Digital payment system Pix isn’t a household name on a global scale, however in Brazil it’s a fintech phenomenon. Pix is used by 93% of adults in the country, with 62% naming it as their most frequently used payment method, according to a Google survey. It’s also the key infrastructure fueling business transactions and the activity of financial institutions in Brazil.
The platform is so much of a dominant force that it's even managed to gain the ire of U.S. President Trump, who claimed that the popularity of Pix “unfairly discriminates against U.S. credit card companies".
Yet in September of 2025, Brazil’s government-backed system was the victim of a bold cyberattack that saw $130 million (705 million Reais) siphoned off by gaining access to the real-time payment system using compromised credentials.
Rather than targeting the millions of personal users, the hackers focused on two large financial institutions that were business users of Sinqia’s Pix transaction processing service.
Although Sinqia was able to identify the suspicious activity on Pix and take swift remedial action to contain the incident and recoup some of the stolen funds, the widespread media coverage and the sheer size of the amount represented a significant reputational blow for the payment platform.
The event underscored the vulnerabilities in real-time payment systems and how this risk intensifies when one platform handles the vast majority of all digital payments for a country, as is the case with Pix in Brazil.
It also showed that cybercriminals and the sophistication of their methods shouldn’t be underestimated. The future of digital payment ecosystems and digital environments in general hinges on robust security measures.
This is why we can expect to see continued investment opportunities coming from the cybersecurity industry. In the face of rising threats and the risk of costly data breaches, organizations are investing heavily in the latest protective measures.
Cybersecurity spending is expected to increase by 15% in 2025, from $183.9 billion to $212 billion. In particular, the latest threats and external trends are driving demand for solutions that address emerging gaps in security.
Following the attack on the Pix payment platform, here are three opportunities within the cybersecurity sector to watch.
User authentication and exposure management
Although most organizations take great efforts to prevent unauthorized access to the network, hackers are increasingly likely to exploit legitimate user details to breach defenses undetected. This was the exact scenario for Sinqia’s Pix, when attackers obtained stolen login information for an IT vendor’s account, which provided them with legitimate access.
This trend is driving demand for more robust user authentication solutions, creating a new growth lane within cybersecurity.
Identity and Access Management (IAM) held the largest slice of the security software market in 2024, commanding 23% of the total share. Reflecting that momentum, a report from Finro Financial Consulting showed that IAM firms command some of the highest valuations in cybersecurity, with acquisitions averaging 12.6x annual revenue, underscoring strong investor confidence in identity-centric security models.
One of the most compelling sub-sectors within IAM that is gaining investor momentum is exposure management. After a decade of reactive cybersecurity spending on SIEMs, EDR, and XDR, exposure management directly addresses the “proactive gap”: finding, validating, and remediating risks before an incident occurs. Norman Menz, CEO of Flare, noted in a recent report that “exposure management has the same recurring profile as endpoint protection did in 2016, but with higher enterprise stickiness.”
The exposure management market is projected to grow from $2.2 billion in 2024 to $7.6 billion by 2029 at a 28.3% CAGR. Some forecasts push it even further, with BIS research predicting it will clock in at $23.6 billion by 2034.
That trajectory mirrors a broader shift toward an emerging pillar within exposure management: identity-first security. Statistics reveal that 78% of organizations plan to increase spending on identity security this year alone, with IAM as a whole typically accounting for 20% or more of IT security budgets. According to a Forrester's 2025 study, as showcased by Flare, there was a 321% ROI on identity exposure management investments, reinforcing the financial and operational value of investing in advanced IEM capabilities.
It can’t be overstated the role AI will play here as well for enterprises and exposure, in particular when it comes to running outdated software. About 43% of those surveyed regard legacy code as a major risk, said a Saritasa report.
According to Ranjit Tinaikar, CEO of Ness Digital Engineering, as AI adoption starts to take hold, stakeholders are looking to resolve the technical debt of legacy systems, reduce security risks and unlock new capabilities. Further, “modernizing outdated platforms is the only way to fully tap into AI-enabled productivity gains,” the executive added.
With the increasing adoption of AI, the exposure management market is one to keep an eye on. When it comes to publicly traded companies, two companies to watch are Okta (OKTA) and Booz Allen Hamilton (BAH), which has a current quarterly dividend of $0.55 per share.
Surge in schools held to ransom drives spending from the education sector
Next, those in the industry are well aware that cyberattacks don’t target all industries indiscriminately. They are often looking for low-hanging fruit in the form of sectors likely to have weak cybersecurity defenses that are easy to breach and offer valuable returns.
While financial institutions offer the promise of high-value prizes for cyberattackers, they also have the budget to invest in the most innovative and robust cybersecurity solutions. This was part of the reason why Sequoi’s Pix were able to identify the suspicious activity, despite the attackers having legitimate credentials, and contain the breach rapidly.
Unfortunately, the same is not true for the education sector, where stretched budgets and limited access to cybersecurity experts mean that the average breach can go undetected for 5 months and longer still to contain. Meanwhile, it’s seen as a goldmine due to sensitive data held by schools on students and teachers, which very often gets sold on the dark web or used to hold institutions to ransom.
PowerSchool, which runs the most commonly used student information system in U.S. schools, had a cybersecurity breach that exposed the sensitive personal information of millions of students and educators. School districts that were affected by a PowerSchool data hack in December are now facing extortion attempts by cyber criminals in what could be just the tip of the iceberg.
“K-12 schools also need to recognize that hackers are constantly looking for ways to beat existing security controls and employ a sophisticated range of emerging technologies. This means that security solutions that provided robust coverage a few years ago can’t be relied on by default,” explained Charlie Sander, CEO of ManagedMethods.
This is why we can expect a surge in spending coming from the education sector, and companies with custom solutions for schools and colleges are expected to benefit. When it comes to publicly traded companies, Zscaler (ZS) is one enterprise to watch here.
Global tensions add to pressures on government organizations
Finally, not all attacks have the direct purpose of financial gain. In many cases, there are political motivations. In the past few months, we’ve seen European nations hit by a swathe of cybersecurity attacks that have closed down airports and put companies out of action for months.
New intelligence suggests that Russia was behind these attacks in a coordinated attempt to destabilize economies, undermine trust in governments and generally affect public morale. In fact, a senior NATO official declared last week that the event marked the entry of a new era of hybrid warfare. Manfred Boudreaux-Dehmer, NATO's first Chief Information Officer, said that such attacks against critical digital infrastructures will become much more common.
Despite these very real threats, cybersecurity budgets are being slashed by the White House. The Cybersecurity and Infrastructure Security Agency (CISA) is now operating with a limited budget, a smaller workforce, while the broader budget proposal for FY2026 seeks a $1.23 billion reduction in civilian cybersecurity spending.
We’re likely to see private companies fill the gap left by this drop in funding. Government entities will be pressed to find robust yet cost-effective solutions to protect critical data and prevent public disruption. Ethical hacking is one way to achieve this. Orcus fuses advanced technology with over four decades of offensive security expertise to help organizations tackle the most elusive attackers.
According to Horasis Chairman Frank-Jürgen Richter, who recently hosted its three-day program of the 2025 Horasis Global Meeting in São Paulo, cooperation will also play a central role in addressing shared challenges across nations, public and private sectors, and regions.
“It isn’t a choice – it’s a necessity,” he said, stressing that no country or institution can navigate today’s geopolitical climate alone.
Cybersecurity is now a mission-critical industry
Although cyberattacks have been a constant presence since the earliest days of the digital revolution, the stakes in 2025 were raised to new heights. The bright note is that new ventures are increasingly rising to address these challenges, with ventures such as cybersecurity SaaS company Astra Security and AI protection platform Rotate emerging, among others.
In the face of heightened threats with increasingly severe consequences, we expect investments on user authentication to see continued growth into 2026, along with spending from governments across the globe and in the education vertical.
/A%20concept%20image%20of%20space_%20Image%20by%20Canities%20via%20Shutterstock_.jpg)
/A%20concept%20image%20of%20a%20flying%20car_%20Image%20by%20Phonlamai%20Photo%20via%20Shutterstock_.jpg)
