In my previous blog post, I utilized the analogy of a race car vs. an armored car to demonstrate the need for a “Risk First, Security Second” approach to cyber security for digital business. Well, never did I believe that someone would actually demonstrate this analogy in real life – until yesterday. As you will see in the video below, a gentleman by the name of Doug Demuro raced his Hummer (the closest thing to an armored car you will ever see on a race track) against a group of sports race cars.
As you would expect, the very safe and secure Hummer did not fare very well. In fact, it only made it around the track five times before its engine overheated. It simply could not sustain the high speed required to compete with the more agile, light-weight sports cars. It is the same with companies who maintain a “Security First” mindset. They weigh down their IT assets with so many controls, that they cannot sustain the high performance and agility required to meet stakeholder demands.
A “Risk First” approach is required to focus on the most critical risks that will impact a company’s ability to achieve the desired business objective. In this “real-life” analogy, winning the race is the desired objective and controls such as advanced braking systems are certainly more important than bullet-proof armor.
So, this now “real-life” analogy is crystal clear. To compete on the digital business race track, companies must adopt a “Risk First, Security Second” mindset. Learn more about managing digital risk at our upcoming Gartner Security & Risk Management Summits in locations across the globe. Hope to see you there!