Cybercrime, data leakage and theft have become one of the greatest risks for companies. With the increasing frequency of cyberattacks over the years, it is essential for all companies and organizations in the coming years to identify new methods and technologies to reduce losses, improve efficiency and enhance digital governance and compliance. This is also very important when it comes to boosting industry competitiveness.
In the face of the risks associated with information theft and cyberattacks, the World Economic Forum has listed cybercrime, information leakage and theft as one of the top ten key risk issues for three consecutive years. This highlights the dangers posed by these issues, the importance of the public’s awareness in information security and the rapid development of the global information security industry.
According to the market research firm Gartner, the global cyber security market was valued at $3.5 billion in 2004 and exceeded $124.8 billion in 2019. The targets of cyberattacks have expanded from government agencies and financial institutions to include infrastructure operators, high-tech manufacturers, medical companies, smart manufacturers and IoT equipment vendors working closely with end users.
In the context of the 2020 global developments in information and community security, the Institute for Industrial Technology indicates six trends for the information security industry in Taiwan as follows: authentication and zero-trust network access technology; hybrid cloud application security; API integration as an information security technology; artificial intelligence in information security; IoT security; and assistance from white hat hackers.
Trend 1: authentication and zero-trust network access technology
Multi-factor authentication (MFA) has been a key issue for years. These factors include the information owned by individuals (e.g. passwords, personal data); something owned by individuals (e.g. encrypted and secure documents); or biometrics (e.g. retina and fingerprint). In 2020, MFA will be the cornerstone of authentication, with a focus on biometrics and hardware security. Judging from previous incidents of personal privacy infringement and leakage of corporate sensitive data in 2019, the trend in 2020 will be back to basics, zero trust, to enable a variety of network access methods. The control will become increasingly strict over application executions, data access and network usage. The traditional mechanism of managing via authorization will no longer be trusted. In other words, the conventional “castle-and-moat” approach with access authorization based on internal/external networks will no longer be effective. Going forward, data-centric micro-perimeters will serve as the next-generation firewall. Users must have a new type of authentication mechanism (to verify that both the user and the user’s device are safe and reliable). The security strategy controls access via different authorizations for services, applications and data. Each user has different access authorization if he/she uses different devices or wishes to access specific applications. Access is only allowed if all the corresponding factors meet the criteria. Some research predicts that about 40% of companies will phase out the existing VPN technology by 2023 and shift to zero-trust network access technology. In sum, zero-trust is certainly the way forward for secure access. Hardware security modules are set to replace insecure man-made passwords.
Trend 2: Hybrid cloud applications with an enhanced security
In the information security fairs of 2019 (for example, RSAC 2019), about 42% of the exhibitors showcased products related to cloud security, particularly new product lines for hybrid clouds. Legal requirements such as GDPR make hybrid clouds better aligned with corporate needs in terms of data security and compliance. According to the Enterprise Cloud Index 2019 released by Vanson Bourne, a market survey focusing on corporate clouds, companies around the world are investing in hybrid cloud architectures. The survey shows that 85% of interviewees were planning to adopt hybrid clouds as the ideal IT model over the next five years, and 28% of the interviewees believe that hybrid clouds are the most secure mechanism.
The year 2020 expects an increasing number of mobile workers collaborating across regions. Cloud deployments are set to grow. However, this convenience for end users and corporates comes with risks. Business risks will be significantly higher with individuals and companies alternating between personal and company equipment.
According to “2019: The Current State of Cybercrime” published by the RSA Society, 70% of fraudulent transactions happen on personal mobile devices. Therefore applications relating to BYOD (Bring Your Own Device) and hybrid cloud security will remain significant issues this year.
Trend 3: Robust and comprehensive APIs for multiple cooperating firms
Cloud heavyweights such as AWS, AZURE and Google GCP have all been introducing their own information and community security features and services in response to the growing complexity of information security challenges. They also integrate information security solutions from other vendors via cloud access security brokers (CASBs). Therefore, it is essential for information security vendors to both enhance their own APIs as well as work with the APIs of cloud service/solution providers. Companies have been working together to compete with others over recent years. Leading information security firms have been acquiring and investing in other companies in order to expand product portfolios and offer total solutions with maximum coverage. The medium-size companies without the deep pockets for acquisitions seek to connect with APIs of other vendors for integration. At least this allows corporate clients to easily integrate solutions into legacy management tools for the information security products they have purchased.
Trend 4: Applications of artificial intelligence (AI) as the most important task
Many companies started with the automation of network security a few years ago. One example is the collection of data on information and communication systems and components and the use of such data for monitoring and analytics. Another example is the tracking of all the digital assets, hardware and software, and assistance with the inspection and update of patches and the maintenance of the most updated status of these digital assets. However, automated operations can only alleviate the burden of the network security team. They are by no means a perfect solution because automation tools must be operated by highly skilled and knowledgeable personnel. The use of AI to boost network security has become the critical mission for all organizations.
The analysis by Capgemini Research suggests that AI will reshape the cyber industry. Their survey also indicated that close to 1/5 of organizations have adopted AI in 2019. The adoption is expected to accelerate, with nearly 2/3 of organizations planning to use AI for information security in 2020.
So far AI has shown good results in learning, synthesizing and analyzing of intelligence and vulnerability, and for the detection and response to malicious software, as well as for the analytics in the behavior of IoT users and machines. It is also very promising in automation deployment, protective settings for equipment and SOAR (Security Orchestration, Automation and Response). More applications are set to emerge. However, AI applications come with potential problems in information security such as contaminated data, tampered algorithms, and privacy issues. Good solutions are yet to be introduced in the global market. This is also a new opportunity for the industry.
Trend 5: Control of IoT equipment to ensure IoT security
IoT security will be one of the most important issues in information security over the next few years. The first challenge is the lack of visibility of IoT equipment in the legacy IT environment, and this leads to security risks. Whether it is wireless connectivity, cloud + AI recognition or dedicated networks for industrial control, the top priority to make IoT equipment controllable and manageable is to ensure adequate visibility and data controllability. This is particularly the case in the 5G environment with a growing variety of IoT devices. It is critical to increase the visibility of IoT equipment in the heterogeneous networks in 2020 when 5G rollout commences around the world.
Given the plethora of IoT devices, another important issue is to resolve safety concerns with embedded systems in the hardware, operating systems and execution environment. The key tasks in 2020 include the introduction of Dev-Sec-Ops in the system development process, as well as certification before shipment. IoT devices are increasingly moving to wireless connectivity due to their locations and usage restrictions. However, this comes with the security problems of open wireless transmissions. Meanwhile, the security of IoT equipment in the cloud apps is also a key development for IoT solution providers. This is particularly important for the IoT equipment deployed outside area networks and integrating with the cloud environment with cloud access security brokers (CASBs).
Trend 6: Befriending enemies by asking white hat hackers for help
To improve the security of products/services, many companies have been offering ‘bug bounties’ over the last few years to entice white hat hackers to identify unknown loopholes or vulnerabilities and thus reduce the likelihood of hacker attacks. Google, Microsoft, Facebook and LINE all have similar initiatives.
Due to the diversity of operating environments, the services and IoT devices developed for the public often suffer from vulnerabilities that engineers had never thought about. Google and Microsoft have been tapping into the talent in hacker groups for vulnerability detection of software and systems. In 2019, Apple announced at DEFCON its offer of $1 million as bug bounty. The leveraging of external resources to spot vulnerabilities has become an important aspect of the improvement of product security.
More efforts in AI and API integration for information security
According to estimates by IEK Consulting, Industrial Technology Research Institute, the information security industry in Taiwan grew 12.3% in 2019 year-on-year and generated a revenue of NT$49.34 billion. The number of companies increased to 324, and the total number of employees was about 8,800 people. With the Taiwan government’s ongoing push for information security and the demand from leading companies after being hacked, the domestic market of information security showed strong growth momentum.
Whilst the domestic information security industry may not be able to catch up with international players anytime soon, the six key trends in the world in 2020 point to the directions where Taiwanese players may prioritize their efforts: authentication and zero-trust network access technology; AI in information security; API integration as an information security technology; IoT security; and participation in bug bounty offerings to white hat hackers. Taiwanese companies are gradually launching more hardware and solutions for authentication and IoT security. Taiwan has also achieved good preliminary results in addressing the bug bounty market with collaboration between governments, corporates and organizations in 2019. More achievements are expected in 2020. More efforts are in order toward AI and API integration for Taiwanese companies.