IDC Report Shows Embedding Cybersecurity into the Planning Process is Key to Successful Digital Transformation
When you think of digital transformation (DX), what’s the first thing that comes to mind? Perhaps it’s the technologies you need to implement to deliver better customer experiences. Maybe it’s how to migrate from legacy processes and tools to modern applications or the cloud. Or it could be the type of team you need to assemble to make all these things happen.
But look closely at those items. What’s missing?
If you said “cybersecurity,” you’re absolutely right. Cybersecurity is often an afterthought when it comes to DX--something that gets bolted on after all the development work is done. That can no longer be the case. Today, cybersecurity must be interwoven with all DX plans. In fact, it’s a critical component of successful DX.
Perhaps it’s even the most critical component, as a recent IDC white paper, sponsored by ECI, shows.
For Cybersecurity and Digital Transformation of the Global Alternative Asset Industry: A Critical Pairing, more than 400 executives at global alternative investment institutions were surveyed. Virtually all respondents agreed that cybersecurity is crucial for their firms’ continued success.
But where to begin?
Indeed, with new SEC cybersecurity guidelines in play and the prospect of threats continuing to rise, firms can no longer afford to consider cybersecurity as an afterthought. The challenge is that many organizations do not know where to begin, or fear incorporating cybersecurity into their DX processes will do more harm than good. According to the survey:
57% of respondents named “security/privacy” as the main concern around implementing DX
47% of respondents cited “risk assessment management” as another top concern, indicating they do not understand the inherent risks, mitigation strategies, or risk trigger points involved in planning and scoping DX projects
42% cited “security strategy and road mapping” as yet another top concern, indicating they’re not sure how best to strategically incorporate cybersecurity into their product development processes.
But not incorporating cybersecurity planning into the development process has the potential to be much more costly to organizations in the long run. Inferior network security is only one result. Without incorporating cybersecurity into their DX planning, organizations run the risk of underestimating how much money they’ll need to spend on additional tooling after modernization projects are completed, resulting in costly unplanned expenses. They’ll be behind from both a financial and risk management perspective.
Perhaps that’s why, despite concern and confusion, firms are beginning to invest in cybersecurity as part of DX. According to the research, “fraud/risk management” and “security” were the most popular DX activities undertaken in 2021, cited by 66% and 61% of respondents, respectively.
Rising demand for outside consultants
Fortunately, alternative investment institutions do not have to operate alone when it comes to cybersecurity and DX. They have the option to partner with third-party consultants like ECI, who can help them create DX initiatives where cybersecurity is part of the fabric of their efforts, rather than an adjunct component to be added later.
Indeed, most of the survey respondents are already looking in this direction. Eighty percent of North American-based respondents cited a “strong desire” for consulting services, as did 81% of European respondents.
What are they looking for? Among other things:
52% are looking to establish discrete security programs
46% are interested in outsourcing expertise
44% want to use emerging tools and controls
38% need help developing roadmaps
A closer look at the benefits of outsourcing
Our next blog post will take a closer look at the benefits of outsourcing when it comes to building a DX plan that incorporates cybersecurity at its core. Until then, you can download the full report, which includes more statistics and lays out a clear and compelling argument for the importance of tying cybersecurity and DX together, right from the beginning.