Published January 25, 2023
By Analyst(s): Deepti Gopal, Leigh McMullen, Andrew Walls, Richard Addiscott, Paul Furtado, Craig Porter, Oscar Isaka, Charlie Winckless
"Organizations in the past have developed their cybersecurity program to address the ebbs and flows of regulatory changes, business decisions, and customer demands and threats. Modern cybersecurity leaders will use a human-centric design to strengthen their program and optimize human potential."
Key Findings
- Burnout has made its way into the cybersecurity industry, but little is being done to address the attrition that it causes.
- Insider threat management is not a focus area for most organizations unless they are highly regulated.
- Digital risk protection services (DRPS) are becoming more relevant today as the human element continues to be an effective vector for malicious actors.
- The cybersecurity industry has taken limited action to reduce cybersecurity process friction and improve user experience.
- Poor strategic implementation of topics like Zero Trust stops organizations from developing a positive security culture.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.