Monitoring crucial security and risk management tendencies: Gartner's insights
In the rapidly evolving digital landscape, the world of security and risk management is undergoing significant changes, with the pandemic serving as a catalyst for transformation.
Gartner, a leading research and advisory company, has identified a pressing need for many organisations to break free from LAN-centric security and move towards composable security services. This shift is driven by the increasing complexity of modern security threats and the need for more flexible, adaptable solutions.
One of the most concerning trends shaping security and risk management is the rise of ransomware threats. These malicious attacks, such as the SolarWinds hack, have demonstrated the potential for devastating consequences, with actors starting their attacks on local area networks (LAN) and then moving to critical systems like Active Directory and cloud platforms like Azure.
To combat these threats, companies are turning to breach and attack simulation tools. These innovative solutions allow for the testing of multiple attack paths and repeat testing throughout the year, providing valuable insights into potential vulnerabilities.
However, the transition to remote work has introduced new challenges. The physical security once provided by office environments is no longer present, necessitating a pivot in data privacy management. This is particularly true for identity infrastructure, which cybercriminals often target for privilege escalation.
To address these issues, companies are investing in privacy-enhancing computation tools, cloud access security brokers (CASB), and identity detection and response systems. These solutions help companies overcome privacy-, regulatory-, and data-secrecy hurdles, while also ensuring robust security in cloud-delivered services.
Moreover, the widening skills gap in security and risk management is a current trend. To bridge this gap, companies are increasing their cyber literacy by adding former CISOs and cyber consultants to their boards of directors.
Another notable change is the increasing adoption of remote and hybrid work arrangements. Gartner expects fully remote or hybrid workers to increase by 30% over the next couple of years, which means businesses will have more endpoints to secure. To manage this, companies are replacing on-premise software with cloud-based solutions, making it easier to focus on management and security in cloud-delivered services.
In response to these changes, companies are also creating matrices of policies for remote users to refer to, and adding cyber-specific committees to their boards of directors. Furthermore, the boards are also increasing their cyber literacy through the addition of former CISOs and cyber consultants.
In conclusion, the security and risk management landscape is evolving rapidly, with the pandemic serving as a catalyst for change. Companies must adapt to these changes, shifting towards composable security services, investing in privacy-enhancing tools, and focusing on identity detection and response to ensure their digital assets are secure.
