Digital business transformation is all the rage these days. IT spending overall may have declined in the wake of the COVID-19 pandemic, but many organizations are accelerating digital business transformation initiatives as a matter of survival. The challenge all these organizations will soon need to wrestle with is figuring out how to secure those processes.
A recent survey of 400 IT leaders in the U.S. and Europe conducted by Vanson Bourne on behalf of Camunda, a provider of robotic process automation (RPA) platforms, finds the vast majority of respondents (88%) report their organizations have launched or accelerated IT initiatives because of the COVID-19 pandemic, with 80% revealing that more of their organization’s processes are being automated because fewer people are in the office to manually perform tasks. The issue that is starting to raise its head is how to secure those processes. Nearly half of those respondents (49%) say they are specifically experiencing issues with managing security when implementing RPA projects.
RPA projects are, of course, only the tip of the digital business transformation iceberg. IDC is forecasting global digital transformation investment will exceed $6.8 trillion by 2022. Each one of those projects is going to have to find a way to secure processes that span applications running everywhere from the network edge to the cloud. Cybersecurity professionals are not being asked whether the digitization of those processes is a good idea. Rather, the expectation is cybersecurity professionals will somehow find a way to make sure those processes don’t get compromised.
Assessing risk levels
The hard part is determining the actual level of risk to the business when the value of those processes has yet to be determined. The level of risk determines the appropriate level of security. All anyone can seem to agree on is they will be high. A full 81% of respondents to a recent survey conducted by AuditBoard, a provider of risk management tools provided via the cloud, reported they expect risk will continue to be dynamic and unpredictable in 2021 and beyond.
Most business leaders, of course, understand risk. There is, after all, never a sure thing. The trouble business leaders have is assessing business risk as it pertains to cybersecurity. Despite numerous potential threats, there are millions of businesses online that continue to operate. Most business leaders really want to know how long it might take to recover from cybersecurity incidents that they know are all but inevitable. Only then does it become possible to assign some hard dollars to a cybersecurity threat.
The most important thing for cybersecurity teams is to remember that there is no way to prevent every possible type of potential security breach. The name of the game for cybersecurity teams is to first limit the number of incidents and, secondarily, enable the business to recover as adroitly as possible whenever there is an incident. Time is, as always, money. The only thing that’s really different is the stakes are rising. Everyone involved in a digital business transformation initiative intuitively understands that. The real challenge is factoring cybersecurity risks into a digital business transformation initiative in a way that ensures it remains profitable even when the worst occurs.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.