Templar are delighted to welcome Sally Howes OBE, who joins the team as Associate Director. Sally will be leading on a number of key areas and will also be leveraging her exceptional skills and experience as part of the team delivering Templar’s Board-level service. The Board-level service supports organisations across all industry sectors and government to help develop their Cyber and business transformation capabilities.
As part of our ‘Special Guest Blogs’, series where we interview thought leaders in the field of Cyber Security and Information Assurance, in this edition we speak to Sally Howes, former executive lead at the UK National Audit Office (NAO).
Sally joined the NAO in 2010 as a director, and in 2013 was appointed executive leader with responsibility for digital and innovation. After a highly successful time at the NAO, Sally left in July 2016. As well as joining Templar as Associate Director, Sally is a lay member of Council at the University of Surrey and will be advising others on digital transformations. Sally was awarded an OBE for Services to the Space Industry in 2002.
Q: Sally, to begin with what was your primary responsibility in the NAO?
A: For the past six years at the NAO, I was responsible for looking at how Government is transforming public services, both to reduce public expenditure but, just as importantly, to re-invent services that are fit for the ‘4th Information Age’.
Many UK taxpayers are already using sophisticated digital and mobile services from the private sector to conduct their daily lives, and have high expectations that the Government should be able to match this capability. Government’s digital transformation agenda was born out of the need to respond and re-design services which are user-oriented and agile.
Services which can be accessed on-the-go, are increasingly tailored to the user, and give up-to-date and real-time information, offer instant problem resolution and help us make everyday decisions. Government ambition is high to offer intelligent services, which are continually evolving and improving as more insight is gained about user behaviour, including how people respond and also feedback on the service.
Q: You spoke about Government’s digital transformation agenda. In your experience, what have been the key challenges in this area?
A: As NAO reports have shown, implementing digital transformation at scale is not easy, and of course there has been mixed success across Government. The digital transformation of public services is not just disruptive in a technology sense. Whilst data is a core component to digital transformation, you also need to consider an organisation’s culture and leadership when changing the operating model. The work that people do and how they do it was one of my key considerations when working at the NAO. All businesses, including the civil service, need to add ‘digital’ to their skillset if they are to be effective in a modern digital business environment.
From what I have seen, I believe a community has emerged across Government that has a good understanding of what digital transformation demands. Whilst there have been inevitable challenges and disruption to the way that Government works, a number of standards, controls and different approaches have been introduced to help in this modernisation. Those who adopted the digital transformation agenda earlier, have already transformed services successfully and are getting comfortable with a cycle of collaboration, testing, learning, iterating and improving.
One of the key areas that I feel needs to always be at the top of the agenda is the fact that digital transformation and Cyber Security are two sides of the same coin; both having the potential to set companies or public services apart, via increased share price (or user satisfaction), reputation and wider stakeholder satisfaction.
Q: Is it really possible for companies developing digital capability to safeguard against Cyber-attacks?
A: The digital revolution has bought with it a new wave of crime, and Cyber-attacks incur major losses both for businesses and individuals. There are now 120 separate families of ransomware, and there has been a 3,500% increase of the net infrastructure that helps run ransomware campaigns, highlighting a sharp rise in the number of incidents