The 2020 editions to G2’s annual Digital Transformation Trends are in the works. In the past, I’ve written about all kinds of security trends from blockchain and biometrics to AI-powered threat intelligence and zero trust security.
While I am excited about 2020’s looming cybersecurity trends and threats, let’s take a look at some of my previous predictions.
2018 trends predictions
One of my proudest predictions is the emergence and evolution of the risk-based authentication (RBA) market. Many people might not know or use the term RBA, but it’s exactly where behavioral biometrics emerged from.
This was part of my first set of trends predictions with G2 and it’s one of the most accurate I’ve made. Below, I’ll outline some of the specific risk-based authentication predictions I made nearly two years ago.
- RBA tools will continue to receive funding
This is undeniably true. There have been a number of acquisitions and investments in RBA-related technologies, the two largest being Duo’s multi-billion dollar acquisition by Cisco in 2018 and Ping Identity’s 2019 IPO. A few notable investments and acquisitions in the space since I published my piece are listed below.
June 25, 2018
Oct. 1, 2018
Sept. 18, 2019
March 21, 2018
Oct. 1, 2019
- CASB, SSO and CIAM tools with RBA will continue to emerge
Existing security companies in the space have launched new products featuring risk-based adaptive authentication capabilities. Market leaders across the security space have started adding RBA functionality to their security solutions.MobileIron launched a cloud-ready SSO and RBA solution in 2018, LogMeIn added adaptive multi-factor authentication (MFA) software to their well known single sign-on (SSO) solution this June, and Okta eliminated passwords (for the most part) in favor of adaptive MFA for their industry-leading SSO product.
- Biometrics will become a bigger part of RBA factors
I was spot on with this prediction. RBA turned into behavioral biometrics. Many included factors are not literal biometric variables, but the idea of using machine learning to determine access based on a number of various risks is what we’re seeing in the evolving multi-factor authentication market.
Additionally, in 2018, I predicted a number of evolutions in the blockchain world as well. My blockchain predictions called the emergence of major institutions launching blockchain offerings and financial institutions investing in blockchain.
Still, my predictions were a bit off regarding blockchain's impact on identity management and IoT.Most of those implementations are still in the works, but I was right that major institutions would pilot blockchain programs, IBM and MasterCard are a few examples.
Financial institutions definitely have gotten involved in blockchain world as well. Since my piece, global banks including BNY Mellon, Barclays, HSBC Holdings, and Deutsche Banks have invested around $50 million to build a blockchain-based cash settlement system. Check out this list of more than 200 banks already using or pursuing blockchain-based solutions.
2019 trends predictions
Right before this year rolled around, I published my 2019 security trends piece for the coming year. The security technologies I highlighted there included zero trust networking, biometric authentication technology, IoT security, and GDPR-related technologies.
- The zero trust model
Prediction: In 2019, a zero trust cloud security model will become the enterprise standard. As vendors increasingly offer zero trust cloud security solutions, solutions will gain widespread approval and many major global enterprises will adopt the solutions.
Outcome: This one's a bit difficult to quantify. Many technologies have merged RBA and biometric security and zero trust security models. It’s a stretch to say it’s become industry standard, but it has certainly made an impact across the globe.
This prediction is taking more time than initially expected. Despite a great deal of attention from security leaders, enterprise companies have been slower to adopt zero trust models than previously expected, according to Okta.
According to the same study, 13% of respondents said they are not considering zero trust at the moment, while 59% said they are utilizing a zero trust philosophy or are currently planning a strategy to implement it. It’s reassuring to see 72% of businesses are pursuing zero trust to some extent.
Many federal agencies in the United States have adopted a zero trust security architecture. In early 2018, the American Council for Technology and Industry Advisory Council launched an investigation into transforming federal agency IT systems into zero trust networks. Since then, the Pentagon’s IT wing, the Defense Information Systems Agency, is piloting a zero trust network architecture. The National Transportation Safety Board and the Federal Communications Commission launched zero trust systems through Zscaler. A number of other departments are planning to adopt, or have already adopted, zero trust models.
- Biometric security growth
Prediction: Venture capital spending in the biometric systems market will increase 25% from 2018 to 2019.
Prior to the prediction, the biometric security market was valued at around $17 billion, according to MarketsandMarkets. While they predicted a 20% compound annual growth rate (CAGR), I upped it to 25%, which would equate to $21 billion by the end of 2019.
The same publication, MarketsandMarkets, underestimated the market value last year because this year, the research firm estimated the market value as $33 billion for 2019. They also predicted growth by 2024 to $65 billion, a 99% growth rate.
Adjusted figures for 2018 indicate a market value between $27-28 billion, indicating a 20-22% growth rate over last year. While I overestimated the market’s growth, researchers undervalued the market years prior.
- IoT security evolution
Prediction: The IoT market is booming, but the expansion of IoT endpoints and offerings has outpaced the number of IoT security products on the market. As a result, the number of major IoT security incidents from 2018 will double in 2019.
I may have been a bit pessimistic predicting the number of IoT attacks to double from 2018-2019. The biggest growth in IoT attacks was between 2017-2018. In 2017, SonicWall logged 10.3 million IoT attacks. In 2018, they logged 32.7 million, a growth rate of 215%.
Comparing the first two quarters of 2019 and 2018, SonicWall recorded 55% growth in IoT attacks. It’s difficult to tell if the numbers will grow since last year’s biggest months for IoT attacks were July and October, with 13.9 million attacks in just those two months.
If the second half of 2019 yields a similar surge, my prediction may end up more accurate than it appears right now. I overestimated the growth in attacks between 2018-2019, but the late-year surge in 2018 shot last year’s attack total well above what I expected.
- GDPR compliance as a service
Prediction: The GDPR Compliance as a Service market will increase 75% (categories such as data privacy software, data security software, and security risk analysis software) from 2018-2019.
After the European Union implemented their General Data Protection Regulation (GDPR) policies, privacy and compliance-related tools saw a surge from companies scrambling to abide by the various privacy laws around the world. Estimated market value ranges from $340-450 million for 2018. The only publicly available estimate for 2019 is a market size of $600 million, with the estimated value for 2018 at $450 million.
While the popularity of these tools is rapidly expanding and the percentage of companies using these tools may have increased 75%, the actual market size only increased around 33% based on data from AbsoluteReports.
Aside from a lofty estimate of privacy software market growth and a slightly overemphasized IoT malware threat, my predictions were pretty much spot on. Over two years, adaptive authentication has found its way into all kinds of security systems, the majority of businesses are planning to utilize the zero trust model, and biometric systems are becoming more common.
While I possibly overestimated one or two predictions in the past years, that won’t stop me from revealing a number of bold predictions later this year. G2 will release a significant number of different trends content in the coming months.