Templar are delighted to welcome Sally Howes OBE, who joins the team as Associate Director. Sally will be leading on a number of key areas and will also be leveraging her exceptional skills and experience as part of the team delivering Templar’s Board-level service. The Board-level service supports organisations across all industry sectors and government to help develop their Cyber and business transformation capabilities.   

As part of our  ‘Special Guest Blogs’, series where we interview thought leaders in the field of Cyber Security and Information Assurance, in this  edition we speak to Sally Howes, former executive lead at the UK National Audit Office (NAO).

Sally joined the NAO in 2010 as a director, and in 2013 was appointed executive leader with responsibility for digital and innovation. After a highly successful time at the NAO, Sally left in July 2016.  As well as joining Templar as Associate Director, Sally is a lay member of Council at the University of Surrey and will be advising others on digital transformations.  Sally was awarded an OBE for Services to the Space Industry in 2002.


Q: Sally, to begin with what was your primary responsibility in the NAO?

A: For the past six years at the NAO, I was responsible for looking at how Government is transforming public services, both to reduce public expenditure but, just as importantly, to re-invent services that are fit for the ‘4th Information Age’.

Many UK taxpayers are already using sophisticated digital and mobile services from the private sector to conduct their daily lives, and have high expectations that the Government should be able to match this capability. Government’s digital transformation agenda was born out of the need to respond and re-design services which are user-oriented and agile.

Services which can be accessed on-the-go, are increasingly tailored to the user, and give up-to-date and real-time information, offer instant problem resolution and help us make everyday decisions. Government ambition is high to offer intelligent services, which are continually evolving and improving as more insight is gained about user behaviour, including how people respond and also feedback on the service.


Q: You spoke about Government’s digital transformation agenda. In your experience, what have been the key challenges in this area?

A: As NAO reports have shown, implementing digital transformation at scale is not easy, and of course there has been mixed success across Government. The digital transformation of public services is not just disruptive in a technology sense. Whilst data is a core component to digital transformation, you also need to consider an organisation’s culture and leadership when changing the operating model. The work that people do and how they do it was one of my key considerations when working at the NAO. All businesses, including the civil service, need to add ‘digital’ to their skillset if they are to be effective in a modern digital business environment.

From what I have seen, I believe a community has emerged across Government that has a good understanding of what digital transformation demands. Whilst there have been inevitable challenges and disruption to the way that Government works, a number of standards, controls and different approaches have been introduced to help in this modernisation. Those who adopted the digital transformation agenda earlier, have already transformed services successfully and are getting comfortable with a cycle of collaboration, testing, learning, iterating and improving.

One of the key areas that I feel needs to always be at the top of the agenda is the fact that digital transformation and Cyber Security are two sides of the same coin; both having the potential to set companies or public services apart, via increased share price (or user satisfaction), reputation and wider stakeholder satisfaction.


Q: Is it really possible for companies developing digital capability to safeguard against Cyber-attacks?

A: The digital revolution has bought with it a new wave of crime, and Cyber-attacks incur major losses both for businesses and individuals. There are now 120 separate families of ransomware, and there has been a 3,500% increase of the net infrastructure that helps run ransomware campaigns, highlighting a sharp rise in the number of incidents


Companies who want to thrive in this space need to be thinking ahead of the game, and not get caught up in the media hype and sensationalist headlines that surround Cyber Security.  In a CBI report earlier this year, a survey found that whilst 94% of their membership agreed that digital technologies are a critical driver of increased productivity, only 30% saw themselves as pioneers, with a large proportion describing themselves as followers, waiting for technology to become mainstream before experimenting with it themselves[2].  The CBI warns that the more companies muddle through the digital revolution, the less likely they will be to closing the gap with those who are forging ahead.

Therefore, those who are leading the way successfully in digital transformation are more likely to safeguard against Cyber-attacks and thrive as a business. However, those who deem themselves as ‘followers’ should not be concerned either. Working with recognised experts, who have a well established pedigree and track record in Cyber Security can help companies understand and manage the risks to their information, and reap the business benefits that come with getting this area right –  and making a contribution to this agenda is one of the main reasons why I have joined Templar.

Q: As a leader in digital transformation, what are the main areas of contribution you feel it is important to focus on in your new role at Templar? 

A: As I have already touched upon, one essential capability in a modern digital business environment is effective Cyber Security. Customers, and those using modern services, need to have confidence that their privacy is being respected and trust the decisions being made about them in a more data-driven and automated world. At Templar, assuring the confidentiality, integrity and availability of information is at the heart of the solutions they offer and for me, these two agendas are integral to each other.

In my view, one of the key things holding back public and private organisations from effective digital transformation at pace, is Board-led transformational leadership capabilities, including the skills to lead change in complex, dynamic and high-risk environments. Cyber Security is a fundamental thing to get right, and a core part of the Templar capability is briefing Boards on the importance of effective governance, including how to safeguard and exploit data to optimise business value. From my experience, effective leadership needs to become comfortable with leveraging information effectively in order to collaborate, differentiate and innovate as new technologies change the paradigms for business, and that is something Templar can help with.

Organisations that are forging ahead successfully with digital transformation view Cyber Security as a business proposition; they have been more prepared to demystify and use the evolving language of Cyber Security and Information Assurance, and not just leave it to their technical teams.  Strong leadership and governance is fundamental to implementing effective controls that mitigate information risk and are essential to maintaining and sustaining the modern business in our digital age.  In my new role, I am very much looking forward to working with our clients on this agenda.

[1] http://www.bbc.co.uk/news/technology-36459022

[2] http://news.cbi.org.uk/cbi-prod/assets/File/pdf/Embracing-digital-in-every-sector-CBI-Survey-Findings.pdf