Enterprise Agility in the Face of Rising Cyber Threats

Jonathan Sinclair, Associate Director, Cyber Security, Bristol Myers Squibb

Jonathan Sinclair, Associate Director, Cyber Security, Bristol Myers Squibb

Abstract:

The following piece will approach the topic of Enterprise Agility with regards to the ever prevalent and increasing pressure of cyber threats on organisations.

Agile – the background:

Agile practices arose out of frustrations in the software development space in having to conform to structured development programmes (Waterfall), that prioritised planning and rigidity over adaptation and flexibility.

The evolution of this development from structured and planned, to flexible and adaptive, provides a useful metaphor for the evolving business environment, whose adherence to fixed planning and structure, a relic of the industrial revolution, has yet to have lost its shackles to the modern global environment, where opportunities and challenges resist prediction, given the stochastic landscape in which all Enterprise’s now operate.

The answer is therefore to plan for disruption, process engineer innovation and build in agility, which will ensure reducing the time required to pivot, implicitly create resilience, and ensure a competitive outlook for the organisation.

To exemplify the point, one only needs to look at the recent rise of ransomware threats () against organisations such as Cognizant, Travelex, Toyota, Garmin, LG Electronics, Xerox, etc.

Adding further context: Your CISO is no doubt advocating traditional defence-in-depth strategies, that require heavy financial investment in areas such as a security operations centre, end-point detection capabilities, hunt teams, threat intelligence feeds, anti-malware software, DLP capabilities, etc.

It will be but a few that will be advocating an agile mindset, complimented with resilient processes that plan for a defensible strategy of adaptation and ability to pivot.

Having stated the above, many reading this will probably consider it a restatement of the old organisational discussion as to whether to centralise or decentralise, and at a high level you’d be correct however, the salient difference is how processes and a complimentary agile mindset are applied.

Conclusion:

The advocated shift of focus will not be easy to embrace and will be even harder to implement within the context of an Enterprise organisation, however the journey must be started and can be initiated with a mind-set change.

Weekly Brief

Read Also

Deliver Resiliency with Managed Services

Deliver Resiliency with Managed Services

Edy Salim, Head of Technology Services & Enterprise Architecture, PT Adira Dinamika Multifinance Tbk
Improve Diversity and Cybersecurity Hiring in One Fell Swoop

Improve Diversity and Cybersecurity Hiring in One Fell Swoop

Michael Carr, JD, CISSP, CCSP, CIPP/US/E Adjunct Faculty, Cincinnati State and Andrew Opare, Security+, Ohio Army National Guard
Businesses at Risk: Survey Exposes Gaps in Crisis Readiness among UK Firms

Businesses at Risk: Survey Exposes Gaps in Crisis Readiness among...

Jim Steven, Head of Crisis & Data Breach Response Services, Experian Consumer Services
Ingredients for Success in Transformation

Ingredients for Success in Transformation

Eric Martin, Vice President, Information Technology and Digitization, Groupe Deschenes
Implementing an Identity and Access Management Program

Implementing an Identity and Access Management Program

Devan N. D’Silva, Manager, Identity and Access Management, Vice President, Baird
The Hidden Risks of Work From Anywhere

The Hidden Risks of Work From Anywhere

Joshua Brown, VP and Global CISO at H&R Block