Today we released our 2019 security & risk recommendations report. We collected contributions from our colleagues across the Forrester security & risk team to identify the most important actions security leaders should take in 2019. Turns out, things are getting better for S&R pros, but challenges still remain. Security leaders have earned board-level visibility, privacy is a key component of brand value and reputation, and cybersecurity is a topic for consumers and enterprises. While things might be on the upswing, life hasn’t gotten any easier for embattled security practitioners, and it looks like things will get a bit more bumpy, as external factors will put even more pressure on security pros. What follows are some themes we noticed as we developed this year’s report.

Deteriorating Economic Indicators Will Only Increase The Tension Of Geopolitical Squabbles

In recent years, most security leaders needed to worry about becoming collateral damage in a cold cyberwar with many active players, but things are heating up, and economic conditions globally will not help things. Whether it’s intellectual property theft to gain or maintain a competitive edge or intelligence activities coming to light against other sovereign nations, no business is immune to the prevailing geopolitical tensions. CISOs don’t need to become foreign policy experts or economists. However, CISOs do need to factor in the impacts of geopolitics and economic conditions on their security programs. Cost cutting, rationalization, and productivity studies could all come at the same time that threat intelligence, incident response, and managed detection and response capabilities all need expansion to address a threat landscape that’s becoming rockier by the day.

Cloud Expansion And Vendor Consolidation Represent Top-Of-Mind Security Concerns

By 2019, it seems strange that some still think of cloud as something special. Bear in mind that cloud has been around long enough to have a driver’s license. However, as organizations face complexity, costs, and rising threats, expect cloud adoption to continue to jump into light speed. While cloud expands, other technology areas will consolidate as the market constricts itself to large vendor portfolio offerings to address customer complaints of fragmented and siloed technology and safely navigate any economic concerns based on lower spending and slower economic growth. For this to work, technology must integrate seamlessly to facilitate automated activities, no matter where it’s deployed, the form factor it takes, or who manages it.

Don’t Short The Soft Skills; They Will Save You When Things Get Rocky

Whether it’s during those tense moments while investigating what could become a serious breach or when announcing cost-cutting or downsizing initiatives, soft skills will help make sure security teams don’t suffer more than necessary. Building a strong culture of collaboration, communication, and openness won’t make things easy, but it will make them tolerable. The most toxic cultures will crumble in the face of the onslaught of external issues teams will face over the next 12 months.

To find out more about our top recommendations for your security program for 2019, read our full report here.