Trend Micro Incorporated, released its long-awaited cybersecurity report, Intercepting Impact. This report highlights the increasing sophistication of cybercriminals and the evolving challenges facing organizations worldwide. As businesses expand and increase their digital footprint, maintaining security at a satisfactory level becomes more difficult than ever. This year's report introduces innovative strategies that prioritize proactive – risk-based – cybersecurity to help companies protect themselves from potential threats.
Leveraging real-time data from Trend Micro's leading Vision One platform, including Attack Surface Risk Management (ASRM) and eXtended Detection and Response (XDR) tools, the report provides an in-depth analysis of global cyber threats in the first half of 2024 Combining data drawn from user exposure, attacker behaviors and vulnerabilities, the report clearly outlines where companies are most at risk.
Below are the key points from the 2024 Cyber Security Report:
- Understanding global trends in cybersecurity
According to Trend Micro's measurements, the Americas are the most vulnerable, with an average risk index of 44,6 due mainly to vulnerabilities in the banking sector and attacks on critical infrastructure by hacker groups such as Volt Typhoon. Latin America experienced a significant increase in online fraud during the same period.
- Risks by Sector
The aerospace and defense sectors have the highest average hazard ratios, at 59,5 and 59,4 respectively. The aerospace sector is particularly vulnerable due to its critical infrastructure and extensive use of sensors, which greatly increase the potential targets of attacks. The construction and utilities industries are also at high risk, with frequent attacks aimed at disrupting supply chains.
- Security challenges by business size
Large enterprises, with over 10.000 employees, recorded the highest levels of risk, mainly due to the complexity of security across the large number of devices and accounts they own. The report demonstrates that companies with smaller headcounts tend to manage security risks more effectively, while mid-sized businesses (2.000–5.000 employees) struggled with a mean time to repair (MTTP) of 39 days, showing delays in addressing vulnerabilities.
- Incidents of the highest importance
One of the most alarming statistics in the report is that in the first half of 2024 there were 821 million cloud application breaches. Inactive accounts, weak password policies, and a lack of multi-factor authentication (MFA) all contributed significantly to the increase in risk.
- Platforms that showed the greatest vulnerability
Among the most significant vulnerabilities identified were a vulnerability in Microsoft Office, which can be exploited through phishing attacks, as well as a vulnerability in libwebp which compromises a number of devices and applications including Chrome and Telegram.
Moving forward, Trend Micro presented its propositions to businesses, aimed at providing the greatest possible protection against cyber threats. It recommends adopting the Zero-Trust approach. This approach reduces risk exposure, particularly in environments with remote workers and extensive use of cloud services. In addition, speeding up patching cycles is equally critical. European companies are the fastest in this area, with an average update time of 26 days, while American companies are 36 days behind, increasing the risk of attacks on out-of-date systems. Finally, the report urged organizations to leverage advanced detection tools such as artificial intelligence (AI) and machine learning to monitor behavior and detect threats.
The report highlights that the reactive approach to cyber security is no longer sufficient. Trend Micro advises companies to take steps to optimize security settings, record user behaviors, and promptly patch vulnerabilities. By focusing on reducing risks through detection, user education and advanced threat response, organizations can better protect their digital systems.