BR +55 11 3069 3925 | USA +1 469 620 7643

How important is Gartner to the cybersecurity universe?

by | Jul 12, 2019 | BLOG

Every day, new news about data leaks in organizations of all sizes and different industries is emerging. According to Accenture’s 2019 Cost of Cybercrime report, the number of leaks increased by 11% between 2017 and 2018, and 67% over the last 5 years. The trends show that this number will continue to increase considering the evolution not only of the amount of data available, but also of devices connected to the infrastructure of organizations, including mobile, Industry 4.0, and Internet of Things devices. 

Aspects related to cybersecurity have become a challenge for organizations, affecting even the continuity of their businesses. In addition, CISOs increasingly view cybersecurity as a business risk to be addressed, and customers require organizations to be better prepared to protect their personal data, including their consumer and trust relationships. Finally, regulations such as GDPR (Europe), LGPD (Brazil) and CACC (the State of California, United States) have also been showing that governments are taking cybersecurity and privacy seriously.

Considering the increase in cybersecurity risks, it is a business must for information security executives to mitigate these risks, thus allowing business continuity and increasing the confidence of its customers, employees, partners, and suppliers.  In this scenario, more than 15,000 organizations in more than 100 countries rely on Gartner as a consultant for strategic decision-making not only in cybersecurity but in countless other subjects such as Human Resources, Finances and Risk and Audit. But what is Gartner after all?

Gartner, Inc., or simply Gartner, was founded exactly 40 years ago by Gideon Gartner in the US city of Stamford, Connecticut. Its numbers impress: a team of more than 15,000 associates is responsible for bringing more than $4 billion in annual revenue, according to its website. The programs and services offered by Gartner include research, consulting, and events. Its tools include the Hype Cycle, as well as Market Guides and Magic Quadrants, allowing organizations to visualize the results of market analysis and a range of solutions for decision-making strategies, including those linked to cybersecurity. Gartner events are marked on the calendars of most executives across the globe and are held year-round across four continents. In Brazil, Gartner annually organizes the IT Symposium/Xpo conferences as well as Security and Risk Management conferences. In the latter, CISOs have the opportunity to exchange experiences and also discover the latest security trends for Cloud, Artificial Intelligence, Internet of Things, Blockchain, DevOps, as well as the main challenges in Information Security for executives and their organizations.

According to Gartner, by 2022, the ratings related to cybersecurity will become as important as those associated with credit, considering the assessment of these risks to establish business relationships. The big challenge for organizations in this new digital era is to turn cybersecurity risk management into a competitive benefit for business leverage. 

Gartner also sees IT strategies increasingly aligned with business goals. In this scenario, the skills of leaders in Information Security and Risk Management become essential in presenting these aspects in an assertive way to support the strategic decision-making process in companies. In short, it is necessary that the areas of Information Technology and Security are close to top management and should be considered not only as a means to introduce solutions to technical problems but to allow organizations to achieve their business goals.

Considering this paradigm shift, Gartner has introduced a strategic approach to Cybersecurity Risk Management in 2017, called the Continuous Adaptive Risk and Trust Assessment (CARTA). This approach is based on new Zero Trust models, which, unlike the old “trust, but verify” concept models, eliminate security perimeter concepts that delimit the environment into reliable and unreliable, and turn everything and everyone into possible threats to the organization.

Thus, it is believed that CISOs must review their threat detection and response strategies. These strategies require new investments in their Security Operations Centers (SOCs) so that they are able not only to prevent but also to detect and respond to threats. And this is not an easy challenge to overcome, considering that these threats can be not only outside the environment but also within it. Gartner estimates that by 2022, 50% of all SOCs will have the ability to detect and respond appropriately to security incidents, including using Artificial Intelligence and Machine Learning concepts.  

Thus, it is possible to say that the scale and scope of cyber threats are far from decreasing. As new technologies are introduced, they bring with them new threats to companies. In addition – considering cybersecurity risks not only as technical aspects but as paramount to business continuity – it is essential that Information Technology and Security leaders align with the top management and business goals. In this scenario, Gartner emerges as a key player in helping these leaders define new strategies based on best practices in cybersecurity, using solutions that adequately address threats and are adherent to their businesses, and promote the exchange of experience between executives from different countries and industries. Thus, it can be assumed that it will be possible to appropriately identify and mitigate Information Security risks by enabling these organizations to maintain the satisfaction of their customers, employees, partners, and suppliers, and thereby ensure that they achieve their business goals.

Building Digital Manufacturing Through PAM

With the evolution of technology, manufacturing sectors are increasingly digitalized through solutions that optimize the processes carried out in these environments, reducing costs, eliminating human failures, and generating more productivity.  Among the technologies...

Just-In-Time Privileged Access: Understand this Subject

In this article, we present the concept of just-in-time privileged access, its benefits, and mode of operation, among other extremely important information on the subject. To facilitate your reading, we divided our text into topics. They are: What Is Just-In-Time...

What Can I Do to Decrease Cyber Insurance Amounts?

When it comes to information security, the risks to organizations are increasing by several factors. As an example, we can mention the increase in the number of cyberattacks, especially after the Covid-19 pandemic, which accelerated the mass adoption of remote work,...

What are the actions performed during a privileged access

Nowadays, cyber-attacks have become increasingly common and hit more and more companies, of all verticals and sizes. According to the SonicWall 2022 Cyber ​​Threat report, the number of cyberattacks involving data encryption increased by 167% in 2021, reaching 10.4...

Achieving Sarbanes-Oxley (SOX) Compliance Using Cybersecurity Controls

The Sarbanes-Oxley Act (SOX) is primarily associated with business transparency and the use of accounting and financial controls to protect investors from fraudulent financial reporting. However, it is always important to remember the ever-increasing pivotal role...
Copy link