Security Maturity Blog

Get deep insights and the latest news on Organizational Security Maturity from the security experts at Global Data Systems

Deadly Hacks and Other Cybersecurity Predictions from Gartner

Deadly Hacks and Other Cybersecurity Predictions from Gartner

On Feb. 5, 2021, a hacker accessed computer systems at the Oldsmar, FL, water treatment facility and raised the level of sodium hydroxide (lye) in the water to more than 100 times the normal level. Fortunately, an alert employee noticed the change and reversed it before there was any adverse effect.

The event has brought increased scrutiny of cybersecurity measures for critical infrastructure such as water utilities, power grids, oil refineries and factories. It prompted the federal government to launch the Industrial Control Systems Initiative to harden the security of essential operational technology (OT) networks.

Gartner analysts say securing critical infrastructure is literally a life-or-death concern. As part of its top eight cybersecurity predictions for 2022-23, the firm warns that by 2025 attackers will successfully use weaponized OT systems to harm or kill humans.

Gartner also predicts continued growth of consumer privacy laws, increased adoption of legislation regulating ransomware payments and widespread adoption of zero trust security environments. Here’s a closer look at each of the eight predictions:

 

1. Weaponized OT

As attacks on the hardware and software that monitors or controls equipment have become more common and disruptive, Gartner says security and risk managers leaders should be more concerned about hazards to humans and the environment than information theft.

 

2. Consumer Privacy

In-house staff will require a variety of essential network management tools, including remote monitoring and management and network analysis platforms. MSPs have already invested in those kinds of tools, as well as the technical certifications necessary to ensure they are used properly.

 

3. Unified Security

By 2025, 80 percent of enterprises will adopt integrated security service edge (SSE) solutions that enable unified access to web, cloud and private applications from a single platform. Unifying all security services improves efficiency by reducing the number of management consoles in use and consolidating the locations where data must be decrypted, inspected and re-encrypted.

 

4. Zero Trust

By 2025, 60 percent of organizations will embrace the zero trust security model, which replaces implicit trust with identity- and context-based risk-appropriate trust. Because this is both a security principle and an organizational vision, it will require clear communication and a cultural shift that ties it to business outcomes.

 

5. Third-Party Risk

Cyberattacks related to third-party transactions and business engagements are increasing, but few security and risk leaders monitor third parties for cybersecurity exposure. Gartner believes that 60 percent of organizations will make security evaluations a primary determinant when conducting business with third parties. 

Securing critical infrastructure is literally a life-or-death concern.

 

6. Ransomware Regulations

Gartner predicts that 30 percent of nation states will pass legislation regulating ransomware payments, fines and negotiations by 2025, up from less than 1 percent in 2021. Law enforcement agencies recommend not paying because doing so encourages continued criminal activity. Gartner reports that only 8 percent of organizations that pay ransoms manage to recover all their data.

 

7. Building Resilience

Many organizations found their business continuity plans did not adequately prepare them for disruptions related to the pandemic. Gartner predicts that by 2025, 70 percent of CEOs will mandate an organization-wide resilience strategy to prepare for threats from cybercrime, severe weather events, civil unrest and political instabilities.

 

8. Executive Responsibilities

Most organizations now understand that cybersecurity is a business issue and not just an IT issue. Gartner expects a shift in formal cybersecurity accountability, with 50 percent of C-level executives having cybersecurity performance requirements built into their contracts by 2026.

 

Connect with us

Global Data Systems
310 Laser Lane
Lafayette, Louisiana 70507

  • dummy888-435-7986

  • dummy info@getgds.com

GET THE LATEST SECURITY INSIGHTS

Get notified as soon as we publish a new security maturity blog!
Please fill the required field.

Search