Strategic Planning for Cybersecurity: 2024 Trends

What will infosec departments focus on in 2024 to improve security and mitigate risks? Read on to discover tech leaders’ top strategic priorities for cybersecurity.

Screenshot 2024-02-12 at 16.41.08

Want more insights like these?

Join our community

No selling.

No recruiting.

No self promotion.

Read Our GuidelinesTrusted peer advice and insights for technology professionals.

More like this

2024 Sales Priorities and Goals

2024 Sales Priorities and Goals

View insights
Extended Reality (XR) in the Enterprise

Extended Reality (XR) in the Enterprise

View insights
Generative AI Security and Risk Management Strategies

Generative AI Security and Risk Management Strategies

View insights

One minute insights:

  • Data security, cyber resilience and vulnerabilities are the most common strategic priorities for infosec in 2024

  • Most respondents anticipate talent retention or talent shortages to be major hurdles to their infosec department’s 2024 priorities

  • Many expect challenges due to the evolving landscapes of both cyberthreats and regulations

Data, resilience among top three infosec priorities for 2024

Nearly half (49%) of surveyed leaders indicate that data security is one of the top three priorities in their organization’s 2024 cybersecurity strategy.

Gauges

Based on your personal knowledge of your infosec department’s goals, what are most likely to be the top three priorities of its 2024 cybersecurity strategy? Select up to three.

Privacy program 27% | IAM 27% | New security tools 25% | Tools/vendor consolidation 24% | Cost efficiency 22% | Security awareness and training 20% | Incident response 19% | Regulatory compliance 17% | Risk management (including third-party risk) 15% | Technical debt reduction 13% | Training 10% | Hiring 6% | Not sure 1% | Other 0%

n = 144

lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals

Question: Please share any final thoughts or personal opinions about your infosec department’s strategic priorities and planning for 2024.

Keep your landscape simple and remove technical debt. Be prepared for change.

VP, utilities industry, 1,000 - 5,000 employees

Staffing and implementing some of the new Microsoft security stack will be our number one priority.

Director, healthcare industry, 10,000+ employees

Many foresee major challenges with both talent retention and hiring

The majority anticipate that skills gaps and training needs (55%) or retention (53%) could be key talent-related hurdles to achieving their 2024 strategic priorities for infosec.

Bar chart

Which talent-related issues, if any, do you think could pose the biggest challenge(s) to achieving your infosec department’s top three strategic priorities for 2024? Select all that apply.

Succession planning and/or leadership development 26% | Team morale 14% | Diversity and inclusion 13% | Employee engagement 13% | Adjustment to in-office working requirements 8% | None — I don’t foresee any talent-related challenges 3% | Not sure 0% | Other 0%

n = 144

Question: Please share any final thoughts or personal opinions about your infosec department’s strategic priorities and planning for 2024.

Business sees easier-to-use tools as a means to increase workload and/or hire less skilled staff.

C-suite, utilities industry, 1,000 - 5,000 employees

Most expect budget limitations and regulations to be key hurdles in 2024

54% of surveyed leaders expect the evolving threat landscape to be one of the biggest challenges to their 2024 infosec priorities. Over half (52%) list budget restrictions among their biggest obstacles.

Apart from talent-related issues, which of the following do you think could pose the biggest challenge(s) to achieving your infosec department’s top three strategic priorities for 2024? Select all that apply.

Gauges

Organizational resistance to change 25% | Enterprise risk appetite (e.g., increased or unclear appetite) 21% | Prioritization issues 21% | Technical debt 21% | Geopolitical uncertainty 20% | Lack of executive support 20% | Misalignment with business strategy 13% | Strategic plan is too ambitious 8% | Strategic plan lacks flexibility 6% | Not sure 1% | Other* 1% *Other includes: Post-acquisition chaos

n = 144

Question: Please share any final thoughts or personal opinions about your infosec department’s strategic priorities and planning for 2024.

Dealing with an impending acquisition, I have no doubts that 2024 will be extremely challenging for those employees who managed to stay with the company. Adopting the new company’s priorities will take some time.

Director, software industry, 10,000+ employees

In their own words...

Question: Please share any final thoughts or personal opinions about your infosec department’s strategic priorities and planning for 2024.

We have a very challenging environment at this time. Financially, we have to watch our budget. However, it is imperative that we strengthen our cybersecurity landscape.

VP, healthcare industry, 10,000+ employees

While priorities for 2024 will be in place, I expect those priorities will change by Q2. If we have an incident, then priorities will change even quicker.

Director, educational services industry, 1,000 - 5,000 employees

Fortunately, we get a lot of attention from the executives and board. That helps tremendously.

C-suite, transportation industry, 10,000+ employees

Respondent Breakdown

Respondent Breakdown
Community GuidelinesRules of EngagementFAQsDirectory of ambassadorsPrivacyTerms of Service

© 2024 Gartner, Inc. and/or its affiliates. All rights reserved.