Cybersecurity in Digital Transformation
By: DAX Paulino, Cyber Security Practice Lead
Imagine this: Your meeting starts at 10AM at your clients’ office to present the newest and most innovative products today. You’re still at your desk as you book a ride using your phone. Ride will arrive in 10 minutes As you prepare to go, you decide to drop by the convenience store for a light drink. Your phone suddenly buzzed as you tap your stored value card at the counter. Your ride has arrived at the pick-up location. While you’re in the car, you glanced at the new self-service laundromat that has a coffee shop, wondering if they play lounge music that’s on your streaming media playlist. Come to think of it, what could be a good music to listen to while doing the laundry?
What is DX?
Let’s get things straight by defining what Digital Transformation or DX is. Let’s break it down: The word “digital” in this context is not about creating a website, or an application, or making an e-commerce store. Instead, “digital” means the rate change is happening in today’s world, due to the use or adoption of different technologies. This fast adoption of technology is changing how consumers engage with how businesses operate, thus, creating new approaches in having a competitive advantage that is sustainable.
So, by using mobile applications, we can now hail our ride and choose what we listen to on the fly. Heck, we may even use a debit card to pay for the self-serve laundromat service, while coffee is being served over lounge music. You can also send signed documents with blockchain. Or even remotely monitor your house via CCTV with an internet connection. Whereas before, you have to deal with unruly cab drivers with AM radio and… you get the idea. With the technology boom happening everywhere, we use it to our advantage to make living more convenient, secure, and automated.
Where should Cybersecurity come in?
The short answer is “from the start”. When you develop something new, you have to have security on top of mind. We already made the mistake in the past when the first network systems have no security in place and was just added in a much later time. The result were bolt-on systems that are expensive and difficult to maintain.
Making our systems secure from the very start will definitely make it more versatile or adjustable, as we can make changes as it gets developed. Just like the human body’s immune system, it starts even before birth and develops further as the human matures. So, let’s not make cybersecurity sit in the sidelines nor make it a hurdle in the development process. This approach will result in more manageable and resilient systems. Cybersecurity is not the enemy of DX (I’m looking at you… executives). Make it a part of the process and save (money and your reputation) in the long run.
What Cybersecurity controls should I use?
The world is already mobile, and the trend is still continuing. Though we are very much connected now more than ever with the adoption of cloud services, Big Data, and IoT, hopefully faster internet speeds. With the creation of these new technologies and systems, the attack surface is almost limitless. The perimeter is growing at a very rapid pace and it is very difficult to catch up. Come to think of it, do we still have a perimeter?
With this in mind, it’s only practical to have a holistic approach to security. This does not only involve technology but also the processes, awareness, tests and reviews, strategy and, most importantly, the people. Acquire technology solutions and services that is applicable to your systems. Do regular code reviews and penetration tests. Involve customers in the hunt by allowing them to report bugs or glitches. Practice your incident response procedures regularly. And use compliance as a tool for security. This will be your guidance and protection.
Go back to the imagery of you checking your email as soon as you’re back in the office. The receipts for your TNV rides immediately came in. As you finish composing your report saying that the meeting was successful and went off without a glitch, you immediately log in to the document management system. After keying in the verification code that buzzed your phone, you start a new digitally signed contract. But before typing, you sip on a cup of coffee and stream a cool jazz playlist.