Experts from the analytical company Gartner presented their cybersecurity forecasts for organizations for the next few years.
According to experts, company management should take these trends into account when planning their strategies for the next two years.
Richard Addiscott
You might also be interested in: Ed Cabrera of Trend Micro Shares His Vision of Cyber Warfare.
What, according to Gartner, should be expected in the field of cybersecurity in the next few years?
1. Consumer Empowerment
Legislation in the field of personal data protection will expand and cover 5 billion people – more than 70% of the total population of the Earth. Organizations should monitor subject rights request metrics, including request cost and execution time, to identify inefficiencies and justify accelerated automation.
2. By 2025, 80% of enterprises will have a strategy for unified access to the Web, cloud services and private applications
With the spread of hybrid work, vendors began to offer integrated services to ensure the security of web and cloud applications. They have the advantage of tighter integration, fewer consoles in use, and fewer places where data needs to be decrypted, verified, and re-encrypted.
3. Many organizations will adopt a zero trust policy, but not everyone will see the benefits
By 2025, 60% of organizations will try to implement a zero trust policy, according to which there is no traditional “perimeter” of corporate networks, and every device and every user must be monitored and regularly re-authorized. However, not everyone will benefit from this approach.
Replacing implicit trust with identification mechanisms is highly effective, but requires cultural change and clear communication that links it to business results. Therefore, not all companies that have tried to implement a zero-trust policy will succeed.
4. Cyber security will be a key criterion when choosing business partners
By 2025, 60% of organizations will use cyber risk as a deciding factor in their transactions with third parties. According to Gartner, only 23% of organizations currently monitor third parties for leaks in real time. However, under pressure from customers and legislation, they will begin to insist on
a cyber risk assessment.
5. Expansion of ransomware legislation
Currently, the law says little about when companies can or cannot pay ransom. However, this will change soon, Gartner believes, and one in three countries will pass the relevant laws.
6. Hackers will start using operational technology environments to harm people
Attacks on OT (hardware and software for monitoring and managing equipment, assets and processes in industrial enterprises) are becoming more common and destructive. By 2025, attackers will start using OT environments not to steal data, but to physically harm people.
7. Resilience will not only be about cybersecurity
By 2025, 70% of company leaders will promote a culture of organizational resilience to withstand cybercrime, natural disasters, civil unrest, and political instability.
8. Cybersecurity will fall on the shoulders of CEOs
By 2026, 50% of companies will have cyber risk-related performance requirements in their senior management contracts. As boards of directors increasingly see cybersecurity as a business risk rather than just a technical issue, responsibility for cyber risk will shift from chief security officers to senior management.
