Digital technologies like the Internet of Things will add $14 trillion to the world’s 20 largest economies by 2030. That’s one fifth of the current world GDP. Kunle Awosika There is no doubt we face a digital future. But in Rwanda and the rest of East Africa, many businesses are held back from fully realising digital transformation because of a lack of a robust and agile IT security policy. The question on many CEOs minds is: “How do I bridge the gap between innovation and security?” Prepare your business for change It’s not just the IT department that must adapt, but the entire organisation. A new Capgemini report refers, not to digital readiness, but digital dexterity; an organisation’s capacity to self-organise to deliver new value from digital technologies. Firstly, consider how the IT department operates. Security should no longer operate as a siloed IT function, but as a fundamental business process that is aligned to business objectives. So, it’s critical that businesses embed security across their entire network, applications and access points to detect, analyse and block suspicious behaviour. Manage employees Even if you have the most watertight systems and processes in place, a lack of security awareness among employees can be a serious risk. “Most breaches today are the result of simple mistakes by employees clicking on rogue links in emails, downloading malicious attachments, or simply not following security policies and training lessons,” says Paul Fisher, research director at Pierre Audoin Consultants, which conducted research into the role identity and access management play in digital transformation. Update existing infrastructure Digital transformation touches everything. The Internet of Things, which means that software sensors are connected to ‘things’ including machines, buildings and tools, are enabling these things to learn and adapt with human-like intelligence. Many industries and companies are adopting this model to beat competition. But Internet of Things means infinitely more data being stored, and more employees with access to sensitive information. A solid IT infrastructure will determine the capacity to ensure that all this data, and these ‘things’ can be controlled and managed centrally. Organisations may think that strong security measures through processes and systems mean they have to forfeit agility. This is not true. With an intelligent cloud server, you can be both agile and secure. The intelligent cloud is able to follow automated rules that reflect a company’s security policies. Setting regular storage updates and automatic security updates means there is less pressure on human capacity. Over 80 per cent of attacks target a known vulnerability that could have been prevented with an existing patch. Cloud computing enables the latest patches to be delivered to your IT system every day, or as soon as a new vulnerability is detected. Trusted cloud vendors offer the most up-to-date security. Educate the public In addition to managing their own security, companies have a role to play in creating a more trusted Internet environment for everyone. Ultimately, a digitally competitive company needs digitally savvy consumers with a high level of trust in the digital world. Companies have an opportunity to partner with the public sector to educate citizens on policies and legislations affecting cybercrime, in addition to establishing security principles and commission studies to identify factors that increase online risks. Firms should also ensure transparency while dealing with customers’ data, and organisations should share threat intelligence. This is already being done by banks. The writer is the country manager, Microsoft Kenya