CISO , Compliance , Cybersecurity

Is Digital Transformation a Security 'Disaster'? John Meakin on How CISOs Can Turn This New Challenge Into a Potential Advantage
Is Digital Transformation a Security 'Disaster'?
John Meakin, former CISO, Burberry

Is the digital transformation of business an impending "disaster" - leaving more attack surfaces open to exploit and putting enterprises at further risk? Or is there a chance to rewrite how the security department operates and find ways to minimize risk as business processes become increasingly digitized?

John Meakin thinks it is a bit of both. Meakin, who until recently served as CISO for Burberry, the iconic global luxury fashion retailer, says digital transformation may be viewed as chaotic and unpredictable.

"At first sight, for security professionals, digital transformation is a disaster because the traditional model for security, to a large extent, achieves security by virtue that you spend a lot of time securing a platform you control," Meakin says in an interview with Information Security Media Group. "But in the age of digital transformation, with increased reliance on the cloud, you're relinquishing that direct control."

But using new technologies will also have a significant benefit, Meakin says, including helping to address the security skills gap that has plagued the industry and made it difficult to fill jobs in security departments. "If we are reducing the span - the volume - and increasing the focus of what thate internal security team has on its agenda through responding to digital transformation, then maybe you're helping to solve that perennial problem."

In this interview (see audio link below photo), Meakin discusses:

  • Why he believes that digital transformation will make security simpler;
  • Why this evolution may be security's best bet for addressing the skills gap;
  • The relationship to legislative compliance demands, including GDPR.

Meakin until recently was the chief risk and security officer at Burberry, a retailer with nearly 500 locations worldwide. He was previously responsible for leading systems security at Standard Chartered Bank, Reuters, the Royal Bank of Scotland, Deutsche Bank and BP.




Around the Network