49%: cloud usage vulnerabilities 41%: new risks with unvetted apps/platforms 39%: new vulnerabilities in existing apps or platforms. CISOs are right to be worried. The remote work threat surface introduces a variety of new challenges. One of the subtlest, most dangerous, and fastest-evolving new threats is the so-called “soft attack.” What is a Soft Attack? Typically, cyber-attacks are delivered by files or links that deliver malicious payloads. Bad actors can automate these attacks en masse, with fairly crude campaigns running over short timeframes. Soft attacks – or “soft hacks,” as the The Wall Street Journal has recently called them – are far more targeted.