Check Point Research released its Cybersecurity Report 2024, highlighting critical topics such as the evolution of ransomware, the increase in the use of edge devices, the growth of hacktivism, and the transformation of cybersecurity with artificial intelligence (AI). NovaRed, one of the largest cybersecurity companies in Ibero-America, emphasizes the importance of constantly updating trend lists to combat these threats.
Rafael Sampaio, NovaRed's country manager, emphasizes the crucial role of Chief Information Security Officers (CISOs) in translating these risks to the company's top management, especially when pricing the lack of security decisions. "The CISO takes on a leading role when it comes to translating these risks to senior management, and this becomes even more important when it involves the pricing of not making security decisions," emphasizes Sampaio.
Key Insights from the Report
1. Ransomware on the Rise
Check Point's report reveals that ransomware was the most prevalent cyber attack in 2023, accounting for 46% of cases, followed by Business Email Compromise (BEC) with 19%. Sampaio explains that ransomware is strengthening due to the actions of affiliates and digital gangs that use the Ransomware as a Service (RaaS) model. "The affiliates buy malware from cybercriminals to infect systems, enabling large-scale attacks," he states.
In 2023, ransomware attacks generated over $1 billion for cybercriminals, according to Chainalysis, while affected companies could lose about 7% of their market value, according to NovaRed. In addition to the financial impact, companies' credibility is also severely affected, harming mergers and acquisitions (M&A).
2. Accountability for Data Breaches
With the increase in cyberattacks and data breaches, 62% of CISOs are concerned about their personal responsibility in case of incidents, according to Check Point. "The participation of the CISO in the Board of Directors is essential to translate cyber risks into business metrics and share responsibilities," declares Sampaio. Building a safety culture is essential for alignment between departments and strategic decision-making.
3. Use of AI by Cybercrime
The report highlights that cybercriminals are using unregulated AI tools to carry out attacks and steal financial resources. "Technology can be used for both defense and attack. Investing in information security and privacy is crucial to train and strengthen defense systems," says Sampaio. He recommends a gradual implementation of AI in cybersecurity, focusing on automating repetitive tasks to maximize team productivity.
The Challenge of Digital Resilience
According to the World Economic Forum, 61% of organizations meet only the minimum requirements for digital resilience or none at all. "The budget issue is still an obstacle to improving the digital maturity of security infrastructure in businesses," says Sampaio. In Brazil, only 37.5% of companies prioritize cybersecurity, according to a study by consulting firm IDC.
To face these challenges, CISOs need to proactively identify emerging trends and develop more effective prevention and response plans. "Knowing the adversary will make it possible to develop more effective prevention and response plans, as well as to define metrics to be shared with the executive agenda," concludes Sampaio.
This news highlights the urgency for companies to prioritize cybersecurity in an increasingly threatening and complex digital environment.
