Embracing Change at the Summit
We just returned from the 2017 Gartner Security & Risk Management Summit, held in National Harbor, MD. It’s a great conference and this year there was plenty of new research and insights. They covered a wide range of topics via analyst presentations, panels, case studies, workshops and more. Here are a few of our key takeaways.
Manage Risk. Build Trust. Embrace Change.
This year’s theme focused on the new demands faced by security and risk management organizations. Gartner suggests that CIOs, CISOs, network security teams, and others must reevaluate and redirect their conventional security practices. They go so far as to say that today’s digital business transformations demand a radical new approach to addressing escalating risks. It is business critical to build a trusted, resilient environment that provides organizations the freedom to innovate.
Becoming Adaptive Everywhere
The opening keynote expanded upon Gartner’s Adaptive Security Architecture vision and stated that moving forward, organizations need to transform all areas of their information security. IT strategies must adapt continuously to all the disciplines of information security. This means balancing the rapidly changing requirements of digital business with the need to protect against advanced attacks, all while maintaining acceptable levels of risk and compliance.
The Evolving Nature of Cyber Threats
Former CIA Director John O. Brennan was the featured guest keynote speaker. It was enlightening to get a real-world view from someone with his depth and breadth of cybersecurity experience. He brings a unique global approach to the countless threats we see in this rapidly changing and increasingly complex environment.
Agile IT Organizations
Security strategies need to keep up with and even get ahead of business practices and operations. The transition to digital business – which blurs the digital and physical worlds - is changing the threat landscape. For example, in one session, Gartner discussed the current and future state of industrial IoT and OT security. They predict 2017 to be a significant year as IoT provides a revolutionary approach to technology innovation for digital business. In a recent post we covered this same topic in some detail: IT vs. OT in IoT - Connecting the Shop Floor with the Top Floor.
The overall message of the conference was loud and clear. With a rapidly changing IT and business environment, organizations are being challenged to implement security architectures and solutions that are both risk-aware and designed around business outcomes. There were many breakout sessions and roundtables that covered both strategic and tactical recommendations based on real-world examples. Attendees came away with new information tailored directly to their specific interests, roles and responsibilities.
In our view, the summit was clearly about the transformations all security, risk and business continuity managers must embrace. Just as enterprise organizations are continually looking for new ways to innovate, so must their security teams.