Security Experts:

Digital Transformation and Cybersecurity as a Competitive Advantage

The last few months have shown us that it is possible to accelerate digital transformation significantly. The COVID-19 crisis has forced companies to move extremely fast on everything from online collaboration tools to secure remote access for their manufacturing facilities. In fact, in Microsoft’s quarterly earnings report to Wall Street, the CEO stated that they’ve seen two years’ worth of digital transformation in two months. Their customers are embracing “remote everything” to adapt and continue operations. 

The ability to move fast drives competitive advantage and can have significant impact on your company’s bottom line. However, in conversations with CISOs and CIOs we’ve seen a huge disparity in levels of preparedness and the ability to adjust operations, depending on where companies fall on the spectrum of digital transformation. For example, companies in the manufacturing sector that had already started moving to the cloud and SaaS applications and had secure remote access in place were able to pivot faster. Employees who had previously worked onsite could continue to make changes to production lines and manufacturing processes while working remotely. Vendors who provide services like asset performance management – collecting and analyzing data from physical assets within the manufacturing ecosystem for predictive forecasting, condition monitoring, and reliability maintenance, all through some sort of cloud connectivity – could continue to deliver those services irrespective of their employees’ work location. 

On the other hand, companies who still relied primarily on entirely on-premise IT infrastructure faced a much more complex task, in both maintaining the infrastructure and enabling employees to do their jobs efficiently. They quickly realized they were operating in an environment that was not sustainable. Forced into a new reality without the advantage of proper systems architecture design and security measures, they struggled to maintain operations and exposed their business to greater risk. 

So, what was holding many companies back, and how can more companies start to accelerate digital initiatives and emerge stronger from the global pandemic? This is not a technology issue, but a human issue. Digital transformation may be inconvenient, but it is possible, and the rewards can be game-changing. 

Three ways to move forward, faster

Here are three recommendations that can help foster acceptance for these initiatives so that more companies can move quickly – not only when the next crisis comes, but every day – and drive business value.

1) The person in charge of digital transformation, be it the Chief Digital Officer (CDO) or some combination of the CIO, COO and CISO, must garner support from the rest of the executive team for digital transformation projects. There is no better time than now to pursue this, as your fellow officers went through the last few months with you and felt the pain of not being prepared. In my experience, budget is not the primary gating factor but the pace of people, and you should be in a better position now to get their support. However, if budget has been an issue in the past, that may no longer be the case because many board members have been very hands on during the global pandemic. Meeting every few weeks instead of every few months, becoming involved at an operational level, and providing guidance during these challenging times, they have likely gained a greater appreciation for the positive impact digital transformation can have on the business. Having all stakeholders aligned removes complacency and bureaucracy constraints that may have been holding you back. 

2) Security is a foundational component of the digital transformation process, so make sure the CISO is involved at every phase. Early in the digital transformation journey, initiatives that open new connectivity vectors to the enterprise infrastructure for key personnel or collect data from equipment and store and analyze it in the cloud, can optimize processes and cut costs. Moving further along the journey, devices on the edge use machine learning, artificial intelligence, facial recognition, and other technologies to augment your ability to monitor and manage the manufacturing process, for example. Robots in industrial manufacturing environments are starting to be connected and fed data to respond to changes on the factory floor. Each of these digital transformation projects can help drive competitive advantage, but all this data and these processes must be secured from the start to give stakeholders greater confidence to move forward. 

3) Communication and transparency around risk associated with projects like these go a long way toward gaining acceptance for digital transformation initiatives. It is the responsibility of the CISO to explain the relative impact of potential breach scenarios, so that the executive team and board understand the risk and can choose to accept or mitigate it. The operational technology (OT) environment is where manufacturers make their money and any threat to availability or uptime can significantly impact the bottom line, so expand the information technology (IT) discussion to include OT security. With security controls that allow IT and OT teams to look at processes and governance holistically, you aren’t just advocating for secure digital transformation, you have the tools to do it efficiently and effectively. You can give executives a complete picture of the organization’s risk posture in its IT and OT environments and show how you are able to protect these environments from breaches and safeguard data.

Humans are used to doing things a certain way and our natural tendency is to continue down the same path. However, when faced with a crisis we are willing to experience short-term pain for long-term gains. Leveraging this moment to build coalitions, focus on security, and improve communication and transparency, we can continue to accelerate digital transformation for competitive advantage, even after the crisis fades.

view counter
Galina Antova is the Co-founder and Chief Business Development Officer at Claroty. Prior to that, she was the Global Head of Industrial Security Services at Siemens, overseeing development of its services that protect industrial customers against cyber-attacks. She was also responsible for leading its Cyber Security Practice and Cyber Security Operations Center, which provided managed security services for industrial control systems operators. Previously, Ms. Antova was with IBM Canada, with roles in the Provisioning and Cloud Solutions business. She holds a BS in Computer Science from York University in Toronto, and an MBA from the International Institute of Management and Development (IMD) in Lausanne, Switzerland.