Digital transformation is unstoppable and affects every industry and business, according to KuppingerCole principal analyst Martin Kuppinger (pictured).
“This means all organisations need to understand what they need to do to mitigate the risks,” said Kuppinger.
He used his keynote to outline eight “fundamentals” for digital risk mitigation in the age of digital transformation.
Realising that digital transformation affects every organisation, and that there is a need to think of new business models, is the first fundamental, said Kuppinger.
“Just think about smart manufacturing, smart wallets, smart vehicles, smart homes, smart grids, e-books, digital music, online retail and online payments,” he said.
The second fundamental is that digital transformation is here to stay. Kuppinger said this cannot be dismissed as a passing fad.
“Digital transformation is inexorable. It is changing a lot of things. It is changing products, but is also giving rise to associated services that are becoming almost more important,” he said.
Read more about DevOps
- DevOps proponents explain why the nascent movement to integrate development and IT operations staff pays security dividends
- DevOps will shift from being a niche approach to application development and deployment, and move into the mainstream
- More companies are turning to DevOps to help develop, provision and mange mobile applications
Once again, Kuppinger said this means business models will need to change, and this in turn will necessitate organisation changes.
“Organisational change is a real challenge, but it is necessary as ecosystems change and new partnerships are formed,” he said.
Kuppinger noted that digital transformation is typically associated with the IoT, but he said this transformation is already in so many industries without any connected things.
“Fundamental number three is that the digital transformation is more than just the IoT," said Kuppinger.
For example, smart manufacturing is about connecting manufacturing environments and this operational technology is not part of the IoT.
“Connecting things for the sake of connectivity does not create business; it is the change in business models and the services that make the business, and most businesses providing things will earn more with services than with the things,” said Kuppinger.
“It is therefore important for organisations to understand what they need to do to change, because there is no success without agility, which relates to fundamental number four, which is that digital transformation mandates organisational change,” he said.
This refers to the need for organisations to re-invent themselves and be innovative through a process of continual improvement.
However, Kuppinger said he does not believe in DevOps without the security component being built in, so it should always be a question of “DevSecOps”, he said.
Aim for business/IT integration
The goal, said Kuppinger, should be business/IT integration, which goes beyond the concept of business/IT alignment.
In future we will see new roles within organisations such as business development officers to drive innovation
Martin Kuppinger, KuppingerCole
“In future we will see new roles within organisations such as business development officers to drive innovation,” he said.
Kuppinger also expects that while CIOs will continue to manage traditional business IT, CISOs will oversee the overall picture. “There will be no room for IT silos in future,” he said.
Fundamental number five is that everything and everyone will become connected. “This means identity, managing relationships and security communications will become very important in future,” said Kuppinger.
The sixth fundamental, he said, is that security and safety is not a dichotomy.
“Operational technology [OT] security relates to the safety of humans and equipment, while IT security relates to confidentiality, integrity and availability; but organisations need both, so companies will need to merge OT and IT,” said Kuppinger.
“Fundamental six means that it is not about safety versus security, it is about safety and security,” he said.
According to Kuppinger, security is a risk as well as an opportunity, and therefore, implementing information security as a business value is his seventh fundamental for digital risk mitigation.
“Security is an opportunity because it can enable agility and foster innovation, it can enable connected enterprises, it can mitigate risk in products, it can help reduce costs, and it can support collaboration to give a few examples,” he said.
Finally, Kuppinger said fundamental number eight says that identity is the “glue” and access control is what companies need.
“Business need to manage and relate all the identities of humans, things, apps, devices, and services, and their access to succeed in the digital transformation,” he said.
KuppingerCole’s eight fundamentals for digital risk mitigation
1. Digital transformation affects every organisation
2. Digital transformation is here to stay
3. Digital transformation is more than just the IoT
4. Digital transformation mandates organisational change
5. Everything and everyone is becoming connected
6. Security and safety is not a dichotomy
7. Security is a risk and an opportunity
8. Identity is the glue and access control is what companies need