Avatier CEO Forecasts Top 2015 Identity Management Trends
Nelson Cicchitto Predicts Major Points of Change
(firmenpresse) - SAN RAMON, CA -- (Marketwired) -- 01/22/15 -- Avatier Corp., the leader of cutting edge identity management, released predictions by CEO Nelson Cicchitto that will have the most impact in the market. In his blog, "" Cicchitto makes the point that 2015 will focus on the age of identity management authentication. Emphasizing the significant increase in breaches in 2014 and the changing landscape of security, he notes, "In 2015, every industry becomes a target, every identity vulnerability and every app a potential host." He stresses that as the Enterprise of Things (EoT) unfolds, enterprise information security will continue to shift from passwords and access, to authentication and automation. More information on each prediction can be found in the blog. They include:
The megatrends of cloud computing, social computing, mobile computing and big data, what Gartner calls the "," must be harnessed for enterprises to flourish in the era. The migration to SaaS platforms and cloud computing, physical access control single card solutions, virtual facilities, and BYOD in the workplace will place new and expanded emphasis on information security. Where legacy identity management relied on passwords, roles, and a limited number of systems, EoT operations assume multi-factor authentication, organizational fluidity, and near limitless applications as the norm. New solutions will appear in the marketplace, which will be smarter, faster, and in some instances, self-aware.
During November, NATO conducted its largest ever cyber defense exercise, "," which tested the Alliance's security defense and operations in contested cyber domains. It involved over 600 security experts with academia and industry representatives invited as observers. With NATO on high alert, government agencies must not only be ready for preemptive and counter attacks, but also they must be able to provide educational and technological support to the most critical corporate and utility targets. Companies in the energy, finance, manufacturing, healthcare, education, and entertainment sectors will see an increase in highly targeted state sponsored attacks.
Crime-as-a-Service (CaaS) tools lower the entry barrier into cyber crime, because anyone can simply buy tools and services for a fee. CaaS not only enables people with less technical skills to engage in cyber crime, it opens the door for traditional organized crime. According to the Europol 2014 , CaaS is considered a viable business model, because it provides an affordable platform for launching cyber attacks that are highly disproportionate in terms of the criminal's technical ability and the potential damage wreaked upon an organization.
The IT and Information Security industries think in broader business terms when it comes to identity and access management (IAM). Enterprise-class solutions put less emphasis on access rights alone and begin leveraging identity management solutions for requesting, approving, tracking and granting assignments. Business leaders work with IT to solve overall organizational challenges based on the holistic management of people, access, assets and resulting in more efficient operations, governance controls and risk management. Concurrently, an increase in IAM automation frees IT resources to perform more value-added and strategic work.
As software companies and entrepreneurs race to develop enterprise-ready cloud services, securing APIs to archived video, audio, images, and personally identifiable information emerges as critical to big data management. When Sony's distributors refused to show "The Interview," you could argue an enterprise's intellectual property was taken hostage. In 2015, look for customer data to be held as ransom. Considering Target's $61 million expense to investigate, provide services, respond to lawsuits, and pay for counterfeit fraud losses, in 2015 organizations will be presented with the opportunity to pay a ransom to prevent security breaches from going public.
We declared 2014 the year of the job. With twelve positions for every qualified security professional and the Pentagon's tripling its security staff, the prediction didn't surprise anyone. Yet, young people are still not pursuing cyber security careers and the ones that do appear to be putting on more black hats than white. What's wrong with this picture? The opportunities for security professional grow, while the development of qualified workers wanes. According to in 2015, educators lag in developing sufficient talent to close the skills gap between the demand for security professionals and qualified candidates to fill positions.
The Target and the JPMorgan Chase data breaches represent two of engagement. Although 76 million households and seven million small business accounts were comprised, JPMorgan Chase was able to respond and remove the malware before irreparable harm was done to customer accounts. In contrast, Target took over two weeks to respond even though they deployed the same state-of-art security products as JPMorgan Chase. Target's much smaller security team was simply unable to filter through the high volume of alerts being generated by their security infrastructure and slow to assess the criticality.
While only eight percent of security incidences result from insider and privileged account misuse, the largest and most costly incidences do so says the . Most crimes committed by trusted parties are done for financial and personal gain. In 2015, authentication promises to become more multi-factored, accountable and transparent to administrators. Governance over access to critical networks, systems and cloud services assumes administrator and super user accountability by removing gaps in privileged ID management processes. To make authentication secure and transparent, passwords, SMS, voice, biometrics, device recognition, will be applied as multi-factored controls over privileged user requests and workflow.
In 2014, one of the suggested replacements for passwords was biometrics. Since everyone's fingerprint or retinal signature is unique, the solution in theory should be unhackable. In a demonstration that "security in depth" remains critical, hackers recently used high-resolution photographs to duplicate . These hacks are more serious than a cracked password, because a fingerprint, once compromised, can't be changed. As a result, biometrics may be relegated to a second tier in multi-factored security.
Naturally, my predictions float in a sea of them. wrote a column in Government Technology that is a great resource for some of the best, most unique and most terrifying predictions for next year. Some of them mirror mine; some provide additional food for thought. All of them point to more vigilance, more exploration of new security technologies, and better preparation by the few security professionals you have in your organization. Good luck in 2015 and may the cyber gods be on your side.
Avatier is the identity management company designed for business users. We automate and unify enterprise operations by standardizing business processes with an IT store. Our IT service catalog creates a single system of record for access requests and IT audit.
Our easily extensible identity management system lowers operational costs and provides corporate governance visibility. Avatier automates workflow and compliance reviews to reduce IT governance risks.
Founded in 1997, Avatier is headquartered in the San Francisco Bay area with offices in Chicago, Dallas, New York, Washington DC, London, Munich, Singapore, Dublin, and Sydney. Our products operate globally for customers like Marriott, DHL, Halliburton, Starbucks and hundreds more. For more information, please visit and follow on Twitter.
Themen in dieser Pressemitteilung:
Unternehmensinformation / Kurzprofil:
Datum: 22.01.2015 - 13:00 Uhr
Sprache: Deutsch
News-ID 366226
Anzahl Zeichen: 5242
contact information:
Town:
SAN RAMON, CA
Kategorie:
Diese Pressemitteilung wurde bisher 184 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"Avatier CEO Forecasts Top 2015 Identity Management Trends"
steht unter der journalistisch-redaktionellen Verantwortung von
Avatier (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
