McKinsey & Company reported that “fundamental tensions arise between the business’s need to digitize and the cybersecurity team’s responsibility to protect the organization, its employees, and its customers within existing cyber operating models and practices.” The July 2019 report entitled “Cybersecurity: Linchpin of the digital enterprise” included these comments about Cybersecurity’s role in digitization:
As companies seek to create more digital customer experiences, they need to determine how to align their teams that manage fraud prevention, security, and product development so they can design controls, such as authentication, and create experiences that are both convenient and secure.
As companies adopt massive data analytics, they must determine how to identify risks created by data sets that integrate many types of incredibly sensitive customer information.
They must also incorporate security controls into analytics solutions that may not use a formal software-development methodology.
As companies apply robotic process automation (RPA), they must manage bot credentials effectively and make sure that “boundary cases”— cases with unexpected or unusual factors, or inputs that are outside normal limits—do not introduce security risks.
Likewise, as companies build application programming interfaces (APIs) for external customers, they must determine how to identify vulnerabilities created by interactions between many APIs and services, and they must build and enforce standards for appropriate developer access.
They must continue to maintain rigor in application security as they transition from waterfall to agile application development.
Interesting analysis, what do you think?