Identity management, hybrid work, and product consolidation are among top security issues facing enterprises, Gartner says. Credit: AWS As organizations become less centralized they face new security challenges that require new ways of addressing threats that will change the basic fabric of network security, according to Gartner analysts. A persistent challenge adapting to these changes is the skills gap–finding IT pros with the technical know-how to meet evolving security issues, Peter Firstbrook, Gartner vice president and anayst told attendees at Gartner IT Symposium/Xpo 2021 Americas. “Cybersecurity teams are being asked to secure countless forms of digital transformation and other new technologies, and if they don’t have those skilled practitioners they move toward managed or cloud-delivered services where they might not have as much control as they’d like,” Firstbrook said. At the same time, attackers are becoming more persistent, with ransomware attacks and corporate phishing exploding. These adversaries are also becoming more professional, offering cyber attacks as a service, which lowers the barriers to becoming an attacker and greatly increases their number, Firstbrook said. With that as a backdrop, Gartner detailed what its research shows are the top eight trends in security and risk management. Remote/hybrid work is the new normal The percentage of remote or hybrid workers will increase 30% over next couple years, which will lead to organizations hiring skilled workers regardless of where they live, which could be a business advantage, Firstbrook said. But this new workforce brings new sets of security challenges. On-prem security tools and hardware will no longer be practical or sufficient, promoting a shift to security in the cloud, which gives organizations visibility and control regardless of where the endpoint is, Firstbrook said. Cyber-security mesh architecture The use of an overarching cybersecurity mesh architecture (CSMA) that will let distributed enterprises deploy and extend security where it’s most needed was also among Gartner’s top technology trends for 2022. Gartner said the CSMA is a composable approach to security that will bring integrated tools with common interfaces and APIs into the security process as well as centralized management, analytics, and intelligence about what is going on across the enterprise. It can also push out policies to users and services that are being accessed. “Distributed organizations will need to rethink their security architecture,” Firstbrook said. “Many companies are still focused on LAN or network centric security, and they need to break out of that mold and make security much more composable and locate security where the asset is.” Siloed security doesn’t work any more either. Companies can’t have email security separate from Office 365 security, for example, so much more integrated controls are needed, he said. Security product consolidation Gartner research shows that in the next three years, 80% of IT organizations plan to adopt strategies to consolidatate their security vendors, Firstbrook said. Those plans aren’t to lower costs but to improve their risk posture and reduce the time it takes to respond to incidents. In Gartner’s 2020 CISO Effectiveness Survey, 78% of CISOs said they had 16 or more tools in their cybersecurity vendor portfolio and 12% have 46 or more. Too many security vendors results in complex security operations. Going forward Gartner recommends organizations set a guiding principle for the acquisition of new products and develop metrics to measure a consolation strategy. Start with easy consolidation targets and be patient, Firstbrook said, as it takes three to five years for large organizations to to effectively consolidate. Identity-first security Identity control is now imperative, Firstbrook said, so organizations must invest in the technology and skills for modern identity and access management. Organizations can no longer define their nework perimeter as where their assets meet a public network, Firstbrook said. Now 80% of corporate traffic doesn’t go over the corporate LAN, and many times companies don’t own the underlying infrastructure. The only thing they do own is identity, but that is where adversaries are looking to attack, he said. Companies need to treat identity policy, process, and monitoring as comprehensively as traditional LAN controls. They also need to focus on the remote worker and cloud computing, Firstbrook said. Machine-identity management Closely related to identity-first security is the ability to control access from machines such as IoT devices and other connected equipment. Firstbrook recommended organizations establish a machine-identity management program to assess the different tools that might handle the task in their particular environments. Breach and attack simulation (BAS) tools Tools are coming to market that let enterprises simulate attacks and breaches in order to assess their network-defenses. The results can reveal choke points and paths where attackers might move laterally across the enterprise. After the enterprise has addressed these weaknesses, retesting can demonstrate whether the fixes are effective. Privacy-enhancing computation Privacy-enhancing computation (PEC) techniques are emerging that protect data while it’s being used as opposed to when it’s at rest or in motion. This can enable secure data processing, sharing, cross-border transfers, and analytics, even in untrusted environments. One such PEC technique is homomorphic encryption, which allows performing computation on the data without decrypting it. Firstbrook said organizations should start investigating PEC products to determine the right technologies for their particular use cases. Boards are adding cybersecurity Boards are hiring risk-assessment experts to help them evaluate threats at a corporate, level, so CISOs shoud try to optimize network security in a business context. Related content how-to Using the apropos command on Linux By Sandra Henry-Stocker Apr 24, 2024 3 mins Linux news 2024 global network outage report and internet health check ThousandEyes tracks internet and cloud traffic and provides Network World with weekly updates on the performance of ISPs, cloud service providers, and UCaaS providers. By Ann Bednarz Apr 24, 2024 38 mins Internet Service Providers Network Management Software Cloud Computing news Accelsius offers liquid cooling without a data center retrofit NeuCool technology works with existing data center equipment and configuration. By Andy Patrizio Apr 24, 2024 3 mins Energy Efficiency Data Center news Nvidia supercomputers: new collegiate, research systems come online Georgia Tech's dedicated AI supercomputer is a cluster of 20 Nvidia HGX H100s; the DOE's Venado is the first large-scale system with Nvidia Grace CPU superchips deployed in the U.S. By Andy Patrizio Apr 24, 2024 3 mins Supercomputers Data Center PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe