The Gartner for Technical Professionals (GTP) “2014 Planning Guide for Security and Risk Management” was published this week. It provides a great starting point for organizations embarking on their planning cycles for 2014.
Overall, the recommendations brought forward take into consideration the impact of the Nexus of Forces and a vital need to leverage scenario planning, as discussed in “Security and Risk Management Scenario Planning, 2020.”
Specifically, organizations need to expand their coverage of “cybersecurity” by challenging traditional approaches and the status quo, seeking opportunities to embed security responsibilities within operations and business functions, while providing better oversight and strategic coverage, such as through scenario/game planning. Also of great importance is the need to improve detection and response capabilities by investing in improved threat intelligence, monitoring tools, and incident response management functions. The sooner an incident can be detected, the sooner it can be interdicted, leading to reduced impact. At the same time, it’s still important to shore up the security of core functions and resources to help ensure resilience and survivability.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.