Gartner Releases Top Cybersecurity Trends for 2024

”

Gartner recently released its 2024 Cybersecurity Trends. According to Gartner, key cybersecurity trends in 2024 are driven by generative artificial intelligence (generative AI), persistent threat exposure, third-party risk, privacy-driven application and data decoupling, and cybersecurity reskilling.

Yanquan Chen, Research Director, Gartner, said, "Enterprise security functions are facing disruption in terms of technology, organization, and people. Risk management leaders must be well-prepared and pragmatic in order to respond to disruption and implement effective cybersecurity programs. ”

To address the combined impact of these factors, risk management leaders in 2024 need to adopt a range of practices, technical capabilities, and structural changes in their security programs to improve organizational resilience and cybersecurity performance.

The following key trends will have a broad impact on these areas.

Trend 1: Continued Threat Exposure Management programs are gaining momentum

Gartner predicts that by 2026, organizations that prioritize security investments through a continuous threat exposure management program will have a two-thirds reduction in security breaches.

"In recent years, the attack surface of enterprises and organizations has expanded dramatically, bringing potential security blind spots and a large number of potential threat exposure surfaces that need to be addressed. In response, security and risk management leaders conducted a pilot project to introduce processes to determine the number and importance of threat exposure surfaces and validate the effectiveness of ongoing threat exposure management (CTEM) programs. ”

Trend 2: Improve identity and access management practices to leverage their role in cybersecurity success

In an identity-first approach to security, the use of identity and access management (IAM) to replace network security and other traditional security controls has become the focus of security efforts. Organizations that adopt an identity-first security strategy must increase their focus on basic IAM norms and IAM system hardening to improve resilience.

Trend 3: Resilient-oriented, more resource-efficient third-party cybersecurity risk management

As third-party cybersecurity incidents become inevitable, security and risk management leaders have had to shift their focus from due diligence, which involves significant upfront investments, to resilience-oriented security investments. Enterprising security and risk management leaders have prioritized work activities aimed at building resilience, such as implementing compensatory controls and strengthening incident response planning. At the same time, they are providing targeted support to business partners to help them optimize their cooperation with third parties and influence decisions related to security controls.

Trend 4: Privacy-driven decoupling of applications and data to optimize operations in a fragmented world

Gartner predicts that by 2025, 10% of global enterprises will have more than one business unit that is subject to a specific data sovereignty strategy, at least doubling the cost of creating the same business value.

"The increasing number of nationalist-based privacy and data protection and localization requirements has exacerbated the fragmentation of enterprise application architectures and data localization practices. Multinational enterprises that have been single-tenant applications for decades face increasing compliance requirements and rising risks of business disruption. In response, forward-thinking organizations are planning and implementing application and data decoupling strategies at different levels. ”

Trend 5: GenAI raises short-term doubts, but it also ignites long-term hope

Generative artificial intelligence (GenAI) introduces a new attack surface. To provide these protections, organizations must transform their application and data security practices and user monitoring. By 2025, the adoption of GenAI will lead to a surge in cybersecurity resources required by organizations, leading to an increase in application and data security spending by more than 15%.

In addition, given that the rise of large language model applications such as ChatGPT is just the beginning of a wave of disruption for GenAI, security and risk management leaders also need to be prepared for the rapid evolution of the technology.

Trend 6: The role of security behavior and culture programs in mitigating human cybersecurity risks is receiving keen attention

Customers and suppliers have recognized that the current common practice of focusing solely on employee cybersecurity awareness is doing little to reduce security incidents caused by employee behavior.

"The Safe Behavior and Culture Program (SBCP) is an enterprise-wide approach that aims to minimize cybersecurity incidents related to employee behavior, whether they are inadvertently or intentionally," said Chen. The main goal of the SBCP is to change employee behavior. By 2027, 50% of CISOs at large enterprises will adopt human-centered security design practices to minimize employee resistance and increase adoption of security controls caused by cybersecurity. ”

Trend 7: Cybersecurity Outcome-Driven Metrics Help Security Leaders Effectively Communicate the Value of Cybersecurity

Cybersecurity Outcome-Driven Indicators (ODMs) are security operations metrics with specific attributes that can help stakeholders establish a direct correlation between security investments and the level of protection they can achieve.

Organizations across industries are investing heavily in cybersecurity people, processes, and technology, yet the frequency and negative impact of cybersecurity incidents continue to rise. This has undermined board and executive confidence in cybersecurity strategies. Organizations are looking for a way to measure the value of cybersecurity that resonates with executives and supports pragmatic investment decisions that align with business needs. As one of the most promising candidates, ODM has been favored by more and more enterprises.

Trend 8: Evolving cybersecurity operating models

As lines of business continue to replace IT functions as the primary body of technology acquisition, build, and delivery, the traditional cybersecurity operating model is being disrupted. Security and risk management leaders are adapting their cybersecurity operating models to meet the needs of the business for autonomy, innovation, and agility. Specifically, the decision-making power of security efforts is becoming increasingly decentralized, the details of security policies are increasingly being handed over to business decision-makers at the edge, centralized and formal governance mechanisms have been established for some governance efforts to better support risk leaders in business units, and the role of security and risk management leaders is evolving from control managers to value drivers.

Trend 9: Reinvent cybersecurity skills to help organizations prepare for future risks

By 2026, 50% of large enterprises will use agile learning as their primary upskilling/reskilling method.

"Security and risk management leaders face a number of significant trends that are impacting the skills needs of cybersecurity teams," said Chen. And the demand for new skills will grow faster than the creation of new roles, new qualifications, new job descriptions, and new job titles. In other words, relying on learning and development solutions, recruitment platforms, and HR practices will not be able to meet the need for cybersecurity skills in a timely manner. ”

Cybersecurity teams need to improve learning and development programs around agile learning, and prioritize practical skills through iterations and short-term blitzes based on agile learning.

About Gartner:

Gartner (NYSE: IT) provides organizations with actionable, objective insights that enable them to make informed decisions and deliver business results on their most critical priorities. For more information, please visit http://www.gartner.com/cn.