Driving forces are the elements in an industry that cause major changes in an industry’s structure and competitive environment. Driving forces are important to understand for cybersecurity because they will prompt some change in the organization in response to them. Due to driving forces, industry participants will drastically have to alter their actions. Driving forces fit into some of the following categories: Technology, Regulation, Societal forces, Suppliers, and Labor.
For example, for cybersecurity, technology driving forces include the software and hardware that is released to solve business problems and address specific security concerns such as encryption software, token authenticators, or password cracking tools. Driving regulatory forces in cybersecurity include privacy, intellectual property, or safety regulation. Societal forces in cybersecurity include the perception of privacy and the pressure society at large applies to companies to keep data secure. Customers may demand some minimum standard in cybersecurity to continue working as a supplier to the customer. This is most common when working for government organizations or government contractors. Lastly, labor may include the importance the average employee places on cybersecurity. I have placed this in a table for easy reference.
|Driving Force||Cybersecurity Examples|
|Technology||Encryption software, token authenticators, password cracking tools|
|Regulatory||Privacy, intellectual property, or safety regulations|
|Societal Forces||Perception of privacy, expectation people have for companies to keep their data secure|
|Supplier||Customer cybersecurity requirements|
|Labor||Employee views on the importance of cybersecurity|
Security managers must be aware of an industry’s driving forces to make good strategies because of the large impact driving forces have in the industry. Strategies must be feasible given the expected forces and should take advantage of opportunities these forces may bring about.