Like last year, identity management has been the most-discussed area of innovation in the cybersecurity world, thanks in part to GDPR and other compliance-related legislation. We have talked a lot about risk-based authentication on G2 before, specifically regarding its evolution into a more all-encompassing field of zero-trust security practices.
AI continues to expand its reach within the cybersecurity world, becoming embedded into applications, improving identity management, and producing more effective threat intelligence solutions. In the meantime, companies continue to produce tools to protect your emerging IoT endpoints with potential vulnerable exploits.
To the surprise of few, 2018 was another great year for cybersecurity venture capital funding. The amount of capital invested this year is set to outpace 2017’s total of $3.6 billion. It’s already almost there, totaling $3.3 billion through October 2, 2018. Some of the year’s largest deals included Series E funding of $200 million to Crowdstrike, $120 million to Cylance, and $50 million to Darktrace.
Established companies and emerging startups have both seen an influx of funding. But the huge series E numbers hint that investors are more willing to spend capital on proven products rather than potential ones.
As every industry adapts to new and emerging threats, new trends and solutions continue to emerge like ransomware and DDoS protection software last year. For 2019, our focus will revolve around the “zero trust model,” biometric authentication, IoT security, and information compliance technologies.
1. The Zero Trust Model
Prediction: In 2019, a zero trust cloud security model will blossom into an enterprise standard. As vendors increasingly offer zero trust cloud security solutions, those solutions will gain widespread approval and many major global enterprises will adopt the solutions.
Let’s start by defining the zero trust approach. The zero trust model eliminates the idea that internal players are trustworthy individuals who mean no harm. Zero trust security continuously evaluates an individual’s behavior and actions to identify and eliminate potential threats.
This is accomplished by defining parameters of legitimacy via a range of factors that determines the validity of a user’s behavior in the form of a risk score. These determining factors may include a user’s physical location, IP address, and permissions, among many others.
The zero trust system will continually run a simulation, calculating risk from the designated factors to generate a risk score. If the risk score surpasses a threshold, the user may be disconnected from the network or be prompted to fulfill a multi-factor authentication process, such as answering a security question or receiving an SMS code, before they can continue utilizing the network.
Prediction:Venture capital spending in the biometric systems market will increase 25% from 2018 to 2019.
Biometrics is an intimidating concept. They connect your real-life, physical self to digital records and your online accounts. Historically, many people are initially hesitant to give away their fingerprints or willingly have their appearance documented for a facial recognition scan.
But as the technology becomes more streamlined within hardware or software access, biometric security access becomes less of a hinderance. As long as user experience is not significantly affected, the issue essentially disappears.
Individuals may think of retina scans out of Black Mirror or a Philip K. Dick novel when someone brings up biometrics, but once they realize they’re already using it, the panicked-induced stigma dissipates. For example, one of the simplest and most ubiquitous examples of biometric security is the use of FaceID and fingerprint scans for iPhone access.
Companies will use biometric tools because they do, in fact, significantly increase the effectiveness of security practices. And as venture funding continues to funnel resources to the providers of biometric technologies, the user experience integration will only improve while the stigma associated with fingerprinting or facial scans dissipates at the same time.
The biometric security market is already valued at around $16.8 billion, according to , who predict a 20% compound annual growth rate (CAGR), increasing the valuation to $41.8 billion by 2023. We predict it will grow faster and quicker than MarketsandMarkets’ prediction, reaching roughly $20.16 by the end of 2019.
3. IoT Security Evolution
Prediction: The IoT market is booming but the expansion of IoT endpoints and offerings has already outpaced the number of IoT security products on the market. As a result, the number of major IoT security incidents from 2018 will double in 2019.
The rapidly growing number of IoT endpoints has not lost momentum and will not lose it any time soon. These new endpoints are outpacing innovation in the security space. Companies have made a “smart” version of basically everything you can think of, but many of those products have glaring security holes.
Previously, my colleague discussed IoT security and the very real danger posed by billions of unsecured IoT endpoints and I have discussed such IoT-powered threats such as DDoS attacks. These threats and cybercriminals have only gained power as the number of unsecured endpoints explodes.
There are some technologies that can help protect businesses against bot-based attacks, like DDoS protection software, but these solutions do not address the problem at its core. Until security professionals and/or experts can determine and resolve the underlying issue of unsecured endpoints, incidents will continue to arise.
As a result of this disproportionate growth of vulnerable endpoints and lack of effective security solutions, attack frequency and scale will rise. Businesses will become financially impacted as well as lose the trust of their consumers once their sensitive information is hacked or stolen.
Governmental and international regulation regarding data privacy has been brought to the forefront of countries across the globe. The massive breaches from financial institutions have resulted in a collective demand for regulation of personal information.
These regulations are definitely a good thing, but do pose a new issue for businesses. Companies have to rapidly adopt multiple international regulations so that they can keep up with and satisfy consumers’ expectations regarding the secure storage, sharing and management of personal information.
Vendors in the data security, privacy, and security risk analysis markets are likely very happy as a result of increased demand. These evolving markets can provide companies with the tools they need to meet compliance across a number of industries.
For smaller businesses, hiring and training new staff can be time-consuming and expensive. Many of the compliance-related tasks can be automated or optimized with workflows via software solutions. Instead of unnecessarily investing money on staff to deal with increasing overhead, companies will simply adopt new GDPR and compliance-related technologies.
TIP: Activate your free G2 Track account account and ensure your software vendors are complaint, risk-free.
In fact, companies that struggle to comply with the software solutions that are supposed to help them adhere to GDPR regulations will opt for managed services. By turning to managed services, companies can completely avoid the crucial step of training new employees to master such software. This trend will continue to grow and become a fully fledged market.
Moving forward in 2019
The evolution of risk-based authentication tools, the widespread acceptance of biometric-infused security measures, the increased risk of IoT-related security incidents, and the rise of compliance-as-a-service providers are just a few trends related to emerging security technologies. However, we believe they are the most significant trends, indicative of overall market changes, that will have the biggest potential impact on the largest number of companies.
These aspects of cybersecurity are becoming necessities to businesses that are embracing the security-centric business world of 2018, and will only continue to so even more in 2019.
As an analyst at G2, Aaron’s research is focused on cloud, application, and network security technologies. As the cybersecurity market continues to explode, Aaron maintains the growing market on G2.com, adding 90+ categories of security technology (and emerging technologies that are added regularly). His exposure to both security vendors and data from security buyers provides a unique perspective that fuels G2’s research reports and content, including pieces focused on trends, market analysis, and acquisitions. In his free time, Aaron enjoys film photography, graphic design, and lizards.