Sponsored Content

SPONSORED CONTENT

Where strategy and security meet: The key to success for SA businesses

Successful businesses have a common denominator: the ability to translate critical insights into business value. This is more important than ever in today’s business landscape.

Organisations need to be able to find and capitalise on the differentiators that set their business apart. Increasingly, that is being driven by technology, which plays a fundamental role in helping industries transform and adapt to both industry and economic pressures.

In this mix, security simply cannot be a roadblock to the rapid digital transformation needed for companies to remain competitive. In fact, it needs to act as an enabler in the world of modern remote and hybrid work, which is increasingly characterised by computing in the cloud and users connecting from anywhere, at any time, and on any device.

This means placing security at the core of business strategy and part of the DNA and fabric of the organisation. Business leaders in South Africa are beginning to recognise the importance of security strategy and are prioritising either the creation or extension of such, as a business imperative. 

The recent IDC Cybersecurity survey commissioned by Microsoft, for example, showed that 40 percent of business leaders identified strategy as key to increasing their security posture and driving overall security transformation. These findings were part of a broader recognition of the need to invest in skilling, building a security culture to increase the understanding of security’s value to the business, as well as driving security awareness.  

Over half – 53 percent – of South African business leaders said skilling is a critical need to increase technical knowledge of cybersecurity, and 49 percent said they were prioritising building a security culture. This is only going to become more of a priority as the threat landscape continues to evolve, becoming more diverse, complex and sophisticated – and as the volume of threats continues to grow exponentially. 

IDC’s Cybersecurity research showed that 50 percent of business leaders are concerned with the consequences of possible security breaches. A prevailing principle of the Zero Trust model that more and more businesses are adopting as a guiding security strategy is to assume breach, as cyber attacks are now a case of when rather than if. 

Against this backdrop, as the pressure mounts for businesses to secure their entire computing landscape end-to-end, business leaders need to actively build a company culture that makes security the golden thread running through business strategy and informing business decisions.

Investing in end-to-end security through people, process and technology

Marrying strategy with capability to drive business value requires investing in the right combination of people, process and technology. What this means is that the technical and cultural side of security needs to be prioritised and evaluated equally: because organisations can have the most sophisticated technology and comprehensive processes in place to monitor, detect and respond to breaches – but if a person gives their password away or clicks on a phishing email, it makes attacks easier and it becomes more difficult to protect the organisation.  

This is where strategy, skilling and culture come in to address the people’s side of the equation. Investing in skilling through both internal and external training courses – including businesses carrying out spoof attacks, such as sending out phishing emails to employees and then identifying where further training is required – can help ensure an overarching culture of being security aware and trained to keep pace with the evolving threat landscape.

These efforts around security strategy and culture need to be matched equally by an investment in technology and process. The ever increasing number of modern businesses moving to the cloud means they are investing in cloud transformation and security as a business strategy.

According to the IDC research, cloud security is a top priority for investment for South African business leaders, with 28 percent of leaders stating they will move to the cloud in order to address security priorities.

This is because cloud security is both automated and intelligent with a growing pool of automated tools and solutions that businesses can add to their security arsenal because they enable intelligent, pre-emptive and real-time monitoring, threat detection and incident response. 

Many of these solutions, which use intelligent tools like Artificial Intelligence to continuously monitor the organisation’s computing environment, and then pick up, triage and act on incidents before they happen, serve as a single pane of glass through which businesses can look at and protect their environment end-to-end.

These tools enable security professionals to focus on security strategy and culture rather than sitting behind a computer watching and managing incoming signals that indicate attacks or zero-day vulnerabilities.

And this is good news for businesses. The sheer volume of incoming signals – Microsoft alone monitors eight trillion every single day – as well as the sophistication of the modern threat landscape, indicate that it would be near-impossible for an individual to be able to adequately protect the business.

The continuing rapid evolution of how businesses operate, and the threat landscape this opens up for them, mean that security is only going to become more critical going forward – and that it has the potential to act as a competitive edge for the businesses that use it as an enabler for continued transformation. DM/BM

 

About Colin Erasmus, Modern Workplace and Security Business Group Lead at Microsoft South Africa

Colin Erasmus started his professional career as an entrepreneur in start-up technology consultancy, and developed niche technologies that are still being used today in the electronic events registration industry.

He is one of a select few privacy certified individuals in South Africa, and assisted in drafting South Africa’s privacy legislation (POPI Bill). Colin has over 20 years of experience with Microsoft that has equipped him with strong business acumen and people management experience. He is an expert in Microsoft Modern Workplace solutions, which help customers improve employee productivity and satisfaction, and create seamless communication and collaboration across locations and platforms while maintaining the security and integrity of systems and data.

Gallery

Comments - Please in order to comment.

Please peer review 3 community comments before your comment can be posted