Analysts Explore the Future of Cybersecurity at the Gartner Security & Risk Management Summit, March 28-29 in Sydney
Fifty percent of chief information security officers (CISOs) will adopt human centric design to reduce cybersecurity operational friction; large enterprises will focus on implementing zero-trust programs; and half of cybersecurity leaders will have unsuccessfully tried to use cyber risk quantification to drive enterprise decision making, according to the top cybersecurity predictions revealed by Gartner, Inc. today.
In the opening keynote at the Gartner Security & Risk Management Summit in Sydney today, Richard Addiscott, Senior Director Analyst and Lisa Neubauer, Senior Director, Advisory at Gartner discussed the top predictions prepared by Gartner cybersecurity experts to help security and risk management leaders be successful in the digital era.
“There’s no question that CISOs and their teams must be laser focused on what’s happening today to ensure their organizations are as secure as possible,” Addiscott said. “But they also need to make time to look up from their daily challenges and scan the horizon to see what’s coming down the track that might impact their security programs in the next couple of years.
“These predictions are a signal flare for some of those things we see emerging and should be considered by any CISO looking to build an effective and sustainable cybersecurity program.”
Gartner recommends that cybersecurity leaders build the following strategic planning assumptions into their security strategies for the next two years.
Through 2027, 50% of CISOs will formally adopt human-centric design practices into their cybersecurity programs to minimize operational friction and maximize control adoption. Gartner research shows that over 90% of employees who admitted undertaking a range of unsecure actions during work activities knew that their actions would increase risk to the organization but did so anyway. Human-centric security design is modeled with the individual — not technology, threat or location – as the focus of control design and implementation to minimize friction.
By 2024, modern privacy regulation will blanket the majority of consumer data, but less than 10% of organizations will have successfully weaponized privacy as a competitive advantage. Organizations are beginning to recognize that a privacy program can enable them to use data more broadly, differentiate from competitors, and build trust with customers, partners, investors and regulators. Gartner recommends security leaders enforce a comprehensive privacy standard in line with GDPR to differentiate in an increasingly competitive market and grow unhindered.
By 2026, 10% of large enterprises will have a comprehensive, mature and measurable zero-trust program in place, up from less than 1% today. A mature, widely deployed zero-trust implementation demands integration and configuration of multiple different components, which can become quite technical and complex. Success is highly dependent on the translation to business value. Starting small, an ever evolving zero-trust mindset makes it easier to better grasp the benefits of a program and manage some of the complexity one step at a time.
To see the rest of the predictions, the full press release can be accessed here.