Key trends that security and risk management leaders should be aware of this year

Author: Silke Wenig

Last updated: August 1, 2022

At Onegini, we are constantly scouring the market for new insights, searching for developments and trends around digitalisation and security. In particular, we want to shine a spotlight on the Customer Identity Access Management (CIAM) field - an area where thought leadership is severely lacking. Across a series of blog posts, we will be illuminating the importance and evolution of the CIAM market. Firstly, we explore the key trends that security and risk management leaders should be aware of.

Key Trends for Security Leaders

Security and risk management has always been a major business trend - even before the use of digital solutions became commonplace. Today, as threat actors discover new ways of infiltrating company tools and datasets, security personnel must react to shore up their defences. This leaves the security landscape in a constantly evolving state of flux.  

In recent times, the COVID-19 pandemic has further destabilised the business world, forcing security and risk management leaders to grapple with unexpected developments. For example, in the early stages of the pandemic, Google reported that it was blocking 18 million daily malware and phishing emails related to COVID-19. Homeworking and remote collaboration tools have introduced new vulnerabilities that businesses are only just getting to grips with.

The security developments that have emerged in the last year cannot be pondered over for too long, however. Already, several other key trends are emerging that security and risk management leaders must be aware of. We’ve listed some of the most important below:


  • Cybersecurity enters the c-suite

According to Gartner, 40% of boards of directors will have a dedicated cybersecurity committee overseen by a qualified board member by 2025, a significant increase from less than 10% today. The increased prominence being given to cybersecurity is hardly surprising given the enormous damage that can result from even a single security failure. Collectively, cyberattacks cost the global economy more than $1 trillion in 2020, with no industry going unscathed. What’s more, the fallout from a cybersecurity breach can be long-lasting, resulting in reputational damage that persists for years to come.


  • Prioritising the customer experience

At Onegini, we are constantly collecting data from our interactions with colleagues, clients, and customers. Over the past six months, we have witnessed several interesting developments, including the growing priority being given to the customer experience. Although our research found that Business Enablement and Operational Efficiency were viewed as the benefits most strongly linked to the use of a CIAM solution, improved customer experience came a close second. Similarly, another of our other data collection efforts found that customer journey optimisation was viewed as one of the most significant topics for organisations.


  • Identity-first

Many businesses continue to employ more traditional security protocols, even as the workplace undergoes significant shifts. With these changes, it has become clear that an identity-first approach to security is needed to protect businesses from being targeted by cyberattacks. Last year’s high-profile SolarWinds attacks highlighted what can happen when companies do not manage and monitor identities well enough. Delivering an identity-first security approach means more than just employing security tools like biometrics and two-factor authentication, businesses also need to explore how attackers are circumventing these perimeter defences.


  • Screenshot 2021-07-06 at 08.54.39Buying rather than building

With customer identity becoming an increasingly important part of the security landscape, businesses must adopt the right tools. In terms of CIAM, Gartner indicates that although businesses are exploring CIAM strategies - 72% of organizations already have or will be rolling out a CIAM initiative by 2022 - many are looking at commercially available technologies instead of building a solution internally.

Our data indicates that there are a few key areas that are already taking priority for security leaders when assessing commercially available CIAM tools, including identity proofing, the presence of a mobile app, and data consent management. Security leaders should choose their CIAM solutions carefully, looking for offerings that deliver strong core capabilities and provide straightforward integrations with existing technologies.


  • Remote onboarding

Many customers are now onboarded without ever having face-to-face contact with a business - even those in industries where data is considered extremely sensitive, such as banking. Fortunately, digital solutions are available that can facilitate this growth in a post-pandemic world without introducing security risks. CIAM platforms can support advanced and seamless customer verification through techniques such as online identity proofing and BYOID (bring your own ID). They allow businesses to engage with customers securely, without introducing unnecessary friction into the onboarding process.

The trends listed above highlight some of the recent developments emerging in the CIAM market. At Onegini, we will continue to look for cutting-edge insights that deliver the best customer experience allied with the highest levels of security. Next time in this series of blog posts, we’ll explore how the insurance sector is balancing innovation and data protection.