What’s Driving Identity Access Management in 2020?
In the first six months of 2019, cybersecurity breaches exposed more than 4.1 billion vulnerable records to unauthorized access. These breaches were rarely benign and according to experts, the top motivation for these malicious data incidents was (unsurprisingly) money.
With cybersecurity making headlines for all the wrong reasons, there seemed to be more thefts and breaches involving digital identity in 2019 than ever before, leaving even trusted technologies like multi-factor authentication (MFA) to generate negative headlines.
As we look ahead to the rest of 2020, securing identity access will once again be everywhere, but we are predicting that with the help of artificial intelligence and machine learning (AIML), there will be a more positive narrative to creating and managing an immutable digital identity. New AIML authentication technologies that continuously protect pre-, during and post-authorization, while leveraging individual behaviors in a secure and private manner will become mainstream, leaving cybercriminals in the dust.
Here are just a few thoughts for 2020 as it relates to Identity Access Management (IAM):
Cybersecurity to Become a Business Initiative
In 2020, cybersecurity becomes a business initiative for many large enterprises. More forward-thinking enterprise CFOs will help their CISOs and become involved in identifying a path forward to support the hunt for next generation authentication systems.
Continuous Behavioral Authentication: Zero Trust Meets CARTA
Industry veterans are already aware of the harms of reliance on binary authentication methods like passwords, 2FA, MFA and even biometrics solutions. In 2019, we saw a slow adoption of new state of the art technologies preventing costly data breaches. In 2020, we will see more and more security analysts receptive to a paradigm shift that is way past due when it comes to authentication. This includes removing the idea that authentication is a single event with a start and an end, or a simple “yes” or “no” process.
Similarly, it is post-authorization where most security liabilities show up if a continuous solution is not employed. In 2020, the early adopters will augment the Zero Trust rhetoric and transition to the Continuous Adaptive Risk and Trust Assessment (CARTA) model. The trailblazers will recognize and be in search of not only a context-aware, risk-based authentication solution, but also one that processes post-authorization risks and collects actionable intelligence at runtime.
AIML: A Blessing and a Curse
2019 was the year of artificial intelligence (AI) - it was everywhere and in everything! Cybersecurity firms are no exception here, many adding some AI claims to their promise for upcoming next-generation solutions. The most prominent aspect of AI – especially when paired with machine learning – is its ability to configure itself. This leads to smart security tools that improve over time, as well as adapt to and even anticipate new, unknown situations and threads. Little to no manual setup is therefore required, increasing a company’s security level while tremendously cutting costs.
Use of AI for predictive analytics and continuous authentication is an obvious application. And paired with other technologies such as machine learning, expert systems and behavior modeling can result in some of the smartest, most viable risk-based authentication and life cycle management solutions available - in the context of identity access management.
However, in 2020 this development will be observed with a sound amount of skepticism. As with many technologies, this scientific progress has a potential for abuse. With the new year upon us, it is a possibility that the same methods intended for protection can be used to exploit the vulnerabilities of traditional systems. This is why it is extremely crucial to maintain security tactics at the highest possible technological level.