Essential cybersecurity insights from Q3 24

Closeup image of a small locked gold combination lock lying on a laptop keyboard. Photo by Towfiqu barbhuiya on Unsplash

Essential cybersecurity insights from Q3 24

Written by

Bill Clark
 

09/12/2024

1. Global information security spending to grow over 15% in 2025

Global spending on information security will hit $212 billion in 2025 – an increase of 15.1 per cent over the current year, which is estimated to be $183.9 billion by Gartner. Factors driving the increase include the heightened threat environment, continued adoption of cloud migration strategies and the talent shortage in cybersecurity.

2. Security strategies not keeping pace with AI cyber risks

The 2024 Ponemon Institute report Cyber Risk in the Age of AI emphasises a growing concern about organisations’ ability to keep pace with cyberthreats. Many organisations put in place cyber strategies every 12 months, but in the age of AI – where AI is both a threat and a security tool – this quickly results in outdated tools and processes.

3. CrowdStrike incident exposes four critical issues for CIOs

The July 2024 CrowdStrike outage underscores the risks of vendor-driven updates, according to IDC. The incident highlights the need for a more cautious approach to third-party software, especially those with kernel-level access. IDC recommends that organisations consider diversifying their OS landscape and strengthening their cyber recovery strategies.

4. Three quarters of enterprises to prioritise SaaS application backup by 2028

Backup of SaaS applications will be a critical requirement for 75 per cent of enterprises by 2028, according to Gartner. The need for the regular backup and recovery of increasingly cloud-based data is being driven by the risk of IT outages. Currently, just 15 per cent of enterprises back up SaaS application data.

5. Non-human identity agents are prime targets for cyberattackers

A report from the Cloud Security Alliance has highlighted the growing concern about non-human identity (NHI) security. NHIs include bots, API keys, service accounts and other tokens that keep systems running smoothly by automating tasks and boosting efficiency. The CSA report argues that, despite their critical role, NHIs are often overlooked in IAM strategies.

6. Public-facing medical devices and networks discovered in internet research

Research firm Censys found 14,004 unique IP addresses exposing healthcare devices and data systems that could expose sensitive medical information. The research found multiple types of system at risk, including medical imaging, electronic health records and data integration systems. The company says the findings do not count exposed systems that are not publicly visible but remain vulnerable.

30% increase in global cyberattacks as hackers increase efforts

Research released in July 2024 by cybersecurity solution provider Check Point revealed a 30 per cent increase in the number of cyberattacks in Q2 of 2024 year-on-year against Q2 2023. This number was up 25 per cent over Q1 2024. The top three industry sectors attacked were education/research, government/military and healthcare.

8. Research finds 41% of users repeat passwords on multiple accounts

Recent research has discovered contradictions in how people handle passwords. A full 85 per cent of those surveyed by Keeper, an access management company, believe their passwords are secure. However, the same research found that 41 per cent of survey respondents reuse passwords on more than one account, despite warnings not to do so.

9. Black Lotus Labs does deep dive into Chinese botnet

Black Lotus Labs, the threat intelligence team of US telecommunications company Lumen, has posted a detailed account about a botnet it investigated. Created by Chinese state-sponsored threat actor Flax Typhoon, the network is built on infected small office/home office (SOHO) and internet of things (IoT) devices. The account explains how the botnet was created, its architecture and how it has been used.

10. Cybersecurity insurance market growing at 16.4% CAGR

The global cybersecurity insurance market was worth $13.3 billion in 2023, says market research firm SNS Insider. The firm projects a compounded annual growth rate of 16.4 per cent over the period of 2024–2032. This would make the market worth $52.1 billion by the end of that period. The company says an increasing number of cyberattacks and regulatory pressure are some of the forces behind the growth.

What is Tech Quarterly?

Tech Quarterly is Collective Content’s quarterly summary of top research, market stats, new developments and predictions in five key technology topics of importance to our readers and clients: artificial intelligence, automation, CIOs, Internet of Things and virtual reality/augmented reality/extended reality (VR/AR/XR).

If a major analyst report, survey or forecast has been published on any of these topics in the preceding three months, you’ll find out about it in Tech Quarterly, so be sure to visit regularly.

Our blog

Top