Skip to content
  • About Us
  • Our Services
  • Case Studies
  • Blog
  • Join Us
  • Contact Us
Monster Threats to Digital Transformation
Marcus Maxwell

[Infographic] Five Monster Threats to a Secure Digital Transformation

[Infographic] Five Monster Threats to a Secure Digital Transformation

Five Monster Threats to a Secure Digital Transformation

You're underway with your transformation program, ensuring you’re ready for the next generation of digital innovation. On your journey you'll face many hidden monsters that pose a threat to security and compliance.

We’ve outlined the biggest threats to watch out for on your digital transformation journey as well tips on how to overcome them.

1. The Non-Compliance Goblin

The Threat

Every year this goblin visits to check you’re following the required terms of compliance… if you’re not, beware!

The Impact

The goblin kicks things off with an audit, creating chaos as the organisation rushes to ensure they have the documents needed - often delaying projects in progress. If the goblin finds sizable non-compliance items you'll be in for a massive fine that could wipe out your profits.

  • Financial Hit: 80
  • Operational Challenge: 30
  • Customer Threat: 50
  • Risk Factor: 20

How to Defeat

Automate! Use a CSPM solution and automate most of compliance checks via code

2. The Hacker Troll

The Threat

The Hacker Troll plots to infiltrate your

environment. They'll exploit public-facing apps, misconfigurations in the systems or use techniques such as phishing to get in!

The Impact

This troll can spread ransomware across your entire network and make you pay up. They can use phishing to infiltrate your systems or encrypt your files using ransomware. Beware, they'll exploit any vulnerability they can.

  • Financial Hit: 60
  • Operational Challenge: 50
  • Customer Threat: 50
  • Risk Factor: 100

How to Defeat

Follow the MITRE ATT&CK framework to prevent common vectors of attack. Shift security left - ensure anything you deploy goes through some security scans. Embed a culture of security in your teams, do threat modelling exercises and evaluate the controls you have in place to prevent future attacks.

3. The Devil Vendor

The Threat

Watch out for this slippery devil! Vendors always attempt to rebrand their old on-prem solutions as cloud friendly. They’ll use existing relationships to worm their way in but be warned - it might be a deal just too good to be true.

The Impact

This devil attacks in multiple ways! They'll sweet talk their way in to gather support whilst luring you in with a free trial to check out the functionality. They'll lock you in for 2-3 years with the promise of a great discount - but once that deal is signed you'll need to purchase additional services for it to work.

  • Financial Hit: 50
  • Operational Challenge: 40
  • Customer Threat: 40
  • Risk Factor: 10

How to Defeat

Consider cloud native services first. Even if the solution is 70% feature complete in the next couple of years it will surpass the legacy choice. Ask the devil if they provide APIs or offer the product as SaaS - you can save money not running it yourself! Don't do short trials - a minimum of three months is needed!

4. The On-Prem Mummy

The Threat

The mummy just wants things to stay the way they are! Refuses to learn about cloud and delays any initiatives to speed things up!

The Impact

This mummy slows things down! Will take their time to respond to requests, refuse to cooperate and can actively prevent you from becoming more cloud-native. They'll hide behind security requirements or architecture standards to keep you on-prem.

  • Financial Hit: 40
  • Operational Challenge: 80
  • Customer Threat: 20
  • Risk Factor: 40

How to Defeat

Educate them about cloud! Whether that be through training, certifications or game days and hackathons to show the art of the possible in the cloud. Bring in new security architects to help your teams understand new concepts.

5. The Yes Djinn

The Threat

The Yes Djinn often comes in the form or your Material Risk Taker. Teams will visit the Djinn when they need to implement a new solution and when they need to cut corners. Usually that corner is security! Once the Djinn says YES it's written in stone.

The Impact

The Djinn can be the most expensive monster to deal with in your cloud journey. You often won't see the damage caused until a year later where correct security functionality hasn't been implemented and the Hacker Troll has made his way in!

  • Financial Hit: 100
  • Operational Challenge: 80
  • Customer Threat: 40
  • Risk Factor: 90

How to Defeat

Avoid having a single Djinn and make decisions by quorum. Focus on facts not favours. Make sure your Djinn understands the risks and keep them accountable - if a risk was accepted it needs to be remediated!

To find out more about these threats and for additional advice on how to successfully navigate your digital transformation journey, get in touch!

The State of the Public Cloud in the Enterprise: Contino Research Report 2020

The State of the Public Cloud in the Enterprise: Contino Research Report 2020

Why is the public cloud the greatest enabler in a generation? We asked 250 IT decision-makers at enterprise companies about the state of the public cloud in their organisation

GET THE REPORT

More Articles

AWS Santa Cloud Wish List

AWS re:Invent 2020: Santa Cloud Wish List

23 November 2020 by Richard Bennett
What is Amazon EC2

What Is Amazon EC2: Everything You Need to Know

20 November 2020 by Josh Armitage
Computing Rising Stars Award

Winner of Computing Rising Stars Cloud Professional of the Year Goes to Contino

20 November 2020 by Michael Chalmers
  • Londonlondon@contino.io