Skip to content

Posts tagged ‘Gartner’

Feb 10

Top 6 cybersecurity trends from Gartner’s 2026 Security Forecast

Over 57% of employees are using personal GenAI accounts for work. A third of them admit to uploading sensitive data into tools their security teams haven’t approved. Meanwhile, agentic AI is proliferating through no-code platforms and vibe coding, creating attack surfaces most CISOs can’t see, let alone govern. And quantum computing? No longer a 10-year planning horizon. It’s a 2030 action deadline.

Gartner’s Top Trends in Cybersecurity for 2026 report, released February 5, 2026, identifies six forces reshaping how CISOs must operate. These cut across governance, AI adoption, identity, workforce, and cryptographic strategy simultaneously. None of them is incremental.

The trends report lands alongside Gartner’s updated Forecast: Information Security, Worldwide, 2023–2029, 4Q25 (G00843183, December 18, 2025) and the Forecast Analysis: Information Security, Worldwide, 2026 (G00838442, February 5, 2026), which together project global information security spending reaching $244.2 billion in 2026, up 13.3% in current U.S. dollars. I’ve tracked this forecast through multiple quarterly updates. The trajectory keeps steepening. The six trends below explain where that money is going and why.

“Cybersecurity leaders are navigating uncharted territory this year as these forces converge, testing the limits of their teams in an environment defined by constant change,” said Alex Michaels, Director Analyst at Gartner. “This demands new approaches to cyber risk management, resilience, and resource allocation.”

The spending backdrop: $244 billion and accelerating

Before getting into the six trends, context matters. Gartner’s 4Q25 forecast shows the three major security segments all growing at double-digit constant currency rates in 2026:

Source: Gartner Forecast: Information Security, Worldwide, 2023–2029, 4Q25 Update (G00843183). Constant currency rates.

Cloud security remains the fastest-growing subsegment at 28.8% growth in 2026. Nothing else comes close. The combined cloud security market (cloud security posture management, cloud access security brokers, and cloud workload protection platforms) is projected to reach $32.4 billion by 2029, with a 25% CAGR in constant currency. I’ve been watching this subsegment accelerate for three quarters straight. CSPM alone is growing at a 31.30% CAGR.

 

Cloud security spending reaches $32.4 billion by 2029. CSPM leads at 31.30% CAGR. Source: Gartner 4Q25 Forecast. (Please click on the image to expand for easier reading)

Trend 1: Agentic AI demands cybersecurity oversight

This is the trend that touches everything else on this list. Employees and developers are deploying AI agents through no-code/low-code platforms and “vibe coding” at a pace that outstrips security governance. Unmanaged AI agent proliferation. Unsecured code. Compliance violations that most security teams don’t even have visibility into yet. That’s the picture Gartner is painting.

Gartner’s recommendation is blunt: cybersecurity leaders must identify both sanctioned and unsanctioned AI agents operating within their environments, enforce access controls and data guardrails, and develop incident response playbooks specific to agent-driven threats.

“While AI agents and automation tools are becoming increasingly accessible and practical for organizations to adopt, strategic cybersecurity planning for these technologies is essential,” said Michaels. “Cybersecurity leaders must work cross-functionally to manage agentic AI adoption, identifying sanctioned and unsanctioned AI agents, enforcing data access controls, and developing incident response playbooks.”

The spending data backs this up. Gartner’s 4Q25 forecast projects the AI-amplified security market reaching $160 billion by 2029, up from $49 billion in 2025. Gartner is clear that this isn’t additive spending. It represents the portion of existing security products that now embed AI capabilities. But the expectation tells the story: over 75% of enterprises will use AI-amplified cybersecurity products by 2028, up from less than 25% in 2025. Vendors that don’t embed AI will lose shelf space. (For more on AI security platforms, see Gartner’s Top Strategic Technology Trends for 2026, which predicts that over 50% of enterprises will use AI security platforms to protect their AI investments by 2028.)

Trend 2: Global regulatory volatility drives cyber resilience efforts

Regulators are getting personal. Boards and executives now face direct liability for compliance failures. Not just organizational fines, but individual accountability. The penalties for inaction have moved from theoretical to career-ending. Across multiple jurisdictions simultaneously.

Gartner advises cybersecurity leaders to formalize collaboration across legal, business, and procurement teams to establish clear accountability for cyber risk. Align control frameworks to recognized standards. Address data sovereignty concerns before they become enforcement actions. The organizations doing this well are treating regulatory preparedness as a core security function, not an annual compliance checkbox.

This is where the spending data gets interesting. Gartner’s forecast shows security consulting services growing from $24.2 billion (2024) to $36.6 billion (2029), adding $12.4 billion in five years. Security professional services follow a similar trajectory: $27.3 billion to $40.8 billion, adding $13.5 billion. Organizations are buying outside expertise because they can’t build regulatory competence fast enough in-house. I’ve been covering these numbers for three quarters, and the services growth is the part of the forecast that keeps surprising me.

Infrastructure protection adds $26.4 billion between 2024 and 2029, the largest absolute growth of any subsegment. Source: Gartner 4Q25 Forecast. (Please click on the image to expand for easier reading)

Trend 3: Post-quantum computing moves into action plans

Gartner predicts advances in quantum computing will render the asymmetric cryptography that organizations rely on unsafe by 2030. Four years. That’s the window to adopt post-quantum cryptography alternatives before “harvest now, decrypt later” attacks start cashing in on data that adversaries are collecting today.

Organizations need to identify their cryptographic deployments, assess data sensitivity and lifespan, and prioritize cryptographic agility. That last phrase keeps coming up in my conversations with CISOs. The ability to swap encryption methods without re-architecting entire systems. Swapping an algorithm is one thing. Doing it across a production environment without downtime is an entirely different problem.

“Post-quantum cryptography is reshaping cybersecurity strategies by prompting organizations to identify, manage, and replace traditional encryption methods, while prioritizing cryptographic agility,” said Michaels. “By investing in these capabilities and prioritizing migration now, assets will be secured when quantum threats become a reality.

The encryption market in Gartner’s 4Q25 forecast grows from $1.04 billion in 2023 to $2.04 billion by 2029 at an 11.95% CAGR. A 2.0x increase. For what has historically been one of the slower-growing security subsegments, that’s a significant acceleration. Quantum urgency is changing the math.

Trend 4: Identity and access management adapts to AI agents

AI agents are breaking traditional IAM models. Plain and simple. Identity registration and governance, credential automation, and policy-driven authorization weren’t designed for autonomous machine actors that can initiate actions, access data, and interact with systems without human intervention. The scale problem compounds fast: when every employee can deploy dozens of AI agents, the identity surface area explodes.

Gartner recommends a targeted, risk-based approach. Invest where gaps and risks are greatest. Leverage automation where possible. The practical starting point is understanding which AI agents carry the most privilege and the least oversight. Those are your highest-risk identities right now, and most organizations haven’t inventoried them.

The identity market is already significant. Gartner’s 4Q25 forecast shows identity access management growing from $18.7 billion (2024) to $29.0 billion (2029), adding $10.3 billion in five years. That’s before the full scale of agentic AI identity requirements hits the market. IAM vendors that solve machine-actor identity at scale will capture a disproportionate share of that $10.3 billion growth.

Trend 5: AI-driven SOC solutions destabilize operational norms

AI-enabled security operations centers are enhancing alert triage and investigation workflows. The technology works. But deploying AI into a SOC doesn’t automatically reduce headcount needs. It changes the skill mix. Analysts who excelled at manual triage need different capabilities to oversee AI-driven workflows. Organizations are discovering this the hard way. That’s an organizational transformation challenge, and throwing more technology at it doesn’t help.

“To realize the full potential of AI in security operations, cybersecurity leaders must prioritize people as much as technology,” said Michaels. “Strengthening workforce capabilities, implementing human-in-the-loop frameworks into AI-supported processes and aligning adoption with clear strategic objectives will be critical to maintaining resilience as SOCs evolve.”

The talent dimension makes this harder than it already sounds. ISC2’s 2024 Cybersecurity Workforce Study, published in October 2024, documented a global workforce gap of 4.8 million professionals, a 19% year-over-year increase. The active workforce flatlined at 5.5 million (up just 0.1%). The numbers are brutal: 25% of organizations reported cybersecurity layoffs in 2024. 37% faced budget cuts. 90% report skills shortages. 58% believe the shortage puts their organization at significant risk. On the spending side, managed security services are growing at 11.1% in 2026, the fastest rate in the services segment. Organizations can’t hire fast enough, so they’re buying managed SOC capacity instead.

Trend 6: GenAI breaks traditional cybersecurity awareness tactics

Existing security awareness programs are failing. Full stop. A Gartner survey of 175 employees conducted between May and November 2025 found that 57% use personal GenAI accounts for work purposes, while 33% admit to uploading sensitive information to tools their organizations haven’t sanctioned. Those numbers should alarm every CISO reading this. A third of your workforce is actively feeding proprietary data into tools you can’t audit.

Gartner recommends shifting from general awareness training to adaptive behavioral programs that include AI-specific tasks. Generic compliance videos won’t cut it here. The organizations getting this right are making approved GenAI tools easy to access and unsanctioned tools hard to justify. Trying to ban GenAI outright just drives usage underground and costs you talent.

Strengthening governance, embedding secure practices, and establishing clear policies for authorized GenAI use will reduce exposure to privacy breaches and intellectual property loss. The governance gap on GenAI usage is, in my view, the most underestimated risk on this entire list. Every other trend has a spending line item attached to it. This one requires behavioral change, which is harder to buy.

Total market trajectory: $173.5 billion to $323.5 billion

Gartner’s year-by-year spending trajectory shows the acceleration curve these six trends are riding:

Source: Gartner Forecast: Information Security, Worldwide, 2023–2029, 4Q25 Update (G00843183, December 18, 2025). Current U.S. dollars.

 

CSPM and CASB lead all security categories with 31% and 26% CAGR through 2029. Source: Gartner 4Q25 Forecast. (Please click on the image to expand for easier reading)

What this means for CISOs

Three of the six trends (agentic AI oversight, IAM for machine actors, and GenAI awareness) are fundamentally about the same problem: autonomous AI systems operating inside enterprise environments without adequate governance. The other three (regulatory volatility, post-quantum readiness, and AI-driven SOCs) are the structural forces those governance failures will collide with. That convergence is the signal about where 2026 budgets need to go.

The organizations that will navigate this environment successfully are doing three things simultaneously:

Mapping their AI agent footprint now. If you don’t know how many AI agents are operating across your environment, sanctioned and unsanctioned, you can’t govern what you can’t see. Gartner’s 75% AI-amplified product adoption projection by 2028 means this window for establishing control is narrow.

Building cryptographic agility into their architecture. The 2030 quantum deadline means migration planning starts in 2026, not 2028. The encryption market’s 2.0x growth reflects early movers. Late movers face rip-and-replace costs that compound every quarter they wait.

Investing in people alongside AI tooling. AI-enabled SOCs work when human operators have the skills to oversee them. The ISC2 data is unambiguous: a 4.8 million professional gap growing at 19% year-over-year. Managed security services growth at 11.1% tells you where CISOs are finding capacity.

Gartner’s numbers aren’t projections anymore. They’re procurement trends already hitting finance systems. The $244.2 billion flowing into information security this year will fund agentic AI governance, quantum migration, and SOC transformation, whether your organization participates or not.

Bottom line: CISOs planning for 2027 are watching their competitors buy the tools they’ll be scrambling for in 18 months. The data says move now.

Jan 22

Gartner 4Q25: $4.71T AI market proves agentic AI and data readiness are the only race that matters

Created with Perplexity

Only 43% of organizations say their data is ready for AI. Meanwhile, AI Data spending is compounding at 155% annually. That’s six times faster than the infrastructure buildouts grabbing headlines. That disconnect defines the enterprise AI landscape in 2025.

Gartner’s 4Q25 AI Spending Forecast (December 17, 2025) projects $4.71 trillion by 2029. But I’ve been digging through the segment data, and the story isn’t the topline number. Four subsegments within Gartner’s AI Data market are growing between 136% and 178% CAGR. AI Infrastructure? Just 29.25%. The money is following the bottlenecks.

“Nearly everything today, from the way we work to how we make decisions, is directly or indirectly influenced by AI,” says Carlie Idoine, VP Analyst at Gartner. “But it doesn’t deliver value on its own. AI needs to be tightly aligned with data, analytics, and governance to enable intelligent, adaptive decisions and actions across the organization.”

McKinsey’s 2025 State of AI survey (1,993 participants, 105 countries) found 88% of organizations now use AI in at least one business function. But two-thirds remain stuck in pilot mode. Just 6% qualify as “AI high performers,” meaning organizations where more than 5% of EBIT comes from AI. The gap between adoption and value creation is where the real spending story unfolds.

Where the bottlenecks are breaking

Every high-growth segment in the forecast eliminates a constraint that stalls production of AI.

Synthetic data generation addresses the labeled data shortage. You can’t train models without it, and real world data comes with privacy constraints, bias problems, and collection costs that don’t scale. Data governance enforces quality standards because ungoverned data produces ungoverned outputs. Hallucinations, compliance violations, and bias incidents trace directly back to data quality failures. Data integration software connects fragmented sources. Most enterprise data sits across dozens of systems that don’t communicate.

“With AI investment remaining strong this year, a sharper emphasis is being placed on using AI for operational scalability and real-time intelligence,” says Haritha Khandabattu, Senior Director Analyst at Gartner. “This has led to a gradual pivot from generative AI as a central focus toward the foundational enablers that support sustainable AI delivery, such as AI-ready data and AI agents.” Infrastructure enables these capabilities. Data readiness and agentic AI determine whether they generate returns.

The $14.6 billion data readiness bet

Gartner tracks AI Data as a unified market with four subsegments. The aggregate grows from $134.35 million in 2024 to $14.59 billion by 2029. That’s 109x, making it the fastest-growing major category in the forecast.

Synthetic Data Generation: 178.29% CAGR, $40.71M to $6.80B. The fastest-growing subsegment adds $6.76 billion in new spending by 2029. A 167x increase from a small 2024 base. Gartner predicts 60% of data and analytics leaders will encounter failures in managing synthetic data by 2027, which explains why governance spending is accelerating in parallel.

AI Data Governance: 163.75% CAGR, $14.82M to $1.89B. Starting from just $14.82 million in 2024, this subsegment grows 128x by 2029. Legal and compliance teams won’t accept the alternative. When AI systems produce ungoverned outputs, the liability exposure is unacceptable.

AI Data Integration Software: 137.13% CAGR, $71.73M to $5.38B. The largest AI Data subsegment by 2029. Connects fragmented data sources, delivering context that transforms generic models into systems that understand specific business operations.

AI Ready Datasets: 136.16% CAGR, $7.09M to $520.45M. These are prepackaged, curated datasets structured for AI and ML workflows. Think labeled image libraries for computer vision, cleaned financial datasets for forecasting, and domain-specific corpora for fine-tuning LLMs. Organizations buy them to skip the months of data collection, cleaning, and annotation that delay projects. Smallest subsegment by revenue, but 73x growth signals enterprises are willing to pay for time to production shortcuts.

The 2027 crossover: When agents overtake chatbots

Agentic AI: 118.73% CAGR, $15.04B to $752.73B. This is the single most dramatic dollar growth in the forecast. Agentic AI expands from $15 billion to $753 billion by 2029. That’s 50x. Nothing else comes close.

Gartner predicts the crossover will happen in 2027. Chatbots peak at $264.75 billion that year, while Agentic AI surges to $371.40 billion. By 2029, Agentic AI is 3.3x larger ($752.73B vs. $228.50B).

McKinsey’s data reinforces the trajectory: 62% of organizations are experimenting with AI agents, 23% report scaling them in at least one function. But scaling remains limited. Most organizations deploying agents are only doing so in one or two functions, primarily IT service desk and knowledge management.

Organizations building chatbot-only strategies should note that the category dominating 2025 and 2026 is projected to decline after 2027.

The Security Tax on Agentic AI

AI Cybersecurity: 73.90% CAGR, $10.82B to $172.01B. AI agents introduce attack surfaces that traditional security architectures weren’t built for. Gartner’s Hype Cycle for Application Security, 2025 (July 2025) projects that through 2029, over 50% of successful attacks against AI agents will exploit access control issues via direct or indirect prompt injection. The 16x growth in AI Cybersecurity spending reflects enterprises grappling with that exposure.

Production AI deployment requires security architectures designed for agentic systems. That’s a capability most organizations don’t have yet.

Infrastructure: Dominant but decelerating

AI Infrastructure remains the largest absolute spending category: $624.76 billion in 2024, growing to $2.25 trillion by 2029. McKinsey (August 2025) projects hyperscalers alone will spend $300 billion in capex over 2025. Their April 2025 analysis projects $5.2 trillion in data center investment by 2030.

But at 29.25% CAGR, infrastructure grows slower than every other major AI market except Services (26.93%). Market share drops from 54.6% of total AI spending in 2024 to 47.8% by 2029. The buildout is real. Differentiation happens elsewhere.

The 6% problem

Only 6% of organizations qualify as AI high performers despite 88% adoption. McKinsey’s analysis shows high performers are 3x more likely to redesign workflows around AI rather than layering it onto existing processes. They’re also 3x more likely to have committed executive leadership driving AI as a strategic priority.

The 155% CAGR for AI Data reflects organizations investing to close that gap. The 2027 chatbot-to-agent crossover marks the inflection point when autonomous capabilities surpass conversational interfaces in market size.

Gareth Herschel, VP Analyst at Gartner, frames the pressure: “D&A is going from the domain of the few to ubiquity. At the same time, D&A leaders are under pressure not to do more with less, but to do a lot more with a lot more, and that can be even more challenging because the stakes are being raised.”

Where the value accrues

Organizations positioned to capture value from this transformation may not be the ones building the biggest data centers. The Gartner data suggests they’re investing in capabilities that make AI systems work at enterprise scale: data readiness, governance, integration, and security.

AI Data Market (aggregate): 155% CAGR, $134M to $14.6B (109x)

  • Synthetic Data Generation: 178% CAGR, $41M to $6.8B (167x)
  • AI Data Governance: 164% CAGR, $15M to $1.9B (128x)
  • AI Data Integration: 137% CAGR, $72M to $5.4B (75x)
  • AI Ready Datasets: 136% CAGR, $7M to $520M (73x)

Other High-Growth Segments:

  • Agentic AI: 119% CAGR, $15B to $753B (50x)
  • AI Cybersecurity: 74% CAGR, $11B to $172B (16x)
  • AI Infrastructure: 29% CAGR, $625B to $2.25T (4x)

Gartner’s 4Q25 data points to a directional shift: AI spending is moving from infrastructure-first to data and capabilities-first architectures. The organizations treating data readiness as an afterthought are the ones most likely to stay stuck in the 94% that never make it past pilot.

Dec 22

Data readiness and security are driving AI’s $4.7 trillion run

Gartner Projects $4.7 Trillion AI Market by 2029 as Security and Data Drive Growth

Gartner’s most comprehensive AI spending forecast reveals the fundamental growth catalysts. AI-ready data predicted to deliver a 155% CAGR. Cybersecurity at 74%. Agentic capabilities crossing 50% of software spend by 2028.

Infrastructure gets the headlines. Hyperscalers are spending over $300 billion on data centers in 2025. McKinsey projects $5.2 trillion in data center investment by 2030. NVIDIA Blackwell deployments are driving 76% growth in accelerated server spending.

Gartner’s newly released Forecast Analysis: AI Spending, 4Q25 (December 17, 2025) tells a different story about where the acceleration is happening. Global AI spending reaches $1.8 trillion in 2025 and $4.7 trillion by 2029 at 33% CAGR. The growth catalysts:

  • AI Data. 155.4% CAGR. Spending increases 7x as enterprises recognize AI-ready data is non-negotiable for scaling.
  • AI Cybersecurity. 73.9% CAGR. From $26 billion to $172 billion. Over 50% of successful AI agent attacks will exploit prompt injection through 2029.
  • AI Models. 67.7% CAGR. Reasoning models underpin 70%+ of agentic AI applications by 2029.
  • AI Software. 47.0% CAGR. Agentic capabilities cross 50% of application software spend by the end of 2028. Non-agentic spending declines starting in 2027.

Infrastructure dominates absolute spending ($965 billion in 2025, growing to $2.25 trillion by 2029). At 29.2% CAGR, it’s the slower-growth segment. The acceleration is in data, security, and agentic capabilities.

The infrastructure buildout in context

The hyperscalers are building at a pace that strains global power grids. Dell’Oro Group’s Q2 2025 analysis shows worldwide data center capex up 43% year-over-year, with accelerated server spending surging 76% on NVIDIA Blackwell deployments. Amazon, Google, Meta, and Microsoft are collectively spending over $300 billion on data center infrastructure in 2025. CreditSights estimates aggregate hyperscaler capex reaches $602 billion in 2026, with approximately 75% earmarked for AI.

Gartner’s forecast aligns with infrastructure volume. AI-optimized server spending jumps 49% in 2026, representing 17% of total AI spending. GPUs account for over 90% of AI-optimized server spending on training throughout the forecast period. Infrastructure is table stakes. The differentiation is elsewhere.

Gartner’s bubble chart mapping 2026 growth rate (X-axis) against 2024-2029 CAGR (Y-axis), with bubble size representing 2025 spending. AI Data sits alone in the upper right quadrant. AI Cybersecurity and AI Models cluster at 70%+ CAGR. AI Infrastructure anchors the center as the dominant bubble. Source: Gartner Forecast Analysis: AI Spending, 4Q25, December 2025.

Gartner’s AI spending forecast by market, 2024-2029

The maturity gap

McKinsey’s 2025 State of AI survey explains why growth rates matter more than absolute spending for most organizations. 88% of organizations now use AI in at least one business function, up from 78% a year ago. Only 6% qualify as “AI high performers”, capturing meaningful enterprise-wide financial impact. Only 1% describe themselves as “mature” in AI deployment. Gartner’s CFO survey found just 11% of finance leaders from organizations implementing AI reported seeing actual financial returns.

The bottleneck is rarely compute. Gartner identifies three categories of readiness: infrastructure, data, and human. For every 100 days of AI implementation, 25 or more days may be consumed solely by change management and workforce resistance. Sharing work tasks with an AI agent, trusting results, and managing handoffs. That’s a fundamental shift in how employees work.

What the growth rates signal

AI cybersecurity’s 73.9% CAGR reflects a threat model shift. Security teams are spending because AI agents introduce attack surfaces that traditional security architectures weren’t designed to address. Gartner projects that over 50% of successful attacks against AI agents will exploit access control issues via prompt injection through 2029. By 2028, over 75% of enterprises will use AI-amplified cybersecurity products for most use cases, up from less than 25% in 2025.

AI data’s 155.4% CAGR signals enterprises are finally investing in foundations. The smallest segment by absolute spending is the fastest-growing because organizations scaling beyond pilots are discovering that AI-ready data isn’t optional. Labeled, annotated, quality-checked. By 2029, 61% of data integration software spend will focus on delivering GenAI-ready data, up from 8% in 2025. Synthetic data becomes dominant. 77% of data used for LLM training will be synthetic by 2029, up from 4% in 2025.

Agentic AI is reshaping software economics. By the end of 2028, software with agentic capabilities crosses 50% of total application software spend, up from 2% in 2024. Starting in 2027, non-agentic software spending declines. Investment in reasoning models underpins 70%+ of agentic AI applications by 2029. Open-source agentic frameworks will power more than 75% of enterprise AI agent deployments by 2028, eroding proprietary platform pricing power.

The inference shift is underway. By 2029, 66% of AI-optimized IaaS spending supports inference, not training. The balance shifts as embedded fine-tuned models become the norm in production applications.

Forecast assumptions by segment

AI Services. By 2029, 50% of all AI projects moving into production will be GenAI-centric, up from 12% in 2025. POC abandonment rates improve from 60% in 2024 to 35% in 2029. Specialized AI services command 20-30% price premiums.

AI Software. From 2027, spending on software without agentic capabilities starts declining. By 2027, one-third of agentic AI implementations will use combinations of agents with different skills for complex tasks.

AI Models. Starting in 2027, the shift toward in-house domain-specific language models constrains new spending in the specialized model market. Open-source model adoption erodes proprietary pricing power through 2029.

AI Platforms. By 2029, over 60% of enterprises will adopt AI agent development platforms to automate complex workflows. By 2030, enterprise application portfolios will include 40% custom applications built using AI-native development platforms, up from 2% in 2025.

AI Infrastructure. Export restrictions keep Chinese ASPs at about 50% of North American levels throughout the forecast. By 2026, NVL72 will become the de facto standard for large clusters. By the end of 2027, all hyperscalers will have reaffirmed Ethernet as their primary networking choice for AI workloads.

Devices. By 2029, more than 99% of PC microprocessors will have integrated on-device AI functionality, up from 15% in 2024. By 2027, efficient small language models will enable advanced GenAI to run locally on smartphones without cloud reliance.

The capital flow

The 2026 Gartner CIO Survey found GenAI and traditional AI among the most common technology areas selected for funding increases. 84% and 81% respectively. Nearly two-thirds of U.S. VC deal value went to AI companies in the first three quarters of 2025.

By 2027, the majority of AI buyers will define business outcomes from project launch. The market matures from technology-first experimentation to outcome-driven deployment. That shift from supply-push to demand-pull separates organizations capturing value from those still running pilots.

The infrastructure buildout continues. The growth signal is clear. Data readiness, security architecture, and agentic capabilities are where the acceleration is happening.

Nov 26

15 fastest-growing security categories in Gartner’s 3Q25 Information Security Forecast

15 fastest-growing security categories in Gartner's 3Q25 Information Security Forecast

Cloud Security Posture Management is growing at a 31.23% CAGR. Zero Trust Network Access at 23.25%. Threat Intelligence at 22.17%. The overall security market? Just 10.55%. Fifteen categories are outpacing the market by two to three times, collectively capturing $106 billion in new spending by 2029. Enterprise security budgets aren’t just expanding. They’re being redirected.

And the driver? Brutally simple.

Gartner estimates 99% of cloud security failures through 2025 will be the customer’s fault, primarily due to misconfigurations. Organizations are responding by investing aggressively in technologies that automate what humans simply can’t manage manually across hundreds of cloud accounts, thousands of APIs, and millions of potential attack vectors.

What these growth rates say about Gartner’s view of the market 

These fifteen categories represent $106.4 billion in new spending by 2029, growing from today’s baseline. What do they have in common? Three characteristics that explain why enterprises are pouring money into them:

  • Automation at Scale. Every high-growth category automates processes that break when done manually, whether it’s scanning cloud configurations, managing consent across jurisdictions, or detecting behavioral anomalies in network traffic. There’s no other way to keep pace.
  • Proactive vs. Reactive. These technologies prevent problems rather than clean up after them. CSPM catches misconfigurations before breaches. ZTNA eliminates the attack surface that VPNs create. Tokenization protects data even if systems are compromised. Security teams are finally getting ahead of the threat curve instead of playing catch-up.
  • Measurable ROI. IBM’s 2025 Cost of a Data Breach Report shows organizations using AI and automation extensively save $1.9 million per breach and reduce breach lifecycle by 80 days. With U.S. breach costs hitting $10.22 million, these investments pay for themselves with a single prevented incident.

15 fastest-growing security categories in Gartner's 3Q25 Information Security Forecast

The 15 categories reshaping security architecture

1. Cloud Security Posture Management (CSPM) | 31.23% CAGR | $2.5B → $13.0B

CSPM tools continuously scan infrastructure across AWS, Azure, and Google Cloud. With 82% of misconfigurations caused by human error and organizations managing 100+ cloud accounts, CSPM automates what’s mathematically impossible to do manually. The market will reach $15.6 billion by 2032.

2. Cloud Access Security Brokers (CASB) | 25.82% CAGR | $1.5B → $5.8B

Here’s a reality check. Enterprises average 112 SaaS applications, but shadow IT, or unauthorized apps, accounts for 42% of all applications. IT remains unaware of one-third of the apps on its networks. The damage? 65% of shadow IT companies suffer data loss, and 52% experience breaches. CASBs transform this chaos into visibility and control.

3. Zero Trust Network Access (ZTNA) | 23.25% CAGR | $1.6B → $5.6B

ZTNA kills the VPN model. Instead of network access, it provides application-specific connections verified for every request. Gartner predicts 70% of new remote access deployments will use ZTNA by 2025. With 65% of companies planning to replace VPNs, this shift represents a wholesale rethinking of secure access. The perimeter-based model is dying. Good riddance.

4. Cloud Workload Protection Platforms (CWPP) | 22.78% CAGR | $3.9B → $13.5B

CWPP platforms secure everything from traditional VMs to containers that exist for milliseconds. Legacy endpoint security can’t protect ephemeral containers or serverless functions—it wasn’t designed for workloads that appear and disappear in seconds. The shift to microservices demands purpose-built security.

5. Consent and Preference Management | 22.39% CAGR | $0.5B → $1.7B

GDPR fines reached €5.88 billion by January 2025, according to the DLA Piper GDPR Fines and Data Breach Survey. California’s CCPA penalties continue climbing; the California Privacy Protection Agency fined Todd Snyder $345,178 for inadequate opt-out and privacy request processes. Manual handling can’t meet regulatory deadlines. Automation prevents massive fines.

6. Threat Intelligence | 22.17% CAGR | $1.8B → $5.8B

IBM data shows threat intelligence reduces detection and escalation costs by $1.63 million while cutting incidents by 30%. Modern platforms aggregate data about bad actors and vulnerabilities, transforming raw threat data into automated responses across security stacks. The days of threat feeds sitting in dashboards, unused, are over.

7. Subject Rights Request Automation | 16.53% CAGR | $0.8B → $2.1B

When users demand “delete my data,” these platforms automate the process across all systems. Manual handling doesn’t scale, not when you’re managing requests across multiple jurisdictions with different requirements and tight deadlines.

8. Tokenization | 14.26% CAGR | $1.0B → $2.2B

Tokenization replaces sensitive data with meaningless tokens that can’t be mathematically reversed. Why the urgency now? NIST standardized quantum-resistant algorithms, including ML-KEM (formerly CRYSTALS-Kyber), in August 2024. Organizations are preparing for quantum threats expected within five to ten years.

9. Network Detection and Response (NDR) | 14.05% CAGR | $1.6B → $3.5B

NDR platforms use AI to establish behavioral baselines and detect anomalies signaling compromise. Here’s the mindset shift: rather than hoping to prevent all attacks, innovative organizations invest in rapid detection that minimizes damage when sophisticated attackers inevitably get through. Prevention isn’t enough anymore.

10. Vulnerability Assessment | 13.98% CAGR | $2.6B → $5.7B

Cloud infrastructure changes constantly. Quarterly scans are obsolete before they finish. Modern platforms provide continuous scanning in CI/CD pipelines, prioritizing based on real-world exploit data. DevOps teams deploying daily need vulnerability detection that keeps pace. Anything less is theater.

11. Endpoint Protection Platform (EPP) | 13.61% CAGR | $13.5B → $29.1B

The largest category doubles to $29.1 billion as ransomware attacks surge. According to Cyble analysis cited by TechTarget, U.S. ransomware attacks increased by 149% year-over-year in the first five weeks of 2025. Manufacturing led targets with 638 attacks in 2023, per Statista data compiled by Fortinet. Next-gen EPP uses behavioral analytics to stop ransomware before encryption begins—catching what traditional antivirus misses.

12. Secure Web Gateway (SWG) | 13.26% CAGR | $3.3B → $7.0B

Malicious sites appear and disappear in hours. Cloud-delivered SWGs update threat intelligence in real-time, protecting remote workers wherever they connect. Integration with ZTNA creates comprehensive security that follows users across devices and locations. The old perimeter? It no longer exists.

13. Web Application Firewalls (WAF) | 11.93% CAGR | $2.0B → $3.8B

Organizations expose hundreds of APIs, each a potential attack vector. Traditional network firewalls can’t inspect application-layer attacks. Modern WAFs use machine learning to distinguish legitimate users from attackers without blocking customers. Getting that balance right is harder than it sounds.

14. Encryption | 11.90% CAGR | $1.0B → $2.0B

NIST’s standardization of quantum-resistant algorithms signals urgency. Attackers already practice “harvest now, decrypt later”—collecting encrypted data for future quantum decryption. Organizations must transition to post-quantum cryptography now, as full integration takes years. This isn’t theoretical risk anymore.

15. Security Information and Event Management (SIEM) | 11.74% CAGR | $5.8B → $11.3B

AI transforms SIEM from reactive to proactive. Organizations using AI-powered automation save $1.9 million per breach, according to IBM’s newsroom. Machine learning models identify attack patterns and detect zero-day threats before signatures exist, turning security operations into a competitive advantage.

The Investment Thesis behind the numbers

These growth rates reflect three converging realities:

  • Cloud Complexity Is Exponential. With 79% of organizations using multiple cloud providers and managing hundreds of accounts, manual security is mathematically impossible. The 31.23% CAGR for CSPM isn’t optimism, it’s survival.
  • AI Changes Everything. Shadow AI breaches cost $4.63 million, $670,000 more than standard incidents. But AI also powers the defense, with automated security tools reducing breach lifecycles by 80 days. The same technology that creates vulnerabilities offers the best defense.
  • Compliance Costs Are Skyrocketing. Between GDPR, CCPA, and emerging regulations, manual compliance is a liability that grows daily. Automation platforms turn regulatory requirements into competitive advantages.

The Bottom Line

The organizations winning this race aren’t those with the most significant security budgets; they’re those investing in the right categories at the right time. These fifteen segments aren’t just growing fast; they’re defining what modern security architecture looks like.

The message from Gartner’s data is unambiguous: security spending is shifting from reactive to proactive, from manual to automated, from perimeter-based to zero-trust. Organizations still relying on legacy approaches aren’t just falling behind; they’re accepting risks that the market has already priced as unacceptable.

Source: Gartner Information Security Forecast 3Q25 Update (Document G00839334), showing overall market growth from $215.8B (2025) to $322.2B (2029) at 10.55% CAGR

Oct 29

Gartner: 60% of CISOs are piloting GenAI, but only 20% see results

Made with Imagen

The global threatscape is becoming dominated by all forms of weaponized LLMs, AI, and conversational agents, all aimed at launching lethal attacks that cripple companies and entire supply chains in minutes.

Nation‑state actors and organized eCrime groups now use artificial intelligence, including generative AI (GenAI), to automate reconnaissance, weaponize access, and strike faster than most defenses can respond. To keep pace, enterprises and the CISOs leading them are turning to GenAI as a defensive multiplier.

 CISOs are remaining optimistic

Gartner’s latest research quantifies that adoption is accelerating, but measurable results remain elusive. Approximately 60 % of organizations are piloting or planning GenAI cybersecurity initiatives. Only 20% of security leaders say these programs have delivered beneficial outcomes so far. These figures are from the research firm’s recent research note, What GenAI Use Cases Are Organizations Pursuing Within Cybersecurity? published earlier this month. Forrester predicts that the first agentic AI breach will happen in 2026.

Yet, despite early hurdles, cybersecurity leaders remain optimistic. Nearly every CISO I’ve spoken with sees GenAI as pivotal for transforming threat detection, proactive hunting, rapid incident response, and extracting actionable insights from terabytes of telemetry data streaming from endpoints and events. They recognize GenAI as crucial to decoding adversary tradecraft, particularly as identity-based threats and weaponized machine-learning attacks accelerate, reshaping the global threatscape in real time.

Key takeaways

  • Code Analysis leads the pack. GenAI‑assisted code analysis is the most mature use case: 22% of enterprises use it today, and another 30% are piloting it. It addresses a persistent gap, as 69% of software‑engineering leaders cite insecure code remediation as a critical skills bottleneck.
  • GenAI shows potential in helping SOC teams spot vulnerabilities faster. Currently, 21% of organizations actively leverage GenAI to enhance vulnerability detection and remediation, with another 26% piloting these capabilities. Adoption is driven by GenAI’s ability to automate vulnerability identification and prioritize remediation workflows, addressing longstanding security bottlenecks and resource constraints. Despite intense interest, widespread implementation remains challenged by integration complexity and skepticism about AI-generated accuracy, emphasizing the need for incremental deployment aligned with existing cybersecurity metrics.
  • CISOs Shift from Ambition to Execution Gartner finds that the leaders gaining traction are those adopting “bite‑sized” implementations or use cases that fit into current processes, deliver quantifiable ROI, and build trust among analysts and engineers.

CISOs are dealing with a threatscape moving at machine speed

Given how lethal machine-driven attacks are becoming, exacerbated by the growing sophistication of weaponized AI, going on the offensive with GenAI is a choice more CISOs are considering.

  • Nearly every cybersecurity team wants to have a Gen AI pilot either complete or in process to see how it integrates with their planned arsenal for 2026. Most CISOs want some form of AI in their arsenals going into the new year, as many expect the intensity, ingenuity, and lethal impact of automated attacks will reach new levels next year. One told me confidentially she fully expects machine-on-machine breach attempts to grow six times over in 2026 as her financial services firm handles highly speculative assets, including cryptocurrency ETFs and investment products.
  • Breakout speed hits critical mass. CrowdStrike’s 2025 Global Threat Report reveals the alarming acceleration of attacks: the fastest observed eCrime intrusion took just 51 seconds to escalate from initial access to lateral movement, virtually eliminating defenders’ window to respond.
  • Living-off-the-Land tactics dominate and often evade legacy cyberdefense systems: Malware-free intrusions surged significantly, now comprising 81% of interactive attacks in 2025. This trend is corroborated by findings from Mandiant and IBM X-Force, indicating adversaries are bypassing traditional signature-based controls by exploiting legitimate tools native to the enterprise environment.
  • Nation-state activity reaching new record levels as weaponized tradecraft gains stealth and sophistication: CrowdStrike, Mandiant have documented triple-digit increases in operations linked to China, Iran, and North Korea. These attacks predominantly target telecommunications and critical infrastructure, reflecting geopolitical tensions and nation-states’ strategic prioritization of cyber-espionage.
  • Global threat consensus is clear and compelling: ENISA’s Threat Landscape 2025 report aligns precisely with intelligence from CrowdStrike, Mandiant, and IBM X-Force, verifying that nation-state actors now leverage AI-driven automation to execute attacks faster than enterprises can detect, let alone defend.

CrowdStrike Founder and CEO George Kurtz underscored the urgency clearly in a recent CNBC interview on October 23rd, stating, “Well, this is something that we’ve really been focused on for the last number of years is being able to protect agentic AI. And if you think about agentic AI, it has the capabilities to interact with data. It has the capabilities to interact with Compute. It has identities, non-human identities, but it operates at superhuman speed. So all of the challenges that we’ve seen over the many years of humans getting themselves into trouble is only going to be exasperated by agentic AI, and we need security like CrowdStrike is delivering to protect it”.

Practical guidance from CISOs adding GenAI to their arsenals

Gartner’s latest research, combined with interviews and discussions with CISOs, security leaders, and SOC leaders who are piloting and in some cases using GenAI-based platforms today, offers this advice:

  • Go deep on integration on pilots to see how strong the GenAI solution is as a contributor to your security tech stack: CISOs and SOC leaders tell me that this is the most reliable test of whether a GenAI platform or app will make the cut and get to production on their tech stack. Solid APIs that have been battle-tested by vendors who have a strong API management history have the inside track.
  • Outcome-driven use cases are a must-have:At its core, cybersecurity is a business decision. And in a digital-first world, protecting your brand is essential. Any Gen AI pilot needs to contribute to a use case that makes a solid contribution to solidifying a business’s ability to compete.
  • Start with time-tested, established metrics: Getting to a level of trust in GenAI is core to seeing if it is ready to progress from pilot into production. Evaluating GenAI effectiveness using established KPIs, including mean time to detect (MTTD) and mean time to respond (MTTR), at table stakes. CISOs and others running pilots caution about creating entirely new metrics just for GenAI. It obfuscates the total business impact of the technology.
  • Parallel human trust and governance: Gartner emphasizes investing in employee enablement and robust governance frameworks like NIST’s AI Risk Management Framework to foster confidence in GenAI adoption. Human oversight remains a vital layer of control. Human-in-the-middle is essential for any workflow.

Bottom Line

Nation-state adversaries measure their innovation in how lethal their attacks are, how stealth their tradecraft is, and how easily they can evade legacy security techniques. It’s a full cyberwar just a few steps away from a full-on kinetic war. Research from CrowdStrike, IBM, Mandiant, and many other companies shows machine-to-machine attacks orchestrated with Gen AI are accelerating, so much so that Forrester predicts an imminent AI breach next year. GenAI’s ability to identify new threats and stop them makes the technology work a look.

Oct 25

4 Comments

What’s New In Gartner’s Hype Cycle For AI, 2020

What's New In Gartner's Hype Cycle For AI, 2020
AI is starting to deliver on its potential and its benefits for businesses are becoming a reality.

  • 47% of artificial intelligence (AI) investments were unchanged since the start of the pandemic and 30% of organizations plan to increase their AI investments, according to a recent Gartner poll.
  • 30% of CEOs own AI initiatives in their organizations and regularly redefine resources, reporting structures and systems to ensure success.
  • AI projects continue to accelerate this year in healthcare, bioscience, manufacturing, financial services and supply chain sectors despite greater economic & social uncertainty.
  • Five new technology categories are included in this year’s Hype Cycle for AI, including small data, generative AI, composite AI, responsible AI and things as customers.

These and many other new insights are from the Gartner Hype Cycle for Artificial Intelligence, 2020, published on July 27th of this year and provided in the recent article, 2 Megatrends Dominate the Gartner Hype Cycle for Artificial Intelligence, 2020.  Two dominant themes emerge from the combination of 30 diverse AI technologies in this year’s Hype Cycle. The first theme is the democratization or broader adoption of AI across organizations. The greater the democratization of AI, the greater the importance of developers and DevOps to create enterprise-grade applications. The second theme is the industrialization of AI platforms. Reusability, scalability, safety and responsible use of AI and AI governance are the catalysts contributing to the second theme.  The Gartner Hype Cycle for Artificial Intelligence, 2020, is shown below:

What's New In Gartner's Hype Cycle For AI, 2020
Smarter with Gartner, 2 Megatrends Dominate the Gartner Hype Cycle for Artificial Intelligence, 2020.

Details Of What’s New In Gartner’s Hype Cycle for Artificial Intelligence, 2020

  • Chatbots are projected to see over a 100% increase in their adoption rates in the next two to five years and are the leading AI use cases in enterprises today.  Gartner revised the bots’ penetration rate from a range of 5% to 20% last year to 20% to 50% this year. Gartner points to chatbot’s successful adoption as the face of AI today and the technology’s contributions to streamlining automated, touchless customer interactions aimed at keeping customers and employees safe. Bot vendors to watch include Amazon Web Services (AWS), Cognigy, Google, IBM, Microsoft, NTT DOCOMO, Oracle, Rasa and Rulai.
  • GPU Accelerators are the nearest-term technology to mainstream adoption and are predicted to deliver a high level of benefit according to Gartner’s’ Priority Matrix for AI, 2020. Gartner predicts GPU Accelerators will see a 100% improvement in adoption in two to five years, increasing from 5% to 20% adoption last year to 20% to 50% this year. Gartner advises its clients that GPU-accelerated Computing can deliver extreme performance for highly parallel compute-intensive workloads in HPC, DNN training and inferencing. GPU computing is also available as a cloud service. According to the Hype Cycle, it may be economical for applications where utilization is low, but the urgency of completion is high.
  • AI-based minimum viable products and accelerated AI development cycles are replacing pilot projects due to the pandemic across Gartner’s client base. Before the pandemic, pilot projects’ success or failure was, for the most part, dependent on if a project had an executive sponsor and how much influence they had. Gartner clients are wisely moving to minimum viable product and accelerating AI development to get results quickly in the pandemic. Gartner recommends projects involving Natural Language Processing (NLP), machine learning, chatbots and computer vision to be prioritized above other AI initiatives. They’re also recommending organizations look at insight engines’ potential to deliver value across a business.
  • Artificial General Intelligence (AGI) lacks commercial viability today and organizations need to focus instead on more narrowly focused AI use cases to get results for their business. Gartner warns there’s a lot of hype surrounding AGI and organizations would be best to ignore vendors’ claims of having commercial-grade products or platforms ready today with this technology. A better AI deployment strategy is to consider the full scope of technologies on the Hype Cycle and choose those delivering proven financial value to the organizations adopting them.
  • Small Data is now a category in the Hype Cycle for AI for the first time. Gartner defines this technology as a series of techniques that enable organizations to manage production models that are more resilient and adapt to major world events like the pandemic or future disruptions. These techniques are ideal for AI problems where there are no big datasets available.
  • Generative AI is the second new technology category added to this year’s Hype Cycle for the first time. It’s defined as various machine learning (ML) methods that learn a representation of artifacts from the data and generate brand-new, completely original, realistic artifacts that preserve a likeness to the training data, not repeat it.
  • Gartner sees potential for Composite AI helping its enterprise clients and has included it as the third new category in this year’s Hype Cycle. Composite AI refers to the combined application of different AI techniques to improve learning efficiency, increase the level of “common sense,” and ultimately to much more efficiently solve a wider range of business problems.
  • Concentrating on the ethical and social aspects of AI, Gartner recently defined the category Responsible AI as an umbrella term that’s included as the fourth category in the Hype Cycle for AI. Responsible AI is defined as a strategic term that encompasses the many aspects of making the right business and ethical choices when adopting AI that organizations often address independently. These include business and societal value, risk, trust, transparency, fairness, bias mitigation, explainability, accountability, safety, privacy and regulatory compliance.
  • The exponential gains in accuracy, price/performance, low power consumption and Internet of Things sensors that collect AI model data have to lead to a new category called Things as Customers, as the fifth new category this year.  Gartner defines things as Customers as a smart device or machine or that obtains goods or services in exchange for payment. Examples include virtual personal assistants, smart appliances, connected cars and IoT-enabled factory equipment.
  • Thirteen technologies have either been removed, re-classified, or moved to other Hype Cycles compared to last year.  Gartner has chosen to remove VPA-enabled wireless speakers from all Hype Cycles this year. AI developer toolkits are now part of the AI developer and teaching kits category. AI PaaS is now part of AI cloud services. Gartner chose to move AI-related C&SI services, AutoML, Explainable AI (also now part of the Responsible AI category in 2020), graph analytics and Reinforcement Learning to the Hype Cycle for Data Science and Machine Learning, 2020. Conversational User Interfaces, Speech Recognition and Virtual Assistants are now part of the Hype Cycle for Natural Language Technologies, 2020. Gartner has also chosen to move Quantum computing to the Hype Cycle for Compute Infrastructure, 2020. Robotic process automation software is now removed from the Hype Cycle for AI, as Gartner mentions the technology in several other Hype Cycles.

Dec 9

Why Cybersecurity Needs To Focus More On Customer Endpoints

Why Cybersecurity Needs To Focus More On Customer Endpoints

  • Cloud-based endpoint protection platforms (EPP) are proliferating across enterprises today as CIOs and CISOs prioritize greater resiliency in their endpoint security strategies going into 2020.
  • Gartner predicts that Global Information Security and Risk Management end-user spending is forecast to grow at a five-year CAGR of 9.2% to reach $174.5 billion in 2022, with approximately $50B spent on endpoint security.
  • Endpoint security tools are 24% of all IT security spending, and by 2020 global IT security spending will reach $128B according to Morgan Stanley Research.
  • 70% of all breaches still originate at endpoints, despite the increased IT spending on this threat surface, according to IDC.

There’s a surge of activity happening right now in enterprises that are prioritizing more resiliency in their endpoint security strategies going into 2020. The factors motivating CIOs, CISOs, IT, and Practice Directors to prioritize endpoint resiliency include more effective asset management based on real-time data while securing and ensuring every endpoint can heal itself using designed-in regenerative software at the BIOS level of every device. CIOs say the real-time monitoring helps reduce asset management operating expense, a big plus many of them appreciate give their tight budgets. Sean Maxwell, Chief Commercial Officer at Absolute, says, “Trust is at the center of every endpoint discussion today as CIOs, CISOs and their teams want the assurance every endpoint will be able to heal itself and keep functioning.”

The Endpoint Market Is Heating Up Going Into 2020

Over thirty vendors are competing in the endpoint security market right now. A few of the most interesting are Absolute Software, Microsoft, Palo Alto Networks, and others who are seeing a surge of activity from enterprises based on discussions with CIOs and CISOs. Absolute Software’s Persistence self-healing endpoint security technology is embedded in the firmware of more than 500 million devices and gives CIOs, CISOs and their team’s complete visibility and control over devices and data. Absolute is the leading visibility and control platform that provides enterprises with tamper-proof resilience and protection of all devices, data, and applications.

Like Absolute, Microsoft is unique in how they are the only vendor to provide built-in endpoint protection at the device level, with the core focus being on the OS. Windows 10 has Windows Defender Antivirus now integrated at the OS level, the same System Center Endpoint Protection delivers in Windows 7 and 8 OS. Microsoft Defender Advanced Threat Protection (ATP) incident response console aggregates alerts and incident response activities across Microsoft Defender ATP, Office 365 ATP, Azure ATP, and Active Directory, in addition to Azure.

Further evidence of how enterprise customers are placing a high priority on endpoint security is the increase in valuations of key providers in this market, including Absolute Software (TSE: ABT) and others. Absolute’s stock price has jumped 13% in just a month, following their latest earnings announcement on November 12th with a transcript of their earnings call here. Absolute’s CEO Christy Wyatt commented during the company’s most recent earnings call that, “The ability to utilize near real-time data from the endpoint to… to deliver actionable insights to IT about where controls are failing and the ability to apply resilience to self-heal and reinforce those security controls will become a critical skill for every one of our customers. This is the essence of Absolute’s platform, which adds resiliency to our customer’s operations.” It’s evident from what CIOs and CISOs are saying that resiliency is transforming endpoint security today and will accelerate in 2020.

Key Takeaways From Conversations With Enterprise Cybersecurity Leaders

The conversations with CIOs, CISOs, and IT Directors provided valuable insights into why resiliency is becoming a high priority for endpoint security strategies today. The following are key takeaways from the conversations:

  • Known humorously as the “fun button” cybersecurity teams enjoy being able to brick any device any time while monitoring the activity happening on it in real-time. One CIO told the story of how their laptops had been given to a service provider who was supposed to destroy them to stay in compliance with the Health Insurance Portability and Accountability Act (HIPAA), and one had been resold on the back market, ending up in a 3rd world nation. As the hacker attempted to rebuild the machine, the security team watched as each new image was loaded, at which time they would promptly brick the machine. After 19 tries, the hacker gave up and called the image re-build “brick me.”
  • IT budgets for 2020 are flat or slightly up, with many CIOs being given the goal of reducing asset management operating expenses, making resiliency ideal for better managing device costs. The more effectively assets are managed, the more secure an organization becomes. That’s another motivating factor motivating enterprises to adopt resiliency as a core part of the endpoint security strategies.
  • One CIO was adamant they had nine software agents on every endpoint, but Absolute’s Resilience platform found 16, saving the enterprise from potential security gaps. The gold image an enterprise IT team was using had inadvertently captured only a subset of the total number of software endpoints active on their networks. Absolute’s Resilience offering and Persistence technology enabled the CIO to discover gaps in endpoint security the team didn’t know existed before.
  • Endpoints enabled with Resiliency have proven their ability to autonomously self-heal themselves, earning the trust of CIOs and CISOs, who are adopting Absolute to alleviate costly network interruptions and potential breaches in the process. 19% of endpoints across a typical IT network require at least one client or patch management repair monthly, according to Absolute’s 2019 Endpoint Security Trends Report. The report also found that increasing security spending on protecting endpoints doesn’t increase an organizations’ safety – and in some instances, reduces it. Having a systematic, design-in solution to these challenges gives CIOs, CISO, and their teams greater peace of mind and reduces expensive interruptions and potential breaches that impede their organizations’ growth.

 

Nov 14

1 Comment

5 Proven Ways Manufacturers Can Get Started With Analytics

5 Proven Ways Manufacturers Can Get Started With Analytics

Going into 2020, manufacturers are at an inflection point in their adoption of analytics and business intelligence (BI). Analytics applications and tools make it possible for them to gain greater insights from the massive amount of data they produce every day. And with manufacturing leading all industries on the planet when it comes to the amount of data generated from operations daily, the potential to improve shop floor productivity has never been more within reach for those adopting analytics and BI applications.

Analytics and BI Are High Priorities In Manufacturing Today

Increasing the yield rates and quality levels for each shop floor, machine and work center is a high priority for manufacturers today. Add to that the pressure to stay flexible and take on configure-to-order and engineer-to-order special products fulfilled through short-notice production runs and the need for more insight into how each phase of production can be improved. Gartner’s latest survey of heavy manufacturing CIOs in the 2019 CIO Agenda: Heavy Manufacturing, Industry Insights, by Dr. Marc Halpern. October 15, 2018 (Gartner subscription required) reflects the reality all manufacturers are dealing with today. I believe they’re in a tough situation with customers wanting short-notice production time while supply chains often needing to be redesigned to reduce or eliminate tariffs. They’re turning to analytics to gain the insights they need to take on these challenges and more. The graphic below is from Gartner’s latest survey of heavy manufacturing CIOs, it indicates the technology areas where heavy manufacturing CIOs’ organizations will be spending the largest amount of new or additional funding in 2019 as well as the technology areas where their organizations will be reducing funding by the highest amount in 2019 compared with 2018:

Knowing Which Problems To Solve With Analytics

Manufacturers getting the most value from analytics start with a solid business case first, based on a known problem they’ve been trying to solve either in their supply chains, production or fulfillment operations. The manufacturers I’ve worked with focus on how to get more orders produced in less time while gaining greater visibility across production operations. They’re all under pressure to stay in compliance with customers and regulatory reporting; in many cases needing to ship product quality data with each order and host over 60 to 70 audits a year from customers in their plants. Analytics is becoming popular because it automates the drudgery of reporting that would otherwise take IT team’s days or weeks to do manually.

As one CIO put it as we walked his shop floor, “we’re using analytics to do the heavy data crunching when we’re hosting customer audits so we can put our quality engineers to work raising the bar of product excellence instead of having them run reports for a week.” As we walked the shop floor he explained how dashboards are tailored to each role in manufacturing, and the flat-screen monitors provide real-time data on how five key areas of performance are doing. Like many other CIOs facing the challenge of improving production efficiency and quality, he’s relying on the five core metrics below in the initial roll-out of analytics across manufacturing operations, finance, accounting, supply chain management, procurement, and service:

  • Manufacturing Cycle Time – One of the most popular metrics in manufacturing, Cycle Time quantifies the amount of elapsed time from when an order is placed until the product is manufactured and entered into finished goods inventory. Cycle times vary by segment of the manufacturing industry, size of manufacturing operation, global location and relative stability of supply chains supporting operations. Real-time integration, applying Six Sigma to know process bottlenecks, and re-engineering systems to be more customer-focused improve this metrics’ performance. Cycle Time is a predictor of the future of manufacturing as this metric captures improvement made across systems and processes immediately.
  • Supplier Inbound Quality Levels – Measuring the dimensions of how effective a given supplier is at consistently meeting a high level of product quality and on-time delivery is valuable in orchestrating a stable supply chain. Inbound quality levels often vary from one shipment to the next, so it’s helpful to have Statistical Process Control (SPC) charts that quantify and show the trends of quality levels over time. Nearly all manufacturers are relying on Six Sigma programs to troubleshoot specific trouble spots and problem areas of suppliers who may have wide variations in product quality in a given period. This metric is often used for ranking which suppliers are the most valuable to a factory and production network as well.
  • Production Yield Rates By Product, Process, and Plant Location – Yield rates reflect how efficient a machine or entire process is in transforming raw materials into finished products. Manufacturers rely on automated and manually-based approaches to capture this metric, with the latest generation of industrial machinery capable of producing its yield rate levels over time. Process-related manufacturers rely on this metric to manage every production run they do. Microprocessors, semiconductors, and integrated circuit manufacturers are continually monitoring yield rates to determine how they are progressing against plans and goals. Greater real-time integration, improved quality management systems, and greater supply chain quality and compliance all have a positive impact on yield rates. It’s one of the key measures of production yield as it reflects how well-orchestrated entire production processes are.
  • Perfect Order Performance – Perfect order performance measures how effective a manufacturer is at delivering complete, accurate, damage-free orders to customers on time. The equation that defines the perfect order Index (POI) or perfect order performance is the (Percent of orders delivered on time) * (Percent of orders complete) * (Percent of orders damage free) * (Percent of orders with accurate documentation) * 100. The majority of manufacturers are attaining a perfect order performance level of 90% or higher, according to The American Productivity and Quality Center (APQC). The more complex the product lines, configuration options, including build-to-order, configure-to-order, and engineer-to-order, the more challenging it is to attain a high, perfect order level. Greater analytics and insights gained from real-time integration and monitoring help complex manufacturers attained higher perfect order levels over time.
  • Return Material Authorization (RMA) Rate as % Of Manufacturing – The purpose of this metric is to define the percentage of products shipped to customers that are returned due to defective parts or not otherwise meeting their requirements. RMAs are a good leading indicator of potential quality problems. RMAs are also a good measure of how well integrated PLM, ERP and CRM systems, resulting in fewer product errors.

Conclusion

The manufacturers succeeding with analytics start with a compelling business case, one that has an immediate impact on the operations of their organizations. CIOs are prioritizing analytics and BI to gain greater insights and visibility across every phase of manufacturing. They’re also adopting analytics and BI to reduce the reporting drudgery their engineering, IT, and manufacturing teams are faced with as part of regular customer audits. There are also a core set of metrics manufacturers rely on to manage their business, and the five mentioned here are where many begin.

Apr 21

CIO’s Guide To Stopping Privileged Access Abuse – Part I

CIOs face the paradox of having to protect their businesses while at the same time streamlining access to the information and systems their companies need to grow. The threatscape they’re facing requires an approach to security that is adaptive to the risk context of each access attempt across any threat surface, anytime. Using risk scores to differentiate between privileged users attempting to access secured systems in a riskier context than normal versus privileged credential abuse by attackers has proven to be an effective approach for thwarting credential-based breaches.

Privileged credential abuse is one of the most popular breach strategies organized crime and state-sponsored cybercrime organizations use. They’d rather walk in the front door of enterprise systems than hack in. 74% of IT decision makers surveyed whose organizations have been breached in the past say it involved privileged access credential abuse, yet just 48% have a password vault. Just 21% have multi-factor authentication (MFA) implemented for privileged administrative access. These and many other insights are from Centrify’s recent survey, Privileged Access Management in the Modern Threatscape.

How CIOs Are Solving the Paradox of Privileged Credential Abuse

The challenge to every CIO’s security strategy is to adapt to risk contexts in real-time, accurately assessing every access attempt across every threat surface, risk-scoring each in milliseconds. By taking a “never trust, always verify, enforce least privilege” approach to security, CIOs can provide an adaptive, contextually accurate Zero Trust-based approach to verifying privileged credentials. Zero Trust Privilege is emerging as a proven framework for thwarting privileged credential abuse by verifying who is requesting access, the context of the request, and the risk of the access environment.

By taking a least privilege access approach, organizations can minimize attack surfaces, improve audit and compliance visibility, and reduce risk, complexity, and the costs of operating a modern, hybrid enterprise. CIOs are solving the paradox of privileged credential abuse by knowing that even if a privileged user has entered the right credentials but the request comes in with risky context, then stronger verification is needed to permit access.

Strategies For Stopping Privileged Credential Abuse

The following are five strategies CIOs need to concentrate on to stop privileged credential abuse. Starting with an inventory of privileged accounts and progressing through finding the gaps in IT infrastructure that create opportunities for privileged credential abuse, CIOs and their teams need to take preemptive action now to avert potential breaches in the future.

In Part 1 of a CIO’s Guide to Stopping Privileged Access Abuse, below are the steps they can take to get started:

  1. Discover and inventory all privileged accounts and their credentials to define who is accountable for managing their security and use. According to a survey by Gartner, more than 65% of enterprises are allowing shared use of privileged accounts with no accountability for their use. CIOs realize that a lack of consistent governance policies creates many opportunities for privileged credential abuse. They’re also finding orphaned accounts, multiple owners for privileged credentials and the majority of system administrators having super user or root user access rights for the majority of enterprise systems.
  2. Vault your cloud platforms’ Root Accounts and federate access to AWS, Google Cloud Platform, Microsoft Azure and other public cloud consoles. Root passwords on each of the cloud platforms your business relies on are the “keys to the kingdom” and provide bad actors from inside and outside the company to exfiltrate data with ease. The recent news of how a fired employee deleted his former employer’s 23 AWS servers is a cautionary tale of what happens when a Zero Trust approach to privileged credentials isn’t adopted. Centrify’s survey found that 63% or organizations take more than a day to shut off privilege access for an employee after leaving the company. Given how AWS root user accounts have the privilege to delete all instances immediately, it’s imperative for organizations to have a password vault where AWS root account credentials are stored. Instead of local AWS IAM accounts and access keys, use centralized identities (e.g., Active Directory) and enable federated login. By doing so, you obviate the need for long-lived access keys.
  3. Audit privileged sessions and analyze patterns to find potentially privileged credential sharing or abuse not immediately obvious from audits. Audit and log authorized and unauthorized user sessions across all enterprise systems, especially focusing on root password use across all platforms. Taking this step is essential for assigning accountability for each privileged credential in use. It will also tell you if privileged credentials are being shared widely across the organization. Taking a Zero Trust approach to securing privileged credentials will quickly find areas where there could be potential lapses or gaps that invite breaches. For AWS accounts, be sure to use AWS CloudTrail and Amazon CloudWatch to monitor all API activity across all AWS instances and your AWS account.
  4. Enforce least privilege access now within your existing infrastructure as much as possible, defining a security roadmap based on the foundations of Zero Trust as your future direction. Using the inventory of all privileged accounts as the baseline, update least privilege access on each credential now and implement a process for privilege elevation that will lower the overall risk and ability for attackers to move laterally and extract data. The days of “trust but verify” are over. CIOs from insurance and financial services companies recently spoken with point out that their new business models, all of them heavily reliant on secured Internet connectivity, are making Zero Trust the cornerstone of their future services strategies. They’re all moving beyond “trust but verify” to adopt a more adaptive approach to knowing the risk context by threat surface in real-time.
  5. Adopt multi-factor authentication (MFA) across all threat surfaces that can adapt and flex to the risk context of every request for resources. The CIOs running a series of insurance and financial services firms, a few of them former MBA students of mine, say multi-factor authentication is a must-have today for preventing privileged credential abuse. Their take on it is that adding in an authentication layer that queries users with something they know (user name, password, PIN or security question) with something they have (smartphone, one-time password token or smart card), something they are (biometric identification like fingerprint) and something they’ve done (contextual pattern matching of what they normally do where) has helped thwart privileged credential abuse exponentially since they adopted it. This is low-hanging fruit: adaptive MFA has made the productivity impact of this additional validation practically moot.

Conclusion

Every CIO I know is now expected to be a business strategist first, and a technologist second. At the top of many of their list of priorities is securing the business so it can achieve uninterrupted growth. The CIOs I regularly speak with running insurance and financial services companies often speak of how security is as much a part of their new business strategies as the financial products their product design teams are developing. The bottom line is that the more adaptive and able to assess the context of risks for each privilege access attempt a company’s access management posture can become, the more responsive they can be to employees and customers alike, fueling future growth.

Oct 22

2 Comments

Gartner’s Top 10 Strategic Technology Trends For 2015

speed-of-quality-management-systems-makes-manual-systems-seem-asleep-300x199Gartner presented their top 10 strategic technology trends for 2015 at their annual Gartner Symposium/ITxpo 2014 held in Orlando earlier this month.  Computing Everywhere, the Internet of Things (IoT) and 3D Printing are projected to be the three most important strategic technology trends in 2015.

3D Printing Will Continue To Revolutionize Prototyping And Manufacturing  

3D printing is forecast to reach a tipping point in the next three years due to streamlined prototyping and short-run manufacturing. Improving time-to-market, ensuring greater accuracy of highly customized products, and reducing production costs over the long-term are three of the many benefits companies are adopting 3D printing for today.  Be sure to read Larry Dignan’s excellent post covering the conference and top ten strategic technology trends, 3D printing turns strategic in 2015, says Gartner.

Taking Analytics To The Next Level in 2015

Advanced, persuasive and invisible analytics, context-rich systems, and smart machines also are included in the top 10 strategic technology trends for 2015. Given how quickly analytics is maturing as a technology category, it’s understandable why Gartner ranked this area as the 4th most strategic.  In 2015, analytics will move beyond providing dashboards with metrics and Key Performance Indicators (KPIs) to a more intuitive series of applications that give business analysts the flexibility to define models and test them in real-time. Alteryx and Tableau are interesting companies to watch in this area and Tableau Public is worth checking out and learning due to its advanced visualization features (free, opt-in).

Cloud Computing Becomes Part Of The New IT Reality

The last four technology trends Gartner mentions include cloud/client computing, software-defined applications and infrastructure, Web-scale IT and risk-based security and self-protection.

The following graphic provides an overview of the top 10 strategic technology trends for 2015.

gartner-top-2015-tech-620x334

« Older Entries