Securing the results that matter
- 30 January, 2018 06:30
'Revel in pure innovation'
"Innovation - which used to be called research and development or R&D - has become entangled in economics.
Funding innovation based on financial benefits only, especially with untested and quite probably inapplicable or worse still, inappropriate technology, is a recipe for failure.
Pure innovation can never be justified in that environment.
Funding innovation based on financial benefits only is a recipe for failure.
The incentive to fund innovation has to come from non-fiscal elements like cost savings or financial benefits.
Innovation should be seen as a form of protecting your future. It's a means of safeguarding future growth. It can enable development for new markets or simply just help understand and analyse where the business is going.
R&D has become a toxic component of budgets. When revenue and growth are good, budgets are minimal. When revenue declines, budgets are slashed. it is the first item to be cut, much like training and staff development.
This is counter-intuitive and ironic. I have seen, in difficult times, where innovation is the only way to make change, it's the only way out of the current problem area.
When the times are lean, companies need to understand why they are not winning their fair share of the market. If the market is the same size or shrinking, then innovation is the only way to improve. We have seen that time and again.
Inside any organisation there will be people interested in new areas such as artificial intelligence or blockchain.
My suggestion is to create special interest groups which harness that enthusiasm to qualify new, emergent technologies.
Creating a funded pseudo R&D group based on special interests would give people the opportunity to participate, and encourage them to go outside of their assigned remit.
Organisations should then look to increase cross-disciplinary collaboration using models which leverage existing people talent.
Some of the greatest innovations have come from this approach. Such 'skunkworks' have resulted in advancements in business and
engineering, most notably in aviation. They do not have to be funded in the traditional way. A company can provide food, beverage, materials, and the facilities to create ‘skunk works’.
Those that have done this before and been successful are the ones in heavy engineering. Those in pure technology, deal with innovation as part of their daily business. They need to find new things, and they need them to be faster, cheaper, smaller or leaner.
Years ago, a smartphone manufacturer was churning out same old designs for its products. It was losing market share in this highly competitive arena.
The CEO of the company challenged the engineers to come up with something revolutionary and challenging. The engineers were put up in a hotel room and told not to come out until they have achieved a design that was better, faster, smaller and lighter than their current model. They succeeded and rekindled the company's sales in the sector, promoting new growth. The device that came out was heralded as a leap forward in design.
But the process to achieve it was not formal, there was no ‘this is the business case, and that is the problem we will solve.’
’Innovation is about adventure, about going on a journey. You don't need a business case to go on holiday but unfortunately, in companies today, you need a business case ‘to dream’.
- Bradley de Souza is a technology and transformation professional who has held CIO/CTO and CDO roles across the globe
‘Create an entire organisation defense team’
As we welcome in 2018, we continue onwards with a theme of digitisation, disruption and diversity. Within our organisations, our leadership and our technology, change is no longer a scheduled event but an accepted constant.
For security that means we need to move faster and scale in a way we have so far struggled to do.
Turning our compliance driven education efforts into engaging and more importantly measurable tools - with a need to create specifically targeted behavioural changes that suit our own specific risk profile. This will be the year that we should spend time really understanding what maturity means in the security awareness and culture space and how we measure it effectively.
We should be asking what recourse customers have if their data is involved in a breach
If we cannot hire enough people for our roles then we need to embrace collaborative defence, skilling our teams in common tasks, providing autonomy and allowing security professionals to tackle the specialist roles.
- Embracing our part in the supply chain
The emerging space of supply chain security has been a hot topic since 2015. However, the majority of organisations still have a long way to go when understanding their role in it and the risks involved.
The majority of organisations are both suppliers and consumers. Not only do we need to be more actively assessing risk with our solutions and technology choices, but also our own responsibilities if our systems are breached.
Supply chain security needs more than just buying a big name.
We have a responsibility to really dig into our suppliers security posture and understand how they are protecting our people, systems and data. The same way that our customers will be asking the same of us.
This protective due diligence must start to include not only what preventative controls the supplier has taken, but also their ability to detect and respond to security incidents.
Finally, as showcased by the Equifax situation of 2017, we should be asking what recourse customers have if their data is involved in a breach. As suppliers or as consumers, we all have an interest in how this develops.
Fail fast, review often and adapt quickly
The technology space is rapidly evolving and part of this is down to a shift in the way that software and products are engineered and companies are built. The engineering world has embraced the idea of validating ideas before building them, testing assumptions, measuring effectiveness and iterating quickly when there are issues.
As security leaders we need to start modelling these engineering behaviours. Measuring the effectiveness of controls, validating the risks really faced by our organisations and iterating on our solutions quickly. We have to be sure enough of the importance of our mission that we are willing to abandon our approaches if they are ineffective. This, for many of us, is a big change.
‘Manage the digital balance’
CIOs wanting to enhance their company’s digital transformation must be able to articulate the business benefits to all the stakeholders. As the role of the CIO has changed, from someone managing operational systems and IT infrastructure, to an enabler of change, CIOs need to focus on harnessing data and also on communication. You need to balance the foundational responsibilities you have with your role as a change agent.
CIOs are now in a position through technology, to empower business leaders by giving them access to up-to-date and relevant data so they can make better business decisions.
CIOs need to balance their foundational responsibilities with their role as a change agent.
Modern CIOs are collaborative CIOs and they need to focus on aligning IT infrastructure with business goals. They need to continue to strengthen relationships across the business to ensure all department heads are onboard with them for the digital transformation journey.
Throughout the digital transformation process there will be changes to workstyles and traditional processes so it is important you have a clear vision and objectives that everyone understands.
The entire organisation needs to understand the process and the end goals and you need to ensure that they receive constant communication and updates.
To enhance digital transformation in 2018, CIOs need to continue to show the business benefits of the transformation and keep the entire organisation informed of changes and developments.
David Hope is president APAC at Workday
Get the latest on digital transformation: Sign up for CIO newsletters for regular updates on CIO news, career tips, views and events. Follow CIO New Zealand on Twitter:@cio_nz Join us on Facebook.
Send news tips and comments to firstname.lastname@example.org
Follow Divina Paredes on Twitter: @divinap