Dell has announced results of a global Digital Transformation Security Survey that shows digital transformation is a fast-growing reality in business. Results reveal that security often is seen as a barrier to digital transformation, therefore brought into the process too late to make a meaningful impact. However, respondents recognised that security teams can serve as enablers in helping the business adopt digital technologies when included early in the planning process. Ninety-seven percent of respondents say they are investing in digital technologies including mobile, cloud applications, cloud infrastructures and IoT. While only 18 percent say security has been involved in all of their digital transformation initiatives, 85 percent say that if security teams are included earlier in the project ‒ and many admit they currently are not ‒ security can better enable those initiatives.
Most organisations worldwide are in the process of a digital transformation, yet many don’t realise the extent to which their own business is digitally transforming. While 89 percent of all survey respondents recognise digital transformation is happening in their industry, only 50 percent believe it’s happening in their organisation. Only 27 percent actually describe their company as “in the middle of a digital transformation.” However, 72 percent express active projects in Mobile, with 68 percent involved in cloud projects and 37 percent in IoT – the usual suspects in formal digital transformation projects.
Ninety-six percent of survey respondents say securing digital technologies poses challenges including lack of resources, risk of a security breach, finding the right balance between security and employee productivity, and loss of control. Interestingly, survey results also showed that while 85 percent of respondents said business users always or sometimes view security teams as a barrier and leave them out of a digital transformation project, the same percentage recognise these teams actually could be digital transformation enablers if brought into the project at the right time.
Additional key findings include:
•Only 18 percent of respondents say security has been involved in all mobile, IoT, cloud and self-service initiatives
•More than 3 in 4 (76 percent) of respondents believe security is brought in too late to digital transformation initiatives
•85 percent say business users avoid engaging with security teams out of concern that their initiatives might be blocked. Yet, almost 2 in 3 (63 percent) say those concerns are unfounded
•More than 90 percent of respondents say the security team can better enable the business if given more resources
The right security strategies will enable the business to advance its digital maturity
Security teams often have been perceived as barriers to the business’s seamless adoption of new technologies because keeping the business secure trumps the benefits of technologies that foster employee productivity. Today’s sophisticated, constantly morphing threat landscape makes it critical for organisations to evaluate their approach to security and ensure it spans not just the business, but also the devices accessing it and the practices used to enable that access. Below are tips and strategies to help organisations change the perception of security teams from ‘stumbling blocks’ to enablers of digital transformation:
•Adopt a mind-set of enablement and rapid time-to-value over customisation. As a new cloud application is brought into the business, work with the business to ensure the application meets the business requirements, and can integrate with all the controlling factors in as close to a plug-and-play deployment as possible.
•Identity management is a key building block for digital transformation and must be a business-enabler for the IT organisation. Base identity and access decisions on a unified single definition of the truth (role, policy, workflow, authentication, authorisation, etc.) so that every new system, user type, or access scenario doesn’t require reinventing the wheel.
•Put the line-of-business in charge of as much as possible, and proactively manage and focus identity and access management efforts strategically so that security can be a catalyst and not an obstruction, while maintaining the protection it’s intended to deliver.
In the survey, fielded by Dimensional Research, 631 IT decision-makers with responsibility for security responded to questions on the impact of digital transformation on security teams. The survey was conducted across the United States, United Kingdom, Germany, Australia, and the Nordic countries, as well as Belgium, the Netherlands and Luxembourg. Results revealed a significant level of adoption of key digital technologies, clear business drivers, and expected future growth and investment in digital transformation. Multiple business drivers were identified, with increased employee productivity and business growth topping the list, and respondents said investments in digital technologies will continue to grow in the coming year. IoT is expected to be the technology with the most new adoption in the future, with 55 percent reporting plans to adopt these technologies. Business drivers for adoption of digital technologies varied by region:
•The United States and Benelux (Belgium, the Netherlands, Luxembourg) care more about business growth than other regions
•Scandinavia ‒ followed by the UK ‒ cares more about increased employee productivity than other regions
•Australia cares more about competitive pressure than other regions
•Germany ‒ followed by Australia ‒ is most likely to bring in security teams for ALL digital transformation projects
•Benelux ‒ followed by Germany ‒ is most concerned that security teams are brought in too late in the process
John Milburn, vice president and general manager, One Identity Products commented “This survey produced some eye-opening results and reinforces what we’ve been hearing directly from our customers. Organisations face challenges securing their digital transformations and recognise that their current security measures are exposing the business to risk. Our goal is to provide our customers with solutions that address these needs. When done right, security can enable organisations to aggressively adopt new technologies and practices that can have a direct, positive impact on revenue, profits, employee productivity and the customer experience. Done right, security also helps CISOs open their own “Department of Yes,” empowering them to deliver the strategic projects and innovative initiatives that drive businesses forward.”