National Harbor, Md., June 7, 2022
We are bringing you news and highlights from the Gartner Security & Risk Management Summit, taking place this week in National Harbor, Maryland. Below is a collection of the key announcements and insights coming out of the conference.
On Day 1 from the conference, we are highlighting the opening keynote presentation on the evolution of cybersecurity, as well as sessions on cloud security and the artificial intelligence attack surface. Be sure to check this page throughout the day for updates.
Gartner Opening Keynote: Cybersecurity 2032: Accelerating the Evolution of Cybersecurity
Presented by Andrew Walls, Distinguished VP Analyst at Gartner and Katell Thielemann, VP Analyst at Gartner
As accountability for cyber risk shifts outside IT and an increasingly distributed ecosystem leads to a loss of direct decision-making control, the role of the cybersecurity leader will evolve. In this session, Andrew Walls, Distinguished VP Analyst at Gartner and Katell Thielemann, VP Analyst at Gartner identified the threats, vulnerabilities and risks that organizations will face through this evolution.
- “Cybersecurity leaders and teams will need to evolve faster than ever before.”
- “To become a sustainable leader with sustainable teams, you will need to surround yourself with the people who complement (your) weaknesses.”
- “Far too often a failure to communicate leads to significant system disruption and, in some cases, catastrophic career disruption for the CISO.”
- “A strategy of bringing business into cybersecurity decisions produces better resilience, and more willing collaboration between business users and the office of the CISO.”
- “The realization that successful attacks are inevitable helps business leaders understand that improvement is not just about technical security, but the business itself has to be part of the security strategy.”
- Gartner predicts that by 2035, 90% of detection and 60% of response to cyberattacks will be handled by AI. “The volume and speed of attacks will grow by multiple orders of magnitude. AIs will classify those attacks and only raise an alert when a predefined threshold is reached, allowing the cybersecurity team to focus on the attacks that matter.”
- “We have to shift to a predictive model, not simply as a matter of best practice but as a matter of career resilience and preserving our mental and physical wellbeing.”
Learn more from the Gartner Opening Keynote in the associated Gartner press release.
Outlook for Cloud Security
Presented by Charlie Winckless, Senior Director Analyst, Gartner
Cloud security remains a top priority, but there are many unique risks associated with public cloud service providers. In this session, Charlie Winckless, Senior Director Analyst at Gartner, summarized the problems, recommended processes and new product types to address the key security challenges of infrastructure-as-a-service (IaaS) and software-as-a-service (SaaS).
- “Many organizations started leveraging traditional security products in the cloud in the early cloud adoption phase. This approach can work in the short term, but as application and DevOps teams adopt cloud-native services, traditional security products are not able to address these use cases.”
- “Cloud-native security needs to address runtime protection, cloud configuration, artifact scanning and DevSecOps enablement.”
- “Born in the cloud enterprises and their security investments can be a guide to the future state of security.”
- “Align security with the underlying architecture and business criticality. One size does not fit all.”
- “Cloud security capabilities are likely newer and more versatile, so apply these to your on-premises systems where suitable.”
- “Looking ahead on the horizon of cloud security, new technologies and trends that may emerge include cloud providers becoming security providers, security or policy as code, data and cloud sovereignty, confidential computing and more.”
Watch this space for more updates throughout the day.