POWERED BY
Tackle tomorrow’s
digital business
security risks
With organisations still struggling to attract the right security talent, Earl
Perkins, Vice President, Analyst, Gartner, says organisations must change their
talent development and recruiting practices to address the issue.
A
s cybersecurity risks increase in
digital business, organisations
continue to struggle in attracting,
retaining and, most critically, developing
security talent.
attracting, retaining and developing
security talent.
Organisations must change their talent
development and recruiting practices to
be able to address missing skills. Start
by building and developing a list of new
competencies and skills required to support
digital business initiatives.
Security and risk management leaders
responsible for information security must
evolve their practices and organisational
cultures to keep pace with the digital
business era.
“Risk management, governance, business
continuity and people – the most important
asset – are critical elements of a successful risk
and security programme,” said Earl Perkins,
Vice President, Analyst at Gartner. “When
allocating resources and selecting products
and services this year, security and risk
management leaders should consider three
important strategic planning assumptions.”
By 2022, 40% of Business Continuity
Management (BCM) programmes will be
integrated into the digital business risk
management structure rather than exist as
separate practices.
The momentum of Digital Transformation
projects within digital business will outpace
the ability of organisations to accommodate
changes related to security.
Concurrently, the growing need to provide
24/7 technology services to support digital
business and customer-facing services is
changing the way that organisations interact
internally and externally. These changes, as
well as the constant threat of cyberattacks,
www.intelligentcio.com
Then adapt short-term skills management
practices by outsourcing security functions to
managed security service providers (MSSPs)
and/or delegating responsibilities to other
internal staff.
Earl Perkins, Vice President, Analyst
at Gartner
will lead organisations to formalise the
relationship between BCM and digital
information security functions.
“Stakeholders should be urged to accept
BCM as part of the organisational structure,”
said Perkins. “Managers within the digital
business who oversee the delivery of critical
activities will need to gain the necessary
skills to engage with resilience planning as a
business-as-usual function.”
Through 2022, 30% of large enterprises
will build a security skills management
programme including experimental
recruiting and talent development practices.
Cybersecurity risks are increasing despite
the efforts of trained security professionals.
Organisations continue to struggle with
By 2022, 75% of organisations that
outsource email and collaboration tools
won’t meet their critical recovery objectives
during a supplier outage.
Email and collaboration applications are
considered mission-critical resources for most
organisations. Conducting business without
them can impede production, result in lost
transactions and hamper crisis management
activities. When an organisation outsources
these applications, many suppliers do not
provide recovery with short timeframes.
“It’s imperative for the organisation to
maintain internal control and governance
over all applications used in the delivery of
products and services,” said Perkins.
“It is also crucial to understand your
vendor’s recovery commitments and
communication protocols for outages to
ensure they meet recovery requirements.” n
INTELLIGENTCIO
63