Andre Durand, Founder, and CEO of Ping Identity shares security predictions for 2022.
- Cybersecurity becomes ESG issue
As our lives become more digital, and digital and physical controls collide, investing in security to keep society safe will become recognised as the 4th responsibility of ESG (environment, social, and governance) for corporations. Data breaches have more than just technological implications, as the disruptions affect society, making cybersecurity a key metric in the social pillar.
- MFA to become a global mandate
In the ongoing war against the global threat landscape, multi-factor authentication (MFA) will become mandated everywhere to secure logins, not just in the US, but across the world.
- Bad bot tsunami
Bots are over-running customer-facing systems, and we will need to leverage AI and machine learning to both detect and protect against bots impersonating humans when creating or attempting to take over accounts.
- Focus shifts to authorisation
Driven by zero trust, a decade of focus on authentication begins to shift towards authorisation. Identity doesn’t stop with ensuring you’re talking to the right person, it’s all about authorising appropriate access.
- Rise of digital wallets
Users will begin to store verified data about themselves on their phone, such as their real identity via government-issued IDs in digital wallets as those provided by Apple and Google. But it won’t stop at real IDs and will extend into all sorts of other identity data being shared with the user for better privacy and control by the individual.
- Attacks on zombie and shadow APIs
It’s projected that over 90% of attacks will focus on APIs in 2022. For those companies without well-formed API governance, controls, and security practices, APIs will become the weak link.
- Convergence of IT and OT
Information Technology and Operational (physical) Technology collide, and IT teams take over responsibility for the security of OT. This will lead to a need for interoperability between IT/OT initially, and ultimately a convergence of redundant technology to control who can physically get in the building and who can access apps.
- Rise of the CISO
Corporate boards care about cyber risk, so identity leaders will report directly to the CISO, and the CISO will report to the board. Gartner predicts that 40% of boards will have a dedicated cybersecurity committee by 2025.
- Identity focus shifts to experience
The focus will shift from the deployment model as the enabler of speed to no-code, low-code orchestration as the enable of both speed and agility of extraordinary end-user experiences.