Build Safety at the Edge for Security in 2020

The internet of things is driving deep changes in security practices. Safety is now a major issue.

With the internet of things (IoT), the convergence of physical security and internet security is inevitable. This will force security leaders across industries to accept responsibility for the protection of life, which may not have previously been in their purview. In his keynote session, Cybersecurity Scenario 2020 at the Gartner Security & Risk Management Summit in National Harbor, Maryland, Christian Byrnes, managing vice president at Gartner, says digital business requires the addition of a new fourth element to the Gartner CIA model for security: Safety. Joining Confidentiality, Integrity and Availability as an essential component of security programs, safety becomes essential to managing security in the IoT. “There’s a deep change in security practice due to the transition to IoT,” Byrnes says. “Safety now becomes a major issue.”

Notably:

  • Physical infrastructure complexity/automation increase risk
  • Hazard recognition and control now include cyber needs
  • Cyber attacks can have physical impacts

Rethink the Security & Risk Strategy

Why leaders must embrace modern cybersecurity practices

Download Free eBook

“Your job will be to protect the organization from things that can kill,” Byrnes says. He recalled a meeting with a hospital CIO who shared that the chief medical officer asked him to be prepared in two years for the “fact that networked devices will be administering pharmaceuticals to our patients.” The computers will be responsible for determining how much of a drug to put into a bloodstream. “The IoT doesn’t just sense what is going on. It changes what is going on. It changes the physical world,” he adds.

Cybersecurity2020_graphic-01

Cybersecurity Scenario: Race to the Edge

Byrnes also highlights additions to the Gartner Cybersecurity Scenario 2020 and the need for organizations to add transparency as well as safety in their “race to the edge.”

For security professionals, this means moving from the lower left quadrant of managing technology at the core of the business in a closed fashion, to adding transparency as you manage technology that lives closer to the edge of the organization and personal use.

Guard the Jewels

This is where you are now and it is the home state for most organizations. It’s characterized by an aversion to sharing with the government, use of trade secrets to compete and more of a “walled gardens” mentality.

Expand the Empire

This is where many organizations are going by default. It often is an unmanaged “race to the edge” and may or may not be the right place for you. It is characterized by critical infrastructure organizations, physical security or many ‘dumb’ devices with secure wrappers, and organizations with uncoordinated IoT projects.

Share the Wealth

The social media providers will be here, Byrnes notes, where there’s no approach to safety. Organizations that are slow to the edge may still be under pressure for transparency. This quadrant could make your life easier if you can effectively manage the risk.

Lead the Revolution

For organizations willing to push in this direction, such as high volume consumer markets, transparency and safety become leadership issues. Enterprises gain high leverage from contextual data. “If you can live in this quadrant, it’s ideal,” Byrnes says. “This is the home quadrant of the IoT revolution.”

Moving forward, Byrnes urges security professionals to find where they are in the scenarios today and determine where they are going (if anywhere). Remember the necessity to assess your existing and future role in securing the physical as well as the digital world and address safety issues early. Finally, don’t let yourself play “catch-up” to your business. Plan cybersecurity with them rather than after them.

 

Video replays from the Summit are available at Gartner Events on Demand.

Get Smarter

Gartner Security & Risk Management Summits

The latest insights on IT trends, evolving security tech and the ever-changing threat landscape.

Explore Gartner Conferences

2019-2021 Emerging Technology Roadmap for Large Enterprises

We gathered expertise from IT professionals across 198 organizations to benchmark adoption stages and risk and value factors for 108 infrastructure and operations technologies for this year. The emerging technologies profiled are spread across six technology buckets: compute and storage, compute and storage (cloud), digital workplace, IT automation, network and security.

Read Free Gartner Research

Webinars

Get actionable advice in 60 minutes from the world's most respected experts. Keep pace with the latest issues that impact business.

Start Watching