(US and Canada) David Sims, Staff Vice President, Security Technology Services, Elevance Health, speaks with Michael Wilcox, CISO-Field/VP, Office of the CISO, Stratascale, about his professional journey, the evolving security space, technology as an enabler, benefits of mentoring and networking, embracing AI and the importance of Zero Trust.
Sims initiates the conversation by sharing that he transitioned into information security out of necessity. As a technologist, data center manager, and network manager, he often explained security-related topics to security professionals. As a result of this, he decided to join them, studying for and passing the CISSP exam on his first attempt.
Sims has been an information security professional for the past twenty years. He argues that the evolving security space is evident with the implementation of safety measures such as the installation of security in environments and acceptance of the Zero Trust concept. He also highlights that the modern customer expects quality and security to be synonymous and that it is illogical to purchase an unsafe application.
When asked about how technology can be leveraged to drive greater efficiency in healthcare, especially in talent acquisition and management, Sims says that technology is not the goal but an enabler that unlocks the door for people to reach their destination. He suggests that, alongside using technology in human resources and screening, one must also recognize the importance of human interaction. To broaden the search, leaders must engage in activities such as networking and mentoring to form their network.
As Sims suggests, mentoring often proves to have mutual benefits, it not only helps the mentee but also provides leaders with improved skills and understanding. These capabilities often add depth to the talent pool.
Speaking further about the talent issue, Sims reckons that the talent crisis in various industries may be rooted in a leadership crisis due to a lack of proper investment. He believes that formal mentorship programs are very important and when an organization seeks to create one, it sends a clear message to both leaders and staff that it is important enough to invest in.
Sims claims that the most effective mentorship comes from volunteers who support or coach anytime needed. Therefore, organizations must be creative in seeking out potential mentors to ensure their future success. In regards to this, organizations may already have many potential mentors whose talents can be tapped into.
Furthermore, Sims insists that companies recruit inquisitive people with free minds to embrace new technology and stay competitive. Additionally, he recommends paying attention to those who know coding and video gamers who can solve puzzles.
Speaking of AI adoption, Sims reveals that he encourages his organization to embrace AI, noting that it is an enabling technology that will be pervasive in every industry. He informs his colleagues that anyone entering the marketplace who knows more about AI will have an advantage. Understanding and utilizing AI, he says, is akin to finding a way to help the big rock do something useful.
Thereafter, Sims states that technology and security are seen as obstacles or roadblocks. However, these obstacles are simply patterns and habits that have formed over time and take time to alter. To improve technology, there needs to be a change in the mentality, away from what is already set up, thereby freeing up the technology to modernize and make access easier.
Highlighting Zero Trust, Sims asserts that it is an essential interest of the organization and that they are actively engaging in this journey. He mentions that every individual within the organization must make an effort to advance this Zero Trust environment. It is not a single product or end goal but rather a progression that necessitates continuous improvements and updates to sustain.
Sims suggests security personnel devise novel methods to optimize business, and technology partners must be ready to adopt swift changes. It currently means departing from past models of a securely enclosed network where the objective was to protect the core elements of the system. To obtain this, the process of modernizing identity must first be initiated, he adds.
Emphasizing security, Sims states that identity, patch, vulnerability management, and employee awareness are essential to ensure the security of company devices and connections.
In conclusion, Sims opines that office cohesion is vital to building a successful work culture. He affirms participating in open lunches, ask-me-anything sessions, and team activities to support this.
CDO Magazine appreciates David Nelson for sharing his insights with our global community.