Ovum’s ICT Enterprise Insights notes that the creation of digital capabilities is the leading IT trend among organizations across the globe. Next on the list of leading IT trends is the management of security, identity, and privacy. The two must go hand in hand, and developing digital capabilities must have security front of mind.
Security must not be an afterthought
PwC recently released its key findings from the “2018 Global State of Information Security Survey”, in which it notes that digital transformation initiatives rarely give sufficient consideration to information security. Organizations are frequently in an understandable rush to bring a new service or product to market before the competition. However, this can result in at least some security aspects of the new service or product not being examined or addressed in sufficient detail or time, if at all.
Digital transformation opens up new opportunities but also exposes organizations to an ever-increasing range of threats and potential consequences. Technology is placed at the heart of the enterprise, yet without good security governance and strong risk management, there is every chance that a threat will find easy pickings to exploit an organization.
One threat might choose to steal data or information to sell on the dark web or gain kudos in exposing the organization’s security failings, a data breach. Another might opt to disrupt operations. Downtime in a digital business can mean huge amounts of lost revenue in the short term, let alone the potential for reputational damage and declining future revenues. Finding and exploiting vulnerabilities is a full-time job for many threats, whether they work for a nation state, an unscrupulous competitor, or themselves.
When embarking on and developing digital transformation initiatives, organizations should review their approach to security governance to ensure there is clear commitment and action to embed security across the enterprise. Mature organizations recognize that initiatives carry risk, but quantifying and accepting the risk from a security perspective is essential if these initiatives are to have the best chance at success, without consequences from a threat that could have been foreseen.
ICT Enterprise Insights 2017/18 – Global: ICT Drivers and Technology Priorities, PT0099-000002 (September 2017)
Evaluating the shift to digital transformation in 2017, IT0018-001549 (September 2017)
Maxine Holt, Research Director, Infrastructure Solutions