Seven Trends in Security and risk Management in 2022

Gartner says security and risk management leaders must address seven trends to protect the expanding digital footprint of modern organizations from new threats in 2022 and beyond.

These challenges have led to three general trends that affect network security practices:

1. New responses to complex threats.

two。 The evolution and reconstruction of security practice.

3. A rethinking of technology.

The following trends will have a broad impact on the industry in these three areas.

Trend 1: expansion of attack area

The attack area of enterprises is expanding. The risks caused by the use of network-physical systems and the Internet of things, open source code, cloud applications, complex digital supply chains, social media, etc., expose organizations beyond the scope of their controllable assets. Enterprise organizations must adopt more advanced methods than traditional security monitoring, detection and response to manage a wider range of security risks.

Digital risk Protection Services (DRPS), external attack Surface Management (EASM) technology, and Network Asset attack Surface Management (CAASM) will help the Chief Information Security Officer visualize internal and external business systems and automatically detect security gaps.

Trend 2: digital supply chain risk

Cyber criminals have found that attacking digital supply chains can yield high returns. As vulnerabilities such as Log4j spread through the supply chain, more threats are expected. Gartner predicts that 45 per cent of global organizations will be attacked by software supply chains by 2025, a threefold increase from 2021.

To reduce the risk of digital supply chains, organizations need to adopt new responses, including more prudent, risk-based vendor / partner segmentation and scoring, requirements for proof of security controls and best practices, a shift to flexible thinking, and efforts to stay ahead of upcoming regulations.

Trend 3: identity threat Detection and response

Savvy threat initiators are actively targeting identity and access management (IAM) infrastructure through certificate abuse. Gartner coined the term identity threat Detection and response (ITDR) to describe a collection of tools and best practices for protecting identity systems.

Firstbrook said: "Enterprise organizations have put a lot of effort into improving IAM capabilities, but most of them are focused on improving user authentication technology, which actually expands the scope of attack on the basic components of the network security infrastructure. ITDR tools can help protect identity systems, detect when they are compromised, and take effective remedial measures. "

Trend 4: distributed decision-making

The network security needs and expectations of enterprises are becoming more and more mature, and as the attack surface expands, executives need more agile security measures. Therefore, in order to meet the scope, scale and complexity of digital business, it is necessary to distribute the network security decision-making, responsibility and accountability system to the whole enterprise to avoid the centralization of functions.

"the role of the chief information security officer has changed from a technology specialist to an executive risk manager," said Firstbrook. By 2025, a single, centralized network security function will not be able to meet the needs of digital enterprises. The chief information security officer must re-recognize his responsibilities and help boards, CEOs and other business leaders make informed risk decisions. "

Trend 5: beyond safety awareness training

Many data leaks are still caused by human errors, which proves that traditional security awareness training methods are ineffective. Advanced corporate institutions are investing in the overall safe Conduct and Culture Program (SBCP) to replace outdated compliance-centric safety awareness campaigns. The overall safe behavioural and cultural programme focuses on fostering new ways of thinking and behaviour that lead to safer working practices throughout the enterprise.

Trend 6: vendor merger

Driven by the need to reduce complexity, reduce management overhead, and improve effectiveness, security technology is accelerating convergence. New platform strategies such as extended Inspection and response (XDR), Security Services Edge (SSE), and Cloud Native Application Protection platform (CNAPP) are accelerating the benefits of converged solutions.

For example, Gartner predicts that by 2024, 30 percent of enterprises will adopt cloud secure network gateways (SWG), cloud access security proxies (CASB), zero trust network access (ZTNA), and branch firewall as a service (FWaaS) features provided by the same vendor. The integration of security functions will reduce the total cost of ownership, improve long-term operational efficiency, and then improve the overall safety factor.

Trend 7: network Security Grid

The trend towards integration of security products is driving the integration of security architecture components, but enterprises still need to define unified security policies, enable workflows, and exchange data between integrated solutions. The Network Security Grid Architecture (CSMA) helps to provide a common integrated security architecture and posture to secure all local, data center, and cloud assets.

Firstbrook said: "the main network security trends released by Gartner do not exist in isolation, but are interdependent and enhanced. Together, they will help chief information security officers drive the evolution of their roles to address future security and risk management challenges and continue to enhance their position in the enterprise. "

Source: Gartner