2017 has brought a world of new cyber threats, from sophisticated ransomware attacks to cryptocurrency theft to high-profile data breaches – too often connected to stolen or misused credentials. With the evolution of the cyber threat landscape, c-suite and IT professional decision-makers are realizing that they must think differently about their cybersecurity strategies and methods if they expect to keep their organizations secure.
In 2018, we expect to see…
More and more companies adopting “passwordless”
The passwordless journey truly began for businesses in 2017 and we expect the implementation of a passwordless security approach to continue and pick up momentum into 2018 and beyond. Going passwordless means minimizing the dependence on passwords as much as possible to further reduce the likelihood of credential-based attacks.
Passwordless is not a zero-sum game; it is not all or nothing. As companies move towards a passwordless model, they should start with cloud applications supporting SAML, and/or Active Directory and applications leveraging the Active Directory credential. Once the end-user population understands the value of not having to remember or manage passwords, companies can remove the password at the endpoint, which then makes the entire trust path more secure.
In 2018, we expect many organizations to start small with passwordless, targeting a certain set of systems and users, and then expanding out as their comfort level grows. Identity security products must be flexible enough to handle the long tail of legacy, and walk the organization into modern authentication practices such as passwordless.
Biometrics becoming a commonplace technology
Biometrics is already a very compelling topic in the security conversation, and we don’t expect that to change any time soon. Biometrics is here to stay with regards to mobile authentication, but we will see more solution providers leveraging biometrics and leaving the actual support (enrollment, storage, etc.) to the mobile providers while they simply use what mobile provides.
2018 will be an interesting year for biometrics with Apple’s shift to facial recognition ID on the iPhone. It will likely be the largest adoption of facial recognition technology in history, and the response from iPhone users and security researchers is of great interest to the security and privacy community.
It is evident that biometrics are becoming more of a commonplace technology with a critical role to play in authentication. It’s interesting to see the consumer market leading the enterprise market in the adoption of biometrics. The major smartphone vendors are making it easier for the enterprise market to move towards passwordless.
An even more advanced threat landscape
Two things that really stood out in 2017 were the use of stolen credentials in breaches, and the use of ransomware in major attacks. Both seem to be on the rise, but for different reasons, and we expect both of these trends to continue in 2018.
Stolen credentials are easy to obtain on the dark web and leverage in an attack. They are the “path of least resistance” for attackers, who want to save their high-value exploits for when they face organizations with mature, challenging and sophisticated security. Many organizations are not paying enough attention to the identity layer, making it a perfect storm of a under-prioritized and cheap attack vector that offers high probability of success as well as return on investment.
The ransomware epidemic is concerning to me on a professional and personal level. Many organizations and private citizens have poor backup practices, which is really the best defense against ransomware. Without proper backup hygiene, you’re left to pay the ransom or wait on the possibility that a security researcher will crack the ransomware.
Insider assisted threats continue to expand
Insider threats are not a new concept, but as the as the threat landscape continues to advance, we expect to see an increase in insider-assisted threats. This is when a cybercriminal/threat actor convinces an individual inside a company to steal secrets.
These threats are expected to expand in 2018 for a number of reasons.
- Employee loyalty to their company is diminishing, which causes employees to be more easily enticed by a threat actor. Health care costs are skyrocketing, fewer companies are providing 401k matching and countless jobs are being lost to overseas. These factors combined with the entitlement belief system of younger generations are certainly causing a decrease in employee loyalty, which will lead to an increase in insider assisted threats.
- Traditional malware and vulnerabilities/exploits are becoming more difficult to hide (at least within advanced companies that have valuable data to protect). This is driving cybercriminals to other means of accessing confidential data, i.e. insider assisted threats.
- Blackmail is another contributor to the rise of insider assisted threats that we can expect to see in 2018. With so much of our personal lives exposed on social media or due to breaches/hacks, cybercriminals have ample opportunities to blackmail employees into helping them.
So, as 2017 comes to a close and we prepare for 2018, organizations should embrace passwordless and biometric strategies to stay ahead of the constantly evolving and continually advancing threat landscape (including the insider assisted threats). Organizations must strive for continuous improvement and bring their A-game because there’s no doubt that in the new year cybercriminals will continue to develop new tools and techniques and be working even harder to exploit security gaps.
Want to continue the conversation on the year ahead? Join our December 14 webinar "2018 Cyber Security Predictions: The Identity-Aware Perimeter Comes to the Fore", hosted by Garett Bekker, 451 Research and Chris Sullivan, SVP Office of the CISO – Core Security and SecureAuth.