In 2023, identity will continue to hold the keys to the kingdom for cybercriminals. This is a continuation from 2022, with the Verizon Data Breach Investigations Report (DBIR) attributing 80% of basic web application attacks to the use of stolen credentials like passwords. Security incidents usually involve a variety of techniques, from social engineering to supply chain compromise, but pretty much every major breach this year started with attackers compromising a stakeholder's identity and fraudulently accessing their account.
Businesses must realize that their digital applications are only as good as the identity barriers around them. With billions of leaked passwords available on the dark web and multi-factor authentication (MFA), bypass techniques gaining ground, application and security teams should have a "healthy paranoia" around user authentication and access control.
Rishi Bhargava is co-founder and CRO at Descope (https://www.descope.com/), a stealth startup building something in the authentication space for application developers. In a career spanning over 20 years, Rishi has run product, strategy, go-to-market, and engineering for category-creating cybersecurity startups and large enterprises. Before Descope, Rishi served as VP of Product Strategy at Palo Alto Networks, which he joined via the acquisition of Demisto, a security operations startup.
Address:
3003 East Chestnut Expy
STE# 575
Springfield, Mo 65802
Phone: 1-844-277-3386
Fax:417-429-2935
E-Mail: contact@appdevelopermagazine.com