Check Point Research has released its 2024 Cybersecurity Report, highlighting critical themes such as the evolution of ransomware, the increased use of edge devices, the growth of hacktivism, and the transformation of cybersecurity with artificial intelligence (AI). NovaRed, one of the largest cybersecurity companies in Ibero-America, emphasizes the importance of constantly updating trend lists to combat these threats.
Rafael Sampaio, country manager of NovaRed, emphasizes the crucial role of Chief Information Security Officers (CISOs) in translating these risks to the top management of companies, especially when pricing the consequences of security decisions not taken. “The CISO takes a leading role in translating these risks to the top management, and this becomes even more important when done with the pricing of not making security decisions”, highlights Sampaio.
Key Insights from the Report
1. Rising Ransomware
The Check Point report reveals that ransomware was the most prevalent cyber-attack in 2023, accounting for 46% of cases, followed by Business Email Compromise (BEC) with 19%. Sampaio explains that ransomware is strengthening due to the actions of affiliates and digital gangs using the Ransomware as a Service (RaaS) model. “Affiliates purchase malware from cybercriminals to infect systems, enabling large-scale attacks,” he states.
In 2023, ransomware attacks yielded over $1 billion to cybercriminals, according to Chainalysis, while affected companies could lose around 7% of market value, as per NovaRed. Besides the financial impact, the credibility of companies is also severely affected, harming mergers and acquisitions (M&A).
2. Accountability for Data Breaches
With the rise in cyber-attacks and data breaches, 62% of CISOs are concerned about their personal accountability in case of incidents, according to Check Point. “The CISO’s involvement in the Board is crucial to translate cyber risks into business metrics and share responsibilities,” states Sampaio. Building a security culture is essential for alignment between departments and strategic decision-making.
3. Use of AI by Cybercriminals
The report highlights that cybercriminals are using unregulated AI tools to launch attacks and steal financial resources. “Technology can be used for defense as well as offense. Investing in information security and privacy is crucial to train and strengthen defense systems,” says Sampaio. He recommends a gradual implementation of AI in cybersecurity, focusing on automating repetitive tasks to maximize team productivity.
The Challenge of Digital Resilience
According to the World Economic Forum, 61% of organizations only meet the minimum requirements for digital resilience or not even that. “Budget constraints are still a hindrance to improving the digital maturity of security infrastructure in businesses,” states Sampaio. In Brazil, only 37.5% of companies prioritize cybersecurity, as per an IDC study.
To face these challenges, CISOs need to proactively identify emerging trends and develop more effective prevention and response plans. “Knowing the adversary will enable the development of more effective prevention and response plans, as well as defining metrics to be shared with the executive agenda,” concludes Sampaio.
This news highlights the urgency for companies to prioritize cybersecurity in an increasingly threatening and complex digital environment.
