digital transformation Archives - Security IT Summit | Forum Events Ltd
Posts Tagged :

digital transformation

Just Say Yes – Why CISOs must now embrace SD-WAN

960 640 Stuart O'Brien

Digital Transformation has become a business imperative, yet rather than pulling together to enable essential change, the friction between network and securityteams is increasing. The business needs to move away from data centres and traditional Wide Area Networks (WAN) to exploit the cost, flexibility and agility provided by the cloud and Software Defined WANs (SD-WAN).

Chief Information Security Officers (CISOs), especially those working in regulated industries, insist the risks associated with public infrastructure are too high. Stalemate.

Until now. Organisations are pressing ahead with Digital Transformation plans and excluding the CISO from the conversation. But at what cost? Who is assessing the implications for regulatory compliance? At what point will the Chief Risk Officer prohibit the use of the SD-WAN for sensitive data, leaving the business running legacy and new infrastructure side by side, fundamentally undermining the entire Digital Transformation project? A new attitude is urgently required, one based on collaboration, understanding and a recognition that a Zero Trust security posture can safeguard even the most sensitive data, while unlocking all the benefits associated with SD-WAN.

As Simon Hill, Head of Legal & Compliance, Certes Networks insists, it is time for CISOs to take a lead role in the Digital Transformation process – or risk being side-lined for good.

Accept Change

CISOs need to face up to the fact that Digital Transformation is happening – with or without them.  Organisations need to embrace the agility, flexibility and cost benefits offered by the cloud, by Software as a Service and, critically, the shift from expensive WAN technology to SD-WAN. For CISOs, while the migration to SD-WAN extends the attack surface, adding unacceptable data vulnerability, saying no is not an option any more. CISOs risk being left out of the Digital Transformation loop – and that is not only adding significant corporate risk but also compromising the expected benefits of this essential technology investment.

Network and IT teams are pressing ahead, insisting the risk is acceptable. How do they know? For any organisation, this is a dangerous compromise: critical risk decisions are being taken by individuals who have no understanding of the full implications. For those organisations operating in regulated industries, these decisions could result in an exposure to $10s millions, even $100s millions of penalties.

Failure to embed security within the initial Digital Transformation strategy is also compromising progress. What happens when the CISO or Chief Risk Officer discovers the business is in the process of migrating from the old WAN to a new SD-WAN environment? Suddenly the brakes are on, and the call is for sensitive data to be encrypted before it hits the network. Adding Internet Protocol Security (IPsec) tunnels will degrade performance – so the business is then stuck using the legacy WAN for data connectivity while still paying for the SD-WAN and failing to gain any of the agility or cost benefits.  More frustration. More friction between teams that should be working together to support business goals.

Drive Change

Security is a fundamental component of Digital Transformation – indeed of corporate operating strategy. Rather than avoiding change, CISOs have a responsibility not only to secure the organisation but proactively advocate change, with security as the key enabler of Digital Transformation.

Digital Transformation does not by default create an inherently insecure environment – but it will require organisations to, somewhat belatedly, embrace a Zero Trust model.  It has been clear for many years that there is no correlation between ownership and trust. Just because a company owns infrastructure and assets does not automatically infer total trust over data security. Similarly, infrastructure outside the business is not inherently untrustworthy. The key is to build trust into a secure overlay to protect data that will allow a business to operate across any infrastructure whether it is owned or public.

A High Assurance SD-WAN overlay, for example, uses crypto-segmentation to protect and ensure the integrity of sensitive data. With this Zero Trust approach, High Assurance SD-WAN means whether the network is public or private, trusted or untrusted, is irrelevant: the data security team simply needs to define the policy and, with ownership of the cryptography keys, can be confident that data is protected at all times wherever it goes.

Working Together

Adopting a Zero Trust security posture changes the outlook for CISOs – and provides a foundation for vital collaboration with the networking and IT teams. With confidence that the data is secure regardless of network location, everyone involved in Digital Transformation can achieve their goals: IT and network teams can embrace the flexibility and agility of the cloud, SaaS and SD-WAN, while the securityteam still has control of the security posture.

This can only be achieved if the business embraces a different mindset. It is essential to think about security by design from the outset – and to break down the barriers between network, IT and security. The introduction of the Secure Access Service Edge (SASE) framework provides clear guidelines for the convergence of these teams to drive additional business value but the onus – and opportunity – lies with the CISO to ensure the entire organisation truly understands the Digital Transformation objectives.

This also demands an essential shift away from a regulatory compliance focused security posture – something that is inherently flawed due to the impossibility of creating regulations that keep up with the ever changing security threats – towards a truly business driven approach. Working together to plan the Digital Transformation process may take a little more time up front but it will result in a secure foundation that will remove any constraints to innovation and agility.

Conclusion

It is time for CISOs to change. There is no value in endlessly blocking essential new technology projects; and no upside in being excluded from vital plans as a result. By taking a proactive stance and driving Digital Transformation strategies, CISOs can redefine the role, become a key strategic player within the business and act as an enabler, rather than a constraint, to operational success.

It is time to find a way to say yes to secure Digital Transformation – without compromise.

Digital transformation: The long-term revenue opportunity

960 640 Stuart O'Brien

At the start of the pandemic many people would have been mistaken for thinking that work-from-home and stay at home orders were going to be short-lived. After the Prime Minister introduced these initial instructions to the nation, many IT teams rushed like mad to maintain business continuity and productivity for their organisations. Since then, society’s behaviour has changed; and so has the way in which people work, seeing the rise of remote working. 

During that time cloud application usage skyrocketed too. Digital transformation initiatives sped up almost overnight. And, while the initial scramble focused on business continuity and technology upgrades; across the board, the cloud evolution has not ceased and neither will digital transformation. Especially since the UK is encouraging investments in connectivity and digitising Britain. Rob Hancock, Head of Platform, Giacom reflects on the last year and provides the channel with an outlook on where the opportunity to generate revenue lies through the rest of 2021.

Changing the shape of organisations 

Initially, during the pandemic, homeworking was considered temporary. But, through 2020 many organisations came to accept the longevity of the situation and changed their working policies. Today, we see more firms opt for continued remote working and / or hybrid working policies, offering a blend of office-based and remote working options to employees.

But, where does the opportunity to sell ‘remote working’ truly lie for the channel in this scenario? Research shows that in 2020 there were 6.0 million SMEs in the UK; which was over 99% of all businesses. Clearly, there is vast revenue potential available here.

Another driver of organisational change across enterprise and SMB markets is cloud adoption. Research points out that 88 per cent of organisations expect the adoption of cloud services to increase in the next 12 months. This underpins the importance of cloud within wider future technology strategies; which will, no doubt, improve organisational operations too.

Business-grade and secure

Through the pandemic we’ve seen many people work from their kitchen tables, for instance. Often employees have used their personal broadband and, in some cases, own mobile devices and laptops. While this workforce’s diligence is worth applauding, the use of their own personal technology is often not business grade or secure. At first, these temporary solutions may have been sufficient; but they are not sustainable long-term.

This is where the ongoing opportunity lies for the channel. As organisations make committed strides towards remote or hybrid-working, they will require the right blend of technology and equipment to enable employees to be productive. This means, kitting out employees with fast, efficient, robust and secure internet and voice connectivity that is suitable for their jobs. Moreover, they need to offer staff access to feature-rich communication applications, like Microsoft Teams, for unified communications and collaboration (UC&C), so that productivity can be maintained.

At a practical and physical level, organisations need to supply employees with reliable equipment to do their jobs. We’ve talked about business grade laptops and phones. But what about support with setting up ergonomic home working stations for staff, as they provide people with voice, data and cloud applications to enable them to work.

Collaboration and brainstorming applications

Before the pandemic, Microsoft Teams wasn’t used effectively by many firms. However, since last March, Microsoft Teams usage for video calls increased by 1000%. And, it is also reasonable to say that many firms have become adept at driving productivity with UC&C technology; and that they derive substantial return on investment from these applications.

The need for UC&C is not going to go away anytime soon. Meaning the revenue opportunity will remain available for a long time yet – especially in the SMB market. What will change over time is the need for richer features that enable people to do aspects of their job better, since they no longer meet as often in person. This might, for example, mean employees seek out features from technologies that enable them to brainstorm more effectively, such as digital whiteboarding – or, more accurate meeting transcription services. Therefore, CSPs and MSPs will need to work more closely to match client needs against partner technologies.

The data security opportunity

And, while remote and hybrid-working will likely remain standard for many organisations in the future, it does raise security concerns for IT teams. As various pandemic lockdowns ease over time, many people will likely be eager to change their work scenery and work in different locations. Some might want to take a week away and work remotely. Some might want to work in a local coffee shop. Regardless of their choice, organisations will have to assess if their IT security strategies are robust enough to accommodate these sorts of situations.

In these kinds of scenarios, are MSPs then equipped to help organisations with these new data security needs? Do they offer multi-factor (MFA) and single sign-on (SSO) security? What about the on-boarding of new employees at the SMB level when new staff join? Has cyber security awareness training been offered to employees – is training ongoing in order to protect data?

Line of business moves to the cloud

Aside from offering voice, data, UC&C and security technologies, many organisations are shifting entire business applications into the cloud. This was a large focus for many organisations in 2020 and will continue to be the case for the foreseeable future. This presents further opportunity for MSPs as they consult with clients. They may already be speaking with customers about these aforementioned technologies – but, since they have their clients’ ears, there is opportunity to become more deeply embedded within client organisations by supporting wider initiatives to move business applications into the cloud.  It then also means MSPs will be able to offer a great deal of value-add off the back of existing contracts and generate incremental revenue.

Conclusion

During the pandemic the channel demonstrated how adaptable it is to step up and meet customer needs fast. Strong relationships between CSPs and MSPs were at the heart of this success. But, it can’t stop there. Digital transformation is a long-term destination and the use of the cloud to support organisations is here to stay: be it for collaboration; data security; or to enable business applications to shift to the cloud. The opportunity is almost endless.

To capitalise further, though, means MSPs need to align with CSPs that can provide the strong foundations they need to support their customers with their cloud journeys. Can their preferred CSP offer collaborative consultancy and work with them to solve any technology challenges? Do they support with training and marketing? Can they bring value to the MSP’s proposition by offering a breadth of technologies that enables them to expand their portfolio of products that they offer to customers? What is their long-term technology roadmap? The right CSP partner will have all these bases covered.

What is more, the future is promising in 2021 for the channel – especially when you consider the revenue generation opportunity across that 6-million strong UK SMB market. It just begs the question about whether the channel has the right partnerships in place to succeed.

Escaping from Data Lockdown with a Digital Evolution

960 640 Guest Post

With data amassing at an exponential rate, digital transformation continues to be throttled as businesses struggle to achieve the insight they need from the data. To achieve value from data, businesses need to be able to access what they need, when they need, by the right people, in a usable format. Peter Ruffley, CEO, Zizo, has previously detailed the first three aspects businesses should consider to get out of data lockdown, including data access, responsibility and outcomes. With the data readily available and the company goals in mind, businesses need to ensure that the data they’re analysing will be of value and help them meet these objectives.

Here, Peter highlights two further aspects for businesses to consider before they can move forward in their digital transformation journey. While there is no one-size-fits-all approach to suit every company, by having available and structured data with an open and flexible culture, organisations are in a much stronger position to take on this critical shift and escape from data lockdown. 

Data structure and analysis:

Data must be structured for purpose – clean and consistent data will lead to better decisions and an easier transformation. There are many whose skill set is structuring data and building data structures; but because of their fixed belief on how they think things should be done, it can be a choke point for digital transformation. You have to be prepared to follow a business objective, even if it may apparently contradict some of the deeply held beliefs of your IT colleagues, or if the data tells you something that goes against your intuition, rather than derailing the process. 

Digital transformation isn’t a one-change process, but instead, a number of transformations will need to be made and augmented with other sources of structured data – it should be conducted as an ongoing rolling programme of incremental changes and additions. That adaptability to absorb other sources of data and find other business value is what this is all about.

It’s not digital transformation, it’s digital evolution. Some things may not go 100% to plan, therefore, you have to change and adapt based around those models. And just because every decision can be driven by data, does not mean you have to analyse all the data before you take each step. There is a case for paralysis through analysis; if you try to look at everything, you will end up doing nothing. An agile way of doing things and trying something small to see if it works, using the tools and techniques for when we want to scale up or down will enable smaller steps towards transformation to be taken faster. 

Business value and collaboration:

The key to digital transformation success is collaboration and flexibility. Businesses need to be flexible enough to digitally transform the marketplace. The tools, techniques and technologies exist, but there are only some organisations that are going to be smart, quick enough and united to actually take advantage. 

By distinguishing ownership and having a sense of collaboration within your company culture, the barriers to digital transformation will be diminished as team members acknowledge the changes that are going to be made to the business as a result of this transition. Without everybody on board, the transformation will not work. Technology is just one part of the process underpinning these changes – having an open attitude towards the use of data within the organisation is a necessity. 

People need to trust the data they’re using through provenance and understanding the business rules and objectives. Rather than trying to impose a rigid framework, using data as the foundation provides you with trusted evidence and reasoning, backed up by other areas of the business. If you’ve got a dialogue supported with data that you trust, stakeholders will buy into the initiative. 

Organisations can’t expect the deployment of tools and technologies to change their business overnight, but by having a more open and collaborative attitude towards the use of data within the organisation, underpinned by new tools and technology, a digital evolution can progress in the right direction. 

Meeting the Tests to get out of Data Lockdown

960 640 Guest Post

Digital transformation of any business has always been hampered by making sense of underlying data. And that data has been growing in volume at an unprecedented rate driven by the growth of IoT. It’s the perfect storm – the need for real-time information being increasingly distanced by the rate at which the data volume is growing. Businesses need insight, not just data, which means getting the right information, to the right person, at the right time. 

But the age-old problem remains today – how do you understand and see what data you have readily available, in a format that’s usable and that you can access at the right time? Peter Ruffley, CEO, Zizo, explores three aspects businesses must consider to get out of ‘data lockdown‘…

Data access 

There are a multitude of ways to store and access data, but a majority of businesses haven’t considered access to external data sources yet. When we begin to question how to enrich and improve data, one of the fundamental capabilities of this process is by integrating external third-party data sources, such as weather, crime or other open data sources. 

Businesses need to have an understanding of what they need to do to make the process worthwhile, and ensure they have the correct capabilities before they start. A common first approach for many organisations is to build from scratch and make it their own, rather than considering the buyer approaches where you look at what’s out there, explore the marketplace and transform existing data to use within the business, rather than starting from the ground up. 

If they can’t combine different sources of data quickly and cost-effectively together, they won’t move forward. It makes sense to digitally transform an organisation if it is going to make use of what’s already out there, as being able to tap in and share other work and insights will make the exercise worthwhile and cost-effective. With combinations of solutions available in the marketplace that can accelerate the process by providing the necessary building blocks, it’s time to transform the digital transformation process. 

Data responsibility 

There remains a disconnect between IT teams and businesses’ impressions about what it means to provide the data. If both parties are not aligned with the same aims of the business, the project could stall at the first hurdle. Instead, organisations need to bridge the divide and encourage stronger collaboration between all stakeholders. When businesses realise where those holes are in their structure, it’s key to get people involved to solve those challenges. 

This involves change on three levels; personnel, cultural and technological. Who’s responsible for this chain? Whose action is it? How do we bring these teams together? The business might be storing a lot of data, but how can it be accessed, interrogated and made useful? How will the business’ data goals be defined? 

Typically, the digital transformation initiative comes from the top in the organisation. In order to get your business on board, you have to make a very clear case of what the benefits are. Employees need to trust that improvements will be made for them by doing this, rather than just dictating the plan. Digital transformation is a change programme, which impacts all aspects of the business. You therefore have to approach it in the same way that you would approach any change project – with clear objectives and an agreed process of identifying how you’re going to get value from data. With a compelling case, you have a much better chance of carrying it through with buy in from all stakeholders. 

Data and objective identification:

You can’t embark on a digital transformation initiative without a concept – you’re condemning the project to failure if the business is not engaged properly with the process before you start. In order to yield business benefit from data, organisations must identify the areas that will realise the most benefits. Even if they’re hypothetical, there must be measurable ambitions in place or milestones for this journey, so that there is an understanding of what you’re going to do, and what you want to get out of it. Or if those ambitions weren’t achieved, why not? What steps need to be taken next time? 

Organisations have to be able to collect the data and assess whether they can achieve their business objectives from that data. But a goal of just ‘digital transformation’, ‘digitising data’ or ‘making more money’ will never translate into a concrete business case. Goals need to be specific and measurable in order to determine the project roadmap and for success to be evaluated. 

More importantly, you have to understand where the data is in your organisation and what it’s being used for, before you start the process of transformation. The whole supply chain needs to be aware of the transformation and the demands that are going to be in place. You’ve got to be very open about this process, because there will be people who you haven’t thought of that might be impacted by the changes you’re making.

With easy access, a connected team and clear objectives, companies can have a clear outline of what it is they set out to achieve in their digital transformation, how they expect to make this transition with the data available, and who can take on what role in this process.