Security Bandaid

Secure or Streamlined: The Digital Experience Paradox

An untold truth about digital is that the better the experience, the greater the risk.

Based on our research, a large majority of enterprises admitted that their digital transformation efforts frequently traded security for a streamlined experience and quick time-to-market. But behind this choice made at the altar of velocity lies a hidden truth about digital transformation – no matter how carefully projects are executed, delivering a better user experience almost always results in greater digital risk for the enterprise.

Digital Transformation versus Cybersecurity

A recent study we conducted with Frost & Sullivan unsurprisingly revealed that the fastest-growing enterprises have fully embraced digital transformation and are succeeding, relative to their peers, at delivering satisfying experiences to users in the cloud, on the web, and on mobile or IoT endpoints. But this success has come at a price. More than two-thirds of respondents from these organizations admitted that the unrelenting pressure to release new apps or app updates quickly had negatively impacted quality and security.

In addition, among the most advanced companies – digital disrupters heavily invested in modern architectural patterns such as APIs, microservices and containers – almost 90% reported trouble securing these newer technologies. Clearly, businesses are aware that a serious problem exists, and most are struggling with it.

Speed of Releasing New Applications and Updates and the Consequences on Quality and Security

IT-Driven Cybersecurity Solutions are Band-Aids

Since the advent of digital transformation, the most common response to this challenge has been to delegate it to technology practitioners, which seems obvious, since these professionals tend to be subject matter experts on cybersecurity solutions.

The problem is that in the current era, where “every business is digital”, C-level and other business executives still deputize the entire challenge of cybersecurity, seeing it as a “technology problem” rather than as a critical business imperative. Our study found that very few business executives – only 16 percent – even considered security one of their main challenges. Even more surprisingly, among IT professionals, only a third listed cybersecurity as one of their top 3 challenges.

Cybersecurity a Top Challenge for Organizations by Business Function

Our conclusion is that security is most often viewed within the enterprise as “someone else’s problem”, to be solved via tactics and point solutions rather than as a business strategy. But as we navigate an era where a single breach or incident can result in massive liabilities, multi-billion dollar fines, new government regulations, and material impacts on a company’s value, this thinking must change.

The Better the Experience, the Greater the Risk

One of the most compelling reasons that key executives must be involved in cybersecurity decision-making lies in this paradox – delivering a better digital experience in terms of convenience, reduced friction, and customer satisfaction almost always leads to substantially increased exposure to digital risk. This is because current products and services tend to require the collection, storage and processing of vast amounts of sensitive, private information – PII, locations, conversations, behavior, preferences, transactions, financial, and health information. Against this backdrop, brand reputation, consumer trust, and regulatory compliance today are largely factors of how well an enterprise can maintain custody of this data once collected. Breaking this down further, executives must consider and balance this paradox from several different perspectives:

More Data, More Risk

Personal information is often the key to delivering compelling, convenient digital experiences. But individual data elements are also liabilities for as long as they are held, with potential reputational, financial, and legal costs should the enterprise ever lose control of them. Failure to consider these costs strategically can amplify security incidents, as was the case in the recent Capital One data breach, which was made far worse due to the likely-unnecessary storage of seventeen years’ worth of credit applications in a live production system.

More Partners, More Risk

Once data is collected, the “magical experiences” that today’s users demand often require additional processing or supplementary services beyond the ability of any one enterprise to deliver on its own. Examples are everywhere, from mapping and social network integration to outsourced natural language processing, fulfillment, and delivery. Yet every partner that must be integrated to deliver a digital experience substantially increases the cybersecurity threat perimeter for the originating enterprise – and business executives need to be aware of this as another potential liability to be factored into their decision-making.

More Scalability, More Risk

Every enterprise is in the cloud today, and for good reason – the cost-effectiveness, agility, and scalability afforded by today’s infrastructure options are unbeatable. But migrating storage and processing to the cloud often increases operational complexity – and thus data risk – in unexpected ways. In their rush to reduce costs and overhead, many executives fail to appropriately budget and account for increased liability in domains such as privileged access. When business executives choose to collect highly personal information to deliver a digital experience, it is vital that they work with technology practitioners to fully consider the entire lifecycle of that data – no matter where it is stored, processed or transferred.

A New Hope: Consistent Security Across the Digital Experience Lifecycle

To tackle these problems successfully, C-suite and business executives should elevate cybersecurity concerns to the same strategic level as their customer experience – considering both sides equally as they work through the infrastructure and processes needed to deliver a desired digital product or service throughout its design, development, and operation.

Our team models this pipeline as an eight-stage Digital Experience Lifecycle, through which all digital experiences must continuously flow as they are created and iterated.

The Digital Experience Lifecycle

It’s essential for executives seeking to build trust and reduce risk in their digital transformation efforts to carefully consider cybersecurity and privacy throughout the digital experience lifecycle. Questions such as “do we really need to collect this particular data from customers”, “how long should we keep it”, and “who should be able to access this and how?” should be continuously asked – not just by IT practitioners, but by business executives whose P&L could be drastically affected by the answers.

At Broadcom, we believe that the best technology approach for large, complex enterprises is to seek or build an enterprise-wide platform specifically designed to protect data within the context of the entire digital experience lifecycle, rather than leaving it to IT to tackle individual challenges in separate silos such as identity, authentication, privileged access, and API security. We call this building a new architecture of trust, and I invite you to learn more about it in our short solution brief and two minute video.

About the author

David Chiu is a product marketing principal at Broadcom, specializing in digital business transformation, security and ecommerce. He has spent the past 20 years consulting with and bringing innovation to Global 1000 brands at leading technology companies, ecommerce platforms, and digital agencies including Publicis and McCann. Today, David works closely with our Layer7 product team in Vancouver, Canada.

Comments

  1. Hey would you mind stating which blog platform you’re using?
    I’m looking to start my own blog soon but I’m having a hard time deciding between BlogEngine/Wordpress/B2evolution and Drupal.
    The reason I ask is because your design and style seems different then most blogs and I’m looking for something
    completely unique. P.S Apologies for being off-topic but I had to ask!

  2. Admiring the time and energy you put into your blog and in depth information you offer.
    It’s awesome to come across a blog every once in a while that isn’t the
    same outdated rehashed material. Wonderful read! I’ve bookmarked your site and I’m adding your RSS feeds to my Google account.

  3. Hello i will present for you, instagram viewer service.
    You can download images and videos from open instagram accounts.
    You can be ananonimys and watch instagram stories. Enjoy

  4. Its such as you learn my thoughts! You seem to know so much
    approximately this, such as you wrote the guide in it or
    something. I think that you just can do with a few
    p.c. to pressure the message house a little bit, but instead of that, that is magnificent
    blog. A great read. I will certainly be back.

  5. Hiya! I know this is kinda off topic but I’d figured I’d ask.
    Would you be interested in exchanging links or maybe guest writing a blog article or vice-versa?

    My blog goes over a lot of the same subjects as yours and I feel we could greatly benefit from each other.
    If you are interested feel free to shoot me an e-mail.
    I look forward to hearing from you! Excellent blog by the way!

  6. With havin so much content and articles do you ever run into any issues of
    plagorism or copyright violation? My blog has
    a lot of completely unique content I’ve either written myself or outsourced but it seems a lot of it is popping
    it up all over the internet without my permission. Do you know
    any methods to help reduce content from being ripped off?

    I’d definitely appreciate it.

  7. Howdy just wanted to give you a quick heads up. The text in your post seem to be running off the screen in Firefox.
    I’m not sure if this is a format issue or something to do with browser
    compatibility but I thought I’d post to let you know.
    The layout look great though! Hope you get the problem fixed soon. Many thanks

  8. I do agree with all the ideas you’ve presented on your post.
    They are very convincing and will definitely work.
    Still, the posts are too short for starters.
    May just you please extend them a little from
    next time? Thanks for the post.

  9. I’m not that much of a internet reader to be honest but your sites really nice, keep
    it up! I’ll go ahead and bookmark your website to come back down the road.
    Cheers

  10. Nice weblog right here! Also your web site a lot up very fast!
    What host are you the use of? Can I get your affiliate link on your host?
    I wish my site loaded up as quickly as yours lol

  11. Admiring the dedication you put into your
    site and in depth information you provide. It’s great to come across a blog every once in a while that isn’t the
    same outdated rehashed material. Fantastic read! I’ve saved your
    site and I’m including your RSS feeds to my Google account.

  12. Hey there! This is kind of off topic but I need some advice from an established blog.
    Is it tough to set up your own blog? I’m not very techincal but I
    can figure things out pretty fast. I’m thinking about setting up my own but I’m
    not sure where to start. Do you have any tips or suggestions?
    Thank you

  13. Pretty nice post. I just stumbled upon your weblog and wished to say that I’ve truly
    enjoyed surfing around your blog posts. After all I will
    be subscribing to your feed and I hope you write again soon!

  14. wonderful submit, very informative. I ponder why the opposite specialists of this sector don’t realize this.
    You must continue your writing. I am sure, you’ve a great readers’ base already!

  15. My spouse and I stumbled over here different web address and thought I might check things
    out. I like what I see so now i am following you. Look forward to looking over
    your web page again.

  16. I simply couldn’t leave your website before suggesting that I
    extremely enjoyed the usual information an individual supply
    to your visitors? Is going to be again often in order
    to check out new posts

  17. Hmm is anyone else encountering problems with the
    images on this blog loading? I’m trying to find out if
    its a problem on my end or if it’s the blog. Any feedback would be greatly appreciated.

  18. I am curious to find out what blog platform you happen to be working with?
    I’m having some small security issues with my latest blog and I’d like to find something more safeguarded.
    Do you have any solutions?

  19. Woah! I’m really enjoying the template/theme
    of this website. It’s simple, yet effective.
    A lot of times it’s very difficult to get that “perfect balance” between superb
    usability and visual appearance. I must say you’ve done a superb
    job with this. Additionally, the blog loads super quick
    for me on Firefox. Exceptional Blog!

Leave a Reply

Your email address will not be published.