security

Your biggest barriers to digital transformation aren’t technical…they’re cultural – CIO


As an infrastructure and security practitioner with nearly 30 years of experience, I’ve witnessed periods of rapid change in the technology landscape. However, I have seen a lot of things stay practically the same. Historically, our jobs as infrastructure and security professionals have involved installing the “plumbing” that ensures organizations remain connected through traditional networking and security practices. Important, but rarely revolutionary.

For decades, organizations have considered networking and security a cost of doing business. Business leaders consider IT a cost center, not a revenue generator. They were just things companies had to do to keep the lights on. Those who have been successful have done those things the same way. Proven methodologies developed years ago allowed us to reliably connect users, applications, and smart devices that propelled our organizations forward. Without these capabilities, global business would screech to a halt.

Our networking and security methods have been successful. However, new developments in how employees work, businesses operate, and applications are managed are necessitating sweeping, revolutionary change. The target has moved, meaning we cannot keep doing things the way we have always done them. We need to usher in a revolution in infrastructure and security.

I have four core beliefs about technology that inform this thinking:

  1. We can do anything with technology. It’s only about where we place our time, money, and energy.
  2. The core purpose of technology is to enable organizations to operate more efficiently.
  3. Regulatory requirements may differ, but the same principles for protecting and enabling businesses apply across all verticals.
  4. The worst thing we can say as technologists is, “That’s the way we’ve always done it.” (See belief #1.)

With today’s pace of change, apathy and complacency will sink an organization faster than anything else. We’ve been hauling around IP networking like an albatross since 1974 – almost 50 years. In comparison, there were only 66 years between the Wright brothers’ first flight and humans landing on the moon (See belief #1). Some things have changed in IP networking, but it remains the same at the core.

Readers Also Like:  Homeland Security report details how teen hackers exploited security weaknesses in some of the world’s biggest companies - CNN

Overcoming growing pains

Most organizations are built with hub-and-spoke networks connecting their locations to centralized data centers. They tend to utilize a castle-and-moat security strategy focused on the network perimeter. Access to the internet, SaaS services, and cloud applications require all traffic to exit the network through myriad point solutions cobbled together to secure and monitor the perimeter. We even copied that perimeter defense strategy to our cloud environments by building virtual firewalls to control access to those applications. As mentioned, we had to do this because it was the only way. And it worked.

Over the last few years, however, the technology landscape has changed dramatically. More and more of our applications are outside our data centers. They are served to our employees and customers from cloud environments we do not manage. Unfortunately, how we used to manage networks and security does not work well in those environments. Our workforce is moving away from centralized offices to remote locations worldwide, and they are not happy with the performance of VPNs and remote access tools that require traffic to exit through the data centers. This model slows productivity, increases employee churn, and allows competitors to outpace us.

The bottom line is we have to find ways to reconsider the concepts we have carried with us for decades. And not only in terms of architecture and technology. More importantly, attitudes and buy-in from leaders and staff are imperative to successfully transform environments into cloud-enabled, platform-focused, remote-friendly workplaces that allow us to keep pace with our peers. Digital transformation is the only way forward, regardless of company size, but it requires changing how we look at networks, security, and applications.

Readers Also Like:  Improved ID verification technology boosts security at Salt Lake airport - ABC4.com

The technology challenges we can solve. Often our most significant hurdle is company culture. Companies are afraid to leap, especially technology teams. If the company is not progressive and driving change, there can be numerous reasons employees do not feel incentivized to bring ideas forward.

This may be because:

  • Employees have grown up within the organization and are familiar and comfortable with their positions.
  • Some resent their “baby” being called ugly because they have invested time building out the current structure.
  • They are often devoted to a particular vendor’s technology due to familiarity or fear of learning something new.
  • Apathy and “that’s the way we’ve always done it” thinking pervades.
  • Employees also have a fear of challenging the status quo, which might lead to retribution from leaders and peers.

Any or all of these could exist within individuals across the teams. In order to be successful in digital transformation, you have to address these cultural growing pains in lock-step of erasing technical debt. Transformation must be organization-wide with widespread buy-in.

Successful transformation requires a firm understanding of organizational change management (OCM). This is not technical change management. OCM deals with the people side of the change or initiative and often involves teams dedicated to organizing steps to calm the fears and anxiety that come with change. OCM teams are also cheerleaders for the effort and become a driving force behind gaining buy-in across management and employees. A few things that successful OCM teams focus on are:

  • Retraining and upskilling are important tactics for executing the overall strategy.
  • Ensuring management understands the strategic vision by using partner communication, analyst data, and peer calls.
  • Reassuring staff their jobs are secure, but being clear that the way they do their jobs may change.
  • Reinforcing to IT staff these changes presents them with opportunities to advance their careers.
  • Communicating, communicating, communicating. This includes conveying to management, staff, and employees the “why” behind the effort and continuously reiterating the business drivers for the initiative. Often people can get behind something as long as they understand why it is being done.
Readers Also Like:  After 47 Years, the National Weather Service's Daily TV Broadcast ... - Slashdot

In my career, I have witnessed organizations fail miserably at digital transformation. I have also seen companies come out on the other side of change stronger with a more engaged workforce, happier employees, and reduced churn. All of which positioned them for faster innovation and growth. The difference between failure and success had little to do with the technology they implemented. More importantly, success was attributed to the attention given to managing their people’s fears, anxieties, and uncertainties.

Ultimately, it is people that make a company. Regardless of what your company does or who your customers are, it is the people behind that logo or brand who will help you bring revolutionary change and success to your organization. So, don’t dip a toe into change. Lead and leap head first, and don’t forget to bring your people along with you.


To learn more, visit us here.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.