Katell Thielemann, research vice president at Gartner, explained yesterday to an audience of more than 3,500 security and risk management professionals at the Gartner Security and Risk Management Summit, that the automation continuum emerging in the security and risk landscape is one where new mindsets, practices and technologies are converging to unlock new capabilities. Using automation in areas of identity, data, and new products and services development were identified as three critical areas for the security and risk enterprise.
“We are no longer asking the singular question of how we’re managing risk and providing security to our organization. We’re now being asked how we’re helping the enterprise realize more value while assessing and managing risk, security and even safety. The best way to bring value to your organizations today is to leverage automation,” said Ms. Thielemann.
Automation is All Around Us
Automation is already all around us — and it is starting to impact the security and risk world in two ways:
“Automation follows a continuum of sophistication and complexity, and can use a number of techniques, either stand-alone or in combination,” said David Mahdi, senior research director at Gartner. “For example, robotic process automation currently works best in task-centric environments, but process automation is evolving to increasingly powerful bots, and eventually to autonomous process orchestration.”
By 2021, 17% of the average organization’s revenue will be devoted to digital business initiatives, and by 2022, content creators will produce more than 30% of their digital content with the aid of AI content-generation techniques.
“What this means to security and risk management professionals is that our organizations are likely building solutions and making technology-related choices often without realizing the risk implications of what they are doing,” said Mr. Mahdi.
Balancing Emerging Technologies and People
“Automation is just the beginning. Emerging technologies will change everything and impact security and risk directly,” said Beth Schumaecker, director, advisory at Gartner. “Our reliance on data is ever increasing, yet it poses one of the largest privacy risks to organizations. In the next two years, half of large industrial companies will use some emerging form of digital twins, which will also need to be secured.”
The demands of these emerging technologies and digital transformation introduce new talent challenges for the security function, altering how organizations expect security to be delivered.
“Digital transformation demands that security staff play a wider range of roles, from strategic consultants to threat profilers to product managers, which in turn require new skills and competencies,” said Ms. Schumaecker. “It’s already impossible to fill all our existing vacancies.”
Mission-Critical Areas in Automation
The three mission-critical areas in today’s enterprises are automation in identity, data and new products or services development: