Interview: Thomas Fikentscher, CyberArk

How has Australia coped with COVID-induced changes to operations and workplaces?

From my vantage point working with a cross-section of Australian public and private sector organisations, businesses did an amazing job at rapidly pivoting working environments when everything changed in March 2020. Organisations had to move as quickly as possible to ‘keep the lights’ on for their customers and employees but are now facing the task of permanently re-engineering technology, process and workplace structure to navigate the permanent change COVID-19 has brought.

Will things go back to a ‘new’ normal in 2022?

When it comes to the cybersecurity landscape, the challenges that businesses will face in 2022 are profoundly different to those they faced pre-pandemic. For many there has been a fundamental cultural and philosophical shift in operations which will see organisations having to manage hybrid working arrangements where mobility will be key. This means the old cybersecurity ‘fortress’ mentality of securing systems will become obsolete and managing different access points on a permanent basis will be the new norm. New risk items such as geo-velocity risk need to be taken into consideration now.

What is the major potential tech pain point that will face all organisations large and small in 2022?

Organisations will have to learn how to navigate the merging of Operational Technology (OT) and Information Technology (IT). Historically OT and IT have been managed separately, but the rollout of 5G and its increased speed and capability will see more and more connected devices, meaning OT and IT will rapidly become entwined. This will raise major budget and technology considerations (not to mention heightened security risk). For example, speaking recently to a CTO in the logistics business, he noted that in the last year alone hundreds of sensors were added to warehouses by the operational team without informing the IT team. This created hundreds more access points that could be leveraged for a cyber-attack.

Often IoT devices are being added for enhanced data collection capabilities, but the data needs to flow through all the way to corporate information systems to be analysed and used for various purposes. Front-end OT device breaches can therefore lead to compromised backend IT systems.

How can I.T. have a greater impact on organisational efficiency in 2022, and who (CEOs, CIOs) should lead the charge?

As technology now underpins almost every touchpoint of an organisation, IT has a real opportunity to impact organisational efficiency if working practices can align to speed, agility, creativity, and innovation. To have real impact though, it must become truly embedded in the business and in the boardroom. This requires a strong CEO mandate and a willingness from all to embrace organisational change. I’m working with some forward-thinking companies who have upended the way different aspects of IT are managed (separating innovation and cybersecurity from day-to-day IT operations for example) and it’s going to be interesting to see where the optimal organisational structure lands.

Thomas Fikentscher is responsible for driving strong customer and partner engagement and expanding CyberArk’s emerging cloud business in the region. When it comes to cybersecurity, Thomas sees a significant opportunity to bridge the gap between technology jargon and business language. A big part of this is helping company leaders understand the importance of identity security to operational risk management.