It may seem like a no-brainer that security should be a top priority in digital transformations, but it's still being treated as an afterthought for many companies in the process.
That's because traditional security practices no longer work in digital businesses and implementing new ones can be costly and time consuming. Even so, digital transformation projects are more likely to fail if they involve security too late or not at all.
That was the point made by Security Asia in a post today, which noted that "digital transformation is so rooted in giving value to the customer (or equivalent) that little consideration is giving to the impact on core security functions."
It is somewhat surprising to hear that security isn't being taken into account up front, but probably shouldn't be, with the high number of data breaches, cyberattacks and software bugs reported all the time today. Gartner says that 60% of digital businesses will suffer major service failures by 2020 due to the inability of security teams to manage digital risk, and a Dell study suggests that business executives feared digital transformation efforts could be hampered or blocked by the intervention of the security team, Security Asia reports.
With data at the heart of digital transformations -- but also with data being more vulnerable than ever -- it makes sense that security has to be infused throughout the transformation process. Some say security is becoming a strategic priority, while others believe companies just pay lip service to security without making real investments in it.
Security is not easy to implement well. In addition to increasingly sophisticated attacks and new digital requirements, the problem is exacerbated by speed of technological change, general lack of security talent, cost of investment, pressure to transform quickly and many disparate units involved.
CCS Insight Analyst Nick McQuire tells Security Asia that the need is increasingly for a "more integrated and complete security platform that enables detection and response as well," rather than just using one-off security products. New security systems must be built for a mobile and cloud world.
Artificial intelligence may hold the key, according to Jack Gold, founder and principal analyst at J. Gold Associates, in that it can bring together loose security systems and enable new insights on networks to pinpoint security issues. He says that any company in transformation must have an executive in charge of the process who understands security, has the resources on hand to implement and takes the charge on educating the company why it's important.
This new approach to security may slow down transformation efforts, but without it, any transformation will ultimately fail. It's one aspect that can't be ignored or left incomplete.
— Sarah Thomas, Contributing Editor, Telco Transformation