Relevance of Generalists vs Specialists in Enterprise Security Management

Vishwanath Nair, Head of Information Security and Risk, Western Sydney Local Health District
content-image

Vishwanath Nair, Head of Information Security and Risk, Western Sydney Local Health District

WHY:

Currently, the medical industry is facing a major issue where there are more specialists than general practitioners by a ratio of nearly 2:1.

Below are some impacts due to this issue:

• Absence of Strong Relationships leading to lack of Strong doctor-patient relationship; Comprehensive & Continuous care; Better Management of Chronic conditions; Promotes healthy Lifestyle

• Medical care becomes more extrinsic, tactical and less effective

• Imbalance often devalues the work of family doctors

This leads to more temporary and non-personal medical care which for a patient cannot be sustaining and reduces trust in the services in the long term.

Likening it to a Corporate environment, a business leader could be viewed as the patient. Like the patient, a business leader has multiple inputs from experts including IT Service Management, Cyber Security, Operational and Financial Risk teams. These are in addition to the Demand and Account management functions.

Enterprise Security itself opens multiple discussion lines like Cyber risks, Audit findings, Cyber Security Technology Debt and Resilience. Each of them represent key aspects of the protective and preventative measures essential for effective business operations. Also, they are sources of huge amount of data points and potential points of failures.

This incoherent communication and management leads to potential financial, operational and reputational impacts caused by:

• Misdirected or Failed Strategies

• Loss of Trust across the Organisation

• Lack of Standardization

• Loss of key resources

Needs of the business are truly simple.

• Timely advise on:

1. Applicability and compliance relevant Operational Policies and Regulations

2. Assurance and partnership as new business strategies are launched

3. Assurance and partnership as Mergers and Acquisitions proceed

• Single window of risks and with associated impact in simple business terms and outcomes

• Timely transactional analysis to identify dependencies, critical paths and alternate paths

• Clear, Precise and Unambiguous business reporting with suggestions on mitigating risks with information to support prioritisation

• Early warning signals providing situational awareness and guide planning

WHAT:

To ensure success and effective performance of Enterprise Security and Governance a major change of approach is required. A new function of Trusted Advisors need to be created for this changed approach. These Trusted Advisors could be the bridge between Enterprise Security management and business units.

Key capabilities required for this role are:

• Ability to steer risk based decision making by complementing technical risks with business impacts

• Be able to provide inputs in risk vs. opportunity discussions

• Have an optimum mix of both technical and business knowledge to be able to provide sound recommendations

• Function as an insulating layer between various Enterprise Security and Governance units and the business operations

• Program manage process and technology improvement initiatives to meet quality and budgetary requirements

Value of Trusted Advisor can be explained by the following example.

Consider the scenario when one of your business unit plans for Digital Transformation of their key processes. The Security Trusted Advisor can enable this outcome in the various stages of the program as below.

HOW:

A Trusted Advisory can be implemented in one of three ways or a combination.

Each organisation and its dynamics are unique and must adopt the most feasible approach as per its own set up.

CONCLUSION:

In this fast-moving world of agility and close business-IT partnerships, there is more need for a collaborative approach to solve business problems and risks. Establishing a Trusted Advisory function helps deliver below benefits:

• Business Aware Decision Making

• Effective Detection Controls

• Automatic Compliance

• Resource Optimization

• Continuous Improvements

tag

Financial

Read Also

Streamlining Operations and Empowering Teams in Facilities Management

Streamlining Operations and Empowering Teams in Facilities Management
Shaye Rogers, Workflow Support Manager, Cushman & Wakefield
Technocreativity: The Synergy Of Technology And Creativity

Technocreativity: The Synergy Of Technology And Creativity
Tran Nguyen Phi Long, Group Head Of Retail Marketing, Pnj Group
Leading It And Digital Transformation At Ikea: Insights From An Industry Veteran

Leading It And Digital Transformation At Ikea: Insights From An Industry Veteran
Sigit Triwibowo, Head Of It And Digital, Chief Technology And Digital, Ikea
Executive Leadership And Digital Transformation In The Global Fashion Industry

Executive Leadership And Digital Transformation In The Global Fashion Industry
Eiko Ando, E-Commerce And Digital Director, Pvh Corporation
Digital Transformation in Fashion Retail - From Efficiency to Experience

Digital Transformation in Fashion Retail - From Efficiency to Experience
Le Van, CTO, YODY Fashion
Driving IT Transformation at Lactalis Australia

Driving IT Transformation at Lactalis Australia
Sabina Janstrom, Chief Information Officer, Lactalis Australia
AI Adoption in Hospitality: Striking the Balance Between Innovation, Excellence and Trust

AI Adoption in Hospitality: Striking the Balance Between Innovation, Excellence and Trust
Phiphat Khanonwet, Head of IT, Onyx Hospitality Group
The AI Rat Race - Keeping Up with New Technologies or Waiting for Maturity?

The AI Rat Race - Keeping Up with New Technologies or Waiting for Maturity?
Andreas Kurz, Global Head of Digital Transformation, ALFAGOMMA Group