As cybersecurity strategy, leadership and technologies continue to evolve, Gartner, Inc. highlighted three steps security leaders can take now to prepare for the emerging threat landscape over the next 10 years.
“The rise of artificial intelligence (AI) is a double-edged sword for CISOs,” said Katell Thielemann, VP analyst at Gartner. “Enterprises are facing a deluge of automated cyberattacks, which are exponentially rising in velocity, variety and complexity. However, AI is simultaneously supporting security teams in detecting and responding to threats, fundamentally changing organizations’ defense paradigms.”
Gartner analysts identified three ways that security leaders can prepare for the evolution of cybersecurity during the Opening Keynote of the Gartner Security & Risk Management Summit, taking place in National Harbor through Friday.
“If the 2020s were the decade of ‘hybrid everything,’ the 2030s will be the decade of ‘augmented everything,’” added Andrew Walls, distinguished VP analyst at Gartner. “Attackers are weaponizing AI just as fast as organizations augment their defenses with it, meaning that it’s not enough for cybersecurity technologies to evolve – strategy and leadership approaches must change, too.”
Invoke Continuous Foresight
Security leaders must look beyond immediate threats and embrace continuous foresight, a strategy that integrates research insights into internal capabilities and third-party tools to maintain a proactive security approach.
Gartner forecasts that information security spending will reach $187 billion in 2023, an increase of 11.1% from 2022. As security budgets continue to rise, CEOs and Boards of Directors will expect a highly strategic approach to security investment that results in demonstrable returns typified by fewer breaches and greater enterprise resilience. Pursuing multiple models of the future will enable security leaders to build an investment strategy that is flexible enough to respond to new threats with agility.
Play to Your Strengths as a Leader, But Know Your Weaknesses
Effective enterprise cybersecurity requires deep technical, business and strategy expertise, yet it is unlikely that one security leader excels in all three areas. In fact, Gartner predicts that by 2025, a single, centralized cybersecurity function will not be agile enough to meet the needs of a digital organization.
“The most effective CISOs don’t try to do it all,” said Thielemann. “Play to your strengths as a leader, and then augment your teams with those who complement your weaknesses.”
Remember the Attack is Never Over
The nature of technology is one of perpetual change, meaning that new attack techniques and threat vectors will continue to emerge as new technologies do. Security leaders must remain on the cutting edge of technology innovation by investigating solutions including cybersecurity mesh architecture, AI-augmented security tools, homomorphic confidential computing and other emerging security technologies.
About Gartner Security & Risk Management Summit
Gartner analysts are presenting the latest research and advice for security and risk management leaders at the Gartner Security & Risk Management Summits 2022, June 7-10 in National Harbor, MD, 21-22 June in Sydney, 25-27 July in Tokyo and September 12-14 in London. Follow news and updates from the conferences on Twitter using #GartnerSEC.
About Gartner for Information Technology Executives
Gartner for Information Technology Executives provides actionable, objective insight to CIOs and IT leaders to help them drive their organizations through digital transformation and lead business growth. Additional information is available at www.gartner.com/en/information-technology.