Security Privacy Transparency

IT security is a headache for every organization. The complexity of today’s IT systems combine with the volume and variety of attacks to create a perfect storm. Business leaders just can’t get ahead of the curve.

Part of our Seismic Shifts series

And the problem’s getting worse. The move towards more rapid software releases and continuous delivery means hard pressed IT security teams are being overwhelmed. Meanwhile, consumer attitudes towards personal data are hardening. For instance, more than a fifth of companies that suffered data breaches in 2016 lost customers. Today’s consumers expect personal data to be guarded closely—and they expect organizations to be transparent about how they’ll use information.

As a result, security has to become “everyone’s problem”, so that everyone within the enterprise improves their understanding and management of risk.

A sea change is happening in security. Now it’s everybody’s problem.

That’s easier said than done. One challenge of making security “everyone’s problem” is that it can mean “no one is accountable”. What it needs to mean is that secure behaviour become the baseline.

Beyond that, ownership for specialized capabilities, such as anomaly detection or identify, need to be clearly delineated. Those “owners” must provide a clear articulation of their security responsibilities, so that others in the organization can access their knowledge.