Top 10 Takeaways From Gartner Security And Risk Management Summit
Posted July 18, 2024 by Sayers
In a year when 80% of CIOs are increasing their investment in cybersecurity, the 2024 Gartner Security and Risk Management Summit drew more than 5,000 cybersecurity executives for the latest trends, technologies, operations and leadership insights.
Today’s organizations are dealing with increasing cybersecurity compromises and significant talent shortfalls in cybersecurity. This year’s summit kept that context in mind while focusing on topics ranging from infrastructure security and cyber risk management to artificial intelligence, identity and access management, and more.
Sayers was there to take note on how our clients can best benefit.
Cybersecurity In 2024: Top 10 Takeaways
Based on three days of sessions, keynotes, and discussions with cybersecurity executives, vendors, and Gartner analysts, Sayers offers the following top takeaways:
1. AI Augments Cybersecurity But Warrants Caution And Oversight
Summit keynotes, roundtables, and hallway conversations buzzed with talk of artificial intelligence, especially the potential of Generative AI (GenAI).
According to Gartner research, GenAI will drive spending in cybersecurity:
Through 2025, generative AI will cause a spike of cybersecurity resources required to secure it, causing more than a 15% incremental spend on application and data security.
Most of your organization’s data is likely dark data that’s collected and stored but sits unused – just a data breach away from exposing sensitive information and losing your employees and clients’ trust.
GenAI offers the opportunity to use vast amounts of dark data and gain value from it. Chris Willis, VP of Cybersecurity and Network Engineering at Sayers, says:
“Organizations can use GenAI to get value from the data they have, whether it’s helping increase your revenue, improving efficiencies, building better products, making better medicine, or driving other benefits.”
Organizations can build GenAI themselves or consume it through offerings such as OpenAI’s ChatGPT or Microsoft’s Copilot. A growing number of cybersecurity solutions use GenAI to help organizations protect themselves from attackers who use AI themselves to hone their attacks.
2. Exposure Management Expands The Way We Think About Cybersecurity
Exposure management takes a broader view of ways an attacker might try to breach your organization, and looks at what investment your organization is willing to make to protect assets based on their value.
Exposure management goes beyond traditional security methods and vulnerability management to continuously cover all aspects of where corporate data might be compromised or disrupted.
For example, continuous threat exposure management (CTEM) extends past the traditional perimeter of endpoints and servers, and beyond the modern perimeter of SaaS, websites, applications, data, mobile, and identity. CTEM now deals with an expanding perimeter that includes social media, APIs, IoT, cyber-physical, remote workers, cloud workloads, the dark web, and more.
3. Tool Consolidation Replaces Best-Of-Breed Point Solutions
Remember when everyone wanted best-of-breed point solutions? No longer. Today’s organizations are turning to platform solutions with multiple technologies built in, offering lower cost and similar feature parity.
A consolidated solution is easier to deploy, manage, maintain, and integrate into IT environments – especially relevant given the talent shortages many organizations are experiencing.
For example, instead of focusing on point solutions such as endpoint detection and response (EDR), network detection and response (NDR), and identity threat detection and response (ITDR), consider an extended detection and response platform solution that brings together those multiple offerings.
Willis says:
“Look at the investments you’ve already made, and the vendors you already use. Consider the breadth and capabilities they offer. Do they meet your needs? If not, it’s time to explore other technologies.”
4. Manage Identity As Critical Infrastructure
Like AI, the topic of identity came up in almost every conversation Sayers had at the Gartner Summit. Managing identity by controlling access to data and applications is at the core of zero trust and the heart of data security and privacy.
Gartner recommends organizations identify data risk and identity risk, and use them together as the primary directive for strategic data security. Bottom line: Treat identity as you do your critical infrastructure.
By 2027, 70% of organizations will combine data loss prevention and insider risk management disciplines with identity and access management (IAM) context to identify suspicious behavior more effectively.
If you’re an IAM leader, expect your responsibilities and visibility to increase within the next few years, driven by increased demand for compliance with regulations involving identity breaches.
5. Decouple Data From Applications For Enhanced Privacy And Compliance
Whether your data is in the cloud, on premise, or in software-as-a-service platforms, bad actors are trying everything they can to access it.
According to research by the EY Center for Board Matters:
68% of directors rank cybersecurity and data privacy among the top five board oversight topics in 2024.
Regulatory compliance requirements can differ among states, countries, and regions.
By decoupling data from applications – and data security from applications security – organizations will find better ways to improve security, privacy, and compliance.
6. AI And APIs Drive Extended Application Security Needs
The growing use of AI and APIs means distributed delivery teams are creating a greater volume and variety of applications. This creates a greater potential for security exposures than dedicated application security teams can manage.
To keep up, evaluate your development pipeline and expect the responsibility for application security will need to be shared more broadly across the organization. According to Gartner:
By 2027, 30% of cybersecurity functions will redesign application security to be consumed directly by non-cyber experts and owned by application owners.
7. Security Posture Management (xSPM) Expands Across Cybersecurity
For most areas within cybersecurity, you will find an SPM solution designed specifically to accommodate. Think Cloud SPM, Application SPM, Data SPM, and more.
Willis says:
“Security posture management isn’t new. But what is new is the breadth of SPM across a spectrum of everything within cybersecurity.”
Available xSPM solutions continuously evaluate the overall security posture of each cybersecurity area in near real-time to ensure your defenses and responses perform optimally. Gartner offers an xSPM framework that focuses on continuously discovering, identifying, assessing, prioritizing, and remediating risks within each xSPM space.
8. Business Resiliency Emphasizes Response And Recovery
Organizations have placed much of their cybersecurity efforts on prevention. But 100% prevention is impossible, so more focus has to be on detection, response, and recovery.
Even the most well-funded organizations cannot address all threats. Responding to the threat landscape relies on prioritization, using a business impact analysis (BIA) to develop a plan for business resiliency in a world of business disruptions.
Many organizations factor in shrinkage and pilferage, cybersecurity should also factor in breaches and disruptions. It’s not a matter of if, but when. How prepared are you?
The National Institute of Standards and Technology’s (NIST) released version 2.0 of their Cybersecurity Framework (CSF) which now includes Governance among other new features and updates. This call-out is significant and emphasizes the importance of oversight, the protection of the business from disruption and compromise, and ensuring resilience.
9. Use Outcome-Driven Metrics To Quantify Cybersecurity Business Value
More organizations are looking to quantify cybersecurity with outcome-driven metrics (ODMs). With ODMs, you can measure risks (financially), quantify the value of cybersecurity investments (justification), and make informed decisions to reduce cyber risks. This is a board-level request.
Don’t know where to start? Gartner has identified 16 ODM areas to benchmark and measure risks, ranging from incident containment to phishing reporting rates.
While attempts in cybersecurity quantification have failed historically, we’re now at a point to accurately and easily perform this. With the vast number of breaches, threat intelligence, cybersecurity solution integrations, machine learning (AI), and more advancements, we now have the capabilities to successfully join and leverage this information in a usable fashion to provide accurate metrics.
10. Include Third-Party Cybersecurity Risk Management To Control Your Attack Surface
How much access do the third parties in your supply chain have to your data, applications, and networks?
With vendor partners, some risks are outside of your direct control. But the attack surface of your vendors is part of your organization’s total attack surface (exposure). Ensure your organization continuously assesses and scores third-party organizations cybersecurity and risk management program and practices. Find alternative vendors when your current is falling short. Ensure they haven’t been granted overly permissive access to your resources.
While we covered our top 10 takeaways from the Gartner Security and Risk Management Summit here, Sayers has a wealth of knowledge and guidance in Cybersecurity, Infrastructure, Cloud, Staff Augmentation and more to help our clients optimize and mature their IT programs.
Questions? Contact us at Sayers today to discover extensive technology solutions, services and expertise to cover all areas of your business.