UNO September 2018

Challenges to security in digital transformation

Businesses and government agencies of all sizes are rapidly adopting digital business models, which they can use to quickly respond to changing consumer demands, process transactions and react in real time, increasing agility, productivity (for better commercial results) and service quality. But this transformation goes way beyond the corporate world. The digital transformation is changing society on an unprecedented scale. It is essentially changing how we learn, work, socialize, buy, administer finances and interact with the world around us. The challenge lies in balancing innovation and productivity with functionality and cybersecurity.

The challenge lies in balancing innovation and productivity with functionality and cybersecurity

As global cyberattacks persist, senior management is focusing attention on cybersecurity. It is no longer a matter of concern only for information technology (IT) teams. Rapid, sophisticated attacks on all industries have proven cybersecurity is the responsibility of an entire organization when attempting to avoid the paralyzing effects associated with data breaches.

Vulnerabilities can lead to fines for noncompliance and reputational damages, which can have lasting effects: 85% of managers working for financial institutions said damage to reputation is the most serious consequence of a data breach when consulted for a recent survey.

Hyper-connectivity increases risks in digital transformation

There is evidence all around us of the potential impact of digital transformation. From smart cars to smart homes and from smart buildings to smart cities, we are seeing traditionally separate networks grow remarkably interlinked. As a result, it will be possible to do things like redirect traffic dynamically, control use of critical infrastructure resources such as water and energy grids, actively monitor city services and respond more efficiently to events of all kinds.

Smart companies are doing things of the same nature. To increase efficiency and profitability, the traditionally isolated Operational Technology (OT) systems are starting to converge with IT networks. Automation can be used to reduce overheads and raise return on investment (ROI). Digital firms will also be more actively connected, both with consumers, to provide services and support on demand, and with critical infrastructures, such as energy and refrigeration, to administer costs. In the same way, networks will expand and contract dynamically through multiple cloud environments to meet changing workloads and computing resource needs.

Traditional security strategies do not scale

Digital transformation vastly improves how we communicate and conduct trade. However, it is also bringing in new security risks and compliance requirements. Many traditional ways of protecting IT networks simply do not apply to the current converging networks. Part of the challenge is that the internet, where all of this occurs, still uses many of the same protocols and infrastructures it began with, decades ago. At the same time, the volume of data has increased almost 40 times in recent years, largely due to the explosion of applications, access points and connected devices. But although most data no longer stays in the traditional business network, we still focus on security, using a model that has become obsolete and insufficient. Part of the problem is that we tend to tackle infrastructure changes as individual projects instead of part of an integral transformation. We then tend to implement single, isolated security solutions to protect them, which complicates administration while reducing visibility and control.

Digital transformation vastly improves how we communicate and conduct trade. However, it is also bringing in new security risks and compliance requirements

Converged networks require converged security

Web security must be extended into a single, integrated system. We need to be able to not only see and protect all infrastructures and devices from a single site, regardless of their location or type, but also coordinate resources to improve detection, automate responses and dynamically adapt to network changes.

The best response to increasingly complicated web environments is simplicity. This requires a security transformation that must mirror the pace of the digital transformation. This security transformation involves integrating security into all areas of digital technology, producing a constant, holistic architecture to ensure effective security throughout the life cycle and covering the entire distributed web ecosystem. This includes attack surface identification, protection from known threats, threat detection, fast and coordinated responses to cyber events and continuous assessments.

Innovation and economic growth boosted by digital and security transformation have the power to change our society completely. But to do this without compromising everything we appreciate, the digital industry must reconsider security from a new perspective. And we must begin right now.

Marc Asturias
Senior manager of Marketing & Public Relations at Fortinet for Latin America and the Caribbean
The Senior Manager of Marketing & Public Relations at Fortinet for Latin America and the Caribbean, Asturias has over two decades of experience in business security marketing. He has directed programs and efficient teams for companies such as Apple, Veritas/Symantec, General Dynamics Advanced Information Systems and Cisco, where he led marketing initiatives for technical training and cybersecurity throughout all verticals and segments in the Americas. He has also led key programs with Mexico First, Canieti, the World Bank and the Office of the President of Mexico; with the SENAC in Brazil; the Government of Costa Rica; and military veterans initiatives with the White House and U.S. Department of Defense. [United States]

We want to collaborate with you

Do you have a challenge?

Would you like to join our team?

Do you want us to speak at your next event?