Watch Out!

For These Top 5 Cyber-Threats

The 5 Biggest Cyber-Security Challenges in 2019

As we become more digitally connected, the more vulnerable we are becoming. Anything that is connected is a target. The number of breaches in 2018 reached staggering proportions. With a multitude of new attack vectors, 2019 promises to be worse. Here are 5 threats you need to know.

Social Engineering Attacks

Cyber-criminals are increasingly using sophisticated tools – including Artificial Intelligence – to troll the web for information that corporations and employees are inadvertently posting on their social media sites. This information will likely become a new threat vector in the new year where this information is exploited in phishing and spear-phishing attacks.

Questions you should be asking are:

  • What is our social media threat profile?
  • Who is monitoring it?
  • What tools are available for such monitoring?
  • What are our social media use policies? How do we implement them?

Supply Chain Attacks

As corporations continue to harden their own perimeters and attack surfaces, criminals are increasingly looking at the vulnerable supply chain where risks are not completely understood. Increasingly, the vendors in that supply chain will be regarded as part of the company’s own vulnerability and risk profile. Criminals will increasingly exploit the supply chain to gain access to critical information about corporations.

Questions you should be asking are:

  • What sensitive information am I sharing with my vendors?
  • How do I assess the risk of each vendor?
  • What tools and services can I use to effectively control the threats posed by such a risk?

IoT and Infrastructure Attacks

The proliferation of cheap and insecure devices that comprise the Internet of Things (IoT), coupled with the legacy systems that control our Infrastructure, are combining to create a perfect storm in the New Year. Ransomware is likely to be higher as criminals hold companies, cities and even countries hostage as they take over and compromise such systems. Attribution will be very difficult thus providing cover to criminals and nation states.

Questions you should be asking are:

  • How are IoT and infrastructure devices impacting my risk?
  • Who is managing and controlling those threats?
  • What are the remediation protocols and policies that will help me control breaches?

Identity and Mobile Authentication

As we understand the limitations of passwords and identity management moves increasingly to the cloud, mobile device authentication is likely to explode. At least initially, expect some of this transition to be exploited, particularly where insecure approaches are used. Facial recognition and biometrics are still undergoing rapid development and have not reached a true trusted-state.

Questions you should be asking are:

  • How will I control access and authentication across a myriad of devices, almost all connected to the internet, and with a varying degree of trust?
  • What kind of biometric and MFA (multi-factor-authentication) solutions are appropriate for my environment?
  • What cloud-based solutions will I use to allow access to sensitive information?

Rise of Zero-Day Threats and Polymorphic Attacks

The most common attacks in the past year were exploits of zero-day threats where unpatched new vulnerabilities were used to compromise critical assets. In the case of "Polymorphic Attacks", the code used for the exploit changes rapidly and automatically to prevent effective management and remediation. In 2019, expect this to continue at a high rate. The high demand for software, complicated by the time pressures to be agile, result in many more undiscovered vulnerabilities.

Questions you should be asking are:

  • What will I do if zero-day vulnerabilities are discovered for a mission-critical system? Will I take it offline? Or allow it to function, knowing that it may be compromised?
  • Which security vendors and products will I trust for effective triage in case of polymorphic attacks?
  • What is the status of my systems for known vulnerabilities? Who manages this?
  • Do you have cyber-insurance?


There is no 100 per cent protection against cyber-attacks. However, you can reduce risks tremendously by constantly informing about new threats and questioning your security strategy.

  • Managed Security, IT Market
  • Cyber-Threats, Cyber-Attacks

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment


Blog Editorial Team

Trend Scouts

IT Trends and industry-relevant novelties

Related Articles

Cyber Security Update April 2021 | SoftwareONE Blog
  • 12 май 2021
  • Bala Sethunathan
  • Managed Security, Cybersecurity User Awareness, Cyber Threat Bulletin

Cyber Security Update April 2021

98% of cyber-attacks rely on social engineering. Keep your business protected and learn more about the latest tactics on the rise.

Cybersecurity Update March 2021
  • 13 април 2021
  • Bala Sethunathan
  • Cybersecurity User Awareness, Cyber Threat Bulletin, Cybersecurity, Managed Security
  • Cyber-Threats

Cyber Security Update March 2021

About 80% of breaches occur due to poor passwords. Keep your business protected and learn how to improve your password security.

IT Insights in March 2021 | SoftwareONE Blog
  • 01 април 2021
  • Blog Editorial Team
  • IT Market, Publisher Advisory
  • Trends, News, Updates

IT Insights in March

The tech world is such a rapidly developing field that it may sometimes be hard to stay up to date. With our monthly IT insights, you won’t lose the overview. Read about the latest vendor news and trending topics.