Conspicuous security consumption
January 1, 2019
January 1, 2019
Decades of mergers, acquisitions, or partnerships have left their mark on the CG&S industry. Many companies find themselves with large, decentralized organizational models—opening the door to increased cyber risk. While security executives are spending time and money on protecting traditional IT services and assets, many are not addressing new threats that are emerging internally and across the areas of the value chain—areas which, if breached, could have a material impact on the business.
Business and manufacturing functions are embracing digital technologies, and as their organizations transform, so too must their cybersecurity strategies and how they are handled. It is time to elevate the role of the security executive, from IT security leader to a trusted business enabler. CG&S organizations can build a cyber resilient business—one that can operate effectively despite persistent threats and sophisticated attacks, embrace disruption safely, strengthen customer trust and boost shareholder value.
Related: Accenture Security CG&S Cyber Resilience
Organizations are investing in cybersecurity on an unprecedented scale—but current spending priorities show that much of this is misdirected toward security capabilities that fail to deliver the greatest efficiency and effectiveness. Often security executives do not have either the visibility into the non-IT asset landscape, nor the authority to impact risk outcomes in these areas of the business, despite having a broad risk-reporting responsibility. CISOs need “a seat at the table” during business planning, strategy and design processes to inform decisions, de-risk innovation challenges, and build a more resilient business.
Establish visibility and influence on business outcomes, rather than solely on IT outcomes. Institute mandatory security checkpoints to anticipate or identify new risks before they can arise.
Understand and account for existing assets across the organization and determine risk-based priorities. Do not underestimate the amount of digital assets that may reside outside of control and influence.
Become brilliant at the basics by tackling security hygiene and risk management programs. Provide stakeholders with the appropriate tools to understand and mitigate risk.
Embed security disciplines that address today’s needs and have the potential to serve tomorrow’s demands. Make security part of the innovation, engineering, business planning, and procurement processes.