Gartner Report: 2021 Top Risk Trends

On March 23rd and 24th, Gartner hosted their annual Security & Risk Management Summit. They addressed several of the top security trends businesses will see in the upcoming year. As COVID-19 has dramatically accelerated the digital transformation of businesses globally, it has also shed light on new cybersecurity challenges.

During the virtual summit, Research Vice President, Peter Firstbrook, identified 8 of the top trends Gartner has classified to have the most significant impact and disruption in the coming year. Firstbrook said “the first challenge is a skills gap. 80% of organizations tell us they have a hard time finding and hiring security professionals and 71% say it’s impacting their ability to deliver security projects within their organizations.”

Additionally, the top 8 trends he identified are summarized below.

Cybersecurity Mesh: This is a modern security approach that deploys controls where they are most needed. Instead of running security tools in silos, the mesh enables tools to run simultaneously for better management.  

Identity-First Security: Due to company culture and remote work shifts, identity-first is going to be a big trend in 2021. This practice puts identity at the center of security design.

Support for Remote Work is Here to Stay: As seen over the past year, businesses are more than capable of operating and succeeding remotely. As many organizations adopt more flexible remote work policies, cybersecurity updates and tools will need to follow suit.

Cyber-Savvy Board of Directors: According to Gartner research, by 2025, 40% of boards of directors will have a dedicated cybersecurity committee. Enterprises of all sizes are ranking security as a top priority.

Security Vendor Consolidation: 78% of CISOs have 16 or more tools in their cybersecurity vendor portfolio. This year, Gartner predicts that organizations will be consolidating the number of security vendors they work with to decrease complexity and cost.

Privacy-Enhancing Computation: Privacy-enhancing computation protects data and enables protected business processing, sharing, and transfers even in untrusted environments. By 2025, 50% of large organizations will have adopted privacy-enhancing computation for processing information.

Breach and Attack Simulation: Breach and attack simulation (BAS) tools provide insight into an organization’s security landscape by providing annual assessments like penetration testing. With the dramatic increase of online crime over the past year, more organizations will be implementing BAS tools.

Managing Machine Identities: Machine identity management establishes trust in the identity of the machine interacting with other devices and is becoming a vital part of an organization’s security strategy.