What does the cybersecurity landscape look like for 2023
I took a look at what Gartner had to say.
1: Cybersecurity mesh
This is a phrase coined by Gartner analysts and it’s likely we will be hearing a lot more about it in the future. In short it is a,”modern conceptual approach to security architecture that enables the distributed enterprise to deploy and extend security where it’s most needed.”
Traditionally most companies use a range of security solutions to address specific security risks, it can result in complex architectures that are difficult to monitor and manage. A CSMA or cybersecurity mesh architecture can certainly help companies get around the issue of siloed security practices to take a more flexible, composable and collaborative approach. This means scalability can happen faster without security compromise.
2: Cyber-savvy boards
Gartner says “with an increase in very public security breaches and increasingly common business disruptions due to ransomware, boards are paying more attention to cybersecurity. They recognize it as a huge risk to enterprises and are forming dedicated committees that focus on cybersecurity matters, often led by a board member with security experience (such as a former chief information security officer [CISO]) or a third-party consultant.”
I agree, and while this level of board attention might only have been imposed in recent years because cyber attack have grown more sophisticated, it is most welcome. With that in mind security professionals need to be ready with answers when the savvy board comes calling!
3: Vendor consolidation
Gartner found that CISOs have too many tools at their disposal in their vendor portfolios. This means having, “too many security vendors results in complex security operations and increased security headcount.”
It might seem like one of the main motivators for simplifying in this manner, is cost. But for many organizations it is not the case, increasing operational efficiency and creating a more homogenized security stack is. There is clearly an appetite for vendor consolidation as the stats show an increase from 29% in 2020 to 75% in 2022.
4: Identity-first security
Since the pandemic pushed many organizations towards remote and hybrid work, it also has meant identity-first security needed focus (especially as misused credentials is one of the top techniques used in breaches). There has been increase in the number of machine identities and applications necessary for an organization to communicate and operate.
I concur that “identity infrastructure must be properly configured, maintained and monitored with an elevated importance.” But I would caution that the new credentials are user friendly so that employees do not try to circumvent their company’s security policies.
5: Managing machine identities becoming a critical security capability
“As digital transformation progresses, there has been an explosive growth in the numbers of nonhuman entities that make up modern applications. Therefore, managing machine identities has become a vital part of security operations.” Agreed. APIs which connect services in modern applications can represent a security vulnerability. If attackers use that API to access data then that conduit needs management. Gartner suggests that, “an enterprisewide strategy for managing machine identities, certificates and secrets will enable your organization to better secure its digital transformation.”
6: “Remote work” is now just “work”
The 2021 Gartner CIO Survey states that 64% of employees are now able to work from home, and two-fifths actually are working from home. They say “what was once only available to executives, senior staff and sales is now mainstream. The movement to hybrid (or remote work) is a durable trend with more than 75% of knowledge workers expecting future hybrid work environments.”
What does this actually mean? Outside of a protected office environment a significant security risk exists. This means taking a closer look at existing protocols and overhauling or revising them.
7: Breach and attack simulation
Breach and attack simulations (BAS) are an advanced computer security testing method whereby simulations identify vulnerabilities in security environments by mimicking the likely attack paths and techniques used by malicious players. BAS is certainly a good way to test an organization’s security posture when it comes to external threat. In many ways these simulations are very much like continuous automated pen test.
Gartner says, BAS “also offers specialized assessments and highlights the risks to high-value assets like confidential data. BAS provides training to enable security organizations to mature.”
8: Privacy-enhancing computation techniques
“Privacy-enhancing computation techniques that protect data while it’s being used — as opposed to while it’s at rest or in motion — enable secure data processing, sharing, cross-border transfers and analytics, even in untrusted environments.”
Definitely. These techniques will rapidly be embraced to manage PII and other critical data, reducing the risk level faced by an organization. As Gartner states this technology really does have the capability to deliver “real value, enabling new forms of computing and sharing with reduced risk of data breaches.”