The third ingredient is relentless curiosity: continuously exploring how operations currently work, what can make them more efficient, and how value can be added. This rigorous approach will create a culture that builds digital thinking into strategy and operations.
Alexander: What approaches will managers need to take to advance an enterprise's digital culture?
Edna: Similar to what I shared about the ingredients for establishing a digital culture, managers must focus on people.
First, managers should ensure that those whom they have the privilege of leading have a strong digital foundation. That foundation must include methods to assess and further develop digital skills and techniques to evaluate where and how a digital solution could enhance the business.
Second, managers must embrace regular reevaluation of their operational plans. That reevaluation should include asking yourself and your team these questions:
Is there already an existing tool that we could leverage to free time for critical thinking rather than task implementation?
Does another team already have a digitized process that can be applied to this team's work and goals?
Can we, and how would we automate operational tasks?
What are the platforms and tools we are using or could use to collaborate digitally and serve as the repository(ies) of our work product?
Applying this approach to managing routine operations and new initiatives allows a manager to make digital thinking part of the team's DNA.
Alexander: What are the most important digital capabilities for protecting users' identities and data?
Edna: I would focus on the following four digital capabilities to protect identity and data:
Role-based access control
Digital identity management
Encryption
Network and function segmentation
And, as always, educate users on how to identify and evade efforts to gain credentials and information.
Alexander: A recent study found that unmanaged devices are 71 percent more likely to have malware.2 What's the most effective way to combat this?
Edna: Today's reality is that the workforces of both private enterprises and the public sector use their own devices. No one entity can manage all the devices in the modern economy. You can, however, manage the way those devices
access your core infrastructure;
access, duplicate, edit, or extract your information; or
implement workflow tasks.
Deploying identity management (for example, multifactor authentication) and monitoring who is creating, accessing, changing, and operating from what device will serve you well.
Alexander: Threats are changing. How do we have to adapt?
Edna: There are three key points that we need to consider when we want to adapt to new threats:
Slow down: You are at risk of making a mistake when you are in a rush.
Be vigilant: Stay aware of the changing threat landscape and attack vectors and leverage a revisit of your security practices as you learn.
Conduct pre-deployment testing: Running in sandboxes prior to full operational deployment supports a diligence process based on staged implementation. Only when verification is achieved should a full deployment proceed.
Alexander: What will happen to companies that don't level up in digital maturity and organizational readiness?
Edna: They won't be in business. Leveling up in digital maturity and organizational readiness is not optional — it is an intrinsic necessity in today's digital age.
Alexander: Do you see a chance in low-code environments for employees to design business processes without software development skills?
Edna: I think that employees can design business processes at any point in time without software development skills. However, processes need to be implemented. Doing so in a digital age may not require software development skills if the implementation plan was designed with developers at the table who could ensure that process users can implement digitally. At some point someone who knows how to code needs to have been part of the team — period!
Alexander: Ten years from now, how do you think our workplace will look?
Edna: People will be wherever they want to be. Ten years from now, there will still be meetings at headquarters because people are creatures who require being with one another and developing rapport. We will never stop shaking hands, hugging, and understanding the feedback we get from being physically with one another.
I also believe that efficiencies will be added by the use of digitally controlled machinery and vehicles. These are adding more to our human capabilities every day.
Alexander: Thank you, Edna. What quick-win advice would you give that is easy for many companies to apply within their digital strategies?
Edna:
Deploy a flexible enterprise resource planning (ERP) system.
Lock down identity management deployed in conjunction with a role-based access plan.
As for your data: segment, segment, and segment.
Alexander: Do you have a smart productivity hack or work-related shortcut?
Edna: Pick up the phone and talk to someone.
Alexander: What is the best advice you have ever received?
Edna: The best advice I ever received was from my mother: never judge a book by its cover. This advice is even more relevant in today's digital world.
Key Takeaways
Going digital demands that you assess what should be automated, not just what can be automated.
To build and retain trust, focus on two key digital capabilities: security and resilience.
In 10 years, people will be wherever they want to be, but we will never stop shaking hands, hugging, and seeking the feedback we can only gain from being physically together.
Endnotes
1 1 XaaS (X as a Service) refers to something being presented to a customer as a service, typically in the context of cloud computing. XaaS provides endpoints for customers that are usually API driven but can also be controlled via a web browser or within applications. Typical examples are software as a service (SaaS) such as Office 365, infrastructure as a service (IaaS) such as Hyper-V, and platform as a service (PaaS) such as Azure.
2 2 “2020 Global IoT/ICS Risk Report,” CyberX,