Authored by: Daniel Mountstephen, the Regional Vice President of Centrify in Asia Pacific & Japan
1. Misplaced Understanding Of Cloud Security Increases Risk
A 2019 Centrify study revealed that 60% of organizations don’t understand the shared responsibility model when it comes to who secures workloads in the cloud. This is an even greater risk in Asia Pacific — where 70% of security decision-makers in large enterprises believe that security provided by cloud providers is enough to protect them from cloud-based threats. This will create a false sense of security in cloud security providers by their customers, as the latter are responsible for securing privileged access to their cloud administration accounts and workloads. Therefore, cloud environments will become a top target of cyber-attacks in 2020 as this false sense of confidence placed by organizations is exploited by bad actors.
2. The Rise Of Securing Machine Identities
Asia Pacific is poised to become the global leader in IoT spending in 2019 — accounting for 35.7% of worldwide spend. This increased support isn’t limited to the private sector, with governments such as Singapore and Malaysia quickly progressing their Smart City vision. Compounded with an ever-evolving enterprise threatscape, that includes automation, this means that machine identities will become the largest cybersecurity exposure point in 2020, overtaking humans. However, automation, if done correctly by humans, could mitigate much of the risk, and employees will remain the biggest weakness for organizations. “Alexa, can you stop me from being hacked…”
Gartner stats cited across industries
3. Phishing Will Continue Evolving Beyond Email To Sms, Video
Over the past year, those in Asia Pacific have seen a dramatic increase in phishing attacks over SMS, WhatsApp or Facebook messenger — with the messages claiming to be from local banks, telcos and even supermarkets. Hackers have proven to be very capable of evolving to get around increased cybersecurity awareness, and phishing will continue to focus more on SMS and personal messaging services. Phishing attacks by SMS (“SMishing”) will increase by more than 100% in 2020, and we’ll see the first successful spearphishing by video, as hackers leverage new tools like “deep fake” technology to look and sound like a trusted person (ex. a Facetime with an attacker posing as the CEO).