skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Introduction

Security protection of new technologies (part of achieving digitalization) needs to be integrated strongly with risk management and governance, and this should be reflected in organization-level changes, rather than being seen as solely a technical matter.

Highlights

  • The relentless increase in the intensity of IT within organizations, and the ever more rapid technological change being adopted within business processes, means that risks relating to IT are a more important organizational concern than ever.
  • The continuing elevation of the business status of technology must be matched by greater maturity in considering the related risks, and applying business knowledge to drive the right approach to protecting the value that should accrue from technology investments.
  • The capability to manage risks arising from technologies delivered as services, from outside enterprises, is increasingly important to organizations under digitalization initiatives, and for many this will be an area requiring new resources and expertise.

Features and Benefits

  • Examines how the scope and integration of risk management and security must broaden to cover new risks from digitalization.
  • Identifies how addressing issues around organizational structure and processes is as important as those relating to technology.
  • Explains how integrating risk management with security enables focus on relevant business objectives.
  • Gives examples of how new technologies involve potential risks for security and risk management to address .

Key questions answered

  • How should CISOs roles evolve to meet new security and risk challenges from digitalization?
  • How can risk information relating to security issues be used as a source of organizational value?

Table of contents

Summary

  • Catalyst
  • Ovum view
  • Key messages

Recommendations

  • Recommendations for enterprises
  • Recommendations for vendors
  • Recommendations for service providers

The scope of risk and security management must broaden to cover new risks from digitalization

  • Governance principles must control technology delivery and use
  • Digitalization focuses perspectives on information value and risk

Addressing organizational structure and processes is as important as technology

  • Security and governance should be integrated with board-level responsibilities
  • CISO responsibilities are increasingly critical to all types of organization

Integrating risk management with security enables focus on relevant business objectives

  • Risk insight enables security problems to be analyzed in a business context
  • Risk should underpin business cases for security investment

Security and risk management must address new technologies that constitute potential risks

  • Rigorous management capabilities typically lag the maturity of new technologies’ adoption and implementation
  • Risk and compliance management of externally provided technology is a rapidly increasing requirement

Appendix

  • Methodology
  • Further reading
  • Author

Recommended Articles

;

Have any questions? Speak to a Specialist

Europe, Middle East & Africa team: +44 7771 980316


Asia-Pacific team: +61 (0)3 960 16700

US team: +1 212-652-5335

Email us at ClientServices@ovum.com

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Email us at pr@ovum.com

Contact marketing - 
marketingdepartment@ovum.com

Already an Ovum client? Login to the Knowledge Center now