GARTNER, INC. We are bringing you news and highlights from the Gartner Security & Risk Management Summit taking place this week virtually in EMEA and the Americas. Below is a collection of the key announcements, and insights coming out of the conference. You can also read the highlights from day one here.
On day two from the conference, we are highlighting Neil deGrasse Tyson's guest keynote session, followed by the lessons learned with COVID-19 as a resilience game changer, how leaders can support women in IT, and five steps to creating a simple business-aligned cybersecurity strategy. Be sure to check this page throughout the day for updates.
Press releases and stories covering news from the Gartner Security & Risk Management Summit conference are listed below:
- Gartner Survey Finds the Evolving Threat Landscape is Top Priority for Security and Risk Management Leaders
- Gartner Top Security Projects for 2020-2021
- Gartner Says Security & Risk Leaders Must Balance Risk, Trust and Opportunity to Succeed in Uncertain Times
- Gartner Keynote: Balance Risk, Trust and Opportunity in an Uncertain World
- Gartner Says By 2023, 65% of the World's Population Will Have Its Personal Data Covered Under Modern Privacy Regulations
Presented by Neil deGrasse Tyson, Astrophysicist, Cosmologist, Planetary Scientist, Author, and Science Communicator
Security and risk leaders face a myriad of challenges, especially as they address the ongoing implications of COVID-19. Effective communication can help alleviate such challenges. In his keynote interview, Neil deGrasse Tyson, Astrophysicist, Cosmologist, Planetary Scientist, Author, and Science Communicator, told attendees how to break down complex ideas into smaller sound bites to bring people together and drive compelling communication.
Jeffrey Wheatman, VP Analyst at Gartner and guest keynote Neil deGrasse Tyson discussed how effective communication can help alleviate some of the challenges that security and risk leaders face today.
Guest keynote Neil deGrasse Tyson told attendees how to break down complex ideas into smaller sound bites to bring people together and drive compelling communication.
- 'An ideal sound bite makes points that are simultaneously informative, interesting, and ideally makes you smile.'
- 'If you want people to absorb something that's data driven, communicate it in a way that's not data heavy. Humans want stories.'
- 'Being open to new viewpoints starts with the people in charge recognizing that they could be wrong. Differences in views almost always lead to better, more informed decisions.'
- 'There is a saying, 'Never take car buying advice from your parents' and it is particularly relevant to this audience as things cannot be time tested in a field that evolves as quickly as IT, security and risk management.'
- 'At times, rules constrain creativity and constrict the next steps you might take, despite bringing order to what may have previously been chaos. Rules don't think of everything.'
Presented by Roberta Witty, VP Analyst, Gartner
COVID-19 is a gateway from one world to the next, and it's been a game changer for organizational resilience, risk management and business continuity. Roberta Witty, VP Analyst at Gartner, explained how organizations can resist, absorb, recover and adapt to business disruption in an ever-changing and increasingly complex environment.
Roberta Witty, VP Analyst at Gartner, explained how COVID-19 has been a game changer for organizational resilience, risk management and business continuity.
Roberta Witty, VP Analyst at Gartner, discussed the shocks to the business environment caused by the coronavirus pandemic.
Roberta Witty, VP Analyst at Gartner, shared that robotic process automation, data analytics and cloud are three technologies that will see increased investment due to COVID-19.
- 'The pandemic arrived at a time when economies were already on the edge.' Business and government leaders were tiptoeing over cracks in the economic wall to sustain growth, but COVID-19 took a wrecking ball to that strategy.
- 'There are three things we know: we're in this for the long haul, right now there are more questions than there are answers, but resilience must be deliberately designed.'
- Business continuity management is the foundation of every resilience program.
- 'We will see remote work remain. 48% of employees are working remotely now, versus 30% before the pandemic, and 82% of organizations are planning to allow their employees to continue working from home at some level.'
- Twenty-eight percent of organizations expect to create a resilience role in response to COVID-19.
- Physical/social distancing is here to stay. In addition to staggered returns to the office, facilities changes to improve resilience may include repurposed meeting spaces, reconfigured workstations, touchless doors, smart parking and more.
- 'Robotics are being used to help with talent and labor shortages, plus all of those digital initiatives that we're starting to implement.' Other technology changes have included a shift of applications and IT services to the cloud, and a drive for increased data collection.
- With 69% of security budgets having no change or a decrease, security leaders are looking at how to expand remote access, remote work infrastructure and associated processes. Security spending hotspots post-COVID-19 include secure access service edge, securing artificial intelligence, identity and access management and extended threat intelligence, detection and response.
Presented by Christie Struckman, VP Analyst, Gartner
Research points to a few systemic problems that society and the IT profession need to address when it comes to women in IT. In this session, Christie Struckman, VP Analyst at Gartner, shared an action plan on how organizations can increase the number of women in their workforce and continue to support the great ones they already have.
Christie Struckman, VP Analyst at Gartner, explained how security and risk management leaders can support women in IT.
Christie Struckman, VP Analyst at Gartner, presented her core recommendations for how organizations can support women in IT.
Behaviors that marginalize women include unequal personality trait assessment, using gender-biased language, and ignoring them, among others. Christie Struckman, VP analyst at Gartner, said these are the biggest detractors of retaining women in organizations.
'There is a talent pipeline issue in IT professions including security and risk management. For instance, women obtain less technical degrees on average and it takes them longer to get into IT management positions.'
'Three constructs to create a talent pipeline are 1) Build, or hire 2) Velocity, or develop and grow and 3) Attrition, or gracefully exit.'
'Get creative in attracting women to your organization by developing better job descriptions, making internships available, and having a diverse interview panel.'
'Generate velocity for women by making it easy for them to participate in networking groups and offering them positions on high visibility projects to expand their experience.'
'Behaviors that marginalize women include unequal personality trait assessment, using gender-biased language, and ignoring them, among others. These are the biggest detractors of retaining women in organizations.'
'Embrace diversity and inclusion norms such as listening generously and taking turns. They let people know acceptable sets of behaviors but more importantly, they make it easier to confront people on unacceptable behaviors.'
'Make a difference to women in IT by turning efforts to increase and retain their presence in your organization into a comprehensive program.'
Presented by Jeffrey Wheatman, VP Analyst, Gartner
Everyone knows how important strategic planning is for success and yet it is an immense challenge. In this session, Jeffrey Wheatman, VP Analyst at Gartner, shared a five step approach to create a simple story that links security program activities to business goals in a way that drives better decisions.
Jeffrey Wheatman, VP Analyst at Gartner explained a five step approach to a business-aligned cybersecurity strategy at the Gartner Security & Risk Management Summit 2020.
Gartner recommended aligning risks to six core security & risk management principles.
Jeffrey Wheatman, VP Analyst at Gartner said strategic cybersecurity strategy planning is not something to be done once and then forgotten.
- 'Security and risk leaders should follow five simple steps to create a concise cybersecurity strategy: 1) Start with your business goals; 2) Identify your risks; 3) Make the risks real; 4) Articulate the program objectives; 5) Map strategy to tactics.'
- 'Always start with your business goals. This seems so obvious, but is so often missed.'
- 'Identify 8-10 risks. Too many risks is not digestible.'
- 'Make the risks real to your audience. We know many things, but the things we feel are the things we act upon.'
- 'Align risks to a set of six core security and risk management program principles: 1) Implement proactive risk management; 2) Protect our information; 3) Improve resiliency and recoverability; 4) Deploy robust crisis and incident management; 5) Prepare for digital business; 6) Mature governance.'
- 'Always look to the future. Strategic planning is not something to be done once and then forgotten.'
You can visit the Gartner Newsroom to find additional news and highlights from the Gartner Security & Risk Management Summit this week.
Attachments
- Original document
- Permalink
Disclaimer
Gartner Inc. published this content on 13 January 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 13 January 2021 12:21:00 UTC
