Six technical security trends CISOs need to know in 2023
Organizations face countless potential cybersecurity threats as they pursue digital transformation and criminals evolve their attack techniques.
Even the most well-funded enterprises cannot address every one of these threats. Responding effectively is about validating and prioritizing the risks that are most impactful for the business.
Security and risk management leaders must refine their strategy to identify and adapt to key existing and emerging risks across the cyberthreat landscape. Here are six major security technology and infrastructure trends that chief information security officers should consider when planning and executing security initiatives in 2023, and the actions that security leaders can take to mitigate threats in each of these areas:
Trend 1: Supply chain and geopolitical risks dominate security strategy
Geopolitical risk continues to affect organizations worldwide in 2023, and many of these risks are emerging as supply chain exposures. This puts enterprises and their supply chains at increased risk for malware attacks, attacks on cloud infrastructure, attacks on system integrity and availability such as distributed denial of service, and data theft or loss.
CISOs must mitigate hardware and software supply chain security challenges by enforcing engagement-level controls between the organization and suppliers. These controls may be as simple as a set of goods-in acceptance criteria. They may also be as complex as implementing access to internal information technology systems or planning detection and response activities for suppliers. Rearchitect security to be responsive to geopolitical risks by preparing and auditing cyber resilience plans for every part of the supply chain.
Trend 2: Emerging architectural patterns will streamline security
Understanding how to overlay security controls onto enterprise IT systems is increasingly challenging, as it is difficult to know what security features products have and their applicability to different environments and services. In response to this trend, large security vendors are building out unified cybersecurity platforms as cybersecurity mesh architectures or CSMAs.
CISOs must work with their teams to implement security products focusing on CSMA principles. Additionally, use zero-trust architecture to enhance overall security posture. Simplify security control architecture through consolidation and convergence. Consolidation of tooling centralized around intelligent analytics, decision-making and orchestration increases synergy between point tools to create better real-time insights and risk mitigation.
Trend 3: DevSecOps will become business-critical
The continuous growth and diversity of application programming interface and application deployments is creating an extensive attack surface. Organizations must treat the secure development and deployment of APIs and applications as business critical. DevSecOps techniques can automate security into the application delivery process.
CISOs can stay ahead of this trend by promoting a DevSecOps mindset and making security an integral part of development and automation. Enforce security and transparency across software delivery infrastructure. Knowing what constitutes an application is important for understanding where vulnerabilities may impact organizational risk.
Trend 4: Security operations with automation will enhance capabilities
Security monitoring technologies have seen great evolution and adoption, but security monitoring is time intensive. Increased automation — both integrated into existing tools and provided in the form of security orchestration, automation and response or SOAR tools — helps scale up existing security operations staff.
CISOs can evaluate their automation strategy for increasing security operations efficiency based on anticipated measurable gains in security operations. Consider whether something you do now be made better, faster or cheaper by introducing automation. Use cases should be not only conducive to automation, but also a significant enough concern that automation is cost-effective.
Trend 5: Data-centric security will be key to a ‘data everywhere’ world
Data is proliferating, especially as organizations rapidly increase their use of data-intensive artificial intelligence technologies. Keeping track of all this data has not been a top priority for many organizations, so there is very little visibility into it. Lurking in this dark data are unknown data risks.
Discovery, classification and data loss prevention tools can help provide visibility into dark data and protect from breaches or misuse. Cybersecurity leaders must look at a targeted approach for each business use case when rolling out a protection strategy. Discovery and visibility are critical, as it’s increasingly important to know where data is and to get deep insight into how users and machines access various applications and data sources.
Investigate enterprise digital rights management or EDRM to protect data beyond the corporate boundary. EDRM comprises solutions that provide fine-grained and identity-aware control over persistently protected information through a cryptographic, an identity and a granular usage control element. EDRM protects, tracks and revokes rights to data even after it is shared.
Trend 6: Endpoints will need adaptable protection against threats
Endpoints remain a top target for advanced adversaries. Instead of just stealing sensitive information from endpoints, adversaries are now using them as a foothold to launch more commercially attractive attacks, such as ransomware and business email compromise. Organizations must also deal with securing a growing number of devices such as IoT and virtual personal assistants that need access to corporate networks, applications or data.
CISOs must implement preventive and detective controls, including ransomware protection, on all hosts – whether physical or cloud-based. All workloads, including handheld devices, should be protected by a unified endpoint security strategy. To combat ransomware, a mix of multiple detection and prevention controls and a solid backup/recovery process is a must.
Richard Bartley is a VP analyst at Gartner Inc., providing guidance on cloud security architectural approaches and designs. He wrote this article for SiliconANGLE. Bartley and other Gartner analysts are providing additional insights on the latest cybersecurity and risk trends at the Gartner Security and Risk Management Summit taking place June 5-7 in National Harbor, Maryland.
Featured image: TheDigitalArtist/Pixabay
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU