heart shaped lock
Information security teams should switch their focus from preventing data breaches to facilitating internal processes and delivering superior products PHOTO: Antranias

Say "Silicon Valley startup" and people think innovation. And innovation for many is synonymous with the creed, “Move fast and break things.” 

But when Zenefits was caught up in a regulatory scandal, the company reinvented itself with a culture of compliance to regain consumer trust in its software. Companies pursuing innovation and agility are now investing in trust as a competitive differentiator.

Trust: The New Competitive Edge

Asking customers to share their data and asking business executives to rely on new technologies requires a leap of faith. Trust, compliance and privacy are the foundations of competitive differentiation in the digital age. 

Cybersecurity always lags behind new product features, but critical failures have forced a reevaluation of priorities. Attacks on critical infrastructure, from nuclear plants to voting machines, have brought cybersecurity to the forefront for consumers. 

On the corporate side, companies in all industries are forming strategies around cloud and IoT. The ability to execute on information security and privacy assurances will determine whether their use of these emerging technologies is a catalyst for success or failure. 

With nearly every company leveraging the internet for processes, services and channels, cybersecurity has become a business imperative. 

Bad Cybersecurity Is More Expensive Than Ever

Digital supply chains, connected products and data collection and analytics means companies have a harder time protecting confidential data and more to lose when they can’t. The cost of a data breach has arguably remained below the rate necessary to change behavior — or perhaps companies just underestimate the fallout. 

Either way, the cost of a data breach has risen — and will continue to do so. Regulators are taking a firmer stance on cybersecurity lapses, led by the European Union's General Data Protection Regulation

The new law will raise maximum fines and expand liability to any company holding data on EU citizens. TalkTalk, a UK telecomm company, suffered a record fine, plus a 4.4 percent loss in market share and an 11 percent stock price decrease tacked on to the cost of the data breach. In the cases of TalkTalk and Yahoo, security failures have also threatened vital mergers and acquisitions activity, with Yahoo forced to take a $350 million price cut from Verizon after the revelation of two record-breaking breaches.

Consumers have grown weary of hackers stealing their information, forcing companies to factor in the costs of lost revenue. Twenty percent of consumers claim they will stop shopping at a retailer if they learn the company suffered a data breach, and an additional 49 percent would wait six months for trust to be restored. 

While customer databases make up the majority of the volume of stolen data, corporate espionage and intellectual property theft threaten competitiveness, the lack of which is devastating to any company. 

Infosecurity: A Business Manager’s New Best Friend

For decades, IT security held the reputation as the “Department of No.”

Now security teams who can consciously say “yes” are moving the needle for their organizations. If a company wants to eliminate all of their data centers by 2018 to take advantage of the cost benefits of cloud, they need to first address the security needs. If an airline’s connected devices can disrupt flights, IT is responsible for preventing malicious or accidental outages. If developers across global offices need to collaborate on a code repository platform to meet the development schedule, IT needs to enable a solution. 

As information technology becomes a core competency for companies in all industries, the Chief Information Officer (CIO) has stepped into the COO’s role, and the Chief Information Security Officer (CISO) has replaced the CIO. Cybersecurity has a strategic role in driving competitive advantage on two fronts: internal operations and external products. 

A business-friendly IT security department can reduce operational costs, increase efficiency, and even help attract and retain talent. Take the example above of eliminating data centers, or imagine a global pharmaceutical company that needs a secure platform to communicate with hundreds of thousands of sales contractors worldwide. Cybersecurity teams who solve the tough puzzles will keep their companies agile and competitive in the digital age. 

On the consumer-facing side, cybersecurity has become an integral component of product design. Just as pizza consumers might decide between Dominos and Pizza Hut based on the usability of their pizza apps, banking customers may opt for the provider with superior cybersecurity capabilities. 

The same goes for healthcare providers, payment applications and even social media. Successful cybersecurity departments not only deliver more secure products, but they also influence the speed of product and application development. 

The industry still has a long way to go in certain emerging technologies like IoT. The Mirai botnet conducted a record-breaking DDoS attack last September by exploiting IoT devices set to the default passwords. Yet market forces will hold providers accountable for security moving forward, especially now that the Mirai attack has drawn attention to the vulnerability. Seventy-four percent of millennials and 63 percent of Gen Xers would use more IoT devices if they had greater cybersecurity assurances. 

A New Day for Information Security Teams

Cybersecurity has arrived as a core competency for any company leveraging technology internally or in their products — in other words, almost every organization. 

By shifting their longstanding focus on preventing data breaches to one that facilitates internal process and delivering superior products, information security teams will help their organizations stay competitive. Instead of being the target of blame, IT security can now share in the front-office glory of their company’s success.