In a perfect world, organizations would have unlimited resources to be able to implement iron-clad security measures as well as pursue a business growth and innovation agenda. But as insurers become increasingly eager for digital connections and mobile apps that depend heavily on availability, they do not want to be slowed down or stopped by concerns about security.
Building an agile organization that can move quickly to seize marketplace opportunities while not exposing itself to too much risk is one of the challenges of a multi-speed business and IT operating model. Insurers need to make difficult choices as to where to place scarce resources and how to strike the right balance between spending to protect the enterprise and spending to enable innovation and growth.
These decisions require a detailed understanding of quantified value. CEOs, CIOs and other C-suite executives need to choose where to invest, but they also need to consider the residual portfolio risk that results from not investing. Just 38 percent of insurance executives surveyed by Accenture “strongly agree” that balancing spend-to-protect and spend-to-enable is mature and continuously managed in their organization, while 49 percent believe their organization could do more to improve in this critical area.
The CEO must play a key role in balancing the two—working hand in hand with the CIO and other business leaders to set the tone for the company’s push/pull investment decisions between enabling and protecting. The CEO also needs to advance the importance of business continuity with the entire leadership team. That way, when (not if) a breach occurs, the discussion pivots quickly from “What is our plan?” to “How is our plan working?”