Express Computer
Home  »  Guest Blogs  »  7 Top Cybersecurity Trends for 2023

7 Top Cybersecurity Trends for 2023

0 190

By Peter Firstbrook, Gartner, Inc.

Security and risk executives are at a critical moment, as the digital footprint of organizations expands, and centralized cybersecurity control becomes obsolete.

The pandemic response has accelerated hybrid work and the digitalization of business processes in the cloud, both of which introduce new security challenges. At the same time, sustained ransomware attacks, attacks on the digital supply chain, and deeply embedded vulnerabilities have exposed technology gaps and skills shortages.

To address these risks, the role of the chief security officer (CISO) needs to evolve into a corporate strategist who manages cyber risk rather than the “de facto’” accountable person for preventing breaches. The CISO is now responsible for ensuring business leaders have the capabilities and knowledge required to make informed, high-quality information risk decisions.

These seven top trends do not exist in isolation; they build on and reinforce one another. Taken together, these trends will help security and risk management leaders evolve their roles to meet future challenges and elevate their standing in their organizations.

No. 1: Attack surface expansion
Currently, 60% of knowledge workers are remote, and at least 18% will not return to the office. These changes in the way we work, together with greater use of public cloud, highly connected supply chains and use of cyber-physical systems have exposed new and challenging attack “surfaces.”

This leaves organizations more vulnerable to attack. Security leaders should look beyond traditional approaches to security monitoring, detection and response to manage a wider set of risks.

No. 2: Identity system defense
The more-sophisticated attackers are now actively targeting the indentity infrastructure itself. Misuse of credentials is now a primary method that attackers use to access systems and achieve their goals. For example, in the SolarWinds breach attackers used a supplier’s privileged access to infiltrate the target network.

Prioritizing the security of identity infrastructure with tools to monitor identity attack techniques is key to protect identity and access controls, detect when intrusions are occurring, and enable fast remediation.

No. 3: Digital supply chain risk
Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021.

Security and risk management leaders need to partner with other departments to prioritize digital supply chain risk and put pressure on suppliers to demonstrate security best practices.

No. 4: Vendor consolidation
Security technology convergence is accelerating driven by the need to reduce complexity, leverage commonalities, reduce administration overhead and provide more effective security. This is a is a welcome trend that should not only lower total cost of ownership and improve operational efficiency, but also lead to better overall security in the long term.

No. 5: Cybersecurity mesh
The cybersecurity mesh is a modern conceptual approach to security architecture that enables the distributed enterprise to deploy and integrate security to assets, whether they’re on premises, in data centers or in the cloud.

Gartner predicts that by 2024, organizations adopting a cybersecurity mesh architecture will reduce the financial impact of individual security incidents by an average of 90%.

No. 6: Distributed decisions
Executive leaders need a fast and agile cybersecurity function to support digital business priorities. However, as more aspects of the business are digitalized, the job is becoming too big for a centralized CISO role. Leading organizations are building the office of the CISO to enable distributed cyber judgment.

The CISO and the centralized function will continue to set policy, while cybersecurity leaders are placed in different parts of the organization to decentralize security decisions.

No. 7: Beyond awareness
Human error continues to feature in most data breaches, showing that traditional approaches to security awareness training are ineffective. Progressive organizations are moving beyond outdated compliance-based awareness campaigns and investing in holistic behavior and culture change programs designed to provoke more secure ways of working.

Peter Firstbrook is a VP Analyst at Gartner, Inc. where he advises clients on endpoint protection platforms, endpoint detection and remediation, extended detection and response and secure e-mail gateways

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
Enable A Truly Seamless & Secure Workplace.
Register Now
Attend Inida's Largest BFSI Technology Conclave!
Register Now
Know how to protect your company in digital era.
Register Now
Protect Your Critical Assets From Well-Organized Hackers
Register Now
Find Solutions to Maintain Productivity
Register Now
Live Webinar : Improve customer experience with Voice Bots
Register Now
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
Virtual Conference : Learn to Automate complex Business Processes
Register Now