Alexander Loth

Decisively Digital


Скачать книгу

be comfortable with technology. After all, if you have a group of citizens or a group of co-workers who are not digitally savvy, you are not optimizing the use of their skills and also risking reducing the resilience of your enterprise.

      The third ingredient is relentless curiosity: continuously exploring how operations currently work, what can make them more efficient, and how value can be added. This rigorous approach will create a culture that builds digital thinking into strategy and operations.

      Alexander: What approaches will managers need to take to advance an enterprise's digital culture?

      Edna: Similar to what I shared about the ingredients for establishing a digital culture, managers must focus on people.

      First, managers should ensure that those whom they have the privilege of leading have a strong digital foundation. That foundation must include methods to assess and further develop digital skills and techniques to evaluate where and how a digital solution could enhance the business.

      Second, managers must embrace regular reevaluation of their operational plans. That reevaluation should include asking yourself and your team these questions:

       Is there already an existing tool that we could leverage to free time for critical thinking rather than task implementation?

       Does another team already have a digitized process that can be applied to this team's work and goals?

       Can we, and how would we automate operational tasks?

       What are the platforms and tools we are using or could use to collaborate digitally and serve as the repository(ies) of our work product?

      Alexander: What are the most important digital capabilities for protecting users' identities and data?

      Edna: I would focus on the following four digital capabilities to protect identity and data:

       Role-based access control

       Digital identity management

       Encryption

       Network and function segmentation

      And, as always, educate users on how to identify and evade efforts to gain credentials and information.

      Edna: Today's reality is that the workforces of both private enterprises and the public sector use their own devices. No one entity can manage all the devices in the modern economy. You can, however, manage the way those devices

       access your core infrastructure;

       access, duplicate, edit, or extract your information; or

       implement workflow tasks.

      Deploying identity management (for example, multifactor authentication) and monitoring who is creating, accessing, changing, and operating from what device will serve you well.

      Alexander: Threats are changing. How do we have to adapt?

      Edna: There are three key points that we need to consider when we want to adapt to new threats:

       Slow down: You are at risk of making a mistake when you are in a rush.

       Be vigilant: Stay aware of the changing threat landscape and attack vectors and leverage a revisit of your security practices as you learn.

       Conduct pre-deployment testing: Running in sandboxes prior to full operational deployment supports a diligence process based on staged implementation. Only when verification is achieved should a full deployment proceed.

      Alexander: What will happen to companies that don't level up in digital maturity and organizational readiness?

      Edna: They won't be in business. Leveling up in digital maturity and organizational readiness is not optional — it is an intrinsic necessity in today's digital age.

      Alexander: Do you see a chance in low-code environments for employees to design business processes without software development skills?

      Edna: I think that employees can design business processes at any point in time without software development skills. However, processes need to be implemented. Doing so in a digital age may not require software development skills if the implementation plan was designed with developers at the table who could ensure that process users can implement digitally. At some point someone who knows how to code needs to have been part of the team — period!

      Alexander: Ten years from now, how do you think our workplace will look?

      Edna: People will be wherever they want to be. Ten years from now, there will still be meetings at headquarters because people are creatures who require being with one another and developing rapport. We will never stop shaking hands, hugging, and understanding the feedback we get from being physically with one another.

      I also believe that efficiencies will be added by the use of digitally controlled machinery and vehicles. These are adding more to our human capabilities every day.

      Alexander: Thank you, Edna. What quick-win advice would you give that is easy for many companies to apply within their digital strategies?

       Edna:

       Deploy a flexible enterprise resource planning (ERP) system.

       Lock down identity management deployed in conjunction with a role-based access plan.

       As for your data: segment, segment, and segment.

      Edna: Pick up the phone and talk to someone.

      Alexander: What is the best advice you have ever received?

      Edna: The best advice I ever received was from my mother: never judge a book by its cover. This advice is even more relevant in today's digital world.

       Going digital demands that you assess what should be automated, not just what can be automated.

       To build and retain trust, focus on two key digital capabilities: security and resilience.

       In 10 years, people will be wherever they want to be, but we will never stop shaking hands, hugging, and seeking the feedback we can only gain from being physically together.

      1 1 XaaS (X as a Service) refers to something being presented to a customer as a service, typically in the context of cloud computing. XaaS provides endpoints for customers that are usually API driven but can also be controlled via a web browser or within applications. Typical examples are software as a service (SaaS) such as Office 365, infrastructure as a service (IaaS) such as Hyper-V, and platform as a service (PaaS) such as Azure.

      2 2 “2020 Global IoT/ICS Risk Report,” CyberX,