All an attacker need is for the victim’s device to have Bluetooth turned on and obviously, in close proximity to the attacker’s device. Moreover, successful exploitation doesn’t even require vulnerable devices to be paired with the attacker’s device.

BlueBorne

What’s more worrisome is that the BlueBorne attack could spread like the wormable WannaCry ransomware that emerged earlier this year and wreaked havoc by disrupting large companies and organisations worldwide. Ben Seri, head of research team at Armis Labs, claims that during an experiment in the lab, his team was able to create a botnet network and install ransomware using the BlueBorne attack.

However, Seri believes that it is difficult for even a skilled attacker to create a universal wormable exploit that could find Bluetooth-enabled devices, target all platform together and spread automatically from one infected device to others.

“Unfortunately, this set of capabilities is extremely desirable to a hacker. BlueBorne can serve any malicious objective, such as cyber espionage, data theft, ransomware, and even creating large botnets out of IoT devices like the Mirai Botnet or mobile devices as with the recent WireX Botnet,” Armis said. “The BlueBorne attack vector surpasses the capabilities of most attack vectors by penetrating secure “air-gapped” networks which are disconnected from any other network, including the internet.”

Apply Security Patches to Prevent Bluetooth Hacking

The security firm responsibly disclosed the vulnerabilities to all the major affected companies a few months ago—including Google, Apple and Microsoft, Samsung and Linux Foundation.

These vulnerabilities include:

• Information Leak Vulnerability in Android (CVE-2017-0785)
• Remote Code Execution Vulnerability (CVE-2017-0781) in Android’s Bluetooth Network Encapsulation Protocol (BNEP) service
• Remote Code Execution Vulnerability (CVE-2017-0782) in Android BNEP’s Personal Area Networking (PAN) profile
• The Bluetooth Pineapple in Android—Logical flaw (CVE-2017-0783)
• Linux kernel Remote Code Execution vulnerability (CVE-2017-1000251)
• Linux Bluetooth stack (BlueZ) information leak vulnerability (CVE-2017-1000250)
• The Bluetooth Pineapple in Windows—Logical flaw (CVE-2017-8628)
• Apple Low Energy Audio Protocol Remote Code Execution vulnerability (CVE Pending)“Microsoft released security updates in July and customers who have Windows Update enabled and applied the security updates, are protected automatically. We updated to protect customers as soon as possible, but as a responsible industry partner, we withheld disclosure until other vendors could develop and release updates.” – A Microsoft spokesperson said.
• Google and Microsoft have already made security patches available to their customers, while Apple iOS devices running the most recent version of its mobile operating system (that is 10.x) are safe.

What’s worst? All iOS devices with 9.3.5 or older versions and over 1.1 Billion active Android devices running older than Marshmallow (6.x) are vulnerable to the BlueBorne attack. Moreover, millions of smart Bluetooth devices running a version of Linux are also vulnerable to the attack. Commercial and consumer-oriented Linux platform (Tizen OS), BlueZ and 3.3-rc1 are also vulnerable to at least one of the BlueBorne bugs. Android users need to wait for security patches for their devices, as it depends on your device manufacturers. In the meantime, they can install “BlueBorne Vulnerability Scanner” app (created by Armis team) from Google Play Store to check if their devices are vulnerable to BlueBorne attack or not. If found vulnerable, you are advised to turn off Bluetooth on your device when not in use.

Reference:

cyber-attacks

More than 25% of UK councils have had their computer systems breached in the past five years, campaigners say. A report by privacy group Big Brother Watch based on freedom of information requests found 114 councils experienced at least one incident between 2013 and 2017. The group said it was “shocked” that staff often lacked cyber-attacks training.

The Local Government Association said councils took their privacy responsibilities “extremely seriously”.

‘Protect citizens’ from cyber-attacks

Big Brother Watch said it had received responses from 395 local authorities and that, of the 114 that said their systems had been breached, 25 reported they had experienced a data loss or breach as a result.

It said the majority of successful cyber-attacks began with so-called phishing emails designed to trick staff into revealing passwords and other data.

Big Brother Watch said humans were the weakest link the cyber-security chain and the risk could only be reduced by introducing training for all council employees.

Three-quarters of councils did not provide mandatory cyber-security training, and 16% did not provide any at all, according to the report.

Jennifer Krueckeberg, the lead researcher at Big Brother Watch, said: “One would assume that they [councils] would be doing their utmost to protect citizens’ sensitive information.

“Local authorities need to take urgent action and make sure they fulfill their responsibilities to protect citizens,” she added.

Based on the FoI data, the report estimates the number of cyber-attacks on local authorities, which hold the data of millions of residents, at 98 million between 2013 and 2017.

This amounts to 37 attacks every minute.

A Local Government Association spokesman said: “Very few of these attacks actually manage to breach the firewalls or scanning systems in place.”

He added that councils were working with the National Cyber Security Centre to ensure their systems “are as robust and resilient as possible”.

It comes as figures released earlier this month by the National Cyber Security Centre showed Britain is repelling millions of attacks a month.

They showed that councils are among the organizations most commonly imitated in emails designed to gain trust.

Click here to find out abour Net Security’s Cyber Security courses to help your business crack down on Cyber Security threats.

Reference: http://www.bbc.co.uk/news/uk-43121581?intlink_from_url=http://www.bbc.co.uk/news/topics/cz4pr2gd85qt/cyber-security&link_location=live-reporting-story

Brown was connected to Anonymous, a group that hacked a private security firm to reveal secrets. He is now out and living in a halfway house in Dallas. He had spent years in a prison cell thinking about what he might do when he got out. And he says he is ready to change, so next time he gets involved in hacking a corporation he is able to inflict maximum damage as hackers.

“Certainly, I haven’t gotten any less militant in the course of having these things done to me,” Brown says.

Since most hacktivists operate in the shadows, Brown offers the best look at these cyber-revolutionaries and their motivations.

The 36-year-old Brown was born in Dallas. His father was a wealthy real estate investor, until he was investigated by the FBI for fraud. Brown’s father was never charged, but the family lost all its money and his parents divorced.

“It was something that I’m sure instilled in me the idea that there was a degree of arbitrary power out there that could come down at any time and disrupt your life, as it did to me when I was a child,” Brown says.

He hates arbitrary power and always has. He is an anarchist who believes the U.S. government is fundamentally corrupt. And he says most Americans are too complacent to do anything about it.

“That’s what … in part brings me to contempt for the American citizenry,” he says. “Obviously, I have no respect for the laws, for the government or for the voters.”

Instead, he says, his own code of values drives him.

He became a radical intellectual — more interested in spreading revolutionary ideas than in protesting in the streets. But in 2006, Brown saw a potential outlet for his anarchist dreams — the hacktivist group Anonymous. It was leaderless, crowdsourced and militant.

Anonymous managed to organize a massive attack on Scientology, even taking down its website. Brown started covering Anonymous as a journalist but soon became deeply involved.

“I saw this as the very first ripples in something that would grow to be one of the great dynamics of the 21st century, that we would see more of this emergence [of] online warfare essentially against institutions including nation-states,” he says.

For many years, Brown was a sort of unofficial spokesman for Anonymous, appearing in interviews dressed in a beige corduroy or navy blue jacket and dress shirt, a cigarette dangling from his hand. He looked more like a preppy than a revolutionary.

In 2011, the group began targeting companies that contracted with the U.S. government. One of them was Stratfor — a global intelligence firm. Emails released after an Anonymous hack included sensitive information on top-secret government missions like the killing of Osama bin Laden. The emails also show Dow Chemical hired Stratfor to spy on activists trying to get money for families who suffered during the Bhopal disaster.

Brown viewed this as a private corporate version of COINTELPRO — the FBI’s effort in the 1960s to discredit activists like Martin Luther King Jr.

Brown created Project PM, an online chatroom where participants looked through thousands of hacked emails to find the most incriminating. One email contained thousands of credit card numbers — and stealing credit cards is a crime.

In September 2012, Brown was at home talking online with members of Project PM. “I heard a rustling at my door and I walked over to the door. I was holding a beer in my hand,” he says. “[I] thought it was another friend of mine.”

But when he opened the door there was a SWAT team equipped with shields and helmets. Brown says they were yelling, “Put your hands up buddy.” Brown says they had him on the floor and put a boot on his back. The audio of the arrest was recorded by someone in the Project PM chatroom.

Brown faced up to 100 years in prison. His mother was charged with hiding his laptops.

Brown admits he went a bit off the rails. He posted a video on YouTube attacking an FBI agent.

“I was a former heroin addict,” Brown says. “I was getting off Suboxone at the time, which is a synthetic opiate. And I was sort of suddenly feeling emotions again that have been kind of bottled, kept down a few months. I was very upset about my mother being threatened with indictment.”

Still, Brown was a cause célèbre among certain activists and journalists. Many felt he was being put away for simply looking through hacked emails — something any journalist would do.

Brown eventually pleaded guilty to threatening a federal officer and to two other charges. The government imprisoned other members of Anonymous. The group kind of faded away, but its tactics did not.

During the 2016 election, Russian state-supported hackers used some of the same tools as Anonymous — hacking emails from the Democratic National Committee and posting them on WikiLeaks to embarrass Hillary Clinton.

I wondered, is there really any difference between a foreign agent trying to undermine our democracy and hacktivists like Anonymous? Is Brown a hero or a villain?

I turned to an unlikely expert to help me figure that out — Sam Esmail, the creator of the TV show Mr. Robot. “Their spirit is in activism,” Esmail says. “Their spirit is in exposing these frauds and abuses by people in power. And that’s just something on a human level I respect.”

But Mr. Robot is hardly a glowing portrait of hacktivists/hackers. Its hero, Elliot, is a drug addict who can’t access his own emotions. Sound familiar? Elliot leads a group called society that takes down the world’s largest corporation — erasing everyone’s debt. Chaos erupts.

Mr. Robot actor Rami Malek (from left), writer/producer Sam Esmail and actor Christian Slater

Mr. Robot actor Rami Malek (from left), writer/producer Sam Esmail and actor Christian Slater, at the Critics’ Choice Awards in Santa Monica, Calif., in 2016. “Their spirit’s in exposing these frauds and abuses by people in power,” Esmail says of hacktivists. “And that’s just something on a human level I respect.”

Jason Merritt/Getty Images

Esmail says he is looking at an age-old dilemma. “Do we commit a criminal/ hackers act for something that we feel is just, even though the consequences could be great?” he says. “That’s such a kind of loaded, huge, but very relevant question today.”

Brown doesn’t seem interested in examining the moral ambiguity of hacktivist crimes. But he says he is learning from past mistakes. Ultimately, Brown feels that Anonymous was disorganized and lacked leadership.

So he is designing a software program called Pursuance, which he says will take hacktivism into the future. It will be fully encrypted, anyone could use it to sort through a trove of hacked documents, and it could even be used to recruit a team of hackers.

Brown says when people tweet and post their opinions on social media it’s just “slactivism.” “The next great act of hacktivism, if it really is going to be great, it has to be an act of reaffirming the idea of civic duty,” he says. He says he wants to provide a mechanism for people who do feel that sense of civic duty to really have an impact.

Brown is ready to be a martyr for the cause if he has to be. He would even go back to prison.

“I want to be in a position to defeat my powerful adversaries in public,” he says, “where everyone could admire the pluck in which I did it.”

Brown is casting himself in a starring role in the new world. And in his mind, Mr. Robot is no fantasy. It’s what the future really looks like.

Official (ISC)2 CCSP Certification Training

Reference: https://www.npr.org/sections/alltechconsidered/2018/02/26/583682587/how-hackers-could-cause-global-chaos-an-anarchist-explains

In response to the growing need for qualified cybersecurity professionals, salaries are on the rise in 2018. But to break into a rewarding cybersecurity role, you’ll need to prove your skills with industry-recognized certifications.

Cyber Security Certifications build your knowledge and prove to employers you’re as good as you say you are. Whether you’re looking for a new challenge or want to advance in your current role, gaining a new certification is an opportunity to improve your salary.

Using aggregate median salary data from PayScale and Firebrand Training’s insider industry knowledge of IT certifications, we’ve identified five Cyber Security Certifications that will boost your salary in 2018.

1. GIAC Security Essentials (GSEC) – £70,000

The entry-level GIAC Security Essentials is designed to prove your knowledge of core cyber security concepts and provide the technical expertise required to work in hands-on roles.

This certification will build your knowledge of networking concepts, defense-in-depth, internet security technologies and Windows/Linux operating system security.

You’ll also be on track to earning a great salary – the average monthly earnings for GSEC holders is £70,00. While it is unlikely that you’ll land this salary with just this entry-level certification, it may demonstrate that GSEC-certified professionals are committed to career development will go on to achieve top cybersecurity roles.

While the GSEC can be achieved through self-study, many professionals will opt for a training program that includes the exam. Otherwise, you’ll need to pay $1,699 to attempt the GIAC Security Essentials exam.

GIAC was founded in 1999 with the aim of validating the skills of information security professionals. The GSEC is just one of a range of certifications that address a broad range of cybersecurity skills, from entry to advanced levels.

2. (ISC)2 CISSP – £80,000

The CISSP (Certified Information Systems Security Professional) is aimed at the cybersecurity elite and is a fantastic way to demonstrate your expert knowledge, advance your career and join a worldwide community of cybersecurity professionals.

This certification shows you have what it takes to build and manage an information security programme. As a result, the CISSP certification is highly sought-after by security professionals, especially those aiming for CCISO (Chief Information Security Officer) roles.

To achieve the CISSP, you’ll need at least five years’ cumulative work experience across two or more of the eight CISSP domains – which cover cybersecurity topics like, risk management, software development security, and security operations. You’ll then need to pass an exam to gain the certification.

A major driver for professionals to achieve the CISSP is to improve their marketability. With an average salary of £80,000 for CISSP holders, it’s easy to see why.

3. ISACA CISA – £80,000

Since it was introduced by ISACA in 1978, more than 129,000 professionals have proved their skills with the CISA certification.

Earning the CISA showcases your information security auditing knowledge and demonstrates your ability to assess vulnerabilities, report on compliance and institute security controls within an enterprise.

Achieving the CISA is often seen as mandatory to work as an Information Security Auditor. As security demands create fresh challenges for businesses, employers continue to recognize the credibility provided by the CISA.

4. (ISC)2 CCSP – £83,000

Within two years, 41% of enterprises will be running business-critical IT services in hybrid, public and private clouds, data from Traditional IT revealed.

Because of this greater reliance on cloud technology, the need for professionals with proven cloud skills is increasing.

(ISC)2’s CCSP (Certified Cloud Security Professional) is one of the leading cloud credentials and is a perfect benchmark for security professionals. A result of the unique partnership between (ISC)2 and the Cloud Security Alliance (CSA), the CCSP is ideal for experienced security professionals looking to move into cloud-focused roles or expand their existing skillset.

By achieving the CCSP, you’ll prove your expert knowledge of cloud application, data, and infrastructure security. You’ll also build your knowledge of cloud compliance, legality and privacy.

This high-level certification builds on knowledge gained through the CISSP. CISSP-holders will be pre-qualified to sit the CCSP exam, otherwise, you’ll need five years of relevant security work experience.

5. ISACA CISM – £80,000

The Certified Information Security Manager (CISM) offered by ISACA is highly-regarded in the cybersecurity industry as a managerial certification that also builds technical knowledge. There’s growing recognition for this expert-level certification, due in no small part to the success of the CISA certification, also offered by ISACA.

This certification is ideal for technical cybersecurity professionals that want to make the move into management and gain recognition of their managerial and communication skills. When preparing to pass the CISM exam, you’ll need to study governance, risk management, incident management and security program development.

While there is some overlap between the CISSP and CISM certifications, the CISSP is more technically focused.

To sit the CISM exam, you’ll need five years of relevant work experience, with a minimum of three years’ information security management experience. However, you will be able to substitute years’ experience with other security certifications, like the CISSP, CISA or GIAC certification.

More cyber security certifications that pay

With hundreds of cyber security certifications on the market, they couldn’t all be squeezed into this shortlist. That said, we’d like to give some honorable mentions to certifications that didn’t make the top five.

To build knowledge of the tools and techniques used by cybercriminals, consider taking an ethical hacking course and achieving EC-Council’s Certified Ethical Hacker certification. With an average salary of $79,000, this entry-to-intermediate certification is one to consider.

If you’re a networking professional looking to specialize in the security of Cisco certifications, the Cisco CCNA Security is ideal. You’ll prove your ability to develop security infrastructure and vulnerabilities on networks and set yourself up for a £60,000 salary.

Reference: https://www.hackread.com/5-proven-cyber-security-certifications-that-will-boost-your-salary-in-2018/

cyber-security

According to a recent report, 53% of businesses say their cyber-security budget has increased over the last year due to an increase in cyber-attacks . In an age of technology, cyber-attacks are becoming more prevalent, more frequent and more threatening than ever before.

As a result, Turnerlittle.com sought to find out how cyber-security threats have increased in recent years, and what companies are, and should, be doing to prevent cyber-attacks.

In a recent Ernst & Young (EY) report, Turner Little found that more than half of respondents (53%) say their cyber security budget has increased over the last year.

cyber-security is a number 1 priority for businesses

In 2018, many companies understand that cyber-security is a major risk, perhaps even the number one priority; particularly for technology-heavy companies, but unfortunately, no business can completely protect itself from a cyber-attack. However, they can implement plans and strategies to help prevent breaches from occurring.

For many companies, customer data is paramount, with a staggering 65% of businesses citing customer personal and identifiable information as the most valuable asset to protect, while 36% cited customer passwords.

These were followed by:

• Company financial information- 19.5%
• Corporate strategic plans- 18.4%
• Senior executive/board member personal information- 15.1%
• Information exchanged during M&A activities- 11.5%
• Patented intellectual property (IP)- 10.1%
• R&D information- 9.6%
• Non-patented IP- 8.3%
• Supplier/vendor identifiable information- 4.2%

Turner Little found there is a shortage of individuals with the skills and know-how to deal with cyber security threats in business.

Companies must increase cyber-security awareness training, whilst instilling an understanding of how cyber risks can impact different roles and individual projects, as well as harming overall businesses.

Analysing a 2017 report by Gov.uk, Turner Little found that, over the last 12 months, some businesses are trying to offer cyber security training.

The following companies pursuing cyber-security training:

• Small firms- 25%
• Medium firms- 43%
• Large firms- 63%
• Within finance/insurance- 49%
• Within info/communications/utilities- 41%

Costs of a cyber breach

The mean spend on cyber-security of all businesses in the UK is £4,590, and for large businesses, the mean spend reaches a staggering £387,000.

However, it is worth it in the long run, as Turner Little found that the average cost of breaches to all businesses in the UK reached £1,570 in the last 12 months – and £19,600 for large firms.

James Turner, Managing Director of Turner Little commented: “Cyber security is something every business must be Investing in. In this day and age, with the increases in technology and software, businesses are constantly under attack from hackers – both big and small. It is vital companies assess their cyber-security plans continuously to ensure all data is secure.

“Despite the cost, it is important to ensure that all employees understand how dangerous cyber breaches can be, and what their costs are – particularly in larger firms where the aftermath can be highly detrimental to the company’s reputation and client retention.”

Reference :https://www.openaccessgovernment.org/over-50-of-businesses-increased-their-cyber-security-budget-amid-attacks/42807/

Looking for a job to enter the world of Net security but not sure how it’ll be or if it’s what you’re looking for? Here’s everything you need to know about the good, the bad and the ugly before you jump into the Net security landscape.

1)      Now you can see this as a good or bad thing but there is non-stop simulation, you’re constantly having to learn new things as technology is in an ever constant state of change but so are the threats that come with it. It’s a continuous battle of intelligence and wits with hackers and attackers so you have to make sure that you keep up to date with the latest technical developments and then be creative in coming up with innovative solutions to combat the latest threats. For a lot of people, this is great, it means you’re always learning something new and it never gets stale and you constantly have a skill you can improve, although some people may see this as tedious and may not see the appeal.

2)      One frustrating aspect is that sometimes you may get work with companies that are too old-fashioned to fully take on your advice, whether out of ignorance or purely because they just don’t see the significance of it. They might see the whole concept of cyber security as just needing to get the newest software and then installing a basic firewall to protect themselves as opposed to the huge variety of actions they could be taking in order to shield themselves from attacks. So be prepared to explain the significance of protection in a way, people, not as versed in cyber security will understand in order to get your point across.

3)      Another highlight of working in Net security is that the industry tends to work together, even if working for rival companies everyone is working under the same risks and threats, this means that they’re mostly all prepared to share information and details in order to keep everyone safe as there is little to no advantage in going solo and not working together to make security better overall for all.

4)      At last the ugly side of it, a lot of the time working in an important role in a Net security job can unfortunately just be stressful. There is a lot of planning and effort that goes into each and every problem solved and you constantly have to be on the watch for threats which can sometimes mean longer work hours and some trial and error (mainly error) but if you’ve got the passion or the knowledge for it then these are really only minor annoyances when compared to the many benefits of working in Net security.      

5)      And lastly, probably the most important of the good that a Net security job has to offer…. the pay is usually great. The average security consultant reports earnings of between £52,500 – £82,500 per year and after hearing that the bad and the ugly don’t seem that important anymore.

 Well if after all this you’re still interested or maybe even more eager to start a career in Net security then why not start your training with Net Security Training today by signing up for one of our various amounts of courses.

In May, one-third of UK health trusts were hit by the WannaCry worm, which demanded cash to unlock infected PCs  Ethical hackers. In a statement, Dan Taylor, head of the data security center at NHS Digital, said the center would create and run a “near-real-time monitoring and alerting service that covers the whole health and care system”. The center would also help the NHS improve its “ability to anticipate future vulnerabilities while supporting health and care in re-mediating current known threats”, he said. The operations center guidance would complement the existing teams the NHS used to defend itself against cyber-threats.

NHS Digital, the IT arm of the health service, has issued an invitation to tender to find a partner to help run the project and advise it about the mix of expertise is required. Kevin Beaumont, a security vulnerability manager, welcomed the plan to set up the center.

Many private sector organizations already have similar central teams that use threat intelligence and analysis to keep networks secure.”Having a function like this is essential in modern-day organizations,” Mr. Beaumont said.

“In an event like WannaCry, the center could help hospitals know where they are getting infected from in real time, which was a big issue at the time, organizations were unsure how they were being infected”.

In October, the UK’s National Audit Office said NHS trusts had been caught out by the WannaCry worm because they had failed to follow recommended cyber-security policies.

The NAO report said NHS trusts had not acted on critical alerts from NHS Digital or on warnings from 2014 that had urged users to patch or migrate away from vulnerable older software By Ethical hackers.

Reference: BBC News

cash converters

Cash Converters The company said customer usernames, passwords and addresses had potentially been accessed by a third party. The data breach exposed accounts on the company’s old UK website, which was replaced in September 2017. The company told the BBC it was taking the breach “extremely seriously” and had reported it to the information commissioner.

Cash Converters lets people trade in items such as jewelry and electronics for cash and then sells the items on to others. It operates an online store that lets people buy items traded in at Cash Converter shops around the UK. The online store was re-launched in September 2017, and the data breach affected only people with an account on the old website.

They said no credit card information had been breached, and people who visited its stores but did not use the website had not been affected.

“Our customers truly are at the heart of everything we do, and we are disappointed that they may have been affected,” the company said in a statement.

“We apologize for this situation and are taking immediate action to address it.”

Reference: http://www.bbc.co.uk/news/technology-42010140

That is just the first prediction that comes from a long list about cybersecurity in the next two to four years made by some of the biggest names in the Cyber Security world, we’re going to share the top 5 predictions from that list with you.

cybersecurity

1. Throughout 2020, 99% of security attacks will be direct results of risks known about by cybersecurity professionals right now and have known about for at least a year.

The advice given is for companies to focus on fixing these problems now, while they may be small and easy to ignore it’s cheaper to deal with them now before they become a real problem.

2. By 2020, a third of successful attacks will come from a company’s own shadow IT resources.

The way a company should deal with this is by finding a way to address shadow IT within their company and engage it with acceptance as opposed to punishment.

3. By 2018, the need to protect public cloud drives will cause 20% of organisations to develop data security governance programmes. Organisations should develop company wide data security governance (DSG) by looking for gaps in their cyber security and applying counter measures where appropriate

4. By 2020, 80% of new deals with cloud-based access security brokers (CASBs) will be packaged with network firewall, secure web gateway (SWG) and web application firewall (WAF) platforms.

While some are worried about about customer migration to the cloud and bundling purchases, bushiness should assess the application deployment road-map and decide whether CASB investment is worth it for them.

5. By 2018, companies that leverage native mobile containment rather than third-party options will rise from 20% to 60%. Experiment and familiarise your organisation with native containment solutions. Note that enterprises with average security requirements should plan to move gradually to native containment.

6. By 2019, use of passwords and tokens in medium-risk use cases will drop 55%, due to the introduction of recognition technologies.

Passwords are too entrenched in business practices to disappear completely, but companies should seek products that focus on development of an environment of continuous trust with good user experience. Begin by identifying use cases and press vendors for biometric and analytic capabilities.

Reference for info: https://www.gartner.com/technology/home.jsp