Four key steps to transform cybersecurity into a business enabler

Geert van der Linden is cybersecurity business lead at Capgemini Group's Cybersecurity Practice.

Cybersecurity has traditionally been viewed as the department of ‘no’ – thought to be cautious, restrictive, and restrained. COVID-19 demonstrated this to be far from the truth. When physical offices had to suddenly transform into digital, virtual hubs, cybersecurity became an essential part of the innovation process, rather than a roadblock.

Despite this, recent research shows that fewer than 25% of business leaders view security as a proactive enabler of digital transformation. Yet thinking of cybersecurity as a barrier opens businesses up to many risks. First and foremost, an unsecure innovation program can lead to data loss or breaches. Delays can also result from security being brought into an innovation program too late, the lack of dialog during the blueprinting stage usually leads to frustration and hindrances during implementation.

On the other hand, transformational initiatives with security baked into their core have greater chances of delivering change and value for the enterprise, while in tandem drastically reducing cyber risk. Inherent security accelerates agile implementations, reduces time-to-market, and increases the flexibility of operations.

Changing perceptions within your organisation

Future business is going to be even more digital than it is now, so CIOs and transformation leaders must align with and involve the cybersecurity function on all innovation matters. They must change their perception – and the wider enterprise culture’s view – of cybersecurity, thinking of security-by-design as a pre-requisite to transformational success. This involves a multi-pronged approach:

Alignment

The CIO must support the changing role of the security function by giving the security team access to broader resources and embedding security into the transformation strategy. CIOs must see themselves as an advisor and facilitator of change. They must define and formalise the role cybersecurity needs to play in the enterprise’s transformation strategy, with the ultimate goal being to embed security into business processes. A roadmap must be defined and focused on fostering collaboration to enable speed to market, agility, cost efficiency, and productivity. To ensure collaboration doesn’t fall by the wayside, CIOs should work with the Chief Information Security Officer (CISO) to create a mandate, which includes measures and targets for collaborative working and security involvement.

Communication

Changing the perception of the cybersecurity function has to happen across the business. Together with the CISO, CIOs must communicate with all C-level and senior staff so that security and the business are aligned and working towards a common business aim. When stating the vision for transformation, CIOs should highlight the important role that security plays, to ensure its importance is clear. By becoming security evangelists and spreading the word internally about cybersecurity, CIOs can encourage security-aware behavior and advocacy.

Engagement

Essential to the success of digital transformation schemes is consistent engagement from the security team. To ensure this, the CIO and CISO should establish feedback loops and a “champions” network across transformation and security domains. Champions are select employees who are responsible for temperature-checking collaboration efforts and keeping leadership informed. This helps to ensure consistent collaboration and co-operation.

Innovation

To enable the cybersecurity team to do the best job they can, they must also be considered and supported as they embark on their own department’s digital transformation. This means, for example, aiding the security function in moving to automation and selective outsourcing, so that staff can focus on essential business outcomes.

Cybersecurity has the potential to propel digital transformation initiatives into more agile, secure and effective programs, and the pursuit of security-by-design should be a strategic imperative for all CIOs. In the long run, embracing cybersecurity will support the rollout of new initiatives, and provide vital guidance and guardrails for innovation.

Photo by Daniel Fazio on Unsplash

Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech ExpoBlockchain ExpoAI & Big Data ExpoCyber Security & Cloud Expo and 5G Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.

View Comments
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *