APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • Cyber Security
    Editor's Pick (1 - 4 of 8)
    left
    IAM May Help Secure Data, But It Needs to be Protected as Well

    Marc Ashworth, Chief Information Security Officer, First Bank

    The Changing Landscape of Cyber Security

    Scott Brandt, CIO & Director of IT, Texas Office of the Secretary of State

    Cyber Security - Integrated enterprise approach required to address the multifaceted challenges

    Sumit Puri, CIO, Max Healthcare

    Leadership Framework for Building Elite Teams

    Douglas Duncan, CIO, Columbia Insurance Group

    Four Cybersecurity Weak Spots You Should Care About When Others Don't

    Marc Probst, CIO & VP, Intermountain Healthcare

    Enterprise Security And The Elusive

    Andre' Allen, CISO, City of Houston

    Secure Text Messaging in an Academic Medical Center - Experience and Lessons

    Kari Cassel, SVP & CIO, UF Health

    It's Time to Turn Security Inside Out

    Gilad Raz, CIO, Varonis

    right

    Digital Transformation: Bane or Boon for Cybersecurity?

    Ramesh Munamarty, Senior EVP - Technology & Innovation, International SOS

    Tweet
    content-image

    Ramesh Munamarty, Senior EVP - Technology & Innovation, International SOS

    Digital Transformation appears to be ubiquitous with different connotations across enterprises. Regardless of what “Digital Transformation” means for an enterprise there is increased focus and threat posed by security. This article will go into the benefits and the risks to security posed by an organization’s desire to be more agile and responsive to market needs.

    CIOs for decades had to deal with security challenges and in spite of the best efforts and increased investments, 50% of US companies had a cyber-attack in 2017. The problem is amplified with the increase of endpoints and the complexity of the attack vectors due to technologies such as IoT and mobile devices accessing enterprise network. The statistics from CSO Online show that 61% of organizations have experienced an IoT security incident, 90% of remote code execution attacks are associated with cryptomining and 54% of companies have experienced an industrial control system security incident. While the additional devices and new ingress points are causing a strain on the security, there has been an increase in targeted phishing attacks, ransomware and malware as well. Our good old e-mail is still the major source (92%) of malware causing havoc on enterprises. The price tag on an average ransomware attack is not trivial - it can cost an enterprise $5M.The recent attacks of WannaCry and NotPetya show that the scale of the attack can be humongous impacting the entire healthcare network of NHS and other organizations such as Telefonica.

    Digital transformation, which at the end of the day is leveraging technological innovations to drive better business outcomes capitalizes on 4 key technologies – Cloud, Internet of Things, Machine Learning/Artificial Intelligence and Mobility. Technologies such as Blockchain are also becoming relevant for certain enterprises. Enterprises are looking to drive automation of business processes and digital connectedness of the entire value chain to drive agility.A number of them are creating new business models and leveraging data to drive growth. As outlined in the MIT Technology Review, in the digital era, the focus needs to shift from securing network perimeters to safeguarding data spread across systems, devices, and the cloud.

    Enterprises have several new security challenges that are posed due to Digital Transformation:

    • Polymorphic Attacks: Sophisticated attacks that can change and adapt to avoid detection by traditional security solutions. The malware frequently changes attack states or uses different file names, hashes or signatures to encrypt or otherwise hide code to avoid detection and eradication.

    • DevOps: Agile development and DevOps is fundamental to Digital delivery. Rapid releases and continuous integration and development could lead to security vulnerabilities pass through undetected into production.

    • Lack of visibility across diverse environments: Hybrid Cloud based IT infrastructure, highly distributed environments spanning remote branches, and non-integrated, siloed multi-vendor point defense products leads to lack of visibility of vulnerabilities across user, system and network.

    • Digital Value Chain: Increased direct connectivity across suppliers, partners and customers are exposing several new weak links for the attackers as the network is no longer contained with perimeter protection being enough.

    • Endpoint devices in highly vulnerable locations: Next-generation devicessuch as IoT in industrial equipment and consumer devices are now deployed in potentially vulnerable environments such as vehicles, hospitals, and energy plants, vastly increasing the risks to human welfare.
    Concerns about such devices being hacked, turned into botnets, and used to attack targeted computers and organizations are growing as well.

    • Application vulnerabilities: Application Development teams should share the responsibility of CyberSecurity with the Infrastructure and Security teams as a number of new vulnerabilities are being exposed through applications and the development team is responsible for hardening and securing applications. Self-defending apps are being created with advanced access-control capabilities, allowing them to react to malicious source-code modifications and debugging at runtime. Encryption is being built-in both for data at rest and in transit. It is not all doom and gloom for the Security Professional. Digital Transformation has brought several boons as well. There is increased awareness at the C-level and Board on Security issues and additional funds are beingallocated to build security into Digital Transformation. CIOs are using this opportunity to strengthen the posture and shore up the infrastructure plugging the holes and strengthening the weak links. In addition, there is an increased need to be compliant and organizations are willing to spend money to be compliant on certifications/regulations such as PCI-DSS, HIPAA, GDPR and also respect data sovereignty requirements by countries such as China, Russia, UK, Germany, Australia etc. Compliance mandates are driving 69% of security spending, 33% are mandates from the Board and 29% responding to a security incident from another organization according to 2018 IDG Security Priorities Study where respondents could choose more than one factor.

    The other key advantages in addition to awareness and funding are that Security has moved beyond IT to business operations and enterprises are even making security a competitive differentiator. Security is integral to the adoption of innovative technologies and newer technologies and embedded into Software Defined Networks (SDN) to provide seamless and secure access to data.

    Enterprises are leveraging Digital Transformation to rearchitect their platforms and integrating systems to create a unified security architecture. Threat intelligence is being shared across the organization and across multiple companies, additional safeguards are being put in place in the network, systems and applications and a significant portion of security operations are being automated and monitored 24x7 leveraging modern Security Operation Centers (SOC) and Network Operations Center (NOC).

    Since digital transformations are spreading data across diverse environments and are created connected value chains, vulnerabilities can rapidly spread and cause millions of dollars of damage and significant reputational impact. C-level executives and the Board have to adopt a proactive stance and make it a regular agenda item during Board meetings to review security. The following measures can be taken by enterprises to reduce risk across 10 areas in the digital landscape - Strategic, Technology, Operations, Third Party, Regulatory, Forensics, Cyber, Resilience, Data Leakage, and Privacy:

    • Secure Maintenance/Patching - Review Common Vulnerabilities and Exposures on a monthly basis to assess risk. Proactive and Timely Patch Management.

    • Application and Custom Code Security: Harden Applications and strengthenDevOps. Leverage source-code security scanning tools to identify vulnerabilities in programs.

    • Encryption: Develop and deploy consistent encryption both at-rest and in-transit

    • Network Security: Segment the network with separation of high-security areas and privileged access.

    • Operating Systems and Database Security: Restrict database-access and provide dedicated security requirements for all Operating Systems.

    • Front-end security: Secure configuration for clients and mobile endpoints with appropriate access control lists and Identity Access Management

    • Communication Security – Use encrypted communication such as SSL, TLS and secure RFC

    • Security Operations Center – Monitor security audit logs and all systems especially for critical applications and users. Automate cyber-security practices and use the SOC/NOC to monitor.

    • Training and Awareness –Build training programs and create phishing simulated attacks to improve security awareness and drive change across all employees in the organization

    • Integrated Security Systems –Integrate security systems and/ or have a single pane of glass improves visibility across the larger attack surface.

    • Sharing Threat Intelligence –Share threats across the enterprise as soon as they are detected

    • Business Continuity: Define emergency, backup, and disaster recovery concepts to ensure business continuity. Prepare end-to-end fallback systems for critical processes and applications.

    Digital Transformation is leading to Security Transformation and as with all transformations, change management across all levels is imperative to make sure enterprises are prepared in today’s environment where attacks are becoming more sophisticated and attack vectors and surfaces are increasing. Enterprises need to be agile to adapt to the changes in the threat landscape and respond quickly and effectively.
    tag

    IoT

    Machine Learning

    Weekly Brief

    loading
    Top 10 Cyber Security Companies in APAC - 2024
    ON THE DECK

    Cyber Security 2024

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Listening Beyond Hearing

    Listening Beyond Hearing

    Salvatore Incardona, Head of IT, Amplifon Australia
    Modernizing Lending Through Innovative, Secure and Scalable Technology

    Modernizing Lending Through Innovative, Secure and Scalable Technology

    Steven Meek, Chief Information Officer, Pepper Money
    Advancing the Chemical Industry through Digital Transformation

    Advancing the Chemical Industry through Digital Transformation

    Jan Mandrup Olesen, Global Head of Digital Business, Indorama Ventures
    Cultivating a Sustainable Future through Collaboration

    Cultivating a Sustainable Future through Collaboration

    Jiunn Shih, Chief Marketing, Innovation & Sustainability Officer, Zespri International
    Mastering Digital Marketing Strategies

    Mastering Digital Marketing Strategies

    Tasya Aulia, Director of Marketing and Communications, Meliá Hotels International
    Building a Strong Collaborative Framework for Artificial Intelligence

    Building a Strong Collaborative Framework for Artificial Intelligence

    Boon Siew Han, Regional Head of Humanoid Component Business & R&D (Apac & Greater China), Schaeffler
    From Legacy to Agility Through Digital Transformation

    From Legacy to Agility Through Digital Transformation

    Athikom Kanchanavibhu, EVP, Digital & Technology Transformation, Mitr Phol Group
    Change Management for Clinical Ancillary Teams: Aligning Practice with Policy and Progress

    Change Management for Clinical Ancillary Teams: Aligning Practice with Policy and Progress

    Ts. Dr. James Chong, Chief Executive Officer, Columbia Asia Hospital – Tebrau
    Loading...
    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://cyber-security.apacciooutlook.com/cxoinsights/digital-transformation-bane-or-boon-for-cybersecurity-nwid-6544.html