Digital transformation. It’s definition is broad and so are the mechanisms to secure it.
Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and our guest is Paul Asadoorian (@securityweekly), founder & CTO, Security Weekly, and chief innovation officer, CyberRisk Alliance.
Thanks to this week’s podcast sponsor, Keyavi Data
Got feedback? Join the conversation on LinkedIn.
On this episode of Defense in Depth, you’ll learn:
- Digital transformation is about relying on computing technology for more integral processes and aspects in our daily work lives.
- Lots of debate on the definition of digital transformation and as well securing digital transformations.
- Definition: A targeted change to process and technology for the benefit of the people.
- Definition: increasing levels of interoperability of information.
- We heard the recurring argument of the need for security to have a seat at the table at the beginning of a digital transformation, and not at the end. But at the same time reality sunk in and it was argued that security doesn’t get to dictate that. And if security tried to, it would create a greater wedge with the business.
- When security is brought in at the end though, security has no option but to disrupt the business. Then no one is happy.
- Digital transformation simply introduce new risks, often greater risk. If the point is to integrate more of your processes, then that integrates the risk as well.
- If you’re undergoing a true transformation, you are looking at core processes and saying, “What new tech facilitates, streamlines, and/or actualizes these core processes?” You no longer have to settle for shopping for a solution and then smashing your processes up against it.
- Your security tools should also undergo a transformation. That includes a transformation in monitoring as well.