December 8, 2015 | Security and Risk | John Worrall
Reflecting on the ability of businesses to take advantage of new technologies and digital transformation, Christoph Kilger, partner at Ernst & Young, Germany was recently quoted, “Concerns around IT security are holding them back and many are still locked in a traditional, conservative way of thinking.”
That may be the case for some companies, but the world is rapidly changing and there are plenty of businesses that have made the transition or launched with a new business model. Innovative companies understand cyber security concerns are persistent in a digital economy, but addressable with proactive mitigation.
In the November 2016 issue of Fortune, Geoff Colvin asked readers to “Imagine an economy without friction – a new world in which labor, information, and money move easily, cheaply and almost instantly.”
Not only can we imagine it, we live it. Uber, Airbnb and many others are examples of this new economy that relies heavily on technology to connect people with products or services. When a company makes a digital transformation, technology is the backbone of the business. This ecosystem extends from websites and social media channels, to marketing automation and sales management tools. It covers supply chain management, communication systems, commercial transactions and more.
Nicholas Evans, VP & GM at Unisys, recently offered 6 steps for digital transformation, and noted, “Advanced cybersecurity is a key enabler because when emerging technologies are not secure from the start, they create delays in realizing their full business benefits as organizations struggle to implement appropriate security controls.”
With this in mind, it’s easy to understand why security is a strategic part of business today, and it does not go unnoticed by the C-Suite.
According to an October 2015 Gartner press release, “Gartner says Cybersecurity professionals are the new guardians of digital change.*” That’s a lot of responsibility – in addition to the usual expectations. Do we have enough qualified pros available to take this responsibility head on? Statistics show there is a cyber security skills gap. A Frost & Sullivan report predicts a shortfall of global information security workforce will reach 1.5 million in five years.
The ISACA and RSA Conference Survey, “State of Cybersecurity: Implications for 2015” reports that it is not only difficult to find qualified cyber security professionals but once hired, there is often a skills gap in their ability to understand the business. More so than having appropriate technical and communication skills.
This sentiment is echoed by one of CyberArk’s customers, Jim Motes the CISO of Rockwell Automation. In a recent CIO Magazine article, he lamented, “We have a shortage of cybersecurity professionals, with people shoved into jobs [they] are not qualified to do…..We have a stressed-out work force, a shallow talent pool and an increase in demand like nothing we’ve ever seen before.”
A forward-thinking CISO, he proposes a co-op of seasoned information security professionals as a way of addressing the cyber security skills gap. Operating like a managed security service provider, he believes the co-op, for example, would be well-positioned to protect privileged user accounts which are the preferred path hackers take to a company’s most valued data.
Motes has also shared his experience on rolling out security programs in “The Balancing Act: The CISO View on Improving Privileged Access Controls.”
When it comes to security and 21st century business, we don’t have the luxury of time. Speed is everything in a digital economy. While we nurture the next crop of IT security professionals and enable them to be the “guardians of digital change,” it is important to facilitate opportunities where peers can learn from each other and share best practices.
Jim Motes embraces this, and so does CyberArk. CyberArk launched The CISO View – an industry initiative that explores CISO perspectives on topics related to improving privileged access controls and shares practical, peer-driven advice on security strategies. Learn more here and share your ideas.
*Gartner Press Release, Gartner Says Cybersecurity Professionals Are the New Guardians of Digital Change, October 7, 2015, http://www.gartner.com/newsroom/id/3144319