One of the core challenges for any modern company is securing their organisation from cyber attacks.
It’s a thankless task. Cyber threats are increasing rapidly – instances leapt 38% between 2016 and 2018 – and the cost to businesses worldwide is expected to reach $2 trillion by 2019. Attacks are getting harder to detect as they become more sophisticated and persistent. It’s easy to see why enterprises may be tempted to withdraw behind the corporate perimeter and keep valuable data and systems under lock and key.
Security vs. openness
The problem with being over-protective is that it runs counter to the prevailing trends of digital business: data-centricity, openness and collaboration. As enterprises transform into digital businesses and shift to API-enabled, partner-ecosystem based business models, overly restrictive cyber security technologies and processes threaten to act as roadblocks to innovation. If organisations are to achieve successful digital transformations, they need a cyber security strategy that protects sensitive data but doesn’t stifle agility, collaboration and responsiveness.
Part of this shift is cultural. Cyber security is all too often seen through the prism of fear, uncertainty and doubt. Organisations are worried by the huge brand damage that can result from a successful hack, or the potentially crippling fines mandated by regulations such as GDPR for data loss. Instead, enterprises and their IT departments need to see cyber security investments as growth and innovation enablers.
Value is at stake
Crucially business leaders are beginning to understand the potential of cyber security systems as a growth driver and a strategic differentiator. For example, a PWC study found that 87% of global CEOs say they are investing in cyber security to build trust with customers. It is likely that these businesses are experiencing greater success with digital transformation and are best positioned to unlock new value.
So, what can businesses do to centre their cyber security strategy around growth and innovation enablement? There are three key steps that every organisation should take:
- Address your budgets and resource for the future: is your cyber security strategy funded by your IT budget or your innovation/digital transformation budget? It is better to bring these cost centres together and combine project teams. Ideally, mix core IT staff with people experienced in enabling digital business models. A shared mindset focused on driving collaborative innovation, rather than ‘pulling up the drawbridge’, is also a must.
- Be secure AND open: organisations need to ensure partners, employees and customers can access relevant systems and data as required. To do this securely, IT teams should inspect traffic flowing in and out the enterprise through the Domain Name System (DNS). By protecting this gateway between the enterprise and the rest of the world, businesses can defend against malware, phishing and data exfiltration attacks while remaining open for business.
- Find the right partners: understandably, some organisations might still find the risk of cyber attacks too high to countenance a more innovation-centric approach. However, they risk falling behind competitors that are able to embrace value-led cyber security strategies. Organisations should look for partners with the requisite experience in cyber security to help them transform. For some organisations, managed cyber security services might prove the best fit, as they free up internal teams to focus on innovation and growth enablement, safe in the knowledge that they are protected.
There’s no getting away from the fact that cyber security needs to be a priority for all organisations. But this should not be at the cost of innovation and growth. In an age of digital disruption, success will belong to the companies that embrace a growth-led approach to cyber security – will yours be one of them?