'Embrace the grey' was the message from the Gartner keynote this week. There is no red or green; no yes or no but Continuous Adaptive Risk & Trust Assessments (CARTA for short). This basically laid out the premise that we need to continue to monitor and assess our risks. For NTT Security, this has always been the message – put risk in context and make informed business decisions. CARTA takes this a step further by asserting the premise that we should be doing this continuously and adapt the controls and measures to reflect the risk. I would certainly agree with this and it is a premise that security isn’t a one stop shop. You have to continually assess and adapt according to the threats and your tolerance to risk.

For Gartner, shades of grey is the right way forward and so, for NTT Security, this means continually putting risk in context for the business and embedding cybersecurity to ensure business resilience.