Watch Out!
For These 5 Cyber-Threats

The 5 Biggest Cyber-Security Challenges in 2019

Social Engineering Attacks

Cyber-criminals are increasingly using sophisticated tools – including Artificial Intelligence – to troll the web for information that corporations and employees are inadvertently posting on their social media sites. This information will likely become a new threat vector in the new year where this information is exploited in phishing and spear-phishing attacks.

Questions you should be asking are:

  • What is our social media threat profile?
  • Who is monitoring it?
  • What tools are available for such monitoring?
  • What are our social media use policies? How do we implement them?

Supply Chain Attacks

As corporations continue to harden their own perimeters and attack surfaces, criminals are increasingly looking at the vulnerable supply chain where risks are not completely understood. Increasingly, the vendors in that supply chain will be regarded as part of the company’s own vulnerability and risk profile. Criminals will increasingly exploit the supply chain to gain access to critical information about corporations.

Questions you should be asking are:

  • What sensitive information am I sharing with my vendors?
  • How do I assess the risk of each vendor?
  • What tools and services can I use to effectively control the threats posed by such a risk?

IoT and Infrastructure Attacks

The proliferation of cheap and insecure devices that comprise the Internet of Things (IoT), coupled with the legacy systems that control our Infrastructure, are combining to create a perfect storm in the New Year. Ransomware is likely to be higher as criminals hold companies, cities and even countries hostage as they take over and compromise such systems. Attribution will be very difficult thus providing cover to criminals and nation states.

Questions you should be asking are:

  • How are IoT and infrastructure devices impacting my risk?
  • Who is managing and controlling those threats?
  • What are the remediation protocols and policies that will help me control breaches?

Identity and Mobile Authentication

As we understand the limitations of passwords and identity management moves increasingly to the cloud, mobile device authentication is likely to explode. At least initially, expect some of this transition to be exploited, particularly where insecure approaches are used. Facial recognition and biometrics are still undergoing rapid development and have not reached a true trusted-state.

Questions you should be asking are:

  • How will I control access and authentication across a myriad of devices, almost all connected to the internet, and with a varying degree of trust?
  • What kind of biometric and MFA (multi-factor-authentication) solutions are appropriate for my environment?
  • What cloud-based solutions will I use to allow access to sensitive information?

Rise of zero-day threats and Polymorphic Attacks

The most common attacks in the past year were exploits of zero-day threats where unpatched new vulnerabilities were used to compromise critical assets. In the case of "Polymorphic Attacks", the code used for the exploit changes rapidly and automatically to prevent effective management and remediation. In 2019, expect this to continue at a high rate. The high demand for software, complicated by the time pressures to be agile, result in many more undiscovered vulnerabilities.

Questions you should be asking are:

  • What will I do if zero-day vulnerabilities are discovered for a mission-critical system? Will I take it offline? Or allow it to function, knowing that it may be compromised?
  • Which security vendors and products will I trust for effective triage in case of polymorphic attacks?
  • What is the status of my systems for known vulnerabilities? Who manages this?
  • Do you have cyber-insurance?


There is no 100 per cent protection against cyber-attacks. However, you can reduce risks tremendously by constantly informing about new threats and questioning your security strategy.

As we become more digitally connected, the more vulnerable we are becoming. Anything that is connected is a target. The number of breaches in 2018 reached staggering proportions. With a multitude of new attack vectors, 2019 promises to be worse. Here are 5 threats you need to know.

Not Sure if Your Organization is Endangered by Current Cyber-Threats?

Reach out to our Managed Security experts and find out.

Discover Managed Security
  • Thursday 24 January 2019

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment


SoftwareONE Blog Team

Blog Editorial Team Trend Scouts

IT Trends and industry-relevant Novelties

Related Articles

SoftwareONE Cyber Security Update 2019-10
  • 15 October 2019
  • Bala Sethunathan
  • Cyber-Security Updates, Managed Security
  • Cyber-Security, Security

Cyber Security Updates – October 2019

Criminal cyber-activities come with only one goal: to attack your systems and to leave you with financial damages and reputational loss. In our October edition, we will cover latest data breaches such as a ransomware attack on several U.S.…

  • 10 October 2019
  • Bala Sethunathan
  • Managed Security
  • Strategy, How-To

Building an Effective Security Operations Center (SOC) at Your Organization

Many organizations simply do not have the resources and expertise available to build an effective in-house security operations center (SOC). Let’s take a look at how you can put together an SOC that can be maintained for years to come.

unified communications
  • 03 October 2019
  • Dietmar Kraume
  • Managed Security, Unified Communications
  • Cyber-Security, EnterpriseVoice, Cyber-Threats

Being Secure on the Super-Highway to Enterprise Collaboration

Unified communications (UC) has quickly become a staple of modern business culture, but it can bring Cyber-Security risks. Learn what these risks are, and how organizations can re-mediate them.