Check Point Research has released its 2024 Cybersecurity Report, highlighting critical themes such as the evolution of ransomware, the increase in the use of edge devices, the growth of hacktivism and the transformation of cybersecurity with artificial intelligence (AI). The NewRed, one of the largest cybersecurity companies in Ibero-America, reinforces the importance of constantly updating trend lists to face these threats
Rafael Sampaio, country manager of NovaRed, emphasizes the crucial role of Chief Information Security Officers (CISOs) in translating these risks to the upper echelons of companies, especially when pricing the failure to make security decisions. "The CISO takes the lead in translating these risks for the upper management", and this becomes even more important when done with the pricing of not making security decisions, highlights Sampaio
Key Insights from the Report
1. Ransomware on the Rise
The Check Point report reveals that ransomware was the most prevalent cyber attack in 2023, representing 46% of the cases, followed by Business Email Compromise (BEC) with 19%. Sampaio explains that ransomware is strengthening due to the actions of affiliates and digital gangs that use the Ransomware as a Service (RaaS) model. Affiliates buy malware from cybercriminals to infect systems, allowing large-scale attacks, affirms
In 2023, ransomware attacks generated over $1 billion for cybercriminals, according to Chainalysis, while affected companies may lose about 7% of their market value, according to NovaRed. Besides the financial impact, the credibility of companies is also severely affected, harming mergers and acquisitions (M&A)
2. Accountability for Data Breaches
With the increase in cyber attacks and data breaches, 62% of CISOs are concerned about their personal responsibility in the event of incidents, points to Check Point. "The participation of the CISO in the Board of Directors is essential to translate cyber risks into business metrics and share responsibilities", declares Sampaio. The construction of a safety culture is essential for alignment between departments and strategic decision-making
3. Use of AI by Cybercrime
The report highlights that cybercriminals are using unregulated AI tools to carry out attacks and steal financial resources. "Technology can be used for both defense and attack". Investing in information security and privacy is crucial to training and strengthening defense systems, says Sampaio. He recommends a gradual implementation of AI in cybersecurity, focusing on automating repetitive tasks to maximize team productivity
The Challenge of Digital Resilience
According to the World Economic Forum, 61% of organizations meet only the minimum requirements for digital resilience or not even that. "The budgetary issue is still a barrier to improving the digital maturity of security infrastructure in businesses", affirms Sampaio. In Brazil, only 37,5% of companies prioritize cybersecurity, according to a study by the consulting firm IDC
To face these challenges, CISOs need to proactively identify emerging trends and develop more effective prevention and response plans. "Knowing the opponent", it will be possible to develop more effective prevention and response plans, in addition to defining metrics to be shared with the executive agenda, concludes Sampaio
This news highlights the urgency for companies to prioritize cybersecurity in an increasingly threatening and complex digital environment
