Yeah. We, as an Analyst company are always keen to look ahead of time and we were interested to understand what are the top cybersecurity topics next year. And since everyone has 10, so we thought 11 is a much nicer number. So we have 11. So yeah, what are the top security topics next year? But we were also interested to understand how do they relate to each other. So what topic do people think is most important compared to others? So that was certainly something you are interested in. And we also wanted to understand, is there a difference in between how, if you ask CSOs how they would rate on the top security topics or on other cybersecurity experts? And if so, what is the difference?
And then we also ask people, all right, so you rated now these 11 topics. Is there anything else which you think is important for next year? And people came back with, with certain ideas here. And finally we wanted to make this not only a theoretical exercise, but also wanted to understand what are people planning to do next year. So what is their book of work for 2021? So what are, and we ask them precisely, what are the three top priorities you are working on next year? And that's also interesting. See whether there are any differences to what were people thinking are the top topic, the, the top security topics versus what they are working in, in practice. So how did we select the topics? Obviously the topics were selected by co a code Analyst, obviously based on their research and based on the interactions with clients. And, and of course, whom, whom did we ask? We asked the participants of the, of this conference, the cybersecurity leadership summit members or participants. And we also asked hand selected CSOs of rather large organizations about their opinion. And now let's jointly look at, at the outcome.
I will start off with number 11. And number 11 is decentralized. Identity is gaining momentum. Why is why this matters? Everyone is aware of stolen personal identifiable information. AFAX, it's quite some years spec the Cambridge analytical case in 2018. And it's clear the ability to prove who you are and, and who you say you are, is critical in a more and more digital economy. And with decentralized identity with that technology, the control of, of that is being given back to the people itself themselves. So whether it's blockchain based or non blockchain based, et cetera, cetera, that's, I believe still an open question, but it's a whole topic and it's rated number 11. Let's move on.
Number 10, the role of the CSO continues to change. It's still interesting to see to whom a CSO actually reports in many cases, it's the CIO for example, but of course this has advantages, but also disadvantages. And sometimes, and we all know that that the CSO agenda is a different one than the CIO agenda. And since CIOs are more, more elevated in the hierarchy in the organizational hierarchy, it's not seldom the case that the CIO wins. We also see a convergence to other roles such as the chief data protection officer, chief security officer, et cetera. And in many organizations, these other roles are combined to the Caesar rower as well. So that's changing. And, and of course that, that has implications because the CSO with this changed role has even more communi has to have more communication skills.
A CSO even said, I have to be a psychologist to, to talk to all the people and, and, and, and, and to understand what they're thinking and what, what is driving their behavior. And, and that are almost similar critical skills like to have technical skills, number nine security in the SAP ecosystem. I think you heard a presentation earlier today about this topic, and it's amazing because in the SAP system, I mean, for many organizations, SAP is, is their backbone. It holds the most critical data, and it's amazing how little attention management and organizations pay to the security of these systems. But that seems to change now. So the topic was rated nine, which is an indication that it is increasing attention. And, and I think we should do a lot more research around this topic in order to get on top of it.
Topic number eight, security is the key feature for internet of things. According to a survey, computer Ted, 80% of the companies believe that internet of things is important to them. And I think we heard a wonderful presentation earlier today about I O T systems even which says that, of course I T systems consist of many, many devices coming from all kinds of providers and, and they produce a enormous amount of data. And if you don't pay attention to security to at the very beginning, it will be very hard to stay on top of things and have things under control. And without security, the whole advantage of internet of things is going away or is becoming very, very dangerous. So security is clearly a key feature for internet of things.
So which topic is now scoring seven, and it's sort of hanging together with the internet of things. It's supply chain security. When you think of where do our devices come from, they come from countries like China, mainly, but also from others where we don't know what's really in there. And it's of course not sufficient to only have the third party risk in mind. You also need to look at the fourth party, even the fifth party risk, and you, you get the idea it's becoming very, very difficult and complex. However, if you wanna control about the full supply chain, this is necessary to stay on top of things. So number seven, supply chain security and evergreen is number six, cybersecurity competence building remains a challenge for all organizations. We've heard that for years. So that's nothing new. The question is have our approaches in the past work, obviously not at least not to the sufficient extent. So the creation is what are we doing now? Right. So does, does it help to have more focus? Does it help to approach things differently? Does it help to throw even more people on the problems or do we need new technologies such as artificial intelligence to help us to, to, to manage the workload in, in, in that regard, interesting questions to analyze, and it remains a hot topic and everyone who's working in that environment can be happy because he's wanted he or she.
Now we come to the top five security topic, number five, identity defines security, or with other words, identity is the new parameter for many, many years. We've all believed that the security that the network is the parameter of the security, but with the tools with the devices and the procedures, they can be placed everywhere inside, outside the network, along the, the, the, the, the, the value chain to the clients, to partners cetera, the network has lost its importance. It's now the identity. And, and that is even more true in cloud environments, for example, and, and since attackers are, are becoming even more sophisticated, we need new approaches to protect the identity new approaches. For example, zero trust is one. And of course, again, I mentioned that artificial intelligence, this brings me to topic. Number four, artificial intelligence is increasingly used by both cyber attackers and, and defenders. So this, with an ever increasing number of highly sophisticated cyber attacks and a constantly changing threat landscape, the need for enhanced defensive capabilities has never been higher than today with traditional methods, reaching their limits, artificial intelligence can help. For example, with increased track detection capabilities, or streamlined investigation and response processes.
It can also help. I mentioned that already to overcome the skilled crisis, but of course it is also necessary to measure to what extent artificial intelligence can really help with other words, how intelligent artificial intelligence really is. So we need benchmarks, KPIs, et cetera. Interesting topic. Now let's come to top three, number three, and this is of course, the topic of the year. If you want securing the remote workforce, of course, the ongoing pandemic has forced us into a remote working economy without having had the time to prepare for it. And this is challenging for, for, for the, for, for, for the employees itself. I think some organizations of course have prepared themselves for that kind of situation. Others. They were simply short of devices. So they had to very, very quickly order laptops and other things to equip their employees so that they can actually work from home, which was a challenge because everyone needed to do that.
Of course, others have with, with strong bring your own device capabilities were in a better place, provided the company had done its homework in a advance, but in many cases, the people just used their, their, their, their own devices without the companies. And the organizations have prepared for that. And of course, that introduced lots of problems. So the organizations now need to catch up and make sure that the right measures and the right capabilities are in place to get this done. And it's obviously still seen as a problem even for next year. Topic. Number three, topic. Number two is actually no surprise. I believe for anyone here hybrid cloud security, since the hybrid cloud model makes the most sense for most companies. And it of course introduces security challenges. However, when done properly, a hybrid infrastructure should help even to improve an organization security posture.
However, the security must be from the very beginning part of the cloud strategy. And if that is the case, I think there's a good chance to stay on top of, of things, perhaps even improve security situation of an organization. So hyper cloud security will be a topic hot topic next year, and this is why it's called two. And now everyone is keen to see what is number one, what is the most relevant security topic of the year 2021 seen by you all? Basically the winner is zero trust. So don't trust anyone never trust, always verify that is the whole topic. And of course it relates to a lot of other topics. I just mentioned. They are, of course not completely independent from each other. They all hang together, but this is the topic which scored the highest. Most people voted for it. And that will keep us certainly busy for next year.
So what other topics are important? Oh, here, sorry. Here's the overall rating as a summary. So here you can see number one, obviously zero trust. I mentioned that down to 11 decentralized identity, according to your votings, this is an interesting one. How did the CSOs actually see things? And when you look at these results, pretty in line accept one or two exceptions, one would be the CSOs voted supply chain security as the most important topic, even before zero trust. I think the overall voting supply chain security only scored six or seven, I believe. And it's also interesting that the CSOs, they, they think that the heightened role of the CSO is not so important than the security expert think. So that's another observation I had. But other than that, it's more or less in line with the overall working. So no, no big surprises except supply chain security.
So what are the top three priorities organizations want to work on next year? And when you look at the list of things, it's pretty in line with also the priorities which are seen. So you would find obviously zero trust in there. You would, you would find third party risk in there. You would find OT security in there. So it's, it's exactly what we just talked about. So no surprises in the identity area, obviously it's also a zero trust topic, centralization of identity and access management is still a topic we already heard this morning that the healthcare is an important industry and, and has to catch up with security here as well. That's people.
This is what people are saying in the access management area. We, we heard it multiple, multiple, multiple times two F a two F a two, a and of course multi-cloud remote working privilege, access management, other topics, cloud, and 5g is a topic for next year and business and regulation, of course, make sure you spent the money on the right topics remains to be a hot topic. And of course, comply with latest regulation. I do hope you find this inspirational. I think I, I had a lot of fun to, to do that survey, to talk to people what they think about it and what they come back with with what they came back. And yeah, it will give us a lot of food for thought and also activities for next year. With that, I hand it back to, to Lauren.