A continent apart, this year’s RSAC & Gartner® Security and Risk Management Summit echoed a common refrain
To preface this post - coming from outside of the cybersecurity world, I periodically find myself cringing at the sheer number of acronyms that crop up in conversation with CISOs and analysts. Why is this the case? It feels like the ecosystem is almost designed to obfuscate. (After all, if you aren't quite sure what those 30-50 tools do... are you sure you don't need them?) Well engineered systems don't add complexity, they reduce it. To that end, I promise that as we grow Gradient, we'll do our best to avoid making this acronym soup worse, and only introduce new language where we really think it's needed!
With the annual RSA Conference and Gartner’s Security & Risk Management Summit happening at the same time, on opposite coasts, we seemingly spent most of the week traveling, but it was great to finally be meeting people in person again. And despite the distance, we believe the two events were consistent in several critical themes. A few highlights follow below.
First, we were thrilled to see Gartner name Cybersecurity Mesh as one of their Top Strategic Technology Trends for 2022 (though we have to object to the claim that “no vendor currently offers a complete solution”), with a tremendous ROI for the core business: According to Gartner, “By 2024, organizations adopting a cybersecurity mesh architecture will reduce the financial impact of security incidents by an average of 90%.”
The Need for a Cybersecurity Mesh Architecture (CSMA)
Gartner highlights a few of the pain points motivating adoption of Cybersecurity Mesh, e.g.:
- “Attackers don’t think in silos, but organizations often deploy siloed security controls.”
- “The perimeter has become more fragmented”
- “Many organizations are adopting a multicloud strategy and need a consolidated security approach”
Meanwhile, today’s prevailing solutions occupy narrow lanes of coverage and lack interoperability. As Gartner puts it, “many security tools work within their own view of the world with minimal interoperability – or even awareness – of other tools. Hackers often engage in lateral movement that uses a weakness in one area to exploit an adjacent area.”
In short, the enterprise security paradigm relies on a patchwork of partial solutions cobbled together with duct tape — and the gaps between these siloed elements have created ideal environments for malicious actors to exploit, safely hidden from today's Detection and Response paradigm.
The Security Mesh Solution
CSMA, on the other hand, provides a comprehensive, consolidated framework on which distinct tools and solutions are freed from their respective silos and made interoperable to form a whole that is greater than the sum of its parts.
"CSMA provides the foundation for people and machines to connect securely from multiple locations across hybrid and multicloud environments, channels, and diverse generations of applications, protecting all the organization’s digital assets."
"Existing approaches to identity and security architectures are not sufficient to meet today’s rapidly changing demands. CSMA helps provide a common, integrated security structure and posture to secure all assets, whether they’re on-premises, in data centers or in the cloud."
Identity Threat Detection and Response (ITDR)
The need for Identity Threat Detection and Response was also a common thread at this year’s cybersecurity conferences. A survey of cybersecurity leaders from the RSAC show floor found that the three most popular NIST cybersecurity framework priorities for 2022 are protect, detect, and identify.
From Gartner’s Top Trends in Cybersecurity 2022, "This trend was reinforced during the year by multiple events that illustrated the extent to which the identity system itself is coming under sustained attacks. A primary objective of all advanced attacks is to gain privileged credentials to achieve their goals."
The more-sophisticated attackers are now actively targeting the IAM infrastructure itself. For instance, the SolarWinds breach used administrative permissions to gain access to the organization’s global administrator account or trusted SAML token signing certificate to forge SAML tokens for lateral movement. More recently, this threat actor has used a custom backdoor malware to compromise Active Directory Federation Servers. Credential misuse is now a primary attack vector. All of these developments continue to support the need for a unified identity fabric.
CSMA for End-to-End Protection and Doing Away with the Silos
Altogether, moving away from point solutions and comprehensively rethinking an organization’s cybersecurity posture is the only way to refocus organizations on prevention and away from the losing game of Detection and Response. This begins with securing the identities of all assets, users and data, and verifying asset and data integrity as part of enforcing security posture. These two objectives are exactly what Cybersecurity Mesh delivers. At Gradient, we have updated the cybersecurity paradigm from a reactive, fragmented Detection & Response paradigm to a proactive, unified defense for all assets, users and data. Request a demo to find out how Gradient Security Mesh can be deployed to your organization.
About the Gartner Security & Risk Management Summit
Gartner analysts present the latest research and advice for security and risk management leaders at the Gartner Security & Risk Management Summits 2022, taking place February 14-15 in the Middle East, June 7-10 in National Harbor, MD, 21-22 June in Sydney, 25-27 July in Tokyo and September 12 - 14 in London. Follow news and updates from the conferences on Twitter using #GartnerSEC.
Gartner, "Top Strategic Technology Trends for 2022: Cybersecurity Mesh", Felix Gaehtgens, et al, 18 October 2021.
Gartner, "Top Trends for Cybersecurity 2022", Peter Firstbrook, et al, 18 February 2022.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.