Building information security into business from the start

Heather Lowrie at the University of Manchester explains the importance of ‘shifting left’ from a cyber-security perspective

 

For many years, cyber-security was seen as a bolt-on. It was the nuisance department siloed within IT that employees dreaded hearing from. They knew that a call from the security team meant an inconvenient password reset or an update to systems that would lock them away from their work for hours. 

 

Security had a bad rep. It slowed things down and hindered productivity.

 

It is this notion that landed security its position as one of the last considerations in the enterprise ecosystem. 

 

When new tools and services were introduced into businesses, integration came first, followed by employee training, then somewhere far, far down the line, security was called in. It was an afterthought and an unnecessary holdup to innovation.

 

But unfortunately, businesses learned the hard way that placing security so late down the line exposed them to cyber-risks. 

 

All the tools and services that had been introduced into the corporate network, without security in mind, provided an orchard of low-hanging fruit to adversaries. Suddenly. organisations discovered hundreds of unsecured devices, forgotten servers and shadow IT that lurked out-of-sight, and out-of-mind, putting them at serious risk of cyber-attack. 

 

Fast-forward to today and fortunately, this ethos has completely evolved.

 

Today, many forward-thinking organisations are recognising the benefits of ‘shifting left’, where they are prioritising security from the very beginning of business projects.  

 

These businesses have come to realise that secure organisations are more prosperous, have a greater competitive advantage and are the preferred choice for customers and partners. 

 

They too have recognised that security should be a business enabler, where it is routinely embedded into all enterprise departments and processes to enhance resilience and safeguard the future of the business. 

 

At this year’s DTX Manchester, we will be discussing why organisations must ensure that security keeps pace with digital transformation, where it no longer delays important initiatives but safeguards and accelerates them to guarantee success.

 

We will talk about why security must be embedded into business processes, not only to meet regulatory compliance requirements but to improve their resilience against the increased threat of cyber-crime. And we will provide best practices on ‘shifting left’ and how organisations can build a security conscious culture, where cyber-security is part of their fibre and built into their DNA.

 

Security is no longer a bolt-on: it’s a necessity. It’s a business advantage which can determine the success or failure of any organisation. 

 

It’s time for businesses to get proactive. 

 

---

 

Heather Lowrie is chief information security officer at the University of Manchester. Join her at DTX Manchester on Wednesday 22 May where she will explain that to survive in today’s hostile digital world, it is essential that security moves at the speed of modern businesses, enabling them, supporting them and safeguarding their future

 

Main image courtesy of iStockPhoto.com and BlackJack3D