The shift to remote work and cloud-computing services has made it harder to secure businesses from attack, especially in the face of ongoing shortages of skilled security staff, according to Gartner. But that's just part of the change the tech analyst firm foresees in the security landscape.
"Organizations worldwide are facing sophisticated ransomware, attacks on the digital supply chain and deeply embedded vulnerabilities," said Peter Firstbrook, research vice president at Gartner. The analyst firm said that new challenges can be divided into three main groups: new responses to sophisticated threats; the evolution of security practices; and rethinking technology.
Attack surface expansion
In particular, Gartner warned that enterprise attack surfaces -- the sum of the systems and access points that organisations need to defend -- are expanding. It points to risks associated with the Internet of Things, open-source code, cloud applications and complex software supply chains, and warns these have "brought organizations' exposed surfaces outside of a set of controllable assets". Organizations must look beyond traditional approaches to security monitoring, detection and response to manage a wider set of security exposures, said Gartner.
Digital supply chain risks
Attacks on the software supply chain are hard to spot because companies often have few ways of checking software updates and have to take them on trust. Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains.
"Digital supply chain risks demand new mitigation approaches that involve more deliberate risk-based vendor/partner segmentation and scoring, requests for evidence of security controls and secure best practices, a shift to resilience-based thinking and efforts to get ahead of forthcoming regulations," the analyst noted.
Identity threat detection and response
Sophisticated threat actors are actively targeting identity and access management infrastructure, and credential misuse is now a primary attack vector. That's why companies are regularly urged to upgrade to multi-factor authentication, which makes it harder to use stolen or forged usernames and passwords. But Gartner warns that companies still need to do more to protect identity systems in order to detect when they are compromised and enable efficient remediation.
Enterprise cybersecurity needs and expectations are maturing, and that means the chief information security officer can't do it all. Instead, cybersecurity decisions will have to be shared more broadly. Gartner predicts that at least 50% of C-level executives will have performance requirements related to cybersecurity risk built into their employment contracts by 2026, while a single, centralized cybersecurity function will not be agile enough to meet the needs of digital organizations.
Gartner also listed three other trends:
cybersecurity mesh architecture
The analysts also said that because human error continues to be a factor in many data breaches, this shows that traditional approaches to security awareness training are ineffective; organisations need to go 'beyond awareness' to invest in broader security behavior and culture programs. Organisations also need to be aware of ongoing security vendor consolidation and the emergency of new concepts such as cybersecurity mesh architecture, which helps companies to create an integrated security structure and posture to secure all assets, whether they're on-premises, in data centers or in the cloud.