While a secure X remains the Holy Grail of the IT manager, it throws itself as a big opportunity for the tech vendors. But simple tweak-ins in narratives is not a sincere approach to meet that challenge—though many have started doing that
Recently, I was talking to CIOs of quite a few non-services companies. I say non-services because many of them do not like to be identified as ‘manufacturing’ business—quite rightly so. They included process manufacturing companies, pharma, FMCG, consumer durables, and automotive, among others.
I was asking them about the reaction to COVID-19 emergency and was not specifically probing them about security. But I noticed many of them talking about secure network, secure cloud, secure services and so on. When probed specifically about their enterprise security, most of them kept it aside as a separate topic. To them, it meant a specific set of solutions and practices.
In short, they clearly distinguished between security and secure. For them, enterprise security meant a few things that anyway they needed to do to secure their systems. But whenever they got something as a service, in this XaaS era, they expected it to come ‘secured’. In short, if they were being sold a service—network or cloud or anything else—they expected the onus of making it secure lay with the service provider.
That, per se, is not a new expectation. It has been there since long. The only difference is that earlier, buying of these services were more discreet. Today, in a multi-cloud, hybrid environment, with multi-vendor management and monitoring tools—sometimes even that management outsourced as a service, with security outsourced to yet another vendor, a lot of SaaS subscriptions, and maybe with some business processes, heavily integrated with technology, too outsourced, the environment is far more complex.
But that everything should come pre-secured is a valid expectation, whatever its realisticity quotient is, especially for companies where security is not such a well-developed, separate function, as in businesses like telecom, banking, insurance, online retail and IT/ITES services.
It is not that vendors do not realize the problem. But most of them claim far more than they can deliver. It is not that they falter on SLAs or deliverables. But they only address a part of the problem while claiming that it is the solution to the whole problem.
In the post-pandemic era, as many companies go for some fundamental changes in business models, many will leverage technology far more than they do. And security will remain a big challenge on the way.
Our cover story dwells upon the challenge. While a secure X remains the Holy Grail of the IT manager, it throws itself as a big opportunity for the tech vendors. But simple tweak-ins in narratives is not a sincere approach to meet that challenge—though many have started doing that.
Let’s see who comes out with a new solution. Will it be a new company altogether?