Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Sicurezza IT: una nuova cultura del rischio IT per promuovere la trasformazione digitale

436 views

Published on

Abstract della presentazione di Giancarlo Vercellino, Research & Consulting Manager di IDC Italia, tenuta all'evento IDC Security Conference 2017 di Milano l'11 maggio 2017

Published in: Technology
  • Be the first to comment

Sicurezza IT: una nuova cultura del rischio IT per promuovere la trasformazione digitale

  1. 1. A new IT-risk culture for Digital Transformation Milan, May 11, 2017 Redux Version
  2. 2. The market is under pressure © IDC Visit us at IDC.com and follow us on Twitter: @IDC 2 Source: IDC, 2016 (n=98, companies with more than 50 employees in Italy; weighted extrapolation) 10 OR MORE DATA BREACHES 5-9 DATA BREACHES 3-4 DATA BREACHES 1-2 DATA BREACHES 0% 5% 10% 15% 20% About 40% knows they have been breached
  3. 3. Who is adopting new IT Security tech is dealing with specific challenges © IDC Visit us at IDC.com and follow us on Twitter: @IDC 3 0% 20% 40% 60% COMPETING WITH CLOUD RESOURCES USED/SHADOW IT HIGH LEVEL OF DEMAND FOR NEW BUSINESS SERVICES FRAGMENTATION OR LACK OF INTEGRATION OF SECURITY PRODUCT PORTFOLIO JUGGLING CONFLICTING PRIORITIES NOT ENOUGH INTEGRATION INTO THE IT INFRASTRUCTURE TEAMS LACK OF INSIGHT INTO SECURITY SENSITIVE ACTIVITIES SKILLS SHORTAGES OPERATIONS RESOURCES ARE TOO BUSY ON ROUTINE OPERATIONS BUDGET CONSTRAINTS What is challenging the development of IT Security Source: IDC Italy, 2016 (n=100, different within groups; cross-sector study, companies with more than 500 employees in Italy; weighted extrapolation)
  4. 4. Measuring risks is a proof of your risk aversion © IDC Visit us at IDC.com and follow us on Twitter: @IDC 4 Source: IDC Italy, 2016 (n=100, different within groups; cross-sector study, companies with more than 500 employees in Italy; weighted extrapolation) 0% 20% 40% 60% 80% INTERNAL COMMUNICATIONS PLAN BREACH NOTIFICATION PLAN BREACH REMEDIATION PLAN RESPONSE PLAN A FORMAL RISK ASSESSMENT EXTERNAL COMMUNICATIONS AND PUBLIC RELATIONS PLAN CYBER RISK INSURANCE Risk management practice currently in use Risk averse (n=64) Risk propense (n=35)
  5. 5. © IDC Visit us at IDC.com and follow us on Twitter: @IDC 5 TIME (MONTHS) TO MAINSTREAM ORGANIZATIONALIMPACT Asingle department orabusinessunit Multiple departments orbusinessunitsCompanywide 0-12 12-24 24+ 1 2 3 4 5 6 7 8 9 10 [CELLRANGE ] [CELLRANG E] [CELLRANG E] [CELLRANGE] [CELLRANGE] [CELLRANGE ] [CELLRANGE] [CELLRAN GE] [CELLRA NGE] [CELLRANGE] IDC FutureScape 2017 Security Products and Services, Western Europe Implications 1 2 3 4 5 6 7 8 9 10 By 2021, 50% of all online transactions will incorporate biometric authentication driven by a ubiquitous technology infrastructure that enables low implementation costs and broad user acceptance. By 2019, more than 75% of IoT device manufacturers will improve their security and privacy capabilities, making them more trustworthy partners for technology buyers. By 2019, 60% of major multinational corporations with ties to Europe will face significant cybersecurity attacks aimed at disruption of commodities. Over the next 18 months, 85% of consumers in Western European nations will defect from a business because their personally identifiable information is impacted in a security breach. By 2019, 70% of Western European enterprise cybersecurity environments will incorporate cognitive/AI technologies to assist humans in dealing with the vastly increasing scale and complexity of cyberthreats. By 2018, 50% of enterprise customers will leverage analytics as a service to help solve the challenge of combing through security-related data and events. By 2020, cloud security gateway functionality will begin to be integrated as part of web service offerings to entice IT leaders to move offerings to the cloud. By 2020, 25% of Western European broadband homes will have at least one IP-enabled home automation or security monitoring sensor/device. By 2021, 60% of Western European enterprises will invest in incident response retainers. By 2020, more than 25% of Western European enterprises will secure their IT architectures through cloud, hosted, or SaaS security services. Note: The size of the bubble indicates complexity/cost to address. Source: IDC, 2016
  6. 6. © IDC Visit us at IDC.com and follow us on Twitter: @IDC 6 Risk posture has an impact on the adoption of new security technologies Source: IDC Italy, 2016 (n=100, different within groups; cross-sector study, companies with more than 500 employees in Italy; weighted extrapolation) 15% 35% 55% 75% THREAT INTELLIGENCE SERVICES MICRO SEGMENTATION AI/HEURISTICS Currently using security technologies by risk posture Risk propense (n=35) Risk averse (n=64)
  7. 7. © IDC Visit us at IDC.com and follow us on Twitter: @IDC 7 40% 52% 64% 76% KNOWLEDGE OF OBLIGATIONS IMPLEMENTATION PLANNING PENALTIES MITIGATION BASED ON EARLY DETECTION/REMEDIATION CONTINUOUS IMPROVEMENT IMPLEMENTATION EXECUTION ASSESSMENT OF CAPABILITIES AND GAPS Higherpreparednessscore(4to5) Preparedness to GDPR Risk propense (n=35) Risk averse (n=64) GDPR implementation will also depend on the actual perception of risks Source: IDC Italy, 2016 (n=100, different within groups; cross-sector study, companies with more than 500 employees in Italy; weighted extrapolation)
  8. 8. © IDC Visit us at IDC.com and follow us on Twitter: @IDC 8 IDC Italia Viale Monza 14 20127 Milano Tel: +39 02 28457339 gvercellino@idc.com Giancarlo Vercellino Research & Consulting Manager IDC Italy www.idc.com

×