SECURITY

Which of Gartner’s 2019 Top 7 Security and Risk Management Trends Are Impacting Your Business?

Part of my role as a security ninja is to stay up-to-date with industry trends, so I regularly follow the observations Gartner receives from security managers and vendors around the world and review strategies on how security teams can address them.

It’s impressive how accurate Gartner is with its predictions. Similarly remarkable is how advanced Splunk customers and users have been by addressing these trends with Splunk technology today. 

Most of the time, people see Splunk as a tool for SIEM or SOAR… then realize that there's so much more to it! It’s a true platform to build and modernize security operations to perform real security that suits their needs, and matures with their organization.

In this 3-part blog series, I want to take a closer look into this year’s Gartner Security and Risk Trends, through a Splunk lens. I’ll be exploring each trend which should help you in case you’re wondering what’s next and how you can address these security and risk trends in practice.

Let’s take a look at the trends.

TREND NO. 1: Leading SRM leaders are creating pragmatic risk appetite statements linked to business outcomes to engage their stakeholders more effectively.  
Best Practices From Top Organizations How Splunk & Partners Can Help

Rasha M. Abu AlSaud, SVP - Chief Information Security Officer from a leading Saudi Bank talked at the Gartner Security and Risk Management Summit 2018 in Dubai, highlighting how the organization aligned its information security strategy and business priorities.

Rasha explained how she gained a seat at the boardroom table. She then mapped business objectives to the security program using the business objective of customer trust as an example, requires secure digital services. Customer satisfaction requires high availability of services, more digitization requires new diverse applications to protect and more compliance regulations demand more adherence to them. If you want to learn more, you can find the blog writes up here: How a Leading Saudi Bank matured security to better partner the business

Everyone talks about aligning security with the business but this is easier said than done as many security experts come from a firewall & endpoint protection background.

Our article “SIEM: The Steps Before "The First Steps" doesn’t only focus on risk appetite statements, but also on how to pragmatically get the overall business aligned with security goals. Moreover, we describe in detail how alignment can be achieved through a security steering committee and what its responsibilities are. Therefore creating a pragmatic risk appetite statement could potentially turn into a great task to put on the agenda of that security steering committee. 

There are many partners in our ecosystem, providing management consulting and strategy design for information security risks - such as are Accenture, Deloitte or Booz Allen Hamilton. 

TREND NO. 2: There is renewed interest in implementing or maturing security operations centers (SOCs) with a focus on threat detection and response.
TREND NO. 3: Leading organizations are utilizing a data security governance framework to prioritize data security investments.  
TREND NO. 4: “Passwordless” authentication is achieving market traction, driven by demand and the availability of biometrics and strong hardware-based authentication methods.
TREND NO. 5: Security product vendors are increasingly offering premium services to help customers get more immediate value and to assist in skills training.
TREND NO. 6: Leading organizations are investing in and maturing their cloud security competency as it becomes the mainstream computing platform.
TREND NO. 7: The strategic CARTA approach to security is starting to appear in more traditional security markets.


Thanks for reading! Stay tuned for part two where we look into the second and third trends of 2019, and for those of you attending Gartner’s Security and Risk Management Summit in London this September, I look forward to seeing you there! 

Matthias

Matthias Maier
Posted by

Matthias Maier

Matthias Maier is Product Marketing Director at Splunk, as well as a technical evangelist in EMEA, responsible for communicating Splunk's go-to market strategy in the region. He works closely with customers to help them understand how machine data reveals new insights across application delivery, business analytics, IT operations, Internet of Things, and security and compliance. Matthias has a particular interest and expertise in security, and is the author of the Splunk App for IP Reputation. Previously, Matthias worked at TIBCO LogLogic and McAfee as a senior technical consultant. He is also a regular speaker at conferences on a range of enterprise technology topics.

Join the Discussion