25 Oct 2015
Cyber security is a business transformation
by Melanie Franklin
Media coverage of the Talk Talk cyber security breach has not been flattering. The world is organised into two groups:
1. those organisations that see security as something forced upon them, something they have to comply and a distraction to their day to day business;
2. those organisations that have made the security of data a core competence of their organisation and have driven it deep into the culture.
In the second group a transformation has taken place that those in the first group need to recognise and apply.
Making the Change
Achieving security is a typical business transformation in that:
- It is organisation wide
- It requires tangible changes via investment in new equipment and new processes and changes in behaviour and attitudes
- It shifts the priorities of the organisation so that cyber security is a major consideration for any piece of work, however immaterial security may look initially
- It leads to changes in the organisation structure of the organisation to reflect the new emphasis
Role of the CEO
Transformational change requires sponsorship at the highest level and as the CEO of TalkTalk fights for her job I think it is going to be easier to get this senior level sponsorship. It also requires the commitment of people, time and money which can only come from senior level agreement.
Getting things done
To run this type of transformation I don’t spend a lot of time on a gap analysis to see how much work needs to be done. The answers are already known – security has to become understood and integral to every process, every system and every role.
My focus is on creating the right atmosphere to promote the importance of data security, making it a key thought, a key consideration and a new habit. I would create a change team to identify and coach change agents that every management grade in every business function. Our number one task is to get everyone asking themselves ‘am I protecting customer data?’
Want to learn more?
Want to know more? -Link in with me for more resources about business change and transformation. If you want to up-skill, contact me for suggestions on how to get started.