3 Key Highlights from Gartner’s Security & Risk Management Summit

Posted by Adenike Cosgrove on

Earlier this week, we joined over 2,595 CISOs and security professionals at Gartner’s twenty-first annual Security & Risk Management Summit in Washington, DC (June 8-11).

It was a great event, packed with compelling presentations. Here are three key highlights we wanted to share with you.

1. Align security investments to business outcomes
Gartner analyst Peter Firstbrook kicked things off by focusing on the influence security has on business outcomes.

“Business executives are concerned about customer frustrations that arise from security issues,” Peter said. “CISOs must elevate security investment to protect what the business cares about.”

This aligns directly with conversations we’ve had with our customers, and trends we’re seeing in the market. According to the 2015 CEO survey from PwC, 61% of CEOs are concerned about cyber threats and the impact that these threats will have on the organization’s growth prospects.

Cybersecurity is now on the corporate board agenda, and CISOs must be prepared to enable outcomes by protecting the business and its customers.

screen_shot_2015_06_11_at_1_45_50_pm_w1024

Image source: PwC 18th Annual Global CEO Survey

2. CISOs must facilitate customer security engagements
Avivah Litan,VP and Distinguished Analyst, Gartner Research,followed Peter on the stage. She suggested that CISOs who want to generate business outcomes and gain trust of business executives must follow six key principles:

  1. Move from check box compliance to risk-based thinking.
  2. Move from technology to outcomes.
  3. Move from defenders to facilitators of business outcomes.
  4. Understand information flow.
  5. Move from technology focus to people focus.
  6. Move from prevention only to detection and response.

By facilitating working groups within the organization, CISOs can start to embed these security principles into business processes right from the start. Doing so enables businesses engage with its customers in new ways, driving up customer engagement.

This business-oriented approach will soon become the norm: according to Gartner, by 2017, 50% of company IT spending will be outside of the traditional IT department.

screen_shot_2015_06_11_at_1_45_33_pm_w1024

Image source: Gartner Security & Risk Management Summit – Opening Keynote: Manage Risk & Deliver Security in a Digital World

3. CISOs and CMOs need to collaborate
So what can CISOs do today to start to get a handle on customer security? Work with marketing.

A key opportunity for this kind of collaboration is the email channel.

According to the Direct Marketing Association, 66% of consumers have made a purchase online as a result of an email marketing message.

Hackers and attackers are aware of this statistic too. Between October 2014 and March 2015, nearly 21 billion emails appearing to come from well-known commercial senders did not actually come from their legitimate IP addresses—potentially indicating a large-scale phishing attack.

Return Path’s General Manager for Email Fraud Protection, Robert Holmes, tackled this opportunity head-on in his presentation on how to re-build customer trust in the email channel.

By focusing on protecting emails that end-customers receive, CISOs can enhance customer engagement and ultimately drive business outcomes by increasing revenue from email.

To do this, Return Path recommends that companies gain visibility into all types of email threats, including domain spoofing, cousin domain threats, display name spoofing, and subject line spoofing. It’s easier to define a solution once you know the scope of the problem you’re facing.

For more information on the evolving email security landscape, check out our upcoming events. We’ll be hosting CISOs at several upcoming dinners in San Francisco, Boston, and New York City. Contact us if you’d like to attend.


Popular this Month

 3 Trends Impacting Email: Persistent Fraud, Part 2

3 Trends Impacting Email: Persistent Fraud, Part 2

In part one of this three-part series, I examined the evolving landscape of...

Read More

 The Top 16 Topics of 2016

The Top 16 Topics of 2016

2017 is finally here! But before we focus on the year ahead, we wanted to...

Read More

 Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Cyberattacks against your brand can be very damaging and costly to both your...

Read More

Author Image

About Adenike Cosgrove

Adenike (Nikki) Cosgrove is Senior Product Marketing Manager for Return Path's Email Fraud Protection solution. Before joining Return Path, Adenike was the lead EMEA Senior Advisor to security and risk professionals at Forrester Research, helping clients with their information and cyber security strategies. Prior to her role at Forrester, she was Service Head for Canalys's Enterprise Security services, producing analytical reports on a wide range of topics within enterprise security and vendor channel management.

Author Archive

Stay up to date

Enter your name and email address below to subscribe to our mailing list.

Your browser is out of date.
For a better Return Path experience, click a link below to get the latest version.