In 2023, the world needs to merge CIAM and IAM with zero trust and AI/ML, according to this cyber market observer
While organizations are increasingly adopting AI and ML to identify and mitigate cyber threats, so are state sponsored threat actors and hackers at large.
Their attacks are also expected to continually evolve and become highly localized, more personalized, and geo-targeted.
However, is this all doom and gloom for businesses without reprieve? No, if David Chan, Managing Director, Adnovum Singapore has his way.
CybersecAsia: As we approach the end of the year, how do you think security solutions like identity access management (IAM) and customer identity access management (CIAM) will evolve in 2023 and beyond?
David Chan (DC): The accelerating pace of change across technologies and organizational priorities requires IAM and CIAM solutions to be more flexible.
IAM solutions must evolve in sophistication to differentiate between valid users and malicious threat actors. In addition, with the increasing number of machine and application identities, IAM processes must go beyond verifying users to include continuous verification and additional authentication of these identities.
CIAM strategies will need to evolve to deliver a better security and privacy for customers. Organizations can do so by creating a cohesive strategy for all external stakeholders, including customers and partners. They can also align IAM priorities with both business and IT priorities to deliver an omnichannel experience for end-users.
Lastly, as cloud technologies mature and more organizations migrate to decentralized multi-cloud environments, business leaders will need to focus on how identity authentication, authorization and access are managed. In this vein, cloud IAM solutions must evolve to allow organizations to manage all services and programmes at a place within the cloud-based services, providing IT teams the visibility and transparency to grant permissions to the right people to access the right data.
CybersecAsia: What other trends can businesses in APAC expect in the security landscape, and what transformations in threat actors’ methods are on the horizon?
DC: In Asia Pacific (APAC) and Japan, the average cost of remediating a ransomware attack has reportedly grown by more than US$1m. In response, governments across the globe are stepping up regulations and investments in the space.
Additionally, the rise in cyberattacks has led to many organizations adopting a proactive stance to building defensive capabilities, including a clear shift to zero trust principles. In APAC, it is expected that more organizations will continue to embrace zero trust as a starting point for security in 2023.
Organizations will centralize and improve their approach to identity management — a key component of zero trust architecture. This means implementing technologies such IAM, Multi-Factor Authentication (MFA) and single sign-on (SSO). And, as organizations realize the dual benefits of more flexible workforce access, we will also see the replacement of VPNs with zero trust network architectures.
However, just as organizations and people are becoming better at identifying threats, hackers are using more advanced techniques like social engineering and double extortion to disguise themselves. While classic attacks will continue to be present, it is expected that threat actors will be able to speed up — from weeks to days or hours — the end-to-end attack life cycle. Attacks are also expected to evolve and become highly localized, more personalized, and geo-targeted.
Furthermore, the rise of Web 3.0 solutions will see opportunistic threat actors looking to exploit any weaknesses they find. For instance, with blockchain technology underpinning Web 3.0, we can expect to see the rise of more social engineering tactics. In addition, the use of self-sovereign identities that allow users to control aspects of their identity they would like to share, can also enable hackers to gather sensitive data about a user from the same identifier utilized to interact with specific websites or apps.
CybersecAsia: How will combining technologies like AI, ML and the Internet of Things with IAM solutions help organizations to stay ahead of threat actors?
DC: The concept of identity has expanded to include not only human users but also machines and applications, creating a challenging situation for those in charge of identity governance.
Introducing AI/ML puts eyes on everything since machines can detect nuances that people cannot. AI solutions, for example, can handle large amounts of data and scan it faster than any IT department. They can pick up patterns of behavior by observing how varying identities interact with enterprise networks, thereby detecting what is normal and what is suspicious.
Moreover, AI/ML solutions can identify malicious patterns of behaviour using big data sets of security events. When similar events are detected, the trained ML model can handle them automatically. Through pattern analysis, AI/ML empower greater proactivity in predicting and preventing threats and responding to real-time attacks.
Other than attacks at the organizational level, AI/ML products can protect individuals against malware, ransomware, trojans and other threats that tend to find their way into organizational networks due to the expansion of the corporate perimeter.
CybersecAsia: In this digital arms race, what additional layers of defence would organizations need as we find ourselves operating more and more in the metaverse of mixed realities?
DC: Although its potential is limitless, the metaverse is still in its infancy and suffers from a lack of regulation and cybersecurity oversight. With the vast amounts of identities and data needed to power it, many of the existing threats we face today will not only filter into the metaverse but become exacerbated in scale as well.
So again, organizations must focus on protecting the virtual identity of each user. This will start with a zero trust model, with ongoing authentication and identity verification at the core of all activities occurring within the metaverse to ensure threat actors are kept out of the way.
For instance, metaverse users will need to be asked to verify their avatar continuously, to ensure the avatar belongs to them and they are in control of it. Given the vast amounts of data that will be hosted in the metaverse such rigorous checks will be especially crucial to prevent or eliminate the theft of sensitive information.
In addition, organizations must prioritize cyber education. Employees should have a good understanding of the metaverse and the risks within this new environment; the importance of data privacy; and all security best practices.
By making employees the first line of defense against security challenges, organizations can navigate and stay on top of the evolving threat landscape with more confidence.
CybersecAsia thanks David for sharing his insights on next year’s cyber challenges and solutions.