Gartner identifies four myths obscuring cybersecurity’s full value

Gartner identifies four myths obscuring cybersecurity’s full value

DUBAI, UAE — Four common myths are obscuring the full value of cybersecurity for the enterprise and inhibiting security program effectiveness, according to Gartner, Inc. CISOs must embrace a “Minimum Effective” mindset to maximize cybersecurity’s impact for the business.

“Many CISOs are burnt out and feel they have little control over their stressors or work-life balance,” said Henrique Teixeira, Senior Director Analyst at Gartner. “Cybersecurity leaders and their teams are putting in the maximum effort, but it’s not having maximum impact.”

“A Minimum Effective mindset isLeigh McMullen, Distinguished VP Analyst at a deliberate, ROI-driven approach to leading cybersecurity into the future,” added Gartner. “While the idea of ‘minimum’ may seem uncomfortable, it refers to the inputs, not the outcomes. This approach will enable cybersecurity functions to go beyond merely ‘defending the fort’ to unlocking their true potential to create tangible value.”

Below are four common security myths and how security leaders can create new value across business engagement, technology, and talent.

Myth #1: More Data Equals Better Protection

It’s commonly believed that the best way to drive action from executive decision makers on cybersecurity initiatives is through sophisticated data analysis, such as calculating the likelihood of a cyber event occurring. However, it is not practical