7 cybersecurity challenges that gained momentum in 2024

By Alba Huerga
23 Dec 2024

As the year draws to a close, it is important to analyze the main cybersecurity threats and challenges that have marked 2024. This way, we will manage to obtain valuable information to prevent future cybersecurity crises and cyberattacks that could do a lot of damage to our organization.

A priori, we cannot deny that 2024 has been a year marked by a wave of increasing cyberattacks on all types of organizations and technology platforms, without any discrimination. This past year cyberattacks have reached an all-time high. According to recent data from the World Economic Forum and cybersecurity organizations, nine out of ten organizations suffered at least one cyberattack in the last year. In fact, it is estimated that each organization faces an average of 1,876 intrusion attempts per week, representing a 75% increase over the third quarter of 2023.

Facing with these worrying figures, the most logical thing to ask is, what exactly has facilitated this massive increase in cyber-attacks?

At A2SECURE, we have dug through the archives and retrieved an interesting report published by Gartner® in August that helps us to clarify these doubts and sheds light on the main threats and events that have shaped our cybersecurity in 2024, and will continue to do so in 2025.

In the report “Cybersecurity Turbulence: 7 forces that will threaten your organization ‘s future” Gartner® experts list 7 challenges emerged this year, which have put the future of organizations in cybersecurity in check. A2SECURE’s team of experts summarizes this report by extracting the most important conclusions and valuable information for CISOs and IT Managers who want to strengthen their defenses and increase their level of cybersecurity maturity for 2025.

1. Internal risks arising from the use of GenAI

Turbulence level: Critical

This year Generative Artificial Intelligence (GenAI) technologies have proliferated in various third-party products and extensions. If not properly managed, these technologies expose organizations to data loss, intellectual property violations, misinformation and fraud.

Strategic Hypothesis: By 2026, 40% of developers using AI code assistants will allow vulnerable code into organizations’ software products.

2. Political and economic uncertainty risks

Turbulence Level: Moderate

While these broader risks and challenges are beyond the scope of cybersecurity, it is important to begin to consider what security would look like in a completely fractured world.

When collaboration between global nations breaks down, it impacts regulations and compliance. To combat this, it is essential that SRM leaders and CISOs develop localized strategies to reduce the impact of these inevitable global risks.

Strategic hypothesis: By 2027, 50% of global CISOs will need to demonstrate their ability to provide nearshore and offshore capabilities to retain stakeholder confidence in the face of new and emerging geopolitical risks.

3.The major restructuring of security providers

Turbulence Level: Moderate

The cybersecurity vendor landscape has restructured in the face of changing global economic conditions. Companies are under intense pressure to optimize their cybersecurity investments, even as they have a growing IT budget.

118

Navigating the turbulence of the changing vendor landscape this 2024 has been challenging.

Strategic Hypothesis: By 2026, organizations that prioritize security investments through the CTEM* program will suffer 67% fewer attacks.

*Continuous Threat Exposure Management

4. The evolution of activism: Social hackers

Turbulence Level: Critical

Employees are increasingly speaking out and taking action to change business behaviors, policies and practices. The new wave of activism is affecting cybersecurity head-on by causing data disclosures, IT disruptions and other insider threats.

Turbulencias Ciberseguridad

Strategic Hypothesis: By 2027, 30% of organizations will have activism centers or focus groups to gain insights and respond to waves of social campaigns.

5. Personal identity at risk

Turbulence Level: Moderate

This year GenAl tools have enabled a greater number of malicious actors to launch sophisticated deepfake attacks. Facial and voice biometrics, hitherto considered the most secure ways to identify users, are now potentially vulnerable unless adequate “human life” detection and fraud monitoring capabilities are in place.

Turbulencias ciberseguridad

Strategic hypothesis: By 2026, deepfake attacks will cause more than 30% of enterprises to consider authentication solutions, such as facial biometrics, as untrustworthy.

6. Personal responsibility for CISOS

Turbulence Level: Critical

This year the EU has updated its NIS2 Directive to extend the application of cybersecurity to 18 sectors. In parallel, the US has introduced disclosure rules around security program details and cyber incidents.

New legal requirements around security programs have led CISOSs to question whether they need insurance to protect against potential personal liabilities.

Turbulencias Ciberseguridad

Strategic Hypothesis: By 2027, 67% of global organizations will extend their liability insurance to CISOS to avoid personal legal exposure.

7. Chaos caused by extreme weather events

Turbulence Level: Critical

Extreme weather events can disrupt power supplies, damage data centers and generate network outages, leading to data loss and service interruptions.

All of this can lead to secondary risks such as cyber-attacks where attackers exploit the chaos and growing vulnerabilities.

Strategic Hypothesis: By 2027, organizations with a public extreme event mitigation plan will see their Net Promoter Score increase by 30%.

As we can see in this summary of the Gartner® report, “7 turbulences that will shape cybersecurity in 2024”, not even the most secure or resilient organizations are completely safe from the growing threats and risks that compromise our cybersecurity. Precisely for this reason, it is important to have the help of a team capable of offering expert advice or customized solutions to raise the organization’s level of digital maturity.

Would you like to learn about the upcoming cybersecurity challenges for the next 2025? Get advice from our expert team to design your new Cybersecurity strategy.

Comments are closed.