The Cybersecurity Trends Report 2024, released by Sofistic, the cybersecurity arm of technology firm Cuatroochenta, unveils a troubling surge in the number of individuals falling victim to phishing schemes. Drawing from a comprehensive analysis of audits and monitoring conducted by Sofistic’s Security Operations Center (SOC) across Spanish and Latin American companies in 2023, the report pinpoints a worrisome trend. It attributes the sharp rise in both clicking on fraudulent links in phishing emails and submitting credentials to several factors, including the heightened sophistication, automation, and personalization of attacks driven by generative artificial intelligence (GenAI), as well as the lack of training or awareness among certain segments of the workforce. This significant three-fold increase in such attacks compared to 2022 underscores the urgent need for bolstered cybersecurity measures and heightened awareness efforts.
While there has been a modest decline in engagement with social engineering emails, three out of ten users still end up opening them. The report's most alarming findings reveal that 40% of users access the provided links and 20% willingly provide sensitive information, such as their credentials, unwittingly facilitating cybercriminal activities.
More vulnerabilities, but less critical
Geopolitical instability stemming from conflicts in Ukraine and Gaza coupled with the rising sophistication of attacks fueled by new AI Gen tools, are feeding the proliferation of cyber threats. Notably, audits have revealed a 26% increase in detected vulnerabilities, albeit with a 2% decrease in severity. This trend is attributed to heightened concern and increased maturity in cybersecurity practices among organizations. Following audits of critical environments, companies are increasingly opting for similar security analyses across other systems, infrastructures, and networks. This approach exposes less severe vulnerabilities or identifies emerging ones, demonstrating a proactive stance in addressing evolving cyber risks.
Although the severity of failures has stabilized, nearly a third still pose a high or critical risk. For the second year running, cryptographic and access control errors persist as the most common issues. These errors involve the absence or misuse of encryption or unauthorized access by unprivileged users to information or systems. Sofistic's audit results also highlight configuration errors and vulnerabilities in outdated software components as other prevalent failures.
«In this increasingly risky and ever-evolving environment, organizations must persist in enhancing and fine-tuning their cybersecurity strategies to pinpoint the most critical vulnerabilities»
Increased coordination between business and cybersecurity
The report also unveils a surge in the number of alerts and incidents handled through SOC monitoring services in 2023. This rise is attributed, firstly, to the escalating criminal activity reported and detected by numerous organizations globally. Secondly, it is also a result of heightened concern and investment in cybersecurity, indicating that companies now have access to more robust protection and detection tools.
According to the study, over half of the alerts handled by Sofistic's SOC are the result of user interaction. Violations of company security policies, such as unauthorized application usage or accessing the network via unauthorized VPN services, account for 47% of the total number of alerts. Additionally, alerts related to malware (14%), intrusion attempts (13%), information acquisition (9%), and information security (5%) also make up a substantial proportion. This data underscores the importance of ongoing efforts to raise awareness among both organizations and personnel to effectively detect potential threats and utilize information resources effectively.
«We're witnessing companies integrating cybersecurity seamlessly into their strategies, enhancing their maturity to deploy robust protection measures and respond swiftly and agilely to potential incidents»
Cybersecurity recommendations for 2024
Drawing from the analysis of audit results and SOC monitoring, Sofistic concludes its report with a set of cybersecurity recommendations tailored for businesses:
Would you like to learn about the key findings from analysis of the SOC audits and monitoring results?
Download the 'Cybersecurity Trends Report 2024' (in Spanish)
The Cybersecurity Trends Report 2024 draws from a comprehensive dataset compiled by the Sofistic team in 2023. This dataset includes the analysis of 1,325 vulnerabilities across 150 security audits, along with the monitoring results of 100,000 alerts and 1,500 incidents within its SOC. The study primarily focuses on critical infrastructure such as energy companies, water management facilities, airports, and hospitals, as well as the financial sector, manufacturing, and service industry in Latin America and Spain. However, the conclusions and recommendations presented in the report are applicable to organizations across various sectors. The report was authored by Manu Ginés, Security Audit Director & RD, and Juan Carlos García, Chief Operations Officer & SOC Director.
Sofistic serves as Cuatroochenta's cybersecurity division, specializing in critical sectors such as banking and healthcare. Offering a blend of preventive and proactive protection, it ensures an efficient response to incidents backed by cutting-edge software, all while minimizing interference with business operations. With over 15 years of expertise, Sofistic ONE, a MDR monitoring service integrated from the SOC enables round-the-clock incident detection and response in both Latin America and Spain. These services are further enhanced with options like intelligent threat analysis and continuous pentesting, tailored to meet the specific needs of clients. The team and the company hold numerous security certifications, including ISO 27001, ENS, ioXt, and SOC 2 Type II. Additionally, Sofistic collaborates with international entities like FIRST and national organizations like CSIRT.es to facilitate information exchange and assist other companies in bolstering their cybersecurity posture.