It’s a risky world out there. To help you and your customers build your security strategies, the market researchers at Gartner recently made 8 cybersec predictions. Unless noted otherwise, all are for the year 2025:
Prediction 1: Through 2023, government regulations requiring organizations to provide consumer privacy rights will cover 5 billion citizens and more than 70% of global GDP.
As recently as 2021, nearly 3 billion people worldwide had access to consumer-privacy protection in 50 countries. Such privacy regulation is forecast to expand.
Prediction 2: 80% of enterprises will adopt a strategy to unify web, cloud services and private application access from a single vendor’s security service edge (SSE) platform.
SSE solutions deliver consistent and simple web, private access and SaaS application security; that’s gained importance as so many people continue to work from home. Compared with best-of-breed packages, single-vendor solutions offer tighter integration, fewer consoles and fewer locations where data must be decrypted, Gartner says.
Prediction 3: 60% of organizations will embrace Zero Trust as a starting point for security. Unfortunately, more than half will fail to realize the benefits. That’s because adopting Zero Trust requires a cultural shift and clear communications — two moves that, particularly for large organizations, can be tough to make.
Prediction 4: 60% of organizations will use cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements.
Right now, fewer than 1 in 4 organizations monitor their third-party suppliers in real time for cybersecurity exposure, Gartner says. That needs to change. More organizations will mandate cybersec controls as part of their normal way of doing business with third parties.
Prediction 5: Up to 30% of nation states will pass legislation to regulate ransomware payments, fines and negotiations. That will be up from the fewer than 1% that had such laws in 2021.
Whether to pay a ransom should be a business decision, not a tech one, Gartner says. If you or your customer are the subject of a ransomware attack, the firm recommends that you get help from a professional incident-response team, law-enforcement agency and, if appropriate, regulatory body. And do so before you negotiate with the criminals.
Prediction 6: Threat actors will weaponize operational technology (OT) environments to cause human casualties.
Attacks are mounting on OT — tech that monitors and controls equipment, assets and business processes. Sure, the loss of information can be serious. But far more serious, Gartner warns, are the possible harms to humans and the environment.
Prediction 7: 70% of CEOs will mandate a culture of organizational resilience to survive coinciding threats from cybercrime, severe weather events, civil unrest and political instabilities. Gartner recommends that risk leaders elevate operational resilience to a strategic imperative. That includes building an organizational resilience strategy that involves employees, customers, suppliers and other stakeholders.
Prediction 8: By 2026, half of C-level executives will have employment contracts with built-in performance requirements related to risk.
Boards increasingly see cybersecurity as a business risk, not just a tech issue. For this reason, accountability for cybersec will shift from cybersecurity execs to senior business leaders.
Need to enhance your cybersecurity skills? Here are a few of the many security-related training courses now available to you on Intel Partner University:
The training courses on Intel Partner University are free to all members of Intel Partner Alliance. Not yet a member? Learn more about the benefits and register to join now.