Both essential and costly, security has long been considered a “simple” necessity related to risks and usage. This is no longer true. Cybersecurity has become a necessary response to threats and now forms part of the very heart of the products or services of a company: a change that companies can, and must, transform into a competitive advantage.
“Cybersecurity has changed from being a costly “necessity” to a lever for competitiveness by creating new products or new services.”
We are used to seeing security as a prerequisite which is expensive to implement. And yet, when absent or faulty, it could be even more costly for the company. In this respect, the facts are impressive: phishing attack on TV5 Monde, theft of several billions of dollars across a hundred or so banks via the malware Carbanak affecting over 30 countries, data breaches and denial of service attacks at Sony or attacks on the toy manufacturer VTech… these are all episodes which result in a spectacular increase in cybercrime on a global scale. Verizon estimated the cost to be 400 billion Euros in 2014!
However, that is (almost) not the most important point. A major change is currently under way: the perception and even role, of security in the company and in its ecosystem are evolving.
Developing digital confidence
It goes without saying that a security hole can destroy value through loss of data or damaging reputation with major consequences, as there are numerous potential impacts: on operation (projects in progress, decision-making capabilities), on people (personal safety, internal social cohesion), on goods (intellectual or cultural heritage, finances, image), not to mention the legal impacts, effects of non-conformities or environmental impacts.
But it is here that security has really taken off: it is now part of a major “digital confidence” movement where “trusted marketing” is beginning to emerge. A real digital transformation facilitator, cybersecurity enables new products or services to be created which will be immediately trusted by users or current or future consumers, and thereby provide a competitive advantage.
More generally, confidence promotes dialogue, and therefore the creation of values within services and products. Following the example of the real economy, the loss related to implementing digital frontiers will result in additional costs, with a knock-on effect on competitiveness, and a reduction in trade or adoption of products.
Increasing confidence means creating fewer risks and costs, and developing new competitive advantages.
Security and new value vectors
In concrete terms, how should we position confidence in the company’s business model to turn it into a competitive advantage? Three value vectors are necessary.
Introducing security INTO PRODUCTS AND SERVICES
Security is increasingly present at the very heart of innovative products, which create new risks for the company or the consumer: connected objects, products based on NFC technology, etc.; innovations that would not be viable without native security.
Let’s take the typical example of a new competitive product. Thanks to the enhanced security protocols associated with contactless payment cards, the risk is reduced, user confidence is raised and the value of the product is increased. In this way, the adoption rate has increased and banks attempt to acquire the small-sized payment market (under €20), despite the development in France remaining weak regarding the market.
Introducing more security INTO PROCESSES
In a context of extended enterprise, the relationships between players demand a high level of digital confidence. Improving trusted networks makes it possible to improve collaborations to facilitate reliable data exchanges. Cybersecurity enables companies to strengthen their processes, such as in the supply chain or in relationships between a manufacturer and its SME subcontractors (automotive, aeronautical, etc.): competitiveness through digital confidence will be increased by better data sharing, whilst limiting risks. The same is true for relationships between banks.
The competitive cluster Aerospace Valley has therefore approved cybersecurity projects for the aerospace science industry aiming at bringing together companies in the European aeronautical and space sectors and the research work carried out by training centres. The objective is to better understand the security challenges of the entire industry, and to offer SMEs affordable solutions that meet their needs.
The major challenge of security-related skills
In order to guarantee confidence in new products or services related to new uses of digital technology, surveillance must be formalised in order to facilitate early detection and better reactions in the event of an attack: confidence requires surveillance to be implemented. In the current booming market of cybersecurity, the challenge of competency and specialisation in this field is key. Cybersecurity is currently equipped with skills related to big data and machine learning in order to improve the quality of threat detection.
The evolution of the digital economy establishes cybersecurity as both a necessity for companies and as a source of differentiation. This value must be created across the entire service chain of companies, as part of a global security policy. To become a trusted operator, players are increasingly required to build partner relationships with global security bidders specialising in their field. This trend is reinforced by legal obligations notably stemming from the Law on Military Programming and European regulations.