DCL Connecting talent
  • Virgin
  • SingTel
  • Tata
  • Nebulas
  • CNS
  • Secure Data
  • Telstra Global
  • Telecity
  • KCOM
Comments Off on Success of IT Security is Beyond Just Breaches and Compliance

Success of IT Security is Beyond Just Breaches and Compliance

Posted by Admin | November 29, 2016 | IT Security

Firms are measuring the success of IT security beyond just breaches and compliances, a global study from CA Technologies finds. They are now including business performance indicators that contribute directly to revenue growth, with 87 percent of firms in Asia Pacific & Japan (APJ) agreeing that the role of security is to enable them to enter new markets and deliver services in new ways.

The study, The Security Imperative: Driving Business Growth in the App Economy, polled 1,770 senior business and IT executives, of which more than 100 are chief security officers and chief information security officers. 799 of the respondents were from countries in the APJ region, including Australia, China, Hong Kong, India, Indonesia, Japan, Malaysia, Singapore, South Korea and Thailand.

The majority of survey respondents said that IT security, specifically identity-centric security, needs to do more than protect the business in today’s environment – it needs to help build trusted digital relationships that are critical for competing in the application economy and growing the business.

The report shows that  87 percent of respondents said that there is a need to balance strong security with enabling their business to enter new markets and deliver services in new ways. Eighty-five percent said that identity-centric security is critical to the business, while  84 percent said that security needs to be frictionless and not over burden the user.

A majority (83 percent) also said that security is critical to protecting the brand and can be viewed as a competitive differentiator; and that more than 70 percent of respondents are using metrics such as digital reach, operational or process efficiency, business growth, customer satisfaction, and a number of compliance audit failures.

“For digital businesses to thrive in the application economy, they need to drive new business models and participate in new connected eco-systems of value,” said Stephen Miles, chief technology officer, APJ, CA Technologies. “A good identity-centric security strategy enables a business to accelerate that objective with the confidence that great customer experiences are delivered, whilst mitigating risks and protecting the business. To ensure a successful digital journey, identity-centric security needs to be incorporated at the start as a core technology enabler rather than bolted on as an IT afterthought.”

Identity-Centric Security Decreases Data Breaches

The study also examined respondents’ current security postures in three areas of identity-centric security: the end-user experience, identity and access management, and data breaches. This information allowed CA and Coleman Parkes, who conducted the study, to create a maturity model for identity-centric security, categorizing respondents as advanced, basic or limited.


Overall, the APJ results categorized the majority of respondents as basic users of identity-centric security (64 percent), with a focus on core capabilities such as password management, single sign-on and some analysis and reporting. 28 percent were categorized as advanced users, engaging in capabilities such as adaptive security and behavior analytics, and consistent omni-channel security support.

Advanced users report more significant results

While all users in APJ saw improvements in their business from security initiatives, the survey showed that advanced users generally reported more significant results especially in areas of customer experience, business operations and security.


Advanced users saw a 58 percent improvement in business growth and new revenue compared to 44 percent for basic users. Fifty-eight percent of advanced users reported improvement in employee productivity versus 44 percent of basic users.

Advanced users also reported a 49 percent improvement in number of compliance audit failures as compared to 38 percent for basic users. And when it comes to security, almost thrice as many advanced users of identity-centric security have seen a reduction in data breaches compared to basic users – 35 percent versus 12 percent.

Notably, most advanced users of identity-centric security in APJ that have seen a decline in breaches have been much more proactive in preventing them through increased investment (86 percent), focusing on mobile devices and apps (82 percent), implementing strong step-up authentication (73 percent), and focusing on high-risk areas like privileged identities and access (68 percent).

Source: networksasia

100 total views, 1 today