In today's business world we talk about Digital Transformation all the time, and no wonder. It is no wonder that the huge investment and profit figures that this process will entail are being revised upwards practically every week, and some of the most important departments in any company, such as marketing, IT or human resources, are heavily involved. They are either affected by it, or they are the first to provide ongoing solutions to accelerate the transformation.
Digital transformation, which in English-speaking media is so well assimilated that it is written as DX or DxT, covers many areas. Among other reasons, because it is about adapting the pace and structure of companies and organisations to a process of social change that has already taken place: it is not that it is going to happen, it has already happened and continues to happen all the time. To understand the impact on the business world, we could talk about using certain technologies to make processes and services more agile and efficient, but always taking into consideration the perspective of what the increasingly digitised customer will require from the company in question.
Data analytics, the Internet of Things (IoT), and the important mobile and social sections may be important, but it is even more important that they meet consumer expectations. And among so many innovations, the first victim is often a pending subject that, once again, is once again suffering: the so-called "information security" or, if you prefer to use a broader term, cybersecurity.
The latter has been echoed accurately and recently by TabTimes international editor Doug Drinkwater in an extensive analysis published in the prestigious digital magazine CSOonline, titled "What is the role of security in digital transformation?", warning that so much effort is now being put into providing value to the customer that too little attention is being paid to even the most basic security functions.
And it is an aspect that should not be overlooked. Every day we hear about data breaches and vulnerabilities in systems that, when they become public or allow a cybercriminal to extort money from an organization, hit even harder those companies that have embarked on digital transformation but have not taken due care of information security. In fact, there is a recent Gartner forecast that 6 out of 10 digital companies will suffer major service failures due to the inability of security teams to manage digital risk. The report states that "digital business is moving at a faster pace than traditional enterprises, and traditional security approaches designed for maximum control will no longer work in the new era of digital innovation".
Despite this, Drinkwater also leaves room for some reassuring aspects. Small indicators that the trend may be starting to look right. Small signs that the tide is turning. And he mentions analyst Nick McQuire (CCS Insight) for whom security has become a top-level agenda item for all organizations, starting with their chief information officer (CIO). "More than 70 percent of the companies we surveyed in the U.S. and Europe have indicated that their security budgets are increasing (...) Data security is the top investment priority for the digital workplace and the top challenge for mobile application deployment, often the spearhead for digital transformation strategies."
Although there are different points of view, and they do not coincide, what is a shared reflection is that it is often due to a lack of understanding on the part of the chief executive officer (CEO) of companies: they know it is important, they know they should keep it in mind, but they do not know what it means and they do not understand the technological "mosaic" involved in working with multiple solutions from multiple vendors. Be that as it may, no one is immune anymore to threats with such unfriendly names as malware, ransomware or phishing, aided by social engineering techniques and programming so well thought out that they outwit even the best-provisioned security systems.
The pressure of the imminent European data regulation (GDPR), contributes to accelerate general awareness, but this coexists with a great shortage of professional talent (highly contested) and obsolete technologies that are part of heavy corporate "legacies", as costly as ineffective. The adoption of cloud or hybrid systems, machine learning, predictive analysis of user behavior, identity as a service, multi-factor authentication and mobile threats are just some of the present (not future) needs to cover aspects of security that are already basic today.
Cybersecurity is therefore a critical aspect of any digital transformation process. If left aside, all efforts to put the user at the centre may end up being a burden rather than an improvement. Transformation is about adapting to new uses. And new uses also include, whether we like it or not, new risks.
Photo by Alex Kotliarskyi on Unsplash
