hack into personal devices and local networks used for home office connections,” says Thiago Tanaka, Cybersecurity Director at TIVIT, a multinational company that connects technology for a better world. He believes it is important to be aware of the concerns arising from accelerated digital transformation and the growth of cybercrime.
With this in mind, the expert spoke with the biggest players in the technology sector and listed five points for IT managers to keep an eye on:
Cloud cybersecurity management: Many managers believe they are ensuring the security of their infrastructures simply by migrating to the cloud, whether public, private, or hybrid, since they rely on the services of large providers. However, in addition to potential failures that prevent access, there are several types of specialized cloud attacks that need to be mitigated.
One solution is the "Cybersecurity Mesh ," a trend that represents the ultra-distribution and application of security controls, or "security mesh," where they are most needed. Previously, such security controls were implemented only at the organization's perimeter, using firewalls, for example, but today they require expansion due to professionals working remotely with access to various cloud resources.
More attention and technology are needed to handle data and privacy: With the General Data Protection Law (LGPD), computing techniques that enhance privacy are already on the market to protect data while it is used for processing, sharing, international transfers, and secure data analysis, even in untrusted environments. The trend is for a task force of stakeholders to implement privacy from the initial design of solutions, in addition to collaborating on the responsible use of data.
IoT and OT – Evolution of Attacks and Defenses: The popularization of Internet of Things (IoT) devices was essential for the boom in denial-of-service attacks, known as DDoS, through the redirection of simultaneous access from thousands of infected devices to the same address, in order to make the website or service unavailable. Now, we see a change in the nature of the actions of cybercriminals, who are invading devices to violate user privacy, intercept data, and commit fraud. The evolution of connectivity, with the consolidation of 5G and the imminent arrival of 6G, will require monitoring of defense levels against new attack modalities.
Data-driven and cyber decisions – AI to map and combat threats: Investment in security is considered a priority in IT by managers. Although most are aware of this, in practice, budget realities hinder investments that are more difficult to justify and do not bring an immediate return, such as cybersecurity. Therefore, data analysis gains importance by highlighting where, how, and how much should be invested, according to the history of attempted threats, types of threats, vulnerabilities, and other factors. Artificial Intelligence is the greatest ally for the coming years in mapping the most critical points and finding the most efficient solutions.
Increase in Ransomware and Fileless Attacks: Data hijacking via malware continues to be a trend in 2025, and Ransomware and Fileless attacks, which don't require malware file installation, have become sources of a data industry. Part of the money extorted by hackers is reinvested in intelligence and methodology to improve attacks, which are more frequent and elaborate. Because of this, there is a need for greater attention to the entire ecosystem's defense mechanism, from the manufacturer to the user, through infrastructure updates to expand monitoring.
According to Tanaka, “as we move forward on certain issues in society, we need to prepare ourselves to also protect data and businesses. Investing in security is like taking out insurance; it doesn't bring immediate results, but it prevents much greater losses in disaster recovery.”
With the advancement of technology, not only large companies, but also cybercriminals have advanced in their attack and information theft methodologies. "If we can highlight a period in which investment in security is essential, that time is now," he concludes.
