Cybersecurity control failures were ranked as the most important emerging risk in the first quarter of 2021, according to the latest report from Gartner, Inc.’s Emerging Risk Monitor.
The global survey of 165 senior executives found that 67% of respondents highlighted cybersecurity risk as one of the main concerns, consistent across all geographic regions and most industries.
This occurred despite a myriad of risks arising from the pandemic, such as the new work environment and environmental, social and governance (ESG) concerns.
“Many organizations were forced to implement rapid solutions to serious operational gaps as a result of their initial responses to the pandemic,” said Matt Shinkman, vice president of risk and audit practice at Gartner.
“Nowhere has it been more evident than in cybersecurity policies that have prioritized local security over secure access to remote work. The executives responsible for these areas realize that now is the time to enact more sustainable policies. and robust ”.
The internal risks related to a company’s operational and cultural capabilities continued to be the most urgent for the executives surveyed and constituted the five emerging risks selected in the first quarter.
Executives ’concerns about failures in cybersecurity control are believed to stem from the hasty implementation of remote work caused by the pandemic and subsequent blockades.
Gartner notes that IT teams were often forced to rapidly expand VPN access throughout the organization and that security teams had to immediately reorient their risk positions from a focus on securing local operations to developing remote work access policies on the fly.
While access management issues were the focus of the initial response, the consensus among surveyed executives suggests that more work needs to be done as the increase in remote work becomes a permanent feature of the new work environment.
In addition to being at the top of this quarter’s list of emerging risks, failures in cybersecurity control also rank third in “risk speed,” which tracks the speed at which it moves the risk and the impact it would have if it materialized.
Failures in cybersecurity control only led to a prolonged release of the vaccine and the reputational risks of citizen journalism in the analysis of the speed of risk.
“The speed of risk can help executives see emerging risk blind spots that could move quickly toward an organization, but that are not yet appreciated by their peers,” Shinkman explained. “However, in the case of cybersecurity risk, it’s good to see that the level of awareness among executives matches the severity of the risk their organizations have.”