The Digital Transformation Playbook

Jon Townsend, CIO, National Trust

Jon Townsend, CIO, National Trust

While working towards a company’s overall growth, leaders often place less importance on infrastructure security—both online and offline. However, with digital transformation disrupting business processes today, cybersecurity must hold the utmost significance in a CEO’s playbook for success. Although a majority of companies in the market have obtained and established robust cybersecurity policies to safeguard their IT infrastructure, there still exist many who are working their way through a precarious and unsafe networking space. According to Cisco’s cybersecurity risk report 2019, at least thirty-one percent of organisations at some point have encountered cyber-attacks or data breaches.

To break down many such industry trends and shortcomings, Jon Townsend, the Chief Information Officer (CIO) of National Trust, offers insights into the current cybersecurity landscape and how companies can improve their IT infrastructure security in a tech-driven world.

As a CIO, can you please shed some light on the current challenges in the security market?

As the market expands with the admission of more businesses, all of them face a similar situation of rising customer demand. Consumers are constantly asking for more, in terms of innovation and augmentation of business processes. And, to cater to this pressing market demand, technology is one of the most powerful and useful capabilities that industries can utilise. With time, companies have arrived at this conclusion and have started to rely largely upon technology. Hence, to understand and fulfil these demands completely, an organisation needs to prioritise its attention towards finding the correct technology solution that suits their goals. Secondly, it is imperative to integrate IT infrastructure seamlessly into business processes to deliver efficient and positive results, and enable a transition into a digitally-equipped entity.

What are some of the best practices that your organisation undertakes to mitigate the challenges that you face?

One of the most important aspects of digital transformation is that industries will always have to deal with legacy systems. So a big part of successfully implementing digital transformation is to make sure that no part of an organisation is left behind and no archaic system remains unchanged because that can become an opening for bad actors to exploit, causing a potential security threat. To accomplish this feat, we have to practice more infrastructural discipline and ensure that we implement a sound technology strategy that not only helps us presently but also remains relevant in the future. 

Moreover, in the era of connected devices, implementing a security model has become perilous as multiple networking operations are coming together, and this requires an IT infrastructure that can facilitate security capabilities on-premise and cloud. Another important discipline that we need to maintain and enforce more often is to minimise the customisation of solutions and services that are currently being used, as this can make upgrades complex and therefore difficult to implement. Lack of upgrades can lead to vulnerabilities and open organisations up to threats. Threats also come with distinct features and vendors need to be able to tailor their offering accordingly to stay in pace with any evolving risk.

From a CIO’s perspective, how much time should one spend on being an operations leader versus a transformation leader?

As a CIO, we are dealing with business operations and handling business consequences and outcomes concurrently, so we are bound to experience certain hurdles. It is our job to minimise their impact as much as we can. In addition, it is important to decipher a combination of inputs that can deliver a positive and profitable outcome. On such occasions where CIOs are thinking strategically for enhancing business processes, they are acting as the operational leaders. However, when one invests his/her time into building new ideas for innovation and a better tomorrow, they are standing on a transformational stage where they are the agent of change. This is an act of a transformational leader. An organisation requires a little bit of both in equal amounts to flourish and be successful.

Elaborate on some of the recent projects that you have been working on? 

The last couple of years have been dedicated to building the solid technology foundations for the organisation, because that to me is one of the most important goals. If you have a weak foundation, you will be constantly facing operational challenges on a day-to-day basis, which in turn will hinder your business process, reduce your ability to innovate and impede productivity. That being said, in the coming years, I plan to build upon this foundation, in terms of delivering new capabilities, integration services, and modernising our enterprise applications and services. 

Besides, the real opportunity for our organisations is to deploy technologies like the internet of things (IoT), data insights, and artificial intelligence (AI) to help in our conservation efforts and rise to the challenge of climate change that is affecting all of us.

Technology is one of the most powerful and most useful capabilities that industries can utilise.”

While choosing a technology vendor, how do you ensure the quality of the service and solution delivered to you?

The first and foremost thing is that you have to be aware of ‘what is going on in the industry.’ That industry knowledge makes the base of a company’s innovation and drives growth. We do our own research, but also utilise Gartner for industry insights to obtain a bigger picture of the ongoing market trends. Secondly, I also reach out to other technology leaders to keep myself updated, and this helps me form a community of best practice where everyone interacts and helps each other. The next step is to completely understand the needs of an organisation and find relevant offers from vendors to satisfy those business needs. Make sure you have similar ideologies to your vendors and that they are a good partner for you. It is all about propagating a healthy relationship with your technology vendor, which fosters a long term and mutually beneficial partnership.

Weekly Brief

Read Also

An Alternative Approach to Cyber-Security Structure is the need of the hour

An Alternative Approach to Cyber-Security Structure is the need of...

Michael Somers, Head of Cyber Security, CVS Group
Embracing the Next Generation of Asset Security with AI and IoT

Embracing the Next Generation of Asset Security with AI and IoT

Matthieu Le Taillandier, General Manager for Western Europe at STANLEY Security, now part of Securitas
What Exactly is Non-Financial Risk?

What Exactly is Non-Financial Risk?

Gus Ortega, Head of Operational Risk Management at Voya Financial
#Keeping It REAL With Your Security Vendors#

#Keeping It REAL With Your Security Vendors#

Robert Pace, VP/CISO, Invitation Homes
Security For IT/OT Convergence

Security For IT/OT Convergence

Christopher Nichols, Director OT/ IT Resiliency & Support, Stanley Black & Decker
Security Architecture In Theory And In Practice: Why Security Should Be Considered Among The Main Pillars Of The Organization's Enterprise Architectur

Security Architecture In Theory And In Practice: Why Security...

Marco Morana, Head of Security Architecture,JPMorgan Chase & Co.