Improving Communication between IT and Business
This talk is non-academical and will focus on the communication challenge between IT and business, notably between IT and decision makers. IT leaders tends to present to stakeholders too much technical and detailed information while neglecting the business context and other important interdependencies. Due to this communication obstacle, business decisions are often made based on incomplete and irrelevant information which may lead to insufficient new systems or services or more vulnerable systems due to underfunding in cyber security. Design Thinking has been applied in practice for building new IT systems and services. The main phases of Design Thinking are: (i) empathizing (identifying user needs), (ii) defining (stating user needs and problems), (iii) ideating (creating ideas), (iv) prototyping (start to build) and (v) testing. Design Thinking per se is a very visual approach which can be easily understood my non-IT and it is a powerful tool for enabling effective discussions among different business units composed of people with different backgrounds and skills. During my sabbatical leave, I have identified Design Thinking as a framework for identifying, assessing and mitigating potential cyber security challenges at an early design change, e.g. the phase of (ii) defining can be extended to “defining” potential exploration of the solution by an adversary. In this regard Design Thinking is a way towards the support of the principle of “Security-By-Design”. In my presentation, I will present some practical examples.
Lecture at NEMO2023
Date/Time: Wednesday, July 26, 2023 at 10:00