How can organizations ensure in a complex environment facing a dynamic future?
Today’s technology landscape is crowded and only poised to grow more so as emerging innovations become mainstream. To ensure security, organizations need visibility across this complex, distributed environment. Rupert Colbourne, CTO at Orbus Software, highlights how enterprises can achieve this without impeding employee productivity or sacrificing innovation.
In today’s heightened threat landscape, it’s imperative that cybersecurity is viewed not as an IT function but rather as a corporate priority. This entails a cultural shift for many organizations and necessitates companies to invest in new tools and solutions to combat emerging threats and stay a step ahead of hackers. However, for these investments to truly be effective, enterprises need a holistic view of their deployment across every area of the company.
This has always been challenging, and it has become even more so in recent years given the rapid pace of technological innovation. For example, according to one recent survey, the average enterprise now uses 900 different applications, but only approximately 29% of these are integrated. In this environment, there are numerous roadblocks organizations must overcome to future-proof their cybersecurity framework, including the ones discussed below.
Companies have focused on digitizing their operations in recent years, and COVID-19 only accelerated these efforts – Deloitte found that 69% of global respondents planned to increase their digital transformation spending in response to the pandemic. Moving manual processes to computerized systems brings enterprises numerous benefits in the form of efficiency, cost savings, reduced human error, and improved customer experience, to name just a few. However, if transformations are not planned and executed correctly, there can also be a myriad of security pitfalls.
Whether it’s internal systems such as CRMs, ERPs, or external-facing e-commerce applications, having more systems online could result in greater exposure to increasingly sophisticated cyberattacks. That’s why companies must obtain clarity into the security of existing applications before embarking on any digital transformation initiative. In addition, they should define clear business objectives and technology roadmaps to ensure that the anticipated commercial benefits are realized—without unnecessarily exposing critical business systems and data to a potential cyberattack. Allocating time at the outset on these activities ensures that future projects are built on a solid foundation that simultaneously maintains system reliability while minimizing the likelihood of a successful attack.
See More: The IT Leaders’ Guide to Building an Innovative Organization
Most enterprises have large, geographically distributed teams. This is another trend that was fanned by the pandemic’s flames—according to Accenture, 63% of high-growth companies have adopted a “productivity anywhere” model post-COVID-19. When companies have implemented technology across different time zones and countries, they typically also have support spread across the globe, which can present additional security concerns. The interconnectedness of these sites and the distributed nature of specialized security staff is particularly challenging when mitigating risks and responding to cybersecurity incidents. Without a clear understanding of the entire infrastructure, it’s impossible for companies to assess their security posture, address vulnerabilities, and investigate and respond to potential threats.
It should be no surprise that the first step to overcoming this challenge is obtaining visibility into the global technology infrastructure. Armed with this information, companies can implement policies and procedures governing who is responsible for maintaining security and how to respond in the event of a reported attack—regardless of location. In addition, it’s also critical that these policies cover how security should be implemented for every future IT project to ensure that these initiatives do not inadvertently leave the organization exposed.
Finally, it’s important that companies are able to remain agile and innovative. Overly restrictive cybersecurity policies can impede employees from doing their jobs effectively and lead to additional security headaches by encouraging the latter to seek workarounds or implement shadow IT. A better approach is to assess the organization’s chief risks and determine the mitigations and strategies most likely to address them in tandem with balancing employees’ productivity goals.
This might seem daunting given the large attack surface of the average organization today. The good news is that institutions such as NIST and SABSA have developed best practice frameworks that can significantly aid companies as they seek to strike the right balance between security and efficiency.
As we head into 2023, we can only expect cybersecurity challenges to grow as the enterprise becomes increasingly digital and distributed and as technologies such as artificial intelligence and machine learning become more mainstream.
Companies that act now to gain much-needed visibility into their infrastructure and make the necessary security adjustments will be those most likely to ward off threats successfully. What’s more, addressing the elements outlined ensures organizations have a modern cybersecurity framework that can encompass new IT projects and easily scale as security challenges emerge.
How are you future-proofing your cybersecurity models? Share with us on Facebook, Twitter, and LinkedIn.
Image Source: Shutterstock
Chief Technology Officer, Orbus Software
On June 22, Toolbox will become Spiceworks News & Insights