Home News & Insights Reflecting on 2024: Key Cybersecurity Insights for New Zealand Enterprises

Reflecting on 2024: Key Cybersecurity Insights for New Zealand Enterprises

As we near the close of 2024, New Zealand businesses are navigating a dynamic and rapidly changing landscape of cybersecurity threats and solutions.

With cyberattacks growing in sophistication and the volume of sensitive data expanding across industries, safeguarding digital assets has become more crucial than ever. In this blog, we will delve into the pivotal cybersecurity trends that have defined 2024 for New Zealand businesses, supported by insightful statistics and expert analysis.

 

1. Rise in Cyberattacks: A Growing Threat

In 2024, New Zealand businesses faced a significant surge in cyberattacks. A report by CERT NZ (Computer Emergency Response Team) revealed that over 3,500 cyber incidents were reported in the first three quarters of the year alone, marking a 15% increase from the previous year. These incidents encompassed a range of threats, from phishing and ransomware to more sophisticated advanced persistent threats (APTs).

Small and medium-sized enterprises (SMEs) were particularly at risk, often lacking the necessary resources and cybersecurity expertise to defend themselves effectively. With approximately 60% of reported incidents involving SMEs, there is a clear and pressing need for heightened awareness and strategic investment in robust cybersecurity measures.

 

2. The Proliferation of Ransomware Attacks

Ransomware attacks remained a formidable force in the threat landscape for 2024. Across New Zealand, businesses spanning healthcare, education, and government sectors faced relentless targeting by ransomware groups, who demanded substantial sums to restore access to vital systems.

A PwC New Zealand survey revealed that 45% of businesses had either encountered or were aware of a ransomware attack during the year, with average ransom demands surging by 25% from the previous year. The increasing sophistication of these attacks, often involving both data exfiltration and encryption, underscores the critical need for organisations to prioritise robust backup and recovery strategies.


3. Increased Focus on Data Privacy

In 2024, data privacy became an even more pressing concern for New Zealand businesses, driven in part by the growing number of high-profile data breaches across the globe. The enforcement of stricter data privacy regulations like the Privacy Act 2020 in New Zealand and the EU’s General Data Protection Regulation (GDPR) has put pressure on companies to implement more secure data management practices.

A significant finding from a KPMG New Zealand survey revealed that 68% of businesses had increased their focus on data privacy compliance. Furthermore, 51% of businesses said they had conducted a full audit of their data storage and handling processes in response to increasing regulatory requirements and customer concerns about privacy.

 

4. Adoption of Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) emerged as a cornerstone of cybersecurity in 2024. With credential stuffing attacks and password breaches on the rise, New Zealand organisations increasingly turned to MFA as an essential tool to protect their online assets.

A report from Cyber Security New Zealand showed that the adoption rate of MFA among businesses in the country grew by 30% during 2024, with 82% of businesses implementing MFA for access to critical systems and services. MFA, often combined with password managers and biometric authentication, significantly reduced the risk of unauthorised access, making it a key preventative measure.

 

5. AI and Automation in Cybersecurity

Artificial Intelligence (AI) and automation continued to play a central role in cybersecurity strategies across New Zealand in 2024. With cyberattacks becoming increasingly sophisticated, businesses turned to AI-driven tools to help identify, respond to, and mitigate threats more efficiently. AI-powered solutions enabled faster detection of anomalous activity, often in real time, and helped businesses automate threat response workflows, reducing the reliance on human intervention.

According to a report by IBM Security, 62% of New Zealand organisations incorporated AI into their cybersecurity programs in 2024, a significant jump from 50% in the previous year. This trend was especially prevalent in industries like finance, healthcare, and e-commerce, where large volumes of sensitive data are constantly at risk.

 

6. Cloud Security Concerns

As businesses embraced the transformative power of the cloud in 2024, ensuring robust cloud security emerged as a paramount concern. A survey conducted by Tech Research New Zealand revealed that 73% of businesses had transitioned at least part of their infrastructure to the cloud, yet 58% acknowledged that cloud security remained a significant challenge.

The swift integration of cloud services introduced new vulnerabilities, with misconfigurations, inadequate access controls, and subpar encryption practices frequently identified as critical threats. Consequently, businesses strategically invested in cutting-edge cloud security solutions, such as Cloud Access Security Brokers (CASBs), security information and event management (SIEM) systems, and sophisticated encryption techniques, to safeguard their digital assets with confidence.


7. The Role of Cybersecurity Training and Awareness

One of the most significant trends of 2024 was the increased emphasis on cybersecurity training and awareness programs for employees. Recognising that human error remains a leading cause of security breaches, companies understood the critical importance of empowering their workforce with knowledge about cybersecurity risks.

According to a Cyber NZ report, an impressive 87% of businesses in 2024 had committed to investing in cybersecurity training for their teams. This comprehensive approach included regular phishing simulations, adherence to security best practices, and training on identifying common cyber threats. By fostering an environment where employees are encouraged to report suspicious activities, organisations cultivated a proactive and resilient security culture.

 

8. The Emergence of Quantum Computing Threats

As quantum computing continues to evolve, 2024 saw increased awareness and research into its potential impact on cybersecurity. Experts have raised concerns about quantum computers' ability to break current encryption algorithms, which could have severe consequences for businesses storing sensitive data.

While practical quantum computers capable of breaking encryption are still years away, businesses began preparing for the long-term threat by exploring quantum-resistant encryption algorithms and partnering with cybersecurity firms to future-proof their systems. This forward-looking approach was especially relevant for businesses in sectors like finance, healthcare, and government.

 

9. The Need for Cybersecurity Insurance

Given the rising number of cyberattacks and the financial impact they have on businesses, cybersecurity insurance became a growing priority in 2024. According to a Deloitte New Zealand survey, 43% of businesses took out or renewed cybersecurity insurance policies in 2024, a 20% increase from the previous year.

This trend is expected to continue as companies seek to mitigate the financial risks associated with cyberattacks, such as ransom payments, legal fees, and system recovery costs. However, businesses are now facing higher premiums as insurers recognise the increasing threat level and are adjusting their coverage terms accordingly.

 

Looking Ahead: Cybersecurity in 2025

As New Zealand businesses head into 2025, the cybersecurity landscape will continue to evolve. The trends of 2024—such as increased cyberattack volume, the rise of AI and automation, and the need for stronger data privacy measures—will shape the direction of cybersecurity efforts in the coming years.

To stay ahead of the curve, businesses must continue to prioritise cybersecurity, invest in the latest technologies, and educate their teams on best practices. By taking a proactive approach to cybersecurity, businesses can better protect themselves against the ever-growing threat of cyberattacks. 

 

Conclusion

2024 has been a pivotal year for cybersecurity in New Zealand. As businesses continue to embrace digital transformation, the risks associated with cyber threats are becoming more complex. However, with the right tools, strategies, and education in place, businesses can not only defend against these threats but also build a more resilient future in an increasingly digital world.

Check out our recent blog on Building Cyber Resilience with the CIS Controls, can help organisations build mitigate the risk by implementing cyber governance.


Find out more about how Sharp can help secure your business with our range of security solutions.

  


References:

  • CERT NZ. (2024). Annual Cybersecurity Report. Computer Emergency Response Team New Zealand.
  • PwC New Zealand. (2024). Cybersecurity Trends and Ransomware Report. PricewaterhouseCoopers New Zealand.
  • KPMG New Zealand. (2024). Data Privacy and Compliance Survey. KPMG International.
  • Cyber Security New Zealand. (2024). MFA Adoption and Security Practices Survey. Cyber Security New Zealand.
  • IBM Security. (2024). AI in Cybersecurity Report. IBM Security.
  • Tech Research New Zealand. (2024). Cloud Security Insights. Tech Research New Zealand.
  • Cyber NZ. (2024). Cybersecurity Awareness and Training Statistics. Cyber New Zealand.
  • Deloitte New Zealand. (2024). Cybersecurity Insurance Market Survey. Deloitte New Zealand.