The major data breach revelations that marked the past year will continue in 2018 as organisations struggle to recognise that unmanaged trust is at the core of their cybersecurity vulnerability.
While at least two companies during 2017, Uber and Equifax, opted to hold off reporting their respective data breaches, this is not an option in Australia where mandatory data reporting legislation takes effect from February 2018.
Based on its industry research and deep dive discussions with customers, Centrify has identified the following seven trends that will help impact cybersecurity during 2018.
1. The dark trend in ransomware will to explode in the coming year
Online sources dark web ransomware sales grew 2500 per cent to $6.2 million between 2016 and 2017 to date. According to the FBI, 2016 ransom payments totalled about US$1 billion, up from US$24 million in 2015.While Centrify last year predicted increases in ransomware, this off-the-charts growth surprised even us. Unfortunately, we expect this lucrative illicit trend to continue for years to come.
2. Blockchain will emerge as a potential disruptor across many areas of technology
Blockchain technology has started to make serious waves -- and not just in the world of cryptocurrencies. Even US defence contractor Lockheed Martin is exploring blockchain-related cybersecurity options. While Centrify expects blockchain to emerge as a potential disruptor across many areas of technology in 2018, it will take several years to address blockchain vulnerabilities before the technology is sufficiently mature to act as a basis for enterprise security. That means blockchain technology may add to security risk before it starts to reduce it.
3. Automation frameworks will make it easier for DevOps to adopt AWS securely
In 2018, security vendors will continue to embrace Amazon’s shared responsibility model for AWS, recognising that scalable automation is essential to protect sensitive information in the cloud. This will result in the rise of DevOps, a fast-growing segment required for successful automation due to its ability to script, automate, scale and handle exceptions effectively. Increased, straight-forward automation will make it easier for DevOps to adopt AWS securely. In turn, baking security into the process will allow for further adoption of cloud-based services.
4. Increasing identity-related breaches and vendor fatigue will force organisations to re-evaluate their security postures — architecture, budget and project priorities
According to Verizon’s annual Data Breach Investigations Report (DBIR), compromised identities were responsible for 50 per cent of all data breaches in 2015. That number grew to 66 per cent in 2016, and 81 per cent in 2017. This demonstrates that attackers are focusing on the most vulnerable area of the business - identities.
Yet despite that clear and present danger, many organisations are failing to make the connection. In 2017, companies spent just an estimated 4.7 per cent of their total security budgets on identity and access management (IAM) - the very technology that could help prevent four out of five breaches. In 2018, a combination of increasing identity-related breaches and security vendor fatigue will force companies to re-evaluate their entire security posture from the ground up, to put protecting identities at the centre of their security approach.
5. Organisations will respond to the current threat landscape with a Zero Trust model
The big security event of 2017 was the Equifax breach, where cyber criminals gained access to confidential data from 143 million people – nearly half the population of the United States!
Fallout included the departure of senior executives, the filing of more than 23 class-action lawsuits and a 35 per cent stock price decline that wiped out $4 billion in market capitalisation. That severe market reaction may indicate investors are growing intolerant of companies that fail to take security seriously.
Centrify expects companies to respond to these increasing cybersecurity threats by implementing Zero Trust security models. This involves two important realignments. First, it shifts access controls from the perimeter to users and individual devices, thereby allowing employees to work securely from any location without the need for a traditional VPN. Secondly, access to services is granted based on what is known about a user and their device - which are all authenticated, authorised and audited.
6.The security market will incorporate machine learning to address identity-related breaches
Last year, companies including Centrify integrated machine learning to ascertain the risk level of individual transactions and decide in real time whether to allow them. While behaviour analytics are not new, few solutions previously had the ability to stop a transaction in real time. This pivots identity security away from detect-and-respond alerts and towards more automated preventative controls.
For example, risk-based authentication (RBA) improves user experience by using machine learning algorithms to assess risk – only requiring a second factor of authentication when risk is assessed as high. Due to the substantial benefits, Centrify expects to see rapid integration of these technologies into cybersecurity solutions during 2018.
7. The rapid move to the cloud will increase the adoption of Zero Trust network models and modern microservices architectures that mandate the use of least privilege
During 2017, companies moved large segments of their infrastructure into the cloud, where security considerations resemble those on premise: Authentication is still required and privileges must be managed. Centrify anticipates widespread adoption of technologies that manage privileged identities with fine granularity. Least privilege will become an increasingly common term around the data centre.
So while the immediate outlook for 2018 is ominous, with the risk that things will get worse before they get better, Centrify is confident that emerging security models such as Zero Trust will enable organisations to rethink their cybersecurity. Embedding security bulwarks such as least privilege access, multi-factor authentication and machine learning-based risk assessment into standard corporate workflows will increasingly focus organisations on securing identities to follow a proven path that can turn the cybersecurity tide.
Niall King has held the role of Senior Director APAC Sales for Centrify Corporation since 2014, leading the company’s sales force for the region. Fluent in Japanese, Mr. King’s role is split between Centrify’s Silicon Valley head office and Japan, along with regular visits to Australia. Mr. King previously worked with early stage startup Pluribus Networks, Cacheflow (now Bluecoat), Neoteris (which was acquired by Juniper Networks) and Barracuda Networks.