Guiding leaders to greatness

SecurityData privacyOperational agilityRisk management

Cybersecurity: The Fabric of Any Intelligent Organisation

Does today’s need for cyber vigilance conflict with the move towards organisational intelligence and its need to share data? We believe the opposite is true – robust cybersecurity can be a powerful enabler of progress.

01 February 2022 • 3 min read

Photograph: Fly D/Unsplash

For any intelligent organisation, data is king. Facts, figures, numbers, case studies, and countless other pieces of information contribute to sewing up success. How, though, do we keep everything secure as threat levels rise? As leaders within NTT DATA’s UK Security Consulting business, this is an issue close to our hearts.

Most large corporate organisations face highly competitive environments driven by complex regulatory and compliance landscapes. Dealing with challenges while at the same time maintaining value is far from easy.

Intelligent organisations differentiate themselves by aligning their internal ideologies around working smarter, not harder.

One of the ways intelligent organisations differentiate themselves is by aligning their internal ideologies around working smarter, not harder. To enable this way of working, they make information and data freely available. When responding to recent global events, they also increasingly allowed staff to operate flexibly and access data remotely.

These daily activities present increased security risk, especially with servers being accessed offsite. Despite this, we argue that the current model of cybersecurity is evolving to help foster and drive this flexible, smarter-working ‘intelligence’.

The cybersecurity challenge

Cybersecurity risk levels have never been higher. The CyberPeace Institute reported 309 ‘major incidents’ in 35 countries between June 2020 and December 2021.

Hacking, phishing, malware, ransomware and denial of service attacks have all grown in scale and complexity, impacting all industry verticals and market sectors. The very organisations there to protect us – IT and communication leaders, governments and regulatory bodies – have also been victims of cyberattacks.

In June 2020, a global IT managed services giant announced hackers had stolen customer information in a ransomware attack. Another global hardware supplier reportedly paid $50 million to the REvil cyber-gang earlier this year.

The sensible frame of mind is now planning for when you are attacked, not if.

How intelligent organisations deploy cybersecurity

We have always assessed business security risks; it’s why we lock our office doors each evening. Despite this, cybersecurity still feels like an immature science, sometimes bolted onto existing operations as an afterthought. Siloed in this mode, it becomes inherently reactive. Some security professionals report ‘swivel chair fatigue’ as they spin inefficiently to glare at a myriad of constant alerts struggling to identify real active threats.

Rather than firefighters, intelligent organisations see cybersecurity personnel as enablers of safe data-sharing.

Rather than firefighters, intelligent organisations – more usefully – see cybersecurity personnel as enablers of safe data-sharing. Proactively adopting best practices can be a transformative experience that drives businesses towards organisational intelligence, not away from it. Let us look at how.

Considering costs

We tend to think of replacements when making security value judgements at home. Does it, for example, make sense to spend £250 on a state-of-the-art bicycle lock for a bike that would cost half that to replace? At C-suite level, security cost-optimisation is at the forefront of everyone’s minds, but how to demonstrate value? As with bikes, some business functions may have lower costs associated with them. Do they deserve less cybersecurity?

We would argue focusing on replacement and loss doesn’t necessarily fit with intelligent organisations; the success of cybersecurity needs to be measured differently. Does it act as a barrier to strategy or an enabler? That’s the real question.

Built from the ground up

In an intelligent organisation, security-by-design needs to be a key driver of business enablement, customer trust and innovation. For this to happen, cybersecurity needs to be seamlessly integrated across people, processes and technology. Developing a strong culture of security awareness and vigilance plays an important part in driving a risk-focused culture and promoting cyber-resilience.

As organisations continue to adopt hybrid working, the cybersecurity of data should be front-and-centre.

As organisations continue to adopt a hybrid working model, the cybersecurity of data should be front-and-centre during the development of all business processes.

When considering doing this within intelligent organisations, it’s clear that two cyber technology trends will dominate.

1 – Automation

Cybersecurity benefits from a reduced need for human intervention, making a whole series of processes more efficient. Today, assessing threats from incoming emails often happens before they reach user inboxes. Such automated detect-and-respond tools are set to grow in use significantly as technology improves.

2 – Artificial Intelligence

All security judgements depend on context. Leaving the windows open in your house is considered acceptable if you are home. Go out, and you’ve created a risk. The windows have, of course, not changed status.

Through artificial intelligence, understanding context is increasingly being automated too. Your team’s routine can be learned, so it’s not just out-of-hours logins that are flagged, but unusual and harder to define out-of-character behaviours too. For example, AI can quickly spot logins that don’t make sense geographically, such as someone logging in in one part of the world but logging off two hours later on another continent. This activity can be flagged as suspicious.

AI means dizzying quantities of threats can be simultaneously tracked, measured, assessed and acted on. Judgement calls can be made, and, perhaps most usefully, false alerts and alarms can be identified. Knowing systems are being monitored intelligently 24/7 leaves people free to be more productive elsewhere.

Security risks will continue to increase while the threat landscape evolves. Intelligent organisations need not see this as a barrier to success but rather can harness the opportunity that comes from it. This can be achieved by building cybersecurity into the fabric of your businesses.

Data privacyOperational agilityRisk managementSecurity

Discover more in