The missing link in the chain: Cybersecurity in the value chain

Home 9 General 9 The missing link in the chain: Cybersecurity in the value chain
March 16, 2021
Category: General

Security is often not considered in digitization initiatives or in the best case after only implementation, which results in a major loss of efficiency and causes high costs. Cybersecurity belongs in the process of digital transformation of companies from the very beginning.

Silo thinking versus digital security

When implementing digitization projects, companies often consider the issue of security only as an afterthought or, in the worst case, not at all. This is particularly due to organizational structures, which means that so-called silo thinking prevails in functionally oriented companies – the fixation on the own department. With its own procedures, opinions and goals.  What is missing here is the so-called end-to-end view of the digitization initiative. In addition, there are often politically driven decisions, so that cooperation between different departments is unsatisfactory or non-existent. This is particularly noticeable within individual organizational units, e.g., in IT development and security departments, but also between central units, e.g., IT and business units.

Developers need time and must be trained in security

The time pressure in the implementation of digital transformation projects is enormous. Increasingly, agile development methods such as DevOps or agile are being used to implement results even faster. At the same time, budgets and resources are always tight.

The wheel does not always have to be reinvented; developers often make use of reusing existing code snippets from public sources. This is efficient, but the basis of security for the new software must be considered. Only copy & paste copies the danger from the net at the same time.

Digitalization increases cyberrisks

In recent years, two issues have been revealed in business development that bring rapid and dramatic change. The first aspect is globalization and the demand to act as an international, digital company. The second aspect is the implementation of IT that can react quickly and reliably.

Digitalization is advancing rapidly – but at the same time, the weaknesses of the company’s own cybersecurity are becoming apparent. Cybersecurity staff must be integrated into development teams, improve risk management, and apply quantitative risk analyses. Cybersecurity must be built directly into enterprise value chains from the start.

At the heart of cybersecurity are decisions about which risks to accept or to mitigate. Traditionally, business leaders have made cyber risk management decisions using a combination of experience, intuition, and qualitative analysis. Today, organizations should strengthen their business and technology environments with quantitative risk analysis to make better, fact-based decisions.

TIP: We recommend that companies planning digital transformation projects include security experts from the beginning. We would be happy to support and advise your employees on the secure implementation of digital projects.

 

By Andreas Flegel

Andreas Flegel is CEO at e2 Security GmbH. He has more than 20 years of industry expertise on both sides, mainly within the Chemical, Pharmaceutical, Automotive, MRO and Technology industry. Andreas has extensive experience in digital transformation, performance management, information systems and cyber. He helped business leaders to improve the way they do business, extract greater value from existing budgets and resources, and overcome productivity challenges.

Related Articles