The Chertoff Group


Privacy breaches, large-scale hacks and other security incidents have exposed critical cybersecurity inefficiencies to the public eye in the last few years. With consumers experiencing first-hand consequences of these breaches, including compromised personal data and financial losses, companies and consumers are paying close attention to cybersecurity. As a result, public trust will play a more significant role in cyber market trends, and we expect 2019’s cybersecurity developments to largely reflect public sentiment. Here are the largest cyber market trends we expect to see this year.

Increased Threat Emulation to Measure Effectiveness (ATT&CK)

Organizations are embracing the MITRE ATT&CK model with a slew of new products and services to provide better, more granular modeling of threat tactics, techniques and procedures (TTPs).

This trend toward threat emulation will drive a further increase in products and services that model threat actor campaigns, suggest mitigation strategies and validate the people, processes and technologies that manage these TTPs.

Identity Solutions Moving to the Cloud 

Historically, organizations have preferred to manage their identity tools and services, especially Active Directory and privileged account management, onsite. This preference for proximity-based management was due to the sensitive nature of the guarded information as well as the importance of protecting critical data to maintain business operations.

However, as the cloud becomes increasingly widespread and secure, organizations are migrating to cloud-based identity and access management (IAM) solutions to complement cloud-based application security capabilities. This IAM movement to the cloud continues the security product migration first seen by endpoint detection and response products and now being adopted across large segments of the security industry.

Authentication with Mobile Devices Will Explode

Organizations and users are beginning to accept newer mobile verification technologies like biometrics, facial recognition and QR codes. This increase is due to rising trust that these approaches provide additional security to elements currently viewed as insecure, including voting booths and DMV registration processes. 

Greater verification technology acceptance is also linked to the proliferation of converged physical-cyber security in identity proofing. For example, facial recognition at facility turnstiles, Wi-Fi access via devices and other methods are becoming commonplace.

Customers will Focus more on Effective Risk Management as a Differentiator

The operational impacts of NotPetya to FedEx and a data breach to Equifax were not just expense items – in both cases, customers voted with their feet, and the companies lost revenue. Moreover, Equifax had been certified against several information security standards, pushing consumers to question those methods and standards. 

Customers will, therefore, not only increasingly look for assurance that service providers have cybersecurity programs in place but will also be looking beyond compliance-based measures to proof of actual effectiveness. This will be a key differentiator in 2019.

Keeping Up with Trends Towards Heightened Cybersecurity

As cybersecurity remains in the public eye, companies and consumers are becoming more concerned with security and privacy. 2019 will likely see a trend towards consumer-accepted security measures like biometric mobile verification, cloud-based technology and similar measures. So, as cybersecurity and public trust remain top of mind, companies that cannot adequately prove security effectiveness won’t be able to compete with their trusted competitors. 

Schedule a consultation with The Chertoff Group today to learn how your organization measures up against the new industry security standards and why building an effective cybersecurity program is critical for business continuity and growth.

Schedule a Consultation

Contact us today to learn what we can do for you.

Schedule a Consultation