Digital Pioneers: Where Information Security Goes

Digital Pioneers: Where Information Security Goes

Ilya Borisov

Modern technologies are blurring borders, changing cultures and thus setting a new level of competition in the market, including opening the way for small technology companies to enter the B2B market, even
in spite of the inherent inertia of consumers and the relatively low risk appetite. The historic “from the garage” to the “unicorns” still works, but the dinosaurs of the market also got involved
into this game, creating and promoting internal startups – changing to compete.

This approach has created the preconditions for the emergence of internal competition for digital transformation projects, especially in the wake of leadership’s interest in breakthrough technologies and the need for change
traditional business models.

From the point of view of information security services, it is the perfect time to move from resource center to profit center.


The chilling comparisons of data with the oil and blood of the digital economy have a practical basis. Most modern digitization solutions are based on data processing,
the more data, the better. This allows you to find not always obvious patterns and connections, as well as obtain more sophisticated and flexible management tools that can change and
track parameters are generally not visible to company management.

In recent years, information security services have received not only tools to collect a large variety of data from enterprise information systems, but also great opportunities
for their processing. The key to this is the understanding of the company’s business executives, in particular, the mechanisms of revenue and cost generation, as well as the ability to build processes
and communication skills.

Classic examples are time and attendance systems that can be improved by enriching data on running applications, processes, and
files from employees’ devices are opened.

A deeper level of analytics is the transition to estimating the volume of project work based on changes in files and data in information systems. After all, even the smallest effect leaves
the digital footprint, and the ability to cumulatively evaluate such footprints, especially in the face of a temporary retrospective, is an invaluable tool for managerial decision making.

At the next level, it is possible to build predictive models based on historical data and current performance, identify key employees and financial risks.

To demonstrate the idea, imagine that the project requires 100 files, each containing 10,000 characters. Obviously, counting the number of characters is
metric, however, is not the best, since the input is dependent on many external factors and the distribution of the number of characters over time is not uniform. However, by tying the number of characters to
employees and the status of the document, you can already talk about the expected time (with the average number of characters for each employee) and productivity, as well as the quality of documentation – by
the number of changes after the project is transferred to the customer.

By normalizing datasets by project teams, we can talk about the effectiveness of executives, adding financial metrics and the success of individual activities or even the feasibility
work with certain customers.


Henry Ford came up with a conveyor belt – an ideal model for profit by consistently repeating the same operations. In today’s world, each of the operations has not only a digital footprint
not only the data at each step, but also the mechanisms that allow you to make adjustments on the go.

The evolutionary step of IB is the transition from infrastructure, data and IT services protection to business protection, be it reputation losses or losses due to changes in business processes.

Searching for anomalies and deviations in the data has long been and successfully used in antifrod systems, and in recent years, the IB service has been available to SIEM systems, which are also
offer advanced analytics and search for variances.

All the more striking is the lack of such functionality in modern enterprise performance management systems, which contain information on key production indicators,
and the logic of business processes. And here the information security services have the opportunity to apply their existing experience and tools beyond the usual range of tasks.

Process analysis based on the example of our project can also answer questions related to efficiency. If there are deviations from standard procedures on successful projects, it means that
project staff and managers find ways to get around inefficient and outdated requirements. For example, by analyzing timing labels, you can draw conclusions about how and by whom you are actually
the document is approved and whether or not the responsible person examines the submitted material before signing, and does not really look at it. You can also see who has the documents
depend on how much it affects the timing.

Competition and cooperation

Digitalization is not only a competitive advantage in the market, but also within the company. Departments that will be able to offer a quicker transition to new ways to profit will benefit
access to resources and their executives the opportunity to sit at the same table with top management.

However, it is not the rivalry but the cooperation that matters to the management of the companies. Willingness to negotiate, jointly seek results and, consequently, the need for
to employees with pronounced leadership qualities, communication skills and advanced emotional intelligence – what is now commonly combined under the term soft-skills.

For information security departments, the above means a paradigm shift and a shift to new functionality. From the role model of the watchman and the observer to the profit center or as
minimum, competitive advantage, which is difficult to achieve alone.


Digital transformation is the same as the exploration of the New World – vastly poorly explored and apparently rich territories. The pioneering pioneers changed North America and largely formed the classic
a model based on personal initiative, a spirit of entrepreneurship, independence and independence, a lack of habit to rely on the protection of the state, and in general on any protection.

Information security services are well placed to become digital pioneers, those who make a significant contribution to shaping the future of culture. It is not enough to believe in yourself and yourself
proven tools – you need to manage risks, be flexible and look for opportunities where others have not found anything.

The digital age is already here, and the cry of the Soviet pioneers is more relevant than ever: “Always be ready!”

digital transformation

IT-Manager Magazine [№ 01/2020],

Ilya Borisov

Ilya Borisov

Thyssenkrupp Industrial Solutions COO

Leave a Comment