Following our earlier blog identifying cybersecurity risk, this is the second half of the 6 risk management trends in cybersecurity.
Trend No. 4: Machine learning (ML) is providing value in simple tasks and elevating suspicious events for human analysis.
The shift to the cloud creates opportunities to exploit ML to solve multiple security risks, such as adaptive authentication, insider threats, malware and advanced attackers and the like. Gartner predicts that by 2025, ML will be a normal part of security solutions and will offset ever-increasing skills and staffing shortages. But not all ML is of equal value.
Peter Firstbrook, research vice president at Gartner asserts that “Unless a vendor can explain in clear terms how its ML implementation enables its product to outperform competitors or previous approaches, it’s very difficult to unpack marketing from good ML.” Whilst this assertion is of complete truth, the unpacking of the statement needs to be reviewed within the executive. It is still early to evaluate the merits of ML and until data can support the initiative, executives must ensure a risk compliance in other alternative means.
Trend No. 5: Security buying decisions are increasingly based on geopolitical factors along with traditional buying considerations.
Increased levels of cyber warfare, cyber political interference, and government demands for backdoor access to software and services have resulted in new geopolitical risks in software and infrastructure buying decisions. Recent government bans against Russian and Chinese firms are obvious examples of this trend.
It is easy to believe that these increased levels affect only the First World but given the proliferation of international corporates in South Africa, the trickle-down effect of these risks are real even in the developing world.
Trend No. 6: Dangerous concentrations of digital power are driving decentralization efforts at several levels in the ecosystem.
The internet is driving a wave of centralization, one obvious example of which is cloud computing. While there are many benefits (some outlined already), a good security team should be accounting for the risks too.
The realization that the threats are real is having the solution to these threats half-won. Executives are at the helm of driving risk management in all its facets. Diligent Consulting will effectively review the risk landscape and deliver options to improve the organisations risk profile.