This year hasn’t given way to as many cybersecurity headlines as 2017 did. But threats haven’t gone away and attacks haven’t stopped.
While these continuous attacks haven’t hit as many governments or global financial institutions as they did in 2017, a number of significant data breaches and malware outbreaks have already been discovered.
It is still widely believed that companies aren’t doing enough to protect themselves from digital threats. If the dip in widely publicized attacks causes companies to pull back security investments and remain complacent in their security strategies, we can certainly expect an eventual increase in attack size and volume.
At the end of 2017, G2 Crowd released its annual trends series that covered artificial intelligence (AI), digital platforms, the internet of things (IoT) and cybersecurity trends related to the digital transformation. After eight months, we can analyze last year’s predictions and evaluate each trend’s evolution.
Blockchain remains one of the most lucrative markets for tech startups. Public curiosity peaked around the end of 2017, but investment efforts haven’t slowed. 2018’s Q1 saw more total blockchain investment funding than the 18 months prior, according to TechCrunch.
Blockchain investments totaled a whopping $1.3 billion in the first three months of 2018 alone. Cryptocurrency finance company, Circle, operators of the payment app Circle Pay and the crypto exchange Poloniex, received $110 million in Series E funding on May 15, 2018. That’s less than one month after the company purchased Poloniex for $400 million.
Dozens of blockchain startups have already received major VC funding this year across a number of tech markets. High Fidelity, a virtual reality software company that utilizes blockchain technology for its internal marketplace, received $35 million in Series D funding. Blockchain-based encryption company NuCypher followed up its $4.4 million 2017 venture funding with two additional undisclosed rounds in 2018.
Initial coin offering (ICO) funding, which occurs when new cryptocurrency projects are launched, has totaled more than $6.6 billion in 2018. These projects don’t necessarily have the same level of business impact as blockchain-based software, but are indicative of a rapidly expanding market within the blockchain world.
Previous Blockchain Predictions:
“Major institutions will offer pilot programs to the public”
I’m proud to say that this prediction was accurate. In June 2018, Oracle released its own blockchain-as-a-service offering. The new blockchain service followed IBM’s announcement of a blockchain development kit. SAP, Microsoft and a number of industry giants have also released blockchain platforms, and the trend shows no signs of slowing.
“Identity and access management will be biggest adopter apart from fintech”
Recent research appears to show blockchain-based identity solutions are rapidly growing. The market is expected to grow 84.5 percent annually and reach more than $1.9 billion by 2023, according to ResearchAndMarkets.com. Even political institutions are jumping on the bandwagon; governments including Ukraine, Switzerland and the state of West Virginia are already utilizing blockchain for voter identification.
“Financial institutions invest more in blockchain technology”
On a similar note, the U.S. government has taken notice of blockchain’s potential. Earlier this year, the U.S. Treasury Department’s Fintech Innovation report touched on blockchain’s impact on banking. This comes after major banks including Barclays, HKMA and the UK Central Bank announced new blockchain-based services. In addition, Mastercard filed a patent for a new payment system linking blockchain currency to cash accounts.
“Blockchain IoT partnerships will boom”
This year has already witnessed a number of blockchain-powered IoT achievements. Commonwealth Bank utilized IoT and blockchain technology to successfully monitor shipments of tons of almonds. Xage received $12 million in funding for its blockchain IoT security fabric technology. Telecom giant Sprint plans to unveil its IoT-blockchain connected car platform.
Intelligent Security Systems (ISS)
Much like the blockchain bandwagon, demand and momentum for AI technology have only increased in demand. Online threats remain a major concern for all businesses in 2018, and many believe artificial intelligence will play a key role in the future of cybersecurity.
Shortly after our trends were published, CB Insights released its “AI 100” list identifying up-and-coming AI startups. The biggest market represented in the list was cybersecurity, with 11 companies making the list. Those 11 companies included Darktrace, a Leader on G2 Crowd’s Vulnerability Management Grid®, and Crowdstrike, which was featured in our “Trending Identity Management Products 2018” list.
AI security companies continued to receive significant funding for their innovative platforms. AI-powered endpoint protection vendor, Cylance, had already received $177 million in funding before 2018. This year it nearly doubled that total with a $120 million Series E round. Agari announced a $40 million Series E round for its AI-powered email security platform.
These investments will not slow any time soon. The impact of AI for online threats is on its way to influence virtually every aspect of the cybersecurity market. By 2025, the industry is expected to grow from $2.99 billion in 2016 to more than $34 billion, according to a 2018 report from marketsandmarkets.com.
Previous Intelligent Security Predictions:
“Threat detection will outpace response automation”
This prediction is a bit difficult to rule as objectively true, but there have been significantly more investments into intelligent threat detection systems than there have for AI-powered remediation tools. This is probably because it’s easier to train systems to identify new threats than it is to train them on resolving new issues. A few innovative breakthroughs and product announcements in the last eight months include Fortinet adding machine learning to its WAF offering, SolarWinds acquiring threat intelligence company Trusted Metrics, and AT&T’s acquisition of AlienVault.
“Endpoint protection will be the largest use of AI in the security market”
This one is a toss-up, but it appears threat intelligence is still ahead of general endpoint security in terms of AI implementation. That being said, the most common application of AI-powered threat intelligence networks is endpoint security. Some notable announcements from 2018 include FireEye’s new machine learning endpoint security product and SentinelOne’s partnership with Arete to provide AI-powered endpoint detection and response services.
“IoT security will get worse before it gets better”
This one was easy to predict as the IoT security market is still in its infancy. This year, the FBI acknowledged the likelihood of unsecured IoT endpoints being used for cybercrime. Luckily, companies are calling for increased regulatory requirements for IoT suppliers. In the meantime, it should be noted there is significant capital being funneled into the IoT security market. Market experts predict rapid growth in the IoT security sector, predicting a rise from $6.2 billion in 2017 to $29 billion in 2022.
“Financial services providers will team up with security firms”
This prediction can be confirmed. In addition to the banking institutions that have adopted blockchain systems, a number of financial service providers have agreed to improve their cybersecurity operations. This year, London Office for Rapid Cybersecurity Advancement (LORCA) began operating to help banking institutions adopt modern, effective security plans. Fiserv, a major fintech consulting firm, has partnered with threat intelligence company BlueVoyant to develop new cybersecurity tools for the banking industry. These advancements come as experts continue discovering new threats targeting the financial sector. These banks and firms are seeing twice as many attacks as other vertical industries, according to a report from Vectra.
Risk-Based Authentication (RBA) Trends
RBA was one of the less widely discussed technologies included in our trends analysis. The technology uses myriad factors including endpoint devices, network characteristics, and behavioral analysis to identify threats and restrict their access to sensitive business information.
The demand for improved identity management has been pushed by growing bring-your-own-device (BYOD) practices. The wide array of disparate devices on the market has complicated the process of securing, patching and monitoring access and behavior.
While the technology is still in its infancy, advanced and intelligent authentication tools have garnered the attention of both businesses and investors. Rising RBA vendors BehavioSec and
Companies keep finding new ways to integrate RBA into existing identity management systems and improving the method’s effectiveness. New factors are being added as well. Some cutting-edge companies are finding ways to improve their analysis of biometric, sensor, and keystroke factors, just to name a few.
Previous RBA Predictions:
“RBA tools will continue to receive funding”
Centrify, BioCatch and BehavioSec are just a few identity management companies with RBA capabilities that have received love from investors this year. Relx, a security solution provider, purchased ThreatMetrix for a whopping $817 million earlier this year. Pindrop Security announced a new solution that utilizes RBA to improve security for call centers. Backbase and Jumio have even formed a global alliance to better integrate AI within identity verification solutions.
“CASB, SSO and CIAM tools with RBA will continue to emerge”
The idea any segment of the identity security market wouldn’t adopt RBA to some extent is fairly unrealistic. But there have definitely been a few notable announcements in the CASB, SSO, and IAM markets. Privileged access management (PAM) supplier Optimal IdM partnered with RBA vendor TypindDNA to incorporate RBA within its offering. Cloud security giant Duo Security was acquired by Cisco. Vendors continue to reach across the security market as experts acknowledge the fact that CASB is one of the fastest growing security markets ever.
“Biometrics will become a bigger part of RBA factors”
Okta broke ground when its Adaptive Multi-Factor Authentication began using Windows Hello and Apple Touch ID to add biometric factors to its RBA solution. While Apple’s Face ID and Facebook’s image verification methods are innovative, other companies such as ID R&D are researching improved voice authentication tools for authentication vendors. As a result, the behavioral biometrics market is expected to grow from $871 million in 2018 to more than $2.5 billion by 2023.
Our Trends report didn’t discuss emerging threats in incredible detail, but the evolving cyberthreat landscape is worth discussing as defensive technology aims to keep up.
Symantec’s annual Internet Security Threat Report outlined a few trends in terms of malware variants, endpoint security and mobile protection. Researchers found an 80 percent rise in new malware designed to target Mac computers, and a 54 percent increase in mobile variants. On a positive note, the report documented 5.4 billion instances of thwarted Wanacry attacks.
Symantec also found a significant spike in coin mining attacks, as did a number of threat researchers. This is likely the result of last winter’s cryptocurrency boom, but as coin values leveled out, mining attacks increased. Cryptomining attacks were virtually nonexistent a few years ago, but rose from roughly seven percent of 2017’s malware variants to more than 30 percent through the first half of 2018, according to Skybox Security’s Vulnerability and Threat Trends 2018,
The last notable change surrounding cyberthreats relates to social media fraud. From Q4 2017 to Q1 2018, social media fraud grew 200 percent, according to Proofpoint’s Social Media Brand Fraud Report. Cybercriminals infect corporate and personal social accounts with “bait” similar to email phishing tactics. They may create a fraudulent brand page and promise discounted services, customer support or rewards. They then direct users to sites asking for personal information or filled with malicious download links.
Based on the progression of our 2017 trending markets and the (fairly) accurate predictions we made, it’s reasonable to think these markets will continue to expand. More industries will adopt blockchain-based ledger systems and security tools. Different applications and endpoints will be monitored by machine learning-powered security systems. And behavioral authentication will continue adopting new, more dynamic factors.
The cryptocurrency mining attack trend seems relatively temporary. Since Bitcoin’s apex in late 2017 of $17,900, its value has been reduced over 50 percent to $6,511 in mid-August. Unless the value of Bitcoin and other cryptocurrencies bounces back, it seems like more of a wave than a steady flow of attacks.
IoT security is something we didn’t emphasize, but did touch on. Predictably, it’s been one of this year's biggest movers in terms of security markets. As the multi-billion-dollar IoT market continues to boom, IoT security will as well. With any luck, the IoT security market will grow faster with increased demand for secure endpoints and protected user data.
While banking and financial service industries are always targets, it remains to be seen which industry will see a bigger impact from online threats. Maybe it will be those industries rapidly adopting IoT, or it could be e-commerce transactions.
Our trends from 2019 will be released at the end of the year outlining new technologies across a wide range of markets. In the meantime, you can visit our security software categories and our cybersecurity service providers categories to keep up on security technology and solutions for your business.