If the last 12 months have taught us anything about digital transformation leaders, it’s this: cybersecurity is a central concern. And it’s going to get harder before it gets easier.
As we toured North America with the Innovation Executive Forum, cybersecurity came up in multiple contexts, across multiple industries, across a whole gamut of departments, user groups, and stakeholders.
With 2020 just around the corner, here are just a few of the biggest ways security will play a key role in digital transformation projects.
Modernizing the workplace and the move to Teams
One of the biggest breakout themes of the IEF in 2019 was the mass migration to Microsoft Teams. Promising to bring more productivity, increase employee engagement and simplify IT management, there’s no wonder Teams made enormous gains, overtaking Slack with 13 million active users.
Unfortunately, two harsh security realities need to be reckoned with before a successful move to Teams. The first: Humans are the weakest link when it comes to security. The second, which is closely related to the first: compromised identity credentials are the top cause of security breaches. So, the users are the ones that are most likely to put your data at risk. The centralized identity and access management (IAM) paradigms at the heart of modern collaboration suites like Teams are in serious need of improvement.
That’s why in 2020 we will see a heavy focus on modern digital identity approaches, built-in security tools in the cloud, and a deep focus on designing solutions to work for real humans in the most secure, controlled and frictionless means possible. Expect more focus on zero trust, single sign-on, and mobile device management.
By the numbers:
- Organizations are actively researching Zero Trust technologies (47%), deception technology (40%) and behavior monitoring & analysis (39%) as a part of their security strategy. IDG
- 94% of organizations’ security policies around access management have been influenced by consumer breaches in the last 12 months. Source
- 74 percent of respondents whose organizations have been breached acknowledged that it involved access to a privileged account. Centrify
Adapting to a new world of data protection and privacy
With endless attention in the media, GDPR is finally in the rearview mirror. But before you breathe a sigh of relief, brace yourself. At the stroke of midnight this New Year’s, California is about to put into effect an even more stringent set of data policies – one that will impact businesses across the continent.
The new set of data laws has already had a ripple effect, with tech behemoths like Microsoft pledging to adopt data protection practices across the United States and beyond. In the IEF, it was a similar story, with IT leaders from Los Angeles and Washington saying they are actively bracing for the new regulations.
In many ways, this is a glass half-empty, half-full situation. While it’s clearly costly and frustrating for businesses to rewire the way they collect, store and leverage user data, it’s also widely perceived as a positive way to clean up our data practices and improve consumer trust. Either way, you look at it, your business will need to come to terms with significant data regulations and laws in the year ahead.
By the numbers:
- GDPR compliance will cost Fortune 500 firms approximately $8 billion USD. EY
- Firms may have to pay up to $55 billion in initial compliance costs as a result of California’s new privacy bill. CNBC
Continuing to adapt to cloud security
With the move to multi-cloud and hybrid-cloud enterprises nearly ubiquitous, the security question has never been so crucial. Enterprise leaders in 2020 will continue to face fresh challenges as they push more applications, infrastructure, and platforms to the cloud. From lacking visibility to hiring the resources needed to properly implement cloud securely, the challenges are expected to be as varied as the uses of the cloud itself.
In Ottawa, our IEF participants suggested that every significant cloud project should be carried out with security in mind from the start – not as an after-thought. One leader in that city advised that if the data you are porting can’t be protected, don’t move it until you can find a way. Meanwhile in Calgary, other IEF members said their specific industry requirements were still not being met by the cloud. In 2020, expect those remaining niche industries to play catch up and embrace the cloud with more confidence, as new security tools, capabilities, and data protection policies come into the fold.
By the numbers:
- 49% of businesses believe cloud applications are the biggest targets for cyberattacks. Source
- 93% of survey respondents report challenges keeping tabs on all cloud workloads. Source
The war for talent
The IT skills gap is bad. But nowhere is it worse than in the cybersecurity domain. With a jaw-dropping 0% unemployment rate for security professionals, businesses everywhere will continue to struggle in 2020 to hire the right security people.
Our IEF members are frequently sharing advice for combatting skills shortages, which can be useful in the search for security pros. In San Diego, IT leaders said they attract and retain top talent by focussing on purpose and allowing employees to work on more innovative, business-aligned tasks. They are also catering to the “gig economy” by hiring part-time workers and enabling out of office, mobile workers.
IT leaders are also closing skills gaps with bigger and better technology solutions. We are seeing the rise of automation and artificial intelligence in the enterprise, enabling businesses to do more with less. Similarly, by moving more key applications and infrastructure to the cloud, digital leaders are able to leverage the investments and vast resources of players, such as Azure, to bolster their security efforts, without having to struggle on the hiring field.
By the numbers
- Cybersecurity job openings have already exceeded 1.5 million. Source
- 53 percent of survey respondents reported a problematic shortage of cybersecurity skills at their organization. CSO Online
- Only 55% of executives are completely satisfied with cybersecurity readiness. Source
To learn more about the IEF and apply to become a member, visit our IEF homepage.