Story image

Ping Identity CTO’s cybersecurity predictions for 2019

22 Jan 2019

Ping Identity has released its annual cybersecurity predictions for 2019.

Among the top five trends in the coming year are a decrease in successful attacks against multi-factor authentication (MFA), a proliferation of zero trust security approaches and a growing emphasis on API security. 

“As we usher in 2019, the role of intelligent identity will only grow more critical,” says Ping Identity CTO Bernard Harguindeguy.

“Our borderless world provides unprecedented freedom and convenience but also breeds a whole new set of cybersecurity risks and concerns.

“With this in mind, it’s critical that organisations effectively safeguard their data and applications in the new Zero Trust world that is fast becoming the norm.”  

Here are Ping Identity’s top five cybersecurity predictions for 2019:

1. Fewer successful MFA attacks

While MFA attacks increased in 2018 as predicted, the adoption of the W3C’s WebAuthn by major browsers promises a solution when combined with FIDO CTAP authenticators.

These prevent phishing attacks by only allowing authentication requests from sites where they have been previously registered, providing greatly enhanced security.

2. Cryptographic verification of identity

Identity authorities will increasingly use phone-carried credentials (e.g. mobile drivers licenses, national ID cards and passports) to verify identities.

While privacy advocates argue that giving law enforcement access to your mobile phone could result in unwanted disclosure of private information, 14 US states are testing or have already implemented cryptographic identity verification, and China plans to issue a digital version of its national ID card.

3. The death of corporate firewalls and rise of zero trust architectures

As identity becomes the new perimeter, zero trust architectures will replace firewalls and VPNs.

Employee-only applications are already accessible via the open internet.

Security processes that previously required users to be on the corporate network - for example, two-factor authentication registration and password recovery—will follow suit, requiring fresh approaches to authentication and validation of employees and external authorised users.  

4. More API-centric breaches and regulations

The API infrastructures responsible for providing easy access to data and applications are attractive targets for hackers and bad actors.

Because traditional enterprise security is woefully inadequate at protecting APIs, attacks can go undetected for months or years.

Where they don’t already exist, API-specific regulations and governance - and corresponding financial penalties - can be expected.

5. Wider adoption of open banking standards

Building on the blueprint of the UK’s Open Banking Standard, other countries will deploy similar open banking standards to spur innovation in their own nations.

In fact, Australia, Japan, New Zealand, Hong Kong and Canada are already working on them.

Meanwhile, banks will race to update their existing IT infrastructures to prepare for these new security and API standards mandates, leading to a scarcity of specialists to tackle these projects. 

Spoofs, forgeries, and impersonations plague inboxes
It pays to double check any email that lands in your inbox, because phishing attacks are so advanced that they can now literally originate from a genuine sender’s account – but those emails are far from genuine.
HCL and IBM collaborate to encourage global hybrid cloud uptake
HCL announced a collaboration with IBM designed to help advance the hybrid cloud journeys of organisations worldwide. 
50 million tonnes of e-waste: IT faces sustainability challenges
“Through This is IT, we want to help people better understand the problem of today’s linear “take, make, dispose” thinking around IT products and its effects like e-waste, pollution and climate change."
Oracle Cloud whips up a breeze for Sydney yacht races
If data can help a boat go faster, racing teams and fans alike at this year’s SailGP in Sydney will get a front-row seat.
Why SD-WAN is key for expanding businesses - SonicWall
One cost every organisation cannot compromise on is reliable and quick internet connection.
Gartner debunks common AI misconceptions
“With AI technology making its way into the organisation, it is crucial that business and IT leaders fully understand how AI can create value for their business and where its limitations lie."
How Red Hat aims to accelerate business value with container technologies
Red Hat announced that leading global companies are creating, extending and deploying integration services across hybrid and multicloud environments using agile integration architectures based on Red Hat technologies.
IT employers having to up salaries and bonuses to attract talent
As the modern economy relies increasingly on data, it’s certainly a good time to be working in IT.