At least this is what one firm’s threat landscape findings for its 2024 user base is suggesting…

Based on its own data collected for the year 2024*, a cybersecurity firm has publicized some findings about last year’s threat landscape.

First, the 2024 data showed that 61% of the time, hackers had exploited new vulnerabilities within two days, compared to what can take the average organization’s mean-time-to-patch (estimated at more than 50 days depending on enterprise size/complexity).

Second, data for the corporate users whose data was analyzed for 2024 showed that in the Asia Pacific region, IoT attacks had surged by 109% while there were decreases involving malware (-6%), intrusion attempts (-4%), and cryptojacking (-39%).

Other findings

  • Year-on-year, malware had trended up 8%, including a 92% spike in May 2024, compared to data from 2023. Server-Side Request Forgery attacks in the data had increased by 452% increase compared to data for 2023. IoT attacks had increased 124%, and encrypted threats by 93%.
  • 85% of actionable alerts analyzed for 2024 involved identity, cloud, and compromising of account credentials. Nearly one-third of all reported cyber events in the data analyzed were business email compromise attacks, up from 9% in 2023 data.
  • Ransomware was the biggest threat to the healthcare industry, utilized in 95% of all of the industry’s breaches in the 2024 data.
  • Threat actors were continuing to use more-efficient targeting and AI-driven attacks on small- and medium- sized enterprises

According to Bob VanKirk, President and CEO, SonicWall, the firm providing its yearly threat landscape findings: “Legacy security solutions are no longer enough: businesses must adopt a new mindset to stay ahead of modern cyber threats.”

*no methodology specified but presumed to be yearly incident response statistics and internal research on its own user ecosystem, including perspectives and market insights from SOC analysts and cybersecurity insurance providers.