Digital transformation is crucial whether you lead a small business or an enterprise. But it’s hard to do, expensive, and unfortunately, the odds of success are low. So how can IT and security leaders step in to improve the odds and become invaluable to the organization brand?
“Digital transformation” (or “DX”) as a term has become thrown around so much that it’s gained buzzword status. For the purposes of this blog, when I refer to digital transformation, I’m talking about implementing digital technology to fundamentally change business operations and the customer experience.
Here are some examples of digital transformation and technologies associated with it:
- Customer self-service
- Cloud computing
- Machine learning
- Artificial intelligence
The necessity of evolution
In his TEDx talk, The art of innovation, Guy Kawasaki tells an interesting story about the ice industry. Here’s a paraphrased version:
Ice 1.0: in the late 1800s, ice harvesters would go to a frozen lake in winter to cut blocks of ice. Their “innovations” were bigger horses, more horses, bigger sleigh, etc. But that never changed that they had to wait for winter, live in a cold place, and cut blocks of ice. 30 years later, this business died out because of…
Ice 2.0: Ice factories. It didn’t have to be winter, or a naturally cold place. They froze the water themselves and had ice men deliver it via trucks. This was a huge breakthrough because it got rid of previous limitations. And yet this business also died out 30 years later because of…
Ice 3.0: Fridges. Now everybody has their own personal ice factory. No need for a factory, no need for ice delivery men.
But the businesses of Ice 1.0 and 2.0 didn’t have to die out—the problem was that none of the harvesters became factories, and none of the factories became fridge companies. They defined themselves in terms of what they did:
Ice 1.0: We go out in winter and cut up big blocks of ice, then transport it via horse and sleigh to the cities so people can come and buy it.
Ice 2.0: We freeze water, and then send it to our customers’ homes via ice delivery men.
Whereas they should have defined themselves in terms of the benefit—just ice—and kept finding new, better ways to deliver that benefit.
All this to say that any company that wants to survive needs to innovate. Today, that often means digital transformation.
Some industries taking advantage of DX
Here are some ways that industries are changing due to digital transformation. Note that each of these examples would require heavy involvement with the organizations’ security teams.
Digital transformation in healthcare
One trend is wearable medical devices. This example of DX is on the rise because more patients are focused on prevention and maintenance, rather than only seeing a doctor when something goes wrong. Healthcare companies would also be able to collect their own health data from these devices, which include heart rate sensors, fitness trackers, and oximeters.
Digital transformation in education
Educational facilities, like colleges that need to store sensitive student data, are finding a lot of benefits in blockchain. The major benefit, of course, is the ability to store information securely. But since it’s used as an authenticity check as well, it can be used as an anti-cheating measure.
Digital transformation in financial services
Automated wealth managers are AI-driven bots that can help users calculate the best investment opportunities, loan providers, interest rates, and more. They also factor in the user’s risk tolerance and other preferences. Sometimes these robo-advisors offer direct control over the user’s portfolio so the user’s trade system is completely automated.
The risks and odds of success
Digital transformation is tricky and very expensive, so it’s not something anyone does by flippant choice. Again, it’s a strategy for long-term survival. And yet the failure rates are astounding.
Depending on the industry, only 16 – 30% of organizations’ digital transformations have successfully improved performance and sustained the changes, according to McKinsey.
In 2018, IDC estimated $1.25 trillion in worldwide spending on digital transformation in 2019. By these success rates, that means that $875 billion went to waste last year.
So, what can organizations do to raise the odds of success? And where do IT and security leaders fit in?
The impact of cybersecurity on brand
Before we go on, let’s talk briefly about brand.
According to Marty Neumeier, who literally wrote the book on branding, a brand is a person’s gut feeling about a product, service, or organization. It is not a logo or the product itself.
How do you think a customer’s gut feeling about an organization changes when a failure in security leads to their personal information getting stolen?
So why are any of us still pretending that security teams don’t need to be consulted from step one on any digital transformation project?
Security needs to be considered from step 1
In the last couple of years, there have been so many horrifying headlines that I probably don’t need to do much to convince you that security needs to be baked into design. This means that security leaders should be included in the earliest conversations, and not in the late stages as an afterthought.
This goes not just for discussions about technology and processes, but for people too. Meaning that everyone in the organization should feel responsible for the organization’s security. But how do you build a security-minded culture?
For starters, examine what behaviors your organization rewards. If someone identifies a phishing attack and reports it, that’s something to be celebrated even if it may seem mundane. And make sure everyone knows about the successes and impact of your security team!
On the other hand, most organizations reward agility. But if a project is completely quickly at the expense of security, you might think twice about celebrating that.
Mitigating resistance to digital transformation
Odds are that there are some employees who like the way things are done now and may dig in their heels when change comes. In my experience, communication and true listening go a long way.
Make sure to let all groups at your organization know about the project and what that means for them. Explain why this decision went through and what you hope to gain. (Pro tip: avoid all the jargon and complicated language you can. Be clear and direct—it’ll seem less like you’re talking down to them and more like you’re genuinely trying to build bridges.)
If they have concerns and objections, really listen and talk through them. Not only do people always appreciate feeling listened to, but the project may benefit from different points of view.
Luckily, more and more executives are realizing the importance of including security teams from the beginning of projects. Today, when digital transformation is a must for organizations large and small, IT and security leaders’ involvement is more important than ever before.
For more reading on IT and security’s involvement in corporate strategy, you may enjoy these articles: