Cybersecurity is not just a focus for one month—it’s a lifelong commitment. That said, Cybersecurity Awareness Month, now in its 21st year, provides a timely opportunity to review your security posture and make crucial improvements to protect your business from today’s evolving threats.
In this article we explore four major cybersecurity challenges organizations face in 2024 and offer practical guidance to help address them.
The impact of ransomware has increased
Our State of Ransomware 2024 survey revealed that 59% of organizations were hit by ransomware in the last year. While overall attack rates have declined (down from 66% in 2023), the impact on victims has worsened with the average recovery cost soaring to $2.73M (a 50% year-on-year increase). Practical steps to avoid being hit in the year ahead include:
Prevention
- Prioritize patching – one-third of attacks starting with the exploitation of unpatched vulnerabilities.
- Implement MFA to limit credential abuse – the #2 root cause of attacks.
- Provide ongoing phishing and email threat detection training for users.
Protection
- Deploy strong security foundations: Endpoint Protection, Email Security, and Firewalls.
- Use Endpoint Protection that includes anti-ransomware defenses that can stop and roll back malicious encryption.
- Opt for security tools that are easy to deploy and configure out-of-the-box.
Detection and response
- Use MDR services or EDR/XDR tools to detect and neutralize advanced human-led attacks to protect your backups and prevent data encryption.
Planning and preparation
- Develop and practice an incident response plan.
- Regularly rehearse data restoration from backups for quick recovery after an attack.
For deeper insights into how ransomware experiences have changed over the last year and to get guidance on optimizing your ransomware defenses, download our Cybersecurity Best Practices Toolkit.
Exploited vulnerabilities are the leading root cause of ransomware attacks
Our ransomware survey also revealed that unpatched vulnerabilities were the top root cause of attacks in 2024. Furthermore, our research revealed that ransomware attacks that start with an exploited vulnerability result in recovery costs 4X higher than when the root cause is compromised credentials, plus longer recovery times. To minimize use of this entry method, we recommend that you:
Patch early, patch often
We’ve already touched on this but the earlier you patch your endpoints, servers, mobile devices, and applications, the fewer holes adversaries can exploit. At a minimum, ensure the operating system patches and updates for your security products are applied. Not applying patches and updates can leave an endpoint or server vulnerable to attack.
If you are struggling to stay on top of patching, consider using a managed risk service that provides risk-based patching prioritization so you can focus your limited resources where they will have most impact.
Security tool misconfiguration is the number #1 perceived cyber risk
Security tool misconfigurations, such as those involving endpoint or firewall solutions, are considered the top cybersecurity risk to organizations. This prominent concern underscores the ongoing challenges IT teams face in maintaining the proper configuration and deployment of security controls. We recommend that you:
Regularly review the configuration of your protection solutions
- Turn on all recommended policies and features
- Regularly review your exclusions
- Enable MFA for your security console
Additionally, seek out user-friendly cybersecurity solutions that offer automatic configuration and require little to no manual adjustment. By doing so, you stand to reduce the chance of misconfiguration occurring.
For further insights on optimizing both your endpoint protection and network security to minimize this cyber risk, download our Cybersecurity Best Practices Toolkit.
The cybersecurity skills gap hits smaller organizations hardest
The global shortage of cybersecurity skills is well known and well documented. It’s also not going away any time soon. While organizations of all sizes are affected, small and mid-sized businesses (SMBs) are hit hardest by the cybersecurity skills gap, lacking the expertise and resources required to defend against today’s advanced threats. Our research shows SMBs rank this as their #2 cyber risk, while larger organizations place it at #7*. To address this, we recommend:
Partner with third-party security specialists
Outsourcing to experts is a cost-effective way to enhance security. Managed detection and response (MDR) services provide 24/7 threat detection and response, while managed service providers (MSPs) help both small and growing businesses.
Choose solutions built for smaller businesses
While appealing, enterprise-level tools often don’t suit SMB needs. Instead, opt for advanced yet user-friendly security solutions tailored for stretched real-world IT teams. One such example would be a cybersecurity platform – a centralized tool that lets you deploy, monitor, and manage multiple security solutions (endpoint, firewall, email etc.) from one place.
Resources to help you stay secure online – The Cybersecurity Best Practices Toolkit
We’ve put together a Cybersecurity Best Practices Toolkit packed with useful resources to help you stay ahead of the criminals.
The toolkit will enable you to:
- Better understand the cyber threat landscape with information and insights from over 5,000 IT professionals across the globe
- Develop your own cybersecurity incident response protocols and optimize your attack response readiness
- Learn how to leverage your endpoint protection platform and network security stack to stop advanced cyber threats including ransomware
Armed with these insights, you’ll be better equipped to defend your business against today’s advanced cyber threats.
We hope you find this information and these resources and useful. Remember: cybersecurity awareness isn’t just for this month – it’s for life.
*Addressing the cybersecurity skills shortage in SMBs – Sophos