Gartner estimates that by 2020, 60% of digital companies will have experienced major service failures due to the inability of their security teams to tackle cyber threats. As organisations move towards being digital businesses, it will become more imperative that they incorporate cybersecurity beyond IT control into their own infrastructures and services.
Gartner predicts that by 2020, 60% of digital businesses will suffer major service failures as a result of the inability of IT security teams to manage digital risk.
"Cybersecurity is a critical part of digital business with a broad external ecosystem and new challenges in an open digital world," said Paul Proctor, vice president and analyst at Gartner. For managers, their organisations have to learn to live with acceptable levels of digital risk, "insofar as different business units will have to innovate to find out what kind of security they need and what they can afford," he adds.
Accordingly, Gartner identifies five key areas to successfully address cybersecurity in the digital business:
Leadership and governance.
Improving leadership and governance is arguably more significant than the development of tools and technology skills to tackle cybersecurity in digital business.
Decision making, priority setting, budget allocation, quantifying, reporting, transparency and accountability will be key attributes for success.
The evolution of threats.
Security managers have to move on from trying to avoid each and every threat, to recognizing that perfect protection is not attainable.
Gartner predicts that by 2020, 60% of company security budgets will target rapid detection and response approaches, compared to less than 30 percent in 2016. Organisations need to detect and respond to malicious behaviour, given that even the best preventive measures will not prevent all incidents.
Cybersecurity at the speed of digital business. Security and traditional approaches no longer work in the new era of digital innovation. Security managers have to evaluate and transform their programmes to become digital business facilitators, rather than barriers to innovation.
Extreme cybersecurity. Previously, it used to be easy to protect data because they were housed within the data centre. However, with the evolution of technology, the cloud, mobile phones, SaaS and the Internet of Things have changed everything. For example, according to Gartner, in 2018 25% of corporate data traffic will flow directly to and from mobile devices and the cloud, without going through corporate security controls. Organisations have to take this into account when protecting their digital assets.
People and processes: cultural change. With the acceleration of digital business and the power that technology provides to individuals, it is now critical to address behaviour change and employee engagement with their customers.
Cybersecurity has to attend to people's needs through process and cultural change.
Has to give each of them greater autonomy in the way they use information and devices, as well as the degree of security adopted tailored to each occasion.
