‘Digital transformation is something a lot of people mischaracterise’

20 Aug 2021

Mike Anderson. Image: Netskope

Netskope’s Mike Anderson discusses some of the biggest trends coming down the line, from 5G to next-generation computing.

Mike Anderson brings more than 20 years of experience to his role as chief digital and information officer for Netskope, a US software company providing a computer security platform.

Anderson joined Netskope in March 2021 from multinational industrial manufacturer Schneider Electric, where he served as SVP, CIO and digital leader for the US.

In his current role, his responsibilities include spearheading application strategy and leading the company’s strategy office.

‘Companies that adopt DevSecOps and security by design will outpace their peers’

Are you spearheading any major product or IT initiatives you can tell us about?

From an internal perspective, I am focused on three primary areas.

First, we are unifying our go-to-market applications to have the right adoption and instrumentation in place to support our sales, marketing and customer-facing teams.

This includes maturing our Salesforce environment and moving it from a system that teams feel forced to use to a system our teams want to use. This also consists of moving our customer support team to Salesforce Service Cloud to provide a 360-degree view of the customer and a better support experience for our agents and the customers they serve.

Second, maturing and improving our business processes so that we generate clean data, enabling our transition to data-driven decision-making.

Lastly, we are evolving how we use our own products as an example to share with our current and future customers and to provide valuable input to our product teams to inform our future roadmap and product strategy.

 How big is your team?

We’re a global company with customers all over the world. As such, we have digital and technology teams all over the world to support these customers.

I am open to bringing in an expert and taking guidance from them when necessary, and I may bring in contractors for surge capacity. Still, ultimately I don’t like being dependent on outsourcing. I prefer to leverage expertise where needed and have those competencies covered within our teams, so we aren’t reliant on third parties when the critical need arises.

What are your thoughts on digital transformation?

I personally define digital transformation as creating a brand-new capability or radically changing an existing one that impacts how you do business, ideally how you transact with a customer.

But I find digital transformation is something a lot of people mischaracterise. For example, web conferencing was transformational in that it meant I no longer had to hop on a plane to keep in touch with key customers and prospects, and it has been around for some time. Zoom modernised web conferencing and made it easier, but it didn’t create a new capability. This is, instead, what I call digitalisation.

Now that we have defined digital transformation, here are two of the primary principles I apply to every initiative. First, whether the initiative is internally or externally focused, start with the end user and work backward from there. Second, with any digital transformation or digitalisation initiative, security must be front and centre. Both kinds of initiatives require having a security-first or security-by-design approach.

In addition to those principles, one concept I’m passionate about that supports digital transformation and digitalisation and enables collaboration across teams is DevOps. DevOps (and its variations, including DevSecOps) became a movement because of the inherent friction and misalignment between agile application development teams and IT operations teams in large, siloed organisations.

DevOps is all about dedicated, empowered teams with all of the skills necessary to deliver continuous value with minimal dependencies at its core. In addition, many of the DevOps and agile practices, such as Kanban boards and daily stand-ups, can be easily transferred to any spot in the organisation that would benefit from better cross-functional teamwork.

Having cross-functional teams means having the perspective and the skills to not only keep the end user in mind throughout all phases of an initiative but also to keep security at the forefront of the decision-making process at all times.

What big tech trends do you believe are changing the world and your industry specifically?

Over my career, I have seen the industry transform and change plenty, but never at the pace it is changing right now. With that in mind, here are some predictions and big trends I see coming in the future.

  • Next-generation computing, especially quantum computing, will bring unprecedented speed and capability that will become a double-edged sword for the cybersecurity industry, as it is wielded to protect and to attack
  • Companies that adopt DevSecOps and security by design will outpace their peers as companies struggle with securing their digital transformation initiatives
  • 5G will further catalyse cloud computing by providing ubiquitous fast access, further limiting the need for on-premises infrastructure
  • Companies will move to a network of small, cross-functional, empowered teams to accelerate business agility instead of a top-down management approach
  • AI and machine learning will accelerate and automate security decision-making to head off attackers and threats –still, attackers will begin to influence learning algorithms, giving rise to new security challenges
  • Hybrid working will transform how companies architect their security and networking programs to enable fast, secure access by users working from anywhere on any device – this will give rise to the cybersecurity mesh, which favours a consolidated agent and a secure cloud service edge to position security enforcement points as close to digital assets as possible
In terms of security, what are your thoughts on how we can better protect data?

Where organisations can start improving their data protection strategies is by applying zero-trust principles and an agile mindset to iteratively improve and mature their security programme. The key is to focus on progress and growth instead of striving for perfection. A logical first step to adopt zero-trust principles is to replace legacy VPNs with zero-trust network access to reduce risk by limiting user access to only the apps and data required.

An organisation’s digital assets increasingly live outside the four walls, which complicates efforts to keep them secure. A cybersecurity mesh, built from foundational components of identity, analytics and policy orchestration can overcome these challenges. A deliberate design that extends pluggable security controls (such as adaptive access, content inspection, and threat detection/response) to distributed assets will help to balance performance and security while providing a better user experience overall.

Finally, improving the security and digital hygiene of your users through real-time coaching or targeted security training should be a key part of an organisation’s data protection strategy.

Being able to gamify the programme wherever possible can help improve overall participation, along with highlighting those users who are exhibiting the desired security and digital hygiene in their day-to-day behaviours. That way data protection isn’t a chore for users, but instead a mindset and a lifestyle.

Want stories like this and more direct to your inbox? Sign up for Tech Trends, Silicon Republic’s weekly digest of need-to-know tech news.