The past years have seen a number of corporate attacks on cybersecurity.

Facebook suffered a major security breach that compromised the personal data of 29 million users. Hackers breached a U.S. Customs and Border Patrol surveillance contractor — stealing multiple traveller photos and license plate images.

More unfortunate news hits home — Australian businesses are “completely unprepared” for data breaches and cyberattacks. In fact, reported incidents have increased by 700 per cent since last year.

With cybercriminals attacking authorities and huge corporations, the possibility that they can easily breach your security and destroy your business is sky-high.

What better way to counter these attacks than to learn from them? Leverage these top cybersecurity trends and predictions to equip your business this 2020.

7 Top Cybersecurity Predictions to Look Out for in 2020

99% of attacks are from known vulnerabilities  

By 2020, 99% of cyberattacks will come from vulnerabilities already known by IT professionals for at least one year.

Businesses and organisations need to identify and patch these vulnerabilities before hackers can exploit them.

Think of it this way: An unlocked window at night is an invitation for others to enter your home. It’s just a matter of time until robbers find it and try to break in.

Just like you would with your home, do regular checks with your website and fix any security flaws right away.

Good cybersecurity hygiene should keep common attacks at bay and protect your online presence for years to come.

1/3 of successful attacks will be caused by shadow IT  

Not everything can be managed by your IT department — and this increases the risk of future cyberattacks.

Shadow IT refers to applications and infrastructure used within a company without the knowledge of its IT department.

Employees often turn to certain software and web services to easily accomplish their daily tasks. With shadow IT, they don’t have to ask for IT authorisation to do so.

Some familiar examples are cloud services and personal devices through bring-your-own-device (BYOD) policies.

Shadow IT has its pros and cons. While it increases productivity within the workforce, it also puts the business at risk for cybersecurity attacks.

Instead of sanctioning shadow IT users, employers need to create a culture of acceptance and promote education. They can use this as an opportunity to find better ways to deal with additional IT resources needed to improve productivity.

IoT-based attacks will increase  

IoT, or the Internet of Things, has paved the way for new IT possibilities. But along with this are the countless security risks involved.

In fact, Microsoft found out that a Russian hacking group called STRONTIUM has intercepted the IoT devices of several Microsoft customers — using them to gain access to certain corporate networks.

Two of the devices were compromised for two reasons: (1) no one changed the device’s default password, and (2) the other device wasn’t installed with the latest security patch.

Cybercriminals will take advantage of weak device management as corporate environments turn to IoT. Microsoft calls on businesses to better manage their IoT networks, especially in this BYOD world.

Attackers will capture data in transit  

We’re likely to see increasing attempts to hack into routers to capture data passing through them.

Hackers can insert malware into a router and perform malicious acts, such as steal banking credentials or display spoofed web pages to lure users into submitting their information.

Ecommerce merchants do not store credit card information to prevent attackers from accessing them in their database. But as their methods evolve, cybercriminals will continue to find ways to capture consumer data when it is in transit.

These attacks, referred to as “formjacking”, have recently affected global companies — and they’re expected to continue come 2020.

Protect your website from such attacks by getting a reliable SSL certificate. An SSL promotes safe and secure online transactions — which is a must among ecommerce businesses.

Passwordless” authentication will be the norm 

Passwords are a magnet for cybercriminals. They’re gateways to various security attacks, such as phishing, credential stuffing, and social engineering.

This makes “passwordless” authentication a necessity for devices and corporate technologies.

Passwords are far too embedded in business practices, so don’t expect them to disappear just yet.

For now, it pays to explore passwordless methods and products, like the use of biometrics, for stronger identification and analytic capabilities.

Cloud security becomes a mainstream computing platform  

A cloud shift is expected through 2020 and beyond as more organisations are going for cloud-based platforms.

The cloud is a great tool in running a business as it lowers operating costs, promotes better collaboration, and increases flexibility.

But along with these benefits is an increase in cloud security risks.

By 2020, businesses will continue to mature their cloud security competency to keep up with the trend. This means investing in people, tools, and processes that help them master cloud technology and keep it secure as much as possible.

AI will be used to aid and counter attacks  

Many business operations have already utilised AI-powered systems. Although they automate manual tasks and promote efficient decision-making, AI systems also invite cybersecurity attacks as they hold massive volumes of data.

Cybercriminals won’t just target AI systems; they will also utilise AI techniques to supplement their malicious acts.

AI could be used in phishing attacks or disinformation campaigns to fool targeted persons.

By 2020, businesses will continue to mature their cloud security competency to keep up with the trend. This means investing in people, tools, and processes that help them master cloud technology and keep it secure as much as possible.

On the flip side, defenders will also increasingly depend on AI to keep these attacks out.

Integrating machine learning techniques to their threat identification systems helps companies identify vulnerabilities — and effectively secure their assets from future attacks.


As information technology booms, online security attacks continue to improve. It’s only a matter of time until attackers can tap into your online properties. Learn how to spot vulnerabilities early on and bulletproof your website security as soon as possible.