While the global economy faces critical times, we cannot expect a break in cyber threats and attacks, so CISOs must direct investments towards technology to protect customer-facing and revenue-generating workloads and increase their investment in critical applications and cloud or should be considered to protect Security, zero-trust technology and operations in 2023, according to analyst House Forrester Planning Guidelines 2023: Safety and Risk.
The Safety and Risk The guidance is part of a broader series of 2023 Investment Forecasts produced by Forrester, which collectively advises IT buyers and business leaders who plan to see modest spending increases in “business as usual” in 2023, and will show themselves less in a turbulent global economy, suggesting “waste cuts, testing – Auditing and making bold, smart investments” will require a more disciplined and precise approach to planning.
“Leaders are faced with navigating a volatile business landscape defined by global volatility, supply chain instability and rising inflation, as well as the ongoing consequences of the pandemic,” said Sharyn Lever, Forrester’s chief research officer. “Tackling the 2023 budget plan is a daunting task.”
Maxime Merritt, Forrester’s vice-president and director of research, said since 2017 breaches, ransomware, legislation and increased third-party requirements have already forced executives beyond the confines of the security function to recognize how important comprehensive cyber controls really are. Budget increases have led to high demand for compliance and security professionals at all levels of the organization.
But as CISOs become more relevant, they begin to face more challenges, such as a growing and unpredictable list of potential technologies and suppliers, staffing and skill shortages, and extensive work and customization to properly integrate security solutions.
This year and next, macroeconomic headwinds mean CISOs will be under pressure to prioritize technologies that generate the best value, and their budgets will be more closely scrutinized.
Forrester recommends CISOs invest in these key areas of security technology:
- API securityA realistic view of increasingly modern developments, enabling organizations to create new business models and engagement methods, but prone to breaches due to unsecured APIs and API endpoints.
- Bot managementProactively determine and protect against incoming traffic profiling intent Malicious bots – which will comprise 25.6% of internet traffic in 2020 – delays, misdirects or blocks.
- Industrial Control Systems (ICS) and Operational Technology (OT) Threat intelligenceWhich is becoming a non-negotiable purchase for companies operating in sectors such as energy, manufacturing, utilities or transportation.
- Cloud workloads, containers and serverless security To protect compute, storage and network configurations of cloud workloads in infrastructure- and platform-as-a-service (IaaS/Paas) environments. This market is still immature and a challenge to tackle.
- Multifactor Authentication (MFA) Or even passwordless authenticationOne of the fastest and cheapest ways to align security strategies around zero-trust principles
- Zero-trust network access (ZTNA), a more efficient and agile solution for securing remote workers in a post-pandemic world than traditional VPNs.
- Security Analytics Platform, Legacy Rule Based Replacement Security information and event management (SIEM) offerings that are easily overwhelmed by the rapidly evolving threat landscape.
- Crisis simulation and Purple teaming.
Forrester’s report suggests that CISOs can consider evaluating and running proofs of concepts (PoCs) in the following areas:
Areas to consider reducing or avoiding investment include:
- independent Data storage (DLP), as it is increasingly a feature capability in platforms such as email security and cloud security gateways, security suites and Office 365, makes it easier to achieve and enable as part of a comprehensive approach.
- independent Security User Behavior Analysis (SUBA), most of which have similarly integrated or evolved into DLP as well as various service platforms.
- Generalized managed security service providers (MSSPs), whose capabilities can be better focused by shifting investments to dedicated Managed detection and response (MDR) or Security Operations Center as a Service (SOCaaS) provider.
- Index of agreement (IoC) feed, which, again, is increasingly baked into other enterprise security controls.
- Legacy, on-prem network security technologies, such as standalone web gateways and Network access control (NAC) – save for specific IoT/ICS/OT use cases. The next generation firewall (NGFWs) and ZTNA, combined with software-defined perimeters, are more robust and integrated.