How do we balance innovation with security?

How do we balance innovation with security?

With exponential growth in information technology, IT leaders are still fighting to keep pace with the industry; given its recent turmoil and security bottlenecks that have indeed become a cause for concern in recent times. It would also be right to imply that information security has not enjoyed the same amount of development that IT has enjoyed over the years. Thus, rising institutional problems, coupled with increasing security threats, is enough reason to prompt institutional leaders to act swiftly.

 

Not too long ago, Evernote was “stunned” by reactions of angry users who didn’t take likely the news that Evernote was allowing employees read users’ information and content in a bid to support and test new automation and machine-learning capabilities. Many users echoed that they were willing to quit the service altogether if the privacy of their information cannot be guaranteed, even after Evernote tried to explain that only specific employees would be able to access their files. This is a typical example of a situation where even honest efforts to improve and innovate user experience are sometimes met with strict resistance on the grounds of privacy and security concerns that can bite you in the foot.

 

Subsequently, innovative companies are faced with an arduous task when they try to balance both security and innovation. According to Bill Curtis, SVP and chief scientists at CAST Software – a software measurement and analytics firm, “There is no innate conflict between innovation and security; the tradeoff often comes in speed-to-market versus adequate quality assurance.” Executives will often make a compromise between revenue lost arising from additional testing time against possible loss arising from a security flaw. Bill Curtis believes that “The problem is that they rarely understand the full extent of the damages if a security breach is extensive.”

 

Thus, how do IT experts and developers work hand in hand to create this delicate balance between security and innovation?

 

To begin with, a cordial partnership between IT professionals, IT security and software coders is paramount. This collaboration will go a long way to ensure that security and privacy concerns are deliberated upon at the earliest stage of both development and design. Rather than view security as an impediment to innovation, the partnership should consider security as a key part of the innovation process.

 

According to Ponemon, who reckons that Apple is a noteworthy example, opines that “It starts with the people who are the engineers or the creative people who are developing new apps and new devices; to have them actually think about security as part of their early-stage process during the development cycle.”

 

Security can also be enhanced when a thorough risk assessment of new digital product and application is undertaken from the onset, to enable developers to write a more secure and stable code – with the aim of finding that important equilibrium between innovation and security. However, risk assessments must be carried out in compliance with a set standard; else its efficacy becomes doubtful.

 

In the end, it all starts from the genesis – the collaboration between Software Coders, IT professionals and IT security is the all-important piece to balancing both innovation and security and the latter must be regarded as a critical stage of the former – if the much-needed equilibrium between innovation and security is to be achieved.

 

Source:

https://www.scmagazine.com/innovation-versus-cybersecurity-survival-hangs-in-the-balance/article/665348/

https://er.educause.edu/articles/2015/1/achieving-the-often-delicate-balance-between-technology-and-information-security

Please rate

Comments 

Name
Email
  Ctrl + Enter

Most Read

Suffolk names contractors for £500m construction framework

Suffolk names contractors for £500m construction framework

The new iteration of the framework is valued at £500m and has three separate construction lots and two building services lots.   The aim of the framework is to ensure Suffolk County Council and other public sector organisations in the East of England have a legitimate shortcut for

Yorkshire Water alerts firms to £3bn AMP8 contracts

Yorkshire Water alerts firms to £3bn AMP8 contracts

The organisation is looking to procure an alliance to deliver its stormwater programme, which is expected to be £1.3bn of investment over the next 10 years to reduce sewage overflows into watercourses.   Alongside this, Yorkshire Water is looking to procure two non-infrastructure

MoD names seven for £5bn construction alliance

MoD names seven for £5bn construction alliance

A strategic alliance contract has been signed by the Defence Infrastructure Organisation (DIO) and seven contractors for the design & build elements of a delivery, commercial & procurement strategy process within the Defence Estate Optimisation (DEO) portfolio.   Contractors were

This website uses cookies to enhance your user experience. By continuing to use this site, you consent to our use of these cookies. See our Cookie Policy.