Fear of cybercrime influencing security decisions, says Gartner

Tuesday 12 November 2013

Fear of cyberattacks is causing IT security professionals to shift focus away from disciplines such as enterprise risk management and risk-based information security, it has been claimed.

According to IT analyst Gartner, most people operating within the sector are now focusing on technical security, as fear, uncertainty and doubt leads to reactionary decision making.

John A. Wheeler, research director at Gartner, said the shift to strengthening technical security controls is "not surprising" given the hype around cyberattacks and data security breaches.

But he claimed strong risk-based disciplines such as enterprise risk management or risk-based information security are rooted in "proactive, data-driven decision making".

"These disciplines focus squarely on the uncertainty - as in, risk - as well as the methods or controls to reduce it," Mr Wheeler suggested.

"By doing so, the associated fear and doubt are subsequently eliminated."

He claimed that regular communication about emerging IT risks with board members and business leaders will result in better decision making.

And this ultimately leads to more desirable outcomes, Mr Wheeler suggested.

Find out how Microsoft solutions can improve your organisation's IT security provision.

Posted by Alex Boardman