Delinea’s CIO discusses the growing trends of machine learning and AI and explains why security is facing more challenges than many other areas.
Raun Nohavitza is the chief information officer of Delinea, a company based in California that provides privileged access management software.
Before his current position, Nohavitza held several senior tech roles in companies such as Centrify, Volterra and Maxim Integrated, which was acquired by Analog Devices.
In his role at Delinea, Nohavitza sets the strategic direction for IT, manages technology spend, and maintains strong security and compliance throughout the enterprise.
“As a technologist, I’m often directly involved alongside my team in problem solving, technology evaluation and architecture design,” he told SiliconRepublic.com.
‘The organisations that can often benefit the most from transformation are the hardest to move’
– RAUN NOHAVITZA
What are some of the biggest challenges you’re facing in the current IT landscape?
One of my challenges is common, and not just to IT: doing more, faster, within resource limits. In IT, the consequences of not moving fast enough can be catastrophic, leading to business outages or security issues.
The correct way to address this is through consistent and cross-functional communication and prioritisation. There will always be more to do than can possibly be done. It’s most important to do the right things first and have alignment on those priorities.
In IT, we see a lot of transformations occurring at key vendors, particularly through mergers and acquisitions.
This can present cost challenges as vendors change pricing models, and compliance challenges as key tools go through related changes.
Having resources focused on vendor management for IT has become even more important, in order to continually assess those impacts. Strong, collaborative partnerships with security, finance and legal helps tremendously.
What are your thoughts on digital transformation?
Digital transformation, while creating efficiency, isn’t the end goal. It’s the prerequisite for accurate business intelligence and the next wave of necessary business technology: AI and machine learning.
Software companies and other technology industries have some natural advantages in transformation, but I don’t think the challenge is cross-industry – it’s departmental.
Ironically, the organisations that can often benefit the most from transformation are the hardest to move, though they might be sitting right next to IT: finance and HR.
These folks are spending every waking moment just getting the regular job done, and digital changes to tools and workflows seem like insurmountable projects.
I find that good executive relationships and sponsorship are key requirements for successful transformation; part of it is cultural, and so must flow from the top.
The wise project manager budgets a little more training and development time for these critical but highly loaded teams.
How can sustainability be addressed from an IT perspective?
For IT, this comes down to energy consumption and the technology supply chain. Good vendor management plays an important role, both in evaluating the environmental stance of prospective vendors and in cascading objectives and requirements.
Select cloud and SaaS vendors with clear, disclosed goals and progress toward sustainability. Partner with facilities early, especially ahead of new office buildouts to help produce modern, energy-efficient workspaces.
What big tech trends do you believe are changing the world?
Machine learning and AI continue to accelerate, and I think we can only see the tip of the iceberg. These technologies have the potential to change fundamental aspects of our businesses and jobs.
The intersection of AI and security is very exciting, and there are a lot of smart folks building interesting things in this space.
I also see a lot of industries outside of technology waking up to the reality of our current cybersecurity threat landscape and making strides towards maturity. This is exciting, because we are absolutely more secure together.
How can we address the security challenges currently facing your industry?
Security is the area with the most challenges in today’s environment. Supply chain attacks, ransomware, DDoS and phishing activity is at the highest levels ever seen.
State actors are highly competent and on top of every zero-day that drops. It is no longer enough to have a dedicated security team. Good hygiene and vigilance must exist throughout the organisation.
I find that communication is key, not just telling workers what they have to do, but articulating the real risks to stakeholders and partnering with them to keep them productive and secure. Likewise, security professionals need to dedicate time to staying abreast of the latest intelligence from the industry and from relevant agencies.
Identity is at the forefront of all of these concerns, as privilege escalation and lateral movement are the most basic tools used by adversaries. The common controls around identity management (multifactor authentication, password strength and rotation, role-based access control) are simply table stakes for survival now.
Tactically, a functional security operations centre engaged in monitoring and remediation, continually expanding the scope and improving the signal/noise ratio, is critical for the front line.
In addition to regular security architecture and compliance activities, these all require time and resources, but we ignore them at our peril.
10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.