As companies transition to digital channels and a remote work model, new cybersecurity vulnerabilities are emerging — so much so that cybersecurity-related risk is rated as the second-highest source of risk for the enterprise, following regulatory compliance risk, in Gartner’s 2020 Board of Directors Survey. The IT research firm goes on to predict a paradigm shift in the cybersecurity ecosystem and has identified the top 8 cybersecurity trends that can help CISOs sleep more soundly:
With more and more assets as well as people now working outside the traditional security perimeter, Gartner expects a new approach — cybersecurity mesh architecture that allows organizations to extend security controls to distributed assets. Rather than every security tool running in a silo, a cybersecurity mesh enables tools to interoperate by providing foundational security services, and centralized policy management and orchestration.
Although the vision of Identity First — access for any user anytime, and from anywhere — has been around for a while, the concept emerged as Gartner’s top security trend for this year because the pandemic has pushed several organizations to go remote or hybrid. McKinsey analysts seem to agree and expect CISOs and cybersecurity-operations teams to accelerate adoption of next-generation identity and access tools.
Remote Workforce Security
Gartner’s 2021 CIO Agenda survey estimates that 61 percent of CIOs are increasing investment in cybersecurity as the shift to remote work is opening new attack surfaces. Gartner goes on to say that this shift requires a total reboot of policies and security tools. For example, endpoint protection services will need to move to cloud delivered services.
Large security breaches that made headlines and increased cybersecurity budgets have caught the attention of the boards of directors. By 2025, Gartner expects 40 percent of boards of directors to have a dedicated cybersecurity committee overseen by a qualified board member, up from less than 10 percent today.
As security breaches grow, so does the number of technologies designed to fight them. Peter Firstbrook, research vice president at Gartner says in a press release, “CISOs are keen to consolidate the number of security products and vendors they must deal with.” He believes that the large number of security products in organizations increases complexity, integration costs and staffing requirements.
Privacy-enhancing computation techniques are increasingly being leveraged to enable secure data processing, sharing, cross-border transfers and analytics in untrusted environments and multiparty data analytics use cases, according to Gartner. These include fraud analysis, intelligence, data sharing, financial services (such as anti-money laundering), pharmaceuticals and healthcare.
Breach and Attack Simulation
Breach and attack simulation tools are emerging to mimic real-world security threats and help businesses prepare incident response plans and discover potential vulnerabilities in their security systems. Gartner advises CISOs to include BAS in their regular security assessments to help their teams identify gaps in their security posture more effectively and prioritize security initiatives more efficiently.
Managing Machine Identities
As digital transformation accelerates, more and more computers, mobile phones, cloud servers, and Internet of Things devices need to securely access applications and independently talk to each other. And just like humans, machines also need to be authenticated to communicate securely with each other. Gartner expects managing machine identities to become a vital party of the strategy to secure digital transformation.