Gartner’s 2017 CIO Agenda shows more and more enterprises joining digital ecosystems as digitization initiatives mature. Top performing organizations especially, separate themselves from the rest of the pack by emphasizing leadership, organization and technology capabilities.
This surge has serious implications for the security and risk management leader, in terms of new and more complex data elements and “things” that need to be protected, new partners/players that need to be managed, and the rise of new organizational structures that emphasize agility and Mode 2 projects (see term “Bimodal“) , among other risks that encompasses ecosystem participation.
- Security and risk management leaders face resource and cultural limitations as CIOs extend their technology core to be digital-ecosystem-ready. CIOs and other business executives at these top performing organizations are driving the surge towards digital platforms and participation in digital ecosystems with emphasis on areas such as digital security, advanced analytics, and IoT. SRM leaders risk losing a seat at the leadership table if they don’t adapt their strategy to both support these initiatives and manage the risks (and players) that arise from ecosystem participation. Security must be viewed as an enabler, not an inhibitor of business performance.
- CIOs have indicated that the biggest barrier to success is the lack of skilled practitioners with a primary emphasis on cybersecurity and advanced analytical skills. This scarcity is critical for security and risk management leaders, who often operate in a silo and face a cybersecurity talent shortage that is only worsening.
- Digital ecosystems will prioritize value over cost, but will still drive cost optimization where relevant. This will challenge security and risk management leaders to engage and demonstrate the value of the security team’s work to the business and other ecosystem partners such as regulators.
I explore these findings further and provide actionable advice for Gartner clients in a new research note titled “The Security and Risk Management Leader’s Guide to the Digital Ecosystem”.
This analysis will also be presented at Gartner’s Security and Risk summit series, beginning in National Harbor this June. For more information, please visit
Read Complimentary Relevant Research
Five Golden Rules for Creating Effective Security Policy
Policy writing is a risk communication exercise that is frequently performed by people who lack the skills needed to create good security...
View Relevant Webinars
What Matters When Securing IoT?
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.