Centrify, a leader in securing hybrid enterprises through the power of identity services, has identified seven trends that will shape enterprise security in Australia and New Zealand during 2018.
Centrify Corporation Senior Director APAC Sales Niall King said the major data breach revelations that had marked the past year would continue in 2018 as organisations struggled to recognise that unmanaged trust was at the core of their cybersecurity vulnerability. “While during 2017, Uber and Equifax opted to hold off reporting their respective data breaches, this is not an option in Australia where mandatory data reporting legislation takes effect from February 2018,” he said.
Based on its industry research and deep dive discussions with customers, Centrify has identified seven trends that will impact cybersecurity during 2018.
1/ The dark trend in ransomware will continue to explode in the coming year
According to the FBI, 2016 ransom payments totalled about US$1 billion, up from US$24 million in 2015. Centrify expects this lucrative illicit trend to continue for years to come.
2/ Blockchain will emerge as a potential disruptor across many areas of technology
While Centrify expects blockchain to emerge as a potential disruptor across many areas of technology in 2018, it will take several years to address blockchain vulnerabilities before the technology is sufficiently mature to act as a basis for enterprise security. That means blockchain technology may add to security risk before it starts to reduce it.
3/ Automation frameworks will make it easier for DevOps to adopt AWS securely
Security vendors will continue to embrace Amazon’s shared responsibility model for AWS during 2018, resulting in the rise of DevOps, a fast-growing segment required for successful automation. Centrify says baking security into the process will allow for further adoption of cloud-based services.
4/ Increasing identity-related breaches and vendor fatigue will force organisations to re-evaluate their security postures — architecture, budget and project priorities
Despite Verizon’s 2017 Data Breach Investigations Report (DBIR) reporting that compromised identities were responsible for 81 per cent of all data breaches, companies spend just 4.7 per cent of their total security budgets on identity and access management (IAM) - the very technology that could help prevent four out of five breaches. Centrify expects that a combination of increasing identity-related breaches and security vendor fatigue during 2018 will force companies to re-evaluate their entire security posture from the ground up, to put protecting identities at the centre of their security.
5/ Organisations will respond to the current threat landscape with a Zero Trust Model
After the huge corporate impact of data breaches such as Equifax and Uber, Centrify expects companies to respond to increasing cybersecurity threats by implementing Zero Trust security models, which shift access controls from the perimeter to users and individual devices and grant access to services based on what is known about a user and their device.
6/ The security market will incorporate machine learning to address identity-related breaches
Last year, companies such as Centrify integrated machine learning to ascertain the risk level of individual transactions and decide in real time whether to allow them. Centrify expects to see wider adoption of this approach, which pivots identity security away from detect-and-respond alerts and towards more automated preventative controls.
7/ The rapid move to the cloud will increase the adoption of Zero Trust network models and modern microservices architectures that mandate the use of least privilege
During 2017, companies moved large segments of their infrastructure into the cloud, which still requires authentication and privilege management. Centrify anticipates widespread adoption of technologies that manage privileged identities with fine granularity. Least privilege will become an increasingly common term around the data centre.
Mr King said the immediate cybersecurity outlook for 2018 was ominous. “While the risk is that things will get worse before they get better, Centrify is confident that emerging security models such as Zero Trust will enable organisations to rethink their cybersecurity,” he said.
“Embedding security bulwarks such as least privilege access, multi-factor authentication and machine learning-based risk assessment into standard corporate workflows will increasingly focus organisations on securing identities to follow a proven path that can turn the cybersecurity tide.”
For Centrify media assistance in Australia and New Zealand, call John Harris on +61 8 8431 4000 or email firstname.lastname@example.org.
Centrify redefines security from a legacy static perimeter-based approach to protecting millions of scattered connections in a boundaryless hybrid enterprise. As the only industry-recognised leader in both Privileged Identity Management and Identity-as-a-Service, Centrify provides a single platform to secure each user’s access to apps and infrastructure through the power of identity services. This is Next Dimension Security in the Age of Access. Centrify is enabling more than 5000 customers, including more than half the Fortune 50 in the US, to defend their organisations. To learn more visit www.centrify.com.
The Breach Stops Here.
Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Services are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.