WP How to use the Gartner® 2022 Strategic Roadmap for Data Security Platform Convergence | Imperva

How to use the Gartner® 2022 Strategic Roadmap for Data Security Platform Convergence

How to use the Gartner® 2022 Strategic Roadmap for Data Security Platform Convergence

“It is not the strongest species that survive, nor the most intelligent, but the ones most responsive to change.” – Charles Darwin

Evolution and innovation form the basis of most modern business mission statements. However, the same organizations pursuing growth and change often do not put sufficient review into their data security program to ensure it will adapt alongside.

Resilient data security strategies, ones that are simultaneously flexible and comprehensive, require planning and work to implement. Whether underestimating the risk, or weary of data security solutions that are too complex to deploy, cannot scale and do not support business initiatives, the need for a real solution remains. In response to rising client inquiry on this topic, Gartner released the 2022 Strategic Roadmap for Data Security Platform Convergence to place a stake in the ground regarding the current and future states of data security programs.

[If your organization is flush with innovation but new to data security we encourage you to read A Quick-Start Introduction to Database Security: An Operational Approach. This 12 minute “crash course” frames best practices and challenges of data security, with many relevant examples.]

The need for a new data security strategy

Organizations routinely invest in broad initiatives in their pursuit to digitally transform their business. Cloud service utilization, workflow automation and rich, personalized customer experiences are common examples.

SRM leaders today find that existing data security architectures often get in the way of innovation or worse, leave unintended (or invisible) gaps. In their report, Gartner states “As of the beginning of 2021, a mix of data security controls and products make their own decisions, according to policies that are configured in the tools themselves — security tools running in a silo.”

Imperva includes challenges for data security include complex administration, disparate products, immature APIs, rudimentary sensitive data visibility, lack of hybrid cloud capabilities, long implementation cycles and excessive false positives. Any one of these challenges can dramatically impede forward progress on business objectives.

In response to these challenges, the data security market is in the initial stages of convergence. Individual data security capabilities and products will amalgamate into a new data security platform, which will include functionality such as:

  • Data risk analytics
  • DbSec
  • Data discovery
  • File encryption
  • Data activity monitoring
  • Key management
  • Data access governance
  • SecAnalytics
  • Data loss prevention
  • Data masking
  • Tokenization
  • Data classification

This future state of data security will enable the scale and nimbleness that modern organizations require.

Support modern use cases, promote data sharing while reducing risk

From Imperva’s perspective, Gartner’s data security platform capabilities represent components of multiple overarching themes:

Support all data structures, architectures and platforms

Data security platforms must include native capabilities that align with modern use cases. These capabilities include support for structured, unstructured and semi-structured data as well as hybrid-cloud architectures. And since no organization is homogeneous, there cannot be gaps in RDBMS support.

Enable easy information sharing

Modern threat lifecycle management workflows rely on detailed information to be successful. Since the number of annually compromised records continues to grow, data security platforms should offer mature integration capabilities in order to enable the people and systems that are monitoring the sensitive data they are protecting. Information sharing options should include API, agent software, network gateways or logging. Multiple options allow consumers to choose the implementation architecture that is least invasive and adds most value.

Empower security and business teams

A good data security platform simplifies deployment and management. It also removes the need for specialized data security skill sets. Data security platforms should minimize the complexity of data security, empowering analysts and incident response teams with clear, actionable, high-confidence alerting.

Reduce risk

It may go without saying, but data security platforms must be superior at managing data risk, safeguarding sensitive data and assuring data compliance. Data security posture can change in moments, and so the current state of data security must be easily accessible to all levels of administrators.

What can you do today?

We believe the Gartner vision is in some ways a glimpse into the future, however there are things you can do in the interim to reduce gaps and empower your business.

Gartner recommends that SRM leaders should:

  • Inventory data security controls to implement a multiyear phaseout of siloed data security tools that are holding you back when you need to leverage your data in favor of a modern data security platform.
  • Consolidate vendors and cut complexity and costs as contracts renew.
  • Actively engage with initiatives for data lakes and artificial intelligence (AI)/machine learning (ML) use cases in order to integrate a data security platform into the scope of project planning.
  • Include data security platforms meshes in your cybersecurity mesh architecture by choosing products that offer high levels of integration capabilities.

In the report, Gartner provides further details of higher, medium and lower priority activities that can help you plan your roadmap to lower data security risk and better use of your business data.

“The Only Constant in Life Is Change.”- Heraclitus

Organizations today, especially those on the fast track for innovation, must pause and assess their data security strategy on a regular basis to ensure it aligns with their growth.

Research suggests that “by 2025, 30% of Gartner clients will protect their data using “a need to share” approach rather than the traditional “need to know” approach”. Getting ahead of this change only accelerates the time to value. Data security platforms empower teams to do more with less, and enable resilient yet comprehensive security.

We encourage you to read the report here. In it, you will find a clear vision for data security and activities you can implement today that will prepare your data security architecture for its evolution to a new paradigm.


Imperva Data Security Platform is the first data-centric solution that enables security and compliance teams to quickly and easily secure sensitive data no matter where it resides with an integrated, proactive approach to visibility and predictive analytics.

To learn more about Imperva’s approach to data protection or if you have questions about the report, please contact your Imperva Account Representative.

Gartner, 2022 Strategic Roadmap for Data Security Platform Convergence, By Joerg Fritsch, Brian Lowans, David Mahdi, 28 September 2021

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.