How partnering can provide the answer to achieving secure digital transformation

By Azeem Aleem, Vice President Cyber Security Consulting NTT Ltd.

  • Thursday, 6th August 2020 Posted 4 years ago in by Phil Alsop

Digital transformation is seen as the catalyst for business growth and according to a report last year by Gartner 87 per cent of senior business leaders say digitalisation is a company priority with 79 per cent of corporate strategists say it is reinventing their business creating many new revenue streams. It is now widely recognised as an ongoing way of working rather than a strategic goal but to make it a reality organisations need to take on a far more opportunistic and agile approach.


Yet these are testing times for technology professionals and despite such high rewards digital transformation introduces further risk in the shape of accelerating threats and widening attack vectors. NTT’s 2020 Global Threat Intelligence Report reveals that despite best efforts by organisations to layer up their cyber defences, attackers are continuing to innovate faster than ever before. The COVID-19 pandemic is a prime example of the opportunistic modus operandi of cyber criminals who are looking to gain from any chinks that this global crisis has caused in organisations’ defences. Needless to say, cyber-resilience has never been more important.

 

It doesn’t stop there, adhering to the appropriate governance and compliance regulations, having visibility over a hybrid IT environment and the expertise to design, build, and operate an adaptive cybersecurity environment all add to the problem. And that’s leading many organisations to revisit their security requirements in order to create an environment that’s secure, while also allowing them to evolve and develop their core business. Yet with an increasingly complex IT security landscape, more technologies, more regulations and a global cybersecurity skills shortage (already in excess of four million) organisations are unlikely to be achieve secure digital transformation by resourcing internally so where does this leave them?

Cybersecurity has become a core business function so leaving it to chance just isn’t an option and neither is thinking it won’t happen to you. Unsurprisingly, an increasing number of organisations are now choosing to partner with third party experts to help them to drive through innovative digital transformation strategies without having to compromise on security or user experience. Our latest Global Managed Services Report backs this up with 57 per cent of respondents citing security risks as a key challenge of managing IT in-house, rating it the highest among all factors considered. Moreover, the majority of organisations (55 per cent) opt to turn to service providers for their ability to help ‘reduce security risks’, as the most popular service they offer.

We know that the path to digital transformation is complex which is why engaging with a partner to ensure that you do it securely provides organisations with the reassurance that not only is it is being done properly but that they focus on the task in hand while evolving and developing their core business. So, what other benefits can partnering offer?

Predictable Costs
Cost is a big factor and organisations need to be honest with themselves on whether they can cost effectively manage the cybersecurity aspect of their digital transformation projects in house or whether it would be better to work with a Managed Security Service Provider (MSSP) which would offer a more predictable cost model. It’s a common misconception in the industry that MSSP’s are more expensive than managing the resource internally as typically they share resources across several clients underpinned by an agreed service level which provides economies of scale and keeps the cost down. Furthermore, extensive knowledge and relationships with security vendors will often work in the organisation’s favour with the MSSP leveraging the benefits on your behalf as part of the service level agreement.

Immediate access to expertise
We have already mentioned the huge skills shortage faced by the industry. Working with an MSSP allows immediate access to experienced and trained security professions without the considerable investments of hiring, training, remuneration and general managing that internal resourcing brings.

Overcome regulatory challenges
Compliance is a challenge facing all organisations – it’s not only complex and time-consuming but it’s constantly evolving yet non-compliance is costly from both a financial perspective but also reputational too. A good MSSP will help you understand compliance obligations and avoid huge fines like those handed out to British Airways and Marriott International last year by Britain’s Information Commissioner’s Office which collectively amounted to £282 million.

 

Staying one step ahead of the threats

Threats are increasing and becoming more sophisticated and IT teams, while understanding the value of threat intelligence, are often overwhelmed by the sheer volume of threat data. With access to a wealth of threat intelligence and knowledge an MSSP, on the other hand, is far better placed, than an internal team, to stay one step ahead of any infiltrators by providing timely threat intelligence and faster threat detection seeing off attacks before they happen.

 

Due to the fast-evolving threat landscape and the volume and scale of continual attacks facing organisations engaging with a third-party expert to provide support for at least some security services in your digital transformation is a highly viable option. The road to secure digital transformation is a marathon rather than a sprint so if you do end up choosing to partner with an MSSP, you will have plenty of choice so don’t forget the importance of this business-critical function.  You’re looking for a long-term partnership that works as an extension of your own team rather than a quick fix.