Six Trends in Cybersecurity 

How to approach data security for the future of digital business.

The increase in digital presence in companies will substantially alter how security professionals approach data security. More than ever before, security professionals are now integrated with digital business decisions, and as such must work with business leaders to ensure the protection and safety of the organization.

“Security now means taking a holistic approach to all aspects of security,” says Earl Perkins, research vice president at Gartner, during a presentation at Gartner Security & Risk Summit. “Digital security is the next evolution in cybersecurity to protect this pervasive digital presence.”

The IT Roadmap for Cybersecurity

Best practices to create a resilient, scalable and agile cybersecurity strategy.

Download Roadmap

Seek balance

As security moves to an embedded state within even the edges of the organization, security professionals will be under increasing pressure to balance risk and resilience, says Perkins. The goal will be to balance the management of risk within an enterprise with the increasing need for responsiveness and open concept requirements.

To balance risk and resiliency, security professionals should look to create methods that allow for fast-tracking ways to address security concerns and demonstrating agility.

Accelerate skills generation and convergence

As security trends shift, the organization should include new skill sets such as data science, physical security automation and ubiquitous identity management, says Perkins. It will be challenging to find all these people, and external services will become increasingly important. For current employees, organizations must identify current skills gaps and focus on creating “versatilists” who are capable of fulfilling these varied requirements.

Grow a secure digital supply chain

As the amount of software involved in the traditional supply chain grows, digital technologies will create a matching digital supply chain using cloud services, said Mr. Perkins. Security professionals should develop a strategy for public clouds, gauge whether the company’s private cloud strategy can be applied and create a cloud lifecycle governance approach. Finally, he advised companies to implement these strategies over time so that cloud security does not become diffused across too many players.

Embrace adaptive security architecture

Companies already have a myriad of products related to security, prevention, detection and response, says Perkins. Security leaders must shift their mindset from incident response to continuous response, spend less time on prevention and invest in detection and response. Context-aware networks are able to provide multiple sources of information that security professionals can use to determine if an attack is taking place. Enterprises should architect for comprehensive, continuous security to provide visibility across different layers for future security.

Adapt security infrastructure

Due to the increase in connectivity and devices, different types of networks are connecting that haven’t traditionally been brought together, says Perkins. As a result, security professionals need to make decisions about equipping the integration points of those networks. Companies should look to creating guidelines for networked trust zones for network segmentation, and evaluate “discovery” techniques so they’ll be aware of what changes are occurring in a physical way.

Additionally, since this is an area that mobile security has been addressing, companies should expand security skill sets to include all types of wireless communications and look to the mobile industry for lessons in simplifying the layers in the deep stack of security.

Establish data security governance and flow

Enterprises need an approach that looks at policy, monitoring and protection and groups the myriad types of products on the market into very discrete segments so security professionals can work effectively in creating security architecture, said Mr. Perkins. Begin treating data classes seriously, and focus on device protection and data flow profiling to determine security strategy for the Internet of Things.

Overall, companies should move toward a mindset that embraces governance and show some formalism in securing their data.

 

Get Smarter

Follow #Gartner

Attend a Gartner event

Explore Gartner Conferences

Gartner IT Roadmap for Cybersecurity: A Resilient Strategy

Gartner IT roadmap for cybersecurity based on unbiased research and...

Learn More

Webinars

Get actionable advice in 60 minutes from the world's most respected experts. Keep pace with the latest issues that impact business.

Start Watching