10 trends defining cybersecurity in the year of identity

2022 began with remote and hybrid work continuing to shape how organisations do business; ransomware and other attacks doing more damage than ever; and business users and consumers alike demanding digital access that’s easy, convenient and secure.

The common denominator for cybersecurity in these challenging circumstances? Identity.

In a time when businesses must operate without a protective perimeter, when the stakes for protecting private data and intellectual property have never been higher, and when users are growing increasingly impatient with cumbersome access, identity has become central to how organisations secure their resources and enable their users. Here, we share ten trends that illustrate the ways in which identity both reflects and defines cybersecurity today. Read on to learn more about the challenges and opportunities in identity – and, by extension, cybersecurity – that are top of mind for 2022.

Prior to the pandemic, zero trust was often dismissed as hype. But that’s changing, especially as organisations rely more on mobile connectivity, cloud operations and other security-sensitive ways of working. Zero trust – built largely on multi-factor authentication (MFA), governance processes and other identity-centric measures—is increasingly becoming accepted as a powerful means to a secure end.

1. The staying power of zero trust

As long as passwords are hard for users to remember and easy for hackers to guess, they’re going to continue to present a significant obstacle to secure access. Today, two forces are tipping the balance toward passwordless methods: business users and consumers who are less willing to accept inconvenience, and cybercriminals who keep finding more ways to abuse credentials.

2. Toward a passwordless Utopia

After years of spreading the word about how to use multi-factor authentication to achieve secure, convenient access, we’re now seeing MFA become even better established (and in some cases, required), with widespread acceptance of methods like push-to-approve, FIDO and biometrics. As a result, the focus is shifting to easy and secure rollouts for organisations, and increased convenience for business users and consumers.

3. MFA: from how-to-do-it to how-to-do-it-better

No one wants to compromise online privacy and security, but everyone’s patience with complex, time-consuming security requirements is wearing thin. Business users and consumers today are continuing to embrace passwordless and other ways to speed and simplify authentication, while organisations are looking to technology that helps streamline identity governance and compliance-related processes.

4. Easy, flexible, agile everything

Organisations are moving more operations to the cloud, and people are relying more than ever on mobile devices for just about everything they do. That makes both those platforms increasingly attractive to cybercriminals—and underscores the need for organisations to prioritise investments in modern authentication, cloud infrastructure entitlements management (CIEM) and other capabilities to help manage cloud and mobile risk.

5. Mobile and cloud: growing targets for cybercrime

Intellectual property is often stored in the form of unstructured data, which is hard to secure. Is it any surprise, then, that IP has become an especially enticing target for cyber attackers? Now more than ever, organisations benefit from employing data access governance, which provides the visibility into unstructured data needed to help stop IP exfiltration by bad actors.

6. Locking down unstructured data

Concerns about data privacy have not diminished since the adoption of the EU General Data Protection Regulation (GDPR) in 2016; if anything, they’ve accelerated. In Brazil, for example, where the General Data Protection Law (LGPD) recently went into effect, companies are exploring social logins, location-based authentication and other indirect ways of authenticating to address consumer data privacy concerns and comply with the new law.

7. Around the world, privacy rules

In the evolution of identity, 2022 is the year blockchain will be a resounding success—or a continuing disappointment, depending on how you look at it. Some see promise in blockchain as an enabler of secure digital identity; others anticipate privacy and data security problems with its use in authentication. Consider the challenges and opportunities—and keep an eye on this one.

8. Blockchain finally breaks through – or not

Identity governance and administration (IGA) gives organisations of all sizes visibility into access and helps them fulfil regulatory obligations more easily. But for small and midsize organisations, the operational requirements to establish IGA may be more than they can reasonably take on. The result? Wider adoption of managed services offerings that let them reap the rewards of a mature IGA program without overcommitting their resources.

9. Managed services: more, please

Business-to-business, business-to-consumer, business-to-employee—after years of distinctions among use cases for authentication, we are now seeing a convergence in which one platform is configured to meet different needs. It’s a perhaps long-overdue streamlining that recognises the essential common thread underlying all markets, even if there are differences in specific capabilities and how they’re delivered.

10. Welcome to the age of business-to-everything-and-everyone

Here’s to 2022 and the role identity will continue to play in delivering secure, convenient access, no matter what changes come. As your organisation looks for new ways to seize opportunities and tackle challenges in the digital world, you may need to seek help.

Bharat Panchal
close
The Business Bulletin

Don't miss out...

Enter your email address to ensure you receive the next edition of The Business Bulletin as it is published.

Bharat Panchal

After 30 years working in IT, Bharat decided to focus on helping businesses by offering the RSA SecurID® Suite which uses identity insights, threat intelligence and business context to provide secure access to all their users, across all their applications. Still traditional IT resellers, offering services and support in all IT matters however, what he actually does is deliver peace of mind to end-users and to management. With Bharat's help firms don’t need to worry about contravening strict rules on data access and GDPR regulations or about loss of data due to malicious attacks or plain forgetfulness.