Article posted: May 16, 2018
Q&A with Olov Renberg, Co-Founder and COO of BehavioSec
We're pleased to offer the fifth installation of our quarterly partner/industry blog series. We recently shared a booth with BehavioSec at RSA 2018 and spoke with Olov Renberg, BehavioSec's Co-Founder and COO about the growing use of behavioral biometrics, aka behaviometrics, and the changing IAM landscape
1. Where does BehavioSec see the strongest growth in two-factor authentication over the next two years? Please discuss in terms of regions, verticals and size of customer organizations.
I'd say it varies a lot depending on the region. In a more mature market, like Europe, we'll probably see strong growth among midsize companies in already strong verticals like banking. As ransom- and malware are expanding the need for security across verticals, we're also seeing increased interest from new areas, like healthcare.
In less mature markets it's a bit more of a mixed bag. Whilst the financial sector is still in the driver's seat, we are already seeing strong interest from enterprise security and healthcare, sometimes even more so than in more mature markets. The emerging regions are already getting exposed to the same threats as our home markets and, unlike some of our home markets, are working hard to not only catch up but to lead the development of better security.
2. What's the main reason that more and more organizations are choosing to deploy multifactor solutions?
It's to reduce risk. We all have access to so much information today that one weak link is enough to sink an entire organization. Even the least mature company holds a lot of information on CRM-systems, email and internal communication tools, and a leak would be catastrophic. Deploying multifactor-based security is a cheap way of reducing that risk.
3. Explain how behavioral biometrics is changing the multi-factor authentication market? Can we replace the PIN codes with something as secure and yet cost efficient?
I don't like to talk about behavioral as a replacer as we typically don't replace anything. Whilst behavioral reduces the need for manual review and step-up authentication through increased security, we don't see the need to remove the PIN-code. Instead, we'd just future-proof the PIN by adding a behavioral layer behind it.
4. What identity and access management trends were prominent at RSA?
Having just returned from RSA, the general feel was more about compliance and automation. A lot of people already know that they need to increase security, they're just holding back out of a perceived fear of having to increase the manual review burden on their already spread thin teams. Maybe this trend will help make next year's show more about one of my favorite subjects, score fatigue.
5. Why is Sweden an incubator for some of the world's fastest growing security companies? What competitive advantages do Swedish security companies have over the rest of the world?
Sweden has a strong educational system and a long history of successful entrepreneurs, and these entrepreneurs have inspired the next generation to create new and exciting technology start-ups.
6. How will organizations comply with the GDPR regulations using multifactor authentication methods?
Compliance and security go hand in hand. As we are a Swedish company, we have been working with PUL and other privacy regulations and are accustomed to adhering to it. In mainland Europe or American companies that have offices in Europe, there seems to be this fire drill to get everything in place before it matures into a regulation.