Digital transformation has become a core part of business across industries. But for successful transformation, organizations need an empowering approach that will grow and build and sustain competitive advantage and drive positive societal impact. This resonates with Boston Consulting Group as the company's diverse global teams unlock a company's potential with strategic transformations and make change happen by integrating solutions with cutting-edge technology and consulting.
Boston Consulting Group (BCG) partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was a pioneer in business strategy when it was founded in 1963. Today, the company works closely with clients to embrace a transformational approach aimed at benefiting all stakeholders, empowering organizations to grow, build sustainable competitive advantage, and drive a positive societal impact.
BCG's global teams have unrivaled industry and functional expertise and a range of perspectives that question the status quo and spark change. BCG delivers solutions through leading-edge management consulting, technology and design, and corporate and digital ventures. The company works in a uniquely collaborative model across the firm and through all levels of the client organization, fueled by the goal of helping its clients thrive, enabling them to make the world a better place.
Mark Connelly has been immersed in the technology and computing industry for more than 30 years in a range of roles, from sales and support to IT operations and information security.
After graduate school, where he studied electrical engineering, Mark joined the storied AT&T Bell Labs, where such luminaries as Arno Penzias, William Shockley, and his technology hero Claude Shannon were working. Sun Microsystems (SMI) gave Mark the opportunity to grow through the ranks in IT leadership to become their first-ever CISO.
During the financial crisis, Mark moved to NYC to become the Managing Director for infrastructure risk and security at Credit Suisse, before becoming the first global CISO for ITT, and then for Thompson Reuters.
He became CISO at BCG in 2016 and since then he and his team have fostered a culture where security is designed into everything the company does. To Mark, this was the hard part, but also one of his proudest moments.
Becoming the first CISO at SMI (now Oracle) more than 15 years ago presented Mark with some leadership challenges, but also great opportunities to learn. He progressed from district systems engineering manager to global leader of 2,000+ staff, before moving to run IT operations for sales and services, and then becoming CISO.
During those 20 years, Mark sharpened his knowledge of technology, business, operations, and information security in a way that serves him extremely well today, giving him a strong compass to see the whole picture.
Mark asserts that having a breadth of experience at different levels is unique but also extremely valuable for a CISO. He strongly believes CISOs are business executives as much as risk managers.
His experience includes crisis management, which is thankfully not called on every day but has helped him cultivate disciplined and strong leadership. Mark was once asked to lead a multi-company effort to bring back a major customer. It required a steady, methodical, and coordinated effort, managing communication, engineering, data center operations, and more—he slept on a cot in the office for a month. The pressure was significant: he directed tasks that had never been done before.
Crisis management has also taught Mark to stick to his beliefs. One example that stands out to him was when a CEO strongly challenged him on a recommendation he'd made to the executive committee. These experiences have taught him to be confident and back himself.
For Mark, clear and effective communication has also been key, particularly with executive managers and boards of directors as they're the most important audience. He has learned to tell them what they need to hear, not what they want to hear, to never hold back or bow to direct or indirect pressure to soften the blow.
But he also makes sure to tell them about all the positive work being done to protect the firm because they need to hear both sides.
Mark believes it works both ways. "You need to listen to your team. Draw out the best ideas from them and encourage strong discussion. I've found hiring people smarter than me and putting them in roles they can stretch in really builds the team," he said.
Experience has also taught Mark not to look for perfection in a solution as 80% of risk improvement is better than 0% of nothing!
When Mark began his CISO journey, information security had a narrowly focused scope, primarily concentrating on network security and building strong walls, which the company later realized was insufficient. To be successful, it was important for Mark to have a broad understanding of the industry, the business, and the risks. As innovation in technology and tools exploded, so did the opportunities for attackers. Learning and growth were exponential in the face of data loss and the impact of that escalated rapidly. Mark used his skills gained in dealing with businesses, clients, and operations to build effective programs.
Another challenge was understanding the scope of the risks and challenges in a fast-moving, global dot com and building strategy and tactics to address them, as well as those that could surface in the future. Many of the previous challenges Mark faced translated to working in banking and multi-industry and are now valid at BCG. Yet he says that each industry has unique challenges, which can be altered by the risks they face, so he always focuses on building a team of professionals, innovating with the available resources, and validating BCG's performance in risk metrics.
He believes the most essential quality of a leader is to have a "firm grip on any crisis". "If you waver, the team will too," he added. Guiding a team through tough experiences will help leaders learn how to do things better and develop a steady hand.
Being a good listener and decisive is also crucial as people hate indecision. Mark says it's important to build relationships with teammates and create a bridge of trust between leadership and colleagues. By supporting and trusting them, and removing obstacles so they can do their job, you will achieve extraordinary things.
A leader also needs confidence, credibility, and the ability to remain calm in high-pressure situations. He or she can't lose their head. Mark once said to a CEO, "if I lose my head, you've got a bigger problem".
These attributes, paired with experience in different areas of the business, will help leaders build a program that can be shared with key stakeholders to meet risk objectives, and support desired goals.
Mark believes in using what the company already has, as he has often seen assets being underused. He anticipates business direction change and technology evolution and participates in industry groups supporting innovation. He is not afraid of challenging teams to be bold, even if it has never been tried before—often the challenges will get new ideas flowing.
He also budgets for R&D in terms of technology process and training, so colleagues are empowered with new skills. He says this will yield innovation that would have otherwise been undiscovered.
According to Mark, AI is transforming the threat landscape and risk, while also offering tremendous opportunities for good. BCG now has massive datasets and network connections processing power that was never available before, and that provides rapid analysis and insights to improve decisions.
There is also an inherent risk around confidentiality, integrity, and availability. This brings up important questions, like will these tools be used by attackers to deny access to critical services?
Mark asserts that leaders need to establish strong ethical guidelines to make sure these tools are used for good. CISOs need to help shepherd policies in their firms and in governments to make sure they're used properly.
BCG is leading in many areas of AI and data science. The firm is constantly working across all industries to support its transformation in a bionic manner—achieving the full potential of technology by combining it with the flexibility, adaptability, and comprehensive experience of humans.
This means applying grey matter (the people) and technologies with clients to build insights and strategies to improve their performance while helping to shape the future in terms of sustainability, cybersecurity, and business growth.
Mark believes that we are at a true inflection point in terms of opportunities to shape a secure future, and there's a lot for CISOs to get involved with. All technology should have security built-in, so he feels it's important to get people to support your programs by starting with the 'why'.
"Call it like you see it and don't bend in the face of resistance—you will be tested," says Mark. "Recognize progress at each step of the journey. Build your succession plan and watch for single points of failure and prioritize, then act."
Join our WhatsApp Channel to get the latest news, exclusives and videos on WhatsApp
_____________
Disclaimer: Analytics Insight does not provide financial advice or guidance. Also note that the cryptocurrencies mentioned/listed on the website could potentially be scams, i.e. designed to induce you to invest financial resources that may be lost forever and not be recoverable once investments are made. You are responsible for conducting your own research (DYOR) before making any investments. Read more here.