Organizations going through the digital transformation revolution need to navigate through not only the technology but also significant security culture and workflow challenges.
Digital transformation is more than a journey of technology adoption; it involves radical new approaches to ensure the security of devices, data, and workflows so that the digital revolution journey remains smooth. Here are a few security challenges that need to be overcome to deliver a successful transformation:
The Prevention Challenge
As firms transform digitally, the number of connected devices increases, new processes and workflows are inserted into the legacy systems. Security then takes on a new threat dimension – especially with cybercrime’s alarming and substantial impact on businesses and society as a whole. According to a report by Accenture, the total cost of cybercrime in 2018 rose to $13M per enterprise and it continues to grow.
IDC reports that 70% of successful breaches originate on the endpoint, including- malware, malicious insiders, phishing, stolen devices, and ransomware. Not only are these endpoint-based attacks growing fast, but they are also declared as the most expensive ones to resolve as they lead to data destruction and manipulation. Promising endpoint security for mitigating cyber-attacks has fallen woefully short.
The sad truth is that ultimately preventing cybercriminals from infiltrating the system is impossible, regardless of the security technologies the firm layers on. That’s why most enterprises are focusing on mitigating potential damage. A new approach is needed so this threat does not disrupt a successful transformation journey.
Gartner mandates isolating and estimating an attacker’s ability to damage as a key part of an enterprise’s security strategy. Over the last five years, enterprises have spent almost 25% of their security budget on containment technologies.
These approaches often suffer from compatibility and performance issues that end up degrading the user experience significantly. As a result, enterprises are searching for a comprehensive, endpoint containment approach that is practical to adopt.
The Productivity Challenge
As endpoint cyber-attacks multiply over the years, organizations attempt to close the security gap by restricting endpoints and adding security agents on top of the endpoint operating system. This has caused a significant hit on employee productivity. Employees are restricted from work remotely in an efficient manner or use the devices for personal purposes at home.
In a recent survey by Vanson Bourne conducted on 500 CISOs, 74% received complaints about productivity loss, 81% see security restrictions as a barrier to innovation, and 88% restrict websites/apps because of security. IT helpdesks spend around 572 hours per year responding to user complaints and requests related to endpoint restrictions. The employee time lost on partially-effective user security training costs up to $300K every year. These are just a few indicators of the immense productivity cost that the ineffective endpoint security solutions have. Also, there is an invisible business cost associated with lost opportunities, the impact on employee innovation, employee satisfaction, and the inability to communicate effectively with clients, close deals, etc.
The Privacy Challenge
Employers face significant privacy challenges related to user devices. The same research indicates that 60% of enterprise users mix corporate and personal usage on their endpoint, introducing a huge potent cybersecurity risk to the organization, both by internal and external actors.
To tackle such risks, some employers deploy endpoint monitoring tools that record screenshots, keystrokes, and other user activities. With GDPR becoming tricky or outright illegal for enterprises to process such data, users mix personal usage with corporate usage on a single endpoint. Organizations get stuck in a lose-lose situation: they can either respect the employee’s privacy or risk the endpoint-based breach.
These three Ps – protection, productivity, and privacy challenges are daunting. Firms need to promptly address these user challenges inherent in the digital transformation revolution that’s sweeping global business.