Gartner's top 10 security projects for 2019
Editor's note: The following is a guest article from Gartner drawing on analyst insights from the top 10 security projects for 2019.
Security and risk management (SRMs) leaders often struggle with balancing and prioritizing investments across technology, people and processes. Security teams incorrectly assume they can successfully implement new projects without first properly verifying that they have foundational security capabilities and risk assessments in place.
Here are the top 10 security projects for 2019, five of which pictured in the second row of the graphic below are brand new or modified projects from last year:
Project No. 1: Privileged access management (PAM)
PAM projects should help organizations discover and apply appropriate controls to privileged accounts so hackers have a hard time accessing them.
PAM projects must support on-premises, hybrid and cloud environments and, at a minimum, use multifactor authentication (MFA) for all administrators and third-parties. SRM leaders can prioritize privileged access accounts through a risk-based approach (high value, high risk).
Project No. 2: Continuous adaptive risk and trust assessment (CARTA) Inspired Vulnerability Management
Based on the continuous adaptive risk and trust assessment (CARTA) approach, SRM leaders need to embrace a strategic approach where security is adaptive.
Obviously, security teams cannot patch every single vulnerability that pops up, but can significantly reduce risk by properly prioritizing the crossroad between the business value of IT and the risk associated, rather than the vulnerability alone. Look at current threat and vulnerability management products and processes to accomplish this.
Project No. 3: Detection and responses
There is no such thing as "perfect protection," but detection and response projects that consider data management and indicators of compromise (IOCs) are certainly heading that way.
Look to endpoint protection platform (EPP) vendors to provide endpoint detection and response (EDR) capabilities, then determine which capabilities will best integrate with the rest of the security program.
Project No. 4: Cloud security posture management (CSPM)
The vast majority of successful attacks on cloud services are the result of customer misconfiguration, mismanagement and mistakes. SRM leaders should invest in CPSM processes and tools to proactively and reactively identify and remediate these risks.
Project No. 5: Cloud access security broker (CASBs)
Organizations that have adopted multiple software as a service (SaaS) applications can use CASBs to increase visibility and control across multiple cloud-based services.
Project No. 6: Business email compromise (BEC)
This is the first of the new wave of security projects for 2019. SRM leaders who have problems with both phishing attacks and poorly defined business processes could benefit from a BEC project.
BEC projects should focus on both email technical controls and a better understanding of organization-specific process breakdowns, such as email-only approvals for financial transactions or data disclosures.
Project No. 7: Dark data discovery
While it's natural for SRM leaders to have an unknown amount of dark data — data that provides little value and an unmeasured amount of risk — they can still work toward reducing their data footprint and looking at vendors that support data consolidation and storage.
Project No. 8: Security incident response
Since security incidents are a natural byproduct of today's digital business, a security project in 2019 should include updating security incident response policies and procedures, or completely reworking those responses based on a variety of evolving factors.
Ongoing assessment of an organization's current level of incident preparedness is never a waste of time.
Project No. 9: Container security
To ensure all containers are scanned for vulnerabilities and configuration issues automatically before being released into production, security teams tasked with securing containers must harden the continuous integration/continuous delivery (CI/CD) pipeline.
Look at container security that can secure multiple container deployments, especially emerging container as a service offerings.
Project No. 10: Security ratings services
As digital transformation matures, the risks associated with complex ecosystems become an integral part of the business. It is no longer just about the internal security and risk posture of an organization, but about the posture of suppliers, regulators, customers, business partners and platforms.
As a result, SRM leaders should leverage security rating services as an additional data point to provide continuous, independent scoring for their overall digital ecosystem — public facing assets and otherwise.