As cybersecurity and regulatory compliance become the top two biggest concerns of corporate boards, some are adding cybersecurity experts specifically to scrutinize security and risk issues. This is just one of our top 8 security and risk trends, many of which are driven by recent events such as security breaches and the ongoing COVID-19 pandemic.
“Over the past two years, the typical enterprise has been turned inside out,” says Peter Firstbrook, VP Analyst at Gartner. “As the new normal of hybrid work takes shape, all organizations will need an always-connected defensive posture and clarity on what business risks remote users elevate to remain secure.”
This year’s security and risk trends highlight ongoing but not yet widely recognized strategic shifts in the security ecosystem. Each is expected to have broad industry impact and significant potential for disruption.
Trend No. 1: Cybersecurity mesh
The cybersecurity mesh is a modern conceptual approach to security architecture that enables the distributed enterprise to deploy and extend security where it’s most needed.
When COVID-19 accelerated digital business, it also accelerated the trend wherein many digital assets — and individuals — are increasingly located outside of the traditional enterprise infrastructure. In addition, cybersecurity teams are being asked to secure countless forms of digital transformation and other new technologies. This requires security options that are flexible, agile, scalable and composable — those that will enable the organization to move into the future, but in a secure manner.
Trend No. 2: Cyber-savvy boards
With an increase in very public security breaches and increasingly common business disruptions due to ransomware, boards are paying more attention to cybersecurity. They recognize it as a huge risk to enterprises and are forming dedicated committees that focus on cybersecurity matters, often led by a board member with security experience (such as a former chief information security officer [CISO]) or a third-party consultant.
This means that CISOs can expect increased scrutiny and expectations, alongside an increase in support and resources. Be prepared to improve communication and expect tougher questions from your board as a result.
The reality for security today is that security leaders have too many tools. Gartner found in the 2020 CISO Effectiveness Survey that 78% of CISOs have 16 or more tools in their cybersecurity vendor portfolio; 12% have 46 or more. Having too many security vendors results in complex security operations and increased security headcount.
Most organizations recognize vendor consolidation as an avenue for more efficient security, with 80% executing or interested in a strategy for this. Large security vendors are responding with better-integrated products. However, consolidation is challenging and often takes years to roll out. Although lower costs are often a perceived driver of this trend, more streamlined operations and reduced risk are often more achievable.
Hybrid work and the migration to cloud applications have solidified the trend of identity as the perimeter. Identity-first security is not new, but it takes on fresh urgency as attackers begin to target identity and access management capabilities to gain silent persistence.
Misused credentials are now the top technique used in breaches. Nation-state-level attackers are targeting active directory and the identity infrastructure with phenomenal success. Identity is a key lateral movement technique across air-gapped networks. Multifactor authentication usage is growing, but it is not a panacea. Identity infrastructure must be properly configured, maintained and monitored with an elevated importance.
As digital transformation progresses, there has been an explosive growth in the numbers of nonhuman entities that make up modern applications. Therefore, managing machine identities has become a vital part of security operations.
All modern applications are made up of services that are connected by APIs. Each of these services need to be authenticated and monitored as attackers can use your suppliers’ API access to critical data to their advantage. The tools and techniques for enterprisewide machine identity management are still emerging. However, an enterprisewide strategy for managing machine identities, certificates and secrets will enable your organization to better secure its digital transformation.
Trend No. 6: “Remote work” is now just “work”
According to the 2021 Gartner CIO Survey, 64% of employees are now able to work from home, and two-fifths actually are working from home. What was once only available to executives, senior staff and sales is now mainstream. The movement to hybrid (or remote work) is a durable trend with more than 75% of knowledge workers expecting future hybrid work environments.
From a security perspective, this requires a total reboot of policies and tools to better mitigate risks.
Trend No. 7: Breach and attack simulation
A new market is emerging to help organizations validate their security posture. Breach and attack simulation (BAS) offers continuous testing and validation of security controls, and it tests the organization’s posture against external threats. It also offers specialized assessments and highlights the risks to high-value assets like confidential data. BAS provides training to enable security organizations to mature.
Privacy-enhancing computation techniques that protect data while it’s being used — as opposed to while it’s at rest or in motion — enable secure data processing, sharing, cross-border transfers and analytics, even in untrusted environments.
This technology is rapidly transforming from academic research to real projects delivering real value, enabling new forms of computing and sharing with reduced risk of data breaches.
Experience IT Security and Risk Management conferences
Join your peers for the unveiling of the latest insights at Gartner conferences.