This year’s security and risk developments according to GARTNER included cybersecurity mesh, security-savvy boards of directors, and remote working.
As cybersecurity and regulatory compliance have risen to the top of business boards’ priorities, some are hiring cybersecurity specialists to examine security and risk issues.
Adding a cybersecurity specialist to the board of directors is one of eight Gartner security and risk trends for 2021, many of which are being fueled by recent events like security breaches and the COVID-19 outbreak.
TREND NR.1 : Cybersecurity mesh
The cybersecurity mesh is a new idea in security architecture that allows a distributed organization to install and expand protection where it’s required the most.
COVID-19 advanced digital business, but it also accelerated the trend of many digital assets — and people — being increasingly situated outside of traditional organizational infrastructure. In addition, cybersecurity professionals are being tasked with securing a slew of new technologies and digital transformations. This necessitates security choices that are flexible, agile, scalable, and composable, allowing the company to move forward while being safe.
TREND NR.2 : Cyber-savvy boards
Boards are paying greater attention to cybersecurity as a result of an increase in highly publicized security incidents and increasingly sophisticated security settings. They see it as a significant risk to the company and are creating specialized committees to examine cybersecurity issues, which are usually chaired by a board member with security experience (such as a previous CISO) or a third-party consultant.
As a result, the CISO of the company may expect more scrutiny and expectations, as well as more assistance and resources. As a result, CISOs will need to enhance their communication skills and expect harsher inquiries from the board.
TREND NR.3 : Vendor consolidation
The truth of today’s security is that security executives have far too many tools at their disposal. According to Gartner’s 2020 CISO Effectiveness Survey, 78 percent of CISOs have 16 or more cybersecurity vendor products in their portfolio, while 12 percent have 46 or more. When there are too many security suppliers, security operations become more complicated, and security manpower rises.
Most businesses see vendor consolidation as a way to save money and improve security, with 80 percent of businesses interested in pursuing a vendor consolidation plan. Large security companies are reacting by developing more integrated products. Consolidation, on the other hand, is difficult and takes years to implement. Although decreased costs are sometimes cited as a driving force behind this movement, more streamlined processes and reduced risk are frequently more feasible.
TREND NR.4 : Identity-first security
Identity as the new perimeter became a trend as a result of a perfect storm of events, including COVID-19, which resulted in remote work and technical and cultural transformations. For a long time, identity-first security was regarded the gold standard, but many companies stayed in more traditional settings, so it wasn’t a priority.
Now that the epidemic has forced companies to become entirely (or largely) remote, it’s more important than ever to handle this trend. As a result of these technological and cultural developments, “identity first security” is now the standard operating procedure for all information workers, whether they are remote or office-bound.
Trend NR. 5: Managing machine identities as a critical security capability
As companies embrace digital transformation, they will encounter an increasing number of nonhuman entities, making machine identity management a critical component of their security strategy. Workloads (i.e. containers, apps, services) and devices (mobile devices, desktop PCs, IoT/OT devices) are included in machine IDs (as opposed to human identities).
Establishing an enterprise-wide strategy for managing machine IDs, certificates, and secrets will help the company to better protect digital transformation as the number of devices grows – and continues to expand.
Trend NR. 6: Remote working is now just work
According to the Gartner CIO Survey for 2021, 64 percent of workers can now work from home, with two-fifths actually doing so. As a consequence of COVID-19, what was previously only available to CEOs, senior staff, and sales is now broadly available, with intentions to permanently move certain employees to remote work following the epidemic. To further reduce the risks, this necessitates a complete reset of policies, tools, and permitted computers from a security standpoint.
Trend NR. 7: Breach and attack simulation
A new market is forming to assist businesses in validating their security posture. Breach and attack simulation (BAS) provides continuous testing and validation of security measures, as well as specialized evaluations and emphasizing the dangers to high-value assets such as sensitive data. In addition, BAS provides training to help security businesses grow.
These tools will assist in quickly identifying flaws with security measures’ efficacy, setup difficulties, and detection capacity. The ability to conduct this type of analysis frequently and across a variety of attack methods allows for more accurate security evaluations in real time.
Trend NR. 8: Privacy-enhancing computation techniques
PEC methods are developing that safeguard data while it is being utilized, rather than while it is at rest or in motion, to enable secure data processing, sharing, cross-border transfers, and analytics, even in untrustworthy contexts.
This technology is fast evolving from academic research to real-world initiatives that offer actual benefit, allowing for new types of computing and sharing while lowering the danger of data breaches.