In a globalized world, digitalization has become a synonym for business success. But what are the costs and risks associated with shifting digitally?
Shifting labor-intensive manual processes to digital allows organizations to remain relevant and uncover opportunities for growth in highly competitive markets. As a result, most enterprises have been accelerating the pace of their digital transformation, adopting leading-edge ICT technologies like cloud computing, Big Data, and the Internet of Things (IoT).
But as companies of all sizes rush to meet consumer and employee needs through remote offerings, many have sidestepped cybersecurity. Yet, the risk has never been greater. In 2021 alone, NTT observed a 30%+ increase in hostile activity targeting their clients, led by application and network infrastructure, along with denial of service and brute force attacks.
Table of Contents
Digital transformation increases the likelihood of a cyber attack
According to their 2022 Global Threat Intelligence Report, COVID-19 and the digital transformation caused a shift across the threat landscape. More recently, geo-political tensions and ongoing supply chain disruption have affected industry targeting. Attacks more than doubled in the technology, telecommunications, transport, and distribution sectors.
But even if the shift to cloud computing has fundamentally changed the way organizations and their web infrastructure are supported, enterprises still rush to push out their services without the necessary cybersecurity procedures in place.
According to Dr. Alina Matyukhina, Head of Cybersecurity at Siemens Smart Infrastructure Global HQ, Building Automation, cybersecurity needs to become an integral part of every future business strategy. “As more technology enters the market,” she says, “we need to ensure the protection of tomorrow’s business.”
But as the threat surface grows, how can we balance the costs of adopting cybersecurity measures with the increasing risk of cyberattacks? If we consider that a single security breach can cost a company $1.5 million based on this Recorded Future analysis of over 400 cyber events, when should that discussion take place?
It turns out that the earlier, the better. “Companies should include cybersecurity in the initial design of products,” says Matyukhina. “It is more cost-effective to address security early in the lifecycle of a product than it is to fix problems later. Security experts should perform threat and risk assessments throughout the lifecycle of the product, to identify and mitigate potential risks.”
Developing cyber security maturity
The truth is, every company should have a guide setting out how security incidents should be resolved, ensuring they’ve done everything possible to mitigate damage. “As the pace of digital transformation accelerates, cyber resilience becomes an essential part of each digital transformation strategy,” says Philipp Grabher, the Chief Information Security Officer (CISO) of the Canton Zurich.
According to him, having an aligned and up-to-date risk landscape will affect the success of your security function. “The ease with which business units outside of IT can adopt new technologies has led to an increase in shadow IT, making assessing the organization’s risk profile exponentially more difficult.”
Grabher believes that given our increasing dependence on service providers, the issue of whether we can trust them will play an even more critical role in the future. “Many organizations will use cybersecurity maturity as a vital component of whether to conduct business with another party or not,” he says.
What are the main challenges to a secure digital transformation?
“Data politics and data management.” That’s the reply we got in our interview with Lars Minth, CISO for the Swiss Securitas Group. According to him, a good security leader has to take care of neighboring disciplines in order to pave the floor for good strategic cyber security measures. “The problem lies with unknown surprises, Black Swans,” he says.
For Minth, if we think of the four categories the digital transformation is usually divided into – domain, process, business model, and organizational/cultural – it becomes clear that this process naturally generates a tidal wave of connections and data in transit. “Cyber security travels with the data nowadays,” he says. “Data security dominates the different cyber security challenges.”
According to Minth, “reaching out beyond resilience and longing for an antifragile approach” in order to secure digital transformation is key. But more important, perhaps, is to not remain in historical security patterns. “Leaving the comfort zone is the number one obstacle!”
Join the discussion
If you are interested in following new insights about digital transformation in cyber security, and you would like to connect personally with the security experts featured in this article, we invite you to join the Global Cyber Conference.
Follow these links to check the conference agenda and the full speaker lineup.