How to Address Threats in Today’s Security Landscape
Exploitation of known vulnerabilities poses a great threat to an organization’s security.
Security and risk management leaders are grappling with an ever-shifting threat landscape. These leaders are facing increasingly sophisticated hackers and attacks more frequently. They must discern what threats represent the most risk and how they can best address these issues.
Ahead of the Gartner Security & Risk Management Summit, we asked Greg Young, research vice president at Gartner, how security and risk management leaders can successfully recognize and respond to modern threats and secure their organizations.
Q: What are the biggest threats facing security and risk management leaders?
Gartner predicts that, through 2020, 99% of vulnerabilities exploited will continue to be the ones known by security and IT professionals for at least one year.
A: Ransomware is — and should be — top of mind for security and risk management leaders. In the past, hackers typically targeted an individual person or machine, which posed a challenge, but was more manageable. Today, hackers target entire organizations, encrypting multiple devices before making the demand for payment. There has been a significant increase in new ransomware families, with spam as the top infection vector.
Organizations need to protect against these types of potential vulnerabilities. An organization’s own failures cause a staggering number of attacks. Gartner predicts that, through 2020, 99% of vulnerabilities exploited will continue to be the ones known by security and IT professionals for at least one year. Imagine an organization as a house. A thief keeps robbing the home, yet the owner continues leaving the doors and windows unlocked. Why not lock the doors and windows and prevent or at least make it harder for the thief to break in?
Fortunately, there has been an increasing monetization of vulnerability research, leading to greater discovery and disclosure of vulnerabilities, increased transparency around vulnerability disclosure and more frequent releasing of patches and blocking solutions. Security and risk management leaders have more tools available than ever before to help them protect their organizations against known vulnerabilities.
Q: What main challenges are security and risk management leaders facing?
A: Evolving tactics in attacks and increased evasion, coupled with staffing shortages, are creating challenges for security and risk management leaders. The rise of connected devices via the Internet of Things (IoT) has created issues with scale. Existing security tools cannot effectively handle the influx in the number of devices that need to be secured and monitored (desktops, laptops, mobile devices), making it harder to effectively monitor for potential vulnerabilities. The industrywide security skills shortage is only compounding this challenge. Organizations are making larger investments in security tools to combat increased threats and secure more devices, but they are struggling to hire skilled personnel to support these tools.
Q: How can security and risk management leaders secure their organizations against modern threats?
A: Security and risk management leaders must first address and patch known vulnerabilities. They should assess existing resources and ensure they are investing in an equal mixture of detection and prevention solutions. They should also consider redesigning their assets and moving different assets into more secure locations, or segmenting to add floodwalls between parts of their organization. Adding these obstacles will make it more challenging for hackers to penetrate an organization.
Security and risk management leaders should stay abreast of broader trends and understand how they affect their organization’s security. These leaders tend to miss the bigger trends in threat evolution by examining only the attacks and attackers. We have found that a large majority of organizations think it is very important to know the origin of an attack. Counting attacks is a fruitless effort — it does not matter who threw the rock, it only matters that you need to get stitches. Focusing on attribution only diverts resources, leaving other areas vulnerable when an attack occurs.
Digital Risk & Security Hub
Visit the Gartner Digital Risk & Security hub for complimentary research and webinars.
Gartner clients can learn more about addressing threats in today’s security landscape in How to Respond to the 2017 Threat Landscape.
Gartner Security & Risk Management Summits
Gartner analysts will provide additional analysis on IT security trends at Gartner Security & Risk Management Summits 2017, taking place in National Harbor, Maryland; Tokyo; Mumbai, India; Sao Paulo; Sydney; and London. Follow news and updates from the events on Twitter at #GartnerSEC.