The purpose of digital transformation is to enable core business competencies with modern technology. A car company should sell cars. An insurance company should sell insurance. A tool company should sell tools (or "rent", as one of our recent podcast guests would say). Each should care about the customer experience. None of these companies should be in the business of building complicated network infrastructure—especially when you can easily consume it as a service in the cloud.
Unfortunately, most companies choose to be in the business of building infrastructure solutions internally. They default to a hub-and-spoke architecture with castle-and-moat security that is complex, custom-built, and data center-centric.
While this may have worked well in the past, now that everyone is on the internet, apps live outside the data center, and user identity and context should anchor access and security provisioning, it's outdated.
In episode 4 of The CIO Evolution, Sunbelt Tools Chief Digital & Technology Officer J.P. Saini and Zscaler Senior Director of Transformation Strategy Pam Kubiatowski spoke with CXO REvolutionary Les Ottolenghi about the implications of securing data in today's computing paradigm and getting into what exactly we mean when we talk about the digital transformation buzzword and its impact.
Below are some of the highlights:
What does “digital transformation” mean across enterprises, and what are the key things organizations are trying to accomplish?
To set the stage, the group attempted to settle on a similar schema for digital transformation. Unsurprisingly, it was difficult. Different companies across different industries are going to think about digital transformation differently depending on their needs and technological maturity.
Pam's observation: “It doesn’t matter what industry you’re in: healthcare, manufacturing, financial, governmental. Everyone is on a digital transformation path, or they're thinking about it. And what I see commonly, it's all about giving the business, the flexibility of a user, getting to the resource, an application, wherever it resides.”
The reality is that digital transformation is a means to an end. And that end is creating an optimized business process with the customer at the center. JP reported on what his teams were doing at Sunbelt Rentals:
“You've got to think about the complete business cycle of an asset that goes through different iterations and different stages of life on a day-to-day jug. So for us, we look at everything from how do we bring e-commerce to the marketplace from an app to a website, to brick-and-mortar channels. And how can we employ dynamic pricing to each of these channels where you have all the levers to pull as a business and all the benefit to the customer in terms of demand and supply and availability and other things.”
What this means for a CIO is that the customer journey across digital touchpoints is an IT concern, and bringing data together to deliver a single view of the customer across the enterprise is the path to delivering the experience that JP described.
What cultural steps do enterprises need to take?
Digital transformation requires a deep understanding of the bigger picture with all the contours shaped by connectivity, management, performance, cost, and ROI. But the most important concern before embarking on a cloud transformation journey is people. How open are they to change? Many C-level leaders neglect to ask, “Is the IT team adequately prepared for our transformation journey?” Digital transformations are more likely to succeed when champions recognize at the outset that the biggest challenge to transformation strategy isn’t technical.
Pam pointed out the value of communicating the vision: “You have to embed it into your DNA of a culture of a company because it's gotta be what you eat, you breathe, you sleep right in...you've got to instill in your staff. It's got to come from the top down...I see so many organizations struggle because their technical staff doesn’t understand what ‘tomorrow’ is.”
JP emphasized that transformation must come from the top-down, and that technical expertise might not be a necessary leadership requirement: “Your best cyber leader might be a proven non-cyber security executive who knows the business better than they know security. They probably have key relationships throughout the company and have a general appreciation for technology. You almost need a leader who can connect with teams on some emotional and logical level to what you're trying to do. That brings in a lot of energy to the table, and builds that synergy that you need to start moving.”
The lesson is that digital transformation success hinges on your ability to identify talent and specialization within teams and redirect energy and momentum towards a shared vision. Cultivating buy-in from all stakeholders is a fundamental part of transformation culture, much more so than just assets or applications.
What are the data points that are critical for digital transformation leaders?
Getting IT excited about embracing a new vision and being an enabler of the new future of the business means ensuring a shared understanding of your organization’s goals and how each role fits in achieving them. Focus the discussion on solving a business problem.
IT pros have an active place in network transformation if they are willing to think differently about their roles and how they contribute to achieving business goals. You need to set down a flag and claim territory over some transformation project using measurable goals. Don’t try to boil the ocean all at once.
JP conveyed: “Cloud-first shouldn't be seen as a burden or a big lift, but in fact, ongoing with shared risk-shared benefit model. Have a good strong enterprise architecture. Don't have security as a retrofit. Do security, day one.”
Pam: “It's getting more complicated relative to governmental requirements. IT can't do this alone. It doesn't matter whether it's IT or cybersecurity or both of them together. They have to be unified with the business to understand where the business needs to go, and understand how do they deal with data?”
As business models change, security chiefs should play a key role in the cultural question and help the organization overcome barriers to balancing risk with progress and communicate a strategy at the oversight board level.
What are the security requirements that are essential vs. ones that are nice to have?
Enterprises expanding to more cloud providers, adoption of more SaaS services, and broader connectivity mean a larger attack surface. Part of digital transformation is making sure that security teams can protect the corporate crown jewels: data and assets.
JP: “One of the core principles of experiences that we're designing is that our brand credibility relies on a secure transaction. Frictionless, but secure. And when that comes to play every day, hundreds and thousands of times, it just builds up brand credibility where people will come back willing to give us more data. They're willing to interact with us in ways that they haven't before. So security is betterment.”
Pam: “I truly believe there aren't any “nice to haves” when it comes to security. It's about what I am going to prioritize based on the funding I have. You're going to go ahead and you're going to evaluate it, you're going to look and prioritize your risk against your vulnerabilities.”
Listen to the conversation in episode 4 of The CIO Evolution and get all the insights.