In our increasingly digital, connected world, it is almost impossible for organisations to separate digital risk and digital threat from business risk in general.
So says Julie Ferreira, senior account executive of RSA, the security division of EMC Southern Africa.
Ferreira points out that as digital technologies become more integrated into the fabric of products and services as well as internal business processes, threats or disruptions to digital capabilities directly threaten the ability of a company to serve customers or run its daily operations.
To assess IT security demands, EMC Southern Africa, in partnership with ITWeb, is conducting an online security survey to determine the current IT security landscape in SA and establish what influences IT security investment decisions.
Ferreira believes we will increasingly see security investments justified not only on the grounds of regulatory compliance, but more and more as essential components to delivering customer value and business performance.
According to Ferreira, organisations not investing in IT security will see immediate impacts in terms of risks to customer trust (theft of customer data), customer satisfaction (when services are unavailable due to compromises to digital systems) and regulatory penalties, and also longer-term impacts to competitiveness due to loss of unique intellectual property.
"We are moving from a time when regulatory compliance and anti-fraud drove much of security spend towards an environment where businesses understand information security is essential to the ability to deliver fast, convenient and increasingly personalised experiences for customers, employees and partners, while managing the business risk that comes along with the increased reliance on digital technologies," Ferreira says.
She adds that in today's fast-moving and super-connected digital world, risk analysis has to be an ongoing task.
"We've seen an awakening to this new risk landscape in traditionally IT-intensive industries such as retail, telecommunications and financial services, but also in industries such as energy, healthcare and manufacturing, as they become increasingly digitally dependent," Ferreira says.
Ferreira believes IT security is in the midst of a fundamental shift, driven by the same factors seen across the entire digital domain.
"Increased use of mobile devices and cloud computing, coupled with the vast amounts of information collected and analysed affordably (big data), are creating major challenges and opportunities in how information security must be designed and deployed."
Ferreira also points out that big data analytics is becoming part of a security solution, as it enables greater visibility into the normal patterns of behaviour of people and devices on Web sites and in corporate networks, and allow security teams to quickly spot the abnormal behaviours that are signs of potential attack, fraud or compromise.
"In general, security professionals need to reset their approach to security, away from a 'prevention' mindset based on yesterday's static, enterprise-controlled IT infrastructures, and towards a 'visibility' mindset based on deeper understanding of the behaviour of people, information and applications," Ferreira concludes.
Click here to complete the ITWeb IT Security survey and you could win a new GoPro camera.
Share