Savvy enterprise security and risk management leaders will continue to protect their organizations against new and emerging threats in 2022 and beyond, according to the latest global market study findings by Gartner.
"Organizations worldwide are facing sophisticated ransomware, attacks on the digital supply chain and deeply embedded vulnerabilities," said Peter Firstbrook, vice president at Gartner.
The pandemic accelerated remote work adoption, challenging the Chief Information Security Officer (CISO) to secure the distributed workforce -- while dealing with a shortage of skilled IT security staff.
These big challenges create three overarching trends impacting cybersecurity practices: new responses to sophisticated threats; the evolution and reframing of an IT security practice; and rethinking business technology protection.
IT Security and Risk Apps Market Development
According to the Gartner assessment, the following IT security and risk-related issues will have a significant impact across those three domains. Digital transformation projects will likely drive change.
Enterprise attack surfaces are expanding. Risks associated with the use of cyber-physical systems and the Internet of Things (IoT), open-source code, cloud computing applications, and complex digital supply chains exposed surfaces outside of IT controllable assets.
As a result, organizations must now look beyond traditional approaches to security monitoring, detection, and response to manage a wider set of IT security exposures.
Digital risk protection services (DRPS), external attack surface management (EASM) technologies, and cyber asset attack surface management (CAASM) will support CISOs in visualizing internal and external business systems, automating the discovery of security coverage gaps.
Global cybercriminals have discovered that attacks on the digital supply chain can provide a high return on investment. As vulnerabilities such as Log4j spread through the supply chain, more threats are expected to emerge.
In fact, Gartner predicts that by 2025, 45 percent of organizations worldwide will have experienced attacks on their software supply chains -- that's a three-fold increase from 2021.
Digital supply chain risks demand new mitigation approaches that involve more deliberate risk-based vendor or partner segmentation and scoring, requests for evidence of security controls and best practices, a shift to resilience-based thinking, and efforts to get ahead of forthcoming government regulations.
Sophisticated threat actors are actively targeting identity and access management (IAM) infrastructure, and credential misuse is now a primary attack vector. Gartner introduced the term “identity threat detection and response” (ITDR) to describe the collection of tools and best practices to defend identity systems.
"Organizations have spent considerable effort improving IAM capabilities, but much of it has been focused on technology to improve user authentication, which actually increases the attack surface for a foundational part of the cybersecurity infrastructure," said Firstbrook.
Gartner's analysts believe that ITDR tools can help protect identity systems, detect when they are compromised, and enable efficient remediation of ongoing security threats.
Meanwhile, enterprise cybersecurity needs and expectations are maturing, and senior executives now require more agile security amidst an expanding IT infrastructure attack surface.
Thus, the scope, scale, and complexity of digital business make it necessary to distribute cybersecurity decisions, responsibility, and accountability across the organization units and away from a centralized function.
"The CISO role has moved from a technical subject matter expert to that of an executive risk manager," said Firstbrook.
By 2025, a single, centralized cybersecurity function will not be agile enough to meet the needs of digital organizations. CISOs must reconceptualize their responsibility matrix to empower Boards of Directors, CEOs, and other senior business leaders to make their own informed risk decisions.
Human error continues to be a factor in many data breaches, demonstrating that traditional approaches to "security awareness" training are ineffective. Progressive organizations are investing in holistic security behavior and culture programs (SBCPs), rather than outdated compliance-centric security awareness campaigns.
An SBCP focuses on fostering new ways of thinking and embedding new employee behaviors with the intent to provoke more secure ways of working across the typical enterprise organization.
Furthermore, security technology convergence is accelerating, driven by the need to reduce complexity, reduce administration overhead and increase the effectiveness of IT defense methodologies.
New platform approaches such as extended detection and response (XDR), security service edge (SSE), and cloud-native application protection platforms (CNAPP) are accelerating the benefits of converged solutions.
For example, Gartner predicts that by 2024, 30 percent of enterprises will adopt cloud-delivered secure web gateway (SWG), cloud access security broker (CASB), zero-trust network access (ZTNA), and branch office firewall as a service (FWaaS) capabilities from the same vendor.
It's predicted that the consolidation of IT security functions will lower the total cost of ownership and improve operational efficiency in the long term, leading to better overall security outcomes.
The security product consolidation trend is driving the integration of security architecture components. However, there is still a need to define consistent security policies, enable workflows, and exchange data between consolidated solutions.
A cybersecurity mesh architecture (CSMA) helps provide a common, integrated security structure and posture to secure all assets, whether they’re on-premises, in data centers, or within the public cloud.
Outlook for IT Security and Risk Applications Growth
“Gartner’s top cybersecurity trends don’t exist in isolation; they build on and reinforce one another," concludes Firstbrook. "Taken together, they will help CISOs evolve their roles to meet future security and risk management challenges and continue elevating their standing within their organizations."
That said, I anticipate large enterprise demand for qualified IT security practitioners will continue to rise. That growth trend will increase the rate of IT staff training and certification, in order to upskill more members of the IT infrastructure and operations team.
Besides, I predict that access to IT cybersecurity professional services will be a requirement for all IT vendors that are trusted advisors to their enterprise customers. This skill set is essential for CIOs and CHROs that need qualified and experienced guidance for their secure remote working enablement process.