For more than a decade as a Gartner Analyst , I’ve been talking about technology’s ability to transform, first the front office of the enterprise and lately markets, cultures and experiences. What we have witnessed in that time is frankly a miracle of technology powered growth and innovation.
It is safe to say that digital technologies have enabled enterprises to both scale their value proposition, and their scale their effectiveness & efficiency in executing that mission asymmetrically to any other investments. Or as I posed to the leader of a university recently: Say your board wanted you to grow the student population by 10X while only spending 10% more in budget, how would you do that? Clue: it’s not building more classrooms.
Digital scales asymmetrically, This is well established by now. What we need to come to terms with is that Digital Also comes with a kaleidoscope of asymmetric threats: CyberWarfare, CyberActivism, CyberCrime or (someone stop me –I’m really doing this), CyberWAC.
And here’s what’s really ‘WACk’ about that (I’ll stop I promise). Is that these risks and their associated costs, factor almost nowhere in day-to-day business decision making. As digital business pioneers build entire business models on the back of collecting customer PII that turn our data centers into goldmines for hackers. Worse yet we encourage and enable business practices that increase our customers’ susceptibility to social engineering and phishing attacks.
Today, none of the great ideas digital visionaries have can become real if we don’t get the cyber right. Which is why I’m making the move from envisioning the future to focusing on how to make it real. And this (not even I can call it “cyberWAC” again (thank you -ed)) is the defining technology issue of our era, and I don’t believe that it’s unsolvable.
- We need to invest in developing an “outside in” understanding of the business, to ensure that our cyber strategies meet business strategy where they are, rather than us chasing them, or worse yet, the business chasing us.
- We must focus FIRST on changing mental models, to make awareness of the embedded risks of Digital Business a part of every business decision, and then applying appropriate controls.
- We need to focus on our adversaries, understand their intentions and aims, and develop strategies that directly confront those rather than simply try and manage vulnerabilities.
This journey isn’t as new or novel as it might seem. The introduction of moving assembly lines, mass manufacturing, lean / agile supply chains give us a clue. We have spent the past 115 years perfecting the management of machine & asset lifecycles and predictive maintenance — this is not fundamentally different than the discipline of cyber hygiene. It is still just making sure that the means of digital production are available and operating at peak efficiency.
Of course, it is the addition of external threat actors & nation-states that complicate this beyond simple asset lifecycle management, and why I’m attracted to this field of research! I look forward to continuing this journey with you and what we discover along the way.
The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.