February 4, 2019 By Lindsey Lurie 3 min read

It’s hard to keep New Year’s resolutions. According to U.S. News & World Report, nearly 80 percent of them fail by the second week of February — not because the intent is off or the motivation is gone, but simply because the status quo is easier. Change requires discomfort and the development of new habits. This is true not only for individuals, but businesses as well.

Most organizations have announced their intent to be more innovative in 2019 — to make changes that will make them stronger, faster and better. But innovation as an end result requires us to change the way we think and act, to be open to new people and processes, and an uncomfortable level of transparency that, so far, many organizations have been reluctant to embrace when it comes to security strategy. Only when we commit to changing our perspective — and, in turn, our habits — regarding privacy and security can we build the trust needed to catapult our businesses and fuel growth.

A Strong Security Strategy Sets the Pace for Innovation

In every car race, there is a pace or safety car that sets the speed and positions racers for the event. In business, security is often seen as an inhibitor to innovation. I’ve often heard security teams say they are in the “business of no,” but it shouldn’t be this way. Rather, security can be the foundation for your business journey to be more innovative.

At Think 2019, we heard cybersecurity leaders — and former professional race car driver Danica Patrick — discuss the link between security and innovation. They shared ideas and processes for making small adjustments to your security strategy that make good habits easy to establish. By integrating security as a regular component of daily operations, much like safety controls in a race, organizations have more bandwidth to adjust their processes, which empowers them to innovate securely.

Openness: The Antithesis of Cybersecurity — or Is It?

When it comes to security and privacy, most organizations have spent a lot of time and money keeping their secrets close to the vest. Security is critical when it comes to corporate innovations and intellectual property. However, at RSA Conference 2019, we heard how unconventional thinking can be utilized to close gaps in your security portfolio.

First, let’s look at it from a technology and process standpoint. Imagine if an organization that had been breached shared details of its compromise, including techniques, attack sources and more. Other organizations could benefit tremendously from this transparency and use the information to proactively investigate anomalies on their networks. We have seen technical leaders from the industry calling for more collaboration in cybersecurity, and there is a strong drive to begin doing something about it.

Additionally, openness must extend to hiring. According to Frost & Sullivan, there could be 1.8 million unfilled cybersecurity roles by 2022. To address this massive skills gap, I expect to see organizations look outside the security and technology industries for hiring. I also predict that more security roles will be filled by professionals with emergency response skills, such as military veterans and former first responders, as well as underrepresented groups such as women and people with nontechnical experience. This influx of new perspectives will be a catalyst for organizations looking to innovate.

It’s Time to Walk the Walk When It Comes to Customer Trust

The current state of cybersecurity, combined with shifting buyer motivations, has changed the meaning and priority of digital trust. For one thing, security breaches continue to escalate, not only in frequency, but also with regard to information value. Customer trust is eroding.

Further, as more and more consumers are affected by data breaches, they are becoming educated about how these attacks can occur. Add to this a growing population of buyers from a generation that prioritizes business integrity and brand principles into their purchase decisions. Trust is no longer just a talking point; organizations are entering an era where they must continuously prove that they are collecting, storing and using personal data safely and respectfully.

While all industries will feel the impact of digital trust, health care is at the forefront of this change. A broader conversation about this topic took place at HIMSS19 in February, where key issues such as the safety of medical internet of things (IoT) devices and patient records were major talking points.

In 2019, let’s not lose sight of why we are making changes to our security programs in the first place. Openness and transparency are critical building blocks for customer trust. In turn, these blocks set a solid foundation for your organization to continuously grow and innovate.

To learn more, watch the replay of IBM Security’s keynote presentation at RSA Conference 2019. IBM Security General Manager, Mary O’Brien and Vice President, Caleb Barlow, explain how you can change your IT Security approach to get it right.

More from CISO

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Boardroom cyber expertise comes under scrutiny

3 min read - Why are companies concerned about cybersecurity? Some of the main drivers are data protection, compliance, risk management and ensuring business continuity. None of these are minor issues. Then why do board members frequently keep their distance when it comes to cyber concerns?A report released last year showed that just 5% of CISOs reported directly to the CEO. This was actually down from 8% in 2022 and 11% in 2021. But even if board members don’t want to get too close…

The CISO’s guide to accelerating quantum-safe readiness

3 min read - Quantum computing presents both opportunities and challenges for the modern enterprise. While quantum computers are expected to help solve some of the world’s most complex problems, they also pose a risk to traditional cryptographic systems, particularly public-key encryption. To ensure their organization’s data remains secure now and in the future, chief information security officers (CISOs) should educate themselves about quantum computing, proactively address the coming quantum risks to cybersecurity and work to establish cryptographic agility in their enterprise.A future cryptographically…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today