Fraud will skyrocket, straining existing defences
Fraudsters’ toolsets have evolved over the past five years, while the current generation of defences are starting show their age. Attackers have found that by imitating their victims, down to their home environment, they can bypass hurdles like multi-factor authentication and risk-based rate limiting. The tools that take advantage of this type of vulnerability are still in their infancy but, when they mature, it will force companies to reevaluate their defences.
3D printers will test biometric security
3D printers went from niche machines costing thousands of dollars to being sold less than a Nintendo. 3D-printed fingerprints and faces that can pass biometric authenticators is not a sci-fi future. It’s right around the corner. It won’t require a high-quality scan of a victim, either. Biometric authentication boils down to probability scoring, and a printable ‘master key’ may look more like a keychain of composable parts than a replica of a person’s face or fingerprint.
Bolt-on security will move to the edge
Routing a packet all the way through the internet just to say “no, this one’s rotten, reject it” is a waste of resources. Both the internet and budgets are finite. Moving products like bot protection and data validation to the edge is the obvious solution and will save both processing time and bandwidth cost.
Rust & Wasm will change application security
WebAssembly, Wasm for short, is a bytecode that started as an alternative runtime for web browsers, complementing JavaScript. Wasm is turning into an ultra-lightweight, ultra-portable way to execute binaries on the server, edge, browser, wherever. Meanwhile, the Rust language has already made waves with its focus on memory safety – the cause of most severe security issues – and has the best first-class support for Wasm. The combination of the two promise to fundamentally change application development.
A surge of data breaches will be announced late 2021
The office landscape changed radically in 2020. Millions of workers went remote in a matter of weeks and systems scaled quickly. The problem isn’t remote working, it’s that traffic and activity data started looking different all at once Trends changed. Just like when someone shines a flashlight in your eyes at night, it takes time to readjust and see clearly again. Once companies recognise what new breaches look like we’ll see a cascade of announcements in a short time frame.
Discussion about this post