Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Cybersecurity trend watch: The power of data

It’s no secret that data equals power in the digital marketplace, making strategies to protect that data a valuable business asset. The fast pace of IT advancement also makes the cybersecurity market ripe for disruption, and at the Gartner Security & Risk Management Summit in National Harbor, Md., last month, Gartner, Inc. research vice president Peter Firstbrook presented a list of the top six trends that Gartner research analysts voted the most influential trends in the security and risk market.

In part two of this two-part blog, get a rundown of the second half of Gartner’s cybersecurity trend list.

Machine learning is providing value in simple tasks and elevating suspicious events for human analysis.

Firstbrook said there is huge value in using machine learning to improve cybersecurity, but the technology is certainly not perfect from a data protection standpoint and still requires human input to work properly.

“We cannot escape the immutable fact that humans and machines complement each other, and they can perform better together than either individually,” Firstbrook said.

For example, machines can sort through huge amounts of data and detect anomalies, but still need a human to closely evaluate these anomalies to weed out the false positives.

“There are always outliers in the data that is hard for the machine to analyze because they can’t analyze the intent of the person or the event,” Firstbrook said. “Machine learning can elevate things that we need to see, they can help the humans get better at their jobs.

Security buying decisions are increasingly based on geopolitical factors along with traditional buying considerations.

A cold war is “raging” in cybersecurity right now, Firstbrook said, as countries such as China and Russia are suspected of hacking tech companies to steal trade secrets. As a result, cybersecurity leaders have to start taking geopolitical risk into account when they make purchasing decisions.

“That doesn’t just mean the product, but also the supply chain of the product,” he said. “Where did it come from? Who provided the component parts to build this product?”

In 2017, NATO established new cyber-command centers designed to incorporate cybersecurity in operational planning. This came months after NATO extended cybersecurity help to nonmember Ukraine in the wake of NotPetya ransomware that targeted Ukrainian institutions. Although NotPetya was targeting the Ukrainian government, it also affected consumers around the world that were using that software.

Geopolitical risk will continue to play a role in IT companies’ relationship with business partners, especially as business processes are increasingly digitized, he said.

“I have to be very careful about trusting a major equipment supplier that has that many dependencies on external third parties, because it may end up influencing our environment,” Firstbrook said.

Dangerous concentrations of digital power are driving decentralization efforts at several levels in the ecosystem.

The last item on Firstbrook’s list was more of an emerging cybersecurity trend that he and other Gartner analysts are watching: the risk associated with a concentration of power in the tech industry. He pointed to how Amazon, Google and Microsoft are the major players in the cloud market, or how social media sites run by Facebook and Google dominate digital advertising.

This makes these companies and services a target, creating risk for these huge organizations, he said.

“There are concentrations of power and that makes economic sense,” Firstbrook said, but “there’s a certain point it becomes monopolies and monocultures, and then it starts to become dangerous for security.”

Leading security organizations are starting to understand and communicate the security implications surrounding the concentration of power in the tech industry, while trying to find ways to avoid it.

“When you have a business plan that requires you know all those component parts, be conscious of where you might be creating a single point of failure,” Firstbrook said. “When you can, explore alternative, decentralized architectures and digital planning initiatives.”