All Archives - Cyber Secure Forum | Forum Events Ltd

All

Financial sector subject to cyber attack ‘death by a million cuts’

 960 640 Stuart O'Brien
By:
0
0

BlackBerry’s Global Threat Intelligence Report states that threat actors focusing efforts on targeting high-value data held by the global financial sector, with one million attacks logged over the 120 day period.

This “death by a million cuts” is revealed to be using mainly commodity malware, which indicates a large number of independent actors targeting the industry in pursuit of financial gain. Critical infrastructure attacks, including those targeting government, financial, healthcare and communications industries, altogether accounted for 62 percent of industry-related attacks over the report period, September to December 2023.

The BlackBerry Threat Research and Intelligence team registered a 27 percent uptick in novel malware to 3.7 new malicious samples per minute prevented by its AI-powered cybersecurity solutions, compared to 2.9 per minute in the previous reporting period. Overall, BlackBerry claims its cybersecurity solutions stopped 31 attacks every minute, a 19 percent increase on the last reporting period.

“We’re consistently seeing increased volumes of attack in highly lucrative industries using novel malware,” said Ismael Valenzuela, Vice President of Threat Research and Intelligence at BlackBerry. “Novel malware typically indicates specific motivations from threat actors towards particular attack targets with intent to evade defences, which are often based on static signatures. We’ve reached a pivotal point where traditional detection methods alone are not enough to combat this increasingly complex problem. AI is already being weaponised by malicious entities, so it must equally be the dominant tool for detection and defence.”

Highlights from the latest BlackBerry Global Threat Intelligence Report include:

  • 62 percent of industry-related attacks targeted critical industries: Digitization and the prospect of debilitating national infrastructure attracted notorious gangs and Malware-as-a-Service (MaaS) groups who attempt to exploit security misconfigurations and vulnerabilities for varying motives.
  • Commercial enterprises also under attack: 33 percent of all threats targeted commercial enterprises (including retail, manufacturing, automotive and professional services), with the majority (53 percent) of those deploying information-stealing (Infostealer) malware with the aim of accessing highly sensitive data.
  • Rapid weaponization of CVEs by Threat Actors: Ransomware gangs observed taking advantage of new Zero Day vulnerabilities and mass mobilizing against potentially vulnerable targets, with zero-day exploits motivating profiteer groups.

Based on its data analysis, the BlackBerry Threat Intelligence and Research team predicts that 2024 will bring an increase in attacks targeting critical infrastructure and other profitable segments. VPN appliances will likely remain desirable targets for nation-state-level threat actors and it is anticipated that there will be a continued increase in supply chain cyberattacks targeting hardware and software vulnerabilities. Further, APAC will likely see an increase in attacks from China and North Korea, particularly financially-motivated attacks.

Photo by Jeffrey Blum on Unsplash

30% of increasing demand for APIs will come from AI and LLM

 960 640 Stuart O'Brien
By:
0
0

More than 30% of the increase in demand for application programming interfaces (APIs) will come from AI and tools using large language models (LLMs) by 2026, according to Gartner.

“With technology service providers (TSPs) leading the charge in GenAI adoption, the fallout will be widespread,” said Adrian Lee, VP Analyst at Gartner. “This includes increased demand on APIs for LLM- and GenAI-enabled solutions due to TSPs helping enterprise customers further along in their journey. This means that TSPs will have to move quicker than ever before to meet the demand.”

A Gartner survey of 459 TSPs conducted from October to December 2023 found that 83% of respondents reported they either have already deployed or are currently piloting generative AI (GenAI) within their organizations.

“Enterprise customers must determine the optimal ways GenAI can be added to offerings, such as by using third-party APIs or open-source model options. With TSPs leading the charge, they provide a natural connection between these enterprise customers and their needs for GenAI-enabled solutions.”

The survey found that half of TSPs will make strategic changes to extend their core product/service offerings to realize a whole product or end-to-end services solution.

With this in mind, Gartner predicts that by 2026 more than 80% of independent software vendors will have embedded GenAI capabilities in their enterprise applications, up from less than 5% today.

“Enterprise customers are at different levels of readiness and maturity in their adoption of GenAI, and TSPs have a transformational opportunity to provide the software and infrastructure capabilities, as well as the talent and expertise, to accelerate the journey,” said Lee.

Throughout the product life cycle, TSPs need to understand the limitations, risks and overhead before embedding GenAI capabilities into products and services. To achieve this, they should:

  • Document the use case and clearly define the value that users will experience by having GenAI as part of the product.
  • Determine the optimal ways GenAI can be added to offerings (such as by using third-party APIs or open-source model options) and consider how the costs of new features may affect pricing decisions.
  • Address users’ prompting experience by building optimizations to avoid user friction with steep learning curves.
    Review the different use-case-specific risks, such as inaccurate results, data privacy, secure conversations and IP infringement, by adding guardrails specific to each risk into the product.

Photo by Growtika on Unsplash

INTRUSION DETECTION MONTH: Standing Guard – Sourcing the best IDS solutions

 960 640 Stuart O'Brien
By:
0
0

CISOs (Chief Information Security Officers) across public and private sectors face a monumental challenge: safeguarding sensitive data and critical infrastructure. Intrusion Detection Systems (IDS) play a vital role in this fight, acting as digital sentinels that identify and alert security teams to potential cyberattacks. However, selecting the right IDS provider can be a complex task. Here are some top tips to help CISOs find the perfect partner, based on inout from attendees at the Cyber Secure Forum…

1. Define Your Needs & Threat Landscape:

Before seeking solutions, conduct a thorough assessment of your organisation’s unique security posture. Consider factors like:

  • Network Architecture: Understanding your network’s complexity and vulnerabilities is crucial. Are there cloud-based elements, on-premise servers, or a hybrid setup? An IDS needs to be compatible with your environment.
  • Data Sensitivity: The type of data you handle influences the level of protection required. Financial institutions or healthcare providers will have stricter data security requirements.
  • Threat Landscape: Identify the most common cyber threats relevant to your industry. This could range from phishing attempts to ransomware attacks or targeted malware deployments.

2. Expertise and Market Reputation:

Not all IDS providers are created equal. Look for established companies with a proven track record in the cybersecurity industry and a strong reputation for developing robust detection solutions. Seek providers with expertise in your specific industry’s cybersecurity needs.

3. Detection Capabilities:

Modern IDS solutions offer a range of capabilities. Evaluate vendors based on:

  • Signature-based Detection: This identifies known malware based on pre-defined patterns.
  • Anomaly Detection: This identifies suspicious activity that deviates from normal network behaviour.
  • Behavioural Analysis: Advanced systems can examine user behaviour patterns to identify potential insider threats.

4. Integration and Scalability:

Your chosen IDS solution should seamlessly integrate with your existing security infrastructure. Consider solutions that offer open-source or API integrations for compatibility with other security tools. Additionally, ensure the solution can scale alongside your organisation’s growing network and data volume.

5. Threat Intelligence and Response:

The best IDS goes beyond simply detecting threats. Look for providers that offer threat intelligence feeds to stay informed about emerging cyber threats. Does the solution offer automated responses to contain threats, such as blocking suspicious IP addresses or quarantining infected devices?

6. Deployment and Support:

Deployment complexity varies depending on the chosen solution. Evaluate the provider’s ability to support the implementation process. Do they offer on-site installation or remote configuration assistance? Additionally, reliable ongoing support is crucial. Look for providers offering technical support hotlines, access to knowledge bases, or even dedicated account managers.

7. Cost Considerations:

IDS solutions come with varying price structures. Consider factors like licensing fees, deployment costs, and ongoing maintenance charges. Some providers offer subscription-based models for budget flexibility.

8. Testing and Proof of Concept:

Before a full-scale deployment, consider requesting a proof-of-concept (POC) trial. This allows you to evaluate the IDS solution within your own network environment and assess its effectiveness against existing security protocols.

Bonus Tip:

Seek out independent reviews and industry analyst reports on potential IDS providers. These can provide valuable insights into the strengths and weaknesses of different solutions.

By following these top tips, CISOs can source the best Intrusion Detection Solutions providers. The right partner will equip you with a robust shield against cyber threats, ultimately improving your organisation’s overall cybersecurity posture and safeguarding valuable data.

Are you searching for Intrusion Detection solutions for your organisation? The Cyber Secure Forum can help!

Photo by Clint Patterson on Unsplash

Cyber Secure Forum: 50% of delegate places already allocated!

 960 640 Stuart O'Brien
By:
0
0

As a senior professional in the cyber security industry, we’d like to send you an exclusive invitation to a niche event we’re hosting this June: The Cyber Secure Forum.

We have a limit of 45 professionals who can attend, (over half have already been filled)!.

Some details below:

Cyber Secure Forum | Tuesday 25th June | 08:00-17:00 | London

Places are fully funded and include 1-2-1 meetings with suppliers, networking opportunities, lunch, refreshments throughout and educational seminars

Click Here To Register

If you’d like us to send further details, click here or view our website.

If you specialise in Phishing Detection we want to hear from you!

 960 640 Stuart O'Brien
By:
0
0

Each month on Cyber Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in April we’re focussing on Phishing Detection solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re an Phishing Detection solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Jenny Lane on j.lane@forumevents.co.uk.

Here’s our full features list:

Apr 2024 – Phishing Detection
May 2024 – Advanced Threat Dashboard
Jun 2024 – Browser/Web Security
July 2024 – Authentication
Aug 2024 – Penetration Testing
Sep 2024 – Vulnerability Management
Oct 2024 – Employee Security Awareness
Nov 2024 – Malware
Dec 2024 – Network Security Management
Jan 2025 – Anti Virus
Feb 2025 – Access Control
Mar 2025 – Intrusion Detection & Prevention

IT experts poll: Elon Musk is ‘wrong’ that no jobs will be needed in the future

 960 640 Stuart O'Brien
By:
0
0

Elon Musk’s claim that AI will make all human jobs irrelevant should not be taken seriously, according to a survey of tech experts conducted by BCS, The Chartered Institute for IT.

During an interview with UK Prime Minister Rishi Sunak for the AI Safety Summit last year, Musk said: ‘There will come a point where no job is needed — you can have a job if you wanted to have a job … personal satisfaction, but the AI will be able to do everything.’

But in a poll by BCS, The Chartered Institute for IT, 72% of tech professionals disagreed with Musk’s view that AI will render work unnecessary. Some 14% agreed (but only 5% ‘strongly’ agreed), with the rest unsure.

In comments, many IT experts said Musk’s statement was ‘hyperbole’ and suggested it was made to create headlines.

Those currently working in computing agreed that AI could replace a range of jobs, but would also create new roles, including oversight of AI decision making – known as ‘human in the loop’.

They also said that a number of jobs, for example hairdressing, were unlikely to be replaced by AI in the near future, despite advances in robotics.

BCS’ AI and Digital in Business Life survey also found AI would have the most immediate impact this year on customer services (for example chatbots replacing human advisers).

This was followed by information technology, then health and social care, then publishing and broadcasting, then education.

Leaders ranked their top business priorities as cyber security (69%), AI (58%) and business process automation (45%).

Only 8% of participants told BCS their organisation has enough resources to achieve their priorities.

Cyber attacks were most likely to keep IT managers awake at night in 2024 – this result has been consistent over the last 11 years of the survey.

Rashik Parmar MBE, Chief Executive of BCS, The Chartered Institute for IT said: “AI won’t make work meaningless – it will redefine what we see as meaningful work.

“Tech professionals are far more concerned about how ‘ordinary’ AI is affecting people’s lives today, for example, assessing us for credit and invitations to job interviews, or being used by bad actors to generate fake news and influence elections. The priority right now is to ensure AI works with us, rather than waiting for a Utopia.

“To build trust in this transformational technology, everyone working in a responsible AI role should be a registered professional meeting the highest standards of ethical conduct.”

The BCS poll was carried out with over 800 IT professionals, ranging from IT Directors and Chief Information Officers, to software developers, academics and engineers.

Photo by Arif Riyanto on Unsplash

INTRUSION DETECTION MONTH: Fortressing the Digital Realm from anomaly detection to predictive analytics

 960 640 Stuart O'Brien
By:
0
0

Chief Information Security Officers (CISOs) shoulder heavy responsibility for safeguarding sensitive data and critical infrastructure. Intrusion Detection Systems (IDS) and related services play a crucial role in this ongoing battle, acting as the frontline defence against cyberattacks. This article explores how CISOs in the UK are utilising these technologies and how intrusion detection strategies are likely to evolve in the future…

From Alarms to Advanced Analytics:

Traditional IDS relied on signature-based detection, raising an alert whenever a known malicious pattern was identified. However, modern approaches are becoming more sophisticated:

  • Anomaly Detection: These systems analyse network traffic for unusual patterns that deviate from established baselines, potentially indicating novel or zero-day attacks.
  • Machine Learning and Artificial Intelligence (AI): AI and machine learning algorithms continuously learn and adapt, identifying complex attack vectors and proactively mitigating threats.
  • Behavioral Analysis: By monitoring user activity and system behavior, these systems can detect suspicious actions that might indicate compromised accounts or insider threats.

Beyond the Perimeter: A Holistic Approach

Intrusion detection isn’t just about monitoring network traffic. UK CISOs are adopting a more holistic approach:

  • Endpoint Detection and Response (EDR): These tools go beyond network security, monitoring individual devices like laptops and servers for signs of compromise.
  • Security Information and Event Management (SIEM): SIEM platforms aggregate data from various security tools, providing a centralized view of potential threats and enabling faster incident response.
  • Cloud Security: As cloud adoption increases, robust intrusion detection tools are essential for protecting cloud-based data and infrastructure.

The Future of Intrusion Detection: Proactive and Collaborative

The future of intrusion detection in the UK is likely to be characterised by:

  • Predictive Analytics: Leveraging AI to predict potential attacks before they occur, allowing for preventative measures to be implemented.
  • Threat Intelligence Sharing: Collaboration between organisations and government agencies to share threat intelligence can help identify emerging attack vectors and strengthen collective defences.
  • Automation and Orchestration: Automating incident response procedures and the orchestration of security tools can streamline threat mitigation and minimize damage.

Investing in Expertise and Talent

Optimizing intrusion detection strategies requires:

  • Skilled Security Professionals: CISOs need a team of security analysts who understand how to interpret data, configure IDS tools, and respond effectively to security incidents.
  • Continuous Monitoring and Threat Hunting: Proactive threat hunting goes beyond passively waiting for alerts; it involves actively searching for vulnerabilities and potential threats within the network.
  • Staying Informed: CISOs must stay updated on the latest cyber threats and vulnerabilities to ensure their intrusion detection systems remain effective.

Intrusion detection remains a cornerstone of any robust cybersecurity strategy. By embracing advanced technologies, fostering collaboration, and investing in skilled personnel, CISOs can build a resilient defence against cyberattacks and safeguard their organisations’ valuable data and critical infrastructure.

Are you searching for Intrusion Detection solutions for your organisation? The Cyber Secure Forum can help!

Photo by Growtika on Unsplash

ACCESS CONTROL MONTH: Navigating the Maze – Sourcing trusted access control solutions for CIOs

 960 640 Guest Post
By:
0
0

Securing physical and digital access is paramount for any organisation. For Chief Information Officers (CIOs), the responsibility of selecting a trusted access control solutions provider carries significant weight. This article explores key approaches to guide CIOs in navigating the diverse landscape and finding the ideal partner…

1. Define Your Needs Clearly:

Start by conducting a thorough internal assessment. Identify your organisation’s specific needs and security requirements. This includes factors like the type of access control system needed (physical, logical, or both), compatibility with existing infrastructure, scalability to future needs, and integration capabilities with other security solutions.

2. Prioritise Expertise and Experience:

Look for established providers with a proven track record of success in implementing access control solutions in your industry. Investigate their experience with similar-sized organisations and their ability to address unique challenges specific to your sector.

3. Seek Industry Accreditation and Certifications:

Prioritise providers with industry-recognized accreditations and certifications. These demonstrate their commitment to security best practices and industry standards. Look for certifications relevant to the specific access control solutions you’re evaluating, such as ONVIF for video surveillance or UL 293 for life-safety applications.

4. Evaluate Technology Stack and Innovation:

Assess the provider’s technology stack and commitment to innovation. Choose a provider offering modern, secure, and future-proof solutions. Look for providers utilising cutting-edge technologies like biometrics, cloud-based access control, and mobile authentication to ensure your system remains robust and adaptable.

5. Prioritize Security and Data Privacy:

Security must be a top priority. Evaluate the provider’s security protocols, data encryption practices, and compliance with relevant data privacy regulations such as GDPR in the UK. Ensure they offer robust safeguards against cyberattacks and unauthorized access attempts.

6. Assess Scalability and Flexibility:

Your organisation’s security needs are likely to evolve over time. Choose a provider offering solutions that can scale and adapt to your future needs. This ensures you’re not locked into a rigid system that hinders growth or hinders integration with future technologies.

7. Request References and Case Studies:

Seek references from existing clients who operate within your industry or face similar challenges. This provides valuable insights into the provider’s implementation process, customer service approach, and ability to deliver on promises. Additionally, request case studies showcasing successful projects that align with your requirements.

8. Transparent Communication and Competitive Pricing:

Open communication throughout the selection process is crucial. Choose a provider that prioritizes clear, transparent communication and offers competitive pricing structures. Seek well-defined contracts outlining service level agreements (SLAs), performance metrics, and dispute resolution mechanisms.

9. Consider Long-Term Partnership:

Selecting an access control solutions provider is not just a one-time transaction; it’s the beginning of a long-term partnership. Choose a provider with a strong reputation for customer service, ongoing support, and a commitment to providing regular updates and security patches.

10. Conduct Due Diligence:

Before signing any contracts, conduct thorough due diligence. This includes reviewing the provider’s financial stability, legal history, and insurance policies. Ensure they meet your organisation’s risk management and financial criteria.

By diligently following these approaches, CIOs can confidently navigate the selection process and source trusted access control solutions providers. Choosing the right partner will ensure the implementation of a robust and secure access control system, safeguarding your organisation’s physical and digital assets, and enabling a strong foundation for future growth.

Are you searching for Access Control solutions for your organisation? The Cyber Secure Forum can help!

Photo by Onur Binay on Unsplash

Is defensive AI the key to guarding against emerging cyber threats?

 960 640 Stuart O'Brien
By:
0
0

Google’s recent announcement of an artificial intelligence (AI) Cyber Defense Initiative to enhance global cybersecurity underscores the importance of defending against increasingly sophisticated and pervasive cyber threats.

And according to analysts at GlobalData, AI will play a pivotal role in collecting, processing, and neutralising threats, transforming the way organisations combat cyber risks.

Looking at AI cyber threat detection technology through the lens of innovation using GlobalData’s Technology Foresights tool reveals some compelling insights. Patent filings have surged from 387 in 2018 to 1,098 in 2023, highlighting a robust growth trajectory in AI-driven security solutions. Furthermore, the entry of 53 new companies in 2023, for a total of 239, showcases the expanding interest and investment in this critical area of technology.

Vaibhav Gundre, Project Manager of Disruptive Tech at GlobalData, said: “The ability of AI to improve threat identification, streamline the management of vulnerabilities, and enhance the efficiency of incident responses is key in addressing the continuous evolution of cyber threats. The rapid progression in the field of defensive AI is underscored by a 13% compound annual growth rate in patent applications over the last three years, reflecting a strong commitment to innovation. This trend is also indicative of the recognized importance of having formidable cyber defense systems in place, signifying substantial research and development activities aimed at overcoming new cyber threats.”

An analysis of GlobalData’s Disruptor Intelligence Center highlights the partnership between AIShield and DEKRA as a notable collaboration aimed at enhancing the security of AI models and systems. Through advanced training, assessment, and protection strategies, the partnership seeks to bolster cyber resilience across industries and foster trust in AI technologies.

Similarly, Darktrace’s collaboration with Cyware exemplifies a proactive approach to cybersecurity. By facilitating collaboration among security teams and sharing threat intelligence, the partnership enables organizations to mitigate risks and respond effectively to emerging cyber threats.

AI cyber threat detection finds application across diverse use cases, including threat detection in security cameras, real-time malware detection, network threat detection, anomaly detection in critical infrastructure, fraud prevention, and AI-powered surveillance systems.

Gundre concluded: “As organizations harness the power of AI cyber threat detection, they must also confront significant challenges. The rapid evolution of cyber threats, coupled with the complexity of regulatory landscapes, underscores the need for continuous innovation and collaboration. While patents and partnerships lay the foundation for robust cyber defense strategies, addressing these challenges will require a concerted effort from industry stakeholders. By staying vigilant and embracing a proactive approach, organizations can navigate the evolving cybersecurity landscape with confidence, safeguarding critical assets and preserving digital trust.”

Photo by Mitchell Luo on Unsplash

Are these the top cybersecurity trends for 2024?

 960 640 Stuart O'Brien
By:
0
0

Generative AI (GenAI), unsecure employee behaviour, third-party risks, continuous threat exposure, boardroom communication gaps and identity-first approaches to security are the driving forces behind the top cybersecurity trends for 2024, according to Gartner.

“GenAI is occupying significant headspace of security leaders as another challenge to manage, but also offers an opportunity to harness its capabilities to augment security at an operational level,” said Richard Addiscott, Senior Director Analyst at Gartner. “Despite GenAI’s inescapable force, leaders also continue to contend with other external factors outside their control they shouldn’t ignore this year.”

2024 will see security leaders respond to the combined impact of these forces by adopting a range of practices, technical capabilities and structural reforms within their security programs, with a view to improving organizational resilience and the cybersecurity function’s performance.

The following six trends will have broad impact across these areas:

Trend 1: Generative AI – Short-term Skepticism, Longer-Term Hope
Security leaders need to prepare for the swift evolution of GenAI, as large language model (LLM) applications like ChatGPT and Gemini are only the start of its disruption. Simultaneously, these leaders are inundated with promises of productivity increases, skills gap reductions and other new benefits for cybersecurity. Gartner recommends using GenAI through proactive collaboration with business stakeholders to support the foundations for the ethical, safe and secure use of this disruptive technology.

“It’s important to recognize that this is only the beginning of GenAI’s evolution, with many of the demos we’ve seen in security operations and application security showing real promise,” said Addiscott. “There’s solid long-term hope for the technology, but right now we’re more likely to experience prompt fatigue than two-digit productivity growth. Things will improve, so encourage experiments and manage expectations, especially outside of the security team.”

Trend 2: Cybersecurity Outcome-Driven Metrics: Bridging Boardroom Communication Gap
The frequency and negative impact of cybersecurity incidents on organizations continues to rise, undermining the confidence of the board and executives in their cybersecurity strategies. Outcome-driven metrics (ODMs) are increasingly being adopted to enable stakeholders to draw a straight line between cybersecurity investment and the delivered protection levels it generates.

According to Gartner, ODMs are central to creating a defensible cybersecurity investment strategy, reflecting agreed protection levels with powerful properties, and in simple language that is explainable to non-IT executives. This provides a credible and defensible expression of risk appetite that supports direct investment to change protection levels.

Trend 3: Security Behavior and Culture Programs Gain Increasing Traction to Reduce Human Risks
Security leaders recognize that shifting focus from increasing awareness to fostering behavioral change will help reduce cybersecurity risks. By 2027, 50% of large enterprise CISOs will have adopted human-centric security design practices to minimize cybersecurity-induced friction and maximize control adoption. Security behavior and culture programs (SBCPs) encapsulate an enterprisewide approach to minimizing cybersecurity incidents associated with employee behavior.

“Organizations using SBCPs have experienced better employee adoption of security controls; reductions in unsecure behavior and increases in speed and agility,” said Addiscott. “It also leads to a more effective use of cybersecurity resources as employees become competent at making independent cyber risk decisions.”

Trend 4: Resilience-Driven, Resource-Efficient Third-Party Cybersecurity Risk Management
The inevitability of third parties experiencing cybersecurity incidents is pressuring security leaders to focus more on resilience-oriented investments and move away from front loaded due diligence activities. Gartner recommends security leaders enhance risk management of third-party services and establish mutually beneficial relationships with important external partners, to ensure their most valuable assets are continuously safeguarded.

“Start by strengthening contingency plans for third-party engagements that pose the highest cybersecurity risk,” said Addiscott. ”Create third-party-specific incident playbooks, conduct tabletop exercises and define a clear offboarding strategy involving, for example, timely revocation of access and destruction of data.”

Trend 5: Continuous Threat Exposure Management Programs Gain Momentum
Continuous threat exposure management (CTEM) is a pragmatic and systemic approach organizations can use to continually evaluate the accessibility, exposure and exploitability of digital and physical assets. Aligning assessment and remediation scopes with threat vectors or business projects rather than an infrastructure component, highlights vulnerabilities and unpatchable threats.

By 2026, Gartner predicts that organizations prioritizing their security investments based on a CTEM program will realize a two-thirds reduction in breaches. Security leaders must continuously monitor hybrid digital environments to enable early identification and optimal prioritization of vulnerabilities to help maintain a hardened organizational attack surface.

Trend 6: Extending the Role of Identity & Access Management (IAM) to Improve Cybersecurity Outcomes
As more organization’s move to an identity-first approach to security, the focus shifts from network security and other traditional controls to IAM, making it critical to cybersecurity and business outcomes. While Gartner sees an increased role for IAM in security programs, practices must evolve to focus more on fundamental hygiene and hardening of systems to improve resilience.

Gartner recommends security leaders focus on strengthening and leveraging their identity fabric and leverage identity threat detection and response to ensure IAM capabilities are best positioned to support the breadth of the overall security program.

Photo by Markus Spiske on Unsplash