At Infosecurity Europe 2019 Ewa Pilat, global CISO at Jaguar Land Rover, explored how the security function can and must support and enable the business through a process of digital transformation.
Pilat explained that digital transformation can mean different things to different organizations, but that as security professionals, “we need to understand it properly in order to provide support in digital transformation.”
Pilat added that the key to doing that is learning lessons from existing examples, pointing to the “older brother” of traditional IT. “Traditional IT, as we know, exists in many different organizations. We must make sure we provide security in a simple way, without complex policies – we should provide innovation because this is something that we can motivate businesses with.”
She said the industry should not work in siloes and should not focus on security as a separate part of the business. Referring to collaboration, she added: “We must put more effort into educating our business so as to make our colleagues feels more responsible for security and to involve them in the security topics we are covering.”
To conclude, Pilat highlighted six key pieces of advice for security functions looking to support their organization through a process of digital transformation. These were:
- Recognize scale and complexity
- Ensure top management support
- Embed security in the creation of ideas
- Educate and make the business understand security implications
- Demonstrate the value added to the business
- Do not allow creation of shadow security