How CISOs Can Facilitate the Advent of the Cognitive Enterprise

Just as organizations are getting more comfortable with leveraging the cloud, another wave of digital disruption is on the horizon: artificial intelligence (AI), and its ability to drive the cognitive enterprise.

In early 2019, the IBM Institute for Business Value (IBV) released a new report titled, “The Cognitive Enterprise: Reinventing your company with AI.” The report highlights key benefits and provides a roadmap to becoming a cognitively empowered enterprise, a term used to indicate an advanced digital enterprise that fully leverages data to drive operations and push its competitiveness to new heights.

Such a transformation is only possible with the extensive use of AI in business and technology platforms to continuously learn and adapt to market conditions and customer demand.

CISOs Are Key to Enabling the Cognitive Enterprise

The cognitive enterprise is an organization with an unprecedented level of convergence between technology, business processes and human capabilities, designed to achieve competitive advantage and differentiation.

To enable such a change, the organization will need to leverage more advanced technology platforms and must no longer be limited to dealing only with structured data. New, more powerful business platforms will enable a competitive advantage by combining data, unique workflows and expertise. Internal-facing platforms will drive more efficient operations while external-facing platforms will allow for increased cooperation and collaboration with business partners.

Yet these changes will also bring along new types of risks. In the case of the cognitive enterprise, many of the risks stem from the increased reliance on technology to power more advanced platforms — including AI and the internet of things (IoT) — and the need to work with a lot more data, whether it’s structured, unstructured, in large volume or shared with partners.

As the trusted adviser of the organization, the chief information security officer (CISO) has a strong role to play in enabling and securing the organization’s transformation toward:

  • Operational agility, powered in part by the use of new and advanced technologies, such as AI, 5G, blockchain, 3D printing and the IoT.

  • Data-driven decisions, supported by systems able to recognize and provide actionable insights based on both structured and unstructured data.

  • Fluid boundaries with multiple data flows going to a larger ecosystem of suppliers, customers and business partners. Data is expected to be shared and accessible to all relevant parties.

Shows relationship between data, processes, people, outside forces, and internal drivers (automation, blockchain, AI)Source: IBM Institute for Business Value (IBV) analysis.

Selection and Implementation of Business Platforms

Among the major tasks facing organizations embarking on this transformation is the need to choose and deploy new mega-systems, equivalent to the monumental task of switching enterprise resource planning (ERP) systems — or, in some cases, actually making the switch.

The choice of a new platform will impact many areas across the enterprise, including HR and capital allocation processes, in addition to the obvious impact on how the business delivers value via its product or service. Yet, as the IBM IBV report points out, the benefits can be significant. Leading organizations have been able to deliver higher revenues — as high as eight times the average — by adopting new business and technology platforms and fully leveraging all their data, both structured and unstructured.

That said, having large amounts of data doesn’t automatically translate into an empowered organization. As the report cautions, organizations can no longer simply “pour all their data into a data lake and expect everyone to go fishing.” The right digital platform choice can empower the organization to deliver enhanced profits or squeeze additional efficiency, but only if the data is accurate and can be readily accessed.

Once again, the CISO has an important role to play in ensuring the organization has considered all the implications of implementing a new system, so governance will be key.

Data Governance — When Security and Privacy Converge

For the organization to achieve the level of trust needed to power cognitive operations, the CISO will need to drive conversations and choices about the security and privacy of sensitive data flowing across the organization. Beyond the basic tenets of confidentiality, integrity and availability, the CISO will need to be fully engaged on data governance, ensuring data is accurate and trustworthy. For data to be trusted, the CISO will need to review and guarantee the data’s provenance and lineage. Yet the report mentions that, for now, fewer than half of organization had developed “a systemized approach to data curation,” so there is much progress to be made.

Organizations will need to balance larger amounts of data — several orders of magnitude larger — with greater access to this data by both humans and machines. They will also need to balance security with seamless customer and employee experiences. To handle this data governance challenge, CISOs must ensure the data flows with external partners are frictionless yet also provide security and privacy.

AI Can Enable Improved Cybersecurity

The benefits of AI aren’t limited to the business side of the organization. In 2016, IBM quickly recognized the benefits cognitive security could bring to organizations that leverage artificial intelligence in the cybersecurity domain. As attackers explore more advanced and more automated attacks, organizations simply cannot afford to rely on slow, manual processes to detect and respond to security incidents. Cognitive security will enable organizations to improve their ability to prevent and detect threats, as well as accelerate and automate responses.

Leveraging AI as part of a larger security automation and orchestration effort has clear benefits. The “2018 Cost of a Data Breach Study,” conducted by Ponemon Institute, found that security automation decreases the average total cost of a data breach by around $1.55 million. By leveraging AI, businesses can find threats up to 60 times faster than via manual investigations and reduce the amount of time spent analyzing each incident from one hour to less than one minute.

Successful Digital Transformation Starts at the Top

Whether your organization is ready to embark on the journey to becoming a cognitive enterprise or simply navigating through current digital disruption, the CISO is emerging as a central powerhouse of advice and strategy regarding data and technology, helping choose an approach that enables security and speed.

With the stakes so high — and rising — CISOs should get a head start on crafting their digital transformation roadmaps, and the IBM IBV report is a great place to begin.

Contributor'photo

Christophe Veltsos

InfoSec, Risk, and Privacy Strategist - Minnesota State University, Mankato

Chris Veltsos is a professor in the Department of Computer Information Science at Minnesota State University, Mankato...