Login
We recently had the chance to discuss the top trend predictions for 2023, issued by Gartner®, and what these may mean for CISOs. The trends are below:
These showed several themes: internal pressures, external changes and solution adoption.
CISOs need to be aware of the pressures that may come from inside the business. C Level executives having risk related elements in their employment contracts (8) may result in a higher focus on Risk management. This may benefit CISOs to position cyber security as part of the Risk calculation and perhaps unlock more support for risk reduction initiatives.
Aligned is the concept of a culture of organisational resilience being mandated by CEOs (7). CISOs now talk about culture change in cyber security, making business colleagues identify as part of the overall security of the organisation. This may now include resilience. Again, this may provide a vehicle for change for CISOs.
Risk as a factor when assessing whether to do business with third parties (4) will highlight the third-party dependency issues that now concern CISOs. The perimeter is now long gone; security extends beyond the organisational remit of the CISO. The ability to understand and collaborate with third party security will become n increasing requirement. There is a downside for CISOs. Many are already burdened with the need to report on compliance and audits. This may increase as requests come in from business partners, current and potential, on the organisation’s cyber security posture.
Related to compliance and reporting is the issue of Privacy. It is predicted the consumer privacy will increase to cover most countries (1). This may require additional focus on the extent and scope to which Privacy is reported. Many CISOs address this already due to requirements such as GDPR. This may provide a strong basis to move forward. CISOs have seen Privacy as a positive. “Do you really need that data?” is a question often asked. Organisations can reduce the amount of unwanted data stored and needing security.
Responding to attacks and the relentless change in tactics is an additional trend. Payments for ransomware is contentious. From the morale, legal and practical aspects of making payments. If this becomes regulated (5) it may provide a clearer basis for decision making. Perhaps it may provide a for of deterrent for attacks. If the victim cannot pay why attack them? Perhaps this is just wishful thinking. On the negative side attackers may increase the capability of their tools in the operational technology environment with extreme impact (6). A current area of concern for CISOs that may increase in focus.
On a positive side a majority of organisation will adopt zero trust as a starting point for their security (3). However, many will not gain the benefits. CISOs are now increasing addressing the organisational and cultural change required to make Zero Trust succeed and realising it is not just about the technology. There are clear benefits that have been identified in Cisco research papers1. CISOs are looking to introduce new consolidated technologies in web, cloud services and private application access (3). This may reduce tech debt, enable smoother operational management, centralised policy control and better reporting.
https://www.cisco.com/c/dam/en/us/products/collateral/security/zero-trust-field-guide.pdf
Source: https://www.gartner.com/en/articles/the-top-8-cybersecurity-predictions-for-2021-2022
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
A new year is almost upon us and as we look back on our accomplishments in 2022, we also look forward to helping our customers become more security resilient and be better prepared for 2023. As part of this forward-looking process, and with the help of Gartner Peer Insights, we surveyed 100 Security and IT professionals to understand their level of security maturity and obtain their perspective on the future.
The results of the survey, called “Gartner Peer Insights – Future of Endpoint Security” can be found here in Infographic form.
Key insights from the Survey:
Regarding the first key insight, approximately two-thirds of the organizations surveyed have implemented EDR and XDR capabilities. These two capabilities are critical to detecting and eliminating threats, either before a breach has occurred or before a breach has had an opportunity to create damage.
Another key insight is related to endpoint vendor selection. In the survey, it’s noted that the top criterion organizations are looking for when selecting an endpoint security solution is the ability to support a hybrid workforce. This isn’t surprising given the events that have occurred over the last few years and the mix of remote workers expanding to working from home. Many organizations feel that the hybrid workforce is here to stay, in varying levels of remote workforce vs. on-premises workforce. The obvious implications directly related to the endpoint solutions are flexibility (e.g., deployment options), scalability, efficacy, resilience, and manageability, as a few examples.
The survey infographic provides much more insights than these two examples. The good news is that Cisco Secure Endpoint meets the challenges ahead for 2023 and beyond. If you haven’t researched Secure Endpoint lately, go here to see What’s New.
To find out more insights from the 100 Security and IT professionals we surveyed, please read the “Gartner Peer Insights – Future of Endpoint Security” survey.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
FreshRSS 