Security in the Age of Digital Transformation

The quickening pace of change in business today is forcing companies to transform themselves digitally, in new and innovative ways. It’s requiring them to shake off traditional, legacy-based approaches to IT, and think more like those new-age competitors that were ‘born digital’. The name of the game is to

The quickening pace of change in business today is forcing companies to transform themselves digitally, in new and innovative ways. It’s requiring them to shake off traditional, legacy-based approaches to IT, and think more like those new-age competitors that were ‘born digital’. The name of the game is to digitize and transform business processes – embracing new ways of connecting with customers, partners and others in the value chain. However, by doing this, organizations are also faced with new complexities from a security perspective.

By Abigail Phillips

In listed companies, studies have shown that data leaks and security breaches have a clear relationship to share price. Once all other variables have been controlled for, research indicates that organizations typically see a 10 percent mark-down in their share price, even eight months after the security breach occurred.

So, security perceptions have a direct impact on shareholder returns. This reality often causes CIOs to take the most conservative approach possible – looking to lock-down, protect and prevent incidents with strong firewalls and policy-driven approaches to security. But in the new digital economy – where ecosystem-based networks and the world of APIs means deeper integration into partners, suppliers and customers – the ‘prevention’ approach is simply not always possible. We advocate a more pragmatic approach to security: that of detection and quick response, rather than an attempt at prevention. Data is now hosted in new ways, exposed to external parties in new ways, and extended to users via new (often mobile) devices.

Related: Endpoint, Not Cloud, Are Biggest Security Risk

Traditionally, staff inside the organization were protected by, but also restricted by, firewalls and strong-arm IT policies. To compete in a changing environment, the emphasis needs to shift towards empowering staff to take ownership of security, by giving them the knowledge and tools to make the right decisions. With this change in mind-set, organizations unlock opportunities to find these “white spaces” of business possibility – new efficiencies, new markets, and new relationships. In being able to work with and share data more easily, they can collaborate, find solutions, find new opportunities, and get closer to customers.

However, harnessing the power of Big Data and transforming it into knowledge requires a fresh look at IT security.

So, how do organizations deal with the threat of increasingly-severe penalties for data leaks (such as the forthcoming POPI Act) for instance, while at the same time readying the business for the new world of open-platforms and real-time integration?

Related: Top 5 Ways to Avoid Cloud Security

The first step is to accept that any security system is fallible; and to shift the focus to rapid response alerts that minimize any the damage and return the organization to a state of business-as-usual. Perfection is something that cannot realistically be achieved. Even some of the world’s most prestigious companies – like Apple, MasterCard and Sony – have fallen victim to attacks. Previously, breaches were considered to be an exception. The new model requires us to view them as something endemic to the digital age – something that can be mitigated and immediately addressed, but not prevented entirely.

Organizations should adopt a more refined, granular approach to data access. Instead of blanket policies, data access should consider who needs to access data, at what times, and under what conditions. By using permissions, signing in and out, and using audit trails, organizations can build what we call a ‘programmatically controlled’ approach to data security. Ultimately, now is the time to invest more in security than ever before. Threats are on the rise, and their natures are shape-shifting at very rapid rates. With the right approach and the appropriate solutions, organizations can position themselves to capitalize on the benefits of open innovation needed for digital transformation, while responding in real-time to any new security threats.

comments powered by Disqus

What's New