Cybersecurity and Digital Resilience:

Latest News and Best Practices

In today's technological landscape, cybersecurity and digital resilience go hand in hand. Below we explore the most recent innovations, strategies adopted by industry leaders, the evolution of threats, and best practices for protecting corporate data, along with emerging technologies shaping security.

Innovations in Cybersecurity

WPA3 and More Secure Wi-Fi

The new WPA3 standard for Wi-Fi networks introduces next-generation security protocols, replacing the old WPA2 protections. WPA3 simplifies wireless security configuration and ensures more robust authentication and stronger encryption. For example, WPA3-Personal offers improved defenses against brute forcing of weak passwords (thanks to the SAE protocol that prevents offline dictionary attacks) without complicating the user experience. In short, WPA3-certified Wi-Fi networks use updated methods, disable obsolete protocols, and better protect data even on open networks, improving the resilience of enterprise wireless connections.

AI for Cybersecurity

Artificial Intelligence (AI) plays a growing role in cyber defense. AI and Machine Learning tools analyze enormous amounts of data in real-time, recognizing anomalies and attack signals with ever-increasing speed and precision. In 2024, we're witnessing an expansion of AI-based Threat Detection & Response solutions, capable of automating incident responses and mitigating risks faster than a human team could. However, the AI race also concerns attackers: the need for "secure AI" emerged after generative models were released rapidly without adequate security measures, pushing the industry to integrate guardrails and protections into these revolutionary technologies. Ultimately, AI has become both a defensive weapon (with predictive cyber-defense systems) and a new front to protect.

Zero Trust Security

Zero Trust architecture has established itself as a fundamental paradigm for modern enterprise security. The cardinal principle is "trust no one by default": every user, device, or application must be constantly verified and authenticated, even if already inside the network perimeter. Adopting a Zero Trust model means rigorously segmenting the network and applying granular access controls at all times. This approach significantly reduces the available attack surface and strengthens security posture, mitigating both external threats and internal risks (e.g., compromised accounts or malicious insiders). It's no surprise that many companies are investing in Zero Trust platforms to protect critical applications and data, integrating them with identity management and multi-factor authentication.

Backup and Disaster Recovery Strategies from Leaders

Leading companies have understood that digital resilience requires solid plans for backup and disaster recovery (DR). Operating with the logic of "assume that sooner or later an attack will succeed," they invest in data protection strategies as a last line of defense. In practice, they maintain multiple backup copies of data, preferably encrypted, on different media and in geographically separate locations (following the 3-2-1 rule: at least three copies, on two types of storage, with one off-site). They also perform regular recovery tests to verify backup reliability and implement immutable backup systems (non-modifiable) to prevent criminals from deleting or tampering with them. These measures have proven crucial against ransomware, whose authors often attempt to delete or encrypt backups as well. In parallel, leaders have updated and tested disaster recovery plans: critical data and applications are replicated off-site or in the cloud, ready to be activated in case of emergency. The adoption of DRaaS (Disaster Recovery as a Service) solutions and failover automation have made such capabilities more accessible and easier to manage, even for mid-sized organizations. In essence, the most advanced companies treat backup and DR as strategic components of business continuity, integrating them into daily operational processes.

Evolution of Threats and Trends in Data Protection

The landscape of cyber threats is constantly evolving, with increasingly sophisticated and targeted attacks. Ransomware in particular remains the number one plague: it hit 66% of organizations in 2023 and continues to proliferate (+23% ransomware attacks in the first quarter of 2024). These extortion malware often combine double extortion (data encryption + theft and threat of publication) and exploit every available gap. The advent of generative artificial intelligence tools (like ChatGPT) has further expanded the scope of threats, making it easier even for less experienced criminals to launch credible and large-scale attack campaigns.

There's also a boom in attacks targeting new surfaces: for example, malware for IoT (Internet of Things) devices increased by 400% in the last year, particularly hitting the manufacturing sector. This reflects how every connected object can become an entry point if not adequately protected. Another worrying trend is the abuse of stolen credentials: almost half (44.7%) of analyzed breaches involve the use of compromised credentials, a sign that phishing and password theft remain effective tactics for attackers. Email phishing remains one of the most common attack vectors: 27.6% of all emails sent worldwide are spam and 1.5% contain malware or phishing links; in the first six months of 2024, email attacks increased by almost 300%. This evolution of threats requires companies to raise their level of vigilance and data protection.

On the data protection side, recent trends show a decisive response to these threats. Regulations and security standards are tightening: organizations and governments worldwide are imposing stricter requirements for data protection. Just think of the entry into force in Europe of the NIS2 directive, which requires companies to adopt cyber resilience plans and adequate security measures for their critical systems.

At the same time, investments in advanced encryption technologies (to protect data both at rest and in transit) and solutions like immutable archiving and tokenization are increasing to safeguard the integrity of sensitive information. In many cases, organizations adopt a "data breach preparedness" approach: they assume they will eventually suffer an incident and prepare countermeasures to minimize its impact (ready backups, incident response plans, cyber insurance, etc.). In summary, faced with constantly growing threats, companies are strengthening both preventive barriers and response and recovery capabilities, to protect operational continuity and customer data.

Best Practices to Improve Digital Resilience

What can companies concretely do to improve their digital resilience? Here are some key best practices emerging from leaders' experience and expert guidelines:

Off-site Backup and Tested Disaster Recovery Plans

Maintain regular backups of critical data, keeping them offline or in different locations, and periodically verify that recovery works (conducting disaster simulations). The adoption of immutable and network-isolated backup copies is strongly recommended to prevent encryption or deletion of backups by malware. Additionally, having a well-defined disaster recovery plan, with clear roles and processes, allows for quick resumption of operations through reserve systems and data.

Multi-Factor Authentication and Access Management

Protecting user accounts with MFA (e.g., OTP, authentication apps, or physical keys) is now essential, given that the use of stolen credentials is the basis of a large percentage of breaches. It's good practice to implement the principle of least privilege (each user has only the minimum necessary permissions) and monitor anomalous access, perhaps integrating Identity & Access Management solutions and continuous verifications in Zero Trust style.

Continuous Updating and Patching

Many attacks succeed by exploiting known vulnerabilities for which patches already exist. It's essential to have a vulnerability management process that includes automatic vulnerability scans and timely application of available patches. Tools like centralized patch management systems help keep software and devices always updated, reducing the exposure window. Additionally, performing periodic penetration tests can help identify security flaws before criminals do.

Staff Training and Security Culture

Human error remains one of the main incident factors: 88% of breaches are caused by an internal mistake or oversight. Investing in awareness programs (phishing simulation exercises, security policy courses, etc.) helps drastically reduce risky behaviors. For example, sensitizing employees on how to recognize suspicious emails can significantly decrease clicks on malicious attachments and links, reducing infection probabilities. Creating a corporate culture where security is an integral part of everyone's work increases overall resilience.

Framework Adoption and Continuous Improvement

Referring to recognized security frameworks (such as the NIST Cybersecurity Framework or ISO 27001) helps evaluate one's security posture in a structured way and identify gaps to fill. These frameworks provide valuable guidelines on how to prevent, detect, respond to, and recover from cyber incidents. Aligning with industry standards and regulations (GDPR, NIS2, etc.) not only helps meet legal obligations but elevates the level of resilience: it implies implementing well-defined controls, monitoring, and procedures. The continuous improvement approach is also important – regularly reviewing and updating security measures and response/recovery plans based on new threats and lessons learned from incidents (one's own or others').

By following these best practices, a company creates multi-level defenses capable of preventing many attacks and, at the same time, prepares rapid response mechanisms to limit damage from inevitable incidents. Digital resilience is born precisely from the balance between proactive prevention and the ability to adapt in the face of the unexpected.

Emerging Technologies Influencing Security

Blockchain and Decentralized Security

Originally born for cryptocurrencies, blockchain technology is demonstrating enormous potential in strengthening cybersecurity in various areas. The decentralized nature and cryptographic mechanisms of blockchain make it highly resistant to tampering and fraud. Each transaction or event recorded in a blockchain is linked to previous ones through cryptography, creating an immutable chain: this means that data once written cannot be retroactively altered without being detected. In the cybersecurity field, this translates into the possibility of having immutable and verifiable audit trails and log records, useful for guaranteeing information integrity (for example, tamper-proof system logs). Some emerging applications include decentralized identity management systems, where users control their own credentials in a secure wallet rather than depending on centralized providers, and blockchain-based threat intelligence information exchange solutions, which ensure that data shared between organizations isn't altered. Supply chain protection also benefits from blockchain: by tracking each step transparently and securely, the risk of counterfeiting or insertion of malicious components is reduced. Although it's not a panacea, blockchain thus offers new tools to improve trust and transparency of digital systems, and the most innovative companies are beginning to explore its use as an additional layer of security.

Post-Quantum Cryptography

On the horizon looms the challenge of quantum computers which, within a few years, could break current cryptographic schemes on which data security is based. To anticipate this risk, the international community is working on post-quantum cryptography algorithms. In August 2024, NIST (National Institute of Standards and Technology) in the United States released the first three standardized algorithms designed to resist attacks launched with quantum computers. These new algorithms – two of which developed by IBM – represent a fundamental step to protect information and transactions in the post-quantum era, securing sensitive data such as confidential communications, financial transactions, and government information. Experts have defined the publication of these standards as a "pivotal moment" in cryptography history, an essential milestone to ensure future cryptographic resilience. The stakes are high: according to NIST, within the next decade quantum computers could emerge capable of breaking RSA and ECC algorithms in use today, compromising privacy and security globally. Preparing in advance is therefore crucial. Beyond developing quantum-resistant algorithms, approaches like Quantum Key Distribution (QKD) are being explored, which exploit the properties of quantum physics to distribute cryptographic keys impossible to intercept without altering them. Even if quantum technology is still in its infancy, forward-looking companies are beginning to update their systems with quantum-proof encryption. For example, sectors like finance and government are already testing new cryptographic suites, to ensure that vital information remains secure even in the event of a quantum leap. In summary, quantum encryption is no longer science fiction but an emerging component of security strategy: investing now in research and gradual adoption of these technologies means protecting tomorrow's data from the day after tomorrow's threats.

Conclusion

Innovation and resilience must proceed together. Cyber threats will continue to evolve, but staying updated on the latest technological developments and adopting a proactive approach to security allows companies to strengthen their digital resilience. From new Wi-Fi solutions to Zero Trust paradigms, from backup strategies to post-quantum technologies, each piece contributes to building a safer digital ecosystem. Investing in cybersecurity today means ensuring operational continuity and trust in the digital tomorrow.