Gartner: 7 Security and Risk Management Trends for 2022

• By Rhea Kelly
• 03/08/22

Security and risk management in higher education and other sectors has become increasingly complex, thanks to the ever-expanding digital footprint of modern organizations, according to research firm Gartner. "The pandemic accelerated hybrid work and the shift to the cloud, challenging CISOs to secure an increasingly distributed enterprise — all while dealing with a shortage of skilled security staff," noted Research Vice President Peter Firstbrook. That's a difficult position from which to defend an institution against new and emerging threats.

In a recent report, Gartner outlined seven trends impacting cybersecurity and risk management practices in the coming year. The trends build on and reinforce one another, Firstbrook said: "Taken together, they will help CISOs evolve their roles to meet future security and risk management challenges and continue elevating their standing within their organizations." Following are key areas to watch and how institutions can adapt their security approaches in response to evolving needs.

1) Attack surface expansion. The use of cyber-physical systems (technologies that utilize sensing, computation, control, networking and analytics to interact with the physical world) and the Internet of Things, open source code, cloud applications, social media and more has resulted in a wider range of security exposures, Gartner said. "Organizations must look beyond traditional approaches to security monitoring, detection and response," the report advised. "Digital risk protection services (DRPS), external attack surface management (EASM) technologies and cyber asset attack surface management (CAASM) will support CISOs in visualizing internal and external business systems, automating the discovery of security coverage gaps."  

2) Digital supply chain risk. By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, according to a Gartner prediction. "Digital supply chain risks demand new mitigation approaches that involve more deliberate risk-based vendor/partner segmentation and scoring, requests for evidence of security controls and secure best practices, a shift to resilience-based thinking and efforts to get ahead of forthcoming regulations," the report said.

3) Identity threat detection and response. "Credential misuse is now a primary attack vector," Gartner said. The research firm uses the term "identity threat detection and response," or ITDR, to describe the tools and best practices needed to defend identity systems. "Organizations have spent considerable effort improving [identity and access management] capabilities, but much of it has been focused on technology to improve user authentication, which actually increases the attack surface for a foundational part of the cybersecurity infrastructure," Firstbrook pointed out. "ITDR tools can help protect identity systems, detect when they are compromised and enable efficient remediation."

4) Distributing decisions. "The scope, scale and complexity of digital business makes it necessary to distribute cybersecurity decisions, responsibility and accountability across the organization units and away from a centralized function," Gartner said. As a result, the role of a cybersecurity leader must evolve from sole decision-maker to more of a facilitator. "By 2025, a single, centralized cybersecurity function will not be agile enough to meet the needs of digital organizations," Firstbrook said. "CISOs must reconceptualize their responsibility matrix to empower Boards of Directors, CEOs and other business leaders to make their own informed risk decisions."

5) Beyond awareness. Traditional, compliance-centric approaches to security awareness training are ineffective, Gartner said. Instead, the company advised investing in "holistic security behavior and culture programs," which focus on "fostering new ways of thinking and embedding new behavior with the intent to provoke more secure ways of working across the organization."

6) Vendor consolidation. The need to reduce complexity and administrative overhead while increasing effectiveness is driving convergence in security technologies, Gartner said. For example, for many organizations, cloud-delivered secure web gateway, cloud access security broker, zero trust network access and branch office firewall-as-a-service capabilities might all be provided by the same vendor. "Consolidation of security functions will lower total cost of ownership and improve operational efficiency in the long term, leading to better overall security," Gartner asserted.

7) Cybersecurity mesh. "A cybersecurity mesh architecture (CSMA) helps provide a common, integrated security structure and posture to secure all assets, whether they're on-premises, in data centers or in the cloud," Gartner explained. This is important in defining consistent security policies, enabling workflows and exchanging data among security solutions.

The full report is available to Gartner clients here.