This weekend, the famous Indianapolis 500 will be run for the 99th time with a slate of more than 30 race cars competing to win the “Greatest Spectacle in Racing”. The run-up to this event reminds me of the current state of digital business – teams of individuals working together to optimize their business operations for a grueling, yet fast-paced competition at the highest level. Without a doubt, in the Indy 500 and in digital business, risk is at the forefront of everyone’s mind. The primary difference between the two is that the car race, unlike digital business, is a life or death proposition.
However, many businesses today are ill-equipped for the new world of digital business because they view it like car racing – a life or death proposition. They are frightened by the latest high-profile, devastating cyber attacks – Sony, Anthem, Target, et al. So, their entry in the “Digital Business 500” looks much like an amored car – very secure and safe, yet low on performance.
CEOs are demanding more. In fact, in our 2015 CEO Survey: Committing to Digital, 83% of CEOs consider “agility” most important relative to risk management, 77% expect new types and higher levels of digital risk, and 65% believe risk management is lagging in investment and maturity. To win the “Digital Business 500”, CEOs realize that they need a business that looks like an Indy Car – high on performance and fine-tuned by highly trained professionals to be safe and secure.
At our upcoming Gartner Security & Risk Management Summit, my colleagues Peter Firstbrook, Avivah Litan and Ant Allan will kick-off the event with a keynote highlighting the need for a “Risk First, Security Second” approach. Much like a racing team, risk and security management pros must first understand the risks before treating them. By taking a “Security First” approach, they may have a very secure and safe business, but not one designed for the race conditions they are facing in digital business.
In fact, with this notion in mind, I think our Summit is inappropriately named. It should be more aptly named the Gartner RISK & Security Management Summit. Whatever the name, it will be a great event with more than 2,500 RISK and security management pros in attendance. Hope to see you there!
Category: cyber-risk cyber-security data-and-analytics-strategies digital-risk it-risk-management operational-risk-management risk-management security strategic-risk technology-and-emerging-trends
Tags: cyber-security digital-business digital-risk-2 gartner information-security it-security it-security-and-risk john-wheeler security
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.