Article adapted from Michelle Davidson’s blog of same subject.
APAC has become a focus of cyberattacks in recent years. While cybersecurity technologies are continuously upgrading, cyberattacks are also becoming more prevalent in the region. In fact, IBM and Checkpoint have reported that APAC has experienced the most cyberattacks in both 2021 and 2022, attributed to the rapid digitalisation in the region combined with the low cybersecurity awareness and regulations present.
What is in store for 2023? Our experts predict seven (7) emerging trends:
- Growth in digital signatures expected with eIDAS 2.0 (electronic Identification, Authentication, and Trust Services)
- New regulations and legislations to emerge, such as PSD3 (Third Payment Services Directive)
- Email remains strong as ever
- Perception of the CA (Certificate Authority) market to change
- A renewed focus on identity authentication
- Deployment of MFA (Multi-Factor Authentication) to grow
- Adoption of automated tools to rise
1. Growth in digital signatures expected with eIDAS 2.0
The global digital signature market is growing at a staggering rate and as more conversations evolve around the potential changes eIDAS 2.0 could bring to the market, the momentum is only going to grow.
The prevalence of remote work coupled with the globalisation of business processes has increased the need for document security. Nowadays, documents are being transmitted online or through cloud-based systems, exposing information to the risk of potential breaches. The elDAS regulation aims to reduce this risk through setting authentication requirements.
Since it was established in 2014, elDAS has set a common framework for identity verification in the European digital space. With the evolving market and advancing business processes, elDAS 2.0 was developed with hopes to create the means for a unified and secure identification service that can offer authentication through certification schemes. The new regulation will also expand authentication in all public and business services. Hence, the need for certificate-based authentication through digital signatures will grow.
Despite being an EU regulation, elDAS 2.0 also has a significant impact in APAC. As European countries adopt more stringent policies surrounding authentication. APAC countries handling cross-border documents are also expected to comply with the regulation. As a result, increased demand for digital signatures as one of the most secure means to authenticate one's identity follows.
Read also: 6 Legislations Surrounding Digital Signatures in Asia Pacific
Discover GlobalSign’s Digital Signatures for eIDAS Compliance
2. New regulations and legislations to emerge
Digital connection in APAC is stronger than ever. In 2020, Global System for Mobile Communications Association (GSMA) reported that more than 1.2 billion people in APAC are connected to the internet, with the number of mobile phone users consistently rising. Similarly, the Internet of Things (loT) market in the region is significantly expanding - projected to reach $14.7 billion in 2027. This growth is driven by the increasing connectivity and smart automation. It is in line with Industry 4.0, which is the fourth wave associated with “automation, data exchange, digital technology, artificial intelligence (AI) and machine learning, and the Internet of Things (IoT)."
For APAC, Industry 4.0 is characterised by the creation of new industries, rise of smart devices, and the growing demand for industrial robotics that call for new regulations and legislations around the use and security of these devices. Governments have started rolling out guidelines on this phenomenon. For instance, Singapore has issued improved rules about labeling. The legislation focuses on multi-level labelling schemes for loT devices to improve security. Threat sharing in the loT space is also becoming a trend for the region, hence the need to coordinate with the rest of the globe to monitor and prepare for threats, while also enhancing risk analysing capabilities.
Read also: What is the Internet of Things and How Does It Work?
Discover GlobalSign’s IoT Device Security
3. Email remains strong as ever
“Email will be gone in the next five years,” said our expert Andreas Brix in 2018. True enough, there have been changes in the way we communicate, with messaging services and apps simply proliferating further in the business world. But where does this leave email?
It turns out there are at least 4 billion daily email users. After 50 years of usage, we head into 2023 with electronic mail staying strong as one of the few communication standards for reliably exchanging information worldwide.
As most transactions and communications in APAC are predicted to happen through email, organisations must strengthen security measures in sending and receiving emails. The use of Secure/Multipurpose Internet Mail Extensions (S/MIME) will help APAC businesses ensure the security of this communication channel through encryption and digital signature technologies. S/MIME guarantees that information in any email exchange is not compromised through transmission, while also authenticating the identity of the sender, the non-repudiation of the signature, and the integrity of sensitive data.
Read also: How Secure Email (S/MIME) Supports Your Company’s Email Security Strategy
Counter Phishing and Data Loss with Secure Email (S/MIME)
4. Perception of the CA market to change
We mentioned at the very beginning of this article that conversations around cybersecurity were intensifying. In years past, organisations would implement rudimentary security software that required little oversight. Today, the situation is vastly different.
In 2023, we can expect to see a two-fold increase in security awareness, as well as products utilising Public Key Infrastructure (PKI) as well as the broad-based cloud security. This surge is especially imminent in developing markets like APAC and African countries as compared to their Western counterparts.
Given the increase in internet attacks in APAC, coupled with the continuous growth and depth of internet services, the region is forecasted to exhibit the highest Compound Annual Growth Rate (CAGR) in the CA market for the period 2020-2030. Many companies, especially those in ecommerce and financial technology, will obtain digital certificates from CAs to meet the growing demand for online security. As a future-proof CA, GlobalSign commits to constantly investing in different technologies and infrastructure. Our latest 7.5 version of Auto Enrollment Gateway (AEG) is one such platform which boasts improved capability beyond the automated feature of enrollment, provision, and installation of certificates - providing identity for an organisation’s plethora of devices.
Read also: Certificate Authorities: Who Are They and What Do They Do?
Discover Our Enterprise Class Identity and Security Services
5. A renewed focus on identity authentication
Identity security is known to be the cornerstone of the new digital economy, especially for APAC countries. As the region continues to invest in technology and innovation for industries like ecommerce and fintech, it is unsurprising that Southeast Asia’s internet economy is expected to reach US$1 trillion by 2030. While the era of digitalisation presents various opportunities for business expansion and improvement, there remains to be a huge risk in terms of data security. New identity-related threats come into play, together with the unprecedented growth of devices that need to be authenticated.
The need to keep up with the trend of digitalisation and the continuous rise of internet services for APAC’s growing economy puts a renewed focus on identity authentication. APAC’s identity verification and authentication markets are forecasted to grow with a CAGR of 16.6% for the period 2021 to 2028, setting a record high for the region. Subregions like ASEAN and ANZ have also exhibited an increased demand for both on-premises and cloud-based identity verification, recognising the need for more stringent security measures for their systems.
For example, in Australia, verification regulations need to be complied with before a customer can gain access to financial products and services. Other businesses also require ID verification to reduce fraudulent activity and protect privacy and personal information. The same is true for New Zealand where identity authentication is required through the RealMe project that proves someone’s identity online. ASEAN countries have also put in place regulations related to identity authentication and other internet security rules for businesses. Aside from the requirement to authenticate, focus is also put on the convenience of verifying identity via biometric and certificate-based authentication.
Read also: An Introduction to Certificate-based Authentication
Read also: Various Identity Solutions for Your Business’s Growing Security Needs
6. Deployment of MFA to grow
With cyberattacks getting stronger, the traditional methods of authentication can be at risk. Hackers may be able to breach through its preliminary levels, increasing the threats of sensitive data leakage and the exposure of personal information. In a survey conducted by ZDNet, 46% of responding individuals and companies from APAC stated that they shared more data and personal information in 2022 than previous years. At the same time, 74% of respondents perceived data leakage as a main security threat to their organisation, posing various financial and reputational risks.
This finding reinforces the growing trend of multifactor authentication for website or system access, leveraging multiple levels of identity establishment and permission verification. MFA ensures that a user is who they say they are through two or more mechanisms, significantly reducing the risk of data breaches. Given its enhanced security features, deployment of multifactor authentication is expected to grow in APAC over the next few years, meeting the demands for improved identity verification and data security.
Read also: How Certificate-Based Authentication Works
Secure Your Endpoints with Strong Authentication
7. Adoption of automated tools to rise
Digitalisation of business and economic processes is at a faster pace in APAC than any other part of the globe, according to the Think Tank KAS. APAC businesses continue to invest in technological advancement, leading the way in areas like financial technology, e-health, and autonomous driving. These advancements come hand in hand with the increased adoption of automated tools.
At same time, The Market Data Centre predicts that the industrial automation market will grow at a CAGR of 12.1% from the period 2022-2030, mainly attributed to the digitalisation of industries in China and India and driven by the creation of new businesses throughout the region. The digital transformation in APAC presents a vast opportunity for companies offering automation products that can be proven effective to aid the rapid growth of digital industries. Due to the proliferation of new threats, organisations will want to future-proof their systems by seeking out opportunities for automation support. Among the processes and tools that will make use of automation include threat detection response, vulnerability management, compliance, Artificial Intelligence (AI) and machine learning tools, cloud security tools, and IoT security tools. Automated tools reduce the workload on cybersecurity professionals, allowing them to focus on more complex tasks and respond more quickly to threats. They also improve the efficiency and effectiveness of an organisation’s cybersecurity efforts by continuously monitoring networks and systems for signs of security breaches or vulnerabilities.
Read also: Increase Email Security with Automated Tools
PKI Automation Strategies Enterprises Need
Keeping Up with the Changes
2023 certainly looks very much like a year of change, with accelerating momentum, for cybersecurity. With new technologies, regulations, and advancements, it is important your business has the confidence in your Certificate Authority (CA) to ensure that your organisation is compliant. At GlobalSign, we can help your business to automate, manage, and integrate PKI. Contact us today.