Patryk Brozek: Predictions for PAM market in 2019

09.01.2019 10:00

Happy New Year to one and all

2018 was another good year for the Privileged Access Management market. Why? Gartner has revealed its first Magic Quadrant, awareness among enterprises has increased, market growth rates remained in double digits and we’ve seen the first moves of consolidation. As for the technology, the market realized that PAM is not only about password management. It’s about privileged session monitoring, detecting privileged user misuse, privilege elevation, and adaptive authentication. Moreover, the majority of vendors addressed the cloud presence through revealing their solutions on AWS or MS Azure.

2019 Predictions for PAM Market

Let’s look into the crystal ball and predict what we can expect in 2019.

PAM in the Cloud

It has already started but this is just the beginning, and I suppose that in 2019 every single PAM vendor will present its own vision and strategy of how to handle the issues that cloud environments present to organizations when it comes to privileged user misuse. Currently, most vendors are limited to offer their standard product version in marketplaces of the main cloud providers but mind you, that space is wide-ranging: Starting with AWS-based solutions, through Docker-like containers’ support and ending with SaaS services. Remember that privileged accounts are not only among the corporate infrastructure but even in social media. That’s the challenge for vendors and in my opinion, one of the main issues to deal with in 2019. This market will grow rapidly, and what’s interesting, the number one player is yet to be announced.

We’re witnessing the very birth of the PAM in the Cloud market. It is great news for customers and vendors alike.

Prevention

As I mentioned, PAM is much more than simply a password vault, although many still believe this to be true. Authentication, session monitoring and recording, risk analysis, privileged account discoveries, and audits are all part of the new PAM ecosystem.

In 2019, I’m quite sure that vendors will make a great push to be even more proactive. Detection is now the standard, in turn, the time for real prevention is now!  Imagine that PAM systems are not only able to detect suspicious activity, but also block unwanted behaviors before they happen, or even discover that a user’s account has been breached before the hacker start his/her criminal activity. This is what we can achieve thanks to Sophisticated AI, advanced user behavior analytics and kernel audit mechanisms. These features are fully attainable in the next generation of PAMs.

RPA (robot process automation) 

RPA is more and more popular in both business (i.e. invoicing, CRM)  and technical (DevOps, mass deployments, administration) worlds. Given the privileged accounts aspects, eliminating human error (as the weakest link) remains the holy grail for many. But we need to be very careful implementing such an idea. It’s a great place to explore for potential offenders. We are now observing the emergence of partnerships between RPA’s and PAM’s vendors but it’s more about access and password management. I believe there is a tremendous opportunity for PAM vendors to cooperate closer, to offer tools that monitor and analyze what our friendly bots do or don’t do and if they are still robots. Finally, PAM vendors will eventually use RPA in their own products starting with a new model of password changers and ending on doing critical task through their solutions.

Smart Access Gateway

VPNs are old and clunky. In some cases, you still have to use them, but modern PAM products will offer you seamless and fully secure access to your privileged assets from outside the company.  VPNs for these purposes will not be needed anymore. Really. Even now there are a few solutions that can fully replace VPN products for remote access but I assume the opportunity is much bigger. Why? Because a smart access gateway is easier to manage and deploy, more secure and more cost-effective.

When it comes to business, I’m sure that the market is and will continue experiencing rapid growth and in my opinion even faster than last year. Look, in principle, almost every big breach is related to privileged misuse, which is why I believe Privileged Access Management will remain one of the most important areas on which CISOs must focus. Moreover, there is a huge market of small and medium companies that, for now, can be forgotten by the largest players. But I think in 2019 there will be the emergence of SMB-oriented, cost-effective yet comprehensive PAM solutions.

As my final prediction, I’m choosing consolidation strategies. We have had some acquisitions last year, and this year we will likely have more. Not only among PAM but also between IAM and PAM vendors. Why? It’s only natural as there is a great fit in the cooperation of these two, similar solution sets.

Having said all that, I wish you all no incidents, no insiders, no leakages, no breaches, and no stress…well, maybe just a few (in the name of job security).


Again, Happy New Year and stay safe!