Security at the Speed of Digital Business

Digital business is transforming the principles of security management.

The digital explosion is reshaping organizational security and risk management. Mobile, cloud computing, social networking and the Internet of Things are just some of the factors driving this transformation.

Enterprises able to reap the benefits of digital tools and platforms will see a sustained competitive advantage over time; those unable to do so could experience a decline in their competitive ranking as early as 2017.

“This reality challenges the status quo in information risk and security management. Many conventions and technologies on which risk and security practices have been based do not scale in the new reality,” warns Tom Scholtz, research vice president and Gartner Fellow.

“IT risk and information security leaders must assess and transform their programs to become digital business enablers rather than obstacles to innovation,” Mr. Scholtz said. “Organizations that are able to successfully establish an ecosystem that balances protecting and growing the business will remain competitive and in a position to address cybersecurity threats.”

The CIO Executive Communication Guide

Speak the language of the C-suite to communicate the business value of IT

Get Free eBook

Digital business is pushing the environment for protecting data and infrastructure into the physical world, merging functions focused on data and information with those that make actual changes to people and their surrounding environments.

“Protecting information alone isn’t enough, and ensuring the confidentiality, integrity and availability of that information isn’t enough,” says Scholtz. “Risk and cybersecurity leaders must now assume the responsibility of providing safety for both people and their environments.”

Perfect protection is impossible

Most conventional security efforts and products have traditionally focused on blocking and prevention techniques (such as antivirus), as well as on policy-based controls (firewalls, etc.) to block threats.

Protecting information alone isn’t enough, and ensuring the confidentiality, integrity and availability of that information isn’t enough

But a foolproof defense is impossible. Advanced targeted attacks are easily bypassing traditional firewalls and signature-based prevention mechanisms. All organizations should now assume that they are in a state of continuous compromise. However, they may mistakenly believe that 100% prevention is possible. Many have become overly reliant on blocking-based and signature-based mechanisms for protection. As a result, most enterprises have limited capabilities to detect and respond to breaches when they inevitably occur, resulting in longer dwell times and increased damage.

 To enable a comprehensive, adaptive security protection architecture, we believe that these 12 specific capabilities are necessary to augment the ability to block and prevent attacks, as well as detect and respond to attacks:

Security_12steps

 

 

https://blogs.gartner.com/smarterwithgartner/files/2015/06/Scholtz_header.jpg

Read complimentary research: Managing Risk and Security at the Speed of Digital Business, by Tom Scholtz, et al.

Watch the webinar: The New Risks of Digital Business.

 

Get Smarter

Gartner Security & Risk Management Summits

The latest insights on IT trends, evolving security tech and the ever-changing threat landscape.

Explore Gartner Conferences

2019-2021 Emerging Technology Roadmap for Large Enterprises

We gathered expertise from IT professionals across 198 organizations to benchmark adoption stages and risk and value factors for 108 infrastructure and operations technologies for this year. The emerging technologies profiled are spread across six technology buckets: compute and storage, compute and storage (cloud), digital workplace, IT automation, network and security.

Read Free Gartner Research

Webinars

Get actionable advice in 60 minutes from the world's most respected experts. Keep pace with the latest issues that impact business.

Start Watching