2024 Cybersecurity Trend: Our Take on the CESIN Annual Barometer
According to the CESIN 2025 Barometer, 47% of polled companies experienced at least one successful cyberattack last year (2024). Appalling as it seems, this figure has plateaued since 2022. But it hides new trends and varying cyber risk exposure.
A Constantly Evolving Threat Landscape
Cyberattacks are increasingly sophisticated, exploiting advanced technologies and using new vulnerabilities. Two emerging threats are worthy of note:
- MFA Bypass: As multifactor authentication is increasingly deployed, complex MFA bypass solutions have been developed by cybercriminals (16% of polled companies).
- Deepfake: Alone, this new item represents 9% of 2024 attacks. Cyber attackers use deepfake technology to trick employees into approving fraudulent transactions.
However, phishing attacks still remain the leading threat, accounting for a staggering 60% of all attacks.
These attacks impact all organizations, from multinational corporations to small businesses, leading to financial loss, reputational damage, and legal consequences.
- Data theft is the most common attack in 2024 (42% of cyberattacks, an increase of 11 points).
- Denial of service & Identity theft complete the podium, with 36% & 34% respectively.
- With only 9%, ransomware is on the dwane, with a significant drop of 9 points, losing its privilege of leading the threat pack in the past years.
Third-Party-Related Cyberrisks on the Rise
25% of polled companies faced cyberattacks related to outsourced operations. Regulatory developments take this increasingly observed risk into account, with DORA (impacting 38% of companies) and NIS2 (72%) weighing heavy on the mind of decision-makers. As a result, 85% of companies recently included new security clauses in their contracts.
Don’t Lose Sight of the Basics: “Traditional” Security Solutions Are Still the Best Safeguard
For years, companies have relied on proven security tools to protect their IT infrastructures. These solutions are still considered crucial as 95% of polled companies view the following solutions as foundational and efficient:
- EDR (Endpoint Detection and Response) solutions: These tools continuously monitor activity on workstations and servers, detecting anomalies and responding to attacks in real time.
- Firewalls: Acting as the first line of defense, firewalls filter inbound and outbound traffic, blocking unauthorized access and known threats.
- MFA: Implementing multi-factor authentication (MFA) reduces the risk of unauthorized logins.
In addition, raising employee awareness to cybersecurity issues still proves an efficient protection.
Beyond, the CESIN Barometer Offers 4 Key Takeaways
Takeaway 1 – Cybersecurity Recovery Capabilities Still to Be Improved
If 80% of companies feel prepared to detect cyberattacks, only 60% are confident in their capability to recover from it.
Takeaway 2 – A Majority of Companies Subscribed to Cyber Insurance… But Didn’t Contact Them When Attacked
Of the 72% of companies that subscribed to a cyber insurance contract, only 1 in 4 contacted their cyber insurance during a cyberattack.
Takeaway 3 – Cybersecurity and Cloud: A New Challenge
While cloud solutions offer flexibility and scalability, they also introduce new risks: lack of control over the subcontracting chain of the Cloud hosting provider is mentioned by 40% of companies and difficulty in conducting audits by 37%.
Takeaway 4 – The Rise of AI: A Double-Edged Sword for Cybersecurity
AI-powered attacks are becoming a rising concern for businesses, as cybercriminals are increasingly leveraging AI to automate large-scale cyberattacks or create deepfakes.
We Help Protect Your Business Face Tomorrow’s Challenges
Cyberattacks are no longer a question of "if" but "when." Ignoring cybersecurity today means risking operational paralysis tomorrow. Don't let your company become the next victim. Contact NeverHack today to secure your infrastructure and ensure your business continuity.
Authors : Kimberley Joseph, Guillaume Tassin