Informationweek Trend Reports

Cybersecurity Strategies for the Digital Era

Issue link:

Contents of this Issue


Page 1 of 7

MARCH 2018 2 Make Cybersecurity About Innovation and Growth Cybersecurity doesn't have to be just a cost of doing business. With the right approach, it can both protect while creating new levels of business growth. By Jim Poole W e knew hackers were relentless, ambitious, and ingenious before news of high-profile hacks became such a routine part of the news cycle. Still, the pervasiveness of the attacks is jarring, and it can also cause organizations to feel both overwhelmed and fatalistic about their ability to protect themselves, especially as their data increasingly moves cloud-ward. A better, more positive approach is needed. In a cloud-first world, cybersecurity is at the very core of digital business. It can be an enabler of new ideas, and clear paths toward digital business agility and growth. It's actually the cloud itself that often makes this possible. Cloud-based services are foundational, for example, to the real-time monitoring and data analytics behind leading-edge cybersecurity policies. And cloud architectures are inherently simpler, making them great places to build secure, innovative products and services. Consider this perspective from PwC's Global Cybersecurity and Advisory Leader David Burg: "We're seeing more and more that cybersecurity can actually become a remarkable way to help a company innovate and move faster," he said. "In certain kinds of digital innovation, the security considerations, controls, and capabilities, alongside a frictionless means of authentication, are essential to the design and development of these new products and services." From "money pit" to business enabler Of course, the benefits of the digital age have some tradeoffs for cybersecurity. For instance, most businesses have had to confront significant loss of control over their data as their operations increasingly depended on outside cloud services. They've also had to deal with an expanded field and higher volume of attacks. The Cisco 2017 Security Capabilities Benchmark Study found that 44% of security operations managers see an average of 5,000 security alerts per day. It indicated that, due to various constraints, organizations can only investigate 56% of the daily security alerts they receive. This gap in the ability to respond to security threats, combined with the cost of a breach (the Ponemon Institute's 2017 survey puts the average cost at $3.62 million), makes it easy for organizations to pursue cybersecurity from a defensive posture. Organizations know they can't underplay the cyberthreat, because the potential damage from an attack is so great. But they also know they can't possibly cover every angle of the threat. Cybersecurity is sometimes viewed as a "money pit," according to the nonprofit (ISC) 2 , an international organization that specializes in security information and certifications. "Unfortunately, cybersecurity is often viewed as the organization that always says no versus the organization that makes the business go," according to David Shearer, CEO of (ISC) 2 . It shouldn't be that way. Here are a few ways cybersecurity is clearly about business enablement: • Competitive advantage: The ubiquity of the security threat creates opportunities < P R E V I O U S N E X T > C O N T E N T S P O T L I G H T Digital Business Automation: Adapt or Die PROVIDED BY

Articles in this issue

Links on this page

view archives of Informationweek Trend Reports - Cybersecurity Strategies for the Digital Era