A new global study from CA Technologies has revealed that organisations are measuring the success of IT security beyond just breaches and compliance – they are now including business performance indicators that contribute directly to revenue growth.

The study, The Security Imperative: Driving Business Growth in the App Economy, polled 1 770 senior business and IT executives, including more than 100 CSOs and CISOs, about their attitudes towards IT security practices and the impact they see it having on their business.

The majority of survey respondents said that IT security, specifically identity-centric security, needs to do more in today’s environment than protect the business – it needs to help build the trusted digital relationships that are critical for competing in the application economy and growing the business.

• 82% said identity-centric security is critical to the business.
• 83% of respondents said that security is critical to protecting the brand and can be viewed as a competitive differentiator.
• 81% said that security needs to be frictionless and not over burden the user; and
• More than 60% of respondents are using metrics such as customer experience, satisfaction and retention; business growth; and digital reach to measure the impact of security on the business.

“This data shows that identity-centric security is the killer app for digital transformation,” says Michael Horn, CA Southern Africa, security business unit manager, head. “Enterprises and government agencies are rethinking their approach to security to protect and enable their businesses. Any successful digital transformation requires an organisation to build trusted digital relationships with their customers, employees and partners, and identity-centric security is the foundation of that effort.”

The study also examined respondents’ current security postures in three areas of identity-centric security: the end user experience, identity and access management, and data breaches. This information allowed CA and Coleman Parkes, who conducted the study, to create a maturity model for identity-centric security, categorising respondents as advanced, basic or limited.

Overall, the global results categorised the majority of respondents as basic users of identity-centric security (64%), with a focus on core capabilities such as password management, single sign-on and some analysis and reporting. Twenty-five percent were categorised as advanced users, engaging in capabilities such as adaptive security and behaviour analytics, and consistent omni-channel security support. The analysis showed that advanced users report significant improvements over basic users in areas of customer experience, business operations and security:

• Advanced users saw a 47% improvement in business growth and new revenue compared to 40% for basic users.
• Eighty-seven percent of advanced users reported improvement in customer experience versus 76% of basic users.
• Advanced users reported a 50% improvement in employee productivity as compared to 40% for basic users.
• And when it comes to security, twice as many advanced users of identity-centric security have seen a reduction in data breaches compared to basic users – 41% versus 21%.

The release of these results coincides with National Cybersecurity Awareness Month (NCSAM) taking place during October 2016. CA Technologies is a Champion of NCSAM, which was created as a collaborative effort between government and industry to ensure all digital citizens have the resources needed to stay safer and more secure online while also protecting their personal information. NCSAM is designed to engage and educate public- and private-sector partners through events and initiatives with the goal of raising awareness about cybersecurity in order to increase the resiliency of the nation in the event of a cyber incident.