2 min reading
Mon Sep 19 2022

How is your organization doing on Gartner's Top 3 Security Trends


Midway through 2022 and going back to the office, we would like to share a refresher on what's top of mind for information security professionals.

In their top security trends for 2022 Gartner identifies the hybrid work environment and the shift to cloud services supporting a distributed enterprise as the main evolutions. Add to this the well known lack of senior security staff.

Without further ado, the top three are:

1: Attack Surface Expansion

Third party risks associated with the use of IoT, open-source code, cloud, complex digital supply chains, social media expand the exposure of assets outside the traditional perimeter of control.

2: Digital Supply Chain Risk

Cybercriminals targeting the third parties supporting IT business processes.  ''Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021.''

3: Identity Threat Detection and Response

Sophisticated threat actors targeting identity and access management (IAM) infrastructure, focusing on credential misuse as attack vector. ''Gartner introduced the term “identity threat detection and response” (ITDR) to describe the collection of tools and best practices to defend identity systems.''

For the complete list of trends check out:

Gartner Identifies Top Security and Risk Management Trends for 2022

Security & risk leaders must address 7 top trends to protect their organizations against new & emerging threats in 2022 and beyond, says Gartner. 


Ceeyu is a  SaaS platform that can help assess the security of your vendors and other third parties. By using a platform to improve your third-party risk management process, your organization can easily and quickly identify areas of risk. This data will help improve the security of risky vendors, effectively increasing yours as well.

Contact us for a demo! [email protected]

Silvana Precup Ceeyu

Silvana Precup


Cybersecurity professional experienced in cross-functional roles bridging between top management, risk functions, IT and security operations teams. With a knack for TPRM and digital footprint.

Other Blogposts

Ceeyu UI

NIS2: Essential entities vs Important entities, what’s the difference?

The impact of NIS2 for essential and important entities is not much different when it comes to implementing controls to comply, as they are ...

December 11, 2023


The EU DORA regulation and third party risk

With the DORA regulation that the EU aims to strengthen the IT security of financial services and industries. This means banks, insurance co...

July 17, 2022


How to manage the third party risks posed by your critical suppliers

This blog post walks you through some ideas on how to navigate the complex web of third-party risks, focusing on critical suppliers.

June 27, 2022