February 4, 2019 By Lindsey Lurie 3 min read

It’s hard to keep New Year’s resolutions. According to U.S. News & World Report, nearly 80 percent of them fail by the second week of February — not because the intent is off or the motivation is gone, but simply because the status quo is easier. Change requires discomfort and the development of new habits. This is true not only for individuals, but businesses as well.

Most organizations have announced their intent to be more innovative in 2019 — to make changes that will make them stronger, faster and better. But innovation as an end result requires us to change the way we think and act, to be open to new people and processes, and an uncomfortable level of transparency that, so far, many organizations have been reluctant to embrace when it comes to security strategy. Only when we commit to changing our perspective — and, in turn, our habits — regarding privacy and security can we build the trust needed to catapult our businesses and fuel growth.

A Strong Security Strategy Sets the Pace for Innovation

In every car race, there is a pace or safety car that sets the speed and positions racers for the event. In business, security is often seen as an inhibitor to innovation. I’ve often heard security teams say they are in the “business of no,” but it shouldn’t be this way. Rather, security can be the foundation for your business journey to be more innovative.

At Think 2019, we heard cybersecurity leaders — and former professional race car driver Danica Patrick — discuss the link between security and innovation. They shared ideas and processes for making small adjustments to your security strategy that make good habits easy to establish. By integrating security as a regular component of daily operations, much like safety controls in a race, organizations have more bandwidth to adjust their processes, which empowers them to innovate securely.

Openness: The Antithesis of Cybersecurity — or Is It?

When it comes to security and privacy, most organizations have spent a lot of time and money keeping their secrets close to the vest. Security is critical when it comes to corporate innovations and intellectual property. However, at RSA Conference 2019, we heard how unconventional thinking can be utilized to close gaps in your security portfolio.

First, let’s look at it from a technology and process standpoint. Imagine if an organization that had been breached shared details of its compromise, including techniques, attack sources and more. Other organizations could benefit tremendously from this transparency and use the information to proactively investigate anomalies on their networks. We have seen technical leaders from the industry calling for more collaboration in cybersecurity, and there is a strong drive to begin doing something about it.

Additionally, openness must extend to hiring. According to Frost & Sullivan, there could be 1.8 million unfilled cybersecurity roles by 2022. To address this massive skills gap, I expect to see organizations look outside the security and technology industries for hiring. I also predict that more security roles will be filled by professionals with emergency response skills, such as military veterans and former first responders, as well as underrepresented groups such as women and people with nontechnical experience. This influx of new perspectives will be a catalyst for organizations looking to innovate.

It’s Time to Walk the Walk When It Comes to Customer Trust

The current state of cybersecurity, combined with shifting buyer motivations, has changed the meaning and priority of digital trust. For one thing, security breaches continue to escalate, not only in frequency, but also with regard to information value. Customer trust is eroding.

Further, as more and more consumers are affected by data breaches, they are becoming educated about how these attacks can occur. Add to this a growing population of buyers from a generation that prioritizes business integrity and brand principles into their purchase decisions. Trust is no longer just a talking point; organizations are entering an era where they must continuously prove that they are collecting, storing and using personal data safely and respectfully.

While all industries will feel the impact of digital trust, health care is at the forefront of this change. A broader conversation about this topic took place at HIMSS19 in February, where key issues such as the safety of medical internet of things (IoT) devices and patient records were major talking points.

In 2019, let’s not lose sight of why we are making changes to our security programs in the first place. Openness and transparency are critical building blocks for customer trust. In turn, these blocks set a solid foundation for your organization to continuously grow and innovate.

To learn more, watch the replay of IBM Security’s keynote presentation at RSA Conference 2019. IBM Security General Manager, Mary O’Brien and Vice President, Caleb Barlow, explain how you can change your IT Security approach to get it right.

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today