Skip to content
Blog

CARTA: What Role Will It Play in the Hippy Era of Data Love?

The Gartner Security & Risk Management Summit 2019 is upon us and this year’s theme is all about how you can shift organizational culture to improve cybersecurity, data privacy and business resilience.

When it comes to building a viable data security strategy, organizational culture has easily been one of the more overlooked elements. But that is changing! Today, end users play a key role in shaping security. The ultimate conundrum organizations face is how to embrace cultural shifts that drive  productivity without jeopardizing data protection.

To that end, I’m very interested to learn more about Gartner’s Continuous Adaptive Risk and Trust Assessment (CARTA) framework. A logical companion to Forrester’s Zero Trust model, CARTA offers a strategic approach to information security that assumes that everyone inside a security  perimeter is a threat and all data interactions are a security event. The approach makes sense. In times where insider threat scenarios are clearly on the rise, a data focused approach to detecting and responding to risk becomes paramount. In my opinion, the best part of the CARTA framework is its approach of continuously adapting to change and learning from each data interaction.

I’ve often joked with security analysts that they have the unenviable task of protecting data in the hippy era of data love. In this new data paradigm, users call the shots. They use their device of choice, work from their location of choice and sometimes select their corporate IP storage destination of choice! Today’s users have rejected the mores of mainstream security. Countering this wave may actually have adverse effects on the business.

One of the key questions for me to answer at this year’s summit will be, “How well can CARTA enable this cultural shift?”

If you are attending the Gartner Security & Risk Management Summit, stop by booth #448. Learn how the Code42 Next-Gen Data Loss Protection solution makes it quicker and easier to detect and respond to data exfiltration and insider threats.

You might also like: