Last week Gartner held its annual Security and Risk Management Summit in National Harbor, MD, few miles away from Washington D.C. Much like the RSA Conference, this event is becoming a “must” for security and risk management leaders. While the presentations and discussions in San Francisco (RSA) focus on technology and implementation best practices, at the Gartner Security and Risk Management Summit there’s more emphasis on direction, vision and guidance.
On the first conference day, the keynote introduced a new strategic approach for cybersecurity defenders: CARTA (Continuous Adaptive Risk and Trust Assessment). This is an evolution from the previous Adaptive Security Architecture model. With this new approach, Gartner is identifying the need to change methodologies and best practices in order to face both the current (known) and future (unknown unknowns) cyber security challenges. CARTA recognizes the need for cybersecurity teams to adapt to the significant risks facing defenders today. Risk and, by extension, trust, can no longer be binary decisions. “There’s no black and white”. Depending on the context, responses must be more adaptive. A CARTA approach relies on the use of APIs for automation, moves away from simple rule-based systems, and puts a greater emphasis on detection/response vs. mere prevention. It is becoming the model for forward thinking organizations that are adopting the DevOps model for rapid delivery.
“In 2017, the threat level to enterprise IT continues to be at very high levels, with daily accounts in the media of large breaches and attacks. As attackers improve their capabilities, organizations must also improve their ability to protect access and protect from attacks,” said Neil MacDonald, vice president, distinguished analyst and Gartner Fellow Emeritus.“ Security and risk leaders must evaluate and engage with the latest technologies to protect against advanced attacks, better enable digital business transformation and embrace new computing styles such as cloud, mobile and DevOps.”
Gartner also listed the “Five things that you should demand from vendors”:
Support Modern IT Practices
Support Adaptive Policies
Full access to data without penalty
Use multiple detection methods
Contextual, real-time and continuous visibility is at the heart of CARTA. Not coincidently, it is also the heart of Centra that we started to build 4 years ago with a vision that securing modern data center architecture requires a different approach.