CONFIDENTIAL AND PROPRIETARYThis presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner audience or other intended recipients. This presentation may contain information that is confidential, proprietary or otherwise legally protected, and it may not be further copied, distributed or publicly displayed without the express written permission of Gartner, Inc. or its affiliates. © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Gartner Essentials: Top Cybersecurity Trends for 2016 — 2017
Carsten Casper
Gartner Briefing
28 Apr 2016 | Vienna, Austria
1 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Security for the Next Generation of Threat
� A pervasive digital presence is expanding into business, industryand society
� Once networked, this digital presence substantively alters riskfor digital businesses
� Digital security is the next evolution in cybersecurityto protect this pervasive digital presence
2 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Security Macro Trends You Face in the Ageof the Pervasive Digital Presence� Risk and Resilience Seek Balance
� Security Disciplines Converge
� Secure Digital Supply Chain Needs Grow
� Security Skills Options Expand
� Adaptive Security Architecture Embraced
� Security Infrastructure Adapts
� Data Security Governance Arrives
� Digital Business Drives Digital Security
3 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Risk and Resilience Seek Balance
4 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Security Moves to an Embedded State in the Organization
� Governance
� Compliance
� Control
� Protection
� Reliability
� Speed
� Assurance
� Transparency
RISK RESILIENCE
PrivacySafety
ValueCost
5 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Security Principles for Trust and Resilience
Business Outcomes
Risk-Based
Data Flow
Facilitator
Detect and Respond
Principle of Trust and Resilience
People-Centric
6 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
People-Centric Security Continues to Be Embraced
Acc
ount
abili
ty
Res
pons
ibili
ty
Imm
edia
cy
Aut
onom
y
Pro
port
iona
lity
Com
mun
ity
Tran
spar
ency
Educate
Monitor
Rights Responsibilities
7 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Take-Aways for Risk and Resilience Balance
� Revisit the security organizational structure to ensure it reflects current mission
� Revise the methods used to calculate IT risk to incorporate new variables and factors
� Develop fast-track methods of addressing security requirements
� Refine the security communication and education process to emphasize agility
8 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Security Disciplines Converge
9 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Digital Security for the Pervasive Digital Presence
Defense
Offense
Reactive
Proactive
IoT Security
Information Security
IT Security
OTSecurity
PhysicalSecurity
You Are Here
Digital Security
10 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
"Digital Safety" Becomes a New Force and Responsibility
The CIAS Model of Digital Security
Integrity
Data
People
Environments
Confidentiality
Availability
Safety
Graphics: Can Stock Photo
11 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Take-Aways for Security Convergence
� Establish security governance and planning relationships with physical and industrial counterparts
� Improve cross-discipline procurement methods for security requirements
� Modify security architecture to include additional layers where required
� Investigate changes in security management and operations that may be required to accommodate convergence
12 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Secure Digital Supply Chain Needs Grow
13 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Integrated Digital Security for the Supply Chain(s)
SUPPLY CHAIN
DIGITAL SUPPLY CHAIN
DIGITAL SECURITY FOR THESUPPLY CHAIN(S)
IoT Security
Information Security
IT Security
OTSecurity
PhysicalSecurity
Digital Security
14 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
SIEM
Software AssetManagement
Expanding (and Confusing) SaaS Control Add-On Markets
Today's enterprise suffers from coordination frustr ation. Encouraging evolution of multicloud, multifunction management consoles.
Activity Threat Control
Archive and Recovery
Cloud Access Security Broker
EMM
Confidentiality
IDaaS
SaaS AggregationTool
Mobile Device Management
Before and During Login
After Login
Service Monitoring
Malware Control
15 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Take-Aways for Securing the Cloud (Supply Chain)
� Develop an enterprise public cloud strategy.
� Implement and enforce policieson usage responsibility and cloud risk acceptance.
� Follow a cloud life cyclegovernance approach.
� Develop expertise in the security and control each cloud model used.
� Implement technologies to fight cloud diffusion complexity.
Conduct Risk Assessment(decision establishesrequirements for technical andprocess controls)
Medium
Exposure
Potential Impact of Security Failure
Bus
ines
s C
ontr
ibut
ion
(Val
ue o
f Ser
vice
)Low High
Always Allowed
Low
High
Do
Not
Allo
wD
o N
ot A
llow
16 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Security Skills Options Expand
17 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Assess the Most Critical Skills Impacts of Digital Security
Already, Traditional Security Strategies Are Shifting To:
Contextual Security Monitoring and Response
Ubiquitous Identity Management
Data Classes,Data Governance
Security Awareness, Privacy & Behavior
01011 Embedded Security
Network Segmentation, Engineering
PhysicalSecurityAutomation
18 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Key Take-Aways to Accelerate Skills Generation and Convergence� Build a long-term security
workforce plan.
� Make coaching and skills development first task.
� Embed security skills withinthe lines-of-business.
� Change security specialiststo "versatilists."
� Mix traditional and agile recruitment techniques.
� Evaluate current skills gaps.
19 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Adaptive Security Architecture Is Embraced
20 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Software-Defined Everything, Including Security
"Data Plane"
"Control Plane"
APIAPI API API
APIAPI API
Southbound APIs
Northbound APIs
Layers of Abstraction
APIPlatform
APIs
Applications
21 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Respond Detect
Detect incidents
Prevent attacks
Confirm and prioritize risk
Contain incidents
Isolate systems
Predict Prevent
Harden systems
Compliance
Policy
Monitor posture
Adjustposture
Implementposture
Adjust posture
ContinuousVisibility and Verification
UsersSystems
System activityPayloadNetwork
Investigate incidents/retrospective analysis
Remediate
Anticipate threats/attacks
Risk-prioritizedexposure assessment
Design/Model policy change
Baseline systemsand security
posture
Develop an Adaptive Security Architecture
22 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Threat Intelligence Platforms Allow You to Visualize, Correlate and Gain Context
EmergingThreats
ShadowserverZeuS
Tracker
Abuse.ch
Open-Source MRTI Feeds
Norse
IIDCyveillance
Malcovery
Commercial Feeds
GeoIP MalwareLookup
Domain Tools
Enrichment Services
News RSSFeeds
Websites
OSINT Sources
Threat Intelligence Platform
Analytics Threat IntelligenceProcessing
VisualizationReporting
Forensics Threat IntelligenceSharing
IncidentResponse
SOCAnalyst
Fraud ThreatAnalyst
Management MalwareAnalyst
HelpDesk
People
Process
Circle ofTrust Sharing
Workflow/Escalation
Communication Fraud
Technology
Secure WebGateway
NGFW
IPS/IDS Logs
23 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Take-Aways for Adaptive Security Architecture
� Shift security mindset from "incidentresponse" to "continuous response"
� Spend less on prevention; invest in detection,response and predictive capabilities
� Favor context-aware network, endpointand application security protection platforms
� Develop a security operations center
� Architect for comprehensive, continuous monitoring at all layersof the IT stack.
Graphics source: istock, http://www.istockphoto.com/photo/life-cycle-of-great-mormon-butterfly-gm505604992-83758525
24 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Security Infrastructure Adapts
25 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Embed Application Security Testing into the Life Cycle
1 Analysis
2 Design
3 Programming
4 Test
5 Operations
26 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Attacks Through Internetor Wireless Networks
Attacks Through LocalWireless Networks
Lower DefenseCapabilities
RiskAggregation
Attacks Through LocalWireless Networks
and Users/Endpoints
SensorsActuators
Things
AggregatorsControllers
IoT Platform
New Network Security Concerns in the Pervasive Digital Presence
27 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Model of a Trusted Execution Environment (TEE)
28 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Data Security Governance Arrives
29 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Develop a Data-Centric Audit and Protection Approach
ActivityMonitoring
Assessmentof Users
and Permissions
User Monitoringand Auditing
Data SecurityPolicy
Data Classificationand Discovery Policy
Data SecurityControls
Protection
Analysis andReporting
Blocking, Encryption,Tokenization
and Data Masking
30 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Take-Aways for Data Security Governance
� Prioritize organization-wide data securitygovernance and policy.
� Identify and implement risk-appropriatedata security controls by data typewhere possible.
� Implement a DCAP strategy that includesdisciplined and formal product selection.
� Incorporate big data plans and uniquerequirements into security strategy.
Graphics Source: iStock - http://www.istockphoto.com/photo/undecided-businessman-gm471659278-62910804?st=ccbc429
31 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Digital Business Drives Digital Security
32 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Securing a Pervasive Digital Presence(the Internet of Things)
Gateways
Things Agents
AnalyticsApplications
Data
Cloud Mobile MES,ERP Partners
IoT Platform Middleware
Core Business Processes
IoT Edge Processing
CommunicationsIntegration
Integration Communications
� Security requirements:– Policy creation and management– Monitoring, detection and response– Access control and management– Data protection– Network segmentation
� Key challenges:– Scale– Diversity (age and type)– Function– Regulation– Privacy– Standardization
Recommendations: Focus on small scenarios. Use risk-based prioritization. Emphasize segmentation and access initially.
33 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
EnterpriseConsumer
� Business Disruption� Espionage and Fraud� Financial Waste
Cyber Risks and Consequences in an IoT Solution
IoTPlatform
� Platform Hacking� Data Snooping
and Tampering� Sabotaging Automation
and Devices
Edge
� Device Impersonation� Device Hacking� Device Counterfeiting� Snooping, Tampering,
Disruption, Damage
Dev. Prod.
34 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
IAM Trends of 2015-2016 That Include an Identity of Things
IAM Program Managementand Governance
(Digital)Business and Operational Needs
(Digital)Risk Management and Compliance
Things
People
Apps andData
Relationships
Interactions
35 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Take-Aways for Digital Security
� Balance Risk and Resilience
� Make the Security Discipline Decision
� Enhance Digital Security Supply Chains
� Retool Security Skills
� Embrace Adaptive Security Architecture
� Selective Improve Security Infrastructure
� Embrace Data Security Governance
36 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Recommended Gartner Research
� Cybersecurity Scenario 2020 Phase 2: Guardians for Big ChangeEarl Perkins and F. Christian Byrnes (G00279414)
� Predicts 2016: Security for the Internet of ThingsRay Wagner, Earl Perkins, Greg Young and Others (G00293187)
� Designing an Adaptive Security Architecture for Protectionfrom Advanced AttacksNeil MacDonald and Peter Firstbrook (G00259490)
� Cloud Security and Emerging Technology Security Primer for 2016Jay Heiser (G00293190)
For more information, stop by Gartner Research Zone.