Organizations are dedicating increasing resources to security and risk. Security and risk leaders need to fully engage with the latest technology trends if they are to define, achieve and maintain effective security and risk management programmes that simultaneously enable business opportunities and manage risk.
Gartner Security & Risk Management Summit is the only time when the Gartner analyst and security and risk management community come together in one location to bring the latest research, insights and forward-thinking perspectives. The summit takes a comprehensive look at the entire spectrum of IT security, business continuity management and risk, including: network and infrastructure security, identity and access management, compliance, privacy, fraud, business continuity management, and resilience.
This trend, according to analysts at Gartner, will lead to the emergence of the figure of the “digital risk officer”, which is a figure that will be tasked to define and understand the risks associated with any digital innovation that will occur.
The market research firm points out that by 2017 a third of large enterprises will have a “digital risk officer,” that will assess every aspect of digital connectivity, including any interactions with the Internet of Things, in order to ensure that the protections of security in place are adequate. With this, any digital innovation will be subject to review by this emerging figure, which should also oversee all aspects of enterprise network security.
That said, there will be ten top trends digital security, namely the creation of new business designs by blurring the digital and physical world. According to Gartner, a digital business or organization must be digitizing their physical assets as well as virtual assets such as data and business processes. The digital risk officer will be tasked with both physical and information security, including IoT.
The top digital security trends are software-defined security, big data security analytics, intelligent/context-aware security analytics, application isolation, endpoint threat detection & response, website protection, adaptive access, people-centric security and securing the Internet of Things.
Gartner emphasized that mobile and cloud-based computing will present many of the main challenges. Cloud access security brokers are on-premises or cloud-based security policy enforcement points placed between cloud services consumers and cloud services providers to interject enterprise security policies as the cloud-based resources are accessed. In many cases, initial adoption of cloud-based services has occurred outside the control of IT, and cloud access security brokers offer enterprises to gain visibility and control as its users access cloud resources.
Going forward, all effective security protection platforms will include domain-specific embedded analytics as a core capability. An enterprise’s continuous monitoring of all computing entities and layers will generate a greater volume, velocity and variety of data than traditional SIEM systems can effectively analyze. Gartner predicts that by 2020, fourty percent of enterprises will have established a “security data warehouse” for the storage of this monitoring data to support retrospective analysis.
On Software defined security, Gartner says software defined abstract infrastructure elements that were previously tightly coupled in data centers: servers, storage, networking, security and so on. Like networking, compute and storage, the impact on security will be transformational.