As the end of the year nears, it’s only normal for the cybersecurity industry to start talking about what to expect in 2019. Recently, Gartner talked about some of the security trends that senior executives and CIOs want to keep in mind to stay ahead of risks.
Out of the six trends mentioned, only one involves technology; the rest focus on security planning, purchasing and deploying. Here’s a quick rundown of the trends CEOs and CIOs should focus on in 2019:
- Senior executives are finally paying attention to security; now, security professionals will have to pay attention to senior executives.
- Laws and regulations around data protection are getting serious and demanding a serious response from IT security groups.
- Security products are moving to the cloud and becoming more agile.
- Machine learning is providing real value to simple tasks and complex analysis.
- Geopolitical factors are joining technology and business factors in guiding security purchases.
- Concentrations of power and capability are leading to reactions of decentralization.
Now, let’s take a look a closer look at two of the most important trends out of the six that CEOs and CIOs alike should keep on their radar to ensure a holistic cybersecurity approach.
The first important trend is that senior executives are finally paying attention to security; now, security professionals will have to pay attention to senior executives.
The attention security has gained is due to an increase in costs of security breaches, as well as major events such as WannaCry and GDPR. Anyone in a business that takes care of security, knows there are also additional events to the above mentioned that have created conversation, as well as a number of studies every year that point out the continued challenge of communication on security between the CEO and CIO.
As CIOs move into a new year, it’s a good idea to look to different ways to communicate cybersecurity with the language of business when talking to executives. For CEOs the same goes in that it’s best to ask more questions when a CIO is presenting you with the necessary budget and staff needed to combat threats. Where CEOs have questions with quantifying the risks in a way that makes sense business wise, asking for that type of explanation is something they shouldn’t shy away from.
The biggest challenge we’ve seen, as a company that’s been in the cybersecurity business for more than 15 years now, is that the CIO and CEO shy away from going in-depth on conversations around security. It’s time to ask the tough questions, to be clear on where there is a need for further clarity due to the two executive figures doing different things and therefore having a different way of talking about topics. Only through a consistent effort in talking the same language and understanding each other can 2019, possibly, be the year where the communication gap between the CEO and CIO takes a different turn.
The second important trend CEOs and CIOs need to focus on are regarding the laws and regulations around data protection, which are getting serious and demanding a serious response from IT security groups.
We always talk about the importance of compliance, but also that it is only the beginning to security done right. While compliance is a great stepping stone to ensure a business avoids fines and starts having at least basic cybersecurity hygiene, it isn’t enough to implement a holistic approach.
Even though costs, even the ones that come with demanding laws and regulations, is the primary motive for senior executives to step up their interest in cybersecurity, this is only half of the picture.
Data breaches cost companies millions, and these costs have brought some of the most successful businesses to their knees. Also, consumers lose trust in companies following a breach, which means businesses are paying to repair the damage following a breach years later through the hit their brand has taken due to the incident.
When CEOs and CIOs can reach effective communication and go beyond compliance (laws and regulations) with cybersecurity, the rest of Gartner’s 2019 security trends are a plus (cloud, machine learning, geopolitical factors, and decentralization) in that they will be included in the security plan outlined and decided on by a business.
Let’s talk about your cybersecurity needs to achieve a holistic approach and posture. There’s a lot of pieces to security and communicating those pieces in business language can be a challenge, as is getting everyone onboard with steps that go beyond the basic compliance requirements your specific business may need.
Photo courtesy of Tashatuvango