Security is evolving from a necessary evil into genuine competitive advantage
Whatever your take about the FBI vs. Apple conflict is, one thing is for sure. It has underlined cyber security as a strategic business asset.
The highest-profile security story of late has, without a doubt, been FBI and Apple wrestling over iPhone security. Apparently, FBI managed to break in without help from Apple, but surely the struggle will continue.
Whatever your take about the FBI vs. Apple conflict is, one thing is for sure. It has underlined cyber security as a strategic business asset. It is not just about what happens right now, but a longer-term issue. Apple clearly views security and privacy as a marketable differentiator for its product – that is, a genuine competitive advantage.
While FBI vs. Apple case is probably the most visible example, at the moment, similar thinking is spreading elsewhere as well. For instance, Berkeley Research Group said recently that organisations that view security as a strategic competitive advantage will flourish. Quoting Lance Hayden: “Boards that get ahead of that curve and figure out how to leverage it as an asset are going to see themselves ... pulling ahead of their competitors, because they're going to use cybersecurity as part of their portfolio of strategic assets. Other folks will struggle just to keep those operational fires burning and [not know] how to turn it into something of more value."
This is clearly a shift in paradigm and thinking. Cyber security is usually viewed as absence-of-bad rather than presence-of-good. The standard view of security professionals has been that as long as things don’t break on our watch, everything is fine. We’ve been covering that in this blog too, underlining direct financial damage and indirect reputational damage in case of security breach.
And that’s correct, but it’s not the whole picture.
The problem with viewing security as competitive advantage is that it may be difficult to measure and assess. But things like talent management or innovation management are also often difficult to measure and assess. Yet nobody claims that these are not core strategic advantages for companies.
So maybe it’s time to develop ways to measure and assess security as a competitive advantage. We don’t have definitive answers yet, but we’re working on it.
For more information Tieto Security's view on cyber security, please see our white paper.