More than half (54%) of South African organisations report improved customer retention owing to their IT security practices.
The global study, “The Security Imperative: Driving Business Growth in the App Economy” was commissioned by CA Technologies and conducted by Coleman Parkes among 1 770 senior executives, including more than 100 CSOs and CISOs.
The research reveals that South African organisations specifically record a 32% increase in customer satisfaction, a 30% increase in revenue from new business through improved IT security, and a 33% increase in operational efficiency.
In the app economy, security needs to do more than just protect the business; it also needs to help build the trusted relationships critical for competing and growing the business. The majority of South African survey respondents endorsed this expanded view of security:
* 71% said identity-centric security is critical to the business.
* 73% said they need to balance strong security with enabling the business to get into new markets.
* 72% of respondents said that security is critical to protecting the brand and can be viewed as a competitive differentiator.
* 75% said that security needs to be frictionless and not over burden the user.
* More than 60% of respondents are using metrics such as customer experience, satisfaction and retention; business growth; and digital reach to measure the impact of security on the business.
“This data shows that identity-centric security is the killer app for digital transformation,” says Michael Horn, security business unit manager at CA Southern Africa. “In the application economy, customers want failsafe security and a frictionless experience. Identity-centric security applies consistent security measures across channels, allowing organisations to improve how they protect and support business operations while driving customer confidence and business growth.”
Identity-centric security helps ensure an organisation’s security practices do not infringe on the overall user experience. It requires organisations to implement more adaptive identity and access management (IAM) controls and to take a more proactive and predictive approach to preventing and detecting data breaches.
South African organisations also experience improvements in other areas of the business through improved security:
* 77% confirm that their security practices help them attract and retain talent–the third highest EMEA score after the UK and France.
* 69% have increased digital reach.
* 62% have improved the customer experience.
* South African organisations report a 33% increase in employee productivity.
According to the study, 39% of South African organisations reported an increase in IT security breaches over the last 12 months, while 9% saw a decrease. Proactive and predictive processes can greatly enhance an organisation’s ability to detect and prevent data breaches. However, only 6% of respondents can anticipate breach risk before it occurs and just six percent use controls that are adaptive based on risk.
The study also examined EMEA organisations’ current security postures in three areas of identity-centric security: the end-user experience, identity and access management and data breaches. This information allowed CA Technologies and Coleman Parkes to create a maturity model for identity-centric security, categorising respondents as advanced, basic, or limited.
Overall, the EMEA results categorised the majority of respondents as basic users of identity-centric security (68%), with a focus on core capabilities such as password management, single sign-on and some analysis and reporting. Nineteen percent were categorised as advanced users, engaging in capabilities such as adaptive security and behaviour analytics, and consistent omni-channel security support.
The analysis showed that advanced users in EMEA report significant improvements over basic users in areas of customer experience, business operations, and security:
* Advanced users saw a 34% improvement in business growth and new revenue compared to 29% for basic users.
* 93% of advanced users reported increased customer retention compared to 75% of basic users.
* 89% of advanced users experienced improvement in customer experience versus 66% of basic users.
* In terms of security, 34% of advanced users of identity-centric security have seen a reduction in data breaches compared to 24% of basic users.
The study closes with seven critical actions South African organisations need to take to adopt an identity-centric approach to security, and ensure the strategy improves performance and drives growth. Organisations should:
* Make identity the perimeter of the organisation.
* Treat security as a business enabler.
* Focus on creating trusted digital relationships.
* Protect experiences, not just data.
* Take an adaptive approach to IAM.
* Be proactive and predictive.
* Never compromise security for speed.