With almost every major organisation across Europe relying on the cloud to store vast amounts of data generated everyday and also relying on machines to perform various tasks that were once performed by humans, digital transformation is very much visible but the same cannot be said about the security of cloud servers and machine identities.
According to Stephane Dorchin, an expert in machine identity protection, organisations across Europe initiated digital transformation around a decade after American organisations did, but in their quest to catch up with the latest innovations and to compete with the best, they are transforming and adopting new technologies at a much faster pace than the time they need to secure such new technologies from external access.
Securing the cloud is more complex than securing data centres
Dorchin says that security strategies at European organisations revolve mainly around securing data centres, and since data centres are transforming rapidly into cloud or hybrid environments, organisations are moving more and more applications and machines to the new environments without assessing if such environments are secure enough.
“In Europe, businesses don’t place as much importance on IT security strategy and don’t roadmap across the organisation. Consequently, business groups do not share IT’s concerns and fears and may not be able to correctly asses their cyber risks. Of course, they are still making security investments. But it may not really help to accelerate investment in security without the proper commitment and understanding from across the business,” Dorchin says.
“One risk is that organisations may not be able to transform fast enough. As their business continues to grow, there will constantly be new parameters that must be addressed throughout the transformation. Another risk is that organisations will be so focused on getting the infrastructure right that they will be tempted to put security a bit lower on the priority list. If that happens, security will continuously lag behind the pace of the digital transformation.
“The bottom line is that it will be difficult for French and other European organisations to know what they don’t know about digital transformation. It’s new territory. And they may have difficulty measuring the risks in the midst of the transformation. So they may run the risk of elevating their cyber exposure. And it will be difficult for them to assess risks that they have not encountered before,” he adds.
Dorchin isn’t the first to highlight the risks of rapid digital transformation- especially as far as cyber security is concerned. Global spending on cognitive and artificial intelligence systems could touch $77.6 billion (£58.82 billion) in 2022, thrice the amount spent by organisations in 2018, and AI and machine learning technologies are being deployed for purposes such as automated customer service agents, automated threat intelligence and prevention systems, sales process recommendation and automation, and automated preventive maintenance.
Securing the latest technologies is challenging for organisations
Despite the rapid adoption of transformative technologies, Help Net Security opined that despite AI tools having ushered in various advancements in accelerating medical research, improving farmers’ crop yields and assisting law enforcement, such advancements “are unfolding so quickly that it often is challenging for organisations to develop the expertise needed to put the corresponding safeguards in place to account for potential security vulnerabilities and ethical implications”.
Less than half of business leaders attending ISACA’s second annual Digital Transformation Barometer were confident that their organisations could accurately assess the security of systems based on AI and machine learning.
“ISACA’s global membership shows in this research that digital transformation is by no means complete, and organisations are still struggling with fundamental questions of risk, security and return on investment,” said Rob Clyde, ISACA Board Chair.
“It’s impossible to guarantee results when deploying less familiar technologies, but this survey suggests that organisations that have adopted new technologies overwhelmingly consider their journeys to be worthwhile. As organisations continue to navigate uncertain territory, finding qualified leaders to help steer these journeys and instill an organisational commitment to innovation is critical,” he added.