How To Protect APIs From Security Breaches?: Gartner


Day 1 of The Gartner Security & Risk Management Summit


Deepti Gopal, Director Analyst, Gartner

FinTech BizNews Service

Mumbai, March 10, 2025: The Gartner Security & Risk Management Summit, is currently taking place in Mumbai. Here is a collection of the key announcements and insights coming out of Day 1 of the conference. Some key announcements include the Gartner opening keynote around turning disruption into cybersecurity opportunities, discussing how to protect APIs from security breaches, and exploring how integrating identity hygiene, security posture management, and identity threat detection and response can enhance organizational resilience. 

Key Announcements

 

  1. Gartner Keynote: Harness the Hype: Turning Disruption Into Cybersecurity Opportunity - Presented by Deepti Gopal, Director Analyst, Gartner and Dennis Xu, VP Analyst, Gartner

In today’s fast-paced environment, hype — whether fueled by AI, emerging technologies, or the latest cyber attack — can pose a significant risk to strategic business objectives and the crucial partnership between cybersecurity and the broader business. In this session, Deepti Gopal, Director Analyst at Gartner, and Dennis Xu, VP Analyst at Gartner, explored how chief information security officers (CISOs) can exploit the power of hype to drive innovative and adaptable cybersecurity programs.

 

 

Key Takeaways

  • “Hype can drive organizations to overinvest in unproven technologies or cause cyber and risk teams to slow down excessively, risking missed market opportunities. However, hype often contains a kernel of truth and signals change that cannot be ignored.”
  • “Organizations are investing in hyped, cutting-edge technologies like generative AI, and the CISO plays a crucial role in balancing innovation’s rewards and risks by guiding intelligent risk-taking.”
  • “ODMs facilitate communication and agreement on protection levels with the business, enabling CISOs to harness hype and deliver mission-driven outcomes.”
  • “To harness the hype around AI, build AI literacy with a beginner’s mind, foster critical thinking, and develop AI champions to spearhead AI initiatives.”
  • “In cybersecurity, skills shortage and burnout create a vicious cycle, exacerbated by the constant influx of hype that overwhelms teams with change and disruption. Change management and learning agility can help harness this hype, ensuring team resilience.”

 

  1. Protect Your APIs to Avoid Security Breaches - Presented by William Dupre, VP Analyst, Gartner

Cybersecurity attacks leveraging application programming interfaces (APIs) as an attack vector pose a significant threat to organizations and their sensitive data. In this session, William Dupre, VP Analyst at Gartner, discussed strategies for executing API security projects.

 

 

Key Takeaways

  • “API security breaches are a major concern among organizations, as an average API breach leads to at least 10 times more leaked data than an average security breach, causing more damage.”
  • “AI and APIs have a symbiotic relationship, with APIs playing a crucial role in training AI models. This makes securing APIs essential to protect AI systems from unauthorized access and data breaches.”
  • Gartner highlighted five steps for setting up an effective API security program:
    • Discovery: Inventory all first-and third-party APIs.
    • Posture Management: Identify misconfigurations and prioritize remediations.
    • Testing: Detect API vulnerabilities through testing techniques.
    • Runtime Protection: Monitor for malicious or suspicious behavior in API traffic.
    • Access Control: Implement fine-grained API access control.
  • “Begin API discovery and posture management with a focus on access control issues.”
  • “Anticipate and prepare for the additional workload that comes with implementing behavior-based API runtime protection.”

 

  1. Demystifying the Hype: Identity Security, Posture Management, Threat Detection and Response - Presented by Abhyuday Data, Director Analyst, Gartner

As identity becomes a cornerstone of business enablement, it simultaneously expands the attack surface, making it the leading vector for breaches and highlighting the need for identity-first security. In this session, Abhyuday Data, Director Analyst at Gartner, discussed how integrating identity hygiene, security posture management, and identity threat detection and response (ITDR) can enhance organizational resilience.

 

 

Key Takeaways

  • “The legacy approach to identity and access management (IAM) fails to address security risk pervasively or in real-time, prompting leaders to shift investments to identity-first security.”
  • “Cyberattacks often begin by targeting the identity infrastructure, requiring a defense-in-depth approach to IAM infrastructure that includes prevention, detection, and response.”
  • “Security leadership must understand ITDR as a security discipline and reach a consensus on who will serve as the ITDR owner or facilitator.”
  • “An IAM leader is accountable for connecting the ITDR initiative into the larger IAM program and deriving business value from it.”
  • “Collaborate with security and business teams to leverage insights from various tools, address high-risk issues, and understand their use of identity to explore intersection points.”

You may also be interested in

Digital Address: DPI For Geo-Coded System

  • 16 Hours Ago

Future Of Threat Intelligence With AI: Gartner SRM Summit

  • 18 Hours Ago

TransUnion CIBIL & FACE Start Consumer Education Initiative

  • 19 Hours Ago

Boehringer Ingelheim And Cognizant Open Cloud Platform

  • 23 Hours Ago

WOW Workplace Award For IT, ITeS & GCC To Happiest Minds

  • 1 Days Ago

Progcap To Enable 10K Women-Led MSME In 3 Years

  • 2 Days Ago

Cookie Consent

Our website uses cookies to provide your browsing experience and relavent informations.Before continuing to use our website, you agree & accept of our Cookie Policy & Privacy