“The CISO role has moved from a technical subject matter expert to that of an executive risk manager,” said Firstbrook. Thus, the scope, scale and complexity of digital business makes it necessary to distribute cybersecurity decisions, responsibility, and accountability across the organization units and away from a centralized function. “ITDR tools can help protect identity systems, detect when they are compromised and enable efficient remediation.”Įnterprise cybersecurity needs and expectations are maturing, and executives require more agile security amidst an expanding attack surface. ![]() “Organizations have spent considerable effort improving IAM capabilities, but much of it has been focused on technology to improve user authentication, which actually increases the attack surface for a foundational part of the cybersecurity infrastructure,” said Firstbrook. Gartner introduced the term “identity threat detection and response” (ITDR) to describe the collection of tools and best practices to defend identity systems. ![]() Sophisticated threat actors are actively targeting identity and access management (IAM) infrastructure, and credential misuse is now a primary attack vector. Trend 3: Identity Threat Detection and Response In fact, Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021.ĭigital supply chain risks demand new mitigation approaches that involve more deliberate risk-based vendor/partner segmentation and scoring, requests for evidence of security controls and secure best practices, a shift to resilience-based thinking and efforts to get ahead of forthcoming regulations. As vulnerabilities such as Log4j spread through the supply chain, more threats are expected to emerge. Organizations must look beyond traditional approaches to security monitoring, detection and response to manage a wider set of security exposures.ĭigital risk protection services (DRPS), external attack surface management (EASM) technologies and cyber asset attack surface management (CAASM) will support CISOs in visualizing internal and external business systems, automating the discovery of security coverage gaps.Ĭybercriminals have discovered that attacks on the digital supply chain can provide a high return on investment. Risks associated with the use of cyber-physical systems and IoT, open-source code, cloud applications, complex digital supply chains, social media and more have brought organizations’ exposed surfaces outside of a set of controllable assets. The following trends will have broad industry impact across those three domains:Įnterprise attack surfaces are expanding. These challenges lend themselves to three overarching trends impacting cybersecurity practices: (i) new responses to sophisticated threats, (ii) the evolution and reframing of the security practice and (iii) rethinking technology. “The pandemic accelerated hybrid work and the shift to the cloud, challenging CISOs to secure an increasingly distributed enterprise – all while dealing with a shortage of skilled security staff.” “Organizations worldwide are facing sophisticated ransomware, attacks on the digital supply chain and deeply embedded vulnerabilities,” said Peter Firstbrook, research vice president at Gartner. Security and risk management leaders must address seven top trends to protect the ever-expanding digital footprint of modern organizations against new and emerging threats in 2022 and beyond, according to Gartner, Inc.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |