Aftra in review: A look back on 2024

The past year has been a year of innovation, growth, and teamwork for Aftra. From launching new initiatives to celebrating milestones with our customers, every moment has contributed to our combined effort to build a stronger cybersecurity culture. As we slide into 2025, we’re grateful for the journey so far and look forward to helping businesses tackle next year’s security challenges with simplicity and confidence.

Cybersecurity statistics from the Aftra platform

First, let's share some exciting outcomes from the Aftra platform. Our goal is to provide real value and insights to our customers so they can strengthen their cybersecurity resilience. And we can safely say we’ve been delivering well on that promise. To celebrate, we put some data together below from Aftra that shows, in hard numbers, how much taking control over your company’s security and practicing Attack Surface Management (ASM) can reap huge benefits. 

193,854 opportunities found

There were 193,854 opportunities (security vulnerabilities) discovered in the Aftra platform this year.

97,468 vulnerabilities resolved 

Amongst those, 50,59% or 97,468 of them were resolved. Of those, 1,814 were critical vulnerabilities, 9,875 were high and the rest were medium, low, or unknown. 

$45 million saved

According to the Ponemon Institute, the global average cost of a data breach reached $4.88 million in 2024. For smaller companies, the financial impact of exploited vulnerabilities is particularly severe, with the Verizon Data Breach Report estimating per-incident costs ranging from $50,000 to $100,000.

Proactively addressing vulnerabilities, however, is far more cost-effective. On average, fixing vulnerabilities before exploitation costs companies significantly less—approximately $500 to $5,000 per fix.

Even without factoring in expenses like regulatory fines, damage to reputation, and legal fees, Aftra’s impact in 2024 was substantial. We estimate that we’ve delivered at least $45 million in value to our customers. Furthermore, the total cost avoidance—calculated based on the direct resolution of vulnerabilities—amounts to an impressive $949 million.

Aftra is constantly finding more and more opportunities for our customers to prioritize vulnerability remediation before it’s too late. What these numbers show us is that our customers are dedicated to their cybersecurity journey and working towards a more secure future for 2025 and beyond.

We look forward to continuing to support our customers on this journey through continuous vulnerability detection and Cyber Asset Attack Surface Management (CAASM). 

Aftra becomes its own entity 

This year marks a huge milestone for us. In May, we became an independent entity after previously operating under the cybersecurity company, Syndis. Gaining our independence gives us the freedom to focus entirely on our vision to help companies understand their digital security and minimize their cyber attack risk with simplicity. This year, we’ve been dedicated to growing our team and continuously improving our Attack Surface Management (ASM) solution to be even more prepared to operate in this exciting and fast-evolving space.

We will continue to work in partnership with Syndis to deliver exceptional cybersecurity software and services to both Icelandic and foreign markets. 

Expansion into new markets through partnerships and funding

2024 also brought exciting new partnerships, including reseller agreements with two Icelandic companies, Syndis and Origo, as well as the Finnish reseller Abero. These strategic collaborations mark a significant step forward in our mission to expand our reach and impact. Coupled with the funding we secured earlier this year, these partnerships will enable us to accelerate our growth into new markets across the Nordic region and Europe.

We’re thrilled about the opportunities ahead and the chance to work with incredible partners who share our vision of demystifying and strengthening cybersecurity.

New features in the Aftra platform

Innovation is at the core of what we do as we strive to deliver the most comprehensive cybersecurity platform, offering unparalleled attack surface monitoring and scanning. This year, we’ve implemented numerous enhancements driven by market demands and invaluable customer feedback. Among these, two features that stand out are our Security Campaigns and the WordPress Scanner, which have set new standards in empowering businesses to protect their digital landscapes effectively.

Security Campaigns

In a nutshell, Security Campaigns allow IT managers to create campaigns within the Aftra system that show each employee their digital footprint by telling them exactly where their company accounts are registered online and if their password has been leaked.

Seeing this information right in front of them is a huge eye opener. When we're shown proof of our online activity and the threat it poses, there’s an “aha” moment and it becomes difficult for us not to take the recommended steps to minimize the risk associated with it, such as activating MFA on all accounts and limiting where we use company accounts.

Read more about Aftra’s Security Campaigns feature here.

Wordpress Scanner

43.7% of all websites worldwide are built on Wordpress and in Iceland that number is as high as 70%. With 70,000 plugins and 30,000 themes available and an affordable price point, it’s an attractive option for many businesses. But unfortunately its giant ecosystem means that using Wordpress to host your websites can easily introduce vulnerabilities into your website and business ecosystem. The sheer amount of untrustworthy plugins and templates combined with widespread usage of the platform also makes it a particularly attractive entry point for hackers.

That’s why earlier this year, we implemented a Wordpress Scanner into our Cyber Attack Surface Management platform. This scanner is part of our robust scanning capabilities and will automatically detect any security vulnerabilities introduced into your Wordpress site so you can remediate them before a hacker finds them.

Learn more about vulnerability scanning and Aftra’s scanning technology here.

Cybersecurity best practices for the holidays

Last, but certainly not least, it’s vital to keep up your defenses as you prepare for the holiday season. Historically, this time of year sees a rise in cyberattacks as threat actors exploit factors such as reduced staff, heightened distractions, and the rise of online holiday shopping.

To keep your organization secure, we recommend following these security best practices:

• Ensure all systems and software are up to date with the latest security patches.
• Tackle critical vulnerabilities detected by your scans before the holidays start.
• Strengthen authentication protocols, including multi-factor authentication.
• Educate employees about the increase of phishing attacks during these times and reminding them to staying away from using their employee accounts for online shopping.
• Implement continuous monitoring to detect suspicious activity and make sure you have the coverage to respond.
• Verify your data backup and recovery processes for business continuity.
• Have your Business Continuity playbook up to date and available if needed. 

Read our full blog post to learn more about our security tips for the holiday season.

It’s a wrap

As we wrap up 2024, we couldn’t be more proud of what we’ve accomplished together with our customers, partners, and team. From becoming an independent entity to expanding into new markets and introducing innovative features, this year has been pivotal in shaping our journey to a more secure world. Our commitment to simplifying cybersecurity and helping businesses strengthen their defenses remains stronger than ever.

As we step into 2025, we’re excited to continue driving innovation, building and maintaining partnerships, and supporting organizations in navigating the cybersecurity threat landscape. Thank you for being part of this incredible journey. Here’s to another year of growth, resilience, and making cybersecurity accessible!

Want to learn more? Visit us at aftra.io.