Study by CA Technologies also highlights how adoption of advanced security, especially identity-centric security, is critical for digital transformation
India, November 24, 2016 – Firms are measuring the success of IT security beyond just breaches and compliances, a global study from CA Technologies (NASDAQ: CA) finds. They are now including business performance indicators that contribute directly to revenue growth, with 87 percent of firms in Asia Pacific & Japan (APJ) agreeing that the role of security is to enable them to enter new markets and deliver services in new ways.
The study, The Security Imperative: Driving Business Growth in the App Economy, polled 1,770 senior business and IT executives, of which more than 100 are chief security officers and chief information security officers. 799 of the respondents were from countries in the APJ region, including Australia, China, Hong Kong, India, Indonesia, Japan, Malaysia, Singapore, South Korea and Thailand.
The majority of survey respondents said that IT security, specifically identity-centric security, needs to do more than protect the business in today’s environment – it needs to help build trusted digital relationships that are critical for competing in the application economy and growing the business.
- 87 percent of respondents said that there is a need to balance strong security with enabling their business to enter new markets and deliver services in new ways.
- 85 percent said that identity-centric security is critical to the business.
- 84 percent said that security needs to be frictionless and not over burden the user.
- 83 percent said that security is critical to protecting the brand and can be viewed as a competitive differentiator; and
- More than 70 percent of respondents are using metrics such as digital reach, operational or process efficiency, business growth, customer satisfaction, and a number of compliance audit failures.
“For digital businesses to thrive in the application economy, they need to drive new business models and participate in new connected eco-systems of value,” said Stephen Miles, chief technology officer, APJ, CA Technologies. “A good identity-centric security strategy enables a business to accelerate that objective with the confidence that great customer experiences are delivered, whilst mitigating risks and protecting the business. To ensure a successful digital journey, identity-centric security needs to be incorporated at the start as a core technology enabler rather than bolted on as an IT afterthought.”
Advanced Use of Identity-Centric Security Reaps Business Benefits and Decrease in Data Breaches
The study also examined respondents’ current security postures in three areas of identity-centric security: the end-user experience, identity and access management, and data breaches. This information allowed CA and Coleman Parkes, who conducted the study, to create a maturity model for identity-centric security, categorizing respondents as advanced, basic or limited.
Overall, the APJ results categorized the majority of respondents as basic users of identity-centric security (64 percent), with a focus on core capabilities such as password management, single sign-on and some analysis and reporting. 28 percent were categorized as advanced users, engaging in capabilities such as adaptive security and behavior analytics, and consistent omni-channel security support.
While all users in APJ saw improvements in their business from security initiatives, the survey showed that advanced users generally reported more significant results especially in areas of customer experience, business operations and security:
- Advanced users saw a 58 percent improvement in business growth and new revenue compared to 44 percent for basic users.
- 58 percent of advanced users reported improvement in employee productivity versus 44 percent of basic users.
- Advanced users reported a 49 percent improvement in number of compliance audit failures as compared to 38 percent for basic users.
- And when it comes to security, almost thrice as many advanced users of identity-centric security have seen a reduction in data breaches compared to basic users – 35 percent versus 12 percent.
Notably, most advanced users of identity-centric security in APJ that have seen a decline in breaches have been much more proactive in preventing them through increased investment (86 percent), focusing on mobile devices and apps (82 percent), implementing strong set-up authentication (73 percent), and focusing on high-risk areas like privileged identities and access (68 percent).
Resources
- The Security Imperative: Driving Business Growth in the App Economy
- The Security Imperative Infographic
Firms in Asia Pacific & Japan See Security’s Key Role as Business Enabler
Firms in Asia Pacific & Japan See Security’s Key Role as Business Enabler