Organizations today are larger and more complex than ever before, but they also face greater challenges than their historic counterparts. The advancements in technology, while a great boon for business, have also created a new vector from which malevolent entities may attack an organization. While the protection of sensitive information has always been important, cybersecurity is now a critical aspect of organizations’ efforts because of this new attack route. But as organizations, how do we create growth and advance security, while also protecting public safety and individual privacy?
The answer to that question lies in a framework of the three Ts of today’s digital economy: technology, threat and trust.
The prolific nature with which we can now communicate and share information with one another, in addition to building organizations without the need for even a physical footprint has entered us into a new golden age of business. But that same technology – the first “T” – that has granted us this ability has a dark side. “It’s enabled a new class of bad actors to take advantage of security holes in these platforms, creating new risk in the form of cyber threat – the second ‘T.””
The result of these threats are the now-well-known data breaches each of us has experienced. Because of the ramifications, the third “T,” trust, has begun to falter with consumers’ trust in their governments, businesses, and even themselves. “Trust is fundamental to the sustained creation of growth while properly addressing security and privacy concerns.” Without this trust, the likelihood of growth diminishes drastically.
The good news is that we have risen to these challenges and have accepted that appropriate and effective cybersecurity must be an integral part of an organization’s structure if it is to succeed.
“[Organizations] are now genuinely concerned about addressing the issue not in terms of compliance or as in removing an irritant, but addressing the issue as essential to success going forward.” – General Michael Hayden, Former Director of the Central Intelligence Agency and the National Security Agency
Rather than simply resort to fearing what may happen if a threat occurs, organizations must see it instead as an enabler of the business. Proactively knowing who has access to what applications and data can help with not only protecting important and sensitive information against attackers, but simultaneously easing the business users’ frustrations. Creating an identity-aware security ecosystem – one that knows all the information about which identities have access to which applications and data – and using the information that this ecosystem gathers helps organizations better protect their sensitive data.
“With contextual identity, you can empower people more immediately and more effectively and then have the ability to better maintain what they need access to in terms of the toolset. This becomes a key driver and competitive differentiator. Also, if you can empower someone quickly, you can also shut them down quickly. The same infrastructure is required to do both. So there’s great leverage in turning on this enhanced service to then use for enhanced vigilance.” – Joe Gottlieb, SVP of Corporate Development, SailPoint
With a strong cybersecurity system with identity-aware contextual data, organizations can not only better protect what they most hold dear – their sensitive data – but also empower their business users. The simple fact is that identity is everything; you must secure it, manage it, and envelop it into the center of your security endeavors if you want your organization to succeed.
The Chertoff Group recently held an event that focused on how businesses are handling the “Three Ts of the Digital Economy.” You can download a report with insights from industry experts from that event here.