Gartner releases important cybersecurity trends for 2023

Security leaders must put people first and build effective cybersecurity programs

April 20, 2023 – Security and risk management (SRM) leaders must rebalance their organizations’ investments in technology and people based on nine industry trends as they develop and implement cybersecurity programs, Gartner said.

Richard Addiscott, senior research director at Gartner, said: "Human-centered cybersecurity principles are key to reducing security failures. Adhering to human-centeredness in the process of designing and implementing controls, actively communicating with business units and implementing cybersecurity talent management can help Improve business risk decisions and improve cybersecurity talent retention.”

To address cybersecurity risks and maintain an effective cybersecurity program, SRM leaders must focus on the following three key areas: (1) Leveraging the critical role of talent in the success and continuation of security programs; (2) Development can improve the entire enterprise organization Security technology capabilities for digital ecosystem visibility and responsiveness; (3) Reconstructing the way security functions operate to achieve agility without compromising security.

The following nine trends will have broad implications for SRM leaders in these three areas: 

Trend 1: Human-centered security design

Employ human-centered design principles to prioritize the role of employee experience throughout the controls management lifecycle. By 2027, 50% of large enterprise chief information security officers (CISOs) will adopt human-centered security design principles to minimize cybersecurity operational friction and drive the adoption of controls wherever possible.

Addiscott said: “Traditional security awareness programs have failed to reduce unsafe employee behaviors. CISOs must re-examine past cybersecurity incidents, identify the main sources of friction in cybersecurity operations, and determine how to implement controls while More humane care to reduce the burden on employees, or remove controls that increase friction but fail to effectively reduce risk.” 

Trend 2: Improving talent management to ensure the sustainability of safety programs

In the past, cybersecurity leaders have always focused on improving the technology and processes behind security programs and paid less attention to the specific implementers. In order to attract and retain talent, many chief information security officers adopt a people-centered talent management approach to promote the increasing maturity of security functions and technologies. Gartner predicts that by 2026, in order to solve systemic network security and recruitment problems, 60% of enterprises will shift from external recruitment to "quiet recruitment" to find the required talents within the enterprise.

Trend 3: Transforming network security operating models and promoting value creation

Technology is moving from central IT departments to business lines, functional departments, converged teams and individual employees. A Gartner survey found that 41% of employees are engaged in some kind of technology job, and this trend is expected to continue to deepen over the next five years.

Addiscott said: "Business leaders today generally believe that cybersecurity risks have become the number one business risk that needs to be taken seriously, rather than just a technical problem to be solved. Supporting and accelerating business results is both a core goal of cybersecurity efforts and a A major challenge.”

CISOs must adapt their cybersecurity operating models to achieve their goals through a comprehensive approach. Employees must understand how to balance risks in cybersecurity, financial, reputational, competitive, legal, and more. Cybersecurity must also be linked to business value, with program effectiveness measured and reported in terms of business outcomes and key objectives.

Trend 4: Threat Exposure Management

The attack surface faced by modern enterprises is very complex, causing security personnel to be physically and mentally exhausted. CISOs must improve their assessment methods and implement a Continuous Threat Exposure Management (CTEM) program to understand threat exposure. Gartner predicts that by 2026, organizations that prioritize security investments based on CTEM programs will be able to reduce security breaches by two-thirds.

"Chief information security officers must continually refine their threat assessment methods to match the organization's evolving work methods," Addiscott said. "CTEM methods should not be used solely to assess technical vulnerabilities."

Trend 5: Identity Weaving Immunity

Vulnerabilities in identity infrastructure arise from incomplete, misconfigured, or fragile elements in the identity weave. By 2027, organizations will rely on identity weaving immunity principles to block 85% of new attacks, thereby reducing the financial impact of security breaches by 80%.   

"Identity weaving immunity not only protects existing and new identity and access management (IAM) components with identity threat detection and response (ITDR), but also hardens identity weaving through completeness and proper configuration," Addiscott said.

Trend 6: Cybersecurity Verification

Cybersecurity verification brings together technologies, processes, and tools designed to verify how potential attackers exploit known threat exposures. Tools that support cybersecurity verification have made significant advances, automating repeatable and predictable assessments and enabling routine benchmarking of attack techniques, security controls, and processes. By 2026, more than 40% of organizations, two-thirds of which will be mid-sized enterprises, will rely on integrated platforms to perform cybersecurity verification assessments.

Trend 7: Cybersecurity platform integration

As organizations look to streamline operations, vendors are consolidating platforms around one or more major cybersecurity areas. For example, identity security services are delivered through a common platform that combines governance, privileged access, and access management capabilities. SRM leaders need to continually take inventory of security controls to understand where functional overlap exists and reduce redundancy through consolidated platforms.

Trend 8: Prefabricated business requires prefabricated safety

To cope with the accelerating pace of business change, organizations must move away from reliance on monolithic systems and instead add modular functionality to a variety of applications. Assembly security refers to integrating cybersecurity controls into architectural patterns and then applying them in a modular fashion to assembly-ready technologies. By 2027, more than 50% of core business applications will use assembly architecture, so a new approach is needed to secure these applications.  

Addiscott said: "Assembled security is designed to protect assembled businesses. Creating applications using assembled components introduces previously undiscovered dependencies. This presents a significant opportunity for CISOs to create component-based, repeatable Use security control objects that embed privacy and security measures in advance.”

Trend 9: Board of Directors Expands Cybersecurity Supervision Authority

As cybersecurity responsibilities become increasingly clear and board members assume greater responsibilities in governance activities, boards of directors pay more attention to cybersecurity. Cybersecurity leaders must provide relevant reports to the board of directors demonstrating the impact of cybersecurity programs on the organization’s short- and long-term goals.

Addiscott said: “SRM leaders must encourage the board of directors to actively participate in and intervene in cybersecurity decisions, and at the same time provide action recommendations to the board of directors as strategic advisors, including the allocation of security budgets and resources.”