Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry experts.

How Should I Think About Security When Considering Digital Transformation Projects?

Digital transformation helps businesses keep operating and stay competitive. Here are the ways to think about security so that businesses reap the benefits without taking on associated risks.

Niv Weisenberg, Senior Director, Cyber Digital Transformation, Optiv

June 16, 2022

2 Min Read
A mirror reflecting light from inside the data center.
Source: metamorworks via Adobe Stock.

Question: How should I think about security when considering digital transformation projects?

Niv Weisenberg, Senior Director of Cyber Digital Transformation, Optiv: Multiple factors contribute to the sheer number of digital transformation projects underway today: the proliferation of the Internet of Things (IoT), expanding artificial intelligence (AI) capabilities, the sudden shift to a remote workforce prompted by the global COVID-19 pandemic, and the rapid rate of cloud migration. Digital transformation is no longer a nice-to-have; it’s a must-have in order to survive and thrive in today’s business world. 

CISOs and their security teams need to think about security in the digital age from both an internal and an external perspective. For the former, security teams should introduce and adopt digital enablers to transform the information security organization. Digital enablers include the cloud, IoT, AI/machine learning (ML), and automation to transform the information security organization. 

For the latter, they should address potential risks as new digital enablers are introduced by the business to drive growth.

Here are five specific areas security teams should prioritize to achieve security-first digital transformation:

1. Security operations modernization: Help security operations adopt a proactive posture when balancing the need to match technology adoption acceleration with cost management.

2. Developer-centric security: Enhance overall security posture and optimize DevOps performance by embedding a culture of proactive security in the DevOps process, enabled by orchestration and automation. For example, “shift security left” in the application development process to integrate security products as developers code and into build/test processes — rather than leaving it as an after-the-fact bolt-on. This will help organizations solve issues at the point of origin, detect and remediate vulnerabilities before they hit production, and, most importantly, build a DevSecOps program that prioritizes security throughout all development phases.

3. Cloud strategy and execution: Shifting security left applies in the cloud transformation journey, too. Develop a strategic roadmap for secure cloud migration, operation, and management, as well as secure architecture modernization. Also consider standing up cloud native app protection (CNAP) capabilities that will scour cloud environments and alert staff to compliance risks and configuration vulnerabilities in cloud services.

4. Connected devices: Enforce critical network, device, and data protection by doing things such as hardening connected entry points to the data fabric, modernizing the data paths for IT/OT convergence, bringing legacy networks under a modern security architecture, and implementing zero trust and a software-defined perimeter.

5. Big data and analytics: Maximize the value extracted from data and secure big data at scale with AI/ML-enabled analytics.

As important as it is to keep the business operating and competitive, organizations must transform securely. Keeping security at the forefront gives the business the benefits of digital transformation without the associated risks.

About the Author(s)

Niv Weisenberg

Senior Director, Cyber Digital Transformation, Optiv

Niv is an experienced digital transformation leader who focuses on leading cross-functional teams to help clients frame their vision for intelligent operations. Prior to Optiv, Niv helped a Fortune 50 drive transformation through the entire value chain of logistics, operations, manufacturing, retail and distribution. In addition, Niv was a leader within Accenture’s Digital Strategy team where he helped clients stand up digital capabilities, including integrated systems, analytics capabilities, connected workers, and secure cloud migration, and establish the right resources and workflows to realize multi-billions of use cases of untapped value.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights