Key insights from the Gartner Security & Risk Management Summit 2024
Why organizations need to leverage new technologies to build stronger and more resilient cybersecurity programs.
Gartner Security & Risk Management Summit 2024 Recap
Gartner’s 2024 Security & Risk Management Summit offered a crucial platform for CISOs and cybersecurity professionals to explore the most pressing challenges and emerging trends in the security industry. Key cybersecurity trends emerge from the session topics, from the conversations in the hallways, and even from the most popular vendor booths.
This year’s event validated that identity is the battleground of cybersecurity right now.
Many presentations focused on identity-first security practices to help strengthen cybersecurity postures. We heard attendees discussing their pain points around identity security. And we saw hundreds of people come to the Oleria booth to get their first look at how Oleria Identity Security delivers a new solution.
Here are a few of my takeaways and cybersecurity trends from the event:
Role-based access control is a major pain point
Attendees at the Gartner event shared their anecdotal experience, which aligns with Microsoft’s estimate that 95% of permissions are unused in the typical organization. They also know that role-based permissions implemented using group memberships are one of the biggest sources of over-provisioned and unintended access. However, they can’t afford to manually grant access on a per-user, per-app basis. As a result, they’ve largely accepted this pain point as unavoidable.
That’s why we saw so much excitement around our Group Utilization feature as we gave demos of Oleria Identity Security to booth visitors. Group Utilization automatically flags individual unused accounts, along with flagging membership groups with a low percentage of active users. This makes identifying those unused accounts simple and quick, so cybersecurity teams can enforce least privilege principles by removing underutilized role-based access and moving from permissions based on group memberships to more targeted individual-level permissions for critical, high-utilization users.
Modern cybersecurity programs need to enhance speed and resilience
Three-quarters of cybersecurity professionals say the threat landscape is the most challenging it’s been in five years. But the pressure isn’t just to mitigate threats more effectively — cybersecurity teams need to find ways to work faster to enable the business to move with speed and agility.
Sessions at the Gartner event focused on how cybersecurity teams can look past the hype about GenAI and realize its promise of massive productivity gains by augmenting and supporting their workflows.
One particular area of focus is improving third-party risk management. Security teams need to develop smarter ways to monitor their hybrid digital environments at scale so they can identify risks and incidents earlier and respond more effectively. That starts with strengthening their identity fabric.
This is one of the biggest areas that Oleria is helping organizations: enhancing how they investigate data leaks. With Oleria, businesses finally have the technology to get the answers they need in minutes — not days. They can remediate risk faster — and reallocate more resources to moving the business forward, rather than spending their hours and headcount on tedious manual investigations.
During our conversations in the Oleria booth at the Gartner event, participants were able to see the risks of data leaks within their organizations through our demos featuring SharePoint, OneDrive for Business, and Google Drive. They also saw firsthand how quickly they could remediate these external sharing risks, significantly reducing the potential for data leaks.
Protecting identities requires enterprise-wide visibility and real-time monitoring
Rebecca Archambault, Gartner Analyst, delivered a presentation on why Identity Threat Detection Response (ITDR) must be able to see everything — in real time. Archambault shared how AI and machine learning will be a boon here, enabling security teams to enhance threat and anomaly detection and streamline incident response.
But the biggest challenge is gaining that enterprise-wide, real-time visibility in order to protect a range of applications that could potentially compromise sensitive company data.
This is where Oleria is redefining what’s possible. In the Oleria booth, we showed how we’re giving CISOs and their teams a truly composite view of identity and access — across their entire ecosystem of decentralized apps and systems.
There’s a critical need for robust Identity Governance and Administration (IGA) systems
With that aforementioned ecosystem continually expanding, conventional perimeter-based cybersecurity is all but dead.
Brian Guthrie, Gartner Analyst, hosted a great session on why strong identity governance and administration (IGA) is paramount in these increasingly complex digital environments.
Security teams aren’t just missing breadth of visibility, but granularity. One of the biggest missing pieces in most IGA solutions is usage data. Security teams know they have a huge problem with dormant and unintended access — but they struggle to see where those issues are.
Here again, our in-booth demos showed attendees how Oleria delivers this fine-grained visibility — finally making it easy to understand what access an account has, whether the account is being used, and what the user is doing with that access.
Oleria is shaping the future of cybersecurity & risk management
This was our first opportunity to show off Oleria Identity Security to a broad audience at a cybersecurity industry event. The interest in Oleria cut across several industries — from insurance, to healthcare, to government at all levels — supporting our sense that the need to reshape cybersecurity is felt all over.
It was clear that our approach — and our technology — speak directly to the pain points of the cybersecurity pros in attendance. But it was even more valuable to see that our vision for modern identity-first cybersecurity is shared by many of the most forward-thinking voices in our industry. Gartner and Oleria have been on the same page for a while now about the need to improve the flexibility of traditional enterprise security for the new reality of cloud-based, decentralized business — without compromising the strength of that security.
What did you miss? Catch up with us
Did you miss us at the Gartner Summit? Not get to every session you wanted to attend? Reach out if you’d like to talk through the rest of my highlights from the event. And to get an inside look at how Oleria Identity Security can help you rapidly reduce your risk without slowing down your business, schedule a demo.