The world is fast embracing the technology and potential of emergent solutions such as the Internet of Things (IoT), automation and digital transformation. Over the past few years, hype and conversation have centred around what these technologies can do, how they will shake up the business and the roots they will tear from the ground as they reinvent business processes and customer engagement. Disruption walks hand in hand with digital transformation and the success stories abound. Yet, Forrester hit the nail on the head when defining how most organisations are approaching this digital transformation today – pragmatically. According to Karien Bornheim, CEO of FABS, the next few years are critical to defining the long-term success of the organisation as it grapples with managing all the moving parts that IoT, transformation, and automation introduce.
“Organisations have been adopting more future-focused strategies as they strive to keep up with the rate of innovation and transformation,” says Bornheim. “This has introduced its fair share of complexities, not least of which is the implementation of a robust security posture. This should sit at the core of any digital transformation strategy, only it often doesn’t. It’s often seen as an extra expense or delay that isn’t entirely necessary. Yet, without this commitment to secure infrastructure and engagement, the organisation is gambling with its future.”
A Forrester study commissioned by Microsoft in 2018 highlighted the importance of security. It isn’t silver pantaloons that will shape the futuristic stance of the company, it is how well it has embedded security into infrastructure, third-party providers and employees. The report makes the salient point that “digital transformation, while necessary for business success, compounds the complexity of an already tangled security threat landscape”. The business must balance the necessity of digital and its integration throughout operations with the need to embed robust security at every point along the chain. The answer? Implement security in tandem with digital transformation.
“Sustainable security doesn’t evolve from a ‘plug the holes’ approach,” says Bornheim. “Nor does it benefit from pushing the proverbial square solution into the round security hole. It has to be methodically introduced across every aspect of the digital transformation process.”
Doing digital securely not only mitigates the business risk of reputational harm but of damage done to mission-critical devices and technologies. As the organisation becomes increasingly reliant on these devices, their disruption can have serious implications. Downtime, loss of equipment, inability to perform basic business tasks – these are just some of the expensive and time-consuming problems that walk into the business alongside the cybercriminal. Just think what the repercussions could be if an employee accidentally introduced ransomware to a healthcare facility and it put all the systems on lockdown?
“One of the weakest points of entry into the business is the employee,” says Bornheim. “It’s unreasonable to expect well educated business people to be aware of what a ransomware or phishing email looks like, for example. They need to be trained, there must be a robust security policy in place, and systems should be geared towards preventing these situations from happening in the first place. It is important to invest into security skills and awareness training that ensure every individual in the business, from the skilled security teams to the employees, is aware of the threat and how to protect against it.”
There is no way that the business can run below the radar of the cybercriminal. Not anymore. The statistics are increasingly concerning as well-known organisations (and not such well-known ones), big and small, fall prey to cybercriminals thanks to DDoS attacks, ransomware or other vulnerabilities in ancient systems sweated to an inch of their lives in a stressful economy. This is further challenged by the fact that all the new devices, systems, touchpoints, cloud services, and applications that enhance digital transformation are opportunities for hackers.
“The surface of attack has extended and there is a higher chance of critical system damage,” concludes Bornheim. “To add to the mix is the increasingly intelligent nature of cybercrime – cybercriminals are organised and dedicated. Digital transformation also puts the business into a constant state of flux. New in, old out. Cloud this, public cloud that. It’s a melting pot that has to be carefully managed to ensure that a digital business is built on solid and secure foundations.”
There may be a significant risk in digital transformation, but it isn’t a step that the business can avoid, not if it wants to remain relevant and grow in the current market. Bypassing digital won’t necessarily bypass the threats either. The digital transformation and security conversation often seems like the chicken and the egg dliemma, it isn’t all bad news and terrifying statistics – organisations that embed security into the bedrock of digital transformation can protect against the cyber threat. It’s not too late until it is…