By Peter Firstbrook, Gartner, Inc.
Security and risk executives are at a critical moment, as the digital footprint of organizations expands, and centralized cybersecurity control becomes obsolete.
The pandemic response has accelerated hybrid work and the digitalization of business processes in the cloud, both of which introduce new security challenges. At the same time, sustained ransomware attacks, attacks on the digital supply chain, and deeply embedded vulnerabilities have exposed technology gaps and skills shortages.
To address these risks, the role of the chief security officer (CISO) needs to evolve into a corporate strategist who manages cyber risk rather than the “de facto’” accountable person for preventing breaches. The CISO is now responsible for ensuring business leaders have the capabilities and knowledge required to make informed, high-quality information risk decisions.
These seven top trends do not exist in isolation; they build on and reinforce one another. Taken together, these trends will help security and risk management leaders evolve their roles to meet future challenges and elevate their standing in their organizations.
No. 1: Attack surface expansion
Currently, 60% of knowledge workers are remote, and at least 18% will not return to the office. These changes in the way we work, together with greater use of public cloud, highly connected supply chains and use of cyber-physical systems have exposed new and challenging attack “surfaces.”
This leaves organizations more vulnerable to attack. Security leaders should look beyond traditional approaches to security monitoring, detection and response to manage a wider set of risks.
No. 2: Identity system defense
The more-sophisticated attackers are now actively targeting the indentity infrastructure itself. Misuse of credentials is now a primary method that attackers use to access systems and achieve their goals. For example, in the SolarWinds breach attackers used a supplier’s privileged access to infiltrate the target network.
Prioritizing the security of identity infrastructure with tools to monitor identity attack techniques is key to protect identity and access controls, detect when intrusions are occurring, and enable fast remediation.
No. 3: Digital supply chain risk
Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021.
Security and risk management leaders need to partner with other departments to prioritize digital supply chain risk and put pressure on suppliers to demonstrate security best practices.
No. 4: Vendor consolidation
Security technology convergence is accelerating driven by the need to reduce complexity, leverage commonalities, reduce administration overhead and provide more effective security. This is a is a welcome trend that should not only lower total cost of ownership and improve operational efficiency, but also lead to better overall security in the long term.
No. 5: Cybersecurity mesh
The cybersecurity mesh is a modern conceptual approach to security architecture that enables the distributed enterprise to deploy and integrate security to assets, whether they’re on premises, in data centers or in the cloud.
Gartner predicts that by 2024, organizations adopting a cybersecurity mesh architecture will reduce the financial impact of individual security incidents by an average of 90%.
No. 6: Distributed decisions
Executive leaders need a fast and agile cybersecurity function to support digital business priorities. However, as more aspects of the business are digitalized, the job is becoming too big for a centralized CISO role. Leading organizations are building the office of the CISO to enable distributed cyber judgment.
The CISO and the centralized function will continue to set policy, while cybersecurity leaders are placed in different parts of the organization to decentralize security decisions.
No. 7: Beyond awareness
Human error continues to feature in most data breaches, showing that traditional approaches to security awareness training are ineffective. Progressive organizations are moving beyond outdated compliance-based awareness campaigns and investing in holistic behavior and culture change programs designed to provoke more secure ways of working.
Peter Firstbrook is a VP Analyst at Gartner, Inc. where he advises clients on endpoint protection platforms, endpoint detection and remediation, extended detection and response and secure e-mail gateways