Welcome!

@DevOpsSummit Authors: Pat Romanski, Zakia Bouachraoui, Liz McMillan, Elizabeth White, Yeshim Deniz

Related Topics: @DevOpsSummit, @CloudExpo, Cloud Security

@DevOpsSummit: Blog Post

Click the Refresh Button on IT Security By @JackieKahle | @CloudExpo [#Cloud]

Today’s business leaders are pressured to rethink their IT security strategy to thrive in the application economy.

The security landscape is evolving more than ever before – not only must chief information security officers (CISOs) deal with constant increasing cyber-attack threats and security breaches but they must keep up with mobility trends and concerns about access to data and protecting identities. Mobility is growing at a fast pace, and though it may be easy to construct more barriers to data access, there are much more effective approaches.

A new research report by Vanson Bourne sponsored by CA Technologies dives into the security practices within large enterprises. Survey participants include 142 CISOs and CSOS totaling to 1,425 senior IT and business executives globally. The survey results identify a large shift in security priorities and investments as the application economy makes its way to the forefront while also revealing some remarkable benefits.

Consumer capabilities marks new security concerns
It is not surprising that the survey identified security as the top obstacle to becoming more effective in the application economy – No. 2 overall and No. 1 in industries such as retail and financial services. More interesting is the fact that, “improving the mobile customer experience,” is now enterprises’ No. 2 security priority – second only to protecting against data breaches (see Fig. 1). In addition, 49 percent say that mobile apps and devices are having a big or significant impact on security policies and practices for their external customers.

The relentless pressure to release new mobile apps and services faster has also increased the importance of API’s as a way to expand the ecosystem of complementary services that can enhance your apps and open up new markets and customers. In fact, 79 percent of the survey respondents say they open access to their API’s to customers, partners or suppliers. But this also means you need to secure these API’s to prevent unauthorized access, monitor data usage and block hacker attempts.

Security is not  only about control (at least it shouldn’t be)
CA Technologies has long been explaining why CSOs and CISOs need to move beyond a security culture of just saying, “no,” to one in which the business’s need for more open and expansive access is addressed through smarter approaches such as identity self-service, transparent risk modeling and secure APIs.

Fortunately, today’s IT and business leaders are definitely moving in that direction. Almost half (47 percent) of respondents now say that security is either entirely or mostly about enabling the business or must be in balance with ‘control.’ Only 17 percent believe it is entirely about control (see Fig. 2).

Perhaps because of the increased challenges these new priorities bring, organizations are also planning to significantly increase the percent of IT spending devoted to security. Globally, this percent is expected to grow from 18 to 25 percent in three years’ time. The retail industry is leading the way, growing from 19 to 27 percent, followed by healthcare growing from 18 to 26 percent.

The business results don’t lie
Between 79 and 94 percent of respondents have already seen or expect to see significant benefits from their security initiatives, including fewer security breaches (94 percent), improved customer satisfaction (87 percent), more customers (86 percent), and increased revenue (78 percent). Those reporting they have already seen such benefits were then asked if they could quantify the improvements, and the results are remarkable. In addition to fewer breaches and more control, the business can cheer the 20 percent revenue increase from new services enabled by security and 21 percent more customer using their apps and services (see table below).

Security Benefit/Result

Improvement

Improved customer satisfaction and trust in our products/services

23 percent

Increase in number of customers using our apps/services

21 percent

More accountability and control

21 percent

Increased revenue from new services enabled by improved security

20 percent

Increased user productivity and business flexibility

19 percent

Fewer security breaches

17 percent

This global survey clearly shows there is no doubt that the new application economy requires new approaches to IT security. There are several concrete steps businesses can take to start to reframe and modernize their security practices and policies. The new report,  "8 Steps to Modernize Security for the Application Economy", outlines several of these, including the importance of understanding the customer experience, reassessing your current approach to mobile security, opening (and securing) access to your API’s and investing in security with an eye towards business value. Download the report now, or visit rewrite.ca.com.

You can also tell me what you think here or on Twitter @jackiekahle or LinkedIn

More Stories By Jackie Kahle

Jackie is a 30-year veteran of the IT industry and has held senior management positions in marketing, business development, and strategic planning for major systems, software, and services companies including Hewlett-Packard, Compaq, and Gartner. She currently manages the strategy and execution of CA Technologies thought leadership programs. Jackie has an MBA from the Whittemore School, University of New Hampshire, a BA in Mathematics from New York University and is the Vice-Chair of the N.H. State Council on the Arts.

@DevOpsSummit Stories
DXWorldEXPO LLC announced today that Nutanix has been named "Platinum Sponsor" of CloudEXPO | DevOpsSUMMIT | DXWorldEXPO New York, which will take place November 12-13, 2018 in New York City. Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix Enterprise Cloud Platform blends web-scale engineering and consumer-grade design to natively converge server, storage, virtualization and networking into a resilient, software-defined solution with rich machine intelligence.
When building large, cloud-based applications that operate at a high scale, it’s important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. “Fly two mistakes high” is an old adage in the radio control airplane hobby. It means, fly high enough so that if you make a mistake, you can continue flying with room to still make mistakes. In his session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, will discuss how this same philosophy can be applied to highly scaled applications, and can dramatically increase your resilience to failure.
"DevOps is set to be one of the most profound disruptions to hit IT in decades," said Andi Mann. "It is a natural extension of cloud computing, and I have seen both firsthand and in independent research the fantastic results DevOps delivers. So I am excited to help the great team at @DevOpsSUMMIT and CloudEXPO tell the world how they can leverage this emerging disruptive trend."
Digital transformation is about embracing digital technologies into a company's culture to better connect with its customers, automate processes, create better tools, enter new markets, etc. Such a transformation requires continuous orchestration across teams and an environment based on open collaboration and daily experiments. In his session at 21st Cloud Expo, Alex Casalboni, Technical (Cloud) Evangelist at Cloud Academy, explored and discussed the most urgent unsolved challenges to achieve full cloud literacy in the enterprise world.
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO Silicon Valley 2019 will cover all of these tools, with the most comprehensive program and with 222 rockstar speakers throughout our industry presenting 22 Keynotes and General Sessions, 250 Breakout Sessions along 10 Tracks, as well as our signature Power Panels. Our Expo Floor will bring together the leading global 200 companies throughout the world of Cloud Computing, DevOps, IoT, Smart Cities, FinTech, Digital Transformation, and all they entail. As your enterprise creates a vision and strategy that enables you to create your own unique, long-term success, learning about all the technologies involved is essential. Companies today not only form multi-cloud and hybrid cloud architectures, but create them with built-in cognitive capabilities.