itb-au logo
Story image

Ping Identity CTO’s cybersecurity predictions for 2019

22 Jan 2019

Ping Identity has released its annual cybersecurity predictions for 2019.

Among the top five trends in the coming year are a decrease in successful attacks against multi-factor authentication (MFA), a proliferation of zero trust security approaches and a growing emphasis on API security.  “As we usher in 2019, the role of intelligent identity will only grow more critical,” says Ping Identity CTO Bernard Harguindeguy.

“Our borderless world provides unprecedented freedom and convenience but also breeds a whole new set of cybersecurity risks and concerns.

“With this in mind, it’s critical that organisations effectively safeguard their data and applications in the new Zero Trust world that is fast becoming the norm.”  

Here are Ping Identity’s top five cybersecurity predictions for 2019:

1. Fewer successful MFA attacks

While MFA attacks increased in 2018 as predicted, the adoption of the W3C’s WebAuthn by major browsers promises a solution when combined with FIDO CTAP authenticators.

These prevent phishing attacks by only allowing authentication requests from sites where they have been previously registered, providing greatly enhanced security.

2. Cryptographic verification of identity

Identity authorities will increasingly use phone-carried credentials (e.g. mobile drivers licenses, national ID cards and passports) to verify identities.

While privacy advocates argue that giving law enforcement access to your mobile phone could result in unwanted disclosure of private information, 14 US states are testing or have already implemented cryptographic identity verification, and China plans to issue a digital version of its national ID card.

3. The death of corporate firewalls and rise of zero trust architectures

As identity becomes the new perimeter, zero trust architectures will replace firewalls and VPNs.

Employee-only applications are already accessible via the open internet.

Security processes that previously required users to be on the corporate network - for example, two-factor authentication registration and password recovery—will follow suit, requiring fresh approaches to authentication and validation of employees and external authorised users.  

4. More API-centric breaches and regulations

The API infrastructures responsible for providing easy access to data and applications are attractive targets for hackers and bad actors.

Because traditional enterprise security is woefully inadequate at protecting APIs, attacks can go undetected for months or years.

Where they don’t already exist, API-specific regulations and governance - and corresponding financial penalties - can be expected.

5. Wider adoption of open banking standards

Building on the blueprint of the UK’s Open Banking Standard, other countries will deploy similar open banking standards to spur innovation in their own nations.

In fact, Australia, Japan, New Zealand, Hong Kong and Canada are already working on them.

Meanwhile, banks will race to update their existing IT infrastructures to prepare for these new security and API standards mandates, leading to a scarcity of specialists to tackle these projects. 

Story image
Google Anthos makes the move to bare metal cloud
“Now, with the option of running Anthos on bare metal, there are even more ways to enjoy the benefits of this modern cloud application stack.”More
Link image
You’re invited: The secrets to workplace happiness in the post-pandemic world
It has been a rough year for workplace wellbeing, with disruption and health concerns worrying every employee. Join Poly’s A/NZ Kickstart 2021 on 10 December from 11am AEDT, where special guest Dr Justin Coulson will share secrets to workplace happiness in the post-pandemic world. Register now.More
Story image
Guardian Angel releases comms solution for isolated workers
The company has made an APAC distribution agreement with Everywhere Communications for communications, location, and monitoring solutions.More
Story image
Trend Micro launches cloud native security solution for modern applications and APIs
“Application security is an invaluable part of the Cloud One platform, integrating technology to provide superior protection for customers deploying applications wherever it makes the most sense for them."More
Story image
Is the 'fast follower' mentality holding back anti-money laundering in Australia?
The decade-old rules-based systems cannot keep up with sophisticated cyberattacks and money laundering threats on their own, writes FICO financial crimes leader for APAC Timothy Choon.More
Story image
Why automating the finance function is critical for future growth
As well as continually struggling with tedious workflows and manual processing, many finance professionals are still finding it a challenge to complete their month-end close. This is where software can help, writes BlackLine regional vice president for A/NZ Claudia Pirko.More