The top cybersecurity trends for 2024 will be driven by generative artificial intelligence (GenAI), identity-first security methods, boardroom communication gaps, continuous threat exposure, third-party risks, and insecure employee behavior, according to Gartner.
“GenAI is occupying significant headspace of security leaders as another challenge to manage, but also offers an opportunity to harness its capabilities to augment security at an operational level,” said Richard Addiscott, Senior Director Analyst at Gartner. “Despite GenAI’s inescapable force, leaders also continue to contend with other external factors outside their control they shouldn’t ignore this year.”
The six trends that follow will have a significant influence on all of these areas:
Cybersecurity Trend 1: Generative AI – Short-term Skepticism, Longer-Term Hope
Large language model (LLM) applications like ChatGPT and Gemini are only the beginning of how disruptive GenAI will become, therefore security executives need to be ready for this rapid shift. These executives are being deluged with claims of increased productivity, closed skill gaps, and other novel cybersecurity advantages at the same time. According to Gartner, the best way to enable the ethical, secure, and safe use of this disruptive technology is to deploy GenAI in proactive engagement with business stakeholders.
“It’s important to recognize that this is only the beginning of GenAI’s evolution, with many of the demos we’ve seen in security operations and application security showing real promise,” said Mr. Addiscott. “There’s solid long-term hope for the technology, but right now we’re more likely to experience prompt fatigue than two-digit productivity growth. Things will improve, so encourage experiments and manage expectations, especially outside of the security team.”
Cybersecurity Trend 2: Outcome-Driven Metrics – Bridging Boardroom Communication Gap
The increasing frequency and detrimental effects of cybersecurity events on enterprises are eroding the trust that executives and the board have in their cybersecurity plans. In order to allow stakeholders to plot the direct correlation between cybersecurity investment and the supplied protection levels it produces, outcome-driven metrics, or ODMs, are becoming more and more popular.
ODMs are essential to developing a convincing cybersecurity investment plan, according to Gartner, as they represent agreed-upon protection levels with potent attributes and communicate them in terms that non-IT executives can understand. This offers a believable and convincing representation of risk appetite that encourages direct investment to alter protection levels.
Cybersecurity Trend 3: Security Behavior and Culture Programs Gain Increasing Traction to Reduce Human Risks
Security executives understand that promoting behavioral change rather than just raising awareness can help lower cybersecurity threats. According to Gartner, 50% of CISOs in big enterprises will have used human-centric security design techniques by 2027 in order to reduce friction caused by cybersecurity and increase adoption of controls. Programs for security behavior and culture (SBCPs) are an enterprise-wide strategy for reducing cybersecurity incidents linked to employee behavior.
“Organizations using SBCPs have experienced better employee adoption of security controls; reductions in unsecure behavior and increases in speed and agility,” said Mr. Addiscott. “It also leads to a more effective use of cybersecurity resources as employees become competent at making independent cyber risk decisions.”
Cybersecurity Trend 4: Resilience-Driven, Resource-Efficient Third-Party Cybersecurity Risk Management
Security executives are under pressure to shift their attention from front-loaded due diligence operations to resilience-oriented investments as a result of the inevitable occurrence of cybersecurity events involving third parties, according to Gartner. To make sure their most precious assets are always protected, Gartner advises security executives to improve risk management of third-party services and build advantageous partnerships with significant external partners.
“Start by strengthening contingency plans for third-party engagements that pose the highest cybersecurity risk,” said Mr. Addiscott. “Create third-party-specific incident playbooks, conduct tabletop exercises and define a clear offboarding strategy involving, for example, timely revocation of access and destruction of data.”
Cybersecurity Trend 5: Continuous Threat Exposure Management Programs Gain Momentum
Organizations may continuously assess the accessibility, exposure, and exploitability of digital and physical assets by using Continuous Threat Exposure Management (CTEM), a practical and comprehensive method. Vulnerabilities and unpatched threats are brought to light when assessment and remediation scopes are aligned with business initiatives or threat vectors rather than an infrastructure component.
According to Gartner, companies that prioritize security spending via a CTEM program could see a two-thirds decrease in security breaches by 2026. To support early vulnerability detection and appropriate prioritization and to assist maintain a hardened corporate attack surface, security executives must regularly monitor hybrid digital environments.
Cybersecurity Trend 6: Extending the Role of Identity & Access Management (IAM) to Improve Cybersecurity Outcomes
IAM (Identity Access Management) becomes more important to cybersecurity and business results as more organizations adopt an identity-first approach to security, shifting the emphasis away from network security and other conventional controls. Although Gartner predicts that IAM will play a bigger part in security programs, procedures need to change so that they put more of an emphasis on basic hygiene and system hardening in order to boost resilience.
Gartner advises security professionals to make sure IAM capabilities are best positioned to support the scope of the entire security program by concentrating on bolstering and using their identity fabric as well as utilizing identity threat detection and response.
