Carousel Industries Digs Into Success and Security
When it comes to defining success in IT tech deployments, it's never about one thing. Success, like digital transformation, is a journey that's unique to each organization.
November 9, 2018
CAROUSEL AOTS — Digital transformation is rattling every business. Certain advanced and emerging technologies are shaping up to be critical on this journey. But how do organizations define success?
At this year’s Always On Technology Symposium (AOTS) Thursday in Boston, organized by Carousel Industries, IT pros and partners took a shot at it.
Jason Viera, chief technology officer at Carousel, set the stage for the conference theme “Success” and how businesses think about success in three technology areas that are making companies successful today: artificial intelligence (AI), security and cloud.
Why these three technologies? Because they’re key technologies shaping digital transformation.
“Companies can’t turn a blind eye to these technologies,” Viera said. “If you don’t like change, you’ll like irrelevancy even less.” Viera said.
Jason Viera
Jason Viera
While it quickly became clear that there’s no one definition for success, it also became apparent that how success is defined for a given technology is multifaceted and must be viewed from three vantage points: the organization, the team and the individual.
What better way to put into perspective just how difficult it is to define success for a given technology than to home in on security.
In a panel discussion – “Security Success Defined” – moderated by Viera, Jason Albuquerque, CISO at Carousel Industries; Jon Fredrickson, CISO at Blue Cross Blue Shield of Rhode Island; Reg Harnish, CEO of Gray Castle Security; Chris DeCarli, manager, security infrastructure services at FM Global; and Joe Pangborn, chief information officer, U.S. Naval War College, accepted the challenge.
From the get-go, everyone agreed that security is never done.
“With today’s advanced threats you can no longer check boxes and say, ‘Mission accomplished,’” said Viera.
Panelists batted around responses to questions on topics such as: security and compliance; balancing security controls with end user expectations; meeting businesses security requirements versus opting for product capabilities; and defining success in light of a security breach.
Jumping into it, panelists first considered the question: How to differentiate between compliance with true security efficacy in their organizations?
Albuquerque contends that security is the driver of compliance. Compliance is a reporting structure while true security protects the organization.
“[Compliance] has to become a byproduct of security,” he said. Do it in the reverse and you’re not really securing the network or the infrastructure; you’re putting checks in the boxes. “You’re appeasing auditors.”
Panelists shared the view that compliance contradicts security. There are different ways to solve different problems. In security, compliance is one accepted way — and if you’re not doing that, you’re considered to be out of compliance.
DeCarli pointed out that some organizations define meeting regulatory compliance as success.