As many predictions including my own in 2016 demonstrated, email as an attack vector is back with a bang as business everywhere were attacked through phishing emails, tricking people into opening malicious links and bogus attachments – often leading directly to a data breach. Spear Phishing targets specific individuals and business units, the recent US election highlighted an example of this.

There was also a quantum leap in the advancement of Ransomware technologies, now essentially an arms race amongst various criminal organisations. RaaS (Ransomware As A Service) is available through channels such as the dark web. Revenues generated are growing exponentially, using your data to feed it.

Attacks on Cloud services and IoT infrastructures will start to become more widely spread and reported. As businesses and consumers alike begin to enjoy more of these types of service the outages suffered through denial of services attacks and/or data breaches via direct hacks will become more apparent…

So very often, bad password hygiene will lead to a data breach. Human beings are pathetic at remembering complex passwords and are even worse at implementing good password hygiene if not forced to. So common are hacked passwords that they will only continue to feed the other threats. Time to change!