Posted in:

C-suite’s new interest in de-risking digital transformation

By Ilijana Vavan, Managing Director for Europe, Kaspersky Lab.

From small businesses to global conglomerates, digital transformation is taking place across all sectors and sizes of organisations. It’s one of the key decisions that business decision-makers find themselves faced with.

According to a 2017 survey from Progress Software, 96% of companies consider it ‘important or critical’ to their development, while MIT Centre for Business discovered that digital transformation can have a hugely positive effect, with 26% of businesses investing in innovation being more profitable than their average industry competitors.

In a bid to embrace and elevate IT systems and services, information security considerations are at risk of being downgraded. For example, despite a huge regulatory focus on the security of personal information and company-held data, the security of data travelling across and stored in the cloud can be an afterthought. But with digital transformation projects often relying on the use of cloud-enabled infrastructure and services, the risks of not securing data often outweigh the rewards.

Cloud-related IT security incidents are not uncommon, in fact, and are among the costliest for businesses to recover from. Kaspersky Lab research* shows that incidents affecting IT infrastructure hosted by a third-party cost £1.2m for enterprises and £90,000 for SMBs. Instead of benefiting companies, digital transformation strategies could in fact be leaving them exposed and vulnerable. According to Forrester (as reported in Forbes), 31% IT decision-makers are already worried about the security aspects of digital transformation.

A data breach or IT security incident could impact transformation strategies and, in turn, business innovation and growth. Embracing digital transformation strategies involves facilitating the movement and sharing of data, meaning that cyber security needs to be built into any data processes from the start, if data is to be secured.

Some 90% of businesses are now using cloud computing in some shape or form, to improve cost efficiencies and grow their infrastructure according to demand. While this means that businesses are becoming more agile, it is also impacting the transparency of data exposure. Data ‘on the go’ (including data that’s held and processed in cloud environments or in third-party IT infrastructure), presents businesses with new security issues, and, as a result, new costs.

According to our research, the most expensive cyber security incidents over the past year have been related to cloud environments and data protection. For SMBs, two-in-three of the most expensive cyber security incidents are related to the cloud.

Processing data ‘on the go’ is an inevitable part of digital transformation. However, the high costs of associated security incidents could pose a threat to future digital transformation strategies. In addition, IT security budgets are expected to rise over the next three years across all segments – small businesses and enterprises alike predict they will spend up to 15% more on cyber security in this time, while SMBs predict a similar 14% increase.

So, with cyber security incidents being far-reaching and costly, the boardroom/c-suite is increasingly taking part in the cyber security-provisioning debate, as part of a wider discussion about digital transformation.

Kaspersky Lab research suggests that c-suite executives now feel they have a personal and professional stake in the changes being made. Enterprises are now spending close to 33% of their IT budget (around £6.8m) on cyber security. This demonstrates clearly the importance executive management is now assigns to the organisational security requirement.

*IT Security Economics Report 2018: The Financial Impact of Digital Transformation: Elevating IT Security to the Boardroom, Kaspersky Lab (2018).