Okta: Preparing for the evolving security landscape in 2020

Jesper Frederiksen, VP and GM EMEA at Okta, looks at five ways businesses can prepare for the evolving cybersecurity threat in 2020 and beyond

It wasn’t just Brexit and the general election that dominated the 2019 news agenda. Large scale data breaches that affected the world’s biggest organisations also resulted in constant media headlines. Perhaps most interesting about these data breaches was not just the volume of data stolen, but the significant consequences and scrutiny that organisations now face owing to the enforcement of the GDPR and the CCPA legislations.  

In the UK, British Airways was hit with a record $230 million penalty, followed shortly by a $124 million fine for Marriott, while in the US, Equifax agreed to pay a minimum of $575 million for its 2017 breach. According to Norton, in the first half of 2019, there were an unprecedented amount of breaches: 3,800 publicly disclosed breaches, 4.1 billion records exposed, and a 54% increase in the number of reported breaches compared to the first six months of 2018.


READ MORE – Data: the worst breaches and how to stop them



One thing is clear, no matter the size of your company, everyone is susceptible to data breaches. Only by having security front of mind and having an awareness of the security threats emerging in the year ahead can organisations take the steps required to ensure their organisation is safe from data breaches and it’s financial and reputational repercussions.

With that in mind, here are five of the biggest security trends that we’ll see in 2020

1) Deepfakes will become a hacker’s best friend

A big trend for social media this year has been the rise of deepfakes and we’re only likely to see this increase in the year ahead. These are manipulated videos that are made to look real but are actually inaccurate representations powered by sophisticated AI. This technology has implications for past political Facebook posts. 

We will start to see threat actors use deepfakes as a tactic for corporate cyberattacks, in a similar way to how phishing attacks operate. Cyber crooks will see this as a money-making opportunity, as they can cause serious harm to unsuspecting employees. This means it will be vital for organisations to keep validation technology up to date. The same tools that people use to create deepfakes will be the ones used to detect them, so we may see an arms race for who can use the technology first. 

2) API security will move up on the enterprise priority list

Data breaches have surged over the years but in 2019, many of them were the result of insecure APIs. Panera, Venmo, USPS and Salesforce are just a few of the high profile companies that dealt with API security breaches last year, and despite all the damage, companies in general have been slow to respond to this growing concern by bringing API security under the purview of security teams. 

That said, 2020 will be the year that companies wake up to the threat and move API security up on the priority list. One way to do so is by embracing OAuth (a delegated authorisation framework for REST/APIs) which helps to place the user in control of his or her data, as opposed to the company. We expect this open standard to spike in adoption.

3) Contextual access spending will spike to meet Zero Trust strategies

In the coming decade, organisations will shake up their security budgets to account for a Zero Trust strategy. Spend on perimeter will move instead towards access points that are more dynamic. We will see a decrease in firewall and perimeter investment and in 2020, we can expect an increase in spending on context-based access management. 

With 97% of organisations now using cloud services, the network perimeter can no longer serve as a barometer for trust, with companies starting to operate through the lens of least privilege; analysing each authentication and authorisation deeply. As machine learning technology continues to evolve and move past heuristics towards true individualised pattern recognition, we will see that increasingly integrated into security budgets as well.

4) The first wave of companies to go passwordless

Next year, we will see the first wave of companies go passwordless, embracing more effective ways of securing digital identities. Passwords have failed us as an authentication method for too long and enterprises will move beyond the reliance on this ineffective method. According to Verizon’s Data Breach Investigations Report 2019, 80% of hacking-related breaches were as a result of weak, stolen or reused passwords. 

Companies will adopt alternative methods to determine access, such as biometrics, IP addresses and geolocation. As these factors are increasingly considered as trusted, more organisations will grant access without the need to enter a password. Additionally, organisations should move to a discrete and modern identity system that removes any reliance on personal information, such as passwords, to increase security. This will ensure safety as stolen personal information would become worthless on the black market, acting as a deterrent to hackers.

5) Best-of-breed security challenges to be overcome

In the year ahead, the number of businesses adopting ‘best-of-breed’ applications will continue to increase exponentially. We will see an explosion of applications as the workforce now has a much bigger say in tech purchasing decisions. This bottom-up approach enables teams to go out and pick the tool that they feel will enable them to do their best work.

But, this new approach to workplace tools has inevitably led to new challenges, the greatest being security. Due to the increasing volume of cloud-based applications, the attack surface is far greater, making companies more vulnerable than ever. With 40% of large UK businesses expecting to be cloud-only by 2021, according to McAfee, 2020 will see companies forced to adapt and strike a balance between autonomy and security. To improve security, all businesses will need to embrace the zero-trust paradigm. The old perimeter-centric, binary model of security has failed and firms need to embrace this new approach that encompasses every connection that their workforce and wider stakeholders make.

Jesper Frederiksen

Jesper Frederiksen is VP and GM EMEA at Okta, an access management company which provides cloud software to help organisations manage and secure user authentication.

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...