Gartner says security and risk management leaders must address seven top trends to protect the ever-expanding digital footprint of modern organisations against new and emerging threats in 2022 and beyond.
“Organisations worldwide are facing sophisticated ransomware, attacks on the digital supply chain and deeply embedded vulnerabilities,” said Peter Firstbrook, research vice president at Gartner. “The pandemic accelerated hybrid work and the shift to the cloud, challenging CISOs to secure an increasingly distributed enterprise – all while dealing with a shortage of skilled security staff.”
These challenges lend themselves to three overarching trends impacting cybersecurity practices: (i) new responses to sophisticated threats, (ii) the evolution and reframing of the security practice and (iii) rethinking technology. The following trends will have a broad industry impact across those three domains:
Trend 1: Attack surface expansion
Enterprise attack surfaces are expanding. Risks associated with the use of cyber-physical systems and IoT, open-source code, cloud applications, complex digital supply chains, social media and more have brought organisations’ exposed surfaces outside of a set of controllable assets. Organisations must look beyond traditional approaches to security monitoring, detection, and response to manage a wider set of security exposures.
Digital risk protection services (DRPS), external attack surface management (EASM) technologies and cyber asset attack surface management (CAASM) will support CISOs in visualising internal and external business systems, automating the discovery of security coverage gaps.
Trend 2: Digital supply chain risk
Cybercriminals have discovered that attacks on the digital supply chain can provide a high return on investment. As vulnerabilities such as Log4j spread through the supply chain, more threats are expected to emerge.
Gartner predicts that by 2025, 45% of organisations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021.
Digital supply chain risks demand new mitigation approaches that involve more deliberate risk-based vendor/partner segmentation and scoring, requests for evidence of security controls and security best practices, a shift to resilience-based thinking and efforts to get ahead of forthcoming regulations.
Trend 3: Identity threat detection and response
Sophisticated threat actors are actively targeting identity and access management (IAM) infrastructure, and credential misuse is now a primary attack vector. Gartner introduced the term “identity threat detection and response” (ITDR) to describe the collection of tools and best practices to defend identity systems.
“Organisations have spent considerable effort improving IAM capabilities, but much of it has been focused on technology to improve user authentication, which actually increases the attack surface for a foundational part of the cybersecurity infrastructure,” said Firstbrook. “ITDR tools can help protect identity systems, detect when they are compromised and enable efficient remediation.”
Trend 4: Distributing decisions
Enterprise cybersecurity needs and expectations are maturing, and executives require more agile security amidst an expanding attack surface. Thus, the scope, scale and complexity of digital business make it necessary to distribute cybersecurity decisions, responsibility, and accountability across the organisation units and away from a centralised function.
“The CISO role has moved from a technical subject matter expert to that of an executive risk manager,” said Firstbrook.
Gartner predicts that by 2025, a single, centralised cybersecurity function will not be agile enough to meet the needs of digital organisations. “CISOs must reconceptualise their responsibility matrix to empower Boards of Directors, CEOs and other business leaders to make their own informed risk decisions,” continued Firstbrook.
Trend 5: Beyond awareness
Human error continues to be a factor in many data breaches, demonstrating that traditional approaches to security awareness training are ineffective. Progressive organisations are investing in holistic security behaviour and culture programs (SBCPs), rather than outdated compliance-centric security awareness campaigns.
An SBCP focuses on fostering new ways of thinking and embedding new behaviour with the intent to provoke more secure ways of working across the organisation.
Trend 6: Vendor consolidation
Security technology convergence is accelerating, driven by the need to reduce complexity, reduce administration overhead and increase effectiveness. New platform approaches such as extended detection and response (XDR), security service edge (SSE) and cloud-native application protection platforms (CNAPP) are accelerating the benefits of converged solutions.
For example, Gartner predicts that by 2024, 30% of enterprises will adopt cloud-delivered secure web gateway (SWG), cloud access security broker (CASB), zero-trust network access (ZTNA) and branch office firewall as a service (FWaaS) capabilities from the same vendor. Consolidation of security functions will lower the total cost of ownership and improve operational efficiency in the long term, leading to better overall security.
Trend 7: Cybersecurity mesh
The security product consolidation trend is driving the integration of security architecture components. However, there is still a need to define consistent security policies, enable workflows and exchange data between consolidated solutions. A cybersecurity mesh architecture (CSMA) helps provide a common, integrated security structure and posture to secure all assets, whether they’re on-premises, in data centres or in the cloud.
Firstbrook makes it clear that top cybersecurity trends don’t exist in isolation; they build on and reinforce one another. “Taken together, they will help CISOs evolve their roles to meet future security and risk management challenges and continue elevating their standing within their organisations,” Firstbrook concluded.