Click below to listen to this episode of Digital Shifts aka Corporate Evolution Tales, where host Mariam sits down with Brittany Greenfield, founder and CEO of Wabbi, to discuss how to align security with business goals, and why transformation is a continuous journey—not a one-time project. 

This interview originally appeared on Digital Shifts aka Corporate Evolution Tales’ YouTube on March 24, 2025

E035 of Digital Shifts – Brittany Greenfield: DevSecOps in Digital Transformation

About the session

This session of “Digital Shift” also known as “Corporate Evolution Tales” delves into the topic of digital transformation, focusing on the integration of security into the software development life cycle. The podcast is designed to provide insights and practical advice to both experienced corporate leaders and aspiring innovators.

Key speakers

• Miriam: Host of the podcast
• Brittany: CEO and founder of Wabbi, a DevSecOps cybersecurity platform

Agenda

The agenda for the session includes an introduction to the concept of digital transformation, a discussion on the integration of security into the software development life cycle, an exploration of the phases of digital transformation, and a discussion on the challenges and benefits of continuous improvement. The session also touches on the role of AI in digital transformation and provides key advice for organizations embarking on or continuing their digital transformation journeys.

Takeaways

Takeaway 1: Digital transformation is a continuous process that requires a strong foundation, starting with people, processes, and then tools.

Brittany, the CEO and founder of Wabbi, a DevSecOps cybersecurity platform, emphasized the importance of a phased approach to digital transformation. “There’s the period of excitement, oh my God, we’re really moving forward, and then there’s the term in the founder’s Journey called the trough of Despair where you start to realize how hard it is,” she stated. She further explained that after the initial excitement, organizations often face the challenge of aligning their processes and people with new technologies, which can lead to what she called the “shiny A syndrome” — the tendency to chase the latest technology without the necessary foundational work.

Brittany also highlighted the continuous improvement aspect of digital transformation: “It is not a one-time deal. You always have to be looking forward to the next thing. It’s like a revenue-driving operation. You have to be willing to draw down on the old thing to invest in the new thing.” This ongoing process ensures that organizations stay adaptable and can continuously integrate new technologies effectively.

She concluded by stressing the importance of getting the fundamentals right: “Think about building a building quickly. If you don’t have the right foundation, that building is going to topple or you’ll be left with a ton of problems that you’re constantly fixing.” Brittany advised organizations to focus on their existing technology and processes before adopting new, shiny tools, ensuring a strong and adaptable foundation for future growth.

Takeaway 2: Security should be an integral part of digital transformation, not an afterthought.

Brittany pointed out that security is often overlooked in the initial stages of digital transformation, which can lead to significant efficiency losses. “Security is not sitting at the kids table; it’s part of the conversation,” she stated. She emphasized that security should be aligned with the organization’s risk profile and goals: “If you align your security risk profile with your project risk profile, you’re going to know when you’re actually willing to stop something to fix it versus hey, it’s okay that we fix it later but can we fix it within 90 days?”

She used the example of banking apps to illustrate this point: “There’s a different risk profile for your dashboard versus your bill pay and your wire transfer because there are so many different components.” By understanding and addressing these differences, organizations can better manage their security risks and align them with their broader digital transformation goals.

Takeaway 3: Transparent communication and collaboration are crucial for successful digital transformation.

The importance of involving and communicating with the people who will be affected by digital transformation was a key point in the discussion. “If you do not win the hearts and minds of the people executing this, it doesn’t matter,” Brittany stated. She also emphasized the need for two-way communication: “It’s not just transparent communication; it’s letting them share their feelings back. Humans are critical, and we don’t like change, so you’re going to get a couple of people that are super stoked, and then a bunch of people that are going to be resistant.”

Brittany shared a practical example: “If the person entering customer records into CRM every day is like, ‘Hold on a second, why are we doing both a company field and an organization field?’ Get rid of that, don’t make it mandated.” By actively listening to and addressing the concerns of employees, organizations can foster a more positive and effective transformation process.

Insights surfaced

• Digital transformation is not just about technology; it involves people, process, and tools, with people being the most critical component.
• Security should be integrated into the digital transformation process from the beginning to avoid efficiency losses and potential breaches.
• Digital transformation is a continuous process of learning and improvement, not a one-time project.
• Organizations often face the “trout of despair” during digital transformation, a phase where the initial excitement is followed by the realization of the complexity involved.
• AI can optimize operations by supporting the workforce in working smarter, not harder.
• Transparent communication and involving all stakeholders in the digital transformation process is crucial for success.
• Foundational elements must be strong and adaptable before adopting new technologies.
• Aligning security risk profiles with organizational goals can make security more digestible and less intimidating as part of digital transformation.

Key quotes

• Brittany: “DevSecOps is not just another set of tools; it’s a transformational process, much like DevOps was for organizations.”
• Miriam: “When we are speaking about digital transformation, a lot of people are saying it’s just about automating processes, but it’s not only that; it’s all about the security first to understand how we can go safely with the path of digital transformation.”
• Brittany: “The goal is not to make every developer a subject matter expert in application security, but to improve collaboration so that developers can make educated decisions.”
• Brittany: “There’s a period of excitement, followed by the ‘trout of despair,’ and then a phase of incremental experimentation and continuous improvement.”
• Brittany: “Digital transformation is not a one-time deal; you always have to be looking forward to the next thing.”
• Brittany: “People, process, then tools. If you do not win the hearts and minds of the people executing this, it doesn’t matter what tool you buy.”
• Brittany: “Security is not just about avoiding breaches; it’s about efficiency and aligning with organizational goals.”
• Miriam: “Including people in digital transformation is crucial; they need to understand and be represented in the change process.”
• Brittany: “Make sure you have the foundation very strong and adaptable before adopting new technologies.”
• Brittany: “Security is not just about avoiding the front page of the newspaper; it’s about helping you reach your goals.”
• Brittany: “People and process, then tools. You do that, and you’re going to have the right fundamentals in place to continually integrate the latest technology into your organization.”