Do the security benefits of generative AI outweigh the harms? Just 39% of security professionals say the rewards outweigh the risks, according to a new report by CrowdStrike. In 2024, CrowdStrike surveyed 1,022 security researchers and practitioners from the U.S., APAC, EMEA, and other regions. The findings revealed that cyber professionals are deeply concerned by the challenges associated with AI. While 64% of respondents have either purchased generative AI tools for work or are researching them, the majority remain cautious: 32% are still exploring the tools, while only 6% are actively using them. What are security researchers seeking from generative AI? According to the report: The highest-ranked motivation for adopting generative AI isn’t addressing a skills shortage or meeting leadership mandates — it’s improving the ability to respond to and defend against cyberattacks. AI for general use isn’t necessarily appealing to cybersecurity professionals. Instead, they want generative AI partnered with security expertise. 40% of respondents said the rewards and risks of generative AI are “comparable.” Meanwhile, 39% said the rewards outweigh the risks, and 26% said the rewards do not. “Security teams want to deploy GenAI as part of a platform to get more value from existing tools, elevate the analyst experience, accelerate onboarding and eliminate the complexity of integrating new point solutions,” the report stated. Measuring ROI has been an ongoing challenge when adopting generative AI products. CrowdStrike found quantifying ROI to be the top economic concern among their respondents. The next two top-ranked concerns were the cost of licensing AI tools and unpredictable or confusing pricing models. CrowdStrike divided the ways to assess AI ROI into four categories, ranked by importance: Cost optimization from platform consolidation and more efficient security tool use (31%). Reduced security incidents (30%). Less time spent managing security tools (26%). Shorter training cycles and associated costs (13%). Adding AI to an existing platform rather than purchasing a freestanding AI product could “realize incremental savings associated with broader platform consolidation efforts,” CrowdStrike said. SEE: A ransomware group has claimed responsibility for the late November cyberattack that disrupted operations at Starbucks and other organizations. Must-read security coverage Could generative AI introduce more security problems than it solves? Conversely, generative AI itself needs to be secured. CrowdStrike’s survey found that security professionals were most concerned about data exposure to the LLMs behind the AI products and attacks launched against generative AI tools. Other concerns included: A lack of guardrails or controls in generative AI tools. AI hallucinations. Insufficient public policy regulations for generative AI use. Nearly all (about 9 in 10) respondents said their organizations have implemented new security policies or are developing policies around governing generative AI within the next year. How organizations can leverage AI to protect against cyber threats Generative AI can be used for brainstorming, research, or analysis with the understanding that its information often must be double-checked. Generative AI can pull data from disparate sources into one window in various formats, shortening the time it takes to research an incident. Many automated security platforms offer generative AI assistants, such as Microsoft’s Security Copilot. GenAI can protect against cyber threats via: Threat detection and analysis. Automated incident response. Phishing detection. Enhanced security analytics. Synthetic data for training. However, organizations must consider safety and privacy controls as part of any generative AI purchase. Doing so can protect sensitive data, comply with regulations, and mitigate risks such as data breaches or misuse. Without proper safeguards, AI tools can expose vulnerabilities, generate harmful outputs, or violate privacy laws, leading to financial, legal, and reputational damage. source

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More The UAE government-backed Technology Innovation Institute (TII) has announced the launch of Falcon 3, a family of open-source small language models (SLMs) designed to run efficiently on lightweight, single GPU-based infrastructures. Falcon 3 features four model sizes — 1B, 3B, 7B, and 10B — with base and instruct variants, promising to democratize access to advanced AI capabilities for developers, researchers, and businesses. According to the Hugging Face leaderboard, the models are already outperforming or closely matching popular open-source counterparts in their size class, including Meta’s Llama and category leader Qwen-2.5. The development comes at a time when the demand for SLMs, with fewer parameters and simpler designs than LLMs, is rapidly growing due to their efficiency, affordability, and ability to be deployed on devices with limited resources. They are suitable for a range of applications across industries, like customer service, healthcare, mobile apps and IoT, where typical LLMs might be too computationally expensive to run effectively. According to Valuates Reports, the market for these models is expected to grow, with a CAGR of nearly 18% over the next five years. What does Falcon 3 bring to the table? Trained on 14 trillion tokens — more than double its predecessor Falcon 2 — the Falcon 3 family employs a decoder-only architecture with grouped query attention to share parameters and minimize memory usage for key-value (KV) cache during inference. This enables faster and more efficient operations when handling diverse text-based tasks. At the core, the models support four primary languages — English, French, Spanish, and Portuguese—and come equipped with a 32K context window, allowing them to process long inputs, such as heavily worded documents. “Falcon 3 is versatile, designed for both general-purpose and specialized tasks, providing immense flexibility to users. Its base model is perfect for generative applications, while the instruct variant excels in conversational tasks like customer service or virtual assistants,” TII notes on its website. According to the leaderboard on Hugging Face, while all four Falcon 3 models perform fairly well, the 10B and 7B versions are the stars of the show, achieving state-of-the-art results on reasoning, language understanding, instruction following, code and mathematics tasks.  Among models under the 13B-parameter size class, Falcon 3’s 10B and 7B versions outperform competitors, including Google’s Gemma 2-9B, Meta’s Llama 3.1-8B, Mistral-7B, and Yi 1.5-9B. They even surpass Alibaba’s category leader Qwen 2.5-7B in most benchmarks — such as MUSR, MATH, GPQA, and IFEval — except for MMLU, which is the test for evaluating how well language models understand and process human language. Falcon 3 benchmarks Deployment across industries With the Falcon 3 models now available on Hugging Face, TII aims to serve a broad range of users, enabling cost-effective AI deployments without computational bottlenecks. With their ability to handle specific, domain-focused tasks with fast processing times, the models can power various applications at the edge and in privacy-sensitive environments, including customer service chatbots, personalized recommender systems, data analysis, fraud detection, healthcare diagnostics, supply chain optimization and education. The institute also plans to expand the Falcon family further by introducing models with multimodal capabilities. These models are expected to launch sometime in January 2025. Notably, all models have been released under the TII Falcon License 2.0, a permissive Apache 2.0-based license with an acceptable use policy that encourages responsible AI development and deployment. To help users get started, TII has also launched a Falcon Playground, a testing environment where researchers and developers can try out Falcon 3 models before integrating them into their applications. source

Half of U.S. workers say they are extremely or very satisfied with their job overall. Another 38% say they are somewhat satisfied, and 12% are not too or not at all satisfied with their job. As was the case in 2023, self-employed workers (60%) are more likely than those who are not self-employed (49%) to be highly satisfied with their job. There are also differences in the shares who say they are extremely or very satisfied by: Race and ethnicity: 55% of White workers versus 44% of Hispanic workers, 43% of Black workers and 42% of Asian workers. Age: 67% of workers ages 65 and older versus 56% of those 50 to 64, 48% of those 30 to 49 and 43% of those under 30. Income: 54% of workers with higher family incomes and 53% of those with middle incomes versus 41% of those with lower incomes. How workers feel about specific aspects of their job Majorities of workers say they are highly satisfied with: Their relationship with their co-workers (64%) Their relationship with their manager or supervisor (59%) Their commute (58% among those who have a commute) When it comes to the amount of flexibility workers have, more say they are extremely or very satisfied with their flexibility to choose when they work their required hours (49%) than with their flexibility to work remotely (37%). In fact, 40% of workers express dissatisfaction with the amount of flexibility they have to work remotely. Pay and opportunities for promotion are the two areas where workers express the lowest levels of satisfaction. Only 30% say they are extremely or very satisfied with how much they’re paid. And about a quarter (26%) are highly satisfied with their opportunities for promotion at work. Differences by race and ethnicity, age, and income Just as overall job satisfaction varies across demographic groups, so do ratings of some specific aspects of work. Among those who are not self-employed, White workers are more likely than Black, Hispanic and Asian workers to say they are extremely or very satisfied with their relationship with their co-workers, their relationship with their manager or supervisor, their opportunities for training and ways to develop new skills, and how much they are paid. Workers ages 65 and older are the most likely to express high levels of satisfaction with their flexibility to choose when to work their required hours and with the amount of feedback they receive from their manager or supervisor. And a larger share of higher-income workers than with those with middle or lower incomes say they are extremely or very satisfied with eight of the 11 items we asked about. The gaps between those with upper and lower incomes are particularly wide when it comes to benefits, flexibility to work remotely and pay. Changes in satisfaction since 2023 On seven of the nine items that were also asked last year, the shares of workers who express high levels of satisfaction have dropped by margins of 3 to 7 percentage points. For example, 37% of workers now say they are extremely or very satisfied with their opportunities for training or ways to develop new skills, down from 44% in February 2023. And about a quarter (26%) say they are highly satisfied with their opportunities for promotion, compared with the already small share of 33% measured last year. There have also been drops in the shares saying they are extremely or very satisfied with the amount of feedback they get (-5 points), the benefits their employer provides (-4), how much they are paid (-4), their relationship with their coworkers (-3), and their relationship with their manager or supervisor (-3). Reasons for pay dissatisfaction One of the aspects of work that employed adults express the least satisfaction with is how much they are paid. Large majorities of workers who are not self-employed and who are not too or not at all satisfied with their pay cite each of the following as major reasons: Their pay hasn’t kept up with increases in cost of living (80%) Their pay is too low for the quality of work they do (71%) Their pay is too low for the amount of work they do (70%) Just over half (54%) say a major reason for their dissatisfaction with their pay is that they don’t earn enough to pay their bills. A smaller share (28%) say they are paid less than co-workers who do similar work. Differences by gender Majorities of men and women who are not too or not at all satisfied with how much they are paid cite their wages being too low for the quality and amount of work they do as major reasons for their dissatisfaction. But women are more likely than men to say these are major reasons. Additionally, women are more likely than men to point to not earning enough to pay their bills as a major reason for their dissatisfaction (61% vs. 47%). And while relatively small shares of both men and women say a major reason they’re dissatisfied is because they are paid less than co-workers who do similar work, women are more likely than men to cite this (32% vs. 24%). Differences by income For the most part, workers across levels of family income who are dissatisfied with their pay give similar reasons for feeling this way. For example, about eight-in-ten workers with lower, middle and upper incomes say a major reason is that their pay hasn’t kept up with cost-of-living increases. There are significant differences, however, in the shares that cite not earning enough to pay their bills. About seven-in-ten workers with lower incomes (69%) say this is a major reason they are dissatisfied with how much they are paid. Roughly half (51%) of those with middle incomes – and 30% of upper-income workers – say the same. Do workers feel respected? By their supervisor, co-workers, customers or clients In addition to being highly satisfied with their workplace relationships, large shares of workers also say their co-workers (86%) and

Last year, when Silicon Valley, Signature, and First Republic failed, four out of five US online consumers knew about it. This year, major bank failures have been small, so I had to search for the “Mary Poppins moment.” Still, consumer attitudes about bank failures haven’t changed. Our September 2024 Consumer Pulse Survey revealed this. This year, less than one in five consumers knew about the recent failures of Citizens Bank – Iowa, Heartland Tri-State Bank – Kansas, and Republic First Bank – Pennsylvania. That’s what changed. What’s stayed the same, however, is that: People will line up for their money. The ways people will ask for their deposits back in a run have remained stable. Nearly 45% of US online consumers will appear in person at a branch to withdraw their money. Some will use digital channels, and mobile edged up versus online as a channel this year. That comes as little surprise, as usage of mobile apps has increased over the years. Big still doesn’t necessarily mean better. Even though fewer consumers knew about bank failures, the percentage of them agreeing with the statement that “Larger banks are inherently safer than smaller/regional banks” stayed remarkably steady. The absence of a crisis doesn’t win consumers over to the “too big to fail” argument any more than the presence of one does. Deposit insurance won’t keep the lines from forming. Despite decades of FDIC insurance, consumers still want to get their money back fast. Over two-fifths agree that they’d withdraw all funds if news reports indicated their bank was having difficulties. They fear inconvenience from the FDIC resolving a failure. Like young Michael Banks in “Mary Poppins,” they’d arrive before things worsen and demand their money back. Banks plan to avoid failure. That’s core to their business. As we saw last year, however, rapid shifts in consumer attitudes can quickly put a bank on the ropes. The good news is that bank failures were hard to find (so much so that we couldn’t find one in Europe this year). Will there be more bank failures? Yes. Consumers think traditionally about them. Some will use their app to transfer money, but most will act like we’re in Victorian England: Read the news, line up, and demand their money back. Despite our advances, last year’s lessons remain true: A run on an adjacent bank affects even sound institutions; customers are ambivalent about deposit safeguards; and calming mechanisms may not maintain the status quo. Should you wish to discuss our findings further and you’re a client, schedule a guidance session or inquiry with me. Not a Forrester client? Contact your Forrester account team and tell them, “I want Forrester Decisions!” source

December brought a relatively mild Patch Tuesday, with one vulnerability having been actively exploited. Of all 70 vulnerabilities fixed, 16 were classified as critical. “This year, cybersecurity professionals must be on Santa’s nice list, or, at the very least, Microsoft’s,” Tyler Reguly, associate director of security R&D at cybersecurity software and services company Fortra, told TechRepublic in an email. Microsoft patches leaky CLFS CVE-2024-49138 is an elevation of privilege vulnerability in the Windows Common Log File System (CLFS) driver. The driver is a key element of Windows used to write transaction logs. Misuse of the driver, specifically through improper bounds checking, could let an attacker gain SYSTEM privileges. From there, they could steal data or install backdoors. “Given that CLFS is a standard component across multiple versions of Windows, including server and client installations, the vulnerability has extensive reach, especially in enterprise environments,” Mike Walters, president and co-founder of Action1, said in an email to TechRepublic. Addressing this vulnerability should be a high priority since it has already been exploited. Microsoft has released patches for eight other CLFS vulnerabilities this year, according to Reguly. “That is, however, an improvement for Microsoft, who patched 12 CLFS vulnerabilities in 2022 and 10 CLFS vulnerabilities in 2023,” Reguly wrote. SEE: The U.S. sanctioned Chinese security firm Sichuan Silence for exploiting a vulnerability in Sophos firewalls used in government infrastructure. Must-read security coverage ‘Tis the season … for remote code execution One vulnerability scored higher than nine on the CVSS severity system: CVE-2024-49112, which scored CVSS 9.8. A remote code execution vulnerability could allow an attacker to execute code inside the Windows Lightweight Directory Access Protocol (LDAP) service. “Windows Server systems acting as domain controllers (DCs) are especially at risk, given their crucial role in managing directory services,” said Walters. This makes December both a good time to install the patch for this vulnerability and to remember an important factor of security hygiene: Domain controllers shouldn’t have internet access. Reguly pointed out that companies following the Department of Defense’s DISA STIG for Active Directory Domains should already have blocked domain controllers from internet connections. Action 1 noted that nine of the December vulnerabilities stem related to the potential remote code execution. “Organizations should avoid exposing RDP services to the global internet and implement robust security controls to mitigate risks,” wrote Walters. “These flaws further prove the dangers of leaving RDP open and unprotected.” “If nothing else, we can say that Microsoft is consistent,” Reguly added. “While it would be nice to see the number of vulnerabilities each year decreasing, at least consistency lets us know what to expect. Since Microsoft has signed CISA’s Secure by Design pledge, we may see these numbers drop in the future.” Time to check in on Apple, Google Chrome, and other Patch Tuesday security updates Many other companies time their monthly releases for the second Tuesday of the month. Adobe provided a list of security updates. Other major patches, as collected by Action 1, include: Patches for vulnerabilities in Google Chrome and Mozilla Firefox. A security update for over 100 Cisco devices that use the NX-OS data center-focused operating system. Fixes for several local privilege escalation vulnerabilities in Linux. Patches for two actively exploited zero-day vulnerabilities in Macs with Intel chips. A complete list of Windows security updates can be found at Microsoft Support. source

According to the 2024 Global Startup Ecosystem Report by Startup Genome, the Netherlands ecosystem is now ranked number 13 in the world — placing it ahead of both Paris and Berlin. In 2023, Dutch startups raised $2.2bn. While there have been fewer startup deals this year, overall investment is up, according to figures from the Dutch Startup Association. And for some startups and scaleups, 2024 was truly a monumental year. Picnic raises one of Europe’s largest rounds  Having grown its business 40% in 2023 following international expansion across France and Germany, Dutch online supermarket Picnic kicked off the year in style as it announced a €355mn funding round in January. The Bill and Melinda Gates foundation participated in the round, which brought the company’s total raised to €1.3bn. Founded in 2015, Picnic, its fully automated fulfilment centres, and delivery algorithms have defied the mass collapse of online grocery delivery startups that befell the likes of Getir and Flink after the pandemic. In 2018, the year before hitting 1,000,000 shoppers in the Netherlands, the company’s CTO Daniel Gebler took the stage at TNW Conference to talk about the tech that is disrupting the “everywhere commerce” space. Gebler also closed the year with a bang, as he was named CxO of the year by Computable.nl.  DataSnipper reaches unicorn status  Its Series B $100mn raise in February saw Amsterdam-headquartered auditing platform DataSnipper valued at $1bn, aka achieving the mythical status of unicorn. The round was led by Index Ventures and the funds are helping DataSnipper, which already counts Hilton, Siemens, and Frontier Airlines among its clients, to expand across more verticals including forensic accountants and tax advisors. DataSnipper was founded by Maarten Alblas, Jonas Ruyter, and Kai Bakker in 2017. In 2023, the company appointed a new CEO in Vidya Peters (on the featured image along with the founding team). Peters was previously Chief Operating Officer at payment solution provider Marqeta, helping the company go public in 2021. She sees the long term objective of DataSnipper as connecting unstructured data across industries, and believes there is tremendous opportunity for growth and expansion globally.  Mews becomes a unicorn, €100mn fund by Carbon Equity March was a month of celebration for current and former TNW Spaces member startups. Hotel management software provider Mews hit a €1.1bn valuation after a €101mn raise, led by Swedish investment company Kinnevik. The good news for Mews, founded in 2012 by former hotelier Richard Valter, did not stop there. In September, the company bagged another €90mn from Vista Credit Partners. Having already purchased nine other startups in the sector, the funds will allow Mews to continue its buying spree, consolidating its place as a market leader in redefining the hospitality industry with its cloud offerings. Meanwhile, leading climate fund investment startup Carbon Equity raised €100mn for its Climate Tech Portfolio Fund II — exceeding an initial target of €75mn and more than doubling its first fund from 2022. Founded only in 2021, Carbon Equity has quickly become a force to be reckoned with for investments in curated clean tech solutions.  In October, Wired dubbed Carbon Equity one of the hottest startups in Amsterdam, and at the beginning of December, co-founder Jacqueline van den Ende was awarded the title of Changemaker of the Year by Change Inc, rounding off a momentous year. Let’s hope climate tech investment continues to thrive in 2025.  First ever tech fund by Dutch Ministry of Defence  It is perhaps an unfortunate sign of the times we live in, but there is no denying that defence tech startups — from Ukrainian drone developers to German AI darling Helsing — are on a roll. In October, the Dutch Ministry of Defence announced a €100mn fund to provide early-stage financing to the country’s startups, scaleups, and SMEs that meet specific innovation needs.  The fund will invest up to €5mn per company. It will focus on dual-use technologies, meaning tech that can be used both for civilian and military purposes. It is expected to open in 2025, so keep your eyes peeled for the first investments. We can’t wait to see what 2025 will bring as Amsterdam celebrates its 750th anniversary and TNW Conference returns to NDSM island in June. Join us as we bring together the whole Dutch tech ecosystem and discover what is truly next in tech! source

In IDC’s April 2024 CIO Poll Survey of 105 senior IT professionals and CIOs, “developing better IT governance and enterprise architecture” emerged as one of the top priorities for 2024, ranking fourth. While other priorities — including incorporating a focus on AI into the IT strategy, improving the approach to software sourcing and deployment, and building better IT skills and competencies — ranked higher in the survey, IT governance is much more foundational. Without well-functioning IT governance, how can you progress on competing priorities? It is fundamental for AI and essential for reducing cybersecurity risks or streamlining cloud migration processes, among other things. Additionally, CIOs indicate that the lack of alignment between IT and the business is their third biggest challenge within their organization (IDC’s CIO Sentiment Survey 2024, n = 395). Unfortunately, traditional governance models are proving insufficient to meet the dynamic demands of the digital or modern business environment as they were introduced to mostly enforce rules and regulations instead of shaping culture and bringing IT and business together. And alignment between IT and the business is still a challenge according to my conversations with CIOs today, and it has been for a long time. IT governance should facilitate how your organization’s culture shifts toward collaboration and focus on aligning how technology can accelerate and improve your organization’s products and services to delight customers and employees. The limitations of traditional IT governance models Historically, organizations have relied on three primary governance models: centralized, decentralized, and hybrid. While each model has its strengths, it also comes with significant limitations. Centralized governance often results in slower decision-making processes, as decisions are concentrated at the top levels, stifling agility. Decentralized governance, on the other hand, can lead to fragmented approaches and shadow IT, where departments independently adopt technologies without IT oversight. Hybrid governance attempts to balance control with flexibility, but it can still struggle to align IT initiatives with overarching business goals. The journey to digital business is not yet complete, with less than 38% of global organizations saying that digital is integrated or has transformed their organization, according to the CIO Sentiment Survey 2024. That leaves more than 50% of organizations with some work toward maturing their digital business. Also, the same survey shows that 33% of IT departments collaborate with other business units, but 67% are either collaborating ad hoc or making decisions with limited input from others — which does not improve the IT/business alignment agenda. Digital transformation requires alignment among all involved to deliver key initiatives with velocity and quality to key stakeholders such as customers, patients, or citizens. Pervasive IT governance can help, but it requires a shift in culture, which can start with IT and with you as the CIO. Embracing pervasive IT governance for greater business impact Pervasive IT governance is not just an evolution of existing models but a transformation in how organizations align technology with business strategy. It emphasizes a continuous feedback loop between IT and business units, enabling rapid adaptation to changing business needs. At its core, this approach focuses on collaborative governance, ensuring that decisions are made with input from across the organization, not just by or within the IT department. Key benefits of adopting pervasive IT governance include: Increased agility and innovation: By fostering continuous feedback and collaboration, IT and line-of-business (LOB) teams can quickly pivot to address emerging challenges. This model encourages innovation by empowering teams to experiment with new technologies. Balanced control and flexibility: Unlike rigid centralized models, pervasive governance allows organizations to maintain control over critical IT assets while granting teams the flexibility to innovate. Enhanced collaboration and buy-in: One of the cornerstones of pervasive IT governance is the establishment of strong relational mechanisms. These mechanisms are essential to build trust and buy-in toward achieving common objectives and goals. Implementing pervasive IT governance: Best practices for CIOs Shifting to a pervasive IT governance model is not without its challenges. The top three governance and compliance challenges we found in the CIO Sentiment Survey 2024 are support from LOB leaders (32%), support from the C-suite and board of directors (30.7%), and employee engagement (30.4%). This means that CIOs must rethink the structure, processes, and relationships within their organizations and in collaboration across the organization. Here are some best practices for CIOs looking to implement a pervasive IT governance approach: Establish clear roles and responsibilities: Use a RACI matrix to define the different responsible, accountable, consultative, and informative roles for the governance model, including IT, LOB, or other ecosystem partners. Foster continuous feedback loops: Continuous feedback refers to an ongoing mechanism for capturing, analyzing, and responding to different sentiments and input in real time related to an initiative or topic. During key change management initiatives (which are often part of an IT governance agenda), this approach enables leaders to monitor the impact of change as it happens, make data-driven adjustments, and foster a transparent, communicative environment that values different perspectives. It also motivates employee engagement and sets the tone for a responsive culture that adapts to evolving business needs. Leverage collaborative tools for transparency: While this might be the easiest and most obvious best practice, it is sometimes loaded with emotions as there are different collaborative tools in use, and people have their biases. The IDC MarketScape: Worldwide Team Collaboration Applications 2024 Vendor Assessment report (November 2024) provides some suggestions on tool vendors that are leaders in team collaboration. Focus on key performance indicators (KPIs) and continuous improvement: Assess your existing IT governance metrics and KPIs to see what you are measuring. While compliance, risk, resources, and performance metrics might already be there, look for metrics from which you could also derive KPIs for strategic alignment. Do remember that metrics and KPIs share similar traits, but the main difference is that a KPI is tied to a specific operational strategy, so be sure that you are tracking KPIs and not basic metrics that are lacking in necessary context to the business. The road ahead: Balancing risks and

Ransomware attacks will continue to plague APAC enterprises in 2025, according to Rapid7. The cybersecurity tech vendor expects that more zero-day exploits and changes in ransomware industry dynamics will result in a “bumpy ride” for security and IT professionals throughout the region. Ransomware incidents have steadily risen over the last couple of years. Rapid7’s Ransomware Radar Report revealed that 21 new ransomware groups emerged globally in the first half of 2024. A separate analysis found that these criminals doubled their takings to $1.1 billion in ransom payments in 2023. While the Rapid7 report did not specifically detail APAC’s issues with zero-day exploits, PwC’s annual Digital Trust Insights (DTI) survey revealed that 14% of the region identified zero-day vulnerabilities as one of the top third-party-related cyber threats in 2024 — an issue that could linger into 2025. Despite international efforts like the takedown of LockBit, ransomware operators continued to thrive. Rapid7 predicts increased exploitation of zero-day vulnerabilities in 2025, as these groups are expected to expand attack vectors and bypass traditional security measures. Ransomware industry dynamics to shape attacks in 2025 Rapid7’s chief scientist, Raj Samani, said the firm has seen ransomware groups gaining access “to novel, new initial entry vectors,” or zero-day vulnerabilities, over the last year. He explained that zero-day events were happening almost weekly rather than about once a quarter as they had in the past. The firm has observed ransomware operators exploiting zero days in ways that were not feasible 10 years ago. This is due to the financial success of ransomware campaigns, being paid in booming cryptocurrency, which created a windfall that allowed them to “invest” in exploiting more zero days. In APAC, these conditions are causing global ransomware threat groups to engage in regionally targeted ransomware campaigns. However, Rapid7 previously noted that the most prevalent groups vary based on the targeted country or sector, which attracts different ransomware groups. SEE: US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack Samani said the threat posed by zero-day events could worsen in 2025 due to the dynamics within the ransomware ecosystem. He noted that the market could witness an increase in less technically skilled affiliate organisations joining the ranks of those attacking global enterprises. “The reason why we’ve seen such a growth in ransomware and the demand and exponential increase in payments is because you have individuals that develop the code and individuals that go out and break into companies and deploy that code — so two separate groups,” he explained. Samani speculated that, while the opaque nature of ransomware makes the situation unclear, a ransomware group with access to zero-day vulnerabilities for an initial entry could use them to attract more affiliates. “The bigger concern is, does that then mean the operational and technical proficiency of the affiliate can be lower? Are they lowering the technical barriers to entering this particular market space? All of which kind of reveals 2025 could be very bumpy,” he said. Ransomware payment bans could shake up incident response plans Sabeen Malik, Rapid7’s head of global government affairs and public policy, said governments worldwide increasingly view ransomware as a “critical issue,” with the biggest global collective to combat the initiative, the International Counter Ransomware Initiative, now having the most members it has ever had. This comes as some Asian companies remain ready to pay ransoms to keep business going. Research from Cohesity released in July found that 82% of IT and security decision-makers in Singapore and Malaysia would pay a ransom to recover data and restore business processes. The same was true of Australian and New Zealand respondents to the same survey: 56% confirmed their company had been the victim of a ransomware attack in the previous six months, and 78% said they would pay a ransom to recover data and business processes in the future. Countries in APAC are considering how to respond with regulation. Australia has just introduced mandatory ransomware payment reporting for organisations turning over $3 million, who must now report a payment within 72 hours. SEE: Australia’s Cybersecurity Law Includes Ransomware Payment Reporting However, banning ransomware payments outright could have an outsized impact on the security industry, according to Rapid7. If payments were prohibited, targeted companies could lose an avenue of recovery after an attack. “The shadow looming over all of us aren’t regulations, but more kind of mandates from governments banning the use of, or payments around ransomware; those types of enormous, behemoth kind of decisions I think could dramatically impact the industry,” Samani said. “What you have to consider with regards to your BCP [business continuity] planning and your DR [disaster recovery] planning is, if ransomware payments become banned within my territory … how is that then going to impact the way that I do things?” he said. More Australia coverage Tips for preventing ransomware threats Rapid7 recommended security teams think about several measures to combat threats: Implement basic cyber security hygiene Malik said companies are considering how new technologies such as AI overlays can help combat the problem — but they should not forget the basic hygiene practices, such as password management, which can ensure that secure foundations are in place. “It seems like such a no-brainer, yet we continue to see how many issues we’ve seen with identity management and password mismanagement have led to where we are now. What are some of the basic things we need to make these [hygiene] practices foundational?” she asked. Ask tough questions of AI security vendors Samani said newer AI tools could help “disrupt the kill chain quicker and faster” if threat actors breach defences. However, he said “security is not a commodity” and that not all AI models are of equal quality. He recommended teams ask questions of the suppliers and vendors. SEE: How Can Businesses Defend Themselves Against Common Cyber Threats As he explained, these questions could include: “What is their detection strategy, and what is their response strategy?” “Do you have an incident response retainer?” “Do you conduct regular testing? What about

There’s a school of thought that writes most sustainability efforts off as annoying virtue signaling: Consumers with time and disposable income choose to pay a green premium for products that make them feel good, and companies plant trees and recycle coffee cups to make those customers like them. As costs rise, belts tighten, and we grapple with immediate geopolitical threats, it’s hardly surprising that this discretionary veneer of sustainability may be slipping out of favor with consumers, companies, and governments around the world. But those same pressures make the right sustainability initiatives more important than ever. Forrester’s original framing of the green market opportunity explicitly made the point that sustainability can be good business: A combination of macroforces will create a tipping point, after which companies will no longer view environmental sustainability as primarily an ethical responsibility with added benefits to brand and modest cost savings, but as a financial and regulatory obligation they can’t ignore, and more importantly, an unprecedented business opportunity. A truly sustainable business requires two forms of sustainability: the green stuff that sustains the planet and the operational stuff that sustains the business. Forrester predicts that 2025 will be the tipping point, where economic and operational considerations become more significant drivers of corporate sustainability initiatives than regulations and customer sentiment. Prioritize Projects That Help Your Business And Also Happen To Help The Planet Even if your environmental sustainability plans are moving full steam ahead, shift the emphasis of your messaging to employees, customers, and the market to explicitly lead with clear operational benefits: A machine vision system that spots defects in parts moving along an assembly line cuts the cost to your business of expensive scrap or rework. That also reduces consumption of raw materials. Internet-of-things sensors on power-hungry equipment reduce energy consumption and support predictive maintenance models that may extend the useful life of that equipment, lowering energy bills and equipment budgets. That also reduces emissions. Bloomberg calculates that an EV in the US becomes a greener choice than its internal-combustion-engine equivalent after driving about 25,000 miles. It can also be cheaper to operate, with any higher up-front cost amortized over all those miles. So focus electrification efforts on fleets of smaller vehicles (cars and vans) to reduce operating costs. This also reduces emissions. German pump manufacturer Wilo uses excess electricity from rooftop solar panels to power electrolyzers that turn water into green hydrogen. The hydrogen is stored onsite, with fuel cells converting it into electrical energy at times of peak demand. This reduces the load that Wilo places on the German energy grid while also cutting the company’s electricity bill. Virginia-based construction company Basic Construction buys pellets of waste toner from printer-maker Canon’s local factory, using them as a colorant and binding agent for the asphalt it lays on the state’s roads. Canon generates new revenue from its toner recycling operation, and Basic reduces its material costs. The road surface is apparently more durable than before, and the circular economy business model pays for a reduction in consumption of raw materials and emissions at both firms. In late 2022, BASF announced plans to “as quickly as possible and also permanently” downsize operations in Europe. Rising energy prices played a key part in this decisionz and in the company’s increased investment in the renewables-powered Zhanjiang Verbund facility in Guangdong province. Energy costs often matter more than labor costs in modern manufacturing, but business and technology leaders must also consider the cost of moving raw materials and finished goods throughout their supply chain. Emerging technologies play their part in helping manufacturers settle on a multinational Goldilocks model that is neither just in time nor just in case but just right. The need to reduce emissions and wasteful consumption of resources has not gone away, but the “green” debate might be seen as polarizing for your customers. If this is the case, don’t lose sight of the green market revolution’s promise of bettering planet and business. Most companies would be wise to lower the volume on their virtue signaling while quietly getting on with the projects that benefit both their shareholders and (whisper it) the planet. source

IDC International Data Corporation (IDC) is the premier global provider of market intelligence, advisory services, and events for the information technology, telecommunications, and consumer technology markets. With more than 1,300 analysts worldwide, IDC offers global, regional, and local expertise on technology and industry opportunities and trends in over 110 countries. IDC’s analysis and insight helps IT professionals, business executives, and the investment community to make fact-based technology decisions and to achieve their key business objectives. source