Cybersecurity professionals are the new guardians of digital change

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://computer.financialexpress.com/news/cybersecurity-professionals-ere-the-new-guardians-of-digital-change-gartner/14118/

Changes in computing fabric, devices and services formed by digital
business continue to shape risk and security landscapes, according to
Gartner, Inc. By year-end 2017, more than 20 percent of enterprises will
have digital risk services devoted to protecting business initiatives using
devices and services in the Internet of Things (IoT).

“Business imperatives have driven the convergence of the Internet of
people, computers and things, transforming most enterprises into digital
businesses and reshaping cybersecurity,” said Christian Byrnes, managing
vice president at Gartner. “An inflection point in business and
technological innovation has occurred, which we refer to as the ‘digital
explosion’ and the ‘race to the edge.'”

The traditional model ascribed for decades to IT security has been one of
confidentiality, integrity and availability (CIA). Most organizations in
2015 have not shown a consistent ability to substantially mitigate those
risks. The CIA model is still relevant and applicable in cybersecurity, but
it isn’t enough.

“The race to the edge has pushed the environment for protecting data and
infrastructure into the physical world, merging functions focused on data
and information with functions that make actual changes to people and their
surrounding environments,” said Byrnes. “Protecting information alone isn’t
enough, and ensuring the confidentiality, integrity and availability of
that information isn’t enough. Leaders in risk and cybersecurity must now
assume the responsibility of providing safety for both people and their
environments.”

The digital explosion is moving technologies from core architectures to a
highly distributed and fit-for-
purpose edge. ‘Core’ describes general-purpose technologies and services
for computing, such as servers, laptops and mobile platforms, as well as
cloud and mobile services. ‘Edge’ is a term used to describe devices that
aren’t servers or laptops and perform specific functions in the business
and are positioned at the boundary between the business and its customers,
partners and providers. The core and the edge are mixtures of traditional
IT, as well as IT and components of the IoT.

The digital explosion disrupts the foundations of services for technology
and information and elevates traditional IT services, such as cloud
computing and advanced analytics, to a mandatory status to support the
scale and functional needs of the edge. The edge itself is more physical
than digital, with devices and physical assets becoming more intelligent to
meet the shifting demands of business. This is the core-to-edge continuum.

The other continuum in the cybersecurity scenario is one of openness. An
organization must decide, as part of its evolution in digital business, on
the ultimate transparency of its services to its customers. The degree of
openness depends on an organization’s approach to data accessibility,
infrastructure used, culture, process and adaptation to change. Gartner
believes that the demands for transparency in the digital business of 2020
will drive more organizations toward openness as a strategy of priorities.

Requirements for large-scale, real-time adaptive protection, safety and
privacy at the digital and physical levels will drive new cybersecurity
skills, practices and technologies. The race to the edge requires that
organizations consolidate the prioritization of cybersecurity efforts
across broader technology areas that require protection and are
interdependent. In addition to a more comprehensive approach to digital
risk, organizations must prepare for new cybersecurity skill sets in areas
such as vendor portfolio management, safety engineering, machine-to-machine
(M2M) communications, embedded software, and systems security and
cyberphysical systems.

“Cybersecurity professionals are the new guardians of big changes in the
organization. Such professionals must practice business resiliency and
adaptability, because they are now so integrated with digital business
decisions that leaders cannot tell where business ends and cybersecurity
begins,” said Byrnes. “The digital explosion and the race to the edge have
achieved what previous waves of technology evolution have failed to do — to
integrate cybersecurity professionals and business leaders into effective
teams for the protection and safety of the organization.”

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!