*Rise of the "Security Free State". This Gartner concept may be a little maverick for many, but it's being seriously presented as one security approach for the future. Basically, Gartner is saying the CISO can decide to reduce security controls in a bid to eliminate bureaucracy and costs, plus improve company morale, since "let's face it, they don't like us," Wagner said. The Security Free State idea is "people-centric security" in which employees are allowed a privilege such as BYOD access to corporate e-mail in return for say, not keeping sensitive data on the device. There are no specific security controls except a monitoring process that would be set up to make sure the agreement was being maintained. If an employee does something wrong, the IT security division takes action. The idea behind it is "they're being treated as people who do things right," Wagner said.
Sign up for CIO Asia eNewsletters.