The flip side: 2024's biggest failures

The cybersecurity industry has a lot of room to grow in the new year — as evidenced by the long list of attacks that started with simple mistakes.

Why it matters: Companies keep repeating the same mistakes that allow malicious actors to break into their systems.

• Finding new solutions will be a huge focus of 2025 and beyond, experts say.

Along with the wins, I also asked experts to share the biggest failures of 2024. This is what they said:

Mike Wiacek, founder and CEO of Stairwell: "2024 showed that even the best-in-market tools remain vulnerable to increasingly evasive attackers, as seen in incidents like the UnitedHealth Change Healthcare ransomware attack."

• "Companies need to have plans to investigate and respond to threats, even if frontline tools fail to catch them — one could call it 'planning for failure.'"

Todd McKinnon, CEO of Okta: "We continue to see companies locking customers into purchasing all-in-one bundles."

• "By doing this, they're limiting their customers' ability to choose security tools that lead to the best outcomes for their businesses. Choice is critical for the best security — choosing one technology vendor for everything doesn't give companies the layered resilience of a best-of-breed ecosystem that will keep them more secure."

Bob Lord, senior technical adviser at CISA: "Although some software manufacturers have reduced the prevalence of the most common classes of coding error, as a whole, the software industry has not."

• "The most popular classes of coding error from 2007 are still at the top of the list in 2024. How is this the customers' fault? We see articles about the companies that are compromised because of unsafe software, but rarely articles about the companies that make little effort to build safer software."

M.K. Palmore, director at Google Cloud's Office of the CISO: "2024 showed us how critical human capital is in addressing cybersecurity challenges."

• "The cost of neglecting our human capital — billions lost to breaches, ransomware, and eroded public trust — underscores the urgent need to invest in leadership and talent development, and is one of the biggest learnings within our industry this year."

Mandy Andress, CISO at Elastic: "We saw older technologies being targeted in 2024. Think Fortinet, MOVEit, etc. As we improve security in newer technologies, threat actors have started focusing more on older or infrastructure tech that is often not upgraded or patched frequently."

Nicole Carignan, VP of strategic cyber AI at Darktrace: "Attackers continued to target cloud environments."

• "Cloud environments contain enormous troves of sensitive data that appeal to bad actors. The distributed nature of cloud infrastructure, rapid provisioning of resources, and prevalence of misconfigurations have posed major security challenges and will continue to be an issue in 2025."

Allan Liska, ransomware expert at Recorded Future: "We need to do more to prevent ransom payments."

• "Law enforcement is doing great work, but as long as criminals see billions in payments coming in, there will always be a new ransomware actor/initial access broker/developer ready to step in."

Darren Shou, chief strategy officer at RSA Conference: "A huge (global) fail was businesses around the world handing out jobs and paying hundreds of millions to North Korean IT workers."

• "Safeguards against this happening again are currently weak, and I'm sure we'll hear about more fake personas infiltrating enterprises, followed by sophisticated fraud and reputation attacks."

💡 Skim through the rest of the insights I collected on LinkedIn (I promise, it's actually fun over there).

🎙️ Have your own thoughts? Reply to this and let me hear them.