Potential weaponization of Off-the-Shelf (OT) technology, enactment of ransomware regulations, and predictions by Gartner for the year 2022.
In the wake of the pandemic, digital transformation has become a necessity for many companies. However, the security needed for cloud-based instances and workloads is still a concern, according to technology research and advisory firm Gartner.
Gartner has released its cybersecurity predictions for 2022, and one of the key trends is the use of privacy-enhancing computation techniques to handle data requests and comply with regulations. By 2023, Gartner expects 75% of the world's population to have data privacy protection due to legislation.
The firm also predicts that cybersecurity will be a dominant consideration in third-party risk. By 2025, 60% of organizations will use cybersecurity risk as a primary determinant in third-party business transactions, including mergers and acquisitions, vendors, or investments.
To address the growing need for cybersecurity, Gartner anticipates that nearly one-third of enterprises will adopt cloud-delivered secure web gateway, cloud access security brokers, zero trust network access technologies, and firewall as a service capabilities from the same vendor by 2024.
Another significant prediction is the expansion of global privacy laws, which organizations are advised to prepare for by adopting a third-party assurance program that focuses on risk assessments, ratings or certifications.
In terms of leadership, Gartner predicts that the qualified supervisory board member expected to be involved in a cybersecurity committee in 40% of companies by 2025 is commonly referred to as the "Cybersecurity Director" or "Chief Information Security Officer (CISO)". Following the SolarWinds hack, Gartner expects other companies to adopt a cyber-specific committee to their board of directors. By 2025, 40% of board of directors will have a cybersecurity committee, overseen by a qualified board member.
Gartner also warns that companies may break laws or invite repeat ransom attacks if they engage with rogue and threat actors without relevant stakeholders, insurers, or third-party negotiators.
As companies continue to grapple with the challenges of cybersecurity, Gartner recommends using GDPR principles as a foundational standard for leaders to get ahead of impending legislation. The firm also advises companies to review their resourcing profile to check the management systems of cyber-physical systems and maintain an up-to-date asset inventory to account for the IoT or platforms added to an environment.
In a statement, Sam Olyaei, director analyst at Gartner, stated that organizations are implementing controls the same way they did five years ago, and this cannot continue. He urges companies to adapt to the changing landscape of cybersecurity and prioritize resilience.
One area where resilience is particularly important is in operational technology (OT), where Gartner anticipates threat actors to successfully weaponize OT which results in human casualties by 2025. Companies that operate both IT and OT environments are advised to educate their OT engineers with an IT-like mindset.
Finally, Gartner predicts the adoption of mesh architecture, which could cut the cost of security incidents by 90% by 2024. This architecture, which involves connecting all devices in a network directly, could provide a more secure and efficient way of handling data and communications.
In conclusion, Gartner's 2022 cybersecurity predictions highlight the importance of privacy, resilience, and a proactive approach to cybersecurity. With the increasing complexity of digital environments and the growing threat of cyber attacks, it is crucial for organizations to stay ahead of the curve and invest in robust cybersecurity measures.
%20technology%2C%20enactment%20of%20ransomware%20regulations%2C%20and%20predictions%20by%20Gartner%20for%20the%20year%202022.){kind=link}