As the CDW Tech Talk “Maximizing IT Resilience with Adaptive Security and Infrastructure” wrapped up, one thing became clear: As digital transformation projects continue to accelerate for the rest of the year and into the next, businesses must build resiliency into every facet of their organizations, including not only their technology but also their people, processes and culture.
The event drew virtual attendees from around the country to hear industry experts discuss cybersecurity and risk management issues confronting modern organizations as they enter the final weeks of one of the most challenging years in history for IT leaders. Experts made several critical points.
READ MORE: Learn how to detect and respond to cybersecurity attacks faster.
The Pandemic Has Accelerated Digital Transformation
Far from slowing businesses’ digital projects down, the COVID-19 pandemic and associated business shutdowns drove organizations to speed them up. The reason is clear: In a physically distant world, digital engagement becomes the lifeblood of every business.
In fact, 85 percent of organizations have accelerated those efforts this year, according to research by McKinsey.
That’s made security even more urgent than usual. IDC found that half of businesses said their spending priorities for security solutions have increased since the start of the pandemic, while only 7 percent said it’s less of a priority.
MK Palmore, vice president and field chief security officer, Americas, for Palo Alto Networks, who spent 22 years as a special agent in the FBI’s cybersecurity branch, said three things are conspiring to make security a greater challenge for organizations: connectivity, the cloud and artificial intelligence.
“In the next few years, we expect as many as 42 billion devices to be connected to the internet, creating an expansive attack surface,” Palmore said. “At the same time, we know that most organizations are in the midst of some kind of cloud transformation. That creates challenges, because the same mistakes that organizations are making in on-prem environments they’re also making in the cloud. Then, there’s the prevalence of data and AI: How will this impact your digital transformation, and how will you leverage it to ensure security?”
Businesses Are Deploying Too Many Disparate Security Solutions
When it comes to securing their networks, one big challenge organizations face is complexity. Too many businesses are bogged down with a hodgepodge of different vendors’ cybersecurity “point solutions,” each tasked with addressing a different problem. While some see value in deploying a “best of breed” solution for each issue, the experts argued for finding the right partner and migrating to that partner’s security platform.
“What I would offer is that because organizations have gotten so used to using different point products to solve different problems, it naturally creates gaps between those tools,” Palmore said.
Visibility is perhaps the biggest gap. When vendors’ solutions are not integrated, IT teams aren’t getting accurate and thorough data. “We need to integrate these tools from an information security perspective so we can provide the right data to the right team at the right time,” said Rick McElroy, head of security strategy for VMware Carbon Black.
McElroy added that simple application misconfigurations continue to be among the most common causes of breaches — and that’s a function of having too many tools that are too difficult to manage.
MORE ON SECURITY: Do you know how to protect your business against insider threats? Find out.
The Role of the IT Leader Has Changed Forever
Before the world changed in March, IT leaders rightly saw themselves as providers of the digital tools that employees need to excel in their jobs, and that businesses need to reshape how they engage with customers.
That’s still true.
Since March, however, as businesses have migrated away from physical togetherness, their internal cultures are changing, and those changes will likely endure beyond the pandemic, explained Ben Hammersley, a technology futurist and host of the television series Cybercrimes With Ben Hammersley.
He said IT leaders should reconcile themselves to the fact their job now is to empower coworkers to think and to act, arguing that the proper title for today’s IT leader is “chief cognition officer.”
“The core function of IT is to provide the cognitive framework in which the organization works — and, indeed, that cognitive framework, in many ways, is the organization,” he said. “The organization is people using tools to perform a business function.”
The tools they use and the conditions under which they use them largely determine their success, he said. Ensuring that success involves more than just deploying the right collaboration solution or top-shelf hardware. Everything from home office lighting to office furniture or too many notifications from email and instant messaging apps can cause significant work disruptions. Those disruptions represent “cognitive risks” — the possibility that something will prevent employees from doing their best work — and the job of IT leaders is to remove those risks, Hammersley said.
Finally, the experts argued that businesses should regard the strange events of 2020 not as aberrations but as a new beginning and an opportunity. The changes businesses made this year to build resilience within their organizations and empower their employees to work effectively from anywhere should be just the start of a long-term approach to digital transformation.
“We need to be looking at this crisis as an opportunity to transform ourselves,” Palmore said. “Now is the time to plan and implement strategies. The world hasn’t stopped for us. We don’t want to be looking back 12 or 18 months from now saying, ‘We wish we had started planning then for what’s happening now.’”