Info-Tech Research Group has published its annual report on the priorities for security leaders. The report combines insights from the 2022 security priorities survey and other related industry reports that the firm releases throughout the year.
The report looks into important security trends and the priorities that stem from them to help security leaders better secure their workforce in the remote work environment.
“The pandemic has introduced many changes to our lives and to various aspects of how we work, and we are still reckoning with the security implications of all this change,” says Info-Tech Practice Lead Cameron Smith.
“In particular, a large workforce moved online overnight, which shifted the work environment rapidly. People changed how they communicate, access company information, and connect to the company network. These changes make cybersecurity a more important focus than ever.”
The survey revealed that many organizations are still mastering the foundations of a mature cybersecurity program. It also showed that the top projects security leaders are working on include security strategies, policies, governance, and incident response.
“Although changes like the shift to remote work occurred in response to the pandemic, they are largely expected to remain, regardless of the progression of the pandemic itself,” adds Info-Tech Research Specialist Maggie Zeng.
Five priorities for security leaders
The priorities identified in the report are influenced by three main factors: the COVID-19 pandemic, rampant cybercrime, and remote work and workforce reallocation.
The following are the top five priorities the research indicated should be top of mind for security and IT leaders:
- Acquiring and retaining talent. Security talent was in short supply before the pandemic, and it’s even worse now. Organizations need to consider how to improve working environments for existing and potential employees and invest time and effort into talent issues to avoid being understaffed.
- Securing a remote workforce. Trends suggest remote work is here to stay and that addressing the risk of insecure endpoints can no longer be deferred. Organizations need to create a secure environment for users and help them build safe habits while working remotely.
- Securing digital transformation. Digital transformation could be a competitive advantage or the cause of the next data breach. Security leaders should ensure that security is built in from the start and check in frequently to create agile and secure user experiences.
- Adopting zero trust. It is critical for organizations to have a process to manage the access of sensitive information based on the principle of least privilege. Governments are now recognizing the importance of zero trust strategies; security leaders across other industries should as well.
- Protecting against and responding to ransomware. Ransomware is still the number one threat to the safety of an organization’s data. Security leaders need to put in their best efforts to build defenses as well as prepare for a breach and know how to recover from one.