If there’s one thing security and IT pros know, it’s that networking is not getting any easier. Despite rapid innovation and technological understanding, organizations’ networks are overloaded with tools, traffic, and data. Adding cloud to the mix has only increased complexity — somewhat contrary to the promises of the early 2010s.
The challenges don’t stop with managing networking environments. The burgeoning number of users and service accounts security and IT teams need to govern, skyrocketing SaaS application usage, hybrid work, and unmanaged devices are all increasing complexity. But that’s not all; security and IT teams must also ensure system ease of use and efficiency for employees, contractors, and partners. These factors, and countless more, ratchet up the oneness of security and risk management leaders.
In its second year of publication, the Gartner® Hype Cycle™ for Workload and Network Security, 2023, we feel shares its perspective on the tools and processes organizations can use to achieve “less complexity, simplified operations and greater efficiency.”
Workload and network security management is significantly impacted by the vast number of deployed technologies in (and touching) organizations’ ecosystems.
The Hype Cycle for Workload and Network Security posits that consolidating security solutions will allow end-user organizations to run more effective security programs.
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Axonius.
Future direction: De-risk
For the aforementioned reasons, it is noteworthy that the current year’s Hype Cycle includes SaaS Security Posture Management (SSPM) and Cyber Asset Attack Surface Management (CAASM) in the “innovation trigger” section. These two nascent security categories, and the representative tools tied to them, are an important (and growing) element of organizations’ abilities to manage their IT estates and control risk. For years, organizations have approached network security in a piecemeal fashion. But that method no longer suffices in a world where companies run on more than one network, some of those networks are not company controlled, and risks exist both inside and outside of “gated” perimeters. The industry needs to move to a more streamlined, all-encompassing, yet simpler approach to network and workload security. That can only happen, though, if organizations focus on the bigger pictures of security posture and attack surface management.
Looking at this year’s Hype Cycle, it’s obvious that the emergence of nearly all the categories in the “innovation trigger” section are predicated on the idea of holistic security management. Additional and more mature categories (e.g., security service edge, Zero Trust) underscore the future direction of security technology and leading-practice processes.
How did we get here?
Trends pushing the adoption of these network and workload security approaches forward include:
- The hybrid workforce: Now that the global health crisis is behind us, businesses are incorporating lessons learned from operating in a non-traditional manner. While some businesses are requiring employees to come back to the office, many more are offering a hybrid work model. This means that IT and security teams must provide a seamless-yet-secure way for employees to leverage all the tools they need, regardless of where they work, on what device they’re working from, or when they need to work.
- Cloud adoption: Though cloud computing has been around for years, the pandemic workplace accelerated cloud adoption like no other time in history. Organizations previously hesitant to put resources into cloud environments were forced into a new working paradigm. And once they saw the advantages of doing so, even after people started returning to offices, cloud migration has skyrocketed.
However, networking and security in the cloud are not the same as managing an on-premises environment. Cloud-based security tools are readily available, but, once again, the disparate nature and piecemeal approach created by the commercial market has left many organizations wanting a consolidated approach to identifying and managing cloud risks.
Emerging categories like CAASM and cloud investigation and response automation are major steps forward in handling cloud and workload security.
- SaaS applications proliferation: As with cloud adoption, businesses now run on SaaS applications. Large organizations may have thousands of SaaS apps in use at any time. Understanding what they are, where they are, who is using them, how much they’re being used (or not), how they’re accessed, and more are IT and security imperatives.
Gaining a unified, contextualized view of the environment is the basis upon which SSPM was founded. And why it is likely the category will grow and, eventually, become an integrated part of attack surface management and threat exposure management.
- IT complexity: Palo Alto Networks, one of the largest and most successful security companies on the planet, just published 134-pages of data about the security market. A major call-out by the firm was the sheer number of security tools organizations use. Making matters worse, many of these tools don’t “speak” to each other, meaning, the data they collect can’t be easily analyzed or acted upon.
As per Gartner®, “The desire for less complexity, simplified operations and greater efficiency continues to drive cybersecurity consolidation.” This can be easily achieved via an integration model that goes beyond pure aggregation and into data normalization, deduplication, and correlation.
Even these processes, though, aren't enough to increase efficacy. The ever-changing and always-growing nature of the attack surface requires security tooling that can handle the fast pace while providing accurate information. It must include context about the state of the attack surface, and it must offer ways to easily query data and build timelines so that tech teams can keep track of what has happened, what is happening, and prepare for the future.
- Zero Trust: Above and in the Gartner Hype Cycle, Zero Trust is a recurring theme, a drumbeat of sorts. Although many companies are still early in their Zero Trust journey, security and IT teams have embraced the framework as a means of holistic security improvement.
Zero Trust relies on constant visibility into the networking environment and continuous verification of access requests, both human and machine. There is no such thing as a completely Zero Trust infrastructure. Given the ephemerality and dynamism of corporate computing environments, Zero Trust is an ongoing process that will evolve alongside digital transformation and threat actors’ actions.
Emerging security categories like SSPM, CAASM, Cloud Investigation and Response Automation, Automated Security Control Assessment, and Identity-first security all bolster efforts toward Zero Trust. They are just some of the ways security and tech teams can control complexity and manage their IT estates more simply.
The big picture
To successfully manage these trends, organizations need to lay the foundations first. Doing so entails an understanding of:
- Every digital asset in the environment
- The security posture of every asset
- Asset relationships and dependencies (a.k.a., the potential “blast radius”)
- An easy way to remediate asset-related vulnerabilities and risks
- The impact of remediation efforts
Security and risk teams must also be able to see the big picture — which is the totality of the attack surface. The attack surface can only be accurately quantified if the organization has unfettered visibility into the IT ecosystem and if data about assets is clear, correlated, and actionable.
SSPM and CAASM tools and approaches are the best first lines of defense for managing workload and network security — they lay the foundation and provide a unified, centralized method of security control. Working from a single management plane allows for the ease of use and efficiency in which security and operations teams have expressed a need.
To learn more about how Axonius can help simplify and protect your organization’s digital asset estate, contact us or take a product tour.
GARTNER is a registered trademark and service mark, Hype Cycle and PEER INSIGHTS are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences with the vendors listed on the platform, should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.