7. The Tipping Point for Biometric Security Is Approaching
The last two years have seen a significant rise in the use of biometrics. This is expected to grow significantly with major industry players implementing new capabilities both with new sensors in devices and with adoption of biometric authentication frameworks like FIDO and TouchID. This facilitates secure on device storage of biometric information (like fingerprints) as well as interoperability between apps and systems. What this means is that biometrics can finally answer the "what's in it for me" question that consumers have been asking, while replacing passwords with strong traditional PKI authentication protected by the biometric sensor. The consumer gets better security with significantly increased convenience for device unlocking, purchasing and payments. This also is leading to enterprise adoption of biometrics that may start to see a reduction on the dependence on passwords.
8. Security Gamification and Simulation Will Tackle the Security Awareness Challenge
Internet security relies on the human element as much as it does on technology. If people were more skillful, they could help reduce the risks they faced. This is as true of consumers avoiding scams as it is of government employees avoiding the social engineering in targeted attacks.
In this context, security gamification will be used to turn "the desires of the moment" into lasting changes of behavior by using the psychological rewards and instant gratification of simple computer games. Security Gamification could be used, for example, to train consumers to be wary of phishing emails or to generate, remember, and use strong passwords. Symantec sees a big market opportunity and a great need for this kind of training in 2016.
Companies will also invest more in preparing for security breaches and understanding their defenses better by using simulations and security "war games." By extending conventional penetration testing into a simulated response and remediation phase, companies can train their employees and improve their readiness. This message is not lost on governments. In January 2015, UK Prime Minister David Cameron and U.S. President Barack Obama agreed to carry out "war game" cyber attacks on each other. Companies could follow their example in 2016.
Sign up for Computerworld eNewsletters.