In March 2023, Gartner released the Top Cybersecurity Trends for 2023 tweet on its official website, and we used the same method to summarize Gartner's trends in cybersecurity in the last three years as follows:
By grouping and analyzing keywords related to cybersecurity trends, keywords with common trends can be divided into three groups. Among them, the trend keywords related to distributed, modular, and assembleable have been mentioned in the strategic technology trends above, and will not be repeated. The other two groups are:
Trending keywords related to identity: identity-first security, managing machine identities, identity threat detection and response, identity fabric immunity.
For enterprise organizations, the trend of identity-based security construction is becoming very important, especially under the development of distributed, decentralized, and modular as just mentioned, the previous perimeter security scenarios in the past are gradually moving to the smallest unit as the data boundary, so the first step is to identify the identity information related to data use. In the event of a security attack, the first task is to obtain legal identity information and escalate rights. With the development of new technologies such as quantum computing, identity-related developments are no longer limited to verification, but are moving from passive use to active detection and response. It can be seen that identity-related product solutions (such as IAM, PAM, zero trust, etc.) will gradually become a new hot spot in the industry. Here is an overview of 4 identity-related trend points:
Identity-first security: For many years, the vision of access for any user, anytime, anywhere (often referred to as "identity as the new security perimeter") was an ideal. Thanks to the shift in technology and culture, coupled with the fact that most of the workforce is now remote during COVID-19, it is now a reality. Identity-first security puts identity at the center of security design and requires a significant shift away from traditional LAN edge design thinking
Identity threat detection and response: Sophisticated threat actors are aggressively targeting identity and access management (IAM) infrastructure, and credential abuse is now the primary attack vector. Gartner introduced the term "Identity Threat Detection and Response" (ITDR) to describe a collection of tools and best practices used to secure identity systems. According to Gartner analyst Firstbrook, ITDR tools can help protect identity systems, detect when they have been compromised, and enable effective remediation;
Identity structure immunity: A fragile identity infrastructure is caused by incomplete, misconfigured, or vulnerable elements in the identity structure. According to Gartner, the Identity Fabric Immunity principle will be able to block 85% of new attacks, reducing the financial impact of breaches by 80% by 2027. According to analyst Addiscott, Identity Fabric Immunity not only protects existing and new IAM components in the fabric through Identity Threat and Detection Response (ITDR), but also strengthens it by completing and properly configuring it;
Manage machine identities: Machine identity management is designed to establish and manage trust in machine identities that interact with other entities, such as devices, applications, cloud services, or gateways. The increasing number of non-human entities that now exist in organizations means that managing machine identities has become an important part of your security strategy.
Keywords related to business integration: security vendor consolidation, vendor consolidation, cybersecurity platform consolidation.
Gartner believes that the integration with the best business involves two levels, one is the merger of different product solutions within the company, and the other involves the merger and acquisition integration involved in order to obtain a comprehensive plan, such as XDR, SASE, etc. Of course, the fundamental driving force of business integration is also because network security is a field of technical fragmentation, which requires the collaboration of multiple security capabilities and tools. For end users, it is laborious and laborious to trade with multiple vendors at the same time, and when it comes to the linkage of solutions, it not only consumes a lot of energy and money, but also whether it can solve real problems after it is put into operation, or whether it faces the problem of division of responsibilities after the incident is also vague and easy to rip off.