Gartner Security & Risk Summit
I was fortunate to attend to the Gartner Security & Risk Summit which overlapped the RSA Conference (RSAC) this year and came away with a lot of insights (as well as some optimism) on the key challenges facing security teams in 2022. While there is abundant reporting on what people gained from RSAC, I have not seen as much on the Gartner event, therefore I’d like to share what I believe was very well researched and highly focused advice to CEOs, CISOs, CIOs, and boards of directors.
Here are my Top 5 takeaways from the event:
- Accelerating the Evolution of Security: Reframe and Simplify – as an overall theme of the conference this hit the mark. Evidence is clear that security teams are struggling to keep up with the pace of cyber criminal activity and the shifting threat landscape towards non-IT systems like IoT/OT/ICS systems. To accelerate an organization’s security efforts they should reframe their requirements and simplify them so that the mission is clear. For example, if IoT is key to an organization’s success, security leadership should start with a focus on the business value provided by IoT as a way to prioritize security efforts on IoT. Simply going after every vulnerability is not realistic or feasible – instead focus efforts on what is needed to keep your business running during and after a successful cyber attack.
- Focus on Asset Discovery – to assess and protect an organization’s growing attack surface, you need to know what assets you have and what their role and status is. If your organization is not using an asset discovery solution that can make visible all network connected devices (especially IoT/OT/ICS) now is the time to begin that journey. Having an up-to-date asset inventory then guides where threat assessment and vulnerability remediation.
- IoT/OT/ICS Attacks Will Become More Deadly – the trend is clear; cyber criminals are looking to create urgency around meeting their demands and have done so in cases like Colonial Pipeline and JBS Meatpacking (examples of what Gartner refers to as cyber-physical systems). Another factor is by increasingly targeting vulnerable IoT/OT systems, hackers are venturing into territory where unintended consequences can easily happen (and easily turn deadly). For example, in hacking into a city’s water system there may not be a clear understanding of the impact from their hacks on the chemical balance of the water being delivered.
- Zero Trust: Get Going – there was a specific emphasis across the Summit on organizations getting experience and maturity when it comes to their zero trust initiatives. More a philosophy than a specific technology, organizations must be ready to learn and even make some mistakes in order to gain the higher level of security that comes from implementing a zero trust architecture. Extending zero trust to IoT/OT/ICS is an imperative for organizations, as these systems now represent a significant part of any organization’s attack surface.
- Cybersecurity Mesh Architecture (CSMA) – a relatively new concept discussed was the cybersecurity mesh. Look at many organizations and you see silos when it comes to how they approach security. Threat actors don’t respect silos – they see the organization as a whole, and find the best ways to attack. The silos that currently exist around IoT/OT/ICS devices leaves them less secure and more exploitable. CSMA is an architectural approach to foster interoperability between, and act as a force multiplier for, distinct security products – especially important for ensuring that IT security products and IoT security products can integrate in a way to help organizations eliminate vulnerabilities across their entire attack surface. By forming a cooperative and distributed security architecture organizations will directly benefit in cost savings and reduced incidents.
A blog like this can only scratch the surface of the thought leadership and guidance presented at the Summit. If your organization is a Gartner client, seek out the attendees who were there, or ask about how to get some of the conference materials. For non-Gartner clients, free access is given to their newsroom that contains articles covering key topics covered at the Summit. Whether it was the increasing risk from cyber-physical systems like IoT, the need to extend zero trust to all parts of the attack surface, or coordination on bringing all parts of the organization together, what was covered gives a blueprint on actions that need to be taken now. Want to discuss in more detail? Signup for a demo session with Viakoo where our security experts are ready to dive deeper.