From gatehouse to boardroom: the changing role of IT security
- Published: Thursday, 08 October 2015 07:31
James Hardy looks at the changes that are taking place in boardroom attitudes to IT security and how this will impact technology deployments in 2016 and beyond.
Businesses have typically approached IT security in one of two ways. They have either deployed their IT infrastructure and technology before adding security solutions as a perimeter fence, more as an afterthought than following a strategic decision process. Or alternatively they have disregarded the issue of IT security until they are under attack or experience a serious data breach. Then they race to fix the damage, deal with the customer and shareholder fallout, and re-stabilise the business.
The perception of security has consistently been that is similar to the brakes on a car – there to slow you down and stop you. But that’s a huge misconception. Ask any F1 driver and they will tell you that good brakes enable them to drive quicker and more confidently, knowing that they have the ability to stop in time to avoid an unexpected hazard. Equally IT security can enable organizations to respond faster, and with less risk, to new solutions and technology developments. Yet only a handful of businesses could claim to have put security at the heart of their technology deployments and used it as a platform for innovation.
Instead IT security has typically remained somewhere near the bottom of the priority list for key business decision makers. However, with high profile breaches regularly hitting news headlines and leaders more aware of the damage that can be caused by an attack, there appears to be a shift in attitudes towards IT security gradually occurring in boardrooms, moving security up the ‘to-do’ list, and creating a new world order for technology. Indeed evidence of this shift can be seen in research by CCS Media which showed that 75 percent of UK businesses plan to increase spending on IT next year, with 62 percent identifying IT security as a top priority for expenditure, and earmarking 21 percent of budgets for improving business network security.
At the same time organizations are planning to further utilise IT to drive innovation in their operation, streamline processes and enhance overall business practices. In fact nearly half of business leaders identified investing in IT for business innovation as a key priority, while 64 percent said the key driver for increasing budgets was to ensure that IT better serves the business overall.
A spring board for better business
Allowing security concerns to stunt progress in deploying new technology would be an easy trap for boardrooms to fall into, yet encouragingly businesses are instead planning to use network security as the foundations for the success of future IT deployments.
For instance, retailers have been able to move from the high street to the Internet to grow their operations, thanks to security that protects data and provides a secure transaction environment for customers. This has also enabled them to capture more customer data, develop better loyalty schemes, and utilise targeted advertising and marketing to reach more customers and drive growth. Likewise, putting security first, has also enabled the finance sector to excel on new platforms. From online banking to mobile banking apps, and mobile payments to digital wallets the past decade has seen the financial sector revolutionised by new ways of conducting businesses and driven new revenue streams.
Fresh attitudes, new ways of using technology
As more businesses adapt this ‘security first’ approach to IT, the make-up of solution deployments is likely to change. Where organizations may have previously rushed to deploy the latest IT innovation it is likely businesses will instead take longer to utilise new technology in the short term, to reap the long-term benefits of secure IT infrastructures.
The next major technological advancement, where this fresh approach is likely to be evident, will be the adoption of wearable technology. In contrast to the mobile/BYOD revolution of the past five years, where organizations utilised mobile devices faster than they deployed, or even considered, security solutions for this new way of working, we are likely to see businesses put security at the heart of their wearable solution deployments. This will include ensuring that new devices are secured from day one, through integration and compliance with existing security and management solutions, enabling organizations to use the technology safe in the knowledge that it isn’t going to be the source of a potential breach further down the line.
Reversing the thinking of the past twenty years is unlikely to prove to be a silver bullet for businesses IT security concerns but it will offer a more solid foundation for dealing with the plethora of risks posed to organizations when working online and reduce the long term costs of security and remediation. Critically this will have a positive impact on future businesses IT strategy and deployments, enabling them greater flexibility when using new technology to innovate practices – and ultimately enable IT to better serve a business across its entire operation.
James Hardy is Director of leading IT solution provider CCS Media.