Focused on speed or security? Think speed AND security to drive value

One of the biggest pressures facing business leaders right now is keeping up with the relentless pace of technological change - trying to deliver value for customers, drive operational efficiencies, squeeze profit margins and keep shareholders onside - all whilst ensuring that as a result of moving at such pace, the wheels don't fall off later down the road. 

This is evidenced by our research, wherein nearly two-thirds (62%) of CEOs said that moving too slowly - in the adoption of new technology - poses a greater risk than moving swiftly. Whereas, almost as many (59%) think that allocating a larger portion of their budget to cybersecurity is necessary to safeguard future digital initiatives, showing a clear focus on security in the near future.

All of this begs the question, if moving too slowly is high risk because you’ll be outpaced by your competitors, and moving too fast leaves you open to increased security risks, what’s the best course of action? Read on to learn more about shifting to an AND not or mindset, and finding a way forward that blends speed AND security for accelerated value.

The shift to an AND not OR mindset

How to bring additional security to your approach, if you’re currently focused on speed

A speed at all costs approach is great…until you hit an inevitable bump in the road, at which point a lot of the potential security issues you’ve been storing up for later are bound to surface. That said, it’s never too late to “slow down in order to speed up”, re-examine your approach, and implement some sensible safeguards that will give you the confidence to really hit the accelerator longer-term. Here are our top tips to consider:

1. Translate your current and anticipated technical problems into clear business risks, then develop strategies (risk by risk if needs be) for mitigating them.
   
   
2. It’s really helpful to prioritise the risks you’ve identified based on agreed and predefined criteria - some questions to ask yourself and your team include; what would have the biggest impact on our ability to conduct business? What would damage our brand reputation or share price?
   
   
3. Start by zeroing in on data, as it needs to sit at the heart of your security programme – prioritising confidential and sensitive data first is the quickest way to reduce your risk profile.
   
   
4. Make sure you assign clear roles and responsibilities - this will help you to design a disaster comms plan and business continuity plan - it might seem like dwelling on the negatives, but they’ll help you bounce back quickly should the worst happen.
   
   
5. A sensible place to start is with your critical applications – reducing risk incrementally and quickly by focusing on the highest risks first.
   
   
6. “Security by design” can only happen if everyone feels they have a stake in security. A ‘shift left’ approach to building securely as well as a culture that encourages people to be security conscious, and empowers them to challenge if security is being overlooked or undermined, is the key to making this sustainable.
   
   
7. If you’re working with technology and/or delivery partners there’s also pertinent questions you should be asking of them, some great examples include:

• What’s their approach to security by design?
• Which types of data would they place in third-party cloud platforms and how would they ensure that data is not compromised?
• Do they offer comprehensive security training for your teams? If so, how can they make this part of their current offering as a continuous add-on?

How to speed up if a security-driven approach is slowing you down

On the flip side of the equation, what about the risks of going too slow? Plenty of organisations, particularly long-established companies in highly regulated industries may value a ‘slow and steady’ approach and might default to a “if it ain’t broke, don’t fix it” mentality. While that’s great in theory, the threat landscape continues to advance and become ever more sophisticated. Equally, it presents a major risk factor in terms of squandering your competitive advantage. After all, if you’re standing still, it’s going to be easy for your competitors to get ahead. Here are some top tips to consider that will help you speed up your adoption of new technologies - and the value they bring - without compromising on security:

1. Task your teams with developing, understanding, and having a plan for ensuring that your tech investment choices will align with both your immediate needs and more strategic, longer-term goals.
   
   
2. Encourage your teams to invest in automation tools and AI to reduce development times and improve efficiency, make sure you’re also investing in the capability building needed to ensure that these tools deliver maximum value, not just additional cost.
   
   
3. Take a moment to consider how the role of technology is changing to support rapid innovation. Not so long ago, first movers could gain a competitive advantage that lasted 18 months or two years. Now, some breakthroughs are commoditised in as little as six months. You’ll likely reach the conclusion - as we did - that this necessitates continuous change and continuous updating of the customer experience from the outside in.
   
   
4. Again, if you’re working with technology and/or delivery partners, here’s what you should be asking them:

• Can they deliver and prove value quickly with rapid prototyping and proof-of-concepts aligned to your business goals?
• How do they leverage automation tools, AI, and DevOps practices to accelerate development cycles? Can they help you build this capability in your organisation?
• Do they have relevant experience in, and the ability to help advise you on the technology investment choices you need to make?

Ready to accelerate value now? Embrace the juxtaposition of speed AND security

CEOs - and by extension people across your organisation - need a profound shift in mindset, to look for the AND rather than the OR when it comes to embracing new technology. To unlock true value quickly from your technology investments you have to embrace the inherently juxtaposed concepts of speed AND security. This can sound daunting but here are some proven approaches to set you up for success:

4 acceleration approaches to balance speed AND security in technology:

1. Lead with design - whether a 2 day design sprint or a 4 week discovery, understanding your customers and responding to their needs is the quickest way to unlock value and outmatch your competitors in a way that gives surety that you’re delivering meaningful value.
   
   
2. Select your tech carefully - to align your immediate needs with more strategic, longer-term considerations. Picking a partner that is technology-neutral and understands the landscape can enable you to make informed decisions quickly, in days and weeks rather than unnecessarily extended time frames, backed by the confidence that an independent perspective provides.
   
   
3. Engineer for performance - your goal should be to build products that not only delight your customers and end users, giving them reason to return, time after time, but also to build resilient, performant, reliable, and secure products. This should be your mantra from day one. Not an afterthought or a task to address later. Building for performance enables speed and security.
   
   
4. Deploy smartly - combine the aforementioned experience design and product approaches with an agile delivery methodology. Focus on releasing features or products more often in smaller increments. This will enable you to see value sooner, while also ensuring that you’re not falling behind on security. It also means you can easily pivot or roll-back if things don’t go to plan.