Gartner发布2024年威胁暴露面管理战略路线图资源-CSDN文库

网络

需积分: 5 177 浏览量 2023-11-16 15:01:20 上传评论收藏 670KB PDF 举报

资源推荐

资源详情

资源评论

Gartner, Inc. | G00787028

Page 1 of 25

2024 Strategic Roadmap for Managing Threat

Exposure

Published 8 November 2023 - ID G00787028 - 31 min read

By Analyst(s): Pete Shoard

Initiatives: Security Operations; Build and Optimize Cybersecurity Programs

The exposure to a range of new cyberthreats is a growing issue

for organizations. Security and risk management leaders should

use this Strategic Roadmap to pivot from traditional technology

vulnerability management to a broader, more dynamic continuous

threat and exposure management practice.

Overview

Key Findings

Recommendations

Security and risk management leaders, especially CISOs, establishing or enhancing EM

programs should:

The most valuable outputs of a continuous threat exposure management (CTEM)

process are the recording and reporting of potential impact to risk reduction and

justiﬁcation of organizational value.

■

Validation of security threats via a number of mechanisms including simulation,

conﬁguration assessment or formal testing is an effective way to reduce the

response burden of discovering exposures.

■

Without widespread business engagement most exposure management functions,

such as vulnerability assessment, are unable to function effectively. Early

engagement with resolver teams and the development of mobilization processes are

essential to success.

■

Build exposure assessment scopes based on key business priorities and risks, taking

into consideration the potential business impact of a compromise rather than

primarily focusing on the severity of the threat alone.

■

This research note is restricted to the personal use of chenlizhen@qianxin.com.

Gartner, Inc. | G00787028

Page 2 of 25

Strategic Planning Assumptions

Through 2028, validation of threat exposures by implementing or assessments with

security controls deployed will be an accepted alternative to penetration testing

requirements in regulatory frameworks.

Through 2026, more than 40% of organizations, including two-thirds of midsize

enterprises will rely on consolidated platforms or managed service providers to run

cybersecurity validation assessments.

Introduction

Exposure management (EM) is a set of processes that gives enterprises the awareness to

continually and consistently evaluate the visibility, accessibility and vulnerability of their

digital assets. EM consists of both exposure assessment and cybersecurity validation. In

many organizations, Gartner believes that EM will supersede the vulnerability

management (VM) practices of today. Organizations that acknowledge the need to handle

a broader range of exposures (such as those posed by modern application development

and social media, beyond technology vulnerability) will reﬁne their use of external and

internal assessment tools, and expand to the use of continual assessment processes

such as CTEM.

This research explores the evolution of the exposure management category over the next

three to ﬁve years, identifying the inﬂection points that security and risk management

leaders can leverage to reduce threat exposure risk and create better working relationships

with adjacent teams for faster response to the most relevant and impactful potential

threats.

Initiate a project to build cybersecurity validation techniques into EM processes by

evaluating tools such as breach and attack simulation, attack path mapping and

penetration testing automation products or services.

■

Engage with senior leadership to understand how exposure should be reported in a

meaningful way by using existing risk assessments as an anchor for these

discussions, and by creating consistent categorization for discoveries that are

agreed with other departments in the organization.

■

Agree effective routes to resolution and prioritization characteristics before

beginning to report new discovered exposures by working with leaders of adjacent

departments across the business in areas such as IT management, network

operations, application development and human resources.

■

This research note is restricted to the personal use of chenlizhen@qianxin.com.

Gartner, Inc. | G00787028

Page 4 of 25

Scope Speciﬁc Risks Based on Business Impact Priorities

Security plays a critical role in helping risk owners mitigate business risk. Cyber risk can

impact business outcomes and directly affect the organization’s mission-critical priorities

(MCPs). From the perspective of the organization’s business risk owner, it’s important to

recognize that the security team’s role is to support risk management in such a way that

the owner can make informed data-driven decisions. Indeed, security must ensure that

controls are aligned with the organization’s overall strategy and objectives, and provide

clear rationale and prioritization for its objectives and activities. The second most

important element for the CISO to consider in relation to risk is perception. Risk

management is an individual approach in all risk domains, and cyber is no different.

CISOs must prioritize risks that the organization perceives as the greatest alongside those

that experience tells them are the most critical.

It’s crucial to scope risk in relation to threat exposure, as this is one of the key outputs that

will beneﬁt the wider business. To do so, senior leaders must understand the exposure

facing the organization, in direct relation to the impact that an exploitation of said

exposure would have. Together, with this information, executives can make informed

decisions to either remediate, mitigate or accept the perceived risks. Without impact

context, the exposures may be addressed in isolation, leading to uncoordinated ﬁxes

relegated to individual departments exacerbating the current problems associated with

most vulnerability management programs. Being able to record and report on impact to

risk reduction is an important business-facing output of a CTEM process.

To begin scoping, we must consider the effect the risk will have on MCPs as well as how it

is perceived by the business. Building scopes that align with the priorities of the senior

leadership is critical to success, to achieve this CISOs must consider the following

important questions:

Affect mechanisms to validate discovered issues and identify ways to not simply

remove point vulnerabilities with ad hoc remediation, but to also reduce or accept

risks introduced by threat exposure.

■

Develop a set of outcome-driven, business-tuned metrics to deliver their ﬁndings in

ways that senior leadership can use to make effective decisions without having to

be security specialists.

■

Communicate with and involve all relevant business departments in the decisions

and measurements used to classify, prioritize and mobilize discovered threat

exposure.

■

This research note is restricted to the personal use of chenlizhen@qianxin.com.

剩余25页未读，继续阅读

评论收藏

内容反馈

lurenjia404

粉丝: 1973
资源: 120

Gartner发布2024年威胁暴露面管理战略路线图

Gartner发布最新中文版2023年零信任安全项目实施战略路线图

Gartner发布2024年SASE融合战略路线图：SASE当前状态与理想状态及其差距分析

Gartner发布2024年网络安全主要趋势

Gartner发布2024年及未来中国网络安全重要趋势

Gartner数据安全平台融合战略路线图（材料分析整合）

Gartner发布2024年及以后中国网络安全的七大主要趋势

Gartner：2021-2023大型企业新兴技术路线图.pdf

Gartner发布2024年网络安全预测：零信任走向成熟

Gartner发布2022年主要安全和风险管理趋势.docx

2021-2023年中型企业新兴技术路线图

Gartner发布2024 年技术提供商热门趋势：人工智能安全

Gartner发布2024年网络安全预测一：人工智能与网络安全将颠覆转化为机遇

Gartner发布2024年网络安全预测 ：IAM 和数据安全相结合，解决长期存在的挑战

Gartner发布2022年十大战略科技发展趋势.docx

Gartner发布2023年中国安全技术成熟度曲线

Gartner发布CPS安全2024年预测：安全形势动荡的四大向量

2021-2023 大型企业新兴技术路线图.pdf

2022年Gartner魔力象限之上网行为管理参考.pdf

2022年Gartner发布重要战略技术趋势_企业.pdf

相关实用应用程序（Windows可用）

免费可用的ChatGPT网页版.zip

ChatGPT使用总结：150个ChatGPT提示词模板（完整版）

chromedriver-win64.zip

全国计算机二级WPSoffice精选350道选择题题库（含答案）.pdf

李飞飞自传 我看见的世界 The World I see

哈尔滨工业大学-ChatGPT调研报告-2023.3.6-94页.pdf

农村公交与异构无人机协同配送优化

4个亲测好用的ChatGPT4渠道

学术海报模板+论文科研+研究生

最新资源

Gartner发布2024年网络安全预测：IAM 和数据安全相结合，解决长期存在的挑战

李飞飞自传我看见的世界 The World I see