Supply Chain Integrity Concern Skip to main content

Gartner Forecasts Security and Risk Management Spending in India to Grow 12% in 2024

  GenAI-Driven Attacks Require Changes to Application and Data Security Practices and User Monitoring End-user spending on security and risk management (SRM) in India is forecast to total $2.9 billion in 2024, an increase of 12.4% from 2023, according to a new forecast from Gartner, Inc. Indian organizations will continue to increase their security spending through 2024 due to legacy IT modernization using cloud technology, industry demand for digital platforms, updated regulatory environment, and continuous remote/hybrid work. “In 2024, chief information and security officers (CISOs) in India will prioritize their spending on SRM to improve organizational resilience and compliance,” said  Shailendra Upadhyay , Sr Principal at Gartner. “With the introduction of stringent government measures mandating security breach reporting and digital  data protection , CISOs are facing heightened responsibility in safeguarding critical assets against evolving cyber threats.” Gartner a...
Post a Comment

Supply Chain Integrity Concern


Details
Published on Sunday, 21 October 2012 15:09


Enterprise IT supply chains will be targeted and compromised, forcing changes in the structure of the IT marketplace and how IT will be managed moving forward, according to Gartner. By 2017, IT supply chain integrity will be a top three security-related concern.





Supply chain integrity is the process of managing an organization's internal capabilities, as well as its partners and suppliers, to ensure all elements of an integrated solution are of high assurance. The need for integrity is necessary, whether the solution is developed in-house or purchased from a third party.


"IT supply chain integrity issues are real, and will have mainstream enterprise IT impact within the next five years," says Neil MacDonald, research vice president at Gartner. In the shorter term, the market for information security offerings will fragment along geopolitical lines. In the longer term, the same will happen for OSs and other IT system infrastructure software, reshaping the IT landscape moving forward. “Enterprise IT departments must begin to make changes today to protect their systems and information in a world where all IT systems are suspect. These changes in information protection strategies will help enterprises embrace and adopt cloud computing and consumerization, which have strikingly similar issues with untrusted systems."

IT supply chain integrity issues are expanding from hardware into software and information, says Ray Valdes, research vice president at Gartner. "They are growing more complex as IT systems are assembled from a large number of geographically diverse providers, and, now of mainstream concern to enterprise IT. These issues are not just about defense and intelligence. This has significant implications for businesses, governments and individuals moving forward in a world where the integrity of the IT supply chain is no longer completely trustable and where all layers of the IT stack will be targeted for supply chain compromise," explains Valdes.

The IT supply chain has become more complex, fine-grained, globally distributed and volatile in the sense that rapid change provides the opportunity to introduce compromises. Hardware vendors are increasingly outsourcing not just manufacturing, but also design to OEM suppliers and contractors located in Asia and India. In some cases, established Asian suppliers are outsourcing to emerging economies, such as Brazil, Vietnam and Indonesia.



This is a complex problem, since most hardware systems are a conglomeration of components and subsystems procured from a large number of individual providers. However, most hardware systems include software-based elements (at a minimum, firmware and drivers), with the trend to shift more intelligence out of hardware and into software. In an information- and software-based economy, IT supply chain integrity must extend to include the following:


Software supply chains — This includes components, frameworks, middleware, language platforms, virtual machines (VMs) and operating systems (OSs), but also the software infrastructure and environment for software distribution and updates (such as DNS, identity, application store packaging and digital certificates). Ensuring the integrity of software supply chains is a more difficult problem because of the increased use of offshore development, the relative ease of cloning software, and the ongoing need to keep software patched and updated via trusted mechanisms.

Information supply chains — Information is now becoming available from a variety of sources — from partners, suppliers and cloud-based services, such as data from Google Maps, Twitter, Facebook and Amazon. This information can be incorporated into connected applications, information marketplaces and the information integrated from partners in an extended supply chain ecosystem. Critical decisions will be based on information assembled from many other sources, creating a similar supply chain integrity issue to that of hardware and software.

---Gartner

Comments

Post a Comment

Popular posts from this blog

Mobile Phones Sales Plummet

Details Published on Thursday, 16 August 2012 06:34 Worldwide sales of mobile phones reached 419 million units in the second quarter of 2012, a 2.3 percent decline from the second quarter of 2011, according to Gartner. Smartphone sales accounted for 36.7 percent of total mobile phone sales and grew 42.7 percent in the second quarter of 2012. "Demand slowed further in the second quarter of 2012," says Anshul Gupta, principal research analyst at Gartner. "The challenging economic environment and users postponing upgrades to take advantage of high-profile device launches and promotions available later in the year slowed demand across markets. Demand of feature phones continued to decline, weakening the overall mobile phone market. "High-profile smartphone launches from key manufacturers such as the anticipated Apple iPhone 5, along with Chinese manufacturers pushing 3G and preparing for major device launches in the second half of 2012, will drive the smartpho...
257 comments
Read more

Now facebook hit with international class action privacy suit

An Austrian privacy activist has launched a wide-reaching class action suit against Facebook Ireland for breaching European data protection law. Anyone outside of the US and Canada can join activist and law student Max Schrems' suit via the website fbclaim.com, since they will have signed up to Facebook's terms and conditions via the Dublin-based European subsidiary. That amounts to around 82 percent of all Facebook users. After being live for just one hour, the site has collected 100 participants. The suit is seeking damages of €500 ($537) per user, and injunctions to be levied on the company for the following breaches:     Failing to get "effective consent" for using data     Implementing a legally invalid data use policy     Tracking users online outside of Facebook via "Like" buttons     Using big data to monitor users     Failing to make Graph Search opt-in     The unauthorized passing of use...
1 comment
Read more

Cabling and Data Explosion

Details     Published on Tuesday, 13 November 2012 05:39 The explosion of 'big data' and the seemingly limitless demand for bandwidth are driving trends in today's IT-centric world. The 'faster, better, most cost effective' mentality has led enterprises of all sizes to closely scrutinize their communications networks and networking infrastructure. network-cables The need to deploy high speed network backbones that meet future requirements, while simultaneously reducing costs, present conflicting interests. With the need for higher bandwidth and flexibility for growth, organizations are looking at the network's physical layer and its overall life cycle as a capital investment that is essential to the business. Throw into this conundrum the increasing focus on sustainability and the task of designing a network high-performance, high-efficiency network seems almost insurmountable. Addressing efficiency at a physical infrastructure level has fueled the growing ado...
1 comment
Read more