Skip to content
July 10, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Watchtower
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • News
  • Technology
  • Gartner issues Top six Security and Risk Management Trends For 2018
  • Technology

Gartner issues Top six Security and Risk Management Trends For 2018

Do Son July 10, 2018 4 minutes read
Global Risks Report 2018
Add Daily CyberSecurity as a preferred source on Google

The 2018 Gartner Security and Risk Management London Summit will be held from September 10th to 11th. Analysts will explore the trends facing security administrators and vendor risk assessment frameworks at the summit.

Gartner believes that business leaders are paying more attention to the impact of cybersecurity on corporate output. Security managers should use this support and six new trends to improve the resiliency of their businesses while enhancing their position.

Trend 1: Executives will eventually realise that cybersecurity will affect the achievement of corporate goals and will also affect corporate reputation.

IT security is an extensive topic and a necessary component of any e-commerce strategy. Business managers have been reluctant to accept this, but recent events have changed their perceptions. Such as:

  • The Equifax data breach has caused the company’s CEO, CIO and CSO to lose their jobs;
  • The WannaCry attack caused a global loss of $1.5 billion to $4 billion;
  • After Yahoo’s data breach, Verizon received a $350 million discount for Yahoo’s acquisition.

Peter FirstBrook, vice president of research at Gartner, said “Business leaders and senior stakeholders, at last, appreciate security as much more than just tactical, technical stuff done by overly serious, unsmiling types in the company basement, research vice president at Gartner. “Security organizations must capitalize on this trend by working closer with business leadership and clearly linking security issues with business initiatives that could be affected.”

Trend 2: Regulatory, mandatory data protection policies are affecting the plans of the e-commerce industry and place more demands on data reliability.

Customer data is the lifeblood of the e-commerce industry. Recent “Cambridge Analytical Data Disclosure Incidents” and Equifax data breaches have shown that companies face significant risks when processing such data. Moreover, the relevant laws are becoming more and more complicated. For example, on May 25, 2018, the EU’s General Data Protection Regulations GDPR came into effect. At the same time, if companies do not adequately protect data, there are a lot of more massive penalties waiting for them.

In the United States, the number of organisations experiencing data breaches has grown from less than 100 in 2008 to more than 600 in 2016.

Firstbrook believes that “It’s no surprise that, as the value of data has increased, the number of breaches has risen too. In this new reality, full data management programs — not just compliance — are essential, as is fully understanding the potential liabilities involved in handling data.”

Trend 3: Security products are rapidly leveraging cloud services to provide more flexible solutions.

The new detection technology, activity and verification models require a significant amount of data that can quickly crash an internal security solution. This situation has spawned the need for cloud security products. Cloud security services are better able to provide more flexible and adaptable solutions with near real-time data.

Firstbrook recommends that “Avoid making outdated investment decisions. Seek out providers that propose cloud-first services, that have solid data management and machine learning (ML)competency, and that can protect your data at least as well as you can.”

Trend 4: Machine learning is bringing value to simple tasks and can also assess suspicious matters in the human analysis.

Switching to cloud services creates opportunities for companies to use machine learning to solve security problems (e.g., adaptive verification, internal threats, malicious advanced attackers, etc.). Gartner predicts that machine learning will become a standard part of security solutions by 2025 and will make up for the shortage of technology and personnel.

FirstBrook believes that “Look at how ML can address narrow and well-defined problem sets, such as classifying executable files, and be careful not to be suckered by hype. Unless a vendor can explain in clear terms how its ML implementation enables its product to outperform competitors or previous approaches, it’s very difficult to unpack marketing from good ML.”

Trend 5: Security procurement decisions are increasingly dependent on geopolitical factors.

Cyber warfare has intensified, and cyber political interference and government demands left backdoors for accessing software and services, all of which have led to new geopolitical threats in software and infrastructure procurement. Recently, the ban imposed by the US government on Russia (Kaspersky) and Chinese companies (Huawei) is the best example. Recent

Firstbrook believes that “It’s vital to account for the geopolitical considerations of partners, suppliers and jurisdictions that are important to your organisation. Include supply chain source questions in RFIs, RFPs and contracts.”

Trend 6: Over-reliance on the threat posed by electronic technology is driving the decentralization of the entire ecosystem.

The Internet is driving a wave of centralisation, and cloud computing is an obvious example. While there are many benefits to doing so, a good security team should also consider the risks.

Firstbrook believes that “Evaluate the security implications of centralization on the availability, confidentiality and resiliency of digital business plans. Then, if the risks of centralization could seriously threaten organizational goals, explore an alternative, decentralized architecture.”

Get Zero-Hour Vulnerability Alerts

Critical CVEs, CVSS scores, and PoC updates — straight to your inbox every week.


We respect your inbox. Unsubscribe anytime.

Related coverage

  • Gemini’s New AI Image Generation Model Prioritizes Consistency, Control, and Trust
  • OpenAI Codex Upgrade: Generate Multiple Code Solutions, Monitor Progress & Cancel Tasks
  • Qualcomm’s AI Revolution: The Future of the “AI as the UI” and 6G Connectivity
  • Bing enhanced search capabilities: more intelligent search features
  • Cloudflare Mesh Challenges Tailscale with Post-Quantum Security for AI Agents

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee Logo Buy Me a Coffee PayPal
Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Share this article:

Facebook Post LinkedIn Telegram
Written by
@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Tags: Risk Management Trends

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-1207CVSS 5.4
    An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on...
    Admin intel📅 Updated: Jul 10, 2026
  • CVE-2026-55255CVSS 8.4
    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-48908
    A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-56290
    The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-20896CVSS 9.8
    Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER`
    Admin intel📅 Updated: Jul 6, 2026
  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intelCISA KEV📅 Added to KEV: Jul 7, 2026📅 Updated: Jul 3, 2026
  • CVE-2024-14037CVSS 9.8
    Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2026-8451CVSS 8.8
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured...
    Admin intel📅 Updated: Jul 2, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-54769CVSS 10.0
    Langroid is a framework for building large-language-model-powered applications. Versions prior to 0.65.2...
  • CVE-2026-58122CVSS 9.1
    Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated...
  • CVE-2026-58123CVSS 9.8
    Hermes WebUI before 0.51.788 contains an unauthenticated remote code execution vulnerability that...
  • CVE-2026-52777
    ## Details ### Sink `tools/bazar/services/CSVManager.php` line 372-399: ``` public function importEntry(array $importedEntries,...
  • CVE-2026-52766CVSS 9.1
    ### Summary The `{{erasespamedcomments}}` wiki action (`actions/EraseSpamedCommentsAction.php`) accepts a `suppr[]` array from...
  • CVE-2026-59827CVSS 9.9
    Metabase is an open-source business intelligence and embedded analytics tool. Prior to...
  • CVE-2026-59826CVSS 9.1
    Metabase is an open-source business intelligence and embedded analytics tool. From 1.55.0...
  • CVE-2026-59726CVSS 10.0
    Ruflo is an agent meta-harness for Claude Code and Codex. Prior to...
  • CVE-2026-14261CVSS 9.1
    A vulnerability in the Xerte Online Tools allows for authentication bypass and...
  • CVE-2026-12116CVSS 9.8
    A vulnerability in the Xerte Online Tools allows for RCE through the...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • Disclaimer
    • Privacy Policy
    • DMCA NOTICE
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.