COMMENT: Having Your Cake and Eating It Too: Security as an Enabler of Digital Transformation

 |   Microsoft NZ News Centre

Russell Craig, National Technology Officer for Microsoft New Zealand explains how adopting a highly secure public cloud platform for your business can provide an enticing dual benefit… 

Last week I had the privilege to speak at the NZ Tech Government and Technology Summit.

My topic was “Protecting data and systems – using security as an enabler of digital transformation”. This is a big topic to cover in just thirty minutes, so I decided to focus on some of the forces that are driving this push for transformation, and then examine some of the reasons why the ongoing quest for security can enable this process.

First, I outlined Microsoft’s view of why digital transformation is such a topical discussion. In essence, we support the idea that, globally, we are beginning to experience what the World Economic Forum has called a “Fourth Industrial Revolution”.

Russell Craig, National Technology Officer for Microsoft NZ, talks digital transformation.

Its’ thesis is that a combination of new technologies such as AI and other cognitive computing capabilities, rapidly advancing big data and analytical services, robotics, the Internet of Things, biotechnologies and the like are going to dramatically change the way our economies work, our societies function, and how we all live, work, learn and play.

Unsurprisingly, as Microsoft is at the forefront of developing many of these technologies, we can see the transformational potential they represent. We can also see how so much of this potential is underpinned by the ‘hyperscale’ public cloud platforms and services that many of these technologies depend on.

My presentation next looked at what I call the “relentless economics of hyperscale cloud”. Driven by fundamental underlying technology power laws (eg. Moore’s, Metcalfe’s and Koomey’s laws) I discussed why I believe the economics of genuine public cloud services will continue to become the predominant model for enterprise computing for the foreseeable future – especially in the face of the incredible explosion of data that many organisations are experiencing.

In regard to digital transformation, I outlined why I believe undergoing this journey is an inescapable imperative for NZ Government (the fact of which is clearly evidenced in both the Better Public Services agenda, and recent all-of-government ICT strategy and policy decisions) and then shared Microsoft’s views of the four major areas of transformational opportunity that Microsoft believes any organisation can pursue through adoption of advanced cloud services. These are:

  1. Optimization of operations
  2. Empowerment of employees
  3. Transformation of service design and delivery, and
  4. Improved stakeholder engagement.

Next, I discussed the security-related concerns that the prospect of moving to public cloud is raising with many of our customers, in both the public and private sector. I believe that, in many cases, these concerns that are causing organisations to hesitate when it comes to adopting cloud services are ill-founded, and are in any case being ignored by the business, which is swiftly adopting “shadow cloud’ solutions without waiting for formal approval from the IT department.

I also spent some time discussing how the old approach to enterprise security (“build walls and dig moats”) is simply incompatible with a world where organisations are needing to enable their staff to be mobile, to make their data accessible on any device and anywhere, to open themselves up to more direct customer-engagement and then federate their data and IT systems with systems outside their traditional security boundaries and trust domains. Without doing these things, digital transformation is simply not possible.

I also questioned the belief that traditional security models have ever delivered the levels of security their adherents believe they do. Global statistics make it very clear that this is an unwise assumption. In fact, I asserted my view that most organisations listening to my talk were likely to be compromised either by some form of undetected cyberattack, or by employees unwittingly handling organisational data in unsafe ways.

Rather than assuming that they are secure, Microsoft’s view is that organisations should adopt a security posture called “assume breach”, and focus on how they can detect, protect and respond to the dynamically evolving array of security challenges they face.

I then concluded by illustrating how the cybersecurity capabilities that are becoming an inherent feature of the leading hyperscale cloud platforms – capabilities that in fact can only be provided using public cloud platforms and advanced AI enabled security capabilities – can deliver an unprecedented step up in terms of the ability to both digitally transform and simultaneously become more resilient and better able to address security risks.

In essence, the message I tried to deliver was optimistic. If organisations adopt highly secure public cloud platforms such as those Microsoft provides then they can have their cake (ie. digitally transform) and eat it too (ie. become much more secure).

As I said, this is a huge topic to try and cover in 30 minutes. I hope I did it justice and that I shared some useful insights. Encouragingly, it is a conversation that we are having more frequently with our customers as they begin the exciting transformational journey that lies ahead of us all.

Russell Craig National Technology Officer, Microsoft New Zealand


More information

Learn more about Microsoft security at

View the Microsoft webinar series ‘Security & Cloud Computing for Government Agencies’ at