The “State of the CIO Study 2022” found that 71% of CIOs expect their involvement in data privacy and compliance to increase over the coming year, and 72% of the line-of-business respondents expect IT to be increasingly involved in data privacy and compliance.
The sheer volume of IT assets spanning cloud, data center, and colocation sites has many IT organizations struggling to come to grips with security and compliance. The number of security best practices and security mandates is overwhelming and growing. Rapid application modernization, cloud adoption, and operating model evolution are critical for success. This means that enterprises are often scrambling to meet operational demands.
“With digital transformation and cloud computing, ‘the world’ is now the data center, and it’s making compliance very complicated,” says Tony Alam, senior offer manager at Kyndryl. “We used to keep IT resources in a single data center so we could put a perimeter around it and secure it with firewalls and log shipping and so forth. Everything on the inside was secure and everything on the outside wasn’t secure.”
Digital transformation initiatives depend on continuous changes to applications and adoption of hybrid and multicloud environments that expand attack surfaces well beyond the traditional security perimeter. Compliance and security requirements too often are viewed as hindrances in meeting time-to-market demands. Tracking risk exposures and compliance is more difficult than ever.
With today’s hybrid IT environments, it is harder than ever to gain an integrated view into security and compliance from development through operations. Despite huge investments in technology and tools, many organizations rely on point solutions and manual processes that leave them exposed and are costly to maintain.