If there’s one fraud statistic worth dwelling on as Fraud Awareness Week 2024 passes, it’s this – in the past year, scams of one type or other siphoned $1 trillion globally, according to the Global Scam Alliance’s State of Scams Report 2024. But this figure only scratches the surface of cybercrime’s total global cost, projected to reach $10.5 trillion in 2025, according to Cybersecurity Ventures, the world’s leading source of cyber research.

In the time it takes you to finish this post — perhaps even this sentence — it is more than likely that ransomware will disrupt yet another business, causing extensive delays and irrevocable damage. Across the globe, ransomware attacks continue to increase in frequency, sophistication, and consequence, littering headlines with cautionary tales and sobering statistics. Over the next decade, Cybersecurity Ventures predicts that global ransomware damage will grow by 30 percent annually.

The EU’s Network and Information Systems Directive 2 (NIS2) for cybersecurity resilience entered full enforcement in October 2024, and compliance with its requirements presents major challenges for many companies, particularly those in the financial services sector. And while most IT leaders are confident of achieving NIS2 compliance, they also acknowledge that this cybersecurity directive has exacerbated existing challenges such as resource constraints and skills gaps.

As Black Friday approaches, consumers and retailers are gearing up for deals—while cybercriminals prepare to exploit any vulnerabilities. With online shopping at its peak, hackers are poised to take advantage of the busiest, most hectic moments. Retailers face a significant challenge: safeguarding customer data and profits. A 2024 Verizon report shows that system intrusions, social engineering, and web vulnerabilities cause 92% of retail data breaches.

Imagine, for a moment, that your IT environment is the Death Star. You know the rebels will try to rescue Princess Leia. If you’re Darth Vader, you need systems that detect Luke and Chewbacca when they gain unauthorized access and systems that prevent them from accessing the Death Star. As a security analyst, you have varied technologies that detect and prevent malicious actors from gaining unauthorized access to your networks.

As organisations increasingly rely on IoT devices for operational efficiency and data collection, managing each device securely throughout its lifecycle becomes crucial. IoT Device Lifecycle Management (DLM) is a structured approach to securing IoT devices from their initial setup through to decommissioning. By implementing best practices for each stage, organisations can reduce security risks, ensure data protection, and maintain compliance with regulatory standards.

Every year, more and more companies are confronted with website and email spoofing worldwide. Cyber criminals use fake websites and fake email accounts for phishing, spear phishing and social engineering attacks to commit fraud, redirect web traffic, or manipulate search engine rankings. The disarming, or takedown, of these fake domains is a real challenge for more and more security teams. This is because cyber criminals are becoming increasingly professional in their spoofing activities.

TellYouThePass ransomware, first seen in 2019, is once again in the spotlight due to its recent activity. This ransomware has been found exploiting critical vulnerabilities in PHP, specifically the CVE-2024-4577 flaw, putting both Windows and Linux systems at risk. The malware uses advanced techniques like web shells and fileless malware to gain entry, highlighting the need for robust cybersecurity measures.

As 2025 approaches, cybersecurity leaders are bracing for a year of intensifying challenges. Regulations are tightening, nation-state attackers are refining their strategies, and CISOs are under growing pressure. Aleksandr Yampolskiy, Co-Founder and CEO, Jeff Le, VP of Global Government Affairs and Public Policy, and Steve Cobb, CISO, all from SecurityScorecard, bring sharp focus to what lies ahead. What worked in 2024 may not protect you in 2025.

Finding the exact price of any product is now easier than ever. A quick check with your favorite online retailer will show that a GE Profile Dryer goes for $989, a 10-pack of Play-Doh can be had for $7.99, and a loaf of Pepperidge Farm Farmhouse Hearty White Sliced Bread is $3.59. Unfortunately, a glance at certain less legitimate online sites on the Dark Web is just as easy.