Gartner Group has identified the top trends and threats organisations need to address if they want to keep their expanding digital footprints protected in 2022. The analyst noted that the expanding digital footprint of organisations means that their strategies need to evolve. Threats such as ransomware are now more sophisticated, and more attacks are being made on the digital supply chain. At the same time, customers are trying to cope with the shift to the cloud, to hybrid working, and a shortage of skilled cybersecurity staff. To cope, they need to develop new responses to threats and rethink their security practices.
Gartner has identified seven important trends for 2022 that it says will have broad impact on the approach to cybersecurity.
Trend 1: Attack surface expansion
The risks associated with the use of ‘cyber-physical’ systems and IoT, open-source code, cloud applications, complex digital supply chains, and social media and more taken exposed surfaces outside the realm of control for many organisations. To counter this, they need to look beyond traditional approaches to security monitoring, detection and response.
Gartner says that new areas of focus here include digital risk protection services (DRPS), external attack surface management (EASM) technologies, and cyber asset attack surface management (CAASM). These technologies can be used to automate the discovery of security coverage gaps.
Trend 2: Digital supply chain risk
Cybercriminals have discovered that attacks on the digital supply chain can provide a high return on investment. Vulnerabilities such as Log4j showed the potential scale of the problem, and more threats are expected to emerge. Gartner predicts that, by 2025, 45% of organisations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021.
Countering this will require new approaches that involve more deliberate risk mitigation. The use of scoring, the requesting of evidence that security controls and best practices are in place, and a shift to resilience-based approaches, and efforts to get ahead of forthcoming regulations, will all be needed.
Trend 3: Identity threat detection and response
Gartner says that sophisticated threat actors are actively targeting identity and access management (IAM), and that credential misuse is now a primary attack vector. The firm has introduced the term ‘identity threat detection and response’ (ITDR) to describe the collection of tools and best practices needed to defend identity systems.
It notes that while much of the effort up to now has gone into improving IAM, much of this has been focused on user authentication – but this actually increases the attack surface of the foundational cybersecurity infrastructure. ITDR tools can be used to help protect identity systems, detect when they are compromised and enable efficient remediation.”
Trend 4: Distributing decisions
Needs and expectations are maturing, and security needs to be more agile. The scope, scale and complexity of digital business makes it necessary to distribute decision-making, responsibility, and accountability across the organisation and away from a centralised function.
The role of the ‘CISO’ (chief information security officer) has shifted from being a technical subject matter expert to that of executive risk manage as a result. In the future, Gartner says, a single, centralised cybersecurity function won’t be agile enough – power and decision-making will need to be elevated to board level.
Trend 5: Beyond awareness
Human error continues to be a factor in many data breaches, demonstrating that traditional approaches to security awareness training are ineffective. Gartner says that progressive organisations are investing in ‘holistic security behaviour and culture programmes’ (SBCPs), rather than compliance-centric awareness campaigns. Putting the focus on attitude and culture can foster new ways of thinking and embedding safer behaviour and more secure ways of working.
Trend 6: Vendor & technology consolidation
The need to reduce complexity, cut admin overheads and be more effective is driving convergence and consolidation in security. According to Gartner this is manifesting itself in new platform approaches – extended detection and response (XDR), security service edge (SSE) and cloud native application protection platforms (CNAPP) – that deliver broader benefits. Putting it simply, there will be more of a push to use one vendor for all digital security.
The analyst contends that this consolidation of security functions will lower TCO and improve long- term operational efficiency, and lead to better overall security. It predicts that by 2024, 30% of enterprises will adopt cloud-delivered secure web gateway (SWG), cloud access security broker (CASB), zero trust network access (ZTNA) and firewall-as-a-service (FWaaS) capabilities from the same vendor.
Trend 7: Cybersecurity mesh
Security product consolidation trend is driving integration of components. However, there is still a need to define consistent security policies, to enable workflows and allow for the exchange of data between consolidated solutions. Gartner’s belief is that cybersecurity mesh architectures (CSMA) will provide the common, integrated structure needed for all resources – on-premises, in data centres, or in the cloud.
A Gartner report “Top Trends in Cybersecurity 2022” provides more details. Also available is the 2022 Leadership Vision for Security & Risk Management Leaders e-book. The firm’s London Security & Risk Management Summit 2022, takes place between 12-14 September 2022.
Contact the Team
If you’d like to discuss your cybersecurity positioning and the challenges your customers face, you can contact the TD SYNNEX Security Practice by completing the form below.
