The shortage of technical security staff, the rapid migration to cloud computing, regulatory compliance requirements and the unrelenting evolution of threats continue to be the most significant ongoing major security challenges.
However, responding to COVID-19 remains the biggest challenge for most security organizations in 2020.
“The pandemic, and its resulting changes to the business world, accelerated digitalization of business processes, endpoint mobility and the expansion of cloud computing in most organizations, revealing legacy thinking and technologies,” says Peter Firstbrook, VP Analyst, Gartner.
COVID-19 refocused security teams on the value of cloud delivered security and operational tools that don’t require a LAN connection to function, reviewing remote access policies and tools, migration to cloud data centers and SaaS applications, and securing new digitization efforts to minimize person-to-person interactions.
Gartner has identified nine annual top trends that are the response by leading organizations to these longer-term external trends. These top trends highlight strategic shifts in the security ecosystem that aren’t yet widely recognized, but are expected to have broad industry impact and significant potential for disruption.
Trend No. 1: Extended detection and response capabilities emerge to improve accuracy and productivity
Extended detection and response (XDR) solutions are emerging that automatically collect and correlate data from multiple security products to improve threat detection and provide an incident response capability. For example, an attack that caused alerts on email, endpoint and network can be combined into a single incident. The primary goals of an XDR solution are to increase detection accuracy and improve security operations efficiency and productivity.
“Centralization and normalization of data also helps improve detection by combining softer signals from more components to detect events that might otherwise be ignored,” says Firstbrook.
Trend No. 2: Security process automation emerges to eliminate repetitive tasks
The shortage of skilled security practitioners and the availability of automation within security tools have driven the use of more security process automation. This technology automates computer-centric security operations tasks based on predefined rules and templates.
Automated security tasks can be performed much faster, in a scalable way and with fewer errors. However, there are diminishing returns to building and maintaining automation. SRM leaders must invest in automation projects that help to eliminate repetitive tasks that consume a lot of time, leaving more time to focus on more critical security functions.
Trend No. 3: AI creates new security responsibilities for protecting digital business initiatives
AI, and especially machine learning (ML), continues to automate and augment human decision making across a broad set of use cases in security and digital business. However, these technologies require security expertise to address three key challenges: Protect AI-powered digital business systems, leverage AI with packaged security products to enhance security defense and anticipate nefarious use of AI by attackers.