While information-centric security practice is still the dominant responsibility of most security organizations today, it doesn't take into account the increasing impact of technology use in other areas of business, both by the organization and by the supply chains that service them. As IT security requirements grow to encompass the "edge" of most organizations, broader cybersecurity needs grow to include cyberphysical needs, as well.

Digital business offers enterprises unprecedented opportunities, along with new risks. Two key characteristics of digital business are challenging conventional IT control:

  • As the business claims increasing autonomy in deploying new digital technologies, it degrades the authority of the central IT organization.
  • The dramatic increase in the number of elements (for example, systems, devices, things, data and dynamic relationships) exposes scalability issues with many traditional security control solutions.

This reality challenges the status quo in information risk and security management. Many conventions and technologies on which risk and security practices have been based do not scale in the new reality. 

Q&A with Gartner experts on security, risk and compliance

Security and risk practices continue to evolve in line with digitalization. Technologies such as artificial intelligence (AI) and machine learning, robotic process automation and the Internet of Things (IoT) offer both new risks and new opportunities to security and risk leaders. From a cyber risk perspective, acceptance of cloud computing has reached a tipping point as enterprises formalize their cloud security strategies.


Some organizations still believe cybersecurity can be effectively addressed through technology alone. Furthermore, many organizations equate regulatory or standards compliance with effective cybersecurity.

Effective security and risk leaders understand that an effective security program enables their business to successfully exploit digitalization.


... not be able to either compete in their markets or deliver satisfactory services to their citizens.


By sharing best practices in establishing and executing on a cybersecurity strategy will help IT executives balance the benefits of digitalization with the new and emerging risks.


Gartner Security & Risk Predicts

  • By 2020, over 25% of identified attacks in enterprises will involve IoT, though IoT will account for less than 10% of IT security budgets
  • By 2020, IT-sponsored information security programs will suffer three times as many significant breaches as those sponsored by business leaders.
  • By 2020, security skill management programs that include experimental recruitment and talent retention practices will rise to 20%, which is an increase from 2% in 2016.
  • By 2020, 25% of IT security organizations will restructure based on the influence of cyberphysical systems and the Internet of Things (IoT), up from less than 5% today.
  • By 2020, 60% of digital businesses will suffer major service failures due to the inability of IT security teams to manage digital risk.

Hot Topics covered at Symposium will include

  • Cybersecurity
  • Digital Resilience
  • Continuously Adaptive Risk and Trust Assessment
  • Security Governance