In April of this year, Gartner published their Top 7 Cyber Security Trends of 2022 which highlights the key risks and resolutions that CISO’s need to focus on this year.
The rapidly evolving digital landscape drives Gartner’s 7 key cyber security trends and in essence focuses on reviewing businesses cyber landscape, reframing security landscapes to better mitigate evolving threats, and improving security posture by pushing Cyber Security out to business units.
Working in the cloud and the increase of remote and hybrid working has further complicated the issue and expanded the cyber security threats that businesses now face. Combined with more sophisticated hackers and ransomware has further exacerbated the growing issues as a result of technology and skills and recruitment gaps.
In the Gartner report, Peter Firstbrook, VP Analyst at Gartner comments, “These disruptions don’t exist in isolation; they have a compound effect. To address the risks, CISOs need to transition their roles from technologists who prevent breaches to corporate strategists who manage cyber risk.”
So, let’s take a look and review how Gartner’s Top 7 Cyber Security Trends are supported by Continuous Controls Monitoring.
Our CEO at Quod Orbis, Martin Greenfield sums up the definition of CCM: “Continuous Controls Monitoring provides complete, real-time visibility of all your security controls, constant, real-time information, providing the reassurance that you are utterly secure from Cyber-attacks, and remain compliant with total minimum risk.”
If we examine the 7 Cyber Security Trends, CCM answers the actions that Gartner recommend businesses need to take.
Trend No. 1: Attack surface expansion
Gartner is recommending that security leaders need to “look beyond the traditional approaches to security monitoring, detection and response to manage a wide set of risks.”
This is as a result of 60% of people now working remotely, with 18% predicted never to return to the office. Couple this with an increase in cloud use and a highly connected supply chain utilising cyber-physical systems, the result is businesses being highly vulnerable to attack.
The QO View:
We continuously and consistently monitor all metrics and controls from any data source against any internal or external frameworks, bringing complete visibility and evidence through a single pane of glass, giving your business a single source of truth to understand how compliant you are, where risks are and how effective your cyber solutions and processes are against their design; Meaning, CCM Is enveloping your business to be cyber secure not only right now, but continuously.
Trend No. 2: Identity system defence
Gartner use the acronym ITDR (Identity Threat Detection and Response) to describe a set of tools to defend identity systems.
The need for these has increased significantly as cyber criminals’ primary method of infiltrating your business is as a direct result of a misuse of credentials, making this the preferred attack method.
The QO View:
Multiple tools with multiple touchpoints and various teams viewing them means that your business has a dissipated approach to your cyber security policy. CCM draws all those tools and cyber solutions into one consolidated single source of truth that allows from Board level down to interrogate the information you need to see and understand and mitigate your potential risks. Not only that, our CCM platform tells you the information that you just didn’t know, further significantly reducing your risk and speeding up remedial decision making.
Trend No. 3: Digital supply chain risk
Gartner states “Security and risk management leaders need to partner with other departments to prioritize digital supply chain risk and put pressure on suppliers to demonstrate security best practices.”
They also predict that that by 2025, 45% of organisations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021. Therefore, they comment that security and risk leaders need to engage with other areas of the business to focus on digital supply chain risk and put pressure on suppliers to follow best practices.
The QO View:
CCM supports your security across all lines of defence, encapsulating security, risk, compliance, audit and all your IT Solution all in one platform. By engaging your senior leaders and external suppliers responsible for these areas, as well as customising the platform to identify and mitigate all controls that are failing, or degrading, and even those that are successfully functioning for you, will mean your business will have a consolidated and united approach to your cyber security, underpinned by our robust reporting with real-time evidence.
One of our recent blogs explores this further: https://www.quodorbis.com/continuous-controls-monitoring-offering-a-unified-approach-to-the-3-lines-of-defence/
Trend No. 4: Vendor consolidation
Gartner touches on security converging, consolidating security functions into a single platform and comments that it is “a welcome trend that should reduce complexity, cut costs and improve efficiency, leading to better overall security.”
The QO View:
CCM does just that! Implementing CCM does not meant that you have to eliminate all your trusted cyber solutions, it simply means that monitoring them and ensuring their performance is robust and compliant is a much simpler task for CISO’s and Heads of Risk and Compliance to complete.
In a typical FTSE 500 medium/large organisation with medium to high compliance requirements, costs of manual monitoring (staff costs + annual assessment costs) can be around £1.2m per annum. With a CCM platform ongoing savings on these costs of around 75% a year can be achieved.
Trend No. 5: Cybersecurity mesh
In Gartner’s article they predict that by 2024, organisations adopting a Cyber Security Mesh architecture, enabling businesses to deploy and integrate security to assets, whether on-prem or in the cloud, reducing the impact of individual security incidents by 90% on average.
The QO View:
Continuous Controls Monitoring makes the difference in this deployment by ensuring that all frameworks, all data and all controls are monitored.
With deployment via a Cyber security mesh, your business still needs to ensure that these are robust, compliant and risk free with teams in multiple locations. The Quod Orbis platform in particular, bring all metrics and controls wherever they derive from, under one roof, giving a holistic view of security performance – whether that is aligned against internal or external frameworks or compliances, KRIs, KPIs and more… CCM helps you maximise your existing investments, and helps you plan for new areas by helping you understand what is really going on..
Trend No. 6: Distributed decisions
As businesses become more and more digitised, Gartner comments that Cyber Security is becoming far too big for CISO’s to deal with. Therefore, forward thinking businesses are building a team around CISO’s to have cyber security experts around departments to drive security decisions and mitigate risk, making decisions for themselves.
The QO View:
Attacks are significantly increasing, and risks are immense, so CCM envelops your business, wrapping around every touch point and every interface, supporting the expansion of the cyber security experts in businesses and helping them make the right decisions with real-time, accurate information, speeding the process and eliminating the danger touchpoints.
Trend No. 7: Beyond awareness
Last but not least of course is the impact of human error in Gartner’s report. Security awareness training has to evolve from the traditional, outdated, compliance-based training, to incorporate a more holistic approach to promote more secure ways of working in a secure environment.
The QO View:
Mitigating the risks that occur as a result of the human element by providing a broader holistic approach is certainly welcomed and is in line with Continuous Controls Monitoring which also forms part of the holistic approach to Cyber Security.
Our CCM Platform is fully automated meaning that the teams that were tasked with monitoring these controls, can be reprovisioned into other areas of security that will further strengthen your cyber environment. Furthermore, with Cyber Security leaders able to harness the power of how their metrics and controls are reporting, where the risks are, and where they are not, along with how they align to the business, really means that cyber truly becomes at the forefront of every employee’s mind.
QO Last View
Gartner’s 7 trends strengthen the need to increase your business’s continuous controls monitoring by implementing a CCM platform.
Speed, agility and real-time information have had a transformational result to businesses that have been progressive in their thinking on CCM.
Read more on our resources page http://www.www.quodorbis.com/resources/ to find out how CCM supports your security strategy for the future.