Organisations across the globe have had to significantly pick up the pace of their digital transformation push to ensure business continuity in the new era shaped by the global pandemic, writes Lukas van der Merwe, Specialist Sales Executive: Security, T-Systems South Africa. However, the adoption of these rushed strategies has left many facing unintended complexities and challenges.
While the transition to a digital economy is fundamental to enabling sustainable business growth, organisations were forced to adopt various digital platforms much faster than anticipated, resulting in the significant expansion of their attack surfaces, making them potentially vulnerable to cybersecurity breaches.
Such was the scale and pace of the pandemic-driven disruption that Microsoft CEO Satya Nadella recently observed that “we have seen two years’ worth of digital transformation in two months”.
This accelerated shift to a digital economy has seen the emergence of a significantly bigger remote workforce and a move to online trading, with many companies moving their data onto third-party platforms. This allows any number of internal and external users to access this data across multiple networks and from potentially unmanaged devices.
These are the typical challenges that enterprises face from a cybersecurity perspective as part of digital transformation, and these have been further compounded by the complexity of having to manage critical data no longer stored in a data centre, inside a corporate security bubble.
New approach
Hence, the traditional “castle and moat” approach to cybersecurity is completely inadequate in a digital economy, which is forcing organisations to turn to next-generation cybersecurity technology solutions. Alternatively – if not addressed properly – these cybersecurity risks could negate the very benefits of digital transformation.
For example, organisations that stick to a traditional cybersecurity approach and try to limit the risk by reducing the attack surface will constrain their ability to transform digitally. On the other hand, businesses that adopt a digital platform and implement digital transformation without deploying appropriate security run the risk of not only being vulnerable to cyberattacks, but potentially significant damage to their entire organisation.
Neither approach would promote business growth. The challenge then is to find a way to introduce security at every level of digital transformation to ensure the company can operate smoothly, and take advantage of these digital platforms to grow sustainably.
A company that successfully transforms to the digital economy can effectively leverages its digital capabilities, increase its routes to market, operate significantly faster and potentially grow revenue.
However, if companies get their cybersecurity approach wrong, private information could potentially be exposed or exfiltrated and sold on by criminals, which could then have a crippling effect on the business. If this information is used for criminal activity, at a time when customers are becoming increasingly educated about how private information should be treated and secured, they are unlikely to do business with your organisation again.
Simple process
Yet, the process to deploy the correct cybersecurity strategy in a digital economy is simple. First, identify the risks that your organisation will be exposed to, then consider the likelihood of these risks being realised, the impact of a breach event and then look at the cost of defence. You need to understand what it would cost to address the risk versus the impact of the event taking place. Once you’ve built the risk matrix, you can start prioritising how you want to slow down or accelerate your digital transformation, while maintaining a healthy security posture.
Using the service of a security practitioner can give enterprises access to next-generation cybersecurity technologies via a Cyber Defence Centre, without restricting their digital transformation strategies, which have become key to their longevity in the digital environment.
However, during the current time of crisis, companies are seeing their operational budgets slashed significantly, and many are struggling to maintain their revenue streams and profitability, while trading under severe restrictions.
This presents both a challenge and opportunity for cybersecurity practitioners as their offerings can underpin sustainability. However, customers’ investments in solutions must be positioned against a backdrop of facilitating growth and adding business value under these difficult conditions.