Lessons Learned & What’s Ahead

The cybersecurity landscape in 2024 was marked by unprecedented challenges, significant breaches, and evolving regulatory requirements that fundamentally reshaped how organizations approach data protection.

From record-breaking incidents to stringent new legislation, the year provided crucial insights into cybersecurity. It highlighted critical priorities for strengthening organizational defenses in an increasingly complex digital ecosystem. The escalating sophistication of cyber threats and the expanding attack surface created by digital transformation initiatives posed unprecedented challenges for organizations across all sectors.

Record-breaking breaches define the year

2024 witnessed several devastating cybersecurity incidents that underscored the growing sophistication of threats:

• The year began with the ongoing effects of the MOVEit supply chain breach, which impacted over 2,600 organizations and exposed 77 million records. This incident highlighted the cascading effects of supply chain vulnerabilities in an interconnected digital world and sparked a renewed focus on third-party risk management across industries.
• The National Public Data breach was particularly severe, compromising 2.9 billion records and affecting 1.3 million individuals. The unprecedented scale of this breach sent shockwaves through the cybersecurity community and prompted many organizations to reassess their data protection strategies.
• The healthcare sector faced a major crisis with the Change Healthcare breach, which impacted 110 million Americans, underscoring the critical importance of robust data protection measures in handling sensitive medical information. The breach exposed vulnerabilities in healthcare systems and led to nationwide disruptions in patient care and medical billing processes.
• AT&T experienced cyber incidents exposing 110 million customer records, resulting in an estimated $19.69 billion in financial losses. These incidents demonstrated the severe consequences of inadequate cybersecurity practices and the long-lasting effects on customer trust and corporate financial health. The breaches led to extensive regulatory scrutiny and prompted calls for enhanced telecommunications sector security standards.

The financial toll of data breaches continued to rise dramatically, with the global average cost reaching $4.88 million — a 10% increase from 2023. Moreover, 60% of organizations reported spending over $2 million annually on data breach litigation costs alone.

These escalating costs can be attributed to various factors, including the increasing sophistication of cyber threats, the expanding attack surface created by remote work arrangements, and growing regulatory consequences. Organizations also faced significant indirect costs, including reputational damage, lost business opportunities, and decreased customer confidence.

SEE: US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack

Tool sprawl and third-party risks emerge as critical concerns

The year also revealed significant vulnerabilities created by complex technology environments and third-party relationships.

Organizations using seven or more communication tools experienced 3.55 times more breaches than average, emphasizing the dangers of tool sprawl. While enabling greater collaboration and productivity, this proliferation of communication platforms created new vulnerabilities that cybersecurity professionals struggled to address. The challenge of maintaining consistent security controls across multiple platforms emerged as a critical priority for security teams.

The risk landscape was further complicated by organizations’ increasing reliance on external partners, with 66% of companies exchanging sensitive content with over 1,000 third parties. This dependency contributed to a 68% increase in software supply chain attacks targeting file transfer systems.

The challenges of tracking and controlling external content sharing highlighted the need for comprehensive data protection strategies that extend beyond organizational boundaries. Many organizations implemented new vendor risk management programs and enhanced their third-party security assessment processes in response to these challenges.

Regulatory landscape grows more complex

2024 saw substantial regulatory developments that transformed the data privacy landscape.

Implementing the NIS 2 Directive introduced personal liability for cybersecurity compliance violations in the European Union, raising the stakes for executives and boards. This shift toward individual accountability emphasized the need for top-down commitment to data protection and integrating cybersecurity considerations into overall business strategy. Organizations scrambled to update their governance structures and compliance frameworks to address these new requirements.

In the U.S., several states passed comprehensive privacy laws, creating a complex patchwork of requirements for organizations to navigate. This regulatory expansion led to significant financial consequences, with GDPR and HIPAA enforcement resulting in fines totaling $5.6 billion and $5.3 billion, respectively.

The complex regulatory environment particularly impacted North American organizations, with 63% citing state privacy laws as a top concern, highlighting the need for harmonized and consistent data protection regulations. Many organizations have invested heavily in compliance management systems and privacy program enhancements to address these evolving requirements.

SEE: Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others

Emerging threats and industry-specific challenges

The rise of artificial intelligence and machine learning introduced new security challenges, with 50% of North American organizations identifying AI/GenAI data exposure as a primary concern. While offering tremendous innovation potential, these emerging technologies require organizations to develop new strategies for managing unique security challenges. The rapid adoption of AI tools raised concerns about data privacy, model security, and the potential for AI-powered cyberattacks.

Cloud security emerged as another critical challenge, with cloud environment intrusions increasing by 75% year-over-year and 33% of breaches tied to misconfigurations. The case for single-tenant versus multi-tenant cloud hosting gained significant attention as organizations sought more secure cloud deployment options. Security teams focused on implementing enhanced cloud security posture management tools and improving their cloud security architectures.

The threat landscape evolved significantly, with malware-free attacks comprising 75% of detected incidents and ransomware payments rising by 500% to reach an average of $2 million. Employing an AI-enabled algorithm, we scored different industry sectors from 2018 through 2024, with hospitality, retail, and manufacturing receiving the top risk scores for the first half of 2024. The education and research sector experienced the highest weekly attacks at 3,086 — a 37% year-over-year increase. This highlighted the need for enhanced security measures in academic institutions.

The federal government grappled with significant third-party risk, with 28% of agencies exchanging data with over 5,000 parties. Meanwhile, the financial services sector consistently scored above all industries in risk assessments. These sector-specific challenges led to the development of targeted security frameworks and industry-specific best practices.

SEE: Best CSPM Tools 2024: Top Cloud Security Solutions Compared

Looking ahead: building cyber resilience

Several key priorities have emerged as organizations look to strengthen their cybersecurity posture. Adopting zero-trust approaches has become crucial, though 45% of organizations still struggle to achieve zero trust with content security. Comprehensive data protection strategies, including end-to-end encryption, data loss prevention tools, and robust access management practices, have become important.

The lessons of 2024 emphasize the need for proactive, adaptive, and comprehensive approaches to data protection and risk management. We went into depth on these in our “2025 Forecast for Managing Private Content Exposure Risk Report.” Success in the evolving threat landscape requires organizations to embrace continuous improvement, invest in robust cybersecurity measures, and foster cross-industry collaboration.

As we enter 2025, protecting sensitive data and maintaining customer trust remain not just business imperatives but fundamental responsibilities in the digital age.

Tim Freestone, the chief strategy officer at Kiteworks, is a senior leader with more than 17 years of expertise in marketing leadership, brand strategy, and process and organizational optimization. Since joining Kiteworks in 2021, he has played a pivotal role in shaping the global landscape of content governance, compliance, and protection.