Home Technology Cybersecurity These are the top 8 cybersecurity predictions for 2023-2024 Human-centric security design is modelled with the individual — not technology, threat or location by Gulf Business March 30, 2023 Technological research and consulting firm Gartner has unveiled the top eight cybersecurity predictions that security leaders should build into their strategies for the next two years. Through 2027, 50 per cent of chief information security officers (CISOs) will formally adopt human-centric design practices into their cybersecurity programmes to minimise operational friction and maximise control adoption. Gartner research shows that over 90 per cent of employees who admitted undertaking a range of unsecure actions during work activities knew that their actions would increase risk to the organisation but did so anyway. Human-centric security design is modelled with the individual — not technology, threat or location – as the focus of control design and implementation to minimise friction. By 2024, modern privacy regulation will blanket the majority of consumer data, but less than 10 per cent of organisations will have successfully weaponised privacy as a competitive advantage. Organisations are beginning to recognise that a privacy programme can enable them to use data more broadly, differentiate from competitors, and build trust with customers, partners, investors and regulators. Gartner recommends security leaders enforce a comprehensive privacy standard in line with GDPR to differentiate in an increasingly competitive market and grow unhindered. By 2026, 10 per cent of large enterprises will have a comprehensive, mature and measurable zero-trust programme in place, up from less than 1 per cent today. A mature, widely deployed zero-trust implementation demands integration and configuration of multiple different components, which can become quite technical and complex. Success is highly dependent on the translation to business value. Starting small, an ever evolving zero-trust mindset makes it easier to better grasp the benefits of a programme and manage some of the complexity one step at a time. By 2027, 75 per cent of employees will acquire, modify or create technology outside IT’s visibility – up from 41 per cent in 2022. The CISO role and purview of responsibility is shifting from being control owners to risk decision facilitators. Reframing the cybersecurity operating model is key to the changes coming. Gartner recommends thinking beyond technology and automation to deeply engage with employees to influence decision making and ensure they have appropriate knowledge to do in an informed way. By 2025, 50 per cent of cybersecurity leaders will have tried, unsuccessfully, to use cyber risk quantification to drive enterprise decision making. Gartner research indicates that 62 per cent of cyber risk quantification adopters cite soft gains in credibility and cyber risk awareness, but only 36 per cent have achieved action-based results, including reducing risk, saving money or actual decision influence. Security leaders should focus firepower on quantification that decision makers ask for, instead of producing self-directed analyses they have to persuade the business to care about. By 2025, nearly half of cybersecurity leaders will change jobs, 25 per cent for different roles entirely due to multiple work-related stressors. Accelerated by the pandemic and staffing shortages across the industry, the work stressors of cybersecurity professionals are rising and becoming unsustainable. 50% of #CISOs will adopt human centric design to reduce #cybersecurity operational friction, according to the top cybersecurity predictions revealed by Gartner today. Learn more on the Gartner Newsroom: https://t.co/cXFvsfJmHE #GartnerSEC #GartnerIT #security — Gartner (@Gartner_inc) March 27, 2023 Gartner suggests that while eliminating stress is unrealistic, people can manage challenging and stressful jobs in cultures where they are supported. Changing the rules of engagement to foster cultural shifts will help. By 2026, 70 per cent of boards will include one member with cybersecurity expertise. For cybersecurity leaders to be recognised as business partners, they need to acknowledge board and enterprise risk appetite. This means not only showing how the cybersecurity program prevents unfavorable things from happening, but how it improves the enterprise’s ability to take risks effectively. Gartner recommends CISOs get ahead of the change to promote and support cybersecurity to the board and establish a closer relationship to improve trust and support. Through 2026, more than 60 per cent of threat detection, investigation and response capabilities will leverage exposure management data to validate and prioritise detected threats, up from less than 5 per cent today. As organisational attack surfaces expand due to increased connectivity, use of SaaS and cloud applications, companies require a broader range of visibility and a central place to constantly monitor for threats and exposure. TDIR capabilities provide a unified platform or ecosystem of platforms where detection, investigation and response can be managed, giving security operations teams a complete picture of risk and potential impact. Read: Gisec Global 2023 boosts cyber resilience of Middle East digital economy Tags cybersecurity Gartner predictions Technology 0 Comments You might also like How agentic AI will boost the digital economy across the Middle East Talabat plunges over 7.5% in Dubai trading debut after $2bn IPO Apple announces major retail expansion in Saudi Arabia Google, Hub71 partner to launch startup programme in 2025