News

Gartner urges companies to dump their old cybersecurity ‘gates’ in favor of rapid response tools as they prepare for a tumultuous pandemic recovery ahead


Jeffrey Wheatman of Gartner

Summary List Placement

The renowned consulting firm Gartner is advising enterprises to jettison their outdated cybersecurity tools in favor of an agile approach as the economy staggers through a rocky recovery from COVID-19. 

At its $1,450-per-person virtual conference — the Gartner Security & Risk Management Summit — the firm advised enterprises to abandon network security based on firewalls and antivirus software and, instead, shift towards new tools to chase down cybercriminals after they have struck the company. 

At times Gartner was blunt in urging companies to quickly evolve their cybersecurity tools, saying enterprises should not “spend disproportionate amounts of resources and money trying to block a threat that can’t be blocked,” as one analyst put it in a presentation.

Those outdated approaches can be disastrous when hit with attacks such as ransomware, Gartner research found. One research paper cited at the conference urged companies to “replace one-time security gates that can fail and lead to catastrophic results.”

The pandemic has “reinforced the critical need for security programs that are agile enough to react to minor and major extraneous shocks,” Gartner analyst and vice president Jeffrey Wheatman said during the opening keynote on Monday.

Economic course corrections, strategy changes, and fluid career moves will dominate recovery from the pandemic, Gartner believes. Then a renewal phase will allow more stability. 

“Once the chaos of the recovery begins to settle down, enterprises will experience the real new normal: In this phase, the future starts to become more plannable,” said Wheatman. “This ‘renew’ phase offers security and risk leaders a great opportunity to support their businesses objectives.”

While cloud-based cybersecurity companies have said companies with remote workers should abandon their on-premise network security – such as a “coalition” of companies launched in June – the Gartner guidance is based on research and analysis rather than subjective product promotion. 

Gartner predicts that by the end of 2023, more than half of enterprises will have replaced older antivirus products with tools that use “detect and response” approach. The conclusion was reached via a poll of 400 companies in March and April.

“Many organizations waste time on legacy security technologies that have lost efficacy,” said  Jonathan Care, a senior research director at Gartner, in an interview with Business Insider. 

“I guess it’s emotionally attractive to think of a hero at the drawbridge defending a castle against all-comers,” Care said. “But it’s more realistic to think of ensuring business survivability so when something happens it’s detected early.”

In another major trend explored at the conference, speakers are discussing how to address the human error made in responding to scam emails or even when engaging with “deepfake” audio and video that impersonates company executives to trick employees. 

Here, too, Gartner urges swift action rather than past institutional approaches. Rather than holding hours-long security trainings that bore employees, Care recommends frequent mini-trainings that immediately address small mistakes with pop-up messages and guidance. 

“Do this bite-size training segment that is actually more effective at behavior change than, you know, the training that everybody’s going to sit through,” he said. “I think as a …read more

Source:: Business Insider

      

(Visited 7 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *