Gartner Research

Use a CARTA Strategic Approach to Embrace Digital Business Opportunities in an Era of Advanced Threats

Published: 22 May 2017

ID: G00332400

Analyst(s): Felix Gaehtgens , Neil MacDonald


To securely enable digital business initiatives in a world of advanced, targeted attacks, security and risk management leaders must adopt a continuous adaptive risk and trust assessment strategic approach to allow real-time, risk and trust-based decision making with adaptive responses.

Table Of Contents


  • Attack Protection and Access Protection Shift to Detect/Response
  • Information Security Is All About Decisions (They Just Need to Be Continuously Adaptive)
  • Risk and Trust Must Become Continuously Adaptive
  • Security Responses Must Become Continuously Adaptive
  • Data Protection Must Become Continuously Adaptive
  • The Security Operations Center Must Become Continuously Adaptive via Analytics
  • Bimodal IT Needs Bimodal Security With a CARTA Strategic Approach
  • Looking Forward — Building CARTA Into Digital Business Applications
  • Looking Forward: Extending a CARTA mindset to More Information Security Processes
  • Bottom Line

Gartner Recommended Reading

©2021 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Purchase this Document

To purchase this document, you will need to register or sign in above

Become a client

Learn how to access this content as a Gartner client.