Gartner Blog Network


Securing A Touchless Society

by Barika Pace  |  July 28, 2020  |  Submit a Comment

Introduction

By 2023, 50% of all major business applications will include at least one type of no-touch experience, such as voice, augmented reality, or virtual reality.

 

COVID-19 has acted as a catalyst for the era of AI-powered no-touch interfaces, which include

  • Open-air gesture control and three-dimensional interfaces,
  • Biometrics,
  • IOT,
  • Virtual reality,
  • Brain-computer interfaces,
  • Augmented reality, and
  • Virtual personal assistants.

Touch-less interfaces present new attack vectors and thus increase security risks and lead to a higher dependence in AI. Product leaders will need to increase their focus on privacy and security controls to combat the collection of ever-larger amounts of personal data in a cyber-physical world. However, the greatest threat to product leaders’ touch-less product ambitions might be the risk to their product development cycles. Product leaders must increase their efforts to protect training models, especially those that can have real cyber-physical consequences, including threats to people and the environment.

Recommendations

As part of their long-term strategies, products leaders must prioritize the investments below technologies to prepare for short term impacts a changing society:

Embedded trust: Embedded trust delivers a hardware root of trust (e.g., Trusted Platform Module), which is frequently a requirement to secure end-point functions. Examples of these include device virtualization, firmware, operating systems, and execution environments. Such vendor products offer protection from scale able software-based threats and are useful in defending against physically invasive attacks. Providers like Thales, Keyfactor, Entrust Datacard, and Allergo offer embedded trust solutions.

Homomorphic encryption: Homomorphic encryption is a cryptographic method that enables third parties to process encrypted data and return an encrypted result to the data owner while providing no knowledge about the data or the result. Note that fully homomorphic encryption isn’t quick enough for most applications at this time, but some vendors offer partial homomorphic encryption. Providers like Duality Technologies, IBM, ShieldIO, and Ethereum are vendors that readers can research further.

Decentralized identity: Digital identity and data-sharing challenges create numerous privacy concerns. Decentralized identity enables privacy-enhanced verifiable identity data exchanges online. It also leverages technologies such as blockchain or other distributed ledger technologies to decentralize an identity system by distributing it across a large number of nodes or participants. Relevant providers include Microsoft, NuID, SecureKey, and Sovrin Alliance.

Cyber-physical system security (CPSS) solutions enable secure management of  increasingly interconnected environments, growing out of IOT and OT security. The goal of CPSS is to secure engineered systems that orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans) and enable a safe, real-time, deception, secure, reliable, resilient and adaptable performance.  Product managers must develop and demonstrate security features that, while helping mitigate threats, ensure privacy, guarantee safety, availability, reliability, and resilience. Sample providers include SCADA Fence, Nozomi, Cisco (CyberVision), Bayshore, Microsoft Azure Sphere, Claroty, Dragos,  Forescout, 802 Secure, Armis, Indegy, Radiflow Tenable.  Verve, IoActive, Otorio  and PAS.

GPS anti-jamming and anti-spoofing This technology includes jamming and spoofing detection sensors, hardware and software. Signal-jamming solutions need to be fully automated to be effective, whether “kill” type jammers or “return home” systems.  Sample providers: InfiniDome and Orolia

Online-fraud detection (OFD)

In a touch less society, online fraud detection is expanding beyond traditional use cases, and market overlap with identity proofing and authentication is growing. OFD tools normally enable real-time monitoring, and may be focused on detection alone, or also on mitigation, once fraudulent activity is suspected. Capabilities may include solutions to provide behavior analytics, bot detection, fraud scoring, integration with social media analytics tools, and event monitoring. Representative vendors include: Amazon Fraud Detector,  SHIELD Enterprise, BioCatch, Cleafy, and Callsign.

Recommended Reading

Cool Vendors in Cyber-Physical Systems Security

Product Manager Insight: The Emergence of the Product Security Officer

Emerging Technologies and Trends Impact Radar: Security

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: 

Tags: covid  cyber-security  touchless  

Barika Pace
Sr Director I
3 years at Gartner
17 years IT Industry

Barika L Pace does research focused on securing emerging technologies and protecting corporate branding for high-tech enterprises. Her research covers threats and disruptions facing, Internet of Things (IoT), cyberphysical systems (CPS), social media, operational technology (OT), coupled with the realities of regulatory changes, privacy, fraud prevention and risk. In addition, through a product management lens, Ms. Pace helps clients identify top talent requirements. Her work focuses on overcoming recruiting challenges, retention, providing insights into diversity, inclusion and recruiting. Her research recognizes that in today's interconnective world protecting customers and brand reputation requires, an increased focus on multiple channels to conduct fraud detection, address cyberphysical security risk, counter threats, and to meet the challenges of increasing regulatory environment through continuous innovation. Also, Ms. Pace's research focuses on helping clients improve customer experience, through effective messaging, communication, and brand management. She helps clients optimize product strategy, and brand positioning. Finally, Ms. Pace enjoys working with tech CEOs, product leaders, product marketing leadership, CMOs, CISOs, digital manufacturing product innovators, security providers, and various clients on organizational and cultural changes needed to remain agile.Read Full Bio




Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.