How well prepared are organizations for information security and risk management in an increasingly cloud computing-based world that is also volatile, uncertain, complex and ambiguous (VUCA)?
The rush to use cloud services sometimes means organizations are not perceptive about the risks. Sounding that “it’s in the cloud, therefore its safe” is wrong, though vendors may claim it is.
This is why it’s overriding for ITIL® 4 to have dedicated management practices for information security and risk management; helping enterprises to fabricate healthy cyber behaviors and ensure all employees are involved. It’s also important that external suppliers embrace these best practices to manage overall risk.
Both information security and risk management are everyone’s job in the organization.
In high-velocity IT environments, development teams are operating with agility and multiple, regular changes. Although, once they embed healthy information security behaviors, risk management congruous with basic company culture and poses no problem to innovation.
This supports the ITIL 4 service value chain, fortifythat everything the organization is doing to co-create value for customers is secure at each point in the chain.
The information security management practice helps people perceive the boundaries to work within and tools for solving specific product functionalities for the customer, such as anti-virus, malware protection and supplier access.
And, eventually, it’s possible to wangle the cyber security maturity model:
If an organization’s risk appetite is communicated effectively from C-level, then it becomes the standard approach and shouldn’t inhibit innovation.
ITIL 4’s risk management practice evince that, on a daily basis, we are windswept to different types of risks; this means leaders need to nurture both culture and behavior to curtail risk while, at the same time, co-creating value.
Having a clear converge on the management practice accredits organizations to identify risk, know how to address it and repeat this process.
A major factor highlighted in ITIL 4 is the need to embrace change: what is best for an organization in a VUCA world and how to adapt to the anxiety that comes from the interminable cycle of change.
For this, enterprises need to burgeon the culture and behavior among their people to be reliable but also to give them the credence to make mistakes and the ability to fix and learn from them.
Your email address will not be published. Required fields are marked *