Gartner Security & Risk Management Summit is a time when the Gartner analyst and security and risk management community come together in one location to bring the latest research, insights and forward-thinking perspectives. The summit takes a comprehensive look at the entire spectrum of IT security, business continuity management and risk, including: network and infrastructure security, identity and access management, compliance, privacy, fraud, business continuity management, and resilience.
The Cloud Security
This trend, according to analysts at Gartner, will lead to the emergence of the figure of the “digital risk officer”, which is a figure that will be tasked to define and understand the risks associated with any digital innovation that will occur. Organizations, according to their finding would be dedicating increasing resources to security and risk if they are to define, achieve and maintain effective security and risk management programmes that simultaneously enable business opportunities and manage risk.
The market research firm points out that by 2017 a third of large enterprises will have a “digital risk officer,” that will assess every aspect of digital connectivity, including any interactions with the Internet of Things, in order to ensure that the protections of security in place are adequate. With this, any digital innovation will be subject to review by this emerging figure, which should also oversee all aspects of enterprise network security.
The top digital security trends are software-defined security, big data security analytics, intelligent/context-aware security analytics, application isolation, endpoint threat detection & response, website protection, adaptive access, people-centric security and securing the Internet of Things.
Gartner emphasized that mobile and cloud-based computing will present many of the main challenges. Cloud access security brokers are on-premises or cloud-based security policy enforcement points placed between cloud services consumers and cloud services providers to interject enterprise security policies as the cloud-based resources are accessed. In many cases, initial adoption of cloud-based services has occurred outside the control of IT, and cloud access security brokers offer enterprises to gain visibility and control as its users access cloud resources.
Going forward, all effective security protection platforms will include domain-specific embedded analytics as a core capability. An enterprise’s continuous monitoring of all computing entities and layers will generate a greater volume, velocity and variety of data than traditional SIEM systems can effectively analyze. Gartner predicts that by 2020, fourty percent of enterprises will have established a “security data warehouse” for the storage of this monitoring data to support retrospective analysis.
On Software defined security, Gartner says software defined abstract infrastructure elements that were previously tightly coupled in data centers: servers, storage, networking, security and so on. Like networking, compute and storage, the impact on security will be transformational.
The article was originally published on The Cloud Times in July. The next Gartner Security & Risk Management Summit happens from 8 to the 11th of June of 2015 at the National Harbor, MD, at the Washington, D.C. area.