Check Point Research has released its 2024 Cybersecurity Report, highlighting critical themes such as the evolution of ransomware, the increased use of edge devices, the growth of hacktivism, and the transformation of cybersecurity with artificial intelligence (AI). NovaRed, one of the largest cybersecurity companies in Ibero-America, reinforces the importance of constantly updating trend lists to address these threats.
Rafael Sampaio, country manager of NovaRed, emphasizes the crucial role of Chief Information Security Officers (CISOs) in translating these risks to senior management, especially when pricing in the failure to make security decisions. "The CISO takes on a leading role in translating these risks to senior management, and this becomes even more important when done with pricing in the failure to make security decisions," Sampaio points out.
Key Insights from the Report
1. Ransomware on the Rise
Check Point's report reveals that ransomware was the most prevalent cyberattack in 2023, accounting for 46% of cases, followed by Business Email Compromise (BEC) with 19%. Sampaio explains that ransomware is gaining strength due to the actions of affiliates and digital gangs that use the Ransomware as a Service (RaaS) model. "Affiliates buy malware from cybercriminals to infect systems, enabling large-scale attacks," he states.
In 2023, ransomware attacks netted cybercriminals over $1 billion, according to Chainalysis, while affected companies could lose around 7% of their market value, according to NovaRed. Beyond the financial impact, companies' credibility is also severely damaged, hindering mergers and acquisitions (M&A).
2. Accountability for Data Breaches
With the rise in cyberattacks and data breaches, 62% of CISOs are concerned about their personal liability in the event of incidents, according to Check Point. "The CISO's participation on the Board of Directors is fundamental to translating cyber risks into business metrics and sharing responsibilities," states Sampaio. Building a security culture is essential for alignment between departments and strategic decision-making.
3. Use of AI by Cybercrime
The report highlights that cybercriminals are using unregulated AI tools to launch attacks and steal financial resources. “Technology can be used for both defense and attack. Investing in information security and privacy is crucial for training and strengthening defense systems,” says Sampaio. He recommends a gradual implementation of AI in cybersecurity, focusing on automating repetitive tasks to maximize team productivity.
The Challenge of Digital Resilience
According to the World Economic Forum, 61% of organizations meet only the minimum requirements for digital resilience, or not even that. "Budgetary issues remain an obstacle to improving the digital maturity of business security infrastructure," says Sampaio. In Brazil, only 37.5% of companies prioritize cybersecurity, according to a study by the consulting firm IDC.
To meet these challenges, CISOs need to proactively identify emerging trends and develop more effective prevention and response plans. "Knowing the adversary will make it possible to develop more effective prevention and response plans, as well as define metrics to be shared with the executive agenda," concludes Sampaio.
This news highlights the urgency for companies to prioritize cybersecurity in an increasingly threatening and complex digital environment.
