Build or upgrade your ISMS on our platform

Data Driving Digital means D-Day for Information Security

I’ve just finished reading the recent research carried out by CBI in conjunction with IBM.

The report, Embracing Digital in Every Sector, offers interesting insights, and identifies the opportunities and threats, concerning the adoption of digital technology by British businesses.

There seems little doubt, amongst those surveyed, of the benefit of digital technology:

  • 94% agreeing that digital technologies are a critical driver of increased productivity
  • 92% agree about the benefits that technology can deliver in terms of economic growth
  • 73% agreeing it will help in job creation.

And, beyond the economic benefits, organisations were quick to identify the advantages for their business:

  • 73% cited improved customer experience that technology can help deliver
  • 55% stated efficiency gains as one of the more important business benefits

With that 73% figure in mind, it’s little wonder that the need for data is a big technology driver:

“gaining greater business insight through data is recognised as a key benefit of technology by nearly half of businesses (45%). However, data is fast becoming the most important commodity in the digital age and so the challenge is set for the remaining 55% to push the importance of big data up their agenda.” (CBI 2016)

Increasingly, everything about consumers and the way they behave is being stored and used by organisations to engage more successfully with them in the future.

Barriers to digital adoption / the skills gap

It’s no surprise that, with the ever-increasing need for data, concerns about security are one of three top external barriers for 21% of businesses.

But, for 45% of businesses, not having the money to invest registers as the main barrier to investment, 42% of businesses lack skills within the business to become digital, 33% cannot make an adequate case for return on investment (ROI), and 27% lack knowledge of the technologies available to them.

Interestingly, but maybe not surprisingly, it is clear that skill and knowledge shortages are the biggest barriers as those classed as ‘pioneers’ are significantly less likely than businesses overall to find knowledge (12%) and ROI (7%) an obstacle and are able to lead the way on investment.

Are you ready?

The demand for market / consumer insights and big data is only set to increase and, apart from the economic impact, organisations who don’t keep up with digital technologies are likely to get left behind.

However, as the 21% concerned with security clearly recognise, data comes with serious risks if not handled and protected correctly. Whilst costly breaches repeatedly hit the headlines, this growing demand for personal data will soon be a potentially costly threat, whether ‘breached’ or simply proved to be mishandled.

The recent announcement of the EU General Data Protection Regulations (GDPR), means organisations of all sizes need to review, and/or adopt, information security strategies that will protect personal data. There are likely to be severe fines for non-compliance.

Clearly, there will be many organisations who choose to outsource to gain the digital skills, experience and technologies they need, but this will not allow them to abdicate their responsibilities with regard to data protection. They will still need, by law, to have the right policies and procedures in place to ensure their chosen suppliers are compliant.

And, for suppliers, there will be an increasing call to demonstrate their commitment to information security and, of course, to verify their security credentials.

D-Day for information security

Education and up-skilling in digital technologies, and their risks, is obviously needed and the CBI report concludes:

“Collaboration between businesses is critical, and pioneering businesses could provide mentoring and coaching to those that need help. The know-how needed exists in the business community already, but we need to pull together to make sure that it multiplies”(CBI 2016)

However, with the adoption of digital technologies comes responsibilities, both legal and moral, to protect data and keep the organisation and its’ customers secure. It is now more important than ever to have a strategy, not just to combat cyber attacks but to understand and to manage information security across the entire organisation and it’s supply chain. (The CEO who recently lost his position after falling victim to an email scam that cost his organisation over 50m euros would no doubt agree!)

At Alliantist, our work with highly sensitive departments within the public sector led us to  seek UKAS accreditation of our information security management system (ISMS). Rather than treat it as a tickbox exercise we took the decision to embed it deeply into our business and our culture.Through our ISMS we ensure information security is considered in all business activities and processes, including the HR lifecycle and monitoring of the  supply chain for compliance.Our ISO 27001 management software helped us achieve certification quickly, simply and cost-effectively and now helps us monitor and continually improve our information security processes.Whether you seek accreditation or not, there is no better information security standard to follow than the internationally recognised ISO 27001 and ISMS.Online makes it easy to follow, carry out a simple yet effective gap analysis and manage your implementation project step-by-step.

If you’d like to learn how ISMS.Online can help you with a simple and cost-effective solution for managing information security visit

Contact us

Many thanks to Emma Collins, Principal Policy Adviser, Digital Economy, for her kind permission to use data within the ‘Embracing Digital in every Sector’ report.