Emerging Cybersecurity

Technologies and
Challenges to the
Modern CISO
Ruggero Contu

© 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates. This publication may not be reproduced or distributed in any f orm
without Gartner's prior written permission. It consists of the opinions of Gartner's research organization, which should not be construed as statements of f act. While the inf ormation contained in this
publication has been obtained f rom sources believ ed to be reliable, Gartner disclaims all warranties as to the accuracy , completeness or adequacy of such inf ormation. Although Gartner research
may address legal and f inancial issues, Gartner does not prov ide legal or inv estment adv ice and its research should not be construed or used as such. Y our access and use of this publication are
gov erned by Gartner’s Usage Policy . Gartner prides itself on its reputation f or independence and objectiv ity . Its research is produced independently by its res earch organization without input or
inf luence f rom any third party . For f urther inf ormation, see "Guiding Principles on Independence and Objectiv ity ."
New Threats and CISO Role Changing Strategies
Threat landscape
Attackers evolve
Humans remain a
favorite target

New digital business

Move to platform buying
requirements
Need for concerted security
CISO responsible for all
Shortage of skilled labor CISO digital risks
Easing management Security as an enabler
Expanding attack surface
New technologies adopted
Digital business transformation
Exposed identities (attacks on credentials)

2 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
… Your Adversaries Want to Run the Mint

• Attackers are looking to “take

the master key.”
• Identity-focused attacks are on
the rise.
• Easy ingress and lateral
movement are the goals.
• They are recruiting your insiders
and may show up with actual,
valid credentials.
Source: Luis García (Zaqarbal)

3 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Now Anyone Can Be an Adversary

Techniques and capabilities eventually trickle down to the

“private sector” like any technology, advanced.

Sophisticated attack techniques are now available on the open market.

Ongoing global conflict will drive interest among potential threat actors:
• Ransom gang activity is likely to become more active as the primary
source of income.
• Security vendors with ties to the region (real or perceived) are being
targeted (e.g., leaked “source-code” events).

4 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Threat Actors Leveraging GenerativeAI

Mandiant HYAS KELA

“Threat actors will increase “Creation of a polymorphic “Detected conversations in

their use of (Generative AI) malware called threat actors community
LLMs to support malware BlackMamba through the forums around how to
development … and use of generative AI.” utilize GenAI to create
generate fake content …” malicious code.”

Source: Threat Actors are Interested in Generative AI, but Use Remains Limited, Mandiant; BlackMamba: Using AI to generate Polymorphic Malware, HYAS; Your
Malware Has Been Generated: How Cybercriminals Exploit the Power of Generative AI and What Can Organizations Do About It? KELA

5 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
The Threat Landscape … a Big Impact …

“Nearly 73% of Indian mid, large

companies hit by ransomware
in 2023.”
— Source: The Economic Times

“Over 80% Indian companies hit

with cyber attacks over 2023.”
— Source: Times of India

6 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Effective Preparation Takes Three Forms

Holistic Approach Proper Staffing/Skilling Continued Execution

• Assess and prioritize threats • Assess your security maturity. • Capabilities, tactics and
impacting your organization. • Starting now? Plan to consider techniques are fluid.
• Maintain a balanced approach managed services. • Your security strategy should
incorporating prevention, also evolve over time.
detection and response. • The volume of attacks will
• Pay attention to continue to increase, a fix for
emerging threats. one issue may not carry over.

7 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
 Cyber-Physical
Systems Security You
Security Skills Shortage

Supply Chain Risks

AI Security

Expanding CISO Responsibilities

8 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af filiates.
Security and Integrity Risks Top Challenges With
IT OT Convergence in 2023
Risk to Process/Equipment Integrity

2023 (n = 292) 34%

2021 (n = 400) 32%

0% 20% 40%

Source: 2023 Gartner IT OT Alignment and Integration Survey

9 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
CPS Security Expertise Needed Beyond OT
Train vessels
Remote and Medical
renewable ICS/ infrastructure equipment
Smart
sites SCADA
buildings
Industrial
sensors
robotics
Cyber-
Smart Physical
cities Systems
Energy
sector
sensoring
Military
Autonomous smart IoT Satellites
connected Smart
equipment Agriculture
vehicles meters
sensors

10 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Generative AI: Four Impacts for CISOs

Build

Attacked By Generative AI Consume

Defend With

11 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Balancing Cybersecurity Reality With
GenAI Hopes

Generative AI

12 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Outlook
Organizations

79%
of organizations expect
the number of third-parties
to increase over the
next three years.

n = 939
Source: 2022 Gartner Third-Party Risk Management Survey
13 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Third-Party Risk Assessment Adding Requirements

Supply chain risk: The need to integrate infrastructures poses new risks (SW
vulnerabilities and new regulations …).

M&A: Inherited vulnerabilities and privacy infringement.

Infrastructure vulnerabilities: Software deployed as part of infrastructure

(solarwind breach) and cloud providers vulnerabilities.

14 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Issues Happen More Than You Realize
“Data Stolen in Cyberattack Targeting Breach of Denso resulted in 1.4 terabytes of data
Another Toyota Supplier” belonging to Toyota (according to Pandora
— 14 March 2022, SiliconANGLE
ransomware gang).

“U.S. Says Russian Hackers Breached Contractors supporting the U.S. Army, U.S. Air
Multiple DOD Contractors” Force, U.S. Navy, U.S. Space Force, and DoD and
— 16 February 2022, The Record Intelligence programs.

“Okta Hack Puts Thousands 2.5% of 15000 of its clients had their credentials
of Companies on High Alert” compromised.
— 22 March 2022, The Telegraph

SolarWinds shows how impactful third-party risk

“Solarwinds Breach Huge Impact” can be. And more importantly that focus is not just
— 3 November 2023, TechTarget about controls deployed but other types of risks.

15 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
The Attack Surface Is Expanding
Expanding Perimeter

Social Media
Dark Web Remote Work
rn Perimeter
M od e
Collaboration Certificates/
Tools Domains
Identity Applications

itional Perime
ad ter
IoT Tr Cloud
Data SaaS Workload

Digital Endpoints Servers Cyber

Supply Chain Mobile Websites Physical

16 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Continuous Threat Exposure Management (CTEM)

Treatments and Security Initiate Drive

5. 1. Cyber Risk Management
Posture Optimization

Action
Mobilization Scoping

CTEM

o se
4. 2.
Validation Discovery

ag n
Di
3.
Prioritization

Enrich
Threat Detection Investigation
and Response (TDIR)
17 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Components of Exposure Management

Exposure

Attack Surface Vulnerability Validation

Digital Assets Infrastructure Configuration

Technology Assets Applications Monitoring

Human Assets Third-Party Services Response

Source: Gartner

18 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
 Threat
• Modern CISO is responsible for all digital risk, not just IT risk.
Exposure
• Threat exposure needs to be a continuous process, not a product.
Management

• Extend visibility and risk assessment into systems not owned by IT

— i.e., ICS, IoT/OT, CPS and also deep dark web monitoring and
Improve third-party risks.
Visibility

19 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Organizations Currently Pursuing a Security
Vendor Consolidation

2020 2022

29% 75%
Pursuing Consolidation Pursuing Consolidation

n = 391 all respondents, excluding “don’t know;” 418 total

Does your organization have plans to pursue a vendor consolidation strategy?; Are you currently pursuing a security vendor co nsolidation strategy?
Source: 2020 Gartner Security & IAM Solution Adoption Trends Survey; 2022 Gartner CISO: Security Vendor Consolidation XDR and SASE Trends Survey
20 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Converged Cybersecurity Platforms

CWPP MDM MFA CSPM SEG WAF DLP EDR SWG CASB PAM

Workload Data Workplace Attack Surface Identity & Access

Security CNAPP Security Platform Security Management Management

CWPP CSPM SCA DLP DAM DCAP UEM SEG EDR EASM CAASM DRPS IGA PAM AM

Security Service Secure Access Extended Detection Security Operations Integrated Risk
Edge (SSE) Service Edge and Response Platform Management

SWG CASB ZTNA SD-WAN SSE EDR NDR ITDR SIEM SOAR XDR DRM VRM GRC

APIs Workflow Reporting Risk prioritization Integrated agent Integrated console Response capabilities

21 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
 • Security efficiency/effectiveness are the top drivers, not just lower
cost.
Cybersecurity
• Security platforms across multiple areas are emerging.
Platform
• Vendors are acquiring to fill missing capabilities.
Consolidation
• Expect GenAI to be of increasing help to automate at a higher
speed across the many tools being consolidated.

• Consider the business value and operations benefits and not just at
a lower cost.
• Demand integrations to enable better outcomes — faster and
Opportunities a higher efficacy.
• Consider a vendor-delivered services wrapper or managed service.

22 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Recommendations

Review your changing role to address potential gaps in skills and

tools you and your team may face.
Assess security vendor lock-in issues to identify the feasibility of the
vendor consolidation project.
Plan for a prevention and assessment strategy based on an overall
end-to-end CTEM approach.
Broaden visibility to include assets, such as CPS, outside of
traditional security team coverage, as they may directly expose you
to significant threats.

23 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.
Recommended Gartner Research

Chief Information Security Officer Persona Priorities

Ayelet Heyman
Emerging Tech: Security — Top Trends in the Security Market
for 2023
Ruggero Contu, Sean O’Neil and Mark Wah
How to Respond to the 2023 Cyberthreat Landscape
Jeremy D’Hoinne, John Watts and Others
Implement a Continuous Threat Exposure Management
(CTEM) Program
Jeremy D’Hoinne, Pete Shoard and Mitchell Schneider
Access to Gartner research is subject to entitlement. For information, please contact your Gartner representative.
24 © 2024 Gartner, Inc. and/or its af f iliates. All rights reserv ed. Gartner is a registered trademark of Gartner, Inc. and its af f iliates.