- Digital Resilience
- Continuously Adaptive Risk and Trust Assessment
- Security Governance
Security, Risk & Compliance
While information-centric security practice is still the dominant responsibility of most security organizations today, it doesn’t take into account the increasing impact of technology use in other areas of business, both by the organization and by the supply chains that service them. As IT security requirements grow to encompass the “edge” of most organizations, broader cybersecurity needs grow to include cyberphysical needs, as well.
Digital business offers enterprises unprecedented opportunities, along with new risks. Two key characteristics of digital business are challenging conventional IT control:
This reality challenges the status quo in information risk and security management. Many conventions and technologies on which risk and security practices have been based do not scale in the new reality.
1. How has this topic evolved since last year? Have you noticed any major changes in the market, strategy or technology?
A: Security and risk practices continue to evolve in line with digitalization. Technologies such as AI and machine learning, robotic process automation and IoT offer both new risks and new opportunities to security and risk leaders. From a cyber risk perspective, acceptance of cloud computing has reached a tipping point as enterprise formalize their cloud security strategies.
2. What’s one of the biggest mistakes organizations make when it comes to this topic?
A: Some organizations still believe cyber security can be effectively addressed through technology only. Furthermore, many organizations equate regulatory or standards compliance with effective cyber security.
3. How are IT leaders leveraging this topic to transform their organizations?
A: Effective security and risk leaders understand that an effective security program enables their business to successfully exploit digitalization
4. Finish this sentence: “If organizations don’t get their digital business transformation right, they will….”
A: ...will not be able to compete in their markets, or deliver satisfactory services to their citizens.
5. How attending Gartner IT Symposium/Xpo 2020 will help IT leaders with their priorities and key initiatives?
A: By sharing best practices in establishing and executing on a cyber security strategy that will help them balance the benefits of digitization with the new and emerging risks.