Digital transformation is a term that has gathered momentum over the last couple of years, and may mean different things to different people. However, in the context of this post, we are talking about projects that an organisation has initiated to drive some level of continuity, efficiency or competitive advantage through the utilisation of technology.
These could be next generation infrastructure projects, new software/applications platforms, the facilitation of mobile working or something much wider. If we also consider the emergence of “digital disruption”, digital transformation projects are not just about the desire to implement technology. It is perhaps as a necessity to survive in the digital age.
So, digital transformation projects are not necessarily about refreshing corporate IT. They are projects that use disruptive technologies to change the way their industry works – gaining “first mover advantage” or to “change the game”.
There are many examples of digital transformation using disruptive technologies – we are seeing drones deliver parcels, digital distribution of content such as movies, and the ability to unlock a car from a mobile phone.
Whilst all of these can bring benefits, they all carry inherent security risks that an organisation both needs to understand and manage in an appropriate way.
This means that security must be considered as part of any digital transformation project. Even if the accepted tolerance to risk is high. If security is not considered from the outset, the number and potential impact of cyber risks cannot be quantified.
Cyber attacks can cost a business real money. As we can see from our annual Risk:Value report, recovering from a breach can cost upwards of £1million, and estimated to hit the bottom line by almost 10%. Given some recent high profile breaches, these figures don’t seem overstated – and potentially could cost a lot more.
Security is an inherent element of technology that must be considered as part of any digital transformation project. As such, it should not be seen as a cost or inhibitor, rather it should be seen as an essential enabler for digital transformation – disruptive or otherwise.