Cyber Security Wrapped

As we enter a new year, it’s time to reflect on the biggest moments, trends and lessons that shaped the cyber security landscape in 2024. Just like your favorite Spotify Wrapped recap, this newsletter highlights the “top hits” of the year — but instead of your most-played tracks, we’re covering the most pressing cyberthreats and key lessons learned.

Let’s dive into the state of cyber security, wrapped just for you!

AI-driven cyberthreats and security

  • Phishing: Threat actors are using AI to create personalized messages that mimic legitimate communications. This is making it even more difficult to detect phishing emails.
  • Deepfakes: Attackers are using AI to generate convincing deepfake videos and voice recordings, targeting high-profile individuals and businesses for scams or blackmail.
  • Playing defense: Almost half of organizations say they are already using AI in cyber security. They’re utilizing AI to analyze vast datasets in order to pinpoint real threats. These AI-driven algorithms detect irregularities in traffic networks or unusual user behavior.
  • AI Act: The European Union’s Artificial Intelligence Act (AI Act) represents a significant effort to regulate AI technologies. The legislation categorizes AI systems based on risk levels and sets requirements to ensure safety, transparency and accountability.

Regulatory and compliance trends

  • Global changes: Governments around the world are introducing new legislation such as the EU AI Act, the first ever AI law. Additionally, changes are being made to existing data protection legislation to increase security of personal data. In 2024, seven US states enacted comprehensive data protection regulations. There are now 19 states with their own privacy laws.
  • Encryption is key: The best way to secure data is encryption, but many organizations are not doing it due to the lack of security budgets, time constraints and usability. The US government is pushing to raise the minimum cyber security standards and implement MFA and proper encryption methods to combat the growing number of data breaches.
  • Challenges of compliance: As regulations become more dynamic, companies are struggling to implement continuous monitoring tools and frameworks to stay compliant while minimizing operational impact.

Cyber Security in critical infrastructure

Ransomware attacks: 2024 was the year of targeting critical infrastructure. From the Change Healthcare incident, which impacted over 100 million individuals to hacker groups targeting energy and water systems, hackers caused disruption and chaos around the world.
Global tensions: As tensions between countries rise, nation-states launched cyberattacks aimed at critical infrastructure industries.
A plan to protect: The Cyber Security and Infrastructure Security Agency (CISA) is developing a new national plan to protect critical infrastructure from the growing and ever evolving threats. The government will work with partners to identify and manage national risk.

Want to learn more?

We understand that exceptional service delivery is only possible when our team is fully committed to purpose-driven work. That’s why we’re proud to lead the way in creating a culture of personal growth, development, and accountability. We believe that building strong relationships through trust and reliability is key to becoming an exceptional industry leader. Our ultimate goal is to help our clients succeed in today’s complex business environment.