Cybersecurity Trends: Resilience Through Transformation

“What is cybersecurity?” It’s the practice of deploying people, processes, policies and technologies to protect organisations, their critical systems and sensitive information from digital attacks. 

How organisations do that is changing radically. 

Staying current on cybersecurity trends and best practices is critical for cybersecurity leaders to effectively manage the fast-evolving daily threats and exposures the organisation faces  —  without constraining business ambitions.

The Gartner Top Trends in Cybersecurity 2025 survey finds emerging pressure from: 

• The continued emergence of generative AI (GenAI) use cases (and risks)

• Burnout as a result of the continued gap between security-talent supply and demand

• Relentless growth in cloud adoption, which is altering the composition of digital ecosystems

• Increasing regulatory obligations and government oversight of cybersecurity, privacy and data localisation

• Continued decentralization of digital capabilities across enterprises

Security and risk management leaders are tasked with improving organisational resilience in a world of increasing risk. Several interconnected factors are driving this focus on resilience, including:

• Digital ecosystems continue to sprawl due to increasing cloud adoption.

• The threat environment continues to evolve as new capabilities embolden attackers.

It’s not feasible to remediate every potential vulnerability in the organisation, given how they are exploding in today’s digital environments. Among the resources to protect are:

• Facilities

• Equipment

• Workers

• Third parties

• Business process outsourcers 

• Technology providers (such as cloud/IT services)

Board directors and C-suite leaders now widely view cyber risk as a core business risk to manage — not a technology problem to solve. SRM leaders are pivoting cybersecurity from a prevention mindset to a resilience focus. Cyber resilience embraces a “when, not if” mentality, and seeks to minimise the impact of cyber incidents on the enterprise and enhance adaptability, rather than engage in misguided notions of outright prevention.

Transformation is par for the course for SRM leaders who must constantly adapt to an ever-shifting threat landscape to ensure the stability of business operations. These challenges provide opportunity for a more proactive and comprehensive approach that embeds resilience into technological and human-driven capabilities.

Even as cybersecurity leaders recognize the folly of trying to fully protect against every risk, they are still under pressure to improve security without constraining the business or spending an exorbitant amount of resources. High and ever-improving performance is a key priority.

At the same time, the themes of distributed threat exposure and increasingly decentralized decision making raise an ongoing question: Who is responsible for cybersecurity? The answer is: Everyone. Accountability still falls mostly on the shoulders of cybersecurity leaders. Yet given the spreading nature of risk, there is a growing role for boards of directors and business unit partners to ensure they share responsibility, accountability and governance.

Given those goals of increasing performance within an environment of distributed responsibility, the Gartner Top Cybersecurity Trends for 2024 highlights five investments that promise to help meet the organization’s cybersecurity needs according to its risk appetite. They include:

The rise of GenAI is transforming data security programs, in three notable dimensions:

• A preference for synthetic data vs. obfuscated data in AI training to preserve privacy, address the challenges of insufficient data and prevent bias

• Shift from structured to unstructured data security as the latter becomes more prevalent and valuable

• Increased need to assess the data security posture of GenAI to ensure that data is not unknowingly accessed or shared with third parties