Blog post

How Is Cyber Security Like a Hummer?

By John A. Wheeler | May 29, 2015 | 3 Comments

Technology and Emerging TrendsTech and Service ProvidersSecurity of Applications and DataSecurity and Risk Management LeadersSecurityRisk ManagementInformation technologyEnterprise risk managementDigital riskCyber securityCyber riskAudit and Risk

In my previous blog post, I utilized the analogy of a race car vs. an armored car to demonstrate the need for a “Risk First, Security Second” approach to cyber security for digital business. Well, never did I believe that someone would actually demonstrate this analogy in real life – until yesterday. As you will see in the video below, a gentleman by the name of Doug Demuro raced his Hummer (the closest thing to an armored car you will ever see on a race track) against a group of sports race cars.

As you would expect, the very safe and secure Hummer did not fare very well. In fact, it only made it around the track five times before its engine overheated. It simply could not sustain the high speed required to compete with the more agile, light-weight sports cars. It is the same with companies who maintain a “Security First” mindset. They weigh down their IT assets with so many controls, that they cannot sustain the high performance and agility required to meet stakeholder demands.

A “Risk First” approach is required to focus on the most critical risks that will impact a company’s ability to achieve the desired business objective. In this “real-life” analogy, winning the race is the desired objective and controls such as advanced braking systems are certainly more important than bullet-proof armor.

So, this now “real-life” analogy is crystal clear. To compete on the digital business race track, companies must adopt a “Risk First, Security Second” mindset. Learn more about managing digital risk at our upcoming Gartner Security & Risk Management Summits in locations across the globe. Hope to see you there!

Comments are closed


  • Wonderful website you have here but I was wanting to know if you knew
    of any user discussion forums that cover the same topics discussed in this article?
    I’d really like to be a part of online community where I can get suggestions from other experienced people that share the same interest.
    If you have any recommendations, please let me know. Bless you!

    My weblog Orthotic Arch Support

  • Ken Hawrylak says:

    Awesome analogy, I will be incorporating this into my security presentation and course material for my clients!

  • Very interesting – looking forward to learning more from this survey. In addition to the innovation budgeted within marketing spend, it would be interesting to learn if marketers are partnering with others in the organization to foster innovation (e.g. Chief Digital Officers perhaps?)