Top Cybersecurity Threats and Trends Your Business Should Watch Out for in 2020

A panel of cybersecurity experts discusses cybersecurity trends and threats businesses should watch out for 2020.

With data breaches regularly making the news, more organizations are aware of the growing importance of implementing robust cybersecurity defenses. There's also an increasing awareness among small and midsize businesses that they're not exempt from security threats – in fact, 43% of data breaches involve small businesses, according to Verizon's 2019 Data Breach Investigation Report. The threat landscape is always evolving, with cybercriminals taking advantage of vulnerabilities in the latest technologies like IoT, while at the same time developing more sophisticated social engineering, ransomware, and malware attacks.

Businesses continue to move to the cloud, as well, which poses unique risks, particularly for businesses that must comply with regulations such as HIPAA and PCI DSS. With an increasing number of points of entry for cybercriminals and a growing number of attack methods, making sure your organization has a robust cybersecurity posture is more challenging than ever. Cyber hygiene best practices are a good foundation, along with cybersecurity training for employees and robust solutions such as continuous monitoring, but to build a strong defense, you have to know what you're up against. To help you understand the threat landscape as we enter 2020, we reached out to a panel of security professionals and asked them to answer this question:

What are the top cybersecurity threats and trends businesses should watch out for in 2020?

Meet Our Panel of Security Pros:

Read on to learn what our experts had to say about the top cybersecurity threats and trends to watch out for in 2020.

Aaron KrausAaron Kraus


Aaron Kraus is the Director of Cybersecurity at Zeguro. Aaron has over a decade of experience in the cybersecurity industry and is CISSP- and CCSP-certified. His specialties include risk management, compliance, and cloud security.

"The biggest threat will be more targeted attacks exploiting the human factor..."

At this point it’s trivially easy to find information regarding an intended target, and the greater variety of communication sources (texting, push notifications, chatbots, email, etc.) offer new avenues to exploit. Anti-phishing training has traditionally focused on email based threats, but employees aren’t necessarily cognizant of the same threats in other channels. Is the chatbot asking me for details real or a scammer trying to steal my info?

The biggest trend will be offensive artificial intelligence (AI) and machine learning (ML). RSA 2020 is right around the corner, and last year’s expo floor was packed with cybersecurity solutions touting AI and ML prowess. Although the marketing for those is way overhyped, the technologies are maturing. But it’s not just cybersecurity solution vendors who are using them - attackers are as well. A toolkit that automates attacks using machine learning significantly reduces an attackers work factor, and makes the process of attacking a target much less costly. This opens up targets that may previously have been too cumbersome to go after, as well as increased efficiency in attacking smaller targets - especially if the attacker doesn’t have to expend any additional effort.

Richard McBarnet Richard McBarnet

Richard McBarnet is the CEO at Lumina Technologies & Cyber Security Ambassador at IOD Hertfordshire. Richard's role at Lumina has evolved from founder and first engineer to now CEO and strategic leader. Follow Lumina Technologies on Twitter.

"We will see an increase in organized hacking attacks in 2020, particularly in industries with..."

Critical infrastructure for millions of people, such as utilities and government data, as they often operate using old, outdated technology and trying to upgrade their cyber defenses and fix cybersecurity flaws can lead to service interruptions and downtime. Phishing attacks are also starting to be extremely sophisticated and are becoming more and more difficult for an IT professional to stop, let alone an average end user.

Zero-trust network security will be increasingly implemented within businesses. This is an IT security model that requires strict identity verification for every person and device, regardless of whether they are sitting with or outside of the network perimeter. The philosophy assumes that there are attackers both within and outside of a network, so no users or machines should be automatically trusted.

With the increase of cyberattacks on organizations, password strength cannot be relied on as the only layer of protection to preventing attackers from gaining unauthorized access. Businesses will continue to introduce multi-factor authentication as the single most effective control to insulate an organization against remote attacks, preventing hackers from easily gaining an initial foothold into businesses, even if credentials become compromised.

There will also be an increase in investment in Cybersecurity Automation. Automation is a very important advantage in cybersecurity that has been gaining a foothold in the industry to date, and this movement towards the use of automation aims to reduce the burden on understaffed cybersecurity teams and increase efficiency. However, it's not a perfect solution on its own because automation tools require skilled and knowledgeable staff to operate them. But the main game-changer for cybersecurity in 2020 will be Artificial Intelligence and machine learning in cybersecurity. AI helps businesses respond more quickly to breaches, and there are many advantages (as well as some disadvantages) to integrating artificial intelligence (AI) with cybersecurity solutions. AI-based cybersecurity solutions are designed to work around the clock and can respond in milliseconds to cyberattacks that would take minutes, hours, days, or even months for humans to identify.

AI simplifies the process of data collection and analysis and can be integrated for enhanced threat and malicious activity detection through predictive analytics. However, AI isn't perfect, and there are some drawbacks to using the technology. AI technologies are being used by defenders and attackers alike, and they're not one-size-fits-all solutions and can be more expensive. They also require more training for cybersecurity staff to effectively operate.

Jim Sneddon Jim Sneddon

Experienced in a wide range of solutions since 2001, Jim advises on getting the most out of existing investments in staff, processes, and technology to become more compliant and secure. Jim is a Certified Information Systems Security Professional, an ISO27001 lead auditor, and a Certified EU GDPR Practitioner. Follow Jim's company on Twitter.

"The major trends that I see are..."

Continued Policing of Data Protection Regulations

With the steady rise of data breaches, there will be some clear messages sent via fines and legal action from the data protection authorities. We have only seen the tip of the iceberg in action taken so far, and I expect some strong messages to be sent in 2020, especially with the introduction of the California Consumer Privacy Act (CCPA), which goes into effect on January 1, 2020, in addition to the GDPR.

Endpoint Security

A bigger push from vendors on consolidation of endpoint security and artificial intelligence, which will be a challenge for the existing budget of traditional endpoint malware detection.

Social Engineering

The human has always been the weakest link in the chain, and the bad guys know that. They will go for the low-hanging fruit and will target employees within the organization via email, text, and on phone calls to get the vital foot in the backdoor to carry out their nefarious deeds. Why take on the might of all the technical solutions that are in place when a simple email with a link will do? I wish this were not the case, but sadly, most organizations only pay lip service to proper employee training and engagement programs.

Along the lines of the last point, but deserving of a space of its own, is director fraud. The Verizon Data Breach Report of 2019 stated that C-level executives were 12 times more likely to be the target of social incidents and nine times more likely to be the target of social breaches than in years past. This will only continue as many have extensive privileges within the organizations' systems, yet they have little security awareness.

Nelson GomesNelson Gomes

Nelson Gomes is the Head of Networks at NEC and is responsible for the Communications and Security areas of the business including cybersecurity, network security, networking, microwave technologies, and optical transport. NEC is working on next-generation security solutions which will deliver a predictive threat mitigation plan, allowing enterprises to self-heal. Follow NEC on Twitter.

"Cybersecurity is an industry that continues to grow..."

According to Statista, worldwide spending on cybersecurity has been steadily increasing since 2017, and spending is predicted to grow to $42 billion worldwide in 2020.

As 2020 begins, we take a look at the cybersecurity threats and trends that individuals and companies worldwide need to watch out for.

1. Phishing

While this is old practice when it comes to cybersecurity threats, there has been a huge resurgence in the amount of phishing attempts over the past two years. In 2018, Avanan reported that for every 99 emails sent, one was a phishing scam. This has been increasing in 2019 and to date, there has been a 65% growth in the number of phishing attempts, according to Retruster.

What is a phishing attack?

Phishing attacks are a type of cybersecurity threat where an attacker will generate a fraudulent email, text, website, or even voice call which tricks the victim into surrendering sensitive information. This can include login details, passwords, credit card details, and more.

While many phishing attacks target individuals, the most dangerous threats are communications that target employees and trick them into giving up their access credentials. These phishing scams are becoming more and more authentic, and without the relevant cybersecurity systems in place, these phishing scams can open up your internal systems to a wealth of cybersecurity threats.

Here are some steps you can take to mitigate against phishing threats:

  • Training – Run regular training sessions with your staff and present examples of phishing attack emails, texts, and websites so people can gain a better understanding of how sophisticated phishing attacks have become. If employees can recognize the signs of a phishing attack, then they are less likely to open suspicious emails and click on malicious links or attachments.
  • User access management – By implementing an effective user management policy, you can limit the access of staff to the bare minimum requirements they need in order to carry out their role, limiting the amount of access points for potential threats.

2. Mobile Devices

As businesses move to a model where more and more actions are carried out on mobile devices, the number of cybersecurity threats has also grown. In their 2019 white paper, RSA reported that 70% of fraudulent transactions were triggered by mobile devices in 2018. In addition to fraudulent mobile transactions, we have also seen a rise in the number of fraudulent apps, with the same RSA white paper reporting a 680% rise in frauds from mobile apps since 2015.

How can you mitigate against mobile cyberattacks?

As with phishing scams, education is a key part of mitigating against the risk of cyberattacks. With mobile devices, including the phones, tablets, and laptops prevalent in nearly every business, a robust policy must be put in place with regards to the use of mobile devices for managing sensitive information.

Mobile device management solutions can help. Managing and limiting the third-party services and applications installed on mobile devices is a big part of mitigating against these threats.

One of the most common ways of protecting mobile devices is through authentication, authorization, and session manager. Two-factor authentication or unique session tokens help to form valid and unique message payloads, limiting the potential for cybersecurity threats on mobile devices.

3. Internet of Things (IoT)

There is no doubt that the Internet of Things (IOT) brings about exciting opportunities. The number of Internet-connected smart devices in the home and workplace continues to grow. While the use of these IoT devices offers the potential for innovations in the workplace, not all of these 'smart' devices have strong security installed. This increases the potential opportunity for attackers to infiltrate business networks and provides new headaches for network security teams.

We have already had a taste of the potential threats the IoT devices offer. Back in 2017, the Reaper IoT Botnet was launched and infected millions of networks. WIRED reported that Reaper not only looks to exploit weak or default passwords, but it has 'evolved that strategy, using actual software-hacking techniques to break into devices instead. It's the difference between checking for open doors and actively picking locks.'

How to mitigate against IoT cyber attacks

With the proliferation of IoT devices, the key to mitigating against cyberattacks that are generated through these devices is to ensure you have a full inventory of all Internet-connected devices on your network and, ideally, which operating systems they are using.

It's also important to have a clear policy in place about the use of IoT devices. Many people won't see any risk associated with bringing wireless speakers to the office; however, it's these types of devices that can lead to cyberattacks if undocumented.

Once you have a full inventory of all IoT devices, make sure the firmware for these devices is up to date and put a plan in place for regularly updating firmware. Manufacturers release regular patch updates in order to mitigate against cyberattacks, and it's important that all devices on your network are kept up to date.

Attila TomaschekAttila Tomaschek

Attila Tomaschek is a Digital Privacy Expert at ProPrivacy.

"Here are a few top cybersecurity threats and trends to watch out for in 2020..."

Evolving data privacy regulatory landscape

In the wake of several high-profile cyber incidents and data breaches involving some of the world's largest corporations in recent years, calls for increased data privacy regulations have intensified across the globe. The European Union has since enacted the world's most sweeping data privacy laws with its General Data Protection Regulation (GDPR), and the state of California has followed suit with similarly rigorous privacy legislation with the California Consumer Privacy Act (CCPA), which is set to take effect on January 1st, 2020. As we move forward into 2020 and beyond, we can expect more and more states and countries to introduce their own legislation in an effort to protect consumers' private data and hold companies properly accountable for how they collect and process that data. The evolving regulatory landscape will prompt corporations to invest significant resources into compliance efforts, as well as oblige them to take cybersecurity seriously. As a result, going forward, we will see more and more organizations taking a "secure-by-design" approach to their data collection practices, while consumers will have a much greater say in how their data is handled by those with whom they share it.

Increased role of artificial intelligence and machine learning in cybersecurity

With cyber threats continuously evolving and becoming progressively more sophisticated, and with businesses opening up attack vectors through substantially increased IoT adoption and BYOD (bring your own device), human cybersecurity teams and legacy systems are no longer enough to mitigate many of the risks. As a result, businesses will need to invest heavily in implementing advanced AI and machine learning capabilities that automatically monitor, detect, anticipate, and ultimately mitigate cyber threats. Going forward, AI and machine learning tools will become indispensable for organizations in analyzing, assessing, and adapting to the evolving cyber threat landscape in real-time.

5G and advancement of IoT products

As 5G begins to take over, its high-bandwidth and low-latency capabilities will allow IoT devices to become increasingly multi-functional, smarter, more efficient, and more intelligently responsive to users' commands. However, while 5G will significantly advance the proliferation of IoT devices and smart technology, it will at the same time considerably increase users' attack surfaces and risk of falling victim to a cyberattack. Compounding the risk is the fact that IoT devices are, by and large, notoriously unsecure, leaving their users' networks dangerously vulnerable to an attack. A hacker can easily exploit a vulnerability in an unsecured IoT device and use it as a way to inject malware onto an unsuspecting user's network. Users can help minimize their risk by keeping track of the IoT devices connected to their networks and ensuring that each device's firmware is continuously kept updated with the latest security patches. Going forward into 2020 and beyond, we should see IoT device manufacturers increasingly building their products with a secure-by-design approach, as well as touting the security of their products as a selling point for consumers.

Increasing importance of supply chain security

It is no longer enough for an organization to consider only its own cybersecurity practices. Any third-party vendor that a company works with must be properly vetted, and its cybersecurity practices considered as well. Especially with the growing gig economy and companies outsourcing more and more business functions, companies will need to be vigilant and protect themselves against potential supply chain attacks. The problem is that supply chain attacks are incredibly difficult to detect. When carrying out a supply chain attack, the cybercriminal will exploit vulnerabilities and weaknesses in a company's third-party vendors' and suppliers' systems to gain access to its systems without actually directly infiltrating its network. Basically, this means that regardless of how robust a company's cyber defenses may be, if the company's vendors do not employ the similarly resilient cybersecurity practices, it can still very well be vulnerable to an attack through weak spots in its supply chain. In addition to properly vetting third-party vendors and ensuring their vendors' cybersecurity policies are up to par, it is critical for businesses to apply the principle of least privilege to vendors in their supply chain as well. By limiting vendors' access privileges to the absolute bare minimum required for their function in the supply chain, businesses can go a long way in insulating their critical systems from potential attacks and mitigating their risks against this growing threat.

Brad PierceBrad Pierce


Brad Pierce, Director of Network Security for HORNE Cyber, has 15 years of experience in IT and cybersecurity, focusing on collaborating with executive leadership teams to strengthen security posture by uncovering and remediating vulnerabilities. Brad, along with a team of cyber analysts, monitors live network traffic in search of active threats.

"The top cybersecurity threats and trends for 2020 are..."

Situational Awareness: words that were ingrained in my psyche during my years in the military. The phrase is simply defined as the perception of environmental elements and events with respect to time or space, the comprehension of their meaning, and the projection of their future status. By gaining situational awareness, teams can begin to form an idea of how an environment should be securely maintained and how it will likely evolve in the near future. By gaining situational awareness, organizations will likely start to see a more logical approach to anticipating the future trends in cybersecurity as a whole.

Here's where I believe things are heading in 2020:

Ransomware will continue to remain in the forefront of cyberattacks. The wheel has been invented, and the bad guys continue to evolve the tactics they use to successfully infect systems with malicious code in hopes of yielding a ransom payment. With so many successful attacks in 2019 alone, it is unlikely this trend will taper off anytime soon. Based on the attack trends in 2019, I foresee more targeted attacks against specific organizations in 2020.

Social engineering continues to rake in funds for attackers. Nearly every day I hear about another organization that has been affected by compromised email credentials via some derivative of phishing or deception. Attackers continue to gain unauthorized access to corporate email accounts. Then, by manipulating mailbox rules, they are able to control a victim's mail flow while hiding the email communications and modifying ACH information in invoices, that ultimately results in money being sent right to the perpetrator. The next stage of social engineering I anticipate gaining in popularity is the realm of mobile devices and messaging platforms.

The Cloud has, for some time, been growing in popularity. However, after several high-profile security events in recent years, organizations are beginning to question the security of having their operations in hosted environments. While these solutions have enabled organizations to scale quickly and transfer some risk to the provider, many are wondering if the providers are holding up their end of the deal. We have seen many organizations recently consider protecting their own data by hosting their operations on their own equipment. I believe we will continue to see a rise in on-premises versus hosted environments.

2020 is the year of situational awareness. The bad guys are winning on many fronts. It's going to take organizations building situational awareness and taking an offensive approach to cybersecurity, rather than solely depending on a shiny new security appliance.

Ana Bera Ana Bera

Ana Bera is a Co-founder at SafeAtLast.

"One of the top cybersecurity threats to watch out for in 2020 is..."

Phishing. Phishing has been one of the most common cybersecurity frauds in 2019 and there are no signs of this trend stopping. According to some statistics, phishing represents 93% of all social attack-based breaches, whereas more than 76% of cybersecurity attacks are financially motivated.

Guneet Sahai Guneet Sahai


Guneet Sahai is the CTO of Mercer | Mettl, a HR technology company and talent measurement firm that enables businesses to make precise people decisions in talent recruitment, management, and training across industry verticals.

"Here are a few of the top cybersecurity threats and trends to watch out for in 2020..."

Extreme Steps to Secure Data when Sharing Business-Critical Data with a Third Party: With cloud computing, you are sharing business-critical and highly confidential data with a third party, increasing the vulnerability of data loss and leakage. Although all cloud-computing services partners and providers leverage a highly encrypted set of instructions to offer privacy, it can still pose a risk for businesses.

Consent Management: Companies must be on the lookout for ways to give their customers and clients seamless authority and control over their data.

Some effective ways to handle consent management and data privacy:

  • Consent Forms: Before using any data, people must be informed why the data is being collected and how it will be used. Just like Google does.
  • Strong Processes: Install strong systems and put robust processes in place which are also streamlined according to GDPR regulations. This way, customers' personal data is safe with you, and you are safe with regards to legislation.
  • Data Security: There must be strong and robust data security measures in place along with effective storage and retrieval platforms. Not to mention, you must be sure to follow regulations regarding sharing it with any third-party.

Hamna Amjad Hamna Amjad


Hamna Amjad is a Tech Expert at Gigworker.

"There are several cybersecurity threats and trends to watch out for in 2020..."

1. Data breaches:

Data breaches will continue to be the biggest threat, and no industry or business is immune to them. More than 4 billion records were breached in 2019 so far.

Web application vulnerabilities and malware are the biggest causes of data breaches besides criminal attacks. Hence, providing security measures for consumer privacy and strict data protection laws should be the top priority of all the organizations.

2. Automation:

Like all other industries, the IT industry is also undergoing automation and integration. The focus is on making the processes agile and efficient to reduce the workload on understaffed teams. This also means there will be a need for more skilled IT and cybersecurity professionals who can keep up with the changing demands of their industry.

3. Risks Related to AI and IoT Devices:

With the booming IoT (Internet of Things) market, security has become an even bigger concern. IoT based products and systems are more prone to attacks because of the unsecured network. Moreover, AI is being used by cybercriminals to develop advanced malware and attack methods which are very hard to identify.

Mihai Corbuleac Mihai Corbuleac


Mihai Corbuleac is an Information Security Consultant at StratusPointIT, an IT support company providing professional IT support, cloud, and information security services to small and medium businesses across the United States since 2006.

"There are many threats that you should watch out for in 2020..."

The email service is still the most common delivery method for malware. It is estimated that 2-4% of all emails contain some type of malware. Also, the number of Internet-connected devices in homes and businesses are continuously increasing.

The problem is that not all of these smart devices have strong security installed, hence creating openings for attackers to hijack these devices to infiltrate vulnerable networks.

When it comes to businesses, as noted by several publications, including ITPro Today, the rate of detections within businesses rose from 2.8 million in the first quarter of 2018 to 9.5 million in the first quarter of 2019, which is a more than three times increase. Still, ransomware remains a threat because creative hackers keep searching and finding new ways to access targeted devices and networks. After they accomplish that, sneaking in their malicious scripts is just a matter of time.

Andrew StarkAndrew Stark


Andrew Stark is the Director at RedMosquito Ltd.

"Statistics indicate that cybersecurity attacks increase year over year, and 2020 is unlikely to be an exception..."

Phishing, ransomware, and targeted cyberattacks are all set to increase. Anti-phishing, staff awareness training, and spending to meet regulatory compliance will all add to the cost of cybersecurity for businesses.

We are also likely to see increased countermeasures at a national level as seen recently with the collaboration between the US and Taiwan, whereby both countries probed the other's security over the course of a week before reporting back on security holes and weaknesses discovered.

The introduction of 5G will also be a factor, with an estimated 36 billion devices being connected to the internet by the end of 2020. The increasing volume, complexity, and range of these devices will inevitably add to the security headache for the cybersecurity industry.

All this will be further exacerbated by a growing shortage in cybersecurity talent, a trend that is also likely to continue in 2020 with industry demand outstripping the number of skilled security consultants out there.

There is no doubt that the cyber war continues to rage and, unfortunately, the end is nowhere in sight.

Sage Driskell Sage Driskell


Sage Driskell is a Security Engineer at The 20.

"2019 was the first time we heard about a deep fake being used to commit fraud, but..."

2020 may very well be the last time it makes the front-page news. This isn't because it has stopped, but because it will become so widespread. When someone can flip a switch to sound exactly like someone else, how do you know who you're talking to over the phone?

Information is cheap and can be used to piece together whether an expecting mother is pregnant before her family does. That was for coupons. What do you think someone is going to do with similar information when the stakes are high?

There isn't really a good solution on the market to stop this. If someone calls in, you expect them to be who they say are if they sound right and can confirm a few details. Unfortunately, if it looks like a duck, quacks like a duck, and walks like a duck, it may just be a deep fake of a duck. Your security may get smarter, but it doesn't usually address the human element. It's important to train your employees and to implement processes and procedures that triple checks people's identities (both third party and internal), especially where money is involved.

Marcellus Buchheit Marcellus Buchheit


Marcellus Buchheit is co-founder and Chairman of the Board of WIBU-SYSTEMS AG in Karlsruhe, Germany, a leading developer of software protection, licensing, and security technologies, and currently serves as the President and CEO of Wibu-Systems USA, Inc.

"Endpoint protection in the Industrial Internet of Things (IIoT) is a key cybersecurity issue for 2020 and beyond as..."

Industrial systems become more Internet-connected in the realm of Industry 4.0. An attack to an IIoT system typically starts with one or more endpoints. An endpoint is any component that has an interface for network communication, such as sensors, routers, and other Internet-connected devices. Endpoints are the only place in an IIoT system where execution code is stored, started, and updated and data is stored, modified, or applied.

There are many security threats and vulnerabilities that can be exploited in an IIoT endpoint. In hardware components, the processor could be replaced with a fake, memory can be corrupted, and peripheral devices can be falsified. The boot process can be altered, putting all processes executed after the boot at risk. The operating system can be re-programmed to run improperly. Applications and their APIs can be programmed to accept illegal parameters. Even code from applications that run outside the OS, like a virus checker, can be tampered with and serve as the entry point for malicious code.

Other vulnerabilities can be exploited in the runtime environment, hidden in code used from third parties, and exploited during configuration, deployment, and management. Another challenge is the remote update of the software on the endpoint: Without additional protection, it can be maliciously corrupted at download source or via the "over the air" update.

Victor FredungVictor Fredung


Victor Fredung is the CEO of Shufti Pro. Victor is a seasoned fintech innovator with multiple years of experience in the payment sector.

"With a rise in online banking and e-commerce, cybersecurity will remain a top trend among leaders and practitioners..."

Digital ID theft, hacking, data breaches, and malware attacks are common risks that will continue to threaten individuals and businesses in 2020. With the Internet of Things (IoT) taking over most processes, the risk of electronic data being compromised and falling into the wrong hands is amplified.

To be specific, the use of single-factor passwords and insecure APIs will need to be managed cautiously in the coming year to steer clear of cyber threats.

Thomas K. Dolan CISSP, CISA & CRISC Thomas K. Dolan CISSP, CISA & CRISC


Thomas K. Dolan is the SVP of Information Security and Risk at Exela Technologies.

"In 2020, ransomware attacks will grow increasingly sophisticated..."

Utilizing artificial intelligence and computer learning systems to bypass current security measures. Additionally, I feel that more advanced social engineering tactics (phishing) will be used to lure people into clicking on a link, surrendering their passwords or other critical PII or PHI data, making it harder to prevent ransomware infections.

Peter Purcell Peter Purcell


Peter Purcell is the Co-founder of EVAN360.

"As if we aren't already faced with enough malicious cyber activity, you can add stalkerware to the list of threats to watch out for..."

Stalkerware is software installed on an unsuspecting person's phone or computer that allows a perpetrator to track location, intercept texts and calls, and access the photos, apps, microphone, and camera. It essentially tracks a victim's every move. The software is largely undetectable and usually requires physical possession of a phone to install. Nonetheless, it's very scary. Check out this video from BBC to see how it works.

The good news is, most stalkerware must be installed directly on a device (at least, that's the case in our current technological environment). The bad news is that it can be installed in minutes and usually remains hidden, and a victim's attempts to search for stalkerware can be recorded. Remote installation via an email link, for example, is also possible, although less likely.

Spotting stalkerware can be difficult, because the signs are fairly nebulous – slower device performance, increased data usage, and a fast-draining battery. In our research, stalkerware is often installed by a family member, friend, employer, or someone with easy access to a victim's device. In fact, NPR conducted a study and found that cyberstalking often plays a role in domestic abuse. Cyberstalking can happen to anyone by anyone, so it's crucial to be aware and stay safe. If your company allows employees to have company data on personal phones, it’s important to have some sort of mobile device management platform and BYOD policy.

Dmitry SotnikovDmitry Sotnikov


Dmitry Sotnikov serves as Vice President of Cloud Platform at 42Crunch – an enterprise API security company – and also maintains, a popular community site with daily API Security news and a weekly newsletter on API vulnerabilities, breaches, standards, best practices, regulations, and tools. Dmitry has more than two decades of experience in enterprise IT software and cloud computing, holding executive positions with companies such as WSO2, Jelastic, and Quest Software.

"API Security is rapidly becoming one of the primary cybersecurity threats..."

APIs are proliferating (according to Akamai, 83% of all web traffic is now API traffic) thanks to the wide adoption of mobile apps, rich web applications, smart devices, and microservices architectures. Thanks to the modern microservices architectures, individual application components also use APIs to communicate. Combined with the use of cloud services, this radically expands the attack surface compared to traditional web application user interfaces. Gartner estimates that by 2021 exposed APIs will form a larger attack surface than UIs for 90% of web-enabled applications. Gartner predicts that by 2022, APIs are going to become the #1 attack vector. This is already happening. According to, just in the last few months the APIs of well-known brands were found vulnerable: Facebook, Amazon Ring, GitHub, Cisco, Kubernetes, Uber, and Verizon, to name just a few.

To educate yourself about the trend and improve your company's API security:

  • Learn more about API security.
  • Adopt best practices from industry efforts such as OWASP API Security Top 10.
  • Embed API security into your DevSecOps processes to ensure high quality of your APIs on all stages: design, implementation, testing, production deployments.
  • Ensure sound API discovery process within your company.
  • Ensure that all API calls and their responses are protected and controlled.

Nick Loui Nick Loui


Nick Loui is the CEO and co-founder of PeakMetrics, a media analytics company. PeakMetrics helps communications professionals manage their brand reputation, track competitors, and distribute their messages more effectively. In addition to their commercial work, they are actively working with coalitions to fight misinformation and disinformation.

"By far, we'll continue to see the use of phishing techniques by malicious actors..."

We're seeing that the most successful attacks still come as a result of human mistakes versus complex security issues. Beware of emails that you don't recognize and be sure to verify that any links to websites that request information are valid. Enable two-factor authentication and look to leverage software solutions such as Google Authenticator or hardware keys versus relying on SMS. We're tracking the increased use of SIM hacking, which results in the decrease of SMS verification as a reliable 2FA mechanism. Want to see how vulnerable you and your employees may be? Google has released a tool that quizzes you on your ability to identify a phishing attack.

Brian Prentice Brian Prentice


Brian Prentice is an information security expert and managing partner of Vaco Risk Solutions, a division of Vaco specializing in helping clients safeguard themselves from the monetary and reputational impact of cybersecurity threats. He utilizes strategy, policy, technology, and education to identify and support his clients' needs.

"One top cybersecurity threat to watch is..."

Doxing. The average person has 60-90 apps on their phone, 8.5 social media accounts, receives 121 emails per day and spends 24 hours per week online. That means there's a significant amount of personal data to be found if an individual is doxed.

Doxing (or doxxing) is a tactic of online harassment by hacking and then exposing private or personally identifiable information (PII) about an individual or organization. The information might have technically been public record (but difficult to obtain) or it could be private information.

  • The motivation could be malice – doxing has become a popular means of retribution for someone viewed as in the wrong on any number of issues. For example, politically motivated individuals may expose home addresses of their opposition, which can endanger the victim. In some of these cases, doxers have been prosecuted. In others, victims may lose their jobs or reputations (or both).
  • It could also be financial – by gathering enough information, a doxer may be able to satisfy the requirements of a loan application, for example. They may also blackmail the victim into paying to keep the information from being made public. In this case, it's not unlike ransomware.

Doxers access this information through a number of avenues:

  • Some public databases corral public information, making it easy to find home addresses, phone numbers, family members' names, etc. Sites like Spokeo or TruePeopleSearch are examples.
  • Social engineering is a method by which attackers use their own social skills in attempt to get their victim to volunteer information. For example, you may receive a friend request on a social media site from someone you believed you were already connected to. This could be a case of a doxer creating a duplicate profile in attempt to extract information from you or other connections.

Zeguro is a cyber safety solution and insurance provider for small to mid-sized businesses (SMBs), offering a comprehensive suite of tools for risk mitigation and compliance, as well as insurance premiums that are tailored to the size, sector and profile of a company.
Learn more →

Learn More
Ellen Zhang
Written by

Ellen Zhang

Digital Marketing Manager

Enthusiastic and passionate cybersecurity marketer. Short-story writer. Lover of karaoke.

Sign up for the latest news

Oops! Please make sure your email is valid and try again.