According to Gartner, COVID-19 accelerates the transformation of digital businesses and challenges traditional cybersecurity practices, so security and risk management leaders are eight key players to enable rapid reinvention of the organization. You need to deal with trends.
In the opening keynote of the Gartner Security & Risk Management Summit at virtually APAC, Gartner Research Vice President Peter Firstbrook said these trends are addressing the lasting global challenges that all organizations are experiencing. I said there is.
“The first challenge is the skill gap. 80% of organizations say they have a hard time finding and hiring security professionals, and 71% impact their ability to deliver security projects within their organization. He says he is giving. ”
Other key challenges facing security and risk leaders in 2021 include complex geopolitical conditions and increasing global regulation, workspace and workload migration from traditional networks, and endpoint diversity. This includes explosive growth of locations, changing attack environments, and especially ransomware challenges. And business email infringement.
The next top trend represents the dynamics of business, markets and technology that are expected to have widespread impact and potential disruption to the industry.
Trend 1: Cyber Security Mesh
Cybersecurity mesh is a modern security approach that consists of deploying controls where you need them most. Rather than all security tools running in silos, cybersecurity meshes allow tools to interoperate by providing basic security services and centralized policy management and orchestration. Because many IT assets are outside traditional corporate boundaries, the cybersecurity mesh architecture allows organizations to extend security controls to distributed assets.
Trend 2: Identity First Security
For many years, the ideal vision was to have access to any user, anytime, anywhere (often referred to as the “identity as a new security perimeter”). During COVID-19, it is now a reality due to technological and cultural changes, now coupled with the majority of remote workforce. ID-first security puts ID at the center of security design and demands a major shift from traditional LAN edge design thinking.
“The SolarWinds attack showed that we weren’t doing a great job of managing and monitoring identities. Although we spent a lot of money and time on multi-factor authentication, single sign-on, and biometrics, Little is spent on effective monitoring of authentication to detect attacks on this infrastructure, “said Firstbrook.
Trend 3: Remotework security support continues
According to the 2021 Gartner CIO Agenda Survey, 64% of employees are now able to work from home. According to a Gartner survey, at least 30-40% will continue to work from home after COVID-19. For many organizations, this shift requires a complete restart of policies and security tools suitable for modern remote workspaces. For example, endpoint protection services need to be migrated to services offered in the cloud. Security readers should also review their data protection, disaster recovery, and backup policies to ensure that they work in remote environments as well.
Trend 4: Cyber-savvy board
In a Gartner 2021 board survey, directors rated cybersecurity as the second highest source of risk for businesses after regulatory compliance. Large companies are now beginning to set up dedicated cybersecurity committees at the board level, led by board members with security expertise or third-party consultants.
Gartner predicts that by 2025, 40% of boards will have a dedicated cybersecurity committee overseen by qualified board members. This is an increase from the current less than 10%.
Trend 5: Security Vendor Integration
According to Gartner’s 2020 CISO Validity Survey, 78% of CISOs have more than 16 tools in their cybersecurity vendor portfolio. 12% is over 46. Numerous security products within an organization increase complexity, integration costs, and staffing requirements. A recent Gartner survey found that 80% of IT organizations plan to consolidate vendors over the next three years.
“CISOs are keen to integrate the number of security products and vendors they have to deal with,” says Firstbrook.
“A small number of security solutions makes it easier to properly configure and respond to alerts and improve our security risk attitude,” he says.
“However, purchasing a broader platform can have downsides in terms of cost and implementation time. We recommend that you focus on TCO over time as a measure of success. “
Trend 6: Calculations that enhance privacy
Computational technologies that enhance privacy have emerged to protect data during use, not at rest or on the move, for secure data processing, sharing, cross-border transfer, and analytics in unreliable environments. Make it possible. Increasing implementations of fraud analysis, intelligence, data sharing, financial services (such as anti-money laundering), pharmaceuticals, and healthcare.
By 2025, Gartner predicts that 50% of large organizations will adopt privacy-enhancing calculations to process data in unreliable environments and use cases for multi-party data analytics.
Trend 7: Infringement and Attack Simulation
Infringement and Attack Simulation (BAS) tools are emerging to provide a continuous defensive posture
Challenge the limited visibility provided by annual point evaluations such as evaluation and penetration
test. Including the BAS as part of a regular security assessment by the CISO helps teams more effectively identify security gaps and prioritize security initiatives more efficiently.
Trend 8: Managing Machine IDs
Machine identity management aims to establish and manage trust in the identity of machines that interact with other entities such as devices, applications, cloud services, and gateways. Today, the number of non-human entities in an organization is increasing. In short, managing machine identities has become an important part of your security strategy.
Top Trends in Security and Risk Management in 2021
Source link Top Trends in Security and Risk Management in 2021