We notice that many companies still struggle to identify and assess security risks during digital transformations. We support clients more and more in adapting their operating models to ensure security is sufficiently embedded in all phases of the changes.
Many companies have moved towards an agile way of working, which raises questions about how security and cyber risks are addressed. Senior IT leaders are struggling to implement principles like “Shift Left” and “Secure by Design” into their operating models.
We emphasise as well a lot on the importance of the practice of “Threat Modelling”, i.e. identify which threats should be assessed and understood. This is also critical to understanding which security controls should be taken into account during the digital transformation.
To help clients embed security into their agile processes, we support clients in setting up Agile Security Architecture capabilities. This involves assessing security risks, requirements, and considerations early enough in the development of new products and services. It also ensures that security is integrated throughout the agile way of working.