Who Owns Digital Security in Your Company?

Who is responsible for digital security in today’s cloud-enabled workplace? Once upon a time, IT was the clear answer. Now the answer is a little more complicated – the role of IT in digital security is a matter of both leadership and partnership.

digital securityThere was a time not too long ago when if you asked an organization who was responsible for digital security, they’d point you to the IT staff in charge of installing the virus scanner. But as companies undergo digital transformation, things have changed. Nearly everybody in the contemporary workplace depends on connectivity and cloud-based solutions. IT may be the leaders, but one big takeaway from CompTIA’s research on Digital Transformations of Organizations is that everyone has a hand in cybersecurity. Let’s explore how everyone can and must work in conjunction with IT to make it digital security happen.

Business Units and Security Ownership

In today’s tech-forward, cloud-centric enterprises, individual business units play a big role both in choosing what cloud-based solutions they use to get the job done and what data they collect through them. That means individual departments know things that IT can’t know about how they’re using technology. IT, for instance, doesn’t know if marketing really needs to hang on to a list of old contacts or not.

So, while the IT department may determine that there are vulnerabilities that need to be addressed, it’s often in the hands of a business unit to determine what that means practically. Digital security, then, becomes a matter of businesses working in partnership with IT to pursue the best course of action – not leaving it up to IT to handle.  

The Importance of a Contingency Plan

Businesses point to creating a contingency plan for a data breach as one of their biggest security challenges. Taking the appropriate steps to identify and stop the threat is only one facet. The potential fallout from a breach includes downtime for different departments due to remediation; the possible need to re-architect solutions; the need to provide reassurance to customers impacted and not impacted; and, of course, managing reputation damage.

This is another area where IT can’t do it all. Rather, individual departments, as well as the C-suite, must understand their individual roles in case of a data disaster.

IT Can Be a Source of Digital Security Education

End-user education is another big digital transformation pain point. Employees are tech-savvy enough to use cloud-based tools, but not always cybersecurity-aware enough to use them securely. IT has a better understanding of how all of the systems in use work together than non-technical staff do. Businesses can benefit from using their internal tech knowledge to keep the secure computing basics top of mind for staff in a cloud-centric workplace. 

Digital Security: Leadership and Partnership

As CompTIA’s research indicates, a digitally-transformed workplace can be a secure one. Leveraging departments’ practical cloud comfort in conjunction with IT’s advanced tech knowledge is the key to secure digital transformation.

Click here to download CompTIA’s Digital Transformation of Organizations research report.

Click here to download CompTIA’s new report 2018 Trends in Cybersecurity: Building Effective Cybersecurity Teams and here to get involved with CompTIA’s IT Security Community.

Matthew Stern is a freelance writer based in Chicago who covers information technology, retail and various other topics and industries.

Newsletter Sign Up

Get CompTIA news and updates in your inbox.


Read More from the CompTIA Blog

Leave a Comment