Digital transformation: The definitive guide to doing digitalizaton right

Digital transformation: The definitive guide to doing digitalizaton right

By: Ciopages Staff Writer

Updated on: Aug 13, 2022

Digital transformation is the megatrend driving billions in investment across the corporate world to reinvent the way they do business.’s definitive guide to digital transformation is a comprehensive and in-depth insight for executives and entrepreneurs on how to think, plan, implement, and run things to be successful in the digital age.

In the enterprise digital transformation guide, we will address the following topics to help you master the art and science of digitalization.

The Definitive Guide to Digital Transformation – Content Outline:

When digital transformation is done right, it’s like a caterpillar turning into a butterfly, but when done wrong, all you have is a really fast caterpillar.” – George Westerman, MIT

Digital Transformation Definition:

Digital transformation is a customer-centric reimagination of the future of an enterprise and subsequently rethinking the business model. Reshaping the product/service portfolio, restructuring the processes, re-platforming technologies, reskilling the workforce, and instilling a new culture to get to the end goal.

That definition of what is digital transformation packs a lot of punch. Let’s unpack as to what all that means:

  • Digital transformation is a business transformation first – encompassing operating model, people, culture, and process.
  • Digital transformation is a foundational and an invasive endeavor, and it is not just putting some lipstick on a pig.
  • Real digital transformation involves answering strategic questions such as, “What will my business look like at the end of this journey,” “What is our value-add and justification for existence,” “What do we make, sell, and how to make money.” These are existential questions and not always black and white.  For example, what a company makes/creates and how it makes its money may be very different in the digital age.
  • Digital transformation is more than technology transformation. Technology is just an enabler.
  • Customer-centric culture, strong leadership, and ability to initiate and manage change are critical success factors to digitalization.

Of course, not every company needs to do all the things and that too all of them at once.  Boiling the ocean may be one of the challenges companies face when they proclaim to the analysts and media about a billion-dollar digital transformation. Of course, ultimate it may require a massive investment, but planning, prioritization, sequencing, and phasing are as essential to get quick wins, and then accelerate momentum.

On the other hand, companies that think piecemeal focusing on the surface issues will fail irrespective of how much of a patchwork of solutions they implement.  For example, if a company deems poor customer satisfaction as either a fancy portal problem, or an employee training problem, or something else, it is missing the forest for the trees.

The drivers for Enterprise Digitalization:

What is driving the digital transformation agenda of the C-Suite in large corporations? A few megatrends plus a host of business drivers.  Let’s examine the megatrends first:

Customer Expectations:

The launch and subsequent phenomenal growth of iPhone and other smartphones may be one of the pivotal moments in history.  Companies like Apple, Zappos, Spotify, Airbnb, Amazon, et al. have made the customer experience the cornerstone of their success and jaw-dropping growth.  Today, customers no longer compare the experience of peer groups – banks, retail stores, and home services and the like. Instead, the benchmark of ease and experience are set by the tech giants and emerging startups upending the status quo in every sector.

Digital Disruptors:

The digital disruptors include a few household names from the Web 1.0 and 2.0 era and are now giants in the digital age. Apple, Amazon, Netflix, Facebook, Google exemplify the digital disruptors turned giants that are spreading their reach into various corners of the industry sectors.  And add to the relatively old stalwarts are the new disruptors – Uber, Lyft, Spotify, Airbnb, et al.

Today, the Global 5000 companies are playing catch up and trying to learn and emulate the digital natives. That is a seriously big deal.


Digital transformation - mobility is the name of the gameTouch-enabled devices (smartphones, tablets, phablets, and laptops) along with the ubiquity of wi-fi and 3G/4G heralded a new revolution. Today, we are no longer tethered to a desk or a couch, and we are doing everything on our mobile devices – interactions, transactions, learning, sharing, and being.  Most people consider their mobile phone to be more important than a car or a television. Times have changed indeed.  The mobility revolution is driving significant changes across companies – irrespective of whether they engage in B2C, B2B, or B2B2C or any variations thereof. It is not just about the form factor and front-end user experience, but how those interactions and transactions are supported and how they impact the demand chain and all way to the supply chain.  Mobile first, touch first is the new paradigm.


The cloud revolution is another critical factor driving the digital revolution. It is both a driver and also an enabler.  Enterprises are migrating to the cloud at a rapid pace – initially storage and a few application such as CRM (Customer Relationship Management), SFA (Sales Force Automation), Help Desk, and HCM (Human Capital Management) type functions.  And the process of going to the cloud is reaching into the core services and mission-critical applications.  It is no longer, “Why cloud?” but “Why not the cloud.”

Big Data and Analytics:

The advent of big data and advanced analytics, including predictive analytics and decision analytics, are another big drivers for the digital business transformation. Companies can no longer live in the past and let their instincts and gut determine the future course of action.  Many companies are leveraging data and analytics for real-time decision making. The data-driven decisions are the core of how digital natives have the edge over the large entrenched players in various industries.)

AI and Cognitive Technologies:

In more recent times, technologies such as RPA (Robotic Process Automation), connected devices, machine learning, artificial intelligence, and related cognitive technologies are necessitating the digital transformation.  AI and cognitive techniques are a driver, an enabler, and a potential competitive differentiator.

“Digital transformation is more than painting a shiny picture of the future: digital transformation means tying the back end to the front end, which CIOs have done over and over again.” 
Martha Heller

Digital Transformation Focus Areas in the Value Chain:

Where are most firms focusing their energies on with regards to embracing and implementing digitalization efforts:

  • Improving customer experience: Enhancing customer experience is one of the critical business outcomes from digitalization.
  • Reducing cost structures and automating work: Given margin pressures, there is a firm reliance on automation, particularly intelligent automation, to digitize and automate tasks.
  • Be responsive to market changes and launch products quicker: Many of the digital natives can launch new initiatives and new products almost on a daily basis. So, in large firms where a typical product launch or even an extension takes a couple of quarters to a couple of years, it is essential to accelerate time to market.
  • Foster data-driven decision making: In large companies, historically gutfeel and instinct were the sole drivers of decision-making. However, most companies are striving to harness and leverage data to help in real-time decision making.
  • Managing and minimizing enterprise risk: Lowering enterprise risk and ensuring the franchise continues to thrive is another business outcome from digitalization.
  • Cybersecurity and information security: As business shifts to an online paradigm with a variety of access channels, information and cybersecurity are paramount.
  • New Business Models and New Revenue Opportunities: Firms are also looking at how to reinvent themselves as a part of the digital transformation efforts.

Digital Business Transformation Framework:

Digitalization and transformation are complicated endeavors. Companies will need to either create or adopt a digital transformation framework and tailor to their unique needs.   The digital transformation framework is a holistic perspective of what it takes to transform digitally and acts as a runbook for achieving the digital destiny.

So, what is a digital business transformation framework?  A digital business transformation framework is a conceptual depiction of critical phases and high-value activities from the vision to realization journey of digitalization.

A typical digital transformation framework may include guiding principles, essential themes, sequential and iterative phases, critical activities, enablers, disablers, and desired business outcomes.  Of course, not all frameworks cover the gamut, and not all companies are beginning from square one. Hence, it is up to the transformation team to define the scope and magnitude of the digital shift and encapsulate the essence of the work in an easy to digest framework.

Below is a sample digital business transformation framework from

Digital transformation guide - Digital transformation framework

Sign up to receive a free copy of Digital Transformation Framework

Digital Transformation Essential and Existential Questions:

Top business leaders of firms embarking on digitalization journey should ask and answer the following dozen questions to create an effective strategy and an actionable roadmap.

  1. Know who you are? Well, it is not you. You will need to know the company and its essence. What is the nature of your business, how is the competitive landscape, what are the potential avenues for disruption, which emerging players are giving a run for your money?
  2. Envision what do you want to be? Will digital commerce – whether online or mobile – an essential part of your future? How do you envisage future state customer experience?
  3. Is your executive team aligned to a common shared purpose of making digital the center of your strategy and execution? Does the leadership understand what digital means in the real sense of the term and the implications? Is digital a buzzword or considered a transformational strategy?
  4. How do you make money currently and how do you want to earn money in the future? Which business models are a part of your future? What do you intend to be the sources and composition of your revenue in the future?
  5. Does your organization structure support your future digital vision? Is digital a small group of 6-members down in the dungeon or is it the pervasive theme across the organization?
  6. Is your culture amenable to change to meet the challenges of the digital age? Beyond the digital team, it is essential for all employees to think they are a part of a digital revolution and have a role to play. Is your company primed for a change? Alternatively, will resistance doom the efforts?
  7. Do you have the people with the right competencies, skills, and commitment to succeed in the digital age? The digital business transformation demands a talented group of individuals with broad skills which are scarce. If you already don’t have such team members, are you willing to acquire such skills and engender the right kind of environment for the teams to succeed?
  8. Are your processes aligned to be optimal and capable to produce an excellent customer experience? This is not yet about design, digital technologies or any such shiny object. This is about your sales and service processes which need to support the customer experience as a part of the overall digital business transformation. If not, you will have a deeper level of effort to level the playing field so that the digital aspirations can be supported by realities on the ground.
  9. What is your channel strategy and how will it vary in the digital landscape? Existing companies have current revenue streams, distribution channels, and sales teams. Wishing them away is not going to solve the problem. What roles do these channels play in the future and if not how to transform your ecosystem including partners and external channels to simultaneously transform to support your digital business transformation endeavor.
  10. How is your product portfolio will look like to compete in the digital marketplace? Some products can be sold as e-commerce or m-commerce. Some products may be modified to meet the digital needs. Some other products may have digital wrappers. Moreover, some need to envisioned anew. So what will your portfolio look like and how will you plan on phasing out your losers in the new paradigm?
  11. Are you building the right tech stack and digital technologies? Bolting on a few additional applications and solutions is like putting lipstick on a pig. Underlying issues like data, application architecture and the proliferation of legacy applications need to be addressed and resolved for you to be successful.
  12. Are you investing adequately in the digital business strategy? Digital transformation, in the context of a large, complex and a global firm, is not going to be cheap, easy, or simple. Knowing what it takes and funding the entire journey is vital to have a chance at succeeding in digital business transformation.

Digital Transformation Strategy

The digital transformation strategy is a blueprint that sets the direction of what comes next. Companies without a clear and coherent digital business strategy will end up with subpar results. The classic case of “operation successful but the patient dies.”

Formulating a compelling digital strategy and then documenting is a profound activity, but need not take months to complete and 100-pages to document.  Given the nature of digital, we advocate concise and coherent articulation of the digital transformation strategy using any strategy model that you may like.

As an input into your digital strategy framework, a digital current state audit and a digital transformation survey will come in handy.

Some enterprises are hiring reputable digital transformation consulting firms – of every stripe and skill imaginable – to help define and direct digitization programs. Digital transformation consulting is a multi-billion dollar business with no signs of slowing down. Whether you hire a digital consultant or do it yourself, digital strategy is the fountainhead decision and helps corral the execution.

In the end, irrespective of the words you use and concepts you follow, digital business transformation strategy needs to answer the fundamental questions such as: Why, What, Where, Which, Who, When, How much, With What, etc.

Digital transformation guide: Digital Strategy

  1. Why do you need a digital business transformation? Document the vision, mission, drivers, and intent.
  2. What does the digitalization entail? What are the desired outcomes – Driving new revenues? Enhancing customer experience? Lowering the cost structure? Et al. (The desired results can be more than one.) You might want to create a digital business model to explore these concepts.
  3. How will you execute the digital transformation vision? What are the strategic, operational, technological, and people levers? A digital target operating model will help.
  4. Where do you need digital reinvention? Location, business units, product areas, etc.
  5. Which business processes need restructuring?
  6. Who will be in charge of various facets of digital transformation program? While the C-Suite must be intricately involved, appointing a digital transformation manager – whether it is CDO (Chief Digital Officer) or CIO (Chief Innovation Officer) – helps shepherd the digital programs.
  7. When should what happen? The sequencing and incremental rollout of the digital business capabilities?
  8. How much will the digitalization journey cost and what are the benefits?
  9. With what tools, technologies, and platforms will you realize the digital vision?

The truth is a digital strategy alone is far from sufficient. Executing the digital vision into an actionable reality is fraught with risk, cost, hard work, and complexity. However, the rewards of success in a digital transformation can be the difference between surviving or thriving.

“The truth is that digital transformation is actually not about adapting to new technology at all — it’s about directing an organisation to be more adaptive to change itself.” ― Lindsay Herbert

Digital Business Capabilities

People throw around the term “Digital Capabilities” all the time, using it to mean a slew of different things – abilities, capabilities, competencies, processes, and systems.  Of course, as long as the other person or team understands what you are saying, that may be ok. However, digital capabilities have a distinct and different meaning under business architecture nomenclature.

What is a digital business capability?

A digital business capability is what a business does and can do in the digital or physical realm using underlying value streams and processes, and realized by systems/applications.

So, a digital business capability is an elemental entity or a Lego block in the digital universe. A company may need a set of such digital capabilities to accomplish its digital objectives and reach its manifest digital destiny.

Let’s break down the concept of digital capabilities a little bit more using “Customer Experience” as a case study:

Digital Capabilities Sample: Customer Experience Use Case

For example, when an executive says “Let’s improve Customer Experience” it is a goal or a desired outcome.

Then a business leader says, “Achieve highest customer experience scores by seamless post-market service delivery,” they are articulating a strategy.

“We will need a customer-centric culture,” it indeed refers to culture, change management, training, and development.

“Prospect to Customer” and “Purchase to Promoter” are value streams (Value stream, a particular component of business architecture, is a higher level depiction of an end-to-end customer flow leading to an outcome.)

“Prospecting Management” “Product Research” “Onboarding” “Order Management” “Order Fulfillment” “Account Management” are some of the digital capabilities which may be an integral part of improving customer experience.

“Portals” “Mobile Access” “Security and Authentication” “Product Search” maybe some of the underlying technologies to power the capabilities.

So, what it means is a company needs a comprehensive digital business capabilities model which encompasses a detailed drill down of digital capabilities into a granular and elemental level.  The digital capabilities must be mutually exclusive and collectively exhaustive.

Detailed decomposition of digital capabilities to level 3 or 4 will help companies figure out the execution details.

The image below captures how just saying a word – “Digital marketing” or “Social Media” is not sufficient, and for a capability to be IT-enabled, it requires a more in-depth level decomposition.

Digital business capabilities - sample decomposition

You can jumpstart your digital transformation journey by purchasing a Digital business capabilities model which will feature a detailed list of digital capabilities.

Digital Transformation Roadmap:

A digital transformation roadmap is a compass for how to realize the digital transformation vision through a series of projects, phases, milestones, and releases.  The digital transformation roadmap is a critical deliverable, and it should be more granular than a strategy document and a bit more abstract than a detailed project plan.

The 9-step guide to developing a digital capability-centric digital transformation roadmap:

The digital transformation roadmap work is more brass stacks and happens after a digital vision, operating model, and strategy are already clearly articulated.  The roadmap is how the concept gets turned into a reality.  The following are nine critical steps to building a digital roadmap.

9 Steps to building a digital transformation roadmap

  1. Build a digital capabilities model that is mutually exclusive and collectively exhaustive
  2. Align the digital capabilities to the respective digitalization vision, goals, objectives, and strategy pillars
  3. Evaluate the current state of the capabilities necessary for digital transformation and document desired maturity levels
  4. Capture demand from various stakeholders on what they need from the capabilities to achieve their goals and objectives. (Generally, this applies to capabilities with multiple stakeholders – for example, a CRM capability that various businesses and sales teams may use.)
  5. Build a backlog aligned to capabilities. What this means is whatever needs – the voice of the customer, capability gaps, future vision – are defined, they will need to be anchored at a capability level.
  6. Mapping capability needs to systems/services (Micro or SOA) is a critical success factor and is a part of the solution design/definition work. This will allow for building services at the right level of granularity or finding the application with the right fit.
  7. Interdependency analysis highlights not only interdependencies but also the critical path items, the overlaps, redundancies and allows for streamlining the capability evolution.
  8. Estimate how much will it cost – at this stage these estimates may be ROM (Rough order of magnitude.)
  9. Complete the capability-based digital business transformation roadmap. (Of course, these roadmaps are never entirely done and require frequent iteration and refinement.)

The digital roadmap typically comprises of broad themes which are in turn are a set of features, functions, and clusters of capabilities with phases, and milestones along the capability-enablement lifecycle.  The digital implementation roadmap is typically very detailed for one quarter and a bit higher level for the following three quarters, and then more at a feature/function level for the subsequent 12 months.

The following is a sample view of a digital transformation roadmap for a single digital capability.

Digital transformation roadmap - example

Functional Digital Transformation:

Large companies are using digitalization as an opportunity to fix many of the functional areas and move them into the digital age.

Marketing Transformation: Since the advent of social media and the digital wave, progress in marketing technologies has been phenomenal.  Scott Brinker’s marketing technology landscape map is an eye-opener.  Given the growth in online marketing, many large enterprises are embarking on marketing transformation.

CRM Transformation: Sales force automation and customer relationship management may have been where the enterprise SAAS digital revolution may have commenced, thanks to companies like  Today, most companies have already completed or in the throes of a CRM Transformation.

Accounting and Finance Transformation: The role of finance has changed tremendously in recent years. Today, finance has become a strategic function and a business enabler.  A digital transformation of finance function is at the core of many companies digital endeavors.

HR Transformation: In the digital age, people and data are probably the most critical assets of any company.  Hence Human Resources Transformation is on top of mind of companies who want to make the employee experience as exceptional as customer experience.

Business Intelligence and Data Analytics Transformation: Big data and analytics have helped companies transform regarding data-driven decision making, customer analytics, people analytics, operational analysis, and risk management.   Data Analytics and Business Intelligence transformation help add strategic value across many functional areas and positions the companies for the data-driven digital age.

Supply Chain Transformation: While many focus on the demand chain, particularly e-commerce and customer experience, the supply chain is an area where digital technologies and digital concepts have revolutionized how companies source, collaborate and innovate with their suppliers and partners.  Companies are re-imagining their supply chains with next-generation digitally powered Supply chain transformation.

According to IDC digital transformation spend will exceed $1.1 trillion in 2018.Digital transformation - IDC Spend Forecast

Digital Process Transformation:

Digital process transformation or digital process re-engineering is different than the traditional process re-engineering efforts of yesteryears where cost-cutting was often the core focus.  Instead today, digital process transformation often involves one of three things:

  1. Digitization and Intelligent Automation: For example, if a bank needs to enter financial statement information manually for underwriting purposes, using machine learning or RPA (Robotic process automation) to capture and extract the attributes and fill in an automated manner is an excellent way of bringing efficiency and effectiveness.
  2. Streamlining the “Experience”: Many process transformation efforts in the digital age are aimed at simplifying and optimizing the Omnichannel experience of a customer.
  3. A new way of doing old things: For example, Uber did not create an app to call a local yellow cab. Instead, if upended transportation with a ride hail app that leveraged the latest technologies – mobility, beacons and location services, and the emerging free agent economy.

Hence, when your enterprise is thinking about process restructuring or re-engineering as a part of digitalization, rethink the value and if possible recreate the flow. It is not about an incremental efficiency or elimination of a single step. If something could be done way differently or not done at all, it changes the paradigm.

“Being Digital”

“Thinking digital” “Doing Digital” and “Being Digital” are various stages of the digital mindset and culture. For large legacy enterprises digital is something that they need to acquire and is not as natural for the digital natives.

Digital natives do not need to remind themselves of “Touch-first and Click Next.” It is in their DNA.

Digital natives aren’t thinking “Why Cloud?” and associated justifications. It is just the way it is.

So, how do traditional enterprises bridge this digital cultural divide and reach a state where digital is not an act put on for the show but is an integral part of how the firm operates?

Being Digital – Dos and Don’ts:

  1. Digital culture doesn’t just happen by an executive mandate. It has to start from the top and permeate down the ranks.  The leadership team must embrace the concepts of digital and live them.
  2. Nominating an innovation team or a digital team is not a solution. If a firm needs to be digital, it cannot have a siloed group doing digital.
  3. The answer is not large consulting engagements either. While consultants have a role and place, the best way for companies to become digital is doing it themselves.
  4. Embrace design and experience as an integral part of building capabilities.
  5. Adopt outside in thinking with the customer as the central focus.
  6. Use techniques like design thinking to help develop those ideas that will help the firm leapfrog from the status quo.
  7. Acquiring startups for talent will help engender that digital culture and provide a short-term boost to doing and being digital.

Digital Transformation Change Management

The magnitude and impact of change management during a digital transformation cannot be overstated.  Since digitalization is more of a business transformation, cultural transformation, and people transformation – more than just a technology transformation – change management occupies a pivotal position in making the digital transformation something that the employees embrace and for the rewards of transformation bear fruit.

The change management in the digital age is indeed different and different.

Companies need a cohesive change management framework and a change orchestration plan. offers a comprehensive Change Management Guide, tools and templates to driven digital transformation change management. Do not underestimate the gravity of digital change management.

Top 10 Benefits of Digital Transformation

What are the benefits of digital transformation? It is essential to articulate the benefits of digital business transformation and of course deliver those benefits.  Here are the ten benefits of digitalization in the enterprise context:

  1. Better customer experience: As one of the core focus areas of digital transformation, the outcome is often a customer experience lightyears beyond what was present. Of course, the degree to how much improvement is possible depends on the state of the enterprise and the way the capability came together.
  2. Reduced cost of operations: Considering the margin pressures and lack of pricing power, lowering the cost of services and decreasing the friction is the machine is a positive contributor.
  3. Better compliance: When done right, digitalization helps in making risk and compliance management as an integral part of operations, not a superimposed structure.
  4. Effective Risk Management: Managing enterprise risk at various levels and controlling the vectors is often the goals and the outcomes of a well-implemented digitalization program.
  5. More profound Customer Insights: Customer analytics are another facet of the digital transformation that yields tremendous rewards. Whether it is customer segmentation for right customers, customer analytics for churn prediction, or calculating the propensity to buy, there are many ways customer analytics have changed the customer acquisition, conversion, retention, and wallet expansion game.
  6. Data-driven Decision Making: Dashboards, the real-time pulse of the company, predictive analytics have contributed to better strategy formulation and optimal decision making. The data-driven decision making is yet another landmark benefit of a digital enterprise.
  7. Elimination of reduction of Silos: Traditionally, large companies were a collection of fiefdoms. No longer. Today, thanks to digital transformation a new company-wide process orchestration and capability development are a reality.
  8. New Business Models, New Products, and Better Opportunities: From monetizing data to reaching across the global frontiers, from mass customization of products to achieving pinpoint personalization, digital makes a whole slew of things possible and feasible.
  9. Employee empowerment: A digital culture with a customer-centric and employee-centric focus and ethos helps employees feel empowered and go beyond the traditionally defined boundaries of role. Virtualization allows for anywhere work access. BYOD (Bring your own devices) make it easy to get work done without too many tools. New generation teamwork applications boost morale and productivity.
  10. Collaboration: Digital technologies and digital thinking foster cooperation internally, and collaboration externally with the ecosystem partners.

Why Digital Transformations Fail?

According to research firm IDC, companies expect to spend upwards of $1.1 trillion on digital transformation initiatives.  Despite these eye-popping investment numbers, many digital projects fail or underperform.  The failure of digital projects is emblematic of the broader syndrome affecting all projects – the larger the projects and more ambitious the reach and scope, the more likely they will fail or underperform.

9 Reasons why Digital Transformation Programs Fail:

  1. Not grasping what a “Digital Transformation” is
  2. Lukewarm support from the top leadership
  3. Jumping in without right Digital Strategy and Transformation Roadmap:
  4. Underestimating Magnitude of Transformation:
  5. Under Budgeting
  6. Lack of Talented Resources
  7. Focusing on Shiny Apps, not foundational things
  8. Underestimating Change Management
  9. Not addressing the culture thing

Digital tools and technologies:

Digital Transformation - Tools and TechnologiesDigital transformation is not complete without several enabling technologies rising to the forefront.  Digital transformation technologies are evolving fast bringing in their wake new possibilities. The following are some of the digital transformation tools and technologies that are driving digitalization efforts.  Which of them are fads or long-term solutions remains to be seen? So, before investing millions of dollars, enterprises should conduct a proof of concept and ensure they are using the right technologies for the proper use cases. Also, remember! IT digital transformation is an enabler and a means to an end, not the end.

The Top Ten Digital Transformation Technologies

  1. Digital Core Platforms:
  2. 5G Powered Smartphones:
  3. Enterprise Blockchain:
  4. Chatbots and Voice-powered NLP Agents
  5. Internet of Things and Wearables
  6. Big Data and Analytics
  7. Machine Learning and Artificial Intelligence
  8. Cloud
  9. Cyber defense
  10. Augmented Reality

Digital Transformation PDF, Excel, and PowerPoint Templates offers a lot of Transformation Toolkits, Templates, and Guides for digital transformation. Many of these are in a variety of formats: PDF, PowerPoint, Word, Excel templates or documents.

Please contact us for digital transformation deliverables or digital transformation consulting.

How to build a public profile as a cybersecurity pro

Cybersecurity professionals interested in raising their profiles as subject matter experts can count on social media to become more visible. With everyone being online this may not be enough though. CSO spoke to Forrester analyst Jinan Budge and cybersecurity professionals Katie Moussouris, Troy Hunt, Rachel Tobac, and Christina Morillo about their journeys and their tips for those who want to build their public profile.

Some of these professionals have been known for their work for more than two decades while others may have become more prominent in the last decade. But they have all seen and experienced the good and the bad.

Step 1: Define your cybersecurity area of expertise and what success mean to you

Professionals can use many channels to share their knowledge: blogs, video content, tweets, etc. How a professional decides to share knowledge will vary and it may not work in the first attempt, but one thing is key: Be yourself and discuss a topic you are comfortable with and understand.

Budge says that it is important to understand who you are to be able to go speak of things that matter to you. “Sometimes you need to remove that pressure of building a high profile, and it sounds counterintuitive, but I think once you do that and get to know who you are, that’s it.”

jinan budge forrester small Jinan Budge, Forrester

Jinan Budge, Forrester

Choosing your area of expertise is important. At some point, you may find that you will need to make decisions when opportunities are presented to you. Taking every opportunity may help increase visibility but it may also confuse those looking for a certain type of content. If you have that clearly defined, it will make it easier to decide which opportunities to turn down.

Define what visibility and success mean to you. “You may not necessarily want those same things that everybody else has, and that’s OK. Just be very clear on what you want, what you are and what you’re not willing to sacrifice and make a plan for yourself,” Morillo tells CSO. “There is no playbook. Define what it is that you’re good at. Figure that out, what makes you feel good.” Find your own formula is Morillo’s lesson.

Some key points from Tobac include building it in public to show people what you are working on and what you are doing so you can get feedback and know what works or doesn’t. Also do UX research; know your audience. More importantly get used to giving stuff for free. “You can’t give everything away for free. That’s important. But you have to give a lot of your thoughts and tips and tricks away for free. And I think that’s what really helps people understand how to stay safe. I think Katie [Moussouris] and Troy [Hunt] do that really well, where they talk about what they’ve learned, how you can implement it at your work and how to stay safe. And Troy created a completely free product for the general public,” she says, referring to Troy Hunt’s Have I Been Pwned, where anyone can search across multiple data breaches to check if their email address or phone number has been compromised.

Step 2: Start creating content

Once you know what you feel comfortable talking about, start talking about it. When Budge started at Forrester, the managing director said she should write blogs. She thought she had nothing to say and didn’t know how to do it but, “Once you start you can’t stop,” she tells CSO. This can work as practice for discussing topics, it can raise questions from readers, things you may not have initially considered, etc.

troy hunt small Troy Hunt

Troy Hunt

Writing blogs was how Hunt started. He tells CSO that 13 years ago when he was hiring at Pfizer, he was looking at resumes and wondering how he could tell if this or that person knew the things they said they knew. He’d search candidates in Stack Overflow or GitHub but would not find them there. That was where his first blog idea, Why online identities are smart career moves, came from. He says technology professionals in general should have something to show to prospect employers—something a lot of techies have been doing—other than references, which are people chosen by the candidate and likely to be someone who will say good things about them. This was part of how Hunt started his online presence, too: following his own advice and writing about things he was interested in.

Looking back now, he can see how things were “all over the place” as he was speaking broadly about technology. Eventually he landed in infosec, which is what he is most known for. “I think you just got to figure out your path in online life…. It probably took me a good year or two before I found the groove,” he says.

Step 3: Buckle up against criticism

These experts make it seem easy to be in the public eye today, but it is not. They have shared some of the obstacles they faced.

Hunt has seen others cope with appalling and more relentless behavior than he has, “particularly if it’s based on sexuality or gender or religious beliefs or things that are very, very personal and very, very targeted and amount to someone just simply disagreeing with your freedom of choice in life.” He has suffered online abuse, usually in the form of people questioning his right to discuss a topic. He believes this happens because he wasn’t a penetration tester by background, so discussing the topic made people question him. There were more serious issues such as a death threat, but the person was not living in Australia, so could not physically harm him.

moussouris 2022 headshot small Katie Moussouris

Katie Moussouris, CEO Luta Security

For Moussouris this wasn’t the case until social media platforms allowed people easy access to anyone. With her career already established before Twitter was launched, she found herself dealing with different behavior on social media. “I would say the obstacles there [Twitter] have been that because it’s a public medium, and Twitter especially tends to have a lot of people who think they can spend about two seconds considering a complex topic and rattling off their opinions. I think it’s been challenging for me having been a pioneer in several spaces basically being mansplained a lot on Twitter where people are explaining to me how vulnerability disclosure works when I wrote the international standards for it,” she tells CSO.

Moussouris also says that Wikipedia has a gender problem as there have been at least two attempts to create a page for her with both being taken down until around 2017 when the final attempt stuck.

It isn’t just plain abuse that can affect individuals or become tiring. Tobac has faced a different issue: She has been often overlooked not only for being a woman but also due to her stature. She says that in meetings she would often get the, “We’ll just wait for the CEO to arrive and we can start,” and she’d have to say, “I am here, we can start.”

She also thinks that people expect those in charge to have certain characteristics. “They don’t expect somebody to have decision making power or to be a CEO and to be able to make those choices. They just might think, ‘Oh, that’s a small person over there in the corner. I don’t think that’s the CEO.’ I do think that I am routinely underestimated because of my stature or what people expect a hacker or a CEO to look like.”

morillo small Christina Morillo

Christina Morillo

Morillo talks about being gaslit a lot. Sharing those experiences attracted another kind of attention from management at companies she worked where leaders “addressed” that people seeing or listening to what she was sharing may perceive she was being abused by her employer. That made her become more intentional about what she shared and what the repercussions may be.

It is no surprise and all the professionals agreed that there is more criticism online against women than men and that increases when other factors are added such as race or religion.

Other profile-building tips from cybersecurity experts

Moussouris brings up a similar topic: how women tend to edit themselves and aren’t good at self-promotion. “I think that, rather than cautioning people against what is too far in terms of promoting yourself and your accomplishments, we should be thinking about how can you advocate and remind people of your accomplishments. Because as far as I have experienced, especially on Twitter, even people who have been following me for a while don’t know exactly what it is that I do or I’m known for…. You should advocate and make sure people know what it is that that you like to do,” she says.

That impacts women even when applying for jobs. According to Gartner analyst Neha Kumar, women are reluctant about applying to a job when they see they meet between 60% and 70% of the criteria. “That is something that’s a given for men that they don’t see the need to meet all criteria on day 1, whereas women feel like they need to meet at least 80% of the criteria. This is a reality.”

One way to overcome that, not only for women but all, is to listen to experts, Budge suggests. There are experts that help people build brands, there are executive coaches, there are executive coaches specifically who help women build their brands, and workshops. In fact, Hunt has done this exact job of helping others build their brand.

When it comes to the perception Morillo had of other visible infosec professionals, she says, “There are no unicorns.” She used to believe that some people were untouchable, and that they were doing “Einstein genius-level” things, and she learned that is not always true. “We can all accomplish the same things. It is just that we have different journeys, and paths and getting there may look a little different.”

Job opportunities that (not always) come from being well-known

The results of being well known can be quite different. Moussouris, who’s been running her own company Luta Security for more than six years, says not a single contract came because of her social media presence even though her company does not advertise. “You know, you would think so, but absolutely no jobs or contracts…. No work has ever come because of my social media presence,” she says. However, because she was already well known and highly regarded, her company does attract clients by word-of-mouth from other customers or because of the work she has done in the past.

tobac small Rachel Tobac

Rachel Tobac, CEO SocialProof Security

Tobac, who does not employ a sales team in her organization, SocialProof Security, tells CSO that she gets more than a hundred of clients every year. “I found that building my company in public has been really effective. People get a chance to see how my clients react to the work that I do because they’re posting about it, because I’m so public about what it is that I do,” she says.

Hunt is no different and he counts on the help of his wife, who has a lot of knowledge about the industry especially around events and what is an acceptable price to charge for speaking at a conference. He is also a tutor for PluralSight.

Morillo had opportunities to speak at conferences, to be featured in magazines. She was part of a book before she wrote a couple of books. Thinking back, she believes that a combination of things made her become more visible, such as being featured in Cosmopolitan magazine earlier in her career. She says she has also been invited to be part of organizations such as Women in Security and Privacy and #ShareTheMicInCyber. Her current job was also the result of her online presence. She became acquainted with a professional online. They later met in person and one day he came to her with a job opportunity.

Different ways for cybersecurity pros to stand out

Each of these professionals CSO spoke to have done great work for the industry. They have done so sometimes in unexpectedly, creative ways but also, and perhaps more importantly, with diversity and inclusion at the heart of it.

Several years ago, Morillo noticed that there were no stock photos of women of color in tech or security. She started a small initiative called Women of Color in Tech Chat, which was meant to be a discussion. She started to pitch to organizations like Digital Ocean, Microsoft. GitHub, and Trello to sponsor a photo shoot to create these stock photos. She says the first photo shoot was such a success the company sponsored another two and these photos have now been viewed and downloaded millions of times.

Tobac, who has a degree in neuroscience and behavioral psychology, was teaching kids with disabilities before she went into cybersecurity. It was no surprise that after she entered the field and did different works in the space — she was thrice second place at DEF CON’s Social Engineering Capture the Flag contest — that she’d start sharing knowledge. That quickly evolved into cybersecurity training done in person and online. Then she took a step further: She started creating training videos in musical format and it has been a hit.

It started sometime during COVID-19 when she created a video of her singing an infosec sea shanty. Feedback was so good that she started researching the topic and found studies that said 80% of people like to learn content with song and 20% prefer spoken content. So, she set out to create training in musical format and four to six weeks after launching the first video, SocialProof had done 160 demos. Now the content is available in different languages including French, French Canadian, Mandarin, Portuguese, Spanish, and Swedish.

Blockchain Technology May Transform The Future Of Healthcare

More From Forbes

Can Travelers Avoid Covid-19 And Brain Fog During The Holidays?“,”scope”:{“topStory”:{“index”:1,”title”:”Can Travelers Avoid Covid-19 And Brain Fog During The Holidays?”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Nov 29, 2022″,”hourMinute”:”10:18″,”amPm”:”pm”,”isEDT”:false,”unformattedDate”:1669778301390},”uri”:””}},”id”:”bco3g76kbfh800″},{“textContent”:”

Healthcare Organizations Are Finding Novel Uses For Virtual Health Technology“,”scope”:{“topStory”:{“index”:2,”title”:”Healthcare Organizations Are Finding Novel Uses For Virtual Health Technology”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Nov 29, 2022″,”hourMinute”:”08:59″,”amPm”:”pm”,”isEDT”:false,”unformattedDate”:1669773588409},”uri”:””}},”id”:”dclmre0dqhe800″},{“textContent”:”

Gaslighting: Merriam Webster’s 2022 Word Of The Year, Here’s Its Definition“,”scope”:{“topStory”:{“index”:3,”title”:”Gaslighting: Merriam Webster’s 2022 Word Of The Year, Here’s Its Definition”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Nov 29, 2022″,”hourMinute”:”07:59″,”amPm”:”pm”,”isEDT”:false,”unformattedDate”:1669769988625},”uri”:””}},”id”:”24qjojmc84l000″},{“textContent”:”

Organ Donations Increase When Motorcyclists Gather“,”scope”:{“topStory”:{“index”:4,”title”:”Organ Donations Increase When Motorcyclists Gather”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Nov 29, 2022″,”hourMinute”:”04:15″,”amPm”:”pm”,”isEDT”:false,”unformattedDate”:1669756537402},”uri”:””}},”id”:”bb99pbiogj1800″},{“textContent”:”

What Can We Learn From The Growing Measles Outbreak In Ohio?“,”scope”:{“topStory”:{“index”:5,”title”:”What Can We Learn From The Growing Measles Outbreak In Ohio?”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Nov 29, 2022″,”hourMinute”:”02:40″,”amPm”:”pm”,”isEDT”:false,”unformattedDate”:1669750835573},”uri”:””}},”id”:”acrllldnkm4g00″},{“textContent”:”

Brain MRI Data & Machine Learning Models Might Help In Diagnosing ADHD“,”scope”:{“topStory”:{“index”:6,”title”:”Brain MRI Data & Machine Learning Models Might Help In Diagnosing ADHD”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Nov 29, 2022″,”hourMinute”:”01:15″,”amPm”:”pm”,”isEDT”:false,”unformattedDate”:1669745700000},”uri”:”–machine-learning-models-might-help-in-diagnosing-adhd/”}},”id”:”1ffa02he52iq00″},{“textContent”:”

Does Ethical AI Development Rely On The “Algorithmically” Underserved? CHAI’s Mission“,”scope”:{“topStory”:{“index”:7,”title”:”Does Ethical AI Development Rely On The “Algorithmically” Underserved? CHAI’s Mission”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Nov 29, 2022″,”hourMinute”:”12:29″,”amPm”:”pm”,”isEDT”:false,”unformattedDate”:1669742950309},”uri”:””}},”id”:”pop3qnd524i80″},{“textContent”:”

The N Protein, A New Target For Anti-Covid Drugs“,”scope”:{“topStory”:{“index”:8,”title”:”The N Protein, A New Target For Anti-Covid Drugs”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Nov 29, 2022″,”hourMinute”:”10:21″,”amPm”:”am”,”isEDT”:false,”unformattedDate”:1669735280506},”uri”:””}},”id”:”e01e1iqg3k9400″}],”breakpoints”:[{“breakpoint”:”@media all and (max-width: 767px)”,”config”:{“enabled”:false}},{“breakpoint”:”@media all and (max-width: 768px)”,”config”:{“inView”:2,”slidesToScroll”:1}},{“breakpoint”:”@media all and (min-width: 1681px)”,”config”:{“inView”:6}}]};