S – is for Security. The Security Technology Fabric that you have in place today is likely not able to extend to adequately protect your new Digital Enterprise. The ability to seamlessly extend a solid set of security policies and an enterprise security framework across all platforms is necessary for your organization’s security posture.
PRIDES of Digital Transformation: What you need to solve for when you undertake a Digital Transformation Initiative. P=Protection … R=Resourcing … I=Identity … D=Data … E=Experience … S=Security.
S – is for Security. The Security Technology Fabric that you have in place today is likely not able to extend to adequately protect your new Digital Enterprise. The ability to seamlessly extend a solid set of security policies and an enterprise security framework across all platforms is necessary for your organization’s security posture.
The new Digital Enterprise will include access to a set of systems and data from third parties including partners, customers, and possibly even consumers. This creates a dimension of access that needs to be considered. The new Digital Enterprise will extend your infrastructure supporting applications and storing data beyond your firewalls to a hybrid cloud. The new Digital Enterprise will create a bias for speed and agility which will require that security be embedded into the discussion, design, and delivery of all new initiatives.
In the new Digital Enterprise User Experience matters and performance and agility matters. You will need to embed security with those goals when all too often security has been seen as a drag (or obstacle) to those goals.
Virtually every organization will say that security is a priority but when the focus is directed to speed, optimization, automation, and innovation security becomes at best a late thought that slows down progress.
Because Digital Transformation will expose the enterprise Risk Profile to new sets of end users who access your systems and data and because Digital Transformation is likely to limit the ability of the current security technology fabric to protect outside the firewall in hybrid cloud platforms – the focus of attention should start with your existing Enterprise Security Objectives and existing Desired Enterprise Security Risk Profile. From there you extend those objectives and the supporting policies and architect a new technology security fabric that extends those same policies and that same framework across the new dimensions of risk that is introduced (new external users and new external infrastructure and application partners).
Finally, automation and orchestration will be vital to your organization’s ability to scale your security operations. The demand for qualified security professionals is far surpassing the supply and that dynamic creates cost, risk, and overhead in staffing properly for security operations. We should look for automation of detection and prioritization of alerts and events along with orchestration of productive automated responses and remediation tasks – with built in Machine Learning/Artificial Intelligence.