Pleasanton, CA — February 3, 2016. Avatier Corp. the leader of risk-based identity management, released the first of its 2016 predictions by CEO & Chairman Nelson Cicchitto that will have the most influence on the information technology security market. In his 2016 Identity Management and IT Security Predictions’ blog, Cicchitto emphasizes a new trend. In 2016, organizations and enterprises will experience fewer, yet more sophisticated incidences resulting in even greater damage.
Citing a decrease in the overall number of breaches in 2015 and growing security awareness initiated from the boardroom, he notes, "In 2015 industry survey summarizes, 45% of security professionals see controlling user access to systems, meeting compliance requirements, and preventing employee data theft as their biggest challenges. 2016 will prove disastrous for organizations lacking sufficient identity and access management security controls.”
In lowering unauthorized accesses by de-provisioning user accounts through automated workflow, identity management delivers additional value by making compliance reviews and reporting efficient, and alerts IT staff to unusual access, activities, and orphaned accounts. Cicchitto stresses a company’s failure to provide adequate Identity and Access Management (IAM) controls explains why fewer security breaches can extract an increasing number of records, cause greater damage, and cost more to repair. The full text can be found in the blog along with the resources referenced in making each predication. The year’s IAM and IT Security Predictions include:
From 2014 to the end of 2015, malware incidents decreased by 8%. However, total records stolen significantly increased. The cost of security breaches escalated with senior executives losing their jobs in 2015 at Sony, Anthem, US Office of Personnel Management, and Ashley Madison. In 2016 the trend of fewer incidences continues. Breaches continue to cost more, while an increasing number of Chief Executives will be removed for security failures.
Bring Your Own Device (BYOD) initiatives are expected to double this year. BYOD forces security to contend with an array of devices. To reduce vulnerabilities, IT organizations look to BYO security opportunities to enhance authentication. In 2016, SMS, personal email and social networks are leveraged for low cost two-factor and multifactor passwords, provisioning, and privileged access authentication.
From popups to spyware, malicious apps, mobile malware will reach 20 million in 2016 targeting the 18% increase in enterprise cloud users. In rushing to market, mobile apps frequently lack sufficient security controls creating greater risks. Mobile app attacks will continue to increase. To deliver mobile access, successful organizations authenticate through web sign-on app stores.
Identity and access management (IAM) provides essential user access controls. Although 52% of organizations use identity management, the market will experience little growth in 2016. Even though a whopping 45% of the biggest challenges selected by security leaders are mitigated by IAM, namely, controlling user access to systems, meeting compliance requirements, and preventing employee data theft.
No longer is data simply stolen. It’s now collected to use against you in targeted attacks. To prevent persistent advanced threats, organizations must elevate password policies. 80% of security incidents result from weak passwords. Considering a recent study declared, 77% of cracked passwords met Active Directory’s default password complexity policy. Password vulnerabilities are no surprise.
A top organizational challenge involves making people aware they are targets. 90% of security incidents target human vulnerabilities. To successfully prevent, detect and respond, security must extend beyond IT. In a persistent threat environment, security awareness alone does not suffice. In 2016, secure enterprises empower business users, managers and organizations through self-service access certification, attestation, governance, and compliance review solutions.
The #ILookLikeAnEngineer viral campaign elevated the discussion of workplace stereotypes. However, women remain highly underrepresented in computer science and electrical engineering and a decreasing number of women are receiving engineering degrees each year since 2000. As women programmers and network engineers shrink in the workplace, our failure to develop security talent is accelerating adoption of automated identity management controls.
In 2015, 66.7% of all compromised records came from the healthcare industry. More records were relinquished by healthcare than in the other industry combined. Healthcare experiences more persistent and sophisticated attacks, because the underground economy pays significantly more for Personal Health Information (PHI). The large percentage highlights the urgency for healthcare IT to control access to applications and services.
Avatier is the identity management company designed for business users. We automate and unify enterprise operations by standardizing business processes with an IT store. Our IT service catalog creates a single system of record for access requests and IT audit.
Our easily extensible identity management system lowers operational costs and provides corporate governance visibility. Avatier automates workflow and compliance reviews to reduce IT governance risks.
Founded in 1997, Avatier is headquartered in the San Francisco Bay area with offices in Chicago, Dallas, New York, Washington DC, London, Munich, Singapore, Dublin, and Sydney. Our products operate globally for customers like Marriott, DHL, Halliburton, Starbucks and hundreds more. For more information, please visit www.avatier.com and follow @Avatier on Twitter.