Virtual Innovation Collaboration

The real gap between digital leaders and laggards isn’t just in technology—it's in mindset. The 𝐃𝐢𝐠𝐢𝐭𝐚𝐥 𝐃𝐢𝐯𝐢𝐝𝐞 isn’t about who has the best tools; it’s about who knows how to wield them. The difference between average and excellent isn’t in the number of systems implemented but in the strategic intent behind them. True digital transformation isn’t just an IT initiative—it’s a company-wide movement, a reimagining of what’s possible when leadership, innovation, and agility align. 𝐖𝐡𝐚𝐭 𝐀𝐯𝐞𝐫𝐚𝐠𝐞 𝐋𝐨𝐨𝐤𝐬 𝐋𝐢𝐤𝐞: • 𝐓𝐞𝐜𝐡𝐧𝐨𝐥𝐨𝐠𝐲-𝐅𝐨𝐜𝐮𝐬𝐞𝐝 𝐋𝐞𝐚𝐝𝐞𝐫𝐬𝐡𝐢𝐩: CIOs and CTOs leading the charge, with an inward focus on IT infrastructure. • 𝐄𝐟𝐟𝐢𝐜𝐢𝐞𝐧𝐜𝐲 𝐎𝐯𝐞𝐫 𝐈𝐧𝐧𝐨𝐯𝐚𝐭𝐢𝐨𝐧: Tracking efficiency and business performance without a broader view towards future capabilities. • 𝐂𝐚𝐮𝐭𝐢𝐨𝐮𝐬 𝐏𝐫𝐨𝐠𝐫𝐞𝐬𝐬: Proceeding with digital steps without the urgency to outpace the evolving market demands. • 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐚𝐥 𝐒𝐭𝐚𝐛𝐢𝐥𝐢𝐭𝐲: Maintaining the status quo in operations, favoring predictability over agility. • 𝐒𝐭𝐚𝐧𝐝𝐚𝐫𝐝 𝐓𝐨𝐨𝐥 𝐀𝐝𝐨𝐩𝐭𝐢𝐨𝐧: Providing employees with collaboration tools without fostering a culture of digital innovation. • 𝐁𝐚𝐜𝐤𝐞𝐧𝐝 𝐏𝐫𝐢𝐨𝐫𝐢𝐭𝐢𝐳𝐚𝐭𝐢𝐨𝐧: Concentrating on backend upgrades before considering the customer-facing aspects of the business. • 𝐒𝐢𝐥𝐨𝐞𝐝 𝐃𝐚𝐭𝐚 𝐔𝐭𝐢𝐥𝐢𝐳𝐚𝐭𝐢𝐨𝐧: Using data for routine business operations rather than as a cornerstone for transformation and innovation. 𝐖𝐡𝐚𝐭 𝐄𝐱𝐜𝐞𝐥𝐥𝐞𝐧𝐭 𝐋𝐨𝐨𝐤𝐬 𝐋𝐢𝐤𝐞: • 𝐋𝐞𝐚𝐝𝐞𝐫𝐬𝐡𝐢𝐩 𝐟𝐫𝐨𝐦 𝐭𝐡𝐞 𝐓𝐨𝐩: Transformation championed by CEOs, integrating digital priorities within the company’s vision. • 𝐂𝐨𝐦𝐦𝐢𝐭𝐦𝐞𝐧𝐭 𝐭𝐨 𝐈𝐧𝐧𝐨𝐯𝐚𝐭𝐢𝐨𝐧: Measuring success through the lens of innovation and digital proficiency. • 𝐒𝐭𝐫𝐚𝐭𝐞𝐠𝐢𝐜 𝐀𝐜𝐜𝐞𝐥𝐞𝐫𝐚𝐭𝐢𝐨𝐧: Not merely adapting but actively advancing digital initiatives, even in challenging economic climates. • 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐚𝐥 𝐀𝐠𝐢𝐥𝐢𝐭𝐲: A culture that embraces operational efficiency as a path to competitive advantage. • 𝐏𝐞𝐨𝐩𝐥𝐞 𝐚𝐬 𝐏𝐫𝐢𝐨𝐫𝐢𝐭𝐲: Investing in employee engagement and digital literacy, recognizing that technology amplifies human potential. • 𝐂𝐮𝐬𝐭𝐨𝐦𝐞𝐫-𝐂𝐞𝐧𝐭𝐫𝐢𝐜 𝐄𝐯𝐨𝐥𝐮𝐭𝐢𝐨𝐧: Prioritizing the customer experience with a strategy that adapts proactively to their needs and behaviors. • 𝐃𝐚𝐭𝐚-𝐃𝐫𝐢𝐯𝐞𝐧 𝐃𝐞𝐜𝐢𝐬𝐢𝐨𝐧𝐬: Leveraging AI and data analytics not only to inform decisions but to foster a culture of continuous improvement. 𝐅𝐮𝐥𝐥 𝐚𝐫𝐭𝐢𝐜𝐥𝐞: https://lnkd.in/eU_Cc3ga ******************************************* • Visit www.jeffwinterinsights.com for access to all my content and to stay current on Industry 4.0 and other cool tech trends • Ring the 🔔 for notifications!

As I’ve been digging into the #CybersecurityFramework 2.0, and helping clients navigate the changes, I’ve found several areas where the new additions feel pretty significant. If you’re already using the #CSF and trying to figure out where to focus first, take note of these new Categories: ◾ The POLICY (GV.PO) Category was created to encompass ALL cybersecurity policies and guidance. Now, on one hand it might seem like a "well, of course" moment to consolidate all cybersecurity policies into one place - on the other hand, policies were previously sprinkled throughout the CSF, and were tied to specific actions like Asset Management or Incident Response. Now, it's all in one area, which makes a ton of sense and simplifies things, but also means we've got to remember that this one Category covers everything! ◾ Another significant addition is the PLATFORM SECURITY (PR.PS) Category which largely pulls together key topics from the previous Information Protection Processes & Procedures (PR.IP) and Protective Technology (PR.PT) focusing on security protections around broader platform types (hardware, software, virtual, etc.). If you’re looking for things like configuration management, maintenance, and SDLC – you’ll now find them here.  ◾ The TECHNOLOGY INFRASTRUCTURE RESILIENCE (PR.IR) Category pulls largely from the previous Information Protection Processes & Procedures (PR.IP) and Protective Technology (PR.PT) as well, but also pulls in key aspects from Data Security (PR.DS). This new Category highlights the need for managing an organization’s security architecture and includes security protections around networks as well as your environment to ensure resource capacity, resilience, etc. So, what does all this mean for your organization? Whether you're just starting out, or you're looking to refine your existing cybersecurity strategies, CSF 2.0 offers a more streamlined framework to use to bolster your cyber resilience. Remember, staying ahead in cybersecurity is a continuous journey of adaptation and improvement. Embrace these changes as an opportunity to review and enhance your cybersecurity posture, leveraging the expanded resources and guidance provided by #NIST! Have you seen the updated mapping NIST released from v1.1 to v2.0? Check it out here to get started and “directly download all the Informative References for CSF 2.0” 👇 https://lnkd.in/e3F6hn9Y

The National Institute of Standards and Technology (NIST) has released a draft of its “Cybersecurity Framework Profile for Artificial Intelligence” (open for public comment until Jan 30, 2026) to help organizations think about how to strategically adopt AI while addressing emerging cybersecurity risks that stem from AI’s rapid advance. Building on the #NIST Cybersecurity Framework 2.0, the Cyber AI Profile translates well-established risk management concepts into AI-specific cybersecurity considerations, offering a practical reference point as organizations integrate AI into critical systems and confront AI-enabled threats. The Cyber AI Profile centers on three focus areas: • Securing AI systems: identifying cybersecurity challenges when integrating AI into organizational ecosystems and infrastructure. • Conducting AI-enabled cyber defense: identifying opportunities to use AI to enhance cybersecurity, and understanding challenges when leveraging AI to support defensive operations. • Thwarting AI-enabled cyberattacks: building resilience to protect against new AI-enabled threats. The Profile complements existing NIST frameworks (CSF, AI RMF, RMF) by prioritizing AI-specific cybersecurity outcomes rather than creating a standalone regime.

𝟏𝟎 𝐂𝐲𝐛𝐞𝐫𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐅𝐫𝐚𝐦𝐞𝐰𝐨𝐫𝐤𝐬 𝐌𝐨𝐬𝐭 𝐓𝐞𝐚𝐦𝐬 𝐈𝐧𝐡𝐞𝐫𝐢𝐭 - 𝐍𝐨𝐭 𝐂𝐡𝐨𝐨𝐬𝐞 ! A big customer asks for SOC 2. A regulator mentions ISO or NIST. Suddenly your “strategy” becomes a messy stack of rules that nobody can clearly explain. Frameworks were meant to reduce confusion. Not multiply it. Here’s the truth 👇 If you remove the logos, most cybersecurity frameworks answer the same few questions: – What are we protecting, and how critical is it? – Which controls reduce real attacks first? – How do we prove trust to customers and regulators? – How do we improve over time instead of ticking boxes once? That’s it. The 𝟏𝟎 𝐦𝐚𝐣𝐨𝐫 𝐟𝐫𝐚𝐦𝐞𝐰𝐨𝐫𝐤𝐬 simply sit at different points of that map. Some shape strategy: ➤ NIST CSF gives structure and direction Some formalize governance: ➤ ISO 27001 / 27701 turn security into a certifiable system Some drive action: ➤ CIS Controls tell engineers where to start Some build external trust: ➤ SOC 2, PCI DSS, HIPAA, HITRUST speak auditor language Some go deep where risk is highest: ➤ CSA CCM, NIST 800-53, 800-171 for cloud and government needs 𝐓𝐡𝐞 𝐦𝐢𝐬𝐭𝐚𝐤𝐞? Treating frameworks like competing religions. Strong 𝐭𝐞𝐚𝐦𝐬 𝐬𝐭𝐚𝐜𝐤 𝐭𝐡𝐞𝐦. One shapes strategy. One drives execution. One proves trust. Over time, the question changes from: “𝐀𝐫𝐞 𝐰𝐞 𝐜𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐭 𝐰𝐢𝐭𝐡 𝐗?” To: “𝐖𝐡𝐢𝐜𝐡 𝐦𝐢𝐱 𝐛𝐞𝐬𝐭 𝐞𝐱𝐩𝐥𝐚𝐢𝐧𝐬 𝐨𝐮𝐫 𝐫𝐢𝐬𝐤 𝐬𝐭𝐨𝐫𝐲 𝐭𝐨 𝐭𝐡𝐞 𝐩𝐞𝐨𝐩𝐥𝐞 𝐰𝐡𝐨 𝐦𝐮𝐬𝐭 𝐭𝐫𝐮𝐬𝐭 𝐮𝐬?” That’s when frameworks stop being paperwork and start acting like an operating system for security. Which framework actually helps your team make better decisions today? 👇 Which one does your organization rely on most right now? ------------ Hi, I'm Harris D. Schwartz 𝐅𝐫𝐚𝐜𝐭𝐢𝐨𝐧𝐚𝐥 𝐂𝐈𝐒𝐎 𝐚𝐧𝐝 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐋𝐞𝐚𝐝𝐞𝐫. I help CEOs and executive teams strengthen their security posture and build resilient, compliant organizations. With 𝟑𝟎+ 𝐲𝐞𝐚𝐫𝐬 𝐚𝐜𝐫𝐨𝐬𝐬 𝐍𝐈𝐒𝐓, 𝐈𝐒𝐎, 𝐏𝐂𝐈, 𝐚𝐧𝐝 𝐆𝐃𝐏𝐑, I know how the right security decisions reduce risk and protect growth. If you are planning how your security program needs to evolve in 2026, this is the right time to have that conversation. #CyberSecurity #SecurityFrameworks #RiskManagement #CISO #ISO27001 #NIST #SecurityStrategy

How can you grow innovation in an organisation that is tired and overloaded? No! Not by launching yet another innovation programme. Tired teams don’t need more. They need different. Here are 5 things to do: 1. Kill before you create You can’t grow innovation on top of a full plate. Make a stop list before a to-do list: which meetings, reports, projects and rituals will you end to free up energy for new ideas? 2. Protect small islands of focus time Innovation dies in back-to-back calendars. Block fixed “no meeting” slots or a monthly sprint where teams can work on one opportunity without interruptions. Guard this time like you guard client deadlines. 3. Shrink the ambition, speed up the learning Overloaded people fear “big transformation”. Instead, ask for tiny experiments: 1 idea, 1 customer segment, 1 simple test within 2–4 weeks. The goal is learning, not a perfect business case. 4. Change leadership behaviour, not posters Culture follows what leaders do on Monday morning. Leaders should ask: “What did we learn?” more often than “Did we hit the numbers?” and publicly reward smart experiments, even when they don’t “win”. 5. Make progress visible and human Tired organisations often are moving… they just can’t see it. Create a simple “innovation wall” (physical or digital) showing ideas, tests, and outcomes. Celebrate small wins with names and faces, not just dashboards. Innovation culture doesn’t start with energy. It starts with permission, space and small, real progress – especially when everyone is tired. #innovation #innovationculture #leadership #change #futureofwork #organisationaldevelopment

From COBIT to ISO 42001: Evaluating Cybersecurity Frameworks for Opportunities, Risks, and Regulatory Compliance in Commercializing Large Language Models From the research paper: https://lnkd.in/g38NBCe2 1) This study investigated the integration readiness of four predominant cybersecurity Governance, Risk and Compliance (GRC) frameworks - NIST CSF 2.0, COBIT 2019, ISO 27001:2022, and the latest ISO 42001:2023 - for the opportunities, risks, and regulatory compliance when adopting Large Language Models (LLMs), using qualitative content analysis and expert validation. 2) Comparative gap analysis has highlighted that the new ISO 42001:2023, specifically designed for Artificial Intelligence (AI) management systems, provided most comprehensive facilitation for LLM opportunities, whereas COBIT 2019 aligned most closely with the impending European Union AI Act. 3) Nonetheless, our findings suggested that all evaluated frameworks would benefit from enhancements to more effectively and more comprehensively address the multifaceted risks associated with LLMs, indicating a critical and time-sensitive need for their continuous evolution. 4) We propose integrating human-expert-in-the-loop validation processes as crucial for enhancing cybersecurity frameworks to support secure and compliant LLM integration and discuss implications for the continuous evolution of cybersecurity GRC frameworks to support the secure integration of LLMs. #llmsecurity #aigovernance #aritificialintelligence #iso42001 #aigovernance #grc #controls #gaps #evaluation #securityriskmanagement #risks #riskanalysis

Leading in the digital age is not just about mastering technology; it’s about mastering change. As someone guiding an organization through rapid shifts, I’ve learned that digital transformation is, at its core, about people. I used to think building digital capabilities meant investing in the latest systems, but I quickly realized that the most critical investment is in developing a culture of adaptability. Digital IQ starts at the top. If I don’t immerse myself in emerging tech, competition and customer trends, how can I expect my team to embrace them? Instead of attempting to overhaul the entire company, I started with digital-ready teams, those eager to experiment, collaborate, and drive results. Their success became proof of concept, showing the rest of the organization what’s possible. Change requires persuasion, not mandates. A digital leader must inspire transformation at every level, ensuring that innovation, agility and collaboration become part of the mindset. Transformation is sustained when people evolve alongside technology. #digitaltransformation #organizationalchange

𝗜 𝗯𝗲𝗹𝗶𝗲𝘃𝗲 𝘁𝗵𝗲 𝗿𝗲𝗮𝗹 𝗶𝗻𝗻𝗼𝘃𝗮𝘁𝗶𝗼𝗻 𝗴𝗮𝗽 𝗶𝗻 𝗳𝗮𝘀𝗵𝗶𝗼𝗻 𝗶𝘀𝗻’𝘁 𝘁𝗲𝗰𝗵. 𝗜𝘁’𝘀 𝗯𝗲𝗵𝗮𝘃𝗶𝗼𝘂𝗿. Fashion’s digital future isn’t being blocked by a lack of tools. It’s being blocked by legacy habits dressed up as strategy. 👉🏾 Avoiding change under the guise of “protecting creativity” 👉🏾 Spending months aligning on tools, but never aligning on ways of working 👉🏾 Treating pilots as progress, instead of proof 𝗛𝗲𝗿𝗲’𝘀 𝘄𝗵𝗮𝘁 𝗜 𝗮𝗰𝘁𝘂𝗮𝗹𝗹𝘆 𝗯𝗲𝗹𝗶𝗲𝘃𝗲 𝗮𝗯𝗼𝘂𝘁 𝗱𝗶𝗴𝗶𝘁𝗮𝗹 𝗶𝗻𝗻𝗼𝘃𝗮𝘁𝗶𝗼𝗻: 🛑 Creativity doesn’t need defending from technology. If anything, it needs defending from inefficient workflows, reactive timelines, and never-ending decks. 🎯 Adoption isn’t a training issue, it’s a leadership one. You don’t get behaviour change from another how-to session. You get it from clarity, consistency, and consequences. 🧱 Most “transformation” efforts crumble because they focus on assets, not architecture. If your processes, people, and decision points aren’t aligned, your tools won’t save you. 🧬 Digital fluency is a culture, not a capability. It’s how teams think, share, test, and move. When done right, it changes how decisions get made, not just how samples look. What this looks like in practice: At INHOUSE, we work with teams who are tired of the surface-level stuff. They want digital that: ✅ Speeds up design and sharpens intent ✅ Powers decisions across functions ,not just visuals ✅ Creates space to explore before money is spent The result? Fewer samples. Fewer meetings. Less rework. More clarity. More control. More creative confidence. The future isn’t about adding more tech. It’s about removing the blockers to progress, and building fashion workflows that actually serve the people doing the work. 💬 What’s the blocker you’re ready to remove next? Let’s compare notes. #FashionInnovation #DigitalDesign #3DFashion 📸 : INHOUSE

We build every production line twice. 🤖 Initially in 3D. Then in reality. The digital version comes first for a reason. We test FANUC Europe robot movements, check reach zones, detect collisions, and verify cycle times. All of this happens before a single piece of steel is cut or a robot is mounted. It’s not about showing off technology. It’s about avoiding costly surprises on the production floor. If you catch a problem in the simulation, it costs you an hour of engineering work. If it shows up during installation, it’s days of downtime and a crew standing idle… 😏 The math is simple. 👍 I’ve seen lines launched in a few weeks thanks to precise virtual testing, and I’ve also seen lines struggle for months when this step was skipped to “save effort.” It’s ironic: rushing at the expense of simulation always ends up costing more time. 😉

🔐 𝗦𝘁𝗿𝗲𝗻𝗴𝘁𝗵𝗲𝗻𝗶𝗻𝗴 𝗜𝗻𝗱𝘂𝘀𝘁𝗿𝗶𝗮𝗹 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝘄𝗶𝘁𝗵 𝗜𝗘𝗖 𝟲𝟮𝟰𝟰𝟯 As industrial systems become increasingly interconnected, adopting a robust, structured cybersecurity framework is no longer optional—it’s essential. IEC 62443 remains the global benchmark for securing Industrial Control Systems (#ICS) and Operational Technology (#OT) environments. This framework provides a holistic security model, addressing everything from segmentation to threat mitigation, helping organizations build resilient, defense‑in‑depth architectures. Some key concepts that stand out: ✔ 𝙕𝙤𝙣𝙚𝙨 & 𝘾𝙤𝙣𝙙𝙪𝙞𝙩𝙨 – Logical grouping of assets and communication paths to enforce consistent cybersecurity requirements. ✔ 𝘿𝙚𝙛𝙚𝙣𝙨𝙚 𝙞𝙣 𝘿𝙚𝙥𝙩𝙝 – Layered protection across physical security, identity & access, network, compute, application, and data. ✔ 𝙁𝙤𝙪𝙣𝙙𝙖𝙩𝙞𝙤𝙣𝙖𝙡 𝙍𝙚𝙦𝙪𝙞𝙧𝙚𝙢𝙚𝙣𝙩𝙨 (𝙁𝙍1–𝙁𝙍7) – Covering authentication, system integrity, restricted data flow, incident response, and more. ✔ 𝙎𝙚𝙘𝙪𝙧𝙞𝙩𝙮 𝙇𝙚𝙫𝙚𝙡𝙨 (𝙎𝙇0–𝙎𝙇4) – Clearly defined protection levels based on threat sophistication and required defenses. ✔ 𝙈𝙖𝙩𝙪𝙧𝙞𝙩𝙮 𝙇𝙚𝙫𝙚𝙡𝙨 (𝙈𝙇1–𝙈𝙇4) – Measuring how well an organization institutionalizes cybersecurity processes. Adopting IEC 62443 not only enhances technical protections but also strengthens governance, operational reliability, and long‑term cyber resilience—key priorities for any modern industrial or critical infrastructure environment. In an era of evolving cyber threats, frameworks like IEC 62443 are vital to safeguarding industrial operations and ensuring secure digital transformation. #IEC62443 #Cybersecurity #OTSecurity #ICS #IndustrialAutomation #DigitalTransformation #RiskManagement #DefenseInDepth