Gartner identifies the top cybersecurity trends for 2024.

Gartner predicts that cybersecurity trends for 2024 will be driven by Generative AI, unsecure employee behavior, third-party risks, continuous threat exposure, boardroom communication gaps, and identity-first approaches. Despite these challenges, security leaders will adopt practices, technical capabilities, and structural reforms to improve organizational resilience and cybersecurity performance.

The following six trends will have broad impact across these areas:

Trend 1: Generative AI - Short-term Skepticism, Longer-Term Hope

Security executives must prepare for GenAI's rapid evolution, as large language model (LLM) applications like ChatGPT and Gemini are merely the beginning of its disruption. Simultaneously, these leaders are swamped with promises of increased productivity, reduced skills gaps, and other new cybersecurity benefits. Gartner suggests adopting GenAI in proactive engagement with corporate stakeholders to lay the groundwork for the ethical, safe, and secure use of this disruptive technology.

"It's important to recognize that this is only the beginning of GenAI's evolution, with many of the demos we've seen in security operations and application security showing real promise," Addiscott added. "There is strong long-term potential for the technology, but for now, we are more likely to see immediate tiredness than two-digit productivity increases. Things

Trend 2: Cybersecurity Outcome-Driven Metrics: Bridging Boardroom Communication Gap

The frequency and detrimental impact of cybersecurity incidents on firms are increasing, weakening board and management confidence in their cybersecurity plans. Outcome-driven metrics (ODMs) are increasingly being used to allow stakeholders to draw a direct relationship between cybersecurity expenditure and the protection levels achieved.

According to Gartner, ODMs are critical to developing a defensible cybersecurity investment strategy that reflects agreed-upon protection levels with robust features and is written in simple language understandable to non-IT executives. This gives a legitimate and justifiable depiction of risk appetite, which encourages direct investment to adjust protection levels.

Trend 3: Security Behavior and Culture Programs Gain Increasing Traction to Reduce Human Risks

Security executives understand that shifting the focus from raising awareness to encouraging behavioral change can help decrease cybersecurity threats. By 2027, 50% of big business CISOs will have implemented human-centric security design practices to reduce cybersecurity friction and increase control adoption. Security behavior and culture programs (SBCPs) provide an enterprise-wide approach to reducing cybersecurity events caused by employee behavior.

"Organizations using SBCPs have experienced better employee adoption of security controls; reductions in unsecure behavior and increases in speed and agility," Addiscott added. "It also leads to a more effective use of cybersecurity resources as employees become competent at making independent cyber risk decisions."

Trend 4: Resilience-Driven, Resource-Efficient Third-Party Cybersecurity Risk Management

The inevitability of third-party cybersecurity incidents is driving security officials to prioritize resilience-oriented investments over front-loaded due diligence activities. Gartner suggests that security leaders improve risk management of third-party services and form mutually beneficial relationships with key external partners to ensure that their most valuable assets are always protected.

"Start by strengthening contingency plans for third-party engagements that pose the highest cybersecurity risk," Addiscott told the audience. "Create third-party-specific incident playbooks, conduct tabletop exercises and define a clear offboarding strategy involving, for example, timely revocation of access and destruction of data."

Trend 5: Continuous Threat Exposure Management Programs Gain Momentum

Continuous threat exposure management (CTEM) is a practical and comprehensive approach that allows organizations to continuously assess the accessibility, exposure, and exploitability of digital and physical assets. Aligning assessment and repair scopes with threat vectors or business tasks, rather than infrastructure components, reveals vulnerabilities and unpatched threats.

By 2026, Gartner expects that firms who prioritize their security investments based on a CTEM program will see a two-thirds drop in breaches. Security leaders must continuously monitor hybrid digital environments to enable early detection and effective prioritization of vulnerabilities, hence maintaining a fortified organizational attack surface.

Trend 6: Extending the Role of Identity & Access Management (IAM) to Improve Cybersecurity Outcomes

As more organizations adopt an identity-first approach to security, the emphasis changes from network security and other traditional controls to IAM, making it crucial to both cybersecurity and business success. While Gartner believes IAM will play an increasingly important role in security programs, practices must adapt to focus more on core hygiene and system hardening to improve resilience.

Gartner suggests that security leaders focus on building and exploiting their identity fabric, as well as identity threat detection and response, to ensure that IAM capabilities are well-positioned to assist the broader security program.

Source: Gartner