Gartner Announces Key Cybersecurity Trends

O Gartner, A world leader in research and advice for businesses, announces the top nine global cybersecurity trends. According to analysts, the Security and Risk Management (SRM) leaders they should rethink the balance of their technology investments and orient their structures to be human-centric when designing and implementing cybersecurity programs.  

Richard Addiscott, Analyst and Senior Director at Gartner

“A human-centric approach to cyber protection is essential to reducing security breaches,” he says. Richard Addiscott, Analyst and Senior Director at Gartner. “The people focus on project design and controls implementation, as well as business communications and cybersecurity talent management, will help improve business risk decisions and retention of that team.” 

To address cybersecurity risks and sustain an effective digital protection program, SRM leaders need to focus on three main fronts: the critical role of people in the success and sustainability of security programs; technical security capabilities that provide greater visibility and responsiveness across an organization's digital ecosystem; and restructuring the way the security function operates to enable agility without compromising protection. 

According to Gartner, the nine cybersecurity trends that will have a broad impact on cybersecurity leaders are: 

1 – Human-centric security design – Human-centric security design prioritizes the employee experience throughout the controls management lifecycle. By 2027, 50% from Chief Information Security Officers (CISOs – Chief Information Security Officer) of large enterprises will have adopted people-centric security practices to minimize the cybersecurity-induced attrition and increase adoption of control. 

“Traditional security awareness programs have failed to reduce employee unsafe behavior,” says Addiscott. “Security officers should review past incidents to identify key frictions generated by cybersecurity and determine where they can reduce costs and ease the burden on employees through more human-centric controls.” 

2 – Improve people management for the sustainability of the safety program – Traditionally, cybersecurity leaders have focused on improving the technology and processes that support their programs, with little focus on the people who create those changes. CISOs who take a talent management approach human centered to attract and retain professionals noticed improvements in the maturity of their companies. By 2026, Gartner predicts that 60% of organizations will shift from outsourcing to “silent hiring” from internal talent markets to address systemic cybersecurity and recruitment challenges. 

3 – Transform the cybersecurity operating model to support value creation – Technology is shifting from IT-centric functions to other business fronts and new corporate functions with multidisciplinary teams. Second search by Gartner, 41% of employees do some form of technology-related work, and this is a trend that is expected to continue to grow over the next five years. 

“Business leaders now widely accept that cybersecurity risk is one of the top business issues to be managed and that it is not just a technology issue to be solved,” says Addiscott. According to the analyst, supporting and accelerating business outcomes is a top cybersecurity priority, but remains a major challenge. Gartner warns that CISOs must modify the cybersecurity operating model to understand how work gets done. Employees must know how to balance a range of risks, including cybersecurity, financial, reputational, competitive, and legal. Cybersecurity must also connect to business value, measuring and reporting success against corporate outcomes and priorities. 

4 – Threat exposure management – The attack surface of modern enterprises is complex and fatigue-inducing. CISOs must evolve their assessment practices to understand their threat exposure by implementing ongoing threat exposure management programs (CTEM – Continuous Threat Exposure Management). Gartner predicts that, by 2026, organizations that prioritize their security investments based on a STEM program will experience two-thirds fewer breaches. 

“CISOs need to continually refine their threat assessment practices to keep pace with their organizations' evolving work, always using a STEM approach to analyze more than just technology vulnerabilities,” adds Addiscott. 

5 - Identity structure immunity (Identity Fabric Immunity) – The fragile identity infrastructure (Identity Fabric Immunity) is caused by incomplete, misconfigured, or vulnerable elements. By 2027, the identity framework immunity principles will prevent 85% from new attacks and thereby reduce the financial impact of breaches on 80%.  

“Identity framework immunity not only protects access identity management (IAM – Identity & Access Management) framework with Identity Threat Detection and Response (ITDR – Identity Threat And Detection Response), but also strengthens it by completing and configuring it properly,” says the Gartner analyst. 

6 – Cyber security validation – Cybersecurity validation brings together techniques, processes, and tools used to validate how potential attackers exploit an identified threat exposure. The tools needed for cybersecurity validation are making significant progress towards automating repeatable and predictable aspects of assessments, enabling regular benchmarking of attack techniques, security controls and processes. By 2026, more than 40% of organizations, including two-thirds of midsize companies, will have consolidated platforms to perform cybersecurity validation assessments. 

7 – Consolidation of the cybersecurity platform – As organizations look to streamline operations, vendors are consolidating platforms around one or more key cybersecurity domains. For example, identity security services can be offered through a common platform, capable of combining governance, privileged access, and usage management capabilities. SRM leaders need to continually inventory security controls to understand where overlaps exist to reduce redundancy across consolidated platforms. 

8 – Combinable businesses need combinable security – Organizations must transition from monolithic systems to building composable features into their applications to respond to the rapid pace of business change. Combinable security is an approach in which cybersecurity controls are integrated into architectural patterns and then applied at a modular level across implementations of combinable technology. By 2027, more than 50% of leading business applications will be built using composable architecture, requiring a new approach to securing these applications. 

“Combinable security is designed to protect the combinable business,” says Addiscott. “Building applications with composable components introduces as yet undiscovered dependencies. For CISOs, this is a significant opportunity to incorporate privacy and security from the design moment to create component-based, reusable control objects.” 

9 – Boards of Directors expand their competence in cybersecurity oversight – Boards of Directors' focus on cybersecurity is being driven by the trend to hold board members accountable for governance activities. Cybersecurity leaders must provide Boards of Directors with reports that demonstrate the impact of security programs on their companies' goals and objectives. “Leaders of SRMs should encourage active Board participation, as well as involvement in decision-making on cybersecurity-related issues,” says Addiscott. “It is the opportunity to act as a strategic advisor, providing recommendations for actions to be taken by the Board, including allocation of budgets and resources for cybersecurity.”