Gartner has unveiled its top cybersecurity predictions for 2024 and beyond. They were presented by director analyst Deepti Gopal at the Gartner Security & Risk Management Summit in Sydney. Gopal cautioned that cyber leaders must begin integrating these trends into their security strategies and assumptions as soon as possible.

An overarching theme was the extent to which advances in AI were transforming the space, both in regard to how one secures an enterprise, and the threats enterprises now face.

“As we start moving beyond what’s possible with GenAI, solid opportunities are emerging to help solve a number of perennial issues plaguing cybersecurity, particularly the skills shortage and unsecure human behaviour,” Gopal observed.

“The scope of the top predictions this year is clearly not on technology, as the human element continues to gain far more attention. Any CISO looking to build an effective and sustainable cybersecurity program must make this a priority.”

Deepti Gopal Gartner reveals eight cybersecurity trends
Director analyst Deepti Gopal unveiled the eight cyber trends at the the Gartner Security & Risk Management Summit in Sydney. (Photo by Gartner)

1. GenAI will close the skills gap by 2028

Gartner forecasts that the requirement of specialised training should be removed from 50% of entry level cybersecurity roles within the next four years.

This development will be welcome news to cyber leaders, who have found it increasingly challenging to recruit requisite skillsets within the sector. Last year, ISC2 found that the global gap had reached four million people, with 62% of surveyed cybersecurity teams defining themselves as being understaffed.  

The growing use of GenAI should allow leaders to recruit on aptitude, rather than training or experience, and dedicate more budget and focus on filling critical cyber roles.  

2. A 40% drop in employee-driven cybersecurity incidents by 2026

GenAI’s capacity to deliver “hyper-personalised” content and materials should empower enterprises to offer training that considers the specific characteristics of individual employees. This means far richer security behaviour and culture programs (SBCPs), which, Gartner argues, will lead to a far more engaged, cyber-savvy workforce.   

“Organisations that haven’t yet embraced GenAI capabilities should evaluate their current external security awareness partner to understand how it is leveraging GenAI as part of its solution roadmap,” said Gopal.

3. 75% of organisations will exclude legacy, cyber-physical infrastructure from zero trust strategies by 2026

If enterprises are to provide users and endpoints only with the access needed to do their jobs, while retaining the ability to continuously monitor behaviour and the flexibility to adapt to evolving threat vectors, difficult decisions will need to be made, Gartner believes.

The normalisation of remote and hybrid working environments, prompted at speed by the pandemic and largely retained in its wake, has seen a proliferation of end-points, many of which are unmanaged devices. The ongoing shift to zero trust policies will necessitate the exclusion of such devices from any such strategies moving forward.

4. The CISO will require greater protection form personal legal exposure

Gartner believes that two-thirds of global 100 organisations will have extended directors and officers (D&O) insurance to cybersecurity leaders by 2027. This will be driven in large part by new laws and regulations – Gartner specifically cites the SEC’s new cybersecurity disclosure and reporting rules – exposing those leading the security function like never before.

Whether the answer lies in incorporating the CISO into one’s existing D&O insurance package, or exploring other solutions and providers, Gartner cautions that this is an issue enterprises need to get out ahead of quickly.

5. Spend on battling misinformation to exceed $500 billion by 2028

The rise of GenAI cuts both ways. Yes, it has the potential to help leaders secure their enterprises, but it also opens up a slew of new avenues and strategies for potential attack. Gartner points to “the combination of AI, analytics, behavioral science, social media, Internet of Things and other technologies enabling bad actors to create and spread highly effective, mass-customised malinformation”.

Battling this trend will, it forecasts, come to account for over 50% of marketing and cybersecurity budgets within the next four years, requiring the refining of responsibilities, technologies, techniques, and greater use of “chaos engineering” to build resilience and counter external threats.

6. We will see an overhaul of how identity and access management is executed   

Gartner believes that, by2026, 40% of identity and access management (IAM) leaders will taken on primary responsibility for detecting and responding to IAM-related breaches.

IAM leaders are typically not involved in security resourcing and budgeting discussions, and often face issues conveying security and business value in order to secure requisite investment, Gartner argues. However, as the significance of IAM continues to grow, so too will their scope of influence and visibility across the enterprise.

Gartner recommends CISOs reform traditional IT and security silos, providing those holding the purse strings with more clarity and insight into the role IAM plays, integrating the function into wider security initiatives.

7. Data loss prevention and insider risk management will be incorporated with IAM

One visible impact of the previous prediction will be the combining of various disciplines to better identify and combat suspicious behaviour. Indeed, Gartner forecasts 70% of organisations having integrated data loss prevention and insider risk management disciplines with IAM by 2027.

“This introduces a more comprehensive set of capabilities for security teams to create a single policy for dual use in data security and insider risk mitigation,” the prediction reads. “Gartner recommends organisations identify data risk and identity risk, and use them in tandem as the primary directive for strategic data security.”

8. Application security to be increasingly consumed directly by non-cyber experts and owned by application owners

The sheer number of applications that technologists and delivery teams now create means the scale of exposures and potential attack points are hitting numbers that dedicated application security teams simply can’t tackle alone.

With this in mind, Gartner is predicting that, by 2027, 30% of cybersecurity functions will redesign application security so that it is no longer the preserve of the security function.

Gopal observed: “To bridge the gap, cybersecurity functions must build minimum effective expertise in these teams, using a combination of technology and training to generate only as much competence as is required to make cyber risk informed decisions autonomously,”