Linchakin

Gartner: 8 security trends facing the enterprise

 October 20, 2021     No comments   

As organizations become less centralized they face new security challenges that require new ways of addressing threats that will change the basic fabric of network security, according to Gartner analysts.

A persistent challenge adapting to these changes is the skills gap--finding IT pros with the technical know-how to meet evolving security issues, Peter Firstbrook, Gartner vice president and anayst told attendees at Gartner IT Symposium/Xpo 2021 Americas.

“Cybersecurity teams are being asked to secure countless forms of digital transformation and other new technologies, and if they don’t have those skilled practitioners they move toward managed or cloud-delivered services where they might not have as much control as they’d like,” Firstbrook said.

At the same time, attackers are becoming more persistent, with ransomware attacks and corporate phishing exploding. These adversaries are also becoming more professional, offering cyber attacks as a service, which lowers the barriers to becoming an attacker and greatly increases their number, Firstbrook said.

With that as a backdrop, Gartner detailed what its research shows are the top eight trends in security and risk management.

Remote/hybrid work is the new normal

The percentage of remote or hybrid workers will increase 30% over next couple years, which will lead to organizations hiring skilled workers regardless of where they live, which could be a business advantage, Firstbrook said. But this new workforce brings new sets of security challenges. On-prem security tools and hardware will no longer be practical or sufficient, promoting a shift to security in the cloud, which gives organizations visibility and control regardless of where the endpoint is, Firstbrook said. 

Cyber-security mesh architecture

The use of an overarching cybersecurity mesh architecture (CSMA) that will let distributed enterprises deploy and extend security where it’s most needed was also among Gartner’s top technology trends for 2022. Gartner said the CSMA is a composable approach to security that will bring integrated tools with common interfaces and APIs into the security process as well as  centralized management, analytics, and intelligence about what is going on across the enterprise. It can also push out policies to users and services that are being accessed. 

“Distributed organizations will need to rethink their security architecture,” Firstbrook said. “Many companies are still focused on LAN or network centric security, and they need to break out of that mold and make security much more composable and locate security where the asset is." Siloed security doesn’t work any more either. Companies can’t have email security separate from Office 365 security, for example, so much more integrated controls are needed, he said.

Security product consolidation

Gartner research shows that in the next three years, 80% of IT organizations plan to adopt strategies to consolidatate their security vendors, Firstbrook said. Those plans aren’t to lower costs but to improve their risk posture and reduce the time it takes to respond to incidents. In Gartner’s 2020 CISO Effectiveness Survey, 78% of CISOs said they had 16 or more tools in their cybersecurity vendor portfolio and 12% have 46 or more. Too many security vendors results in complex security operations. Going forward Gartner recommends organizations set a guiding principle for the acquisition of new products and develop metrics to measure a consolation strategy. Start with easy consolidation targets and be patient, Firstbrook said, as it takes three to five years for large organizations to to effectively consolidate.

Identity-first security

Identity control is now imperative, Firstbrook said, so organizations must invest in the technology and skills for modern identity and access management. Organizations can no longer define their nework perimeter as where their assets meet a public network, Firstbrook said. Now 80% of corporate traffic doesn't go over the corporate LAN, and many times companies don’t own the underlying infrastructure. The only thing they do own is identity, but that is where adversaries are looking to attack, he said. Companies need to treat identity policy, process, and monitoring as comprehensively as traditional LAN controls. They also need to focus on the remote worker and cloud computing, Firstbrook said. 

Machine-identity management

Closely related to identity-first security is the ability to control access from machines such as IoT devices and other connected equipment. Firstbrook recommended organizations establish a machine-identity management program to assess the different tools that might handle the task in their particular environments.

Breach and attack simulation (BAS) tools

Tools are coming to market that let enterprises simulate attacks and breaches in order to assess their network-defenses. The results can reveal choke points and paths where attackers might move laterally across the enterprise. After the enterprise has addressed these weaknesses, retesting can demonstrate whether the fixes are effective.

Privacy-enhancing computation

Privacy-enhancing computation (PEC) techniques are emerging that protect data while it’s being used as opposed to when it’s at rest or in motion. This can enable secure data processing, sharing, cross-border transfers, and analytics, even in untrusted environments. One such PEC technique is homomorphic encryption, which allows performing computation on the data without decrypting it. Firstbrook said organizations should start investigating PEC products to determine the right technologies for their particular use cases.

Boards are adding cybersecurity

Boards are hiring risk-assessment experts to help them evaluate threats at a corporate, level, so CISOs shoud try to optimize network security in a business context.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Adblock test (Why?)


You may be interested in:
>> Is a Chromebook worth replacing a Windows laptop?
>> Find out in detail the outstanding features of Google Pixel 4a
>> Top 7 best earbuds you should not miss

Related Posts:
>> Recognizing 12 Basic Body Shapes To Choose Better Clothes
>>Ranking the 10 most used smart technology devices
>> Top 5+ Best E-readers: Compact & Convenient Pen
  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg
Email ThisBlogThis!Share to XShare to Facebook

Related Posts:

  • Wake me up till SAS summit ends What do cyberthreats, Kubernetes and donuts have in common – except that all three end in “ts”, that is? All these topics will be mentioned during th… Read More
  • WebStorm 2021.2.2 Crack + Keygen [Latest-2021]WebStorm 2021 Activation Code & Crack For Win/Mac WebStorm 2021.2.2 Crack Build 212.5284.41 is the one and only perfect Java editing tool t… Read More
  • PhpStorm 2021.2.2 Crack With Activation Code [Latest 2021]PhpStorm 2021.2.2 Crack + License Keys [Mac/Win/Linux] PhpStorm 2021.2.2 Crack full download here is an Integrated Development Environment for PHP d… Read More
  • EVGA Releases the X570 Dark: First Ryzen Motherboard from EVGA, Built for OC Back in July, we reported that EVGA was teasing its first AMD-based motherboard since the AM2+ days. Fast forward to now, and that dream of an EVGA … Read More
  • Infographic reveals the world's most hated brands ByDaniel Piper NewsSome of the results will surprise you.Brands love to pretend to be your best friend, but it takes a lot for a company to foster trust and goodwill. And as any brand that's been on the rece… Read More
Newer Post Older Post Home

0 Comments:

Post a Comment


Copyright © 2025 Linchakin | Powered by Blogger
Design by Hardeep Asrani | Blogger Theme by NewBloggerThemes.com | Distributed By Gooyaabi Templates