Image no found Image no found
Image no found
Image no found

Digital transformations live or die based on their level of intrinsic security

21 July 2020 | Marc Brown

Digital transformation, the primary fuel for most intelligent business and public services innovations, are changing the way we live and work. Government ministries and businesses, both public and private, are fundamentally reimagining their organisations and taking advantage of digital technologies like cloud, mobile, social, and the Industrial Internet of Things (IIoT). These new innovative technologies are transforming the experience their citizens and customers receive. They are creating new business models that create more agility and efficiencies, all while reducing operating costs.

To highlight the importance and focus today, a recent IDC report stated that 39% of organisations say they are either aggressively disrupting the markets they participate in or embedding digital capabilities that enable greater organisational agility. Gartner research shows 87% of senior business leaders say digitalisation is a company priority, yet the majority, 76%, are just beginning their journey.

While successful digital transformations and modernisation promise huge benefits, it's not without risk. As more data is converted into actionable intelligence and more systems integrated and connected, the places where breaches can occur (i.e. attack surfaces) are steadily increasing. Attack surfaces provide opportunities for cybercriminals and malicious actors to gain unauthorised access to your systems or data or both, risking both the integrity, control, and privacy of the data.

The increase in complexity is also complicating the lives of information security professionals. Security professionals are facing a tsunami, evolving and accelerating threats, more complex and interconnected systems, rapid convergence of Information Technology (IT) and Operational Technology (OT), and a fundamental shift of what the need to protect. To exacerbate this, it's estimated that over 60% of organisations have been breached, nearly a third in the past year alone.

Today's fast-evolving digital economy is more and more dependent on its data. Consumer, client, healthcare, financial, sensor, and other proprietary data is the most important thing an organisation can protect. But, in an attempt to drive more agility and availability, many organisations are moving away from on-premise applications to the cloud, utilising cloud storage, file sharing, SaaS applications, mobile, and industrial control edge devices. With these new architectures and platforms, an organisation needs to rethink its security posture and approach.

And from the various reports from this year alone, the essential message is, no one, no organisation, no industry, or nation is safe. The most sophisticated organisations are getting breached, and this has accelerated during COVID-19.

And this underpins the most essential aspect, trust in digital transformations will erode if they are not only intelligent but also intrinsically secure.

To combat this, organisations need to rethink how they define, architecture, and implement their digital transformations, as they must be both intelligent and intrinsically secure. Otherwise, trust in digital will erode, and the organisational benefits and promise will be lost. So, what are the key pillars of digital transformation? We believe that success is only possible when digital innovations are based on three essential factors:

  • All products, devices, and applications must be secure-by-design
  • Solutions must be resilient end-to-end
  • Standards must be sovereign by choice

Obviously, these recommendations are not overly unexpected or novel. Most CxO's, IT strategists, and security professionals would all agree that each are important individually and certainly collectively. Unfortunately, the amount of spending on data security is very low for the majority of organisations. As a case in point, 97% of IDCs survey respondents will use sensitive data on digitally transformative technologies, but fewer than 30% of them are using encryption within these environments.

Furthermore, and even more troubling, is that recent research shows most businesses are making risk management decisions to continue digital transformation even if it outpaces security needs within the desired transformation and solution architecture. Many companies are deciding or continuing to push operational business needs first, and worry about security later. This, as we have written about previously at the Digital14 Blog Network, is a recipe for disaster.

To conclude, a few recommendations to kick-start your digital transformation's refined approach:

  • Evaluate and select bespoke devices, products, and applications that are verifiably secure-by-design. These are products developed with a security-first approach, have 3rd-party accredited lab (e.g., xen1thLabs) vulnerability analysis and penetration testing (VAPT) inspections done, and more.
  • Solutions should have an end-to-end plan and focus. Start with best-in-class sovereign standards and policy. Operationalise the strategies, monitor, continuously assess, and manage with automation and innovative technologies.
  • To minimise the risks associated with foreign policies, data regulations and vendor governance, research, select and deploy sovereign solutions where ever possible. Make data sovereignty for your sensitive data a requirement.

For more information on digital transformations, please visit Digital14.com/transform.

We Are Digital14

Connect with us

© Digital14. All rights reserved.