
As global cybersecurity threats continue to evolve, companies are navigating an increasingly complex risk landscape. In this chapter, our cybersecurity experts dive into recent trends in ransomware attacks and the latest regulations around incident response. They also discuss new guidance on fines and damage claims while exploring the intersection of cybersecurity and AI.
Here’s what we’ll cover:
- The rising frequency and scale of ransomware attacks.
- New incident response obligations.
- GDPR damage claims.
- The role of AI in enhancing and undermining cybersecurity.
In February 2024, several international law enforcement agencies scored a major success in the fight against cybercrime by seizing control of infrastructure used by LockBit, one of the world’s most active ransomware groups, while developing decryption keys that could enable the recovery of many LockBit-encrypted systems. However, LockBit has reportedly continued attacking companies using new servers and dark web domains, which demonstrates the persistence of cybercriminals. While law enforcement continues to pursue cybercriminals and companies continue to improve their cybersecurity measures, ransomware remains rampant and attacks are increasing in sophistication and number, not least due to:
- the rise of widely available generative AI; and
- the increasing commoditization of ransomware, particularly through ransomware as a service
Recent developments emphasize that cybersecurity should be always higher on the agenda of the leadership of organizations.
Satya Staes Polet, Partner
In 2024, ransomware demands and payments have continued to climb, reflecting the ongoing evolution and aggressiveness of cybercriminals’ tactics. The first half of 2024 saw ransomware attacks increase in both frequency and scale, with the average ransom demand reaching over $1.5m in the second quarter of 2024 – a 102 percent increase quarter over quarter. This increase is largely driven by the continued success of multiple-extortion schemes, where attackers not only encrypt data but also exfiltrate it, threatening to release sensitive information if ransoms are not paid.
Attackers may also threaten to deploy distributed-denial-of-service attacks or threaten employees and customers of victims to apply additional pressure on companies. A group of cybercriminals has even been known to lodge a complaint with a regulatory authority to denounce the failure of the company that suffered the data breach to disclose it as required by law, thereby using the law as a means of exerting pressure. The emergence of new groups and ransomware variants of cyberattacks, including rebranded ransomware groups, has also contributed to the record-breaking number of incidents and payments. Despite ongoing law enforcement efforts, the overall threat continues to grow, with 2024 potentially becoming the worst year on record for ransomware payments.
Beyond ransomware attacks, supply chain attacks continue to be a significant issue. Companies rely on third-party vendors, which provide systems and services critical to those companies.
Cyberattacks, vulnerabilities or even faulty updates at vendors have resulted in significant losses for numerous customers of those vendors and highlighted the growing importance of integrating cybersecurity into a company’s overall risk management. These incidents underscore the cascading effects that supply chain attacks can have, leading to regulatory penalties, breach of contract claims and potential litigation.
Additionally, supply chain attacks can be more challenging to investigate as an affected customer may have limited visibility into an attack on a third party vendor and limited control over the vendor’s investigation. In fact, supply chain risk has become such a significant issue that the US’ National Institute of Standards and Technology (NIST) released its first major update of its Cybersecurity Framework, since 2014, to incorporate practices to manage cybersecurity risks within and across organizations’ supply chains. Organizations must bolster their cybersecurity measures, ensure their supply chain contracts include robust security provisions and stay compliant with evolving regulations. Legal teams should prepare for complex liability issues and the intricacies of data breach notifications that arise from such multifaceted attacks.
Cybersecurity regulations are tightening, and penalties for non-compliance are on the rise. As cybercriminals become more sophisticated in their use of AI, the need for companies to continually update and bolster their cybersecurity strategies has never been more urgent.
Staying ahead in this rapidly changing environment requires vigilance and adaptability. A strong, proactive cybersecurity strategy can make all the difference, helping you stay ahead of threats and minimize damage if a cyberattack occurs.
Our team






2025 Data law trends