The COVID-19 pandemic has presented an opportunity to create new security and risk professionals with “endless” opportunities.
Those were the words of Jeffrey Wheatman, Gartner VP analyst, speaking in the opening keynote of the Gartner Security and Risk Virtual Summit.
Wheatman explored how 2020 has turned out to be a challenging year and stated that the COVID-19 pandemic has “highlighted how uncertain our personal and business environments actually are.” Organizations are facing new risks due to changes and “defining risk appetite has become even more of a challenge for security leaders” this year, he added.
Wheatman said the ability to “balance change and chaos” is critical to working with business stakeholders regarding setting and managing an organizational risk appetite. However, in citing Gartner research, Wheatman said 70% of respondents believe investment in risk management is not keeping up with the newer and higher level of risks. “We see a huge opportunity ahead,” he said. “Security leaders must lead the charge in accelerating digital business, managing the risks in both volume and impact, responding with both agility in both proactive and reactive manners and maturing processes, while implementing cost optimization and evaluating investments in technologies and services.”
He explained the good news is that business executives continue to focus on security as a strategic issue, as organizations look at security as a way to help them transform their operating models. “As security and risk professionals, you have a fundamental role to play in helping your organizations through this transformation while avoiding unnecessary risk,” he said.
“You have a unique ability to give them the insights and tools to help them balance risk with the potential opportunity of digital transformation.”
He also said there has been an emergence of “dedicated trust and security teams focused on protecting our digital perimeters.” He added that these teams are tasked with assessing and remediating risks as risks increase, as the traditional data center model moves to a more cloud-based model, where network security evolves and identity replaces the traditional perimeter. This has led to the adoption of both Secure Access Service Edge (SASE) and zero trust network access.
Concluding, Wheatman said, as security and risk professionals, we could not have predicted the pandemic nor the subsequent impact, “however you have proven to be indispensable in helping the enterprise reduce the risk impact of many of the consequences of those disruptions. With your expertise in identifying, assessing and managing the new risks inherent in these technologies, the opportunities to succeed are endless.”