April 19, 2023
April 19, 2023
Contributor: Lori Perri
Identify and understand how they will impact your enterprise strategies in 2023 and beyond.
Threat Exposure Management
Identity Fabric Immunity
Cybersecurity Validation
Cybersecurity Platform Consolidation
Security Operating Model Transformation
Composable Security
Human-Centric Security Design
Enhancing People Management
Increasing Board Oversight
“The renewed focus on the human element continues to grow among this year’s top cybersecurity trends,” says Gartner Senior Director Analyst Richard Addiscott.“Security and risk management leaders must rethink their balance of investments across technology, structural and human-centric elements as they design and implement their cybersecurity programs.”
We expect these trends to impact enterprise strategies by enabling organizations to address four key priorities:
Creating responsive ecosystems that improve organizational readiness
Restructuring approach points to solutions and
[greater attack coverage](/en/articles/8-ways-you-could-be-inviting-a-cybersecurity-attack)
Rebalancing practices to focus on people, process and technology
These trends move forward risk resolution efforts by applying a continuous approach to
[threat management](/en/articles/3-ways-cybersecurity-leaders-can-prepare-for-a-breach) and cybersecurity validation.They help improve detection and response capabilities, and build more [digitally immune identity ecosystems](/en/articles/what-is-a-digital-immune-system-and-why-does-it-matter).
Threat exposure management is a pragmatic, effective and systemic approach to continuously refine cybersecurity optimization priorities.Practices evolve in order to better understand their combined exposure to threats and address gaps in their posture.
Identity fabric immunity applies the concept of digital immune systems to identity systems.The main goal is, with balanced investments in prevention and in detection and response, to minimize defects and failures, for protection before and during attacks.
Learn More:
[Everything You Need to Know About Cybersecurity](/en/topics/cybersecurity)
These trends balance the need for operational simplicity with other platforms, and provide solutions to cover more of their expanding attack surface.
Cybersecurity platform consolidation decreases complexity, simplifies operations and makes employees more efficient.Organizations are using fewer vendors and are benefiting from improved staff efficiency and integration, and more features from fewer products.
Security operating model transformation distributes technology and analytical work to expand the volume, variety and velocity of cybersecurity risk decision making and accelerate business outcomes.
These trends support the need for balance between people, process and technology, in order to successfully reduce
[cybersecurity](/en/articles/7-top-trends-in-cybersecurity-for-2022) risk.
Human-centric security design prioritizes the role of
[employee experience](/en/articles/employees-seek-personal-value-and-purpose-at-work-be-prepared-to-deliver) — rather than technical considerations alone — across the controls management life cycle.Drawing upon the behavioral sciences, user-experience (UX) and related disciplines, it helps minimize unsecure employee behavior.
Enhancing people management shifts focus to human-centric talent management tactics to attract and retain talent.When Chief Information Security Officers (CISOs) do this, they see functional and technical maturity improvements.
[Richard Addiscott](/en/experts/richard-addiscott) is a Senior Director Analyst with Gartner, where he works with information and cybersecurity leaders, covering topics focused on improving security risk management maturity and outcomes, optimizing organizational security risk postures, and demonstrating clear alignment between security and strategic business outcomes.
Join your peers for the unveiling of the latest insights at Gartner conferences.
Recommended resources for Gartner clients*:
Top Trends in Cybersecurity 2023
Cyber Risk Primer for 2023
*Note that some documents may not be available to all Gartner clients..
