Gartner has identified six emerging security and risk management trends which it says security leaders should take advantage of in order to improve their organisation’s resilience while elevating their own standing.
Trend 1: Senior business executives are finally becoming aware that cybersecurity has a significant impact on the ability to achieve business goals and protect corporate reputation
“Business leaders and senior stakeholders at last appreciate security as much more than just tactical, technical stuff done by overly serious, unsmiling types in the company basement,” said Peter Firstbrook, research vice president at Gartner. "Security organisations must capitalise on this trend by working closer with business leadership and clearly linking security issues with business initiatives that could be affected.”
Trend 2: Legal and regulatory mandates on data protection practices are impacting digital business plans and demanding increased emphasis on data liabilities
“It's no surprise that, as the value of data has increased, the number of breaches has risen too,” said Firstbrook. “In this new reality, full data management programmes – not just compliance – are essential, as is fully understanding the potential liabilities involved in handling data.”
Trend 3: Security products are rapidly exploiting cloud delivery to provide more-agile solutions
“Avoid making outdated investment decisions,” said Firstbrook. “Seek out providers that propose cloud-first services, that have solid data management and machine learning (ML) competency, and that can protect your data at least as well as you can."
Trend 4: Machine learning is providing value in simple tasks and elevating suspicious events for human analysis
“Look at how ML can address narrow and well-defined problem sets, such as classifying executable files, and be careful not to be suckered by hype,” said Firstbrook. “Unless a vendor can explain in clear terms how its ML implementation enables its product to outperform competitors or previous approaches, it's very difficult to unpack marketing from good ML.”
Trend 5: Security buying decisions are increasingly based on geopolitical factors along with traditional buying considerations
“It's vital to account for the geopolitical considerations of partners, suppliers and jurisdictions that are important to your organisation,” said Firstbrook. “Include supply chain source questions in RFIs, RFPs and contracts.”
Trend 6: Dangerous concentrations of digital power are driving decentralisation efforts at several levels in the ecosystem
“Evaluate the security implications of centralisation on the availability, confidentiality and resiliency of digital business plans,” said Firstbrook. “Then, if the risks of centralisation could seriously threaten organisational goals, explore an alternative, decentralised architecture.”