Study by CA Technologies also highlights how adoption of advanced security, especially identity-centric security, is critical for digital transformation
India, November 24, 2016 – Firms are measuring the success of IT security beyond just breaches and compliances, a global study from CA Technologies (NASDAQ: CA) finds. They are now including business performance indicators that contribute directly to revenue growth, with 87 percent of firms in Asia Pacific & Japan (APJ) agreeing that the role of security is to enable them to enter new markets and deliver services in new ways.
The study, The Security Imperative: Driving Business Growth in the App Economy, polled 1,770 senior business and IT executives, of which more than 100 are chief security officers and chief information security officers. 799 of the respondents were from countries in the APJ region, including Australia, China, Hong Kong, India, Indonesia, Japan, Malaysia, Singapore, South Korea and Thailand.
The majority of survey respondents said that IT security, specifically identity-centric security, needs to do more than protect the business in today’s environment – it needs to help build trusted digital relationships that are critical for competing in the application economy and growing the business.
· 87 percent of respondents said that there is a need to balance strong security with enabling their business to enter new markets and deliver services in new ways.
· 85 percent said that identity-centric security is critical to the business.
· 84 percent said that security needs to be frictionless and not over burden the user.
· 83 percent said that security is critical to protecting the brand and can be viewed as a competitive differentiator; and
· More than 70 percent of respondents are using metrics such as digital reach, operational or process efficiency, business growth, customer satisfaction, and a number of compliance audit failures.
“For digital businesses to thrive in the application economy, they need to drive new business models and participate in new connected eco-systems of value,” said Stephen Miles, chief technology officer, APJ, CA Technologies. “A good identity-centric security strategy enables a business to accelerate that objective with the confidence that great customer experiences are delivered, whilst mitigating risks and protecting the business. To ensure a successful digital journey, identity-centric security needs to be incorporated at the start as a core technology enabler rather than bolted on as an IT afterthought.”
Advanced Use of Identity-Centric Security Reaps Business Benefits and Decrease in Data Breaches
The study also examined respondents’ current security postures in three areas of identity-centric security: the end-user experience, identity and access management, and data breaches. This information allowed CA and Coleman Parkes, who conducted the study, to create a maturity model for identity-centric security, categorizing respondents as advanced, basic or limited.
Overall, the APJ results categorized the majority of respondents as basic users of identity-centric security (64 percent), with a focus on core capabilities such as password management, single sign-on and some analysis and reporting. 28 percent were categorized as advanced users, engaging in capabilities such as adaptive security and behavior analytics, and consistent omni-channel security support.
While all users in APJ saw improvements in their business from security initiatives, the survey showed that advanced users generally reported more significant results especially in areas of customer experience, business operations and security:
· Advanced users saw a 58 percent improvement in business growth and new revenue compared to 44 percent for basic users.
· 58 percent of advanced users reported improvement in employee productivity versus 44 percent of basic users.
· Advanced users reported a 49 percent improvement in number of compliance audit failures as compared to 38 percent for basic users.
· And when it comes to security, almost thrice as many advanced users of identity-centric security have seen a reduction in data breaches compared to basic users – 35 percent versus 12 percent.
Notably, most advanced users of identity-centric security in APJ that have seen a decline in breaches have been much more proactive in preventing them through increased investment (86 percent), focusing on mobile devices and apps (82 percent), implementing strong set-up authentication (73 percent), and focusing on high-risk areas like privileged identities and access (68 percent).
About the Research/Coleman Parkes
Conducted by Coleman Parkes, the study included 1,770 senior business and IT executives, including more than 100 CSOs and CISOs, from large enterprises across 21 countries and 10 industry sectors. The study and data analysis was done from May – September 2016. Coleman Parkes Research Ltd, formed in 2000, provides action-focused marketing research on a global scale. The company offers a full research and consultancy service across all markets, while specializing in business-to-business research with a focus on IT, technology and communications research. For more information, please visit www.coleman-parkes.co.uk.
About CA Technologies
CA Technologies (NASDAQ:CA) creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. Software is at the heart of every business in every industry. From planning, to development, to management and security, CA is working with companies worldwide to change the way we live, transact, and communicate – across mobile, private and public cloud, distributed and mainframe environments. Learn more at www.ca.com.