The Next Normal Brings Opportunities and Challenges for the CISO
“No one envisioned this happening.” That may be an understatement for the unprecedented and historic period we’re living in.
Now, as the world attempts to reopen and businesses plan for their next normal, the question becomes, “How do we reduce the risk of something bad like this happening to us again?”
The answer to this question is complicated, but one thing is certain: The world is going to be more digital. Entering the New Year, there was already growing momentum for digital transformation across the business landscape. In fact, before the disruption, according to Mckinsey a resounding 92 percent of organizations thought their business models needed to change to adapt for the digital economy. Fast forward several months, it’s likely that nearly all businesses are now considering or planning for some type of transformation.
Will Lin, partner and co-founder at ForgePoint Capital, sits at a unique nexus. As a strategic advisor and investor, he interacts with an array of C-Suite leaders and decision makers daily. During a recent conversation, Lin shared with us how the on-going disruption is likely to shape the future of businesses, and what it means for security leaders.
“For the first time, I’ve seen strong alignment between the business units, the CIO and the CISO,” Lin said. Historically, there was “healthy tension” between these functional groups as each had competing priorities. Amid an unprecedented time, though, the alignment among leaders has become crucial for maintaining business operations and addressing future continuity and resiliency planning.
Further, in a world where remote work is becoming normalized, and in some cases a permanent function, it’s giving the CIO and CISO a reason to rethink their investments. Lin says many “now feel less obligation to legacy [technology] that has zero value to them in this new work from home world.”
Over the next 12 to 18 months, Lin is tracking three trends that he believes will shape the narrative for the future of business:
Public cloud becomes a staple of business operations. Although it’s “been around for a decade,” Lin says many still rely on a hybrid environment. However, “there’s increasing appetite to move things from mainframes to public cloud environments.” Lin says some organizations will look to double, or even triple, their use of public cloud over the next six to 12 months. This will create incredible security risks and vulnerabilities. He expects a “new category of solutions” will be established to help businesses securely accelerate their journey to the cloud.
Innovation around data security. As an investor, Lin says he has not seen a lot of innovation in the DLP market, which is surprising considering that data is the currency of the digital economy. He says many of the tools and solutions he sees the enterprise rely on are decades old. He believes innovation in this space will be generated by demands from the security and risk community.
A return to the basics. Sometimes, what is old is new again. Lin says many of the problems he sees organizations facing “have been true since the beginning of the Internet.” The difference is that they need to be adapted for a dynamic workforce and modern business. Expect to see the creation of new categories or solutions that are “rooted in concepts that have been around for a while,” theorizes Lin.
Amid a crisis, it’s hard to envision what the future will hold. That said, this period has become a “learning opportunity for all of us,” says Lin. The way products are built, marketed and deployed will change. All businesses will need to become digital, believes Lin, and he believes security must be alongside that journey. The failure to do so will create vulnerabilities and greater opportunities for bad actors to exploit valuable data.
What will your future hold?