In this report, we explore for you the emerging trends and predictions that shape the future of enterprise IT and Security. From the global implications of the cybercrime convention to the pitfalls of failed AI projects, the insights we offer will help you prepare for what’s ahead.

The 2024 Data Threat Report (DTR) analyzes how core security practices have changed in response to or in anticipation of changing threats. This report also offers perspectives on what organizations can do to leverage data assets to expand opportunities to make their businesses more agile and build trust with their customers. It analyzes global trends in threats to data and the underlying controls, regulations, risks and emerging technologies that need to be addressed.

The State of Attacks on GenAI delivers cutting-edge insights into real-world attacks on generative AI systems, based on telemetry data from over 2,000 LLM applications. Prompt leaking has emerged as the primary method for exposing sensitive information in successful attacks. This unintended disclosure can reveal proprietary business data, application logic, and PII, leading to significant privacy breaches and security vulnerabilities.

DataGrail’s 2024 Data Privacy Trends Report shows how these factors are playing out on the ground and provides a benchmark for businesses to see how they are tracking. Businesses are receiving more privacy requests, also known as Data Subject Requests (DSRs) every year; we saw a 246% increase in requests from 2021 to 2023.

This report is based on the summary statistical analysis of over 10,000 cyber claims for incidents that occurred during the five-year period 2019–2023. We see enormous variances in the magnitude of loss data. The smallest claims were less than $1,000; the largest were over $500M. The numbers of records exposed ranged from 1 to over 140M.

OWASP MASVS sets a minimum bar for mobile app developers to follow when building apps securely and provides security teams with the ideal testing strategy as part of the organization’s proof of controls. NowSecure benchmark mobile application security testing analysis shows 95% of nearly 6,500 leading mobile apps fail at least one of the seven OWASP MASVS categories.

In this report, one clear finding from the survey was that it is important to test throughout the application lifecycle using a variety of methods. Although testing early continues to be important, having visibility into and being able to monitor and test deployed applications is still critical. Although security testing capabilities have also improved, the value of individual testing capabilities has changed in response to increased threats and changing application architectures.

The 2024 Data Threat Report (DTR) analyzes how core security practices have changed in response to or in anticipation of changing threats. This report also offers perspectives on what organizations can do to leverage data assets to expand opportunities to make their businesses more agile and build trust with their customers. This report also considers both securing the use of GenAI and using GenAI to better secure the enterprise. Differing priorities from different functional leaders and external stakeholders will require security and risk management leaders to build stronger relationships.

The NetDiligence Cyber Claims Study presents findings from a five-year dataset of over 9,000 real-world cyber insurance claims. In this spotlight, we focus on the subset of BEC incidents: 17% of claims reported (N=1,480) between 2018 and 2022. BEC starts with human error and ends with high crisis services costs. Educating and training the workforce is a continual and incremental process. Preventing BEC is the endless task of cybersecurity

In the 2024 State of Omnichannel Fraud Report, TransUnion brings together trends, benchmarks, and identity and fraud expertise from across our organization. It provides insight to those responsible for preventing fraud and streamlining customer experiences to deliver better business outcomes. Use this report to evaluate current fraud prevention programs in the context of the broader market.

The report raises a number of interesting findings, which you’ll read about in the pages to come. However, one through line that emerges is the need for reliable threat intelligence and its impact on threat hunters’ ability to do their jobs well. Threat intelligence, or lack thereof, is a commonality across the top challenges respondents identified. Access to threat intelligence also affects nearly every aspect of how respondents say they do their jobs.

Our survey results revealed that more companies than ever are viewing GRC as a holistic process and taking steps toward getting a complete view of their risk environment and regulatory obligations. Centralizing strategy, unifying risk and compliance data, and revamping the approach to cybersecurity are becoming more popular strategic objectives among respondents, especially with the rise of AI technology dismantling barriers and fostering collaboration among various GRC functions. This means the criteria for which GRC technology is being evaluated against in the purchase cycle is rapidly expanding.

In this report, we shed light on these vulnerabilities and how they impact commercial and federal organizations today. We provide insights from a survey of IT security and data science leaders navigating these challenges. We share predictions driven by data from HiddenLayer’s experiences securing AI in enterprise environments. Lastly, we reveal cutting-edge advancements in security controls for AI in all its forms.

The Workplace Identity Security Trends and Challenges report investigates the identity security landscape and challenges facing organizations today. The research finds that many struggle to build an integrated and comprehensive identity security strategy, relying on disconnected tools and practices that create inefficiencies and leave organizations seriously vulnerable to attacks and breaches.

Our goal is that this report serves as a crucial resource in enhancing your strategies and defenses in the battle to protect your organization’s assets and integrity against insider risks. This survey, capturing responses from 467 cybersecurity professionals across diverse sectors, seeks to uncover the nature of insider threat challenges faced by organizations, focusing on understanding the factors driving these threats, their detection and mitigation complexities, and the effectiveness of insider threat programs.

Over the course of the year, insurers responded to these and other dynamics of the risk and insurance environment by implementing their own resiliency measures, some of which impacted insurance market conditions. They undertook various measures, including refocusing their appetite, adjusting their underwriting policies, shifting their pricing models, streamlining their organizations, and aligning with business partners who share their values.

The healthcare sector is particularly vulnerable to cybersecurity risks and the stakes for patient care and safety are particularly high. Healthcare facilities are attractive targets for cyber criminals in light of their size, technological dependence, sensitive data, and unique vulnerability to disruptions. And cyber incidents in healthcare are on the rise.

The 5th edition of Wipro’s State of Cybersecurity Report (SOCR) offers a perspective and framework to help enterprises achieve cyber resilience. You will find a wealth of data and actionable insights covering attacks, breaches and law, along with the state of business cyber capabilities across geographies and industry sectors, plus future trends.

The level of uncertainty in today’s global marketplace and the velocity of change continue to produce a multitude of potential risks that can disrupt an organization’s business model and strategy on very short notice. This report contains results from our 11th annual worldwide risk survey of directors and executives to obtain their views on the extent to which a broad collection of risks is likely to affect their organizations over the next year - 2023. We analyze variances across different sizes and types of organizations, industry and respondent position, in addition to variations among organizations based in different geographic regions.

In this report, we’ll discuss three automotive-related cybersecurity emerging risks we’ve identified in 2023, arising from the rapid proliferation of SDVs. Growth in backend attacks allowing access to sensitive vehicle data and controls, the ever-evolving SBOM and the critical role it plays in enhancing automotive threat intelligence and cyber are on the rise in the agriculture, construction, and heavy machinery industries that fare fast to adopt software-defined and autonomous capabilities.

As organizations ramp up adoption of AI, edge and multi-cloud infrastructure, they will need broader and deeper visibility into expanding environments. This panoramic view is only possible when all relevant teams and stakeholders are aligned. That’s why organizations should ingrain security into all processes, functions and phases of development. In 2024, collaboration will be essential as resilience becomes non-negotiable. With communication, trust and a commitment to shared strengths, organizations can remain resilient through adversity next year and beyond.