Estimated reading time: 1 minute, 30 seconds

Attack Surface Expansion Tops Gartner’s 7 Cybersecurity Trends  

A widening set of security exposures and attacks on software supply chains top a list of seven trends for security and risk management leaders, according to a new report by Gartner.

Internet of thingsEnterprise attack surfaces have expanded beyond a set of controllable assets due to factors including the Internet of Things, open-source code and cloud applications, according to the report. Gartner recommends that organizations go outside conventional tactics in response. For instance, chief information security officers may seek automated help from digital risk protection services, external attack surface management technologies and cyber asset attack surface management.

Attacks exploiting a vulnerability discovered in December in the popular Apache Log4j logging software have highlighted the risk from digital supply chains. Gartner projects that hacks on software supply chains will hit 45% of organizations globally within three years. Suggested approaches in response include more deliberate risk-based vendor/partner segmentation and scoring.

“Identity threat detection and response” is another trend identified by Gartner. That’s a term for a set of tools and best practices for addressing credential misuse as well as attacks on identity and access management infrastructure.

Gartner also foresees that cybersecurity decisions and accountability will be further distributed and decentralized across organizations, that organizations will go beyond cybersecurity awareness-raising programs for employees to “holistic security behavior and culture programs” and that security technology vendors will continue to consolidate. “Cybersecurity mesh architecture,” involving an integrated posture for in-office, remote and cloud assets, is the final trend in Gartner’s report.

“Organizations worldwide are facing sophisticated ransomware, attacks on the digital supply chain and deeply embedded vulnerabilities,” Gartner research vice president Peter Firstbrook said in a statement. “The pandemic accelerated hybrid work and the shift to the cloud, challenging CISOs to secure an increasingly distributed enterprise—all while dealing with a shortage of skilled security staff.”

Read 1497 times
Rate this item
(0 votes)

Visit other PMG Sites: