Assessing the risks presented by "digital business" - the new business designs that blur the digital and physical worlds - will be an underlying theme at the 2015 Gartner Security and Risk Management Summit, to be held June 8 to 11 at National Harbor, Md.
"This year, a lot of our time is being spent looking at what the future holds for us, and a major driving issue that is challenging security teams across the globe is this phenomenon known as digital business, where we see a merger, a blending of physical and virtual spaces," Summit Chairman Andrew Walls says in an interview with Information Security Media Group.
An example of digital business, Walls says, are fitness monitors. "Those may seem like minor, consumer-oriented items, but they represent the tip of the iceberg when it comes to IP-enabled devices that sit or interact with the physical world and drive data at the backend in the IT environment," says Walls, a Gartner managing vice president.
In the interview, which previews the annual summit, Walls discusses:
- The creation of business processes with the simultaneous acquisition of technology to support those procedures. "We're seeing organizations where the barriers or silos of practice ... have eroded and broken down. And, the IT people are working hand-in-glove with the business people and the operational technology people. ... Those new models are based on complete integration of business concepts and technological concepts."
- Assessing risks posed by digital business. "This is a challenge to many IT security groups at the moment. So, although it seems like a high-level, theoretical question, it's very fundamental to defining the scope of your operation as an IT security manager, as a CISO or whatever your job title is."
- The IT security team's responsibility in the age of digital business for securing devices on the Internet of Things or operational technology that control pipelines, automated manufacturing and driverless cars. "Who's responsible for the security for all of that? Those are serious challenges to the scope of the security practice. And most IT security teams are not staffed or skilled to support those new, innovative areas of digital business."
Walls specializes in security education, awareness, communications and behavior management; security in social media; enterprise governance; investigations/surveillance; brand and image reputation management; and security practices in high-risk geographies. Before joining Gartner eight years ago, he served as a principal security consultant for Cybertrust Australia, where his practice focused on integrated safety management system development, security governance, breach investigations and compliance assessments.