© 2019 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner's prior written permission. It consists of the opinions of Gartner's research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see "Guiding Principles on Independence and Objectivity."

Stan KiyotaLeadership Partner

September 12, 2019

Texas State ISO ConAutomation and Artificial Intelligence in Cybersecurity

1 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Stan Kiyota, Leadership PartnerGartner for Enterprise IT Leaders: Security & Risk ManagementCorona del Mar, California, USA, North AmericaStan Kiyota is a Leadership Partner with the Gartner Enterprise for IT Leaders Security & Risk Management Program. He comes to Gartner with 38 years of industry experience in a variety of organizations in the private and nonprofit sectors. Mr. Kiyota has 30 years of information security, risk and compliance expertise, including five years as the CISO at one of the world’s largest management consultancies. He has industry experience working in telecommunications, financial services, consumer products, management consulting, legal and non-profit industries. Mr. Kiyota’s past experience includes advising, consulting and providing information security, risk and compliance expertise to clients on four continents and 25 countries, including Fortune 50 energy and telecommunications post-merger security integrations, health care quality, military-industrial cyberbusiness diversifications, next-generation security systems and architectures, U.S. DHS and intelligence agency cyber program issues and more. He holds a bachelors degree in International Relations from the University of Southern California, and is a Certified Information Security Manager (CISM) and Certified Information Systems Security Professional (CISSP).

Gartner’s leadership partners brings a broad base of experience to the critical issues

2 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Today’s fast paced discussion is on how you must adapt and automate to the ever increasingspeed of threats and the needs of our customers / constituents

3 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

AI

cloud productmachine learning

dataidentityblockchain

safety roboticsAPI

4 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

8.7% through 2023

Security spending will continueto grow at a compound annual growth rate of:

5 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

40.7%

And in sub-categories like cloud security, that growth rate across the same period will be:

6 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

What’s our value proposition as information security professionals?

7 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Who are our customers?

8 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

What capabilities are we using to secure our critical assets?

9 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

How do we serve our citizens, or achieve our mission?

10 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

And how are we effecting tangible change in our organizations?

11 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

14 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

15 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

$100K more in average annual income than other new-car buyers

5YRS younger than typical new-car buyer(Passport customers)

80% subscribers were new Porsche customers

16 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Ad-Hoc Automation

Limited Automation

Functional Automation

Integrated Automation

Adaptive Automation

© 2019 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates.

The Automation Continuum…

…in everything you do as an info sec professional, should be focused on driving to the right…

17 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Ad-Hoc Automation

Limited Automation

Functional Automation

Integrated Automation

Adaptive Automation

AI-enabledAugmented Analytics

PrescriptiveAnalytics

PredictiveAnalytics

Descriptivemetrics

AI-enabledAutonomous Response

Integration Platform

Low Code Application Platform

Robotic ProcessAutomation

Excel Macros

Dashboards and static visualization

The Automation Continuum

Data

Process

18 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Security automation

choices thatare conscious,

and adapted

19 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Ad-Hoc Automation

Limited Automation

Functional Automation

Integrated Automation

Adaptive Automation

PrescriptiveAnalytics

PredictiveAnalytics

Descriptivemetrics

Integration Platform

Low Code Application Platform

Robotic ProcessAutomation

Excel Macros

Dashboards and static visualization

The Automation Continuum…

AI-enabledAugmented Analytics

AI-enabledAutonomous Response

Data

Process

…how do we get there???

20 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Our World View Is Flawed

What the World Is Really Like:

Everything needs to be continuously assessed and for security decisions adapt accordingly

Blacklist the bad stuff

Whitelist the good stuff

A bit of gray in the middle

What We Think the World Is Like:

Good apps gone bad Stolen credentialsInsider threat

Zero daysTargeted attacksHostile content

21 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Continuous Adaptive Risk and Trust Assessment Model

22 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Respond Detect

Predict Prevent

Detect incidents

Prevent attacks

Confirm and prioritize risk

Contain incidents

Isolate systems

Harden systems

Compliance

Policy

Adjustposture

Implementposture

Anticipate threats/attacks

Risk-prioritizedexposure assessment

Baseline systems and security posture

Investigate incidents/Retrospective analysis

Remediate

Design/Model policy change

CARTA Is the Engine that Powers the Gartner Adaptive Security Architecture

Continuous Risk/Trust

AssessmentUsers

SystemsSystem activity

PayloadNetwork

Monitor postureAdjust posture

23 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

24 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Ad-Hoc Automation

Limited Automation

Functional Automation

Integrated Automation

Adaptive Automation

AI-enabledAugmented Analytics

PrescriptiveAnalytics

PredictiveAnalytics

Descriptivemetrics

AI-enabledAutonomous Response

Integration Platform

Low Code Application Platform

Robotic ProcessAutomation

Excel Macros

Dashboards and static visualization

The Automation Continuum

Data

Process

25 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

26 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

27 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Ad-Hoc Automation

Limited Automation

Functional Automation

Integrated Automation

Adaptive Automation

AI-enabledAugmented Analytics

PrescriptiveAnalytics

PredictiveAnalytics

Descriptivemetrics

AI-enabledAutonomous Response

Integration Platform

Low Code Application Platform

Robotic ProcessAutomation

Excel Macros

Dashboards and static visualization

The Automation Continuum

Data

Process

28 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

29 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

30 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

31 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

CARTA Requires Shifting Visibility and Monitoring “Up the Stack”

Hardware

People (entities)

Applicationsand Services

Workspace

Transactions

Information

Network

OS

Processes

The goal of information security has always been to protect information and IT-enabled process resilience. In the world of cloud-based digital business, we must have top-down visibility of our information, identities and processes.

Bottom-up visibility:Devices, servers, networks, operating systems and workspaces

Top-down visibility:People (entities), information, processes, transactions, and applications

32 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Ad-Hoc Automation

Limited Automation

Functional Automation

Integrated Automation

Adaptive Automation

© 2019 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates.

Risk / Trust

33 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Compliance

PolicyAttack Protection

“Keep Bad Stuff Out” Defense Posture

Adjustposture

Monitor posture

Adjustposture

Implementposture

ContinuousVisibility and Assessment

Access Protection

Policy“Let Good Stuff in”

Access Posture

Continuously monitor;assess risk and trust

Enable adaptive

responses

34 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

The Center of the Architecture Is Continuous Monitoring (Visibility) and Continuous Analytics (Assessment)

Logs, Events, Costs, Usage, Attacks, Breaches

DataData DataDataBig Data

Model,Simulate,

Act, Protect

Collect, CorrelateInformation

AnalyzeKnowledge

Community Context

Patterns, MeaningfulAnomalies

Dependencies,Relationships

ContinuousVisibility and Assessment

Risk-Prioritized Actionable Insight

35 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Use analytics, AI, automation, and orchestration to speed

the time to detect and respond — and to scale

our limited resources

36 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

The Automation Continuum

Ad-Hoc Automation

Limited Automation

Functional Automation

Integrated Automation

Adaptive Automation

37 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

38 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

39 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

What does automation mean to MY ROLE?

40 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Identity

41 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

42 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Identity ManagementAutomation

43 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Identity

Ad-Hoc Automation

Limited Automation

Functional Automation

Integrated Automation

Adaptive Automation

Multi-factorAuthentication

First-time Account Generation

44 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Adaptive AccessApproach

45 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Identity

Ad-Hoc Automation

Limited Automation

Functional Automation

Integrated Automation

Adaptive Automation

Multi-factorAuthentication

Aggregated Session Authentication

First-time Account Generation

46 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

The Automation Continuum

New ServiceDevelopment

Identity

Data

Ad-Hoc Automation

Limited Automation

Functional Automation

Integrated Automation

Adaptive Automation

Multi-factorAuthentication

Aggregated Session Authentication

First-timeAccount Generation

APIs

IASTRPA

CSPMCASB

SIEM

SOAR

47 © 2019 Gartner, Inc. and/or its affiliates. All rights reserved.RESTRICTED DISTRIBUTION

Security and Risk Professionals candeliver value.