Top Six Security and Risk Management Trends

Business leaders are becoming increasingly conscious of the impact cybersecurity can have on business outcomes. Gartner said that security leaders should harness this increased support and take advantage of six emerging trends, to improve their organization’s resilience while elevating their own standing.

1. Senior Business Executives Are Finally Becoming Aware That Cybersecurity Has a Significant Impact on the Ability to Achieve Business Goals and Protect Corporate Reputation.

IT security is a board-level topic and an essential part of any solid digital business strategy. Business leaders have not always been receptive to this message, but a recent string of high-profile incidents have changed sentiment. Prominent examples include an Equifax data breach that cost the CEO, CIO and CSO their jobs; a WannaCry attack that caused worldwide damage estimated at between $1.5 to $4.0 billion, and Verizon's recent $350 million discount on its purchase of Yahoo! as a result of the latter's data breach.

2. Legal and Regulatory Mandates on Data Protection Practices Are Impacting Digital Business Plans and Demanding Increased Emphasis on Data Liabilities.

Customer data is the lifeblood of ever-expanding digital business services. Incidents such as the recent Cambridge Analytica scandal or the Equifax breach illustrate the extreme business risks inherent to handling this data. Moreover, the regulatory and legal environment is getting ever more complex, with Europe's GDPR the latest example. At the same time, the potential penalties for failing to protect data properly have increased exponentially. In the U.S., the number of organizations that suffered data breaches due to hacking increased from under 100 in 2008 to over 600 in 2016.

3. Security Products Are Rapidly Exploiting Cloud Delivery to Provide More-Agile Solutions.
New detections technologies, activities and authentication models require vast amounts of data that can quickly overwhelm current on-premises security solutions. This is driving a rapid shift toward cloud-delivered security products. These are more capable of using the data in near real time to provide more-agile and adaptive solutions.

4. Machine Learning Is Providing Value in Simple Tasks and Elevating Suspicious Events for Human Analysis.
The shift to the cloud creates opportunities to exploit ML to solve multiple security issues, such as adaptive authentication, insider threats, malware and advanced attackers. Gartner predicts that by 2025, ML will be a normal part of security solutions and will offset ever-increasing skills and staffing shortages. But not all ML is of equal value.

5. Security Buying Decisions Are Increasingly Based on Geopolitical Factors Along With Traditional Buying Considerations.
Increased levels of cyber warfare, cyber political interference, and government demands for backdoor access to software and services have resulted in new geopolitical risks in software and infrastructure buying decisions. Recent government bans against Russian and Chinese firms are obvious examples of this trend.

6. Dangerous Concentrations of Digital Power Are Driving Decentralization Efforts at Several Levels in the Ecosystem.
The internet is driving a wave of centralization, one obvious example of which is cloud computing. While there are many benefits (some outlined above), a good security team should be accounting for the risks too.