Gartner Blog Network


Security Planning Guide for 2014

by Anton Chuvakin  |  October 8, 2013  |  1 Comment

Our team has just released our annual security planning guide: “2014 Planning Guide for Security and Risk Management.” Every GTP customer should go and read it!

Its abstract states that “Planning for security and IT risk in 2014 requires supporting and balancing game planning, fortification, search and destroy, and (counter) intelligence approaches.”

Here are a few fun quotes:

  • “Advanced attacks and malware get more common, but basic weaknesses remain most common.”
  • “Gartner sees a steady increase in the cases where clients break with security tradition such as the “firewall sandwich,” encrypting everything at rest, and must-patch”
  • “Visibility (also referred to as situational awareness) is key for finding such [i.e. left from advanced attacks] attack indicators, which must then be fed back into prevention, detection and response systems.”
  • “Some of the indicators are unique to, or first seen at, a specific organization during a targeted attack. Therefore, organizations operating in particularly high-threat environments should consider additional capabilities to proactively analyze their security data and hunt for threats and attacks.”

BTW, please don’t hold it against us, but the document mentions the word “cybersecurity” a few times …

Enjoy!

P.S. I am at Gartner Symposium now and thus my response to blog comments may be slow.

Past guides from GTP SRMS team (i.e. us):

Security Planning Guide for 2014

Category: announcement  security  srms  

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio


Thoughts on Security Planning Guide for 2014


  1. […] subscribers can read more here. Also, check out my colleague, Anton Chuvakin’s, write-up on this […]



Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.