Gartner® Predicts Cybersecurity: 4 Insights & Recommendations for 2022 and Beyond

Security and risk leaders have already faced significant challenges in 2022. What else do they need to prioritize?

The latest report from Gartner®-” Gartner Predicts 2022: Cybersecurity Leaders Are Losing Control in a Distributed Ecosystem “-outlines several key areas that leaders need to pay close attention to if they want to create more resilient, trusted programs.

Four key themes in this report resonate strongly with me, as they align with conversations we’re having on a daily basis:

1. The Cybersecurity Leader’s Role is Changing

Executive bonus goals tied to cybersecurity? It’s happening now, and will only increase. Gartner predicts that, “by 2026, at least 50 percent of C-Level executives will have performance requirements related to cybersecurity risk built into their employment contracts.” This change will force security leaders and executive teams to come together-but how can security leaders strengthen the trust relationship with the C-suite?

2. Succeeding in a Transparent World

Cybersecurity is becoming a critical factor in B2B relationships. In fact, Gartner predicts “by 2025, 60 percent of organizations will use cyber risk as a significant determinant in conducting third-party transactions and business engagements.” In an environment like this, security can’t hide anymore. Gartner warns companies that “you can no longer expect to keep the failures and successes of your cybersecurity function a secret” and that they will need to quickly adapt if they expect to stay ahead of the competition. The broader trend towards transparency means that security leaders need to be able to confidently share information about the performance of their programs with vendors, partners, and other stakeholders.

3. Improving Your Third-Party Program

A few interesting statistics about third-parties caught my eye in this report. “According to the latest data from Gartner’s IT Score for the Security and Risk Management (SRM), only 23 percent of SRM leaders actually monitor their third parties in real time for cybersecurity exposure.” The report provides several insights on how to improve and implement a successful third-party program.

4. Stop Struggling with Cyber Risk Quantification (CRQ)

CRQ-or presenting cyber risk in terms of financial dollars- is relatively new to the cybersecurity scene, and a lot of organizations aren’t quite sure as to the best way to integrate it into their strategies. Several insights from this report reflect some of these early-stage hesitations. As Gartner highlights, CRQ adopters find its value in prioritizing cyber risks and improving communications with risk owners, executive management, and boards.

Download the Report

I strongly encourage any cybersecurity leader to download their complimentary report from Gartner to learn key findings, market implications, and recommendations. If any of these statistics stand out to you in particular, I encourage you to reach out to me on LinkedIn.

Gartner, Predicts 2022: Cybersecurity Leaders Are Losing Control in a Distributed Ecosystem, Sam Olyaei, Claude Mandy, Christine Lee, Richard Addiscott, Tom Scholtz, Deepti Gopal, 24 January 2022 GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

Originally published at https://www.bitsight.com on March 30, 2022.

--

--

--

BitSight transforms how organizations manage cyber risk. BitSight Security Ratings help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Michael Katz

Michael Katz

More from Medium

Zero Trust: A new data security paradigm

a graphic of a padlock with 1’s and 0’s passing through the lock

Risk Management: A Digital Security Essential

Organizational Cybersecurity Awareness Training ‘as-a-service’