Do security better
Review how you do IT security and the impact to the business. Put in place a plan to improve the processes and technology as well as the automation that can help reduce operational costs and reduce the risks
Be Cyber Resilient:
Know the risks (and rewards) of Shadow IT.
What does Cyber Resilience mean?
Cyber resilience is being able to understand modern attacks, implement the right procedures and response strategy to counteract future cyber threats and recover from incidents faster. Start the process towards cyber resilience by considering how Shadow IT can be turned into an advantage.
Shadow IT is happening and is not a new phenomenon, but is a growing concern for organisations today. It is now easier than ever for departments within an organisation to use their own budgets to invest in, and install, applications and Software as a Service (SaaS), without consulting the internal IT department. The rise in mobile device usage, including how employees expect to be able to use applications they use at home on their work devices due to the ever increasing convergence of work life and personal life, is also now commonplace. This is often driven by a desire for increased productivity and efficiency, but can have huge implications for organisations as it brings increased risk, security and compliance issues.
Why is this happening? Often IT are not seen as strategic to the business and can prevent the adoption of new technology because of security issues. Due to lack of time, budget and resource, they are not supporting the growth and innovation projects that benefit the business on top of their daily tasks to be done. Shadow IT can be a powerful business enabler if managed correctly and can enable IT to been seen as strategic – by better demonstrating the value of IT back to the business, whilst ensuring increased agility and responsiveness to combat threats and benefit from the opportunity (or rewards?) new technology brings . This is a step to becoming Cyber Resilient.
How to make Shadow IT work for you, three actions that could help:
1
2
See IT through the eyes of the organisation
Focus on activities and issues that have the biggest impact to the organisation – prioritise only those issues that will reduce the risk in the right areas, or spend more time promoting activities that will help the business to compete and evolve.
3
Talk to the business in their language
Try changing the way IT reports back the to the organisation. Using their language will make these conversations more productive and help IT to become a valued member of the leadership team. In fact those that can talk to the business are likely to get more budget - because they ask for it in the right way and will become aware of these new ‘Shadow IT projects’ much earlier on and can support and manage them.
