Arti Raman, CEO and Founder, Titaniam

            “In 2022, we saw a continuous flood of ransomware attacks, which spawned the increasing adoption of
            Ransomware as a Service (RaaS). The threat actors behind these attacks have honed their skills in
            ransom negotiations and extortion processes, creating a playbook they can use to go after nearly any
            organization. Because of this, the number of ransomware attacks we’ll see in 2023 will only continue to
            rise and move downstream.

            To combat these attacks, organizations in 2021 and 2022 heavily invested in prevention, detection and
            backup technology. However, in 2023 that may not be enough. As threat actors get more creative and
            innovative with their malicious attacks, data security professionals also need to embrace newer, more
            innovative and effective technologies to defend their systems.

            In fact, a recent report found that more than 99% of security professionals are searching for better data
            protection tools to protect themselves from ransomware and extortion. Similarly, 70% of participants in a
            different report indicated they experienced data theft at some point during the previous 12 months. Of
            those respondents, 98.6% believe a more modern data security solution could have prevented their data
            theft.

            While no prevention technology can guarantee 100% protection, new technology must focus on assumed
            breach  concepts  and  providing  more  guardrails.  By  analyzing  what  made  successful  breaches
            successful, we as a cybersecurity community can take the first step toward a technological shift that will
            revolutionize how we fight back against ransomware.”

            Gal Helemski, CTO and Co-Founder, PlainID

            “In 2023, identity-first security will gain more focus and adoption. Already we see increasing growth in
            the  identity  space  as  the  importance  of  identity  as  the  new  security  perimeter  is  sinking  in.  Identity
            solutions would expand their support, especially in the cloud, and provide deeper levels of control. An
            essential part of that would be understanding Authorizations and the link between the identity world and
            the security of data and digital assets.

            Authorization manages and controls the identities' connection to digital assets (such as data). That is a
            fundamental part of identity-first security. It starts with the authenticated identity and continues with the
            controlled process of what that identity can access. Full implementation of identity-first security can’t be
            achieved without an advanced authorization solution that can address all required technology patterns of
            applications, APIs, microservices and data.

            I believe most security leaders are still focused on the perimeter of their digital enterprise, which needs
            to change. Identity-first security can’t end at the gate. Identities and their access should be verified and
            controlled on all levels, access points, network, applications, services, APIs, data and infrastructure.









            Cyber Defense eMagazine – January 2023 Edition                                                                                                                                                                                                       97
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.