Committing to Zero Trust by Adding Security Tools
Over the past few years, government organizations have navigated their zero-trust journeys by adding identity-based microsegmentation and training tools to their security portfolios.
Agencies rank security tools much higher than other industries do. Palo Alto Networks’ GlobalProtect and Prisma Access solutions, together, were the second-most popular products by number of customers, behind Microsoft 365, with KnowBe4 and Zscaler also claiming spots in the top 10, according to Okta’s findings. For comparison, the highest-ranking security tool among companies overall is KnowBe4 at No. 10.
Okta data shows that agencies are adding security tools at a rate of 12% year over year. This growth rate outpaces security investments among other sectors, which generally measure in the 2% to 5% range.
Security training tool KnowBe4 is gaining the most traction in the government sector; adoption grew 23% YOY by number of customers and 120% YOY by unique users. The prior year, Palo Alto Networks’ GlobalProtect took both honors.
MORE FROM FEDTECH: Microsoft solutions help government police its artificial intelligence work.
A Growing Attack Surface Demands New Layers of Security
Organizations across industries aren’t just adding more security tools. They are also introducing more apps across the board. This year, the average number of apps per company hit 101, up 9% YOY.
Agencies are adopting a wide variety of apps. The sector saw the highest growth by number of customers in design software tools, at 35% YOY. When compared with other sectors, it also saw the highest YOY growth in cloud platforms (+18%), project management (+14%), human resources (+12%), networking and infrastructure (+12%), and content collaboration tools (+9%).
The government sector now averages 89 apps per organization, a 14% increase over the prior year and a 31% increase from five years ago. As this widening attack surface becomes the new normal, organizations must seriously consider adding new layers of security.
Given the increased risk exposure, the need for a single security standard has become more critical. Okta is an active member of the Interoperability Profiling for Secure Identity in the Enterprise working group within the OpenID Foundation, which is committed to establishing a universal standard for identity security. This would provide developers with guidance to help them embed identity security directly into their apps and give customers more effective cybersecurity outcomes.
DISCOVER: Major contractors are close on CMMC 2.0 readiness.
Detected Threats Surge 10x, Driving Companies to Stronger Factors
With automated cyberattacks on the rise worldwide, aggregated Okta ThreatInsight data provides a good proxy for the current state of cyberthreats by industry. Attacks, as measured by the ratio of detected threats to all authentications, are up across all sectors.
While financial services are historically a tempting target, they have made substantial gains in hardening their attack surface — sending attackers to seek lower-hanging fruit.
The energy, mining, oil and gas sector, which is both a hot target for nation-state actors looking to disrupt power stations and an industry burdened by local equipment that is difficult to upgrade, now suffers the highest rate of detected threats — up tenfold from 3.3% a year ago to 32% now.
Nonprofits, with potential pots of donor dollars and limited security tools, are not far behind, with 18%. The government ranks as the third-most attacked sector; its ratio of 14% means nearly 1 out of every 7 authentications is flagged as a potential threat.
UP NEXT: With social engineering attacks on the rise, agencies must secure identities.
This flurry of detected threats is driving companies to deploy stronger factors, especially phishing-resistant factors. Okta data shows agencies are moving away from lower-assurance authentication factors such as text messaging and voice calling (-6% YOY by number of customers). The sector is adding higher-assurance factors, particularly those that leverage biometrics such as fingerprints.
Okta data also shows the deployment of FastPass, a phishing-resistant, passwordless authenticator that is often backed by biometric information, grew 62% YOY by number of customers and 667% YOY by unique users among government customers. FastPass is a popular choice because it’s easier to use and less cumbersome than smartcards, while providing a greater level of protection.
Another phishing-resistant option, security keys and biometrics (including WebAuthn, YubiKey and Touch ID), grew 31% by number of customers and 38% by unique users in the government sector.