Why should security trump speed in digitalization?
Both business and governments are keen to reap the benefits of next-generation digital technologies. Yet in their haste to adopt a digital approach, organizations often overlook the need to develop a considered digital strategy. And this can open them up to unprecedented, and avoidable, risks.
Digitalization is necessary. Enterprises want robust digital strategies and tools to be embedded in every part of their business functions. Consumers expect to be connected, informed and entertained, even as they save time, money and energy. And governments expect to be able to connect, enable and empower the people who they represent.
But as organizations run headfirst into transforming themselves into digital businesses to escape impending extinction, they might be rushing toward “digital chaos.” This is characterized by disjointed departmental policies, procedures and practices leading to duplication of efforts, data leakage or theft. Other symptoms include inconsistency and business loss.
Be it the e-business that charges differential prices to consumers, the corporate website that provides different facts in different places or the bank that is hit by a data theft of its customer records — each of these can be viewed as part of a greater malaise: digital chaos.
What lies behind this is the inability of organizations to articulate clearly their digital enterprise strategy and digital governance approach. This is because, currently, there are no established best practices for how to digitalize a business, only a few scattered examples.
Security is paramount
Data security is one of the key pillars of a digital strategy, as the threats of cybersecurity (e.g., identity theft, phishing, snooping and cyber terrorism) have become an increasing cause for concern with the adoption of next-generation technologies
For example, one Indian conglomerate wanted to transform its existing IT setup so that it could automate some of its processes. While doing so, it focused primarily on implementing an information security environment to avoid any cybersecurity risks. It conducted a thorough review of the security architecture of its infrastructure components, sales management information system (SMIS) and marketing and distribution portal to assess any vulnerable areas and address any gaps in security. As a result, it could quickly identify areas in the IT environment where there was information leakage and create security frameworks to prevent the possibility of unauthorized access to critical data.
Similarly, one global organization, which has a big focus on R&D, realized the importance of cybersecurity in its R&D ecosystem. It analyzed the potential areas for information leakage in its digital setup. It then initiated cybersecurity awareness training among its key stakeholders, and developed a comprehensive security policy and network security framework to prevent any unwanted data drainage.
Digital governance is also vital, as it helps to establish rules and processes for sharing, editing, distributing and consuming data, thereby reducing the possibility of misuse. Many companies have appointed a dedicated digital leader who is responsible for closing the security gaps, formulating a digital strategy and dealing with client concerns for digital customer services. Typically, they will also ensure the organization is aligned to leading governance standards and frameworks, and will clearly segregate individual accountability to aid efficient governance.
A comprehensive digital governance model will require investment, but the benefits are worthwhile: improved performance, reputation and competitive advantage.
A balance of responsibility
An additional consideration for organizations is whether to adopt a dual-speed IT operating model. This would enable CIOs to focus on an IT ecosystem that comprises rapidly evolving digital solutions and robust enterprise IT that would sustain core business processes. This approach would help bring an element of balance between the company’s current technology and emerging disruptive technologies.
It is not all in the hands of business though — governments can also play an important role in the successful implementation of digital technologies. By providing regulatory support to the ecosystem with adequate laws on data privacy and data handling, and by levying heavy fines in the event of data breaches, governments can help facilitate better governance for businesses and avoid abrupt or unplanned digital adoption.
In conclusion, organizations and governments need to adopt digital, but with caution.
Digital is no longer a distant dream; it is here – but any haste in its adoption can lead to more harm than good. A well thought-out digital strategy, together with adequate government support, can help organizations flourish in the digital era and translate their digital investments into tangible benefits.