Interview – Doug Hammond, Chief Information Security Officer, Inland Revenue

Inland Revenue Hammond DougDoug joined Inland Revenue in May 2014 and is Chief Information Security Officer in the Information Technology & Change business unit of Inland Revenue.  His role is Tier 3 and reports to the Chief Technology Officer.  The primary purpose of this role is to manage IR’s security portfolio as it relates to digital security for Inland Revenue’s Information and Application Assets.  Doug is responsible for ensuring that security design, education and policy is positioned appropriately and tailored to meet business outcomes.

Other roles and organisations Doug has worked in, prior to joining Inland Revenue, are Senior Manager, Business Risk Services at Grant Thornton; Head of Technology Business Risk and NZ Divisional Information Security Officer at ANZ Bank; Security Assurance Manager at Vodafone NZ Ltd; IT Risk and Security Manager at Air New Zealand; Manager Enterprise Risk Services at Deloitte.

What do you feel are the biggest challenges IT leaders are currently faced with within their business?

As organisations adopt a greater online presence to reduce cost and improve customer service they introduce additional Cyber Security exposure that needs to be managed. The challenge is determining what level of investment is appropriate for managing this risk.

As an IT leader, what do you feel businesses continue to get wrong when it comes to their IT strategy?

IT strategies tend largely to be based on the known which leaves the organisation exposed to disruption. By their very nature, disruptive technology changes are very difficult to anticipate and prepare for, but IT Strategies need to do as much as possible to be early adopters of new technologies that could disrupt their current business model.

What are the latest trends and behaviours you predict will be surfacing on the market over the coming 12 months?

Increasing adoption of artificial intelligence and process automation in all spheres of business but particularly in the area of data analytics and business intelligence as volumes of data from sensors and IoT devices increase exponentially.

What is the best piece of advice you have received within your job over the years?

Find a health balance between pragmatism and paranoia.

What is one key takeaway you hope our IT audience leaves with after hearing your presentation on site?

The Cyber Security risk every organisation faces is significant and should not be underestimated. What each organisation does in response depends on their current cyber security maturity, their risk appetite, and their assessment of the consequences of a breach.

Inland Revenue