Anil Puri, CMD, APS Group
A thought leader and an action catalyzer rolled into one – Anil Puri is a rare combination of a visionary, and one who has mastered the art of strategic and tactical thinking to the core. He has been using this combination to seed new ideas and to lead them to their implementation on ground. This has been a consistent feature of his career. Here he writes about the information security and significance of inclusion of security ab initio in planning to digitalize the company processes and services.
The digital transformation is the fourth industrial revolution and has resulted into rapid evolution of the technologies like IoT, AI, Blockchain, Chatbots, Machine Learning and virtual reality in all domains of businesses. The digital transformation (DX) is front of mind for many CMDs and CEOs but too often security is left behind. DX is all about digitizing processes and services to make the businesses more agile and ensure operational efficiency. DX projects often fail since they involve security at belated stage, or not at all. To initiate a project, companies need to bring together people, processes and technology in planning and strategy phase for interface with technologies like AI, data analytics and IoT to ensure that information security is also kept into the loop.
As IT and businesses fast track initiatives like Agile and DevOps to improve speed to market, security’s role is confined to post mortem i.e., the knock-on impact on risk and security. The thrust for giving value to the customer takes centre-stage and core security functions are left out of the orbit. The data breach in security less digitization leaves the companies more vulnerable.
The advent of these technologies is causing industry as a whole to re-imagine traditional business models and innovate new ways to leverage data for growth. While the digital transformation presents a range of opportunities to the industry, it also brings huge challenges with it – prominent ones are ever evolving security needs and roles. Kicking off information age’s digital transformation has presented an infinite potential to hackers in the form of expanded attack surface thereby creating greater potential for damage since most of these devices are involved in critical business activities. Large number of companies are moving most of their data from on-site to host their servers into cloud environment. The technology developers and hackers are at war with each other to breakthrough their layer of protections. AI enabled cyber attack, called a Polymorphic Attack has posed a big challenge which can morph to avoid detection by traditional cyber security solutions.
Conclusively, digital businesses are moving at a faster pace than traditional businesses and traditional security approaches. Hence, there is a need for a wholesome approach to include security in the mainframe right from the very beginning – conceptual stage to final implementation will pay rich dividends.