Security and risk management are reshaping the way organizations approach cybersecurity, and technology research firm Gartner has identified seven security and risk management trends to watch in 2019:
1. Risk Appetite Statements Will Be Linked to Business Outcomes.
A "risk appetite" statement can help a company evaluate its security posture, according to Gartner. The statement can be connected to a business' goals and decisions and help a company put security and risk management at the forefront of its day-to-day activities.
2. Security Operations Centers (SOCs) Will Prioritize Threat Detection and Response.
Many SOCs are adding incident response, threat intelligence and threat hunting capabilities. In doing so, SOCs can gain cybersecurity insights, consolidate security alerts and automate incident response.
3. Data Security Governance Frameworks Will Focus on Data Security Investments.
Data security governance frameworks help organizations classify data assets and define data security policies. Going forward, these frameworks could help organizations identify security vulnerabilities and optimize their data security investments.
4. Passwordless Authentication Will Become Increasingly Important.
Cybercriminals frequently target passwords. To combat this issue, organizations can invest in Touch ID and other passwordless technologies.
5. Security Product Vendors Will Add Skills and Training Services.
A cybersecurity skills crisis plagues global organizations. However, the number of security product vendors to offer cybersecurity skills and training services could increase in 2019, ensuring organizations are better equipped than ever before to address this problem.
6. Cloud Security Will Become Mainstream.
Organizations often use public cloud environments but lack the security skills and governance tools to safeguard these environments. As such, organizations may increase their cloud security investments to protect their public cloud environments against evolving cyber threats.
7. Organizations Will Adopt Gartner's Continuous Adaptive Risk and Trust Assessment (CARTA).
CARTA is a strategy designed to help organizations assess cyber risk. Meanwhile, CARTA could help organizations identify cyber risks and plan accordingly.
Gartner also will host five Security & Risk Management Summits this year at different locations worldwide. These events are designed to teach cybersecurity professionals about new security technologies and keep pace with a rapidly changing security landscape.