Security in the Age of Digital Transformation

By: Dr. Cherif Sleiman, Senior VP International Business at Infoblox

One of the privileges of my job is the opportunity to talk to business leaders across Asia about where they see the opportunities and challenges in their fields. And in all these conversations, two issues keep coming up: the digital transformation and cybersecurity.

Many of these leaders talk about these issues as though they are distinct, but after all my years of experience in this industry, I see them as essentially two sides of the same coin. Leaders really cannot consider the digital transformation without considering the broader cybersecurity concerns that come with it. And indeed, companies need to have robust cybersecurity policies in place if they want to take full advantage of the opportunities afforded by this fourth industrial revolution.

I will begin by talking about the challenges and opportunities afforded by the digital transformation, especially as they pertain to security.

Next, I will discuss the implications of big data on security, what this means for companies, and how they can forge a “new social contract” that will address the unique concerns of the data driven economy.

Finally, I will explain why companies seeking to undergo the digital transformation should focus on security first, and provide some advice for how they can integrate security-minded thinking into their digital transformation strategies.

Challenges of the Digital Transformation

The 2020s will be the decade of the digital transformation around the world.

Organizations are building their networks in a different way—taking advantage of concepts like multi-cloud and SD-WAN technologies, and leveraging the power of IoT devices and the software-as-a-service revolution—to provide better customer service, empower their employees, and respond more quickly to market opportunities.

As businesses invest in these new tools to digitize their operations and move to the cloud so they can better compete, the legacy world of data center and interlocked branches policed centrally is fundamentally changing. The network perimeter that we have been used to is permanently dissolving.

Indeed, as devices proliferate, remote access becomes the norm, and companies increasingly store data and run applications from the cloud, the threat matrix that companies face becomes varied and complex.

Enterprises need to understand that the more they take advantage of the benefits of the digital transformation, the more of their critical applications and data will be stored, accessed and run in the public domain—outside of direct corporate control. And at the same time, the expansion of IoT devices, BYOD policies, and remote access is increasing the surface area through which malicious actors can gain access to the network.

Security is no longer something that can be considered as an add-on to running an enterprise network, it needs to be integrated into how enterprises think about their entire digital transformation strategy.

A New Social Contract

Ask anyone what the key to digital transformation is and they’ll likely respond with one word: data. Data is what allows companies to allocate resources efficiently, identify new business opportunities, and provide targeted services to customers.

But data is also a resource in its own right, and one that is highly sought after by cyber-criminals. Criminals can steal data outright, as they did in the 2017 Equifax breach, or it can be locked down and held for ransom, like in the WannaCry ransomware virus that spread around Asia and the world in 2017.

So the opportunity for business is there, and so too is the risk. The digital transformation gives companies the chance to grow, and provide goods and services when and where they are needed, all while reducing operating costs and lowering friction between buyers and sellers. But as the value of personal data becomes more widely appreciated, the importance of securing that data becomes more important—both to a company’s reputation and to their bottom line.

We used to look at the “social contract” between businesses and customers as a simple financial transaction: a customer provides money and the company provides goods or services in return. A company’s reputation depended primarily on its ability to deliver on its promise.

Today—thanks in part to the digital transformation—that contract has changed. Reputations still depend on a company’s ability to provide goods and services, but a company’s ability to protect data plays a critical role as well.

In cases like this, the social contract is murkier. Customers may be receiving a service—but they are paying with their data, not dollars, or rupees, or yen. Furthermore, unlike dollars which become the company’s once the transaction is finished, data is fundamentally still tied to the customer, and will remain so forever.

Companies who collect and deal in valuable personal data, and that includes pretty much all organizations, thus have a much higher obligation to protect the data that they are gathering—not only to their customers, but to their owners and shareholders as well.

Data breaches can have dramatic effects on a company’s market value. A 2019 analysis published by British consumer-advocate website Comparitech found that the share price of companies who suffered a data breach lost an average of 7.27% in the immediate aftermath. The real damage occurs over the long term. While stock prices largely recover within a year, breached companies still lag behind the broader market, by 6.5% after one year, and nearly 13% after two.

The costs of cyber-threats

The decline in corporate value after a cyberattack has many causes. Some of the costs are obvious: the value of the information stolen, the disruption to customers and corporate productivity, and the cost of addressing the attack itself. There are longer-term costs as well. The company may incur fines or liabilities stemming from the attack, they may lose business or customers, or their share price may drop because of the hit to their reputation.

In 2018, Microsoft commissioned a study which found that these long-term, indirect losses can really add up. Microsoft found that cyber-attacks could cost large firms in Asia up to $30 million, a majority of which came from the deeper impacts on the company’s business, ecosystem, and economy.

Cyberattacks can also do damage before they even occur. The Microsoft study found that nearly 60% of their respondents were putting off initiatives to take advantage of the digital transformation because of concerns over cybersecurity.

This is the most tragic cost of cyber-security. Sixty percent of businesses aren’t taking advantage of opportunities afforded by the digital transformation, choking off growth before it even has a chance to begin.

Next Level Networking: A new model for network security

As enterprises build networks for this new digital era, we are finding that they have very different architectures from the traditional hub-and-spoke, data-center-centric model.

As the pace of digital transformation accelerates, the way that businesses operate, procure, and consume technology is changing more quickly than ever before. Organizations need to embrace this change and understand that in this new era, the way that we build secure networks is changing as well. We call this new paradigm “next level networking.”

Organizations need to think differently about network security in this new era of networking. Companies need to change their mindset: as the digital transformation seeps through industries in all sectors, the way organizations procure and consume technologies is changing as well.

Organizations can’t afford to think of network and security as separate fields, with individual solutions siloed from one another. Concepts like SOAR (Security Orchestration, Automation and Response) demand networking professionals to re-think their architecture from the ground up. Fundamental services like DNS can’t be an afterthought to security, but rather can be brought into the security picture and leveraged for a stronger defense.

This paradigm shift will not be comfortable for many. It is never easy to fundamentally change two decades of expertise and learn something new.

But if businesses are to succeed in this new era and take advantage of the benefits of digital transformation, they will need to embrace innovation quickly and rethink the role that cybersecurity plays across their network. Integrated, robust cybersecurity must be a fundamental consideration when considering business strategy, not only for today, but for the future.

Dimension Data, in partnership with NTT Ltd., is Offering Incident Response, at no cost, to UAE Hospitals Impacted by COVID-19 Cyber Attacks

Security specialist will provide 40-hours of Incident response services, at no cost, to public and private hospitals in the UAE that have faced attacks, enabling rapid restoration of critical healthcare services for COVID-19 patients

Following a significant spike in COVID-19 themed cyber-attacks on the healthcare sector, Dimension Data, a leading global systems integrator and managed services provider, is offering world-class Incident Response Remediation assistance at no cost to UAE hospitals combatting the pandemic.

Expertly designed to effectively contain and mitigate threats, Dimension Data’s service will enable affected UAE hospitals to rapidly restore operations after a successful cyber-attack and thus continue to deliver critical services to patients. Public and private hospitals as well as acute care hospitals, urgent care clinics, community health centres, and other emergency care settings are all eligible to 40-hours of incident response support, at no cost, on the condition that they are directly providing care to COVID-19 patients.

In a recent statement, INTERPOL, the International Criminal Police Organization, highlighted that it has detected a significant increase in cyber-attacks against hospitals around the world that are engaged in the COVID-19 response, and warned that these attacks that could ‘directly lead to deaths’.

“The incredible rate at which the virus has spread has overwhelmed the healthcare sector. Dealing with the impact of the virus is challenging enough without the added complication of critical operations being derailed by cyber-attacks,” said Redouane Gaouar, Director Go-to-Market Practices and Strategic Partner Alliances at Dimension Data Middle East. “By offering our Incident Response service at no cost , our intension is to get front line doctors and nurses as well as all supporting functions trying to work in a compromised hospital, back to saving lives as quickly as possible.”

Given the National Disinfection Programme being implemented across the UAE, and concerns around social distancing, an especially attractive and relevant feature of Dimension Data’s Incident Response service is that it can be delivered on a 100% remote basis. Even under normal circumstances, the company performs 90% of its Incident Response engagements remotely and is therefore uniquely positioned to support hospitals in their recovery from cyber-attacks at this time.

“This global pandemic requires everyone to come together and help in any way possible. Dimension Data and its parent company, NTT Ltd., have the right skillsets, resources, and global scale to stand by our hospitals in this time of urgent need. We believe all hospitals should be secure and this program in deeply aligned with our global ‘Tech for Good’ values,” said Peter Pappas, Security Operations Executive at Dimension Data.

For further details on Dimension Data’s program and to request for support, healthcare providers are requested to visit https://www.dimensiondata.com/en-gb/expertise/intelligent-security/free-incident-response-during-covid-19.

SonicWall Advances Network Edge Security, Adds Multi-gigabit Switch Series, Easy-to-Manage SD-Branch Capabilities

Distributed organizations are continuously challenged with administering necessary security measures to thwart escalating cyberattacks to protect workforces outside of the protection of traditional networks. To simplify security deployment, management and visibility for organizations with growing branch footprints, SonicWall unveils new secure SD-Branch capabilities, and a complete line of new multi-gigabit switches, to cost-effectively scale and manage remote or branch locations.


“Business success often coincides with expansion, leading to an increased need for visibility, security and bandwidth across a distributed organization,” said SonicWall President and CEO Bill Conner. “As the world begins to re-open its doors, organizations must re-architect for the ‘new business normal,’ which includes implementing cost-effective, software-defined networking and security principles across the business.”

SD-Branch Critical Technology as Organizations Re-Architect for New Business Normal

To simplify the management needs associated with distributed locations, campuses and branch offices, new SonicWall secure SD-Branch capabilities deliver single-pane-of-glass management across LAN, WAN and security controls.

Complementary Zero-Touch Deployment capabilities help address the shortage of cybersecurity experts by enabling quick deployment of appliances and services. Cost-effective secure SD-WAN allows organizations to leverage less expensive internet links. Organizations also can choose cost-effective subscription license models to control costs and reduce operational overhead.

New SonicWall Switch Line Features 7 Models for All Business Use Cases

SonicWall’s new multi-gigabit switch line works seamlessly with SonicWall next-generation firewalls and SonicWave wireless access points, creating an end-to-end multi-gigabit network that can be easily managed via Capture Security Center, a scalable cloud security management system.

To maximize stack capacity, the switch can work independently, or with multiple switches, and can be daisy-chained to form a single switch with the port capacity of the combined switches. Organizations can tailor their speed and power with the option of seven different switches, managed with SonicWall next-generation firewalls (SonicOS 6.5.4.6 firmware), Web UI, CLI or the Capture Security Center (CSC).

“We have a unique environment with a mix of different vendor switches,” said Greg Thomas, ComLogic. “The ability to deploy two independent platform switches that seamlessly integrate with SonicWall products significantly helps streamline processes and reduce operational costs.”

SFP ports can be leveraged for multi-gigabit performance up to 10 Gbps, making it ideal for SD-Branches and enterprises with increasing bandwidth needs. The switch also features gigabit ethernet ports to power on wireless access points, VOIP phones and IP cameras.

“With companies forever changing how they operate with remote employees and offices, it’s more important than ever to ensure the maximum performance of applications, traffic and workflows,” said Conner. “These additions will allow IT departments to focus on other issues at hand, reduce budget constraints and finally address the shortage of critical cybersecurity skills.”

Accelerating Endpoint Protection for Boundless Workforces in COVID-19 Era
Employees warrant the same protection outside of the confines of corporate networks as they do when mobile or working from home. SonicWall Capture Client helps control and manage content accessed by endpoints with configured policies that allow or block access to various websites. This allows endpoint security and content filtering to be managed from the same management console and includes web activity reporting for easier monitoring.

Common operating systems, including endpoints using Windows, Windows Server, Mac and Linux, are protected from malware and other malicious attacks by autonomous detection and protection in mission-critical data centers or a standalone/disconnected networks.

As the number of endpoints become increasingly significant challenges for IT departments to manage and protect, a combination of SonicWall Capture Client, Secure Mobile Access and Cloud Application Security can provide protection for end-users, devices and applications beyond the traditional network.

Boundless Cybersecurity for the ‘New Business Normal’

The distributed IT reality is creating an unprecedented explosion of exposure points across enterprises, SMBs and governments. SonicWall’s unified Boundless Cybersecurity platform handles the most evasive and cutting-edge threats across a ‘boundless’ workforce of remote, mobile and cloud-enabled users.

This approach protects organizations across a range of attack vectors, including networks, email, mobile and remote access, cloud, SaaS applications, endpoints, IoT devices and Wi-Fi.