Changes in computing fabric, devices and services formed by digital business continue to shape risk and security landscapes, according to Gartner, Inc. By year-end 2017, more than 20 percent of enterprises will have digital risk services devoted to protecting business initiatives using devices and services in the Internet of Things (IoT).
Gartner analysts presented these findings during the sold-out Gartner Symposium/ITxpo, which is taking place here through Thursday.
"Business imperatives have driven the convergence of the Internet of people, computers and things, transforming most enterprises into digital businesses and reshaping cybersecurity," said Christian Byrnes, managing vice president at Gartner. "An inflection point in business and technological innovation has occurred, which we refer to as the 'digital explosion' and the 'race to the edge.'"
The traditional model ascribed for decades to IT security has been one of confidentiality, integrity and availability (CIA). Most organizations in 2015 have not shown a consistent ability to substantially mitigate those risks. The CIA model is still relevant and applicable in cybersecurity, but it isn't enough.
"The race to the edge has pushed the environment for protecting data and infrastructure into the physical world, merging functions focused on data and information with functions that make actual changes to people and their surrounding environments," said Mr. Byrnes. "Protecting information alone isn't enough, and ensuring the confidentiality, integrity and availability of that information isn't enough. Leaders in risk and cybersecurity must now assume the responsibility of providing safety for both people and their environments."
The digital explosion is moving technologies from core architectures to a highly distributed and fit-for-purpose edge. "Core" describes general-purpose technologies and services for computing, such as servers, laptops and mobile platforms, as well as cloud and mobile services. "Edge" is a term used to describe devices that aren't servers or laptops and perform specific functions in the business and are positioned at the boundary between the business and its customers, partners and providers. The core and the edge are mixtures of traditional IT, as well as IT and components of the IoT.
The digital explosion disrupts the foundations of services for technology and information and elevates traditional IT services, such as cloud computing and advanced analytics, to a mandatory status to support the scale and functional needs of the edge. The edge itself is more physical than digital, with devices and physical assets becoming more intelligent to meet the shifting demands of business. This is the core-to-edge continuum.
The other continuum in the cybersecurity scenario is one of openness. An organization must decide, as part of its evolution in digital business, on the ultimate transparency of its services to its customers. The degree of openness depends on an organization's approach to data accessibility, infrastructure used, culture, process and adaptation to change. Gartner believes that the demands for transparency in the digital business of 2020 will drive more organizations toward openness as a strategy of priorities.
Requirements for large-scale, real-time adaptive protection, safety and privacy at the digital and physical levels will drive new cybersecurity skills, practices and technologies. The race to the edge requires that organizations consolidate the prioritization of cybersecurity efforts across broader technology areas that require protection and are interdependent. In addition to a more comprehensive approach to digital risk, organizations must prepare for new cybersecurity skill sets in areas such as vendor portfolio management, safety engineering, machine-to-machine (M2M) communications, embedded software, and systems security and cyberphysical systems.
"Cybersecurity professionals are the new guardians of big changes in the organization. Such professionals must practice business resiliency and adaptability, because they are now so integrated with digital business decisions that leaders cannot tell where business ends and cybersecurity begins," said Mr. Byrnes. "The digital explosion and the race to the edge have achieved what previous waves of technology evolution have failed to do — to integrate cybersecurity professionals and business leaders into effective teams for the protection and safety of the organization."
About Gartner Symposium/ITxpo
Gartner Symposium/ITxpo is the world's most important gathering of CIOs and senior IT executives. This event delivers independent and objective content with the authority and weight of the world's leading IT research and advisory organization, and provides access to the latest solutions from key technology providers. Gartner's annual Symposium/ITxpo events are key components of attendees' annual planning efforts. IT executives rely on Gartner Symposium/ITxpo to gain insight into how their organizations can use IT to address business challenges and improve operational efficiency.
Video replays of keynotes and sessions are available on Gartner Events on Demand. Follow news, photos and video coming from Gartner Symposium/ITxpo on Smarter With Gartner, on Twitter using #GartnerSYM, Facebook and LinkedIn.
Upcoming dates and locations for Gartner Symposium/ITxpo 2015 include:
October 19-22, Sao Paulo, Brazil
October 26-29, Gold Coast, Australia
October 28-30, Tokyo, Japan
November 2-5, Goa, India
November 8-12, Barcelona, Spain