Security is as vital to organisational success as technology and people, and is fundamental to digital transformation, says market intelligence and advisory firm International Data Corporation (IDC) sub-Saharan Africa associate VP Mark Walker.
If systems are taught the wrong things at the start, the issues scale rapidly, particularly within the scope of the Internet of Things, where machine learning, artificial intelligence and the algorithms that power them must start out with security at their core, he states.
“A misstep at the start could create a potentially critical security weakness further down the line. However, security is under inordinate pressure to perform and protect while always remaining behind innovation and the demand for agility.”
Information technology (IT) decision-makers must balance the need to drive innovation, monetise data, manage user expectations and enhance agility, while ensuring that governance, risk and compliance mandates are met.
The IDC’s research has found that 37% of chief information security officers are battling with this balancing act. They must align the business’s need for growth alongside security and regulatory demands, and they are all looking towards the digital cure to soothe the governance, risk and compliance, and security migraine.
There has been a rise in spending on security and data management, particularly as the ramifications of personal information privacy and protection legislation become more apparent, notes Walker.
“However, it is highly likely that real com–pliance across all fronts will occur only when a globally impactful incident kicks everyone into gear. The problem is that security is a complex web of intricate solutions on its own and this is made even more com plicated by the influx of local and global security standards and guidelines.”
To add to the pressure, whoever oversees IT security in a company is liable if none of the right steps are taken or if security is breached, emphasises Walker.
“There is an urgent need to reduce and mitigate risk, address these challenges and overcome some of the hurdles that organisations and security teams are facing. The IDC found that 51% of organisations are finding it difficult to locate skilled IT security personnel, 49% do not have a sufficient IT budget, and 36% view a lack of employee adherence to policies as a threat.
”Security cannot be built in a vacuum – an organisation must partner with vendors to craft solutions that map back to specific challenges pertaining to the industry and internal structure the structure of a company, and there must be a clear leader for digital transformation, he says.
The IT department is losing sight of what the business is doing with technology and this presents significant risk, unless a clear line of sight is established at the outset, emphasises Walker.
IT and business lines must collaborate on projects and digital initiatives from the outset, as this is essential to security success.