What is
the relationship between digital transformation and cybersecurity? Is
cybersecurity helping or hindering the acceleration of digital transformation?
Are the two topics related, or are they merely orthogonal, in the modern
enterprise?
Let’s
start at the beginning. The term ‘digital transformation’, often referred to a
simple DX, likely sounds familiar because it has been widely used since the
1990s. Over time, its implied definition has changed. Today, Gartner defines digital transformation
as “the process of exploiting digital technologies and supporting
capabilities to create a robust new digital business model.”
That
definition is a bit of mouthful; let’s unpack it. The process of ‘exploiting
digital technologies’ is self-evident. However, the key is organizations have
to continuously invest and innovate in new digital technologies because
technology changes so fast. Think back ten years and you might pat yourself on
the back with how advanced your technology stack was. But if you remained
stagnant, you would today not be using the cloud, tablets, smartphones,
smartphone apps, smart cars, streaming media, social media, IoT, AR/VR, etc.
The concept of creating a robust digital business model may be a bit elusive,
but the risks of not doing so are clear according to McKinsey “Our research and experience
show that businesses that are slow to digitize struggle to remain competitive.”
Thus,
it is not surprising the leading analysts and C-Suite executives alike think
that digital transformation and cybersecurity are inextricably intertwined. As Forrester Research writes, “As businesses become
more digitized and interconnected, the impact cyberattacks have on brand value,
customer trust, and physical safety increases.” That analyst views was
validated by a 2018 survey of 300 security leaders commissioned by networking
vendor Fortinet. Their survey found 92% of
CISOs said DX has a large impact on business and 85% said that security is the
biggest challenge to DX efforts.
Here
are some examples of where advances in digital transformation are increasing
the risks for cybersecurity.
More
Opportunities for Attacks
With
the growth of applications, big data, artificial intelligence, multi-cloud,
etc., so too have the opportunities for hackers, attackers and other bad actors
to do bad things. The breadth of attacks vectors – the attack surface as it is
called – has increased substantially with the growth of digital transformation
making it more difficult to provide countermeasures. The increased attack
surface means that hackers can infiltrate an organization’s environment, move
horizontally or laterally through it, or linger for months watching and waiting
until the optimum time to strike. The latter example, known as an Advanced
Persistent Threat (APT), is particularly difficult to detect and mitigate.
The
Dollar Cost Impact in Increasing
With an
ever-growing attack surface, the financial liabilities have also increased.
According to a 2018 research study by IBM Security and Ponemon
Institute, the average cost of a data breach is $3.86 million, up 6.4 percent
from last year. The average cost, globally, for each lost stolen record
containing sensitive and confidential information is also up from last year, at
$148 per record which is a4.8 percent increase from 2017.
Public
Safety at Risk
Of
course, not all attacks can be quantified in monetary terms. But the disruption
to business and government operations are potentially more damaging when the
public good is put at risk. For example, Greentech media reported Russian hackers obtained
access to the U.S. electric grid last year by penetrating the networks of key
vendors that service power companies. Officials said that hackers working for
Russia could have caused blackouts in a long-running campaign to get inside
U.S. electric utility control rooms, the Wall Street Journal was first to report. The
Department of Homeland Security (DHS), said that attackers “got to the point
where they could have thrown switches” and disrupted the grid.
Conclusion
Containers, Kubernetes, Serverless, Multi-cloud technologies, etc., have accelerated the rate that enterprises can innovate, create new products and services, and otherwise engage customers. But these rapid changes, the eventual goal line of digital transformation for modern organizations, makes it challenging to keep up with the security landscape. Clearly, digital transformation comes a greater reliance on digital data systems which are targets for bad actors. A digital transformation strategy needs to incorporate a robust and actionable cybersecurity strategy, as these two concepts are very much married at the hip.
Share this Post
The post What is Digital Transformation’s Impact on Cybersecurity? appeared first on Finjan Blog.