CIO Symmetry

June 17, 2014  6:03 PM

Boston TechJam: Beer, live music, and tips on how to be a successful startup

Kristen Lee Kristen Lee Profile: Kristen Lee

The Boston TechJam, now in its second year, is an effort by the city’s tech companies and industry groups to promote the local “innovation economy.” And the boosterism was certainly front and center, including on the event’s website. Would-be attendees were told that “Massachusetts has the world’s greatest concentration of entrepreneurs, emerging and leading tech companies, top-tier academic institutions and students, world-class venture capitalists, incubators, and an eco-system of supporting service providers.” For good measure, the online notice proclaimed, “There is no better place on earth to launch and scale innovative ideas that tackle the toughest challenges.”

No better place on earth may be overstating the case, for sure, (Hello, Silicon Valley!) but the mood was upbeat enough inside Faneuil Hall, the 1742 meeting hall that’s now a popular tourist stop on the city’s 2.5 mile Freedom Trail. When I arrived, the first of six startup companies was trying to convince a panel of judges why it deserved to win this year’s pitch competition. (Prizes included a personal training with boxer/entrepreneur George Foreman III.)

As it turned out, the very first startup to go — Sharalike, a Cambridge-based mobile app that allows users to design slideshows — would end up with the prize, beating out what seemed to me the hands-down winner: Time Out, a mobile app that detects concussions designed by five high school girls from the nearby City of Winchester. (You’ll be hearing more about their software app on our Small Business IT page.)

In between the pitches, some of Boston’s most successful entrepreneurs took the stage to give advice about lessons learned while they struggled to get their companies off the ground.

Here are five tips for startup success that these entrepreneurs passed on to the audience of techies:

1) Have a business plan: “You have to think really hard about what you’re going to accomplish.”

Of course, you say. But having a rigorous business plan is easier said than done, said Rich Doyle co-founder of Boston-based Harpoon Brewery, best known for its India Pale Ale.  “Part of that is forecasting: you have to think really hard about what you’re going to accomplish and hold yourself to those standards or else you’ll never achieve them and you’ll never have a benchmark to know where you should be.” Doyle, who co-founded Harpoon Brewery in 1986 and was an instrumental player in the growth of the American microbrewery industry, wrote his business plan for the Harpoon Brewery during his second year at Harvard Business School after recognizing there was an unmet demand for European style beers.

While it is important to come up with a business plan, it is just as important to acknowledge that most business plans fail, said Donna Levin, co-founder and vice president of operations at, whose mission is to help connect families and caregivers. She said she wished she had known this when starting out as an entrepreneur.

“Don’t be discouraged if it looks like your plan that you worked so hard on doesn’t make it the first time,” Levin advised the crowd. It is important for startups to have a plan a, b, c, and d.

2) Assemble the right team:Happy cows make great cheese.”

By right team, serial entrepreneur Suzie Kim Riley, means people who will stand by you through thick and thin.

“You go from the highest highs to the lowest lows and sometimes they can all happen within one hour,” said Riley, founder and CEO of Aquto, a mobile ad platform. “And I would say that the key is not losing hope and having a strong team around you.”

All five of the entrepreneurs who offered tips talked about the importance of a strong team and why startups, in particular, need to create a culture that empowers their employees and makes them want to stick around.

“Happy cows make great cheese,” Brian Kalma, design chief at Blade, a venture capital firm and tech development studio, said. “So the lesson that you learn from that is basically that culture is king. It is arguably more important to hire for culture and hire the right people than it is to hire for talent and for the specific role that you need at that time.”

And Kalma added that “employees stick around when you build a culture that works for everyone.”

So how do you make sure you hire the right people who will positively influence your company’s culture and help you be successful?

Levin suggests trying the “elevator test.” Basically, when considering hiring someone, ask yourself if you could be stuck in an elevator with that person for three or four hours without wanting to kill yourself.

“And if the answer is ‘I would kill myself’ then they probably shouldn’t be on the team,” Levin said.

3) Communicate with your team: “Transparency is key.”

“Communication matters,” Doyle said. He was seconded by Andy Miller, chief innovation architect at Constant Contact, a company that helps its clients with marketing campaigns. Miller encouraged leaders of startups to share the good and the bad with their employees, if they want to build trust and loyalty. “I truly believe that transparency is key,” he said.

4) Be realistic: “Make a ‘to-not-do’ list.”

It can be difficult to admit you’re not good at something; especially when that means relinquishing control over part of your business to someone more capable than you.

“What are you good at? And how is that likely to mesh with the stages of your business? Are you good at getting something off the ground? Or maybe you aren’t really good at managing people,” Doyle said. “Understanding where you are and what your talents are in the life-cycle of business is really important to know.”

Levin said she wished someone had helped her realize sooner that sometimes, “there comes a point in time when you have to recognize that it’s time to bring in a specialist. And sometimes this means you have to give up the stuff that you really love doing.”

Doyle also suggests making a “to-not-do” list, emphasizing that it’s important to eliminate projects that aren’t worth your time. On Doyle’s “to-not-do” list? Getting rid of things that aren’t creative.

5) Know why you’re starting this company: “It’s that passion that’s going to keep you going.”

The reason is different for everyone. Some do it for money, some do it to be their own boss, some do it because they’re passionate about their idea, etc.

“For me, I always started my companies because I came up with an idea and I felt like if I see somebody else doing this I will die. I just would hate that feeling knowing that it was my idea but somebody else is doing it,” said Riley. “It’s that passion that’s going to keep you going.”

Let us know what you think about the story; email Kristen Lee, features writer, or find her on Twitter @Kristen_Lee_34

June 13, 2014  6:09 PM

CIOs’ origin stories and hurdles; lessons from Tweetdeck’s XSS blunder

Fran Sales Fran Sales Profile: Fran Sales
Big Data, Big Data analytics, CIO, IT Strategy, Net Neutrality, XSS attack

Hear, hear, our new slideshow is here! SearchCIO asked top CIOs at last month’s MIT Sloan CIO Symposium: “What was your biggest IT challenge of the past year?” The responses from leading IT execs hailing from Verizon, Fidelity Investments, Cancer Treatment Centers of America and more might surprise you. See how today’s CIOs are tackling digitization, new regulations, evolving customer expectations and more.

We also continued our video series on outstanding CIOs and IT leaders from the symposium. First up: Fidelity Investments CTO Stephen Neff, one of the symposium’s CIO Leadership Award finalists. Executive editor Linda Tucci caught up with Neff to discuss his eventful career trajectory, which began right after he graduated with a math degree from Rutgers and led to various leadership roles in financial services.

We also continued Kristin Darby’s story from last week. The Cancer Treatment Centers of America CIO is no stranger to the demands of both internal and external customers and how they impact strategic priorities. The former accountant told associate editor Emily McLaughlin how she balances those two customer bases and always prioritizes around the patient. And in a third video interview, Darby discusses how digital care has already benefited healthcare organizations and patients, and what barriers must still be overcome.

More on SearchCIO…

In Searchlight, McLaughlin tackles the security implications of the recent Tweetdeck hack and what they mean for other companies’ preparedness plans. The inadvertent hack, which exposed a longstanding XSS flaw in the Twitter application, should remind CIOs that unforeseen IT issues are inevitable, and it’s important to be prepared.

In the latest Data Mill, senior news writer Nicole Laskowski reports on the outlook of the text analytics market, which at first glance appears to be waning. Not so, according to consultant Seth Grimes. Text analytics actually continues to mature under different monikers (such as natural language processing) and is being integrated with other types of data analytics, he says. Plus, learn how data as a service providers are making a name for themselves and how CIO priorities vary by region.

On TotalCIO, features writer Kristen Lee talks about the rising number of companies discovering the value of IT to the business. The numbers don’t lie: the latest U.S. Bureau of Labor Statistics report show full-time hiring is on the rise and part-time positions declining; many of these new hires have both business and IT acumen. The lesson for CIOs: It’s important to be able to know how to manage change.

And on SearchCompliance…

With cyberthreats lurking around every corner, cybersecurity is no longer just the responsibility of IT and security teams. Because a strong security strategy gives the business competitive edge, the business side now has greater stake in technology decisions; thus, it’s more important than ever that audit and security departments align. In this tip, expert Ed Moyle details how audit officers and their security counterparts can take advantage of the other sides’ expertise for mutual strategic benefit.

It’s time for another #GRCchat tweet jam, this time on the zealously debated topic of net neutrality. The Federal Communications Commission’s proposed Open Internet guidelines that allow for Internet service “fast lanes,” should they go through, will surely impact not only organizations’ service performance and innovation projects, but also their information governance. Have thoughts on the proposal? Join the tweet jam Thursday, June 19, 2014 at 12 p.m. EDT and sound off with SearchCompliance editors, experts and contributors.

Thanks for tuning in! Watch out for more news in next week’s Symmetry wrap-up; ’til then, keep up to date on our news and tips by following us on @SearchCIO, @SearchCIOSMB and @ITCompliance.

June 6, 2014  5:57 PM

The journey to becoming a CIO, and what is small data, really?

Fran Sales Fran Sales Profile: Fran Sales
Apple, Big Data, Big Data analytics, CIO, CIO leadership, Cloud accounting, Customer analytics, Data analysis, Data security standards, FTC, Information governance, IT leadership, ITSM, Rogue IT, social media analytics

On SearchCIO, we’re kicking off a series of video interviews from last month’s MIT Sloan CIO Symposium profiling how some notable CIOs got their start.

First up is AT&T CIO and MIT Sloan CIO Leadership Award winner Thaddeus Arroyo, who attributes his lofty rise in IT and becoming a CIO to a “divergent” professional journey that included lateral moves which allowed him to become the well-rounded leader he is today. Arroyo chatted with SearchCIO executive editor Linda Tucci about the benefits of seizing the “least comfortable” career opportunities.

For Dell global CIO Andi Karaboutis, working in the business in various roles and essentially becoming a customer of IT provided her with the “best IT training.” Senior news writer Nicole Laskowski sat down with the CIO Leadership Award finalist to discuss how her stint in the business equipped her with the tools to view IT from a business perspective.

Kristen Darby’s path to CIO for Cancer Treatment Centers of America  started out in her family’s automation and lighting-design business, where she discovered a talent for software development. She pursued accounting before finally rediscovering IT and the benefits it can bring to  healthcare. Check out her interview with assistant editor Emily McLaughlin in which she recounts her IT journey.

And there are more of these videos to come — stay tuned to SearchCIO!

More on SearchCIO…

Come one, come all, and check out our Essential Guide on crafting an enterprise cloud blueprint. In the latest installment in our CIO Briefings series,  get guidance on deciding between public, private and hybrid cloud models; navigating among various as-a-service offerings; choosing from among a plethora of cloud vendors; creating an integration plan; and more.

In Searchlight, McLaughlin ties the value of CIOs developing skills that pertain to various areas of IT to news from Apple’s Worldwide Developers Conference earlier this week. A key takeaway from the conference was Apple’s reveal of its programming language Swift, which lets users create their own apps after they’ve mastered the syntax. The company’s goal, according to the head of Apple’s Developer Tools department, is to make programming fun — and cultivate a generation of future programmers and IT leaders!

Now that big data is part of the IT lexicon, one data expert thinks CIOs should also be paying attention to small data. How exactly are they different, and is small data sometimes better? The answer isn’t as clear-cut as you might think. In this Q&A, Laskowski sits down with Kirk Borne, a George Mason University professor and expert on all things big data, to discuss exactly what small data is.

The words customer analytics usually have people thinking social media, or maybe even just Twitter. But one social media contrarian isn’t buying it — your customer service department might already have the goods, he says. In advance of next week’s Useful Business Analytics Summit in Boston, Laskowski caught up with moderator and customer analytics expert Tom H.C. Anderson to talk about why social media data isn’t always the way to go.

Is your enterprise ready to take advantage of infonomics — in other words, treat your corporate data as an economic asset? In our June CIO Decisions e-zine, we tackled that question and more, including how Dell’s CIO turned her IT team into a business partner; whether more data trumps clean data; and how to cautiously deploy disruptive technologies when taking humans into account. And in the latest CIO Citings, managing editor Rachel Lebeaux gathered some meaty quotes from the last issue. Get insight from various IT leaders and experts on the prevalence of next-generation mobility, big data analytics in more in today’s enterprises.

Our new features writer Kristen Lee is on a roll! On the TotalCIO blog, she writes about the impact of shadow IT on the likelihood of data breaches; according to a recently released study, the probability is three times higher. Get the details and see how you can prevent costly breaches from occurring.

How are new technologies impacting your IT service management (ITSM) strategies? We decided to take that question to the Twittersphere. We also asked tweet jammers for advice on how to account for the resulting technology skills gap. Plus, participants dished on their top sources of stress when crafting ITSM strategies around new technologies, as well as best practices for problem management. In these recaps, see what tweet jam and ITSM expert Jerry Luftman and other #CIOChat participants had to say about revamping current ITSM processes as enterprises digitize.

And on SearchCompliance…

Managing digital records today means facing the ever-increasing costs of business analysis, regulatory compliance and a host of other concerns. Expert contributor Jeffrey Ritter points out that while it’s tempting to jettison traditional records management techniques in companies’ quest to eagerly adopt new technology, there are some tried-and-true information governance strategies they should cling to.

The Federal Trade Commission is taking a more proactive role in protecting consumer data in response to businesses’ widespread data collection and sharing. In the most recent installment of SearchCompliance’s IT Compliance FAQ series, contributor Caron Carlson addresses common questions surrounding how the FTC has focused on the activity of data brokers and other businesses to improve data security and privacy.

That’s all we’ve got for this week! Watch out for more updates in next week’s Symmetry roundup; before then, keep on top of our news and tips by following us on @SearchCIO, @SearchCIOSMB and @ITCompliance.

May 30, 2014  5:21 PM

Big data market in flux; Apple and Google confront diversity in IT

Fran Sales Fran Sales Profile: Fran Sales
Apple, Big Data, CFO, CIO, cybersecurity, Google, Information security, IT outsourcing, IT talent, Risk management

Kicking off this week is SearchCIO senior news writer Nicole Laskowski’s Data Mill, where she addresses a looming question on everyone’s minds during the MIT Sloan CIO Symposium’s big data panel: Is the big data market converging? Learn why the answer isn’t as simple as you might think; plus, find out how Apache Spark competes with MapReduce, what the future could hold for Google’s driverless car, and how digitization is changing competition within — and across — verticals.

Switching gears, Laskowski writes about how the impact of high-profile data breaches (a la Target) has changed the equation in risk management conversation. At Boston’s 2014 CFO Technology Conference, CFOs and other attendees posed questions to security experts on matters ranging from data breaches, passwords, Software as a Service applications and more.

Elsewhere on SearchCIO…

Apple’s buyout of Dr. Dre’s Beats Electronics and Google’s diversity report monopolized tech news this week. In Searchlight, associate editor Emily McLaughlin highlights an important reality behind these headlines: diversity in IT, in more ways than one. Apple’s purchase might seem a blunder at first blush but, as CEO Tim Cook explained, it’s Beats’ people and their creativity that his company is after. And the harsh reality Google’s report illuminated about the lack of diversity in its workforce (already true in many tech firms) has triggered calls to action for greater transparency and turning to untapped talent sources.

What exactly is “fog computing?” features writer Kristen Lee asks in a TotalCIO blog post. Cisco argues it’s synonymous with Internet of Things (IoT), while others, like Forrester’s James Staten, thinks it’s all hype: “What they call fog we already call mobile and IoT.” But regardless of the name, edge computing is a notion CIOs should consider as more and more devices (like jet engines!) become part of IoT and data continues to balloon.

If there’s one thing we learned at last week’s MIT conference, it’s all about the customer, and a small jeweler business is taking this to heart with its social media strategy. Contributor Christine Parizo recounts how Wixon Jewelers uses social media monitoring and engagement to manage its online reputation and ensure its customers are happy.

How can global sourcing give your company a competitive advantage? Next week’s World BPO/ITO Forum might provide the answer. Editorial director Christina Torode previews the show and its focus on innovative sourcing strategies in an interview with speaker Vishal Ahluwalia.

On that sourcing note, if you’re thinking of taking advantage of cloud and are looking to brush up on the facts, look no further than SearchCIO’s quiz. Review our recent coverage and get some guidance on just what moving some or all your apps or infrastructure to the cloud might mean for your IT staff, business operations, service delivery and bottom line.

We’ve covered aplenty how a strong security strategy can give enterprises a competitive edge, but how exactly can a small business with limited resources leverage security as an asset? Executive editor Linda Tucci talks to Robert Jimenez, IT specialist at Scooterbug, about how he invested in cloud-based security to do just that.

Your turn: If you’re unsure whether your security program can go head to head with today’s breed of cybercrime, have we got a tool for you! Check out SearchCIO’s cybersecurity quiz to review our recent stories and get up to speed on why a strong cybersecurity strategy is valuable to your business and your customers.

Heading over to SearchCompliance…

Today’s digital market, in which consumers and machines are increasingly connected, “data is the new currency,” aptly put by Dell CIO Andi Karaboutis. This means data breaches are a dime a dozen. From MIT’s symposium, associate editor Fran Sales covers panelists’ take on how CIOs and compliance officers should face their fears and take a proactive risk management approach.

One of the fundamental tools IT should utilize to deal with data- and intelligence-driven threats: systems logging. From the RSA 2014 Conference earlier this year, SearchCompliance caught up with Tenable Network Security’s Marcus J. Ranum to discuss what the CSO calls the most important tool in security and why it’s a key element in building a strong, analytics-driven security strategy.

And that’s a wrap! Stay tuned for next week’s Symmetry roundup; before then, get your fix of news and tips by following us on @SearchCIO, @SearchCIOSMB and @ITCompliance.

May 23, 2014  5:28 PM

In digital transformation, customer engagement and teamwork are key

Fran Sales Fran Sales Profile: Fran Sales
Agile, Big Data analytics, CDO, CFO, CIO, CMO, Customer engagement, Internet of Things, ITSM, VDI

The MIT Sloan CIO Symposium, which focused on how CIOs can use digital technology to help transform their enterprises, dominated conversations across media platforms this week. On SearchCIO, read the five takeaways Senior News Writer Nicole Laskowski gleaned from the show that can help CIOs and other senior execs head up the digital journey, including broader IT-business alignment, creative new channels of customer engagement and more.

On the TotalCIO blog, meet SearchCIO’s brand-new features writer, Kristen Lee! In her take on MIT, Lee concentrates on two themes: One, CIOs need to draw from their peers’ strengths and ideas to bolster their own IT strategies; two, they need to integrate machine smarts into that collective intelligence. She dedicates another blog post to the Internet of Things and the challenges it brings up for CIOs around business process integration, common architecture, security and more.

In the latest Searchlight, Associate Editor Emily McLaughlin gives a rundown of MIT’s lively “CIO, CDO, CMO Perspectives on Digital Transformation” session, where the focus was not on which C-level exec should take the digital helm, but rather on best practices for how each can facilitate a digital transformation across the business. And on TotalCIO, Associate Editor Fran Sales digs into each nugget of advice from the panel, including partnering across functions, measuring customer engagement and more.

Also on Searchlight: other tech headlines from the week, including eBay’s data breach, Martha Stewart’s drone and a calf fitted with (spotted!) high-tech prosthetics.

Elsewhere on SearchCIO…

In his latest column, CTO Niel Nickolaisen tackles today’s digital reality from another angle: looking at the business perks and downsides of our consumer’s digital footprints. On one side of the coin, the rich information from these footprints provides microtargeting fodder for company’s marketing campaigns; on the other is the oft-mentioned issue of privacy.

It doesn’t just take CIOs and IT execs to extract value from big data. A key message at the recent CFO Technology Conference was that CFOs need to get in on the conversation as well. In her latest Data Mill, Laskowski explains that financial execs need to look at how big data funds are distributed, which will help organizations boost IT productivity and effectively extract insight from that data. Plus, she discusses how businesses should leverage online platforms (not ads) to refresh their content marketing campaigns.

Delivering virtual desktop infrastructure has more than nifty technological aspects to offer — it also has the potential to deliver huge business value. In our latest Ask the Expert, CTO Brad Maltz explains why, in today’s consumer-driven IT market, using VDI to deliver on user experience translates into ROI for the business.

Southwest Airlines, Pixar and PayPal may serve different industries, but they’ve got one thing in common, according to expert contributor Joseph Flahiff: They’re agile. In other words, they’re flexible enough to adapt to customer needs or industry changes such as mobile. Read Flahiff’s tip on the four aspects of agility to learn how to make your business nimble.

The demands of increasing data and technology innovations has CIO expert Harvey Koeppel waxing urgent about the value of modernizing business processes, particularly in the realm of IT service management (ITSM). In our latest CIO Matters column, read Koeppel’s take on how customer expectations, the cost of service delivery and newer skill sets factor into the necessity of constantly evolving your ITSM practices.

Now, we want your take: How do you think CIOs must adapt their current ITSM processes to today’s reality of mobile, cloud and anytime-anywhere computing — not to mention the ever-present IT skills gap? Join us and our tweet jam expert, Jerry Luftman, founder of the Global Institute for IT Management, for our next #CIOChat Wednesday, May 28, at 3 p.m. EDT and share your thoughts on how IT leaders must transform their ITSM processes.

In SearchCompliance matters…

Since the 2008 financial crisis, the U.S. Securities and Exchange Commission has been emphasizing the role that corporate culture plays in its investigations. On our IT Compliance Advisor blog, Site Editor Ben Cole describes why, given the SEC’s emphasis on transparency and a willingness to cooperate, it’s important to build your culture around business ethics rather than financial gain.

For this month’s #GRCchat, we recruited former Federal Communications Commission CIO Robert Naylor as our tweet jam expert on the topic of minimizing data breaches’ impact on businesses. Check out our latest recap to get Naylor’s and other tweet jammers’ two cents on balancing network monitoring with budget restrictions, as well as using risk assessments to prioritize areas that need protection.

That’s all the news we’ve got this week! Catch us again at next week’s Symmetry roundup; in the meantime, get your fix of news and tips by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

May 16, 2014  5:11 PM

The future is nigh: IoT, wearable tech, open APIs and other disruptors

Fran Sales Fran Sales Profile: Fran Sales
Application Programming Interface, CIO, cybersecurity, Data Analytics, GRC strategy, Internet of Things, PCI compliance, User experience

The future looms large this week on SearchCIO – starting with recent findings from a Pew Research survey indicating that IT and everyday life will be infiltrated by wearable tech and the Internet of Things (IoT) in the next decade. In this week’s Searchlight, Associate Editor Emily McLaughlin writes how these disruptors will pose yet another challenge for CIOs as they tackle the techs’ security risks and big data implications. Also headlining: The FCC approves rules that allow pay-for-priority on the Net; in wake of Jill Abramson’s replacement at The New York Times, the paper focuses on digital strategy; and a text-911 plan starts to roll out.

Another disruptor stole the limelight at TechCrunch Disrupt New York, where Senior News Writer Nicole Laskowski homed in on a feature many intrepid startups have in common: the leading role application programming interfaces (APIs) play in their mobile apps. APIs allow these startups to achieve two things: improve customer experience on the front end and build deeper relationships with their service providers on the back end. Read about open APIs and other disruptive technologies from the show in this week’s Data Mill.

Our April tweet jam on prescriptive analytics found participants waxing poetic about the importance of building trust by demonstrating the value of good data through open conversation; trust is an equally important player to well-crafted algorithms when it comes to data decision making. Executive Editor Linda Tucci asked whether machines will take over in the next stage of prescriptive analytics, but tweet jam expert Tom Doub believes a “new normal” of human-machine interaction will take place, as it has in years past.

In other SearchCIO happenings…

In the latest profile in our CIO Innovators series, Tucci chats with Sigal Zarmi, CIO of GE Capital Americas, about how she balances her two customer bases: internal employees and the business’ external customers. Find out how Zarmi boosts internal productivity by improving customer experience – for example, by automating internal processes through GE Americas’ self-service site.

Over at TotalCIO, Laskowski digs deeper into TechCrunch Disrupt’s theme of user experience by looking at the rocky road that Jawbone, known for its wireless speakers and activity-tracking wristbands, took from a military consumer base to a civilian one. Find out how, by getting hardware, software and data teams to focus on the common goal of customer experience, Jawbone’s CEO was able to get them to start learning from each other.

Over at SearchCompliance…

Site Editor Ben Cole sat down with Branden Williams, EVP of strategy for compliance service provider Sysnet, at this year’s RSA conference to talk payment card industry (PCI) cybersecurity strategy in the face of increasingly sophisticated cyberthreats. Check out this Q&A to get Williams’ take on overcoming PCI compliance hurdles, addressing emerging cyberthreats, and leveraging analytics-driven security methods.

As an increasing number of businesses move their operations to the cloud, governance, risk management and compliance (GRC), as well as thorough vetting of cloud providers, are now even more crucial players in ensuring data security. Contributor Christine Parizo looks at questions to ask providers, how organizations can maintain cloud GRC and how to mitigate risks inherent in various cloud models.

That’s it from me! Until next week’s Symmetry roundup, get your news and tips fixin’s by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

May 9, 2014  4:55 PM

Measure your data assets’ value; the net neutrality debate rages on

Fran Sales Fran Sales Profile: Fran Sales

How valuable is your data? If you’re a CIO or chief financial officer and manage data every day, you’d probably say very  — which begs the next question: Exactly how much value does your data have? Infonomics, or the economics of data information, could help you answer that question. SearchCIO Senior News Writer Nicole Laskowski details how data can boost your market value. In part two of her feature, Gartner analyst Doug Laney lists six ways CIOs can measure the value of their data assets.

To that end, what should you do with all your open data? In this week’s Data Mill, Laskowski has the answers, culled from Laney’s presentation at the recent Gartner Business Intelligence and Analytics Summit. Laney lays out a number of use cases that have leveraged open data to create benchmarks, develop predictive indicators, generate ideas and more. Laskowski also recently shared analyst Don Sommer’s “tipping points” that will shake the BI and analytics market — and readers had a lot to say about it. In the latest CIO Chatter, we dug into the reader buzz on the battle between old and new BI vendors.

In this consumer age, perhaps it’s no surprise that data discovery is shifting into the hands of customers. Laskowski blogged from TechCrunch’s Disrupt New York conference, where she explored the potentially disruptive “discovery retail” business of Birchbox and how its consumers are taking advantage of the company’s data-driven business model.

Elsewhere on SearchCIO…

Get ’em while they’re hot off the e-presses! May’s CIO Decisions e-zine focuses on the latest in innovative and disruptive technologies: Find out how the mobility age should skew CIOs’ mobile strategies toward the customer, how the connected car is reshaping business for better or worse, and more. Then, download a copy of SearchCIO’s latest handbook on cybersecurity strategy, where, in light of the changing face of cyberthreats, we offer advice on how to use a strong cybersecurity program as a competitive differentiator.

This week’s Searchlight column addresses the public uproar this week over the Federal Communications Commission (FCC) chairman’s proposed net neutrality rules. Chairman Tom Wheeler’s proposal — a set of Open Internet rules that might allow companies to pay for high-speed access to their content — has drawn opposition from various individuals, companies and interest groups, among them Amazon, Facebook and Google. Plus, read about the sign-off of Target’s CEO, leaked info on Amazon’s 3-D smartphone and more in this piece by Associate Editor Emily McLaughlin.

SearchCIO’s Essential Guide on enterprise IT sourcing strategy, the latest installment in our CIO Briefings series, targets IT sourcing from all angles, including business process outsourcing, video advice from experts, the use of cloud services, the fine print behind an IT sourcing strategy and more.

One of the leading questions in last week’s #CIOChat on prescriptive analytics concerned whether this brand of business analytics can be applied to all industries. Centerstone Research Institute CEO Tom Doub, our tweet jam expert, as well as other practiced participants, agreed: While it’s good to take precautions (Target’s diaper analytics snafu comes to mind), the pros of prescriptive analytics can outweigh any of its potential restrictions. We also discussed how using the right data mining algorithms can spell out competitive advantage.

Finally, in CIO Citings, Managing Editor Rachel Lebeaux tackles the question: Can prescriptive analytics — the brand of BI that predicts the best course of action using existing data — really work for your industry? Luckily, this collection of quotes from experts who use prescriptive analytics across a broad range of industries — including a media company and a nonprofit institute targeting healthcare — should set your minds at ease.

Let’s head over to SearchCompliance…

It’s no surprise information managers are constantly besot with requests to enable more and more workers’ personal devices. Doing so, however, exposes companies to significant risk and regulatory complications — which is where a strong information governance and mobile strategy comes into play. In this SearchCompliance tip, expert Jeffrey Ritter details the policies and procedures enterprises should have in place to avoid bring-your-own-device snags.

Another issue with which organizations must contend in today’s ever-changing security landscape: the sheer number of regulatory mandates to which they must adhere. In this SearchCompliance video, Site Editor Ben Cole speaks with Brian O’Hara, chief information security officer at security consulting firm Mako Group, about the steps businesses must take to adapt in this landscape and how to dovetail governance, risk and compliance (GRC) processes with their overarching business strategy.

Harken, tweet jammers! Former FCC CIO Robert Naylor will be our guest expert in SearchCompliance’s upcoming #GRCchat, hosted by @ITCompliance. On Thursday, March 15, at 12 p.m. EDT, join us as we chat about the timely topic of mitigating the business impacts of information security breaches.

And that’s all, folks. Catch me on next week’s Symmetry roundup; until then, get your fix of our news and tips by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

May 9, 2014  12:33 PM

Birchbox delivers data-driven beauty to your doorstep

Nicole Laskowski Nicole Laskowski Profile: Nicole Laskowski

Data scientists know that rich, interactive visualizations can turn complex data sets into something employees (of all backgrounds) can dig in to and discover new insights and ask new questions of. But maybe it’s time to deliver that same kind of “discovery” service into the hands of customers for other than data mining purposes.

Meet Katia Beauchamp and Hayley Barna, co-founders of Birchbox, a “discovery retail” cosmetics business launched in 2010. Customers who sign on to the Birchbox service receive a box every month containing four or five cosmetic, grooming or lifestyle samples. Customers get a chance to try something they’ve never bought before — without making a costly, up-front investment. If they like it, customers can return to the Birchbox site to buy a full-sized version, or go to any other retail outlet, for that matter, to make their purchase.


“The mission behind Birchbox is to make it easy, efficient and fun to buy beauty products online,” Barna said at TechCrunch’s Disrupt New York earlier this week.

What will come as no surprise to CIOs and IT leaders is the potent ingredient at the center of the Birchbox business model: Data. “We are data junkies!” Beauchamp recently exclaimed on Twitter. And when faced with a question at Disrupt New York about a Birchbox contingency plan if consumers scale back their cosmetic cravings, Beauchamp turned to data. “No need for a contingency plan,” she said. “We continue to monitor how consumers are spending their time with us, how they’re spending their money with us, and that informs what goes into the box. We will always be data driven.”

The co-founders see the boxes as “the beginning of the conversation we have every month with our customers,” Beauchamp said at Disrupt New York. And, based on data alone, it’s a conversation that’s getting louder and louder. To date, Birchbox has 800,000 paid subscribers who receive a box every month, according to Barna. And, starting this summer, customers in the New York City area will be able to visit the first Birchbox brick-and-mortar store, where data will play a big role in helping Barna and Beauchamp measure the store’s success.

“For us, we’re thinking about it as a laboratory,” Barna said.

“We’re going to see the numbers and how it will impact our online business, customer acquisition, the lifetime value of businesses who engages with us in that space,” Beauchamp said.

Those kind of data points are, no doubt, helping attract investor interest. Last month, Birchbox raised $60 million in a Series B funding round from firms such as Viking Global Investors and First Round Capital.

The funds will be used to grow the discovery retail business, Beauchamp said at Disrupt New York. That could, in part, help finance future acquisitions — specifically those that will push Birchbox into new markets. In 2012, Beauchamp and Barna picked up the Paris-based JolieBox, which paved the way for Birchbox to sell services and products in France, Spain and the United Kingdom. While the acquisition made good business sense, it also benefitted the Birchbox customer base.

“Through our expansion to Europe, we were able to bring European brands to the United States for the first time,” Barna said. “It’s been great for our customers.”

She probably has data to back up a statement like that one.

May 2, 2014  4:09 PM

CDO role on the rise, security in the limelight, and more

Fran Sales Fran Sales Profile: Fran Sales

Are chief digital officers a boon to the business, or might they eventually be the bane of the CIO? That’s one of many questions we explored on SearchCIO this week.

Digital strategy is where it’s at; combine that with customer engagement and you have a winning formula. Just ask Taco Bell, which posted on Facebook its exchange with a customer about his request for a customized speedo; unsurprisingly, user interaction exploded. In this week’s Data Mill, Senior News Writer Nicole Laskowski digs into how the organizations can take advantage of that winning formula in the form of the chief digital officer (CDO).

Indeed, with digital innovation topping companies’ priority lists, the glamorous-sounding CDO role is rapidly growing. But it won’t always be so rosy for the CDO, panelists at the recent CDO Summit in New York agreed: As organizations go all-digital, other chief officer roles likely will evolve to take on digital responsibilities, leaving less and less for the CDO role to manage. Check out Associate Editor Emily McLaughlin’s tweet-laced coverage in this conference recap.

Elsewhere on SearchCIO…
Security takes center stage (once again!) in this week’s Searchlight. In the wake of last year’s epic credit-card breach, retail giant Target is rebounding with its biggest move yet: appointing heavyweight Bob DeRodes as new CIO. Target’s CEO says that DeRodes, who was a senior information technology advisor to multiple government bodies, is well-positioned to “lead our continued breach responses and guide our long-term digital strategy.” Read the full column and find out what else the Web is buzzing about this week.

Speaking of data breaches, it’s time to go back to the basics to combat today’s breed of data-driven cybercrime. That was IT execs’ resounding response when asked what new security technologies they recommend. In our latest Future State column, Editorial Director Christina Torode explores how security oldies-but-goodies such as systems logging are worthy means of battling data-driven security problems.

On that note: If you’re using cloud, you’ve probably heard that security breaches are almost inevitable, so how should you prepare for sneak attacks and mitigate the consequences? Security experts offer their advice in the latest CIO Symmetry blog post by Laskowski.

Our CTO contributor Niel Nickolaisen has a few things to say about cybersecurity as well. He advises fellow IT leaders to adopt a hybrid security approach, relying on both experts’ knowledge and your own homegrown intelligence. Read his tip on how to use risk assessment profiling as a foundation for a strong hybrid strategy.

It’s no surprise security is a point of focus this week — and really, this year. Check out the results of TechTarget’s recent survey of enterprise IT priorities for 2014 and you’ll see that various security initiatives — including mobile and network security — easily make the top 10. Click through our slideshow by Associate Editor Fran Sales for more on enterprise tech investments in 2014.

Other SearchCIO happenings…
Thanks to the monopolies of cable TV, we buy ridiculous cable bundles of 200+ channels even though many of us would be happy with just five. Are Internet service providers (ISPs) headed in the same direction? In this week’s CIO Matters column, guest CIO contributor and “netizen” Ravi Ravishanker examines the implications of the D.C. Circuit Court of Appeals’ ruling, which found that the Federal Communications Commission can’t impose net neutrality on ISPs. Find out how that could lead them to serve up preferential treatment to companies with the big bucks.

It’s quiz time again! The IT outsourcing landscape is constantly evolving and there are ever-more components to consider, so review our recent coverage and make sure you’re up to date on outsourcing management considerations.

Over on SearchCompliance…
Security is dominating the compliance sphere as well, as seen in the rise in intelligence-driven security. SearchCompliance editor Ben Cole sat down with Kim Jones, chief security officer and senior vice president Vantiv Company LLC, at the RSA 2014 Conference to discuss what counts as intelligence-driven security, its limits and how to use it to drive sound decisions.

Meanwhile, the latest installment in the IT Compliance FAQ series answers the top questions on Heartbleed, the OpenSSL bug experts are calling one of the worst in Internet history. Make sure you’re aware of its ins and outs and that you’ve taken the steps necessary to address potential vulnerabilities.

And onto chattier matters: If you missed last week’s #GRCchat on Twitter, our tweet jam recap has all the juicy info on the role of information governance in meeting GRC requirements in the digital, big data age. Calendar note: Quell your #GRCchat hankerings with our next SearchCompliance tweet jam, scheduled for May 15 at 12 p.m. EST (topic TBD).

Stay tuned for next week’s CIO Symmetry roundup, and stay on top of our news and tips by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

April 28, 2014  7:38 PM

How to prepare your business for a cloud security breach

Nicole Laskowski Nicole Laskowski Profile: Nicole Laskowski

It’s not if, it’s when. That’s how a Massachusetts Technology Leadership Council panel of security experts talked about the potential for security breaches in the cloud. That inevitability might be one of the reasons why enterprise CIOs are still reluctant (though less so than they used to be) to head to the cloud, a luxury small and mid-sized businesses simply cannot afford. The good news for those in charge of SMB IT: There are ways to diligently prepare for a sneak attack that can help mitigate the potential damage.

In this SearchCIO small business IT tip, Nick (aka Rattle) Levay, CSO at security provider Bit9 in Waltham, Mass.; Chris Ray, chief information security officer for targeted marketing firm Epsilon; and Chris Wysopal, co-founder and CTO at Software as a Service security provider Veracode, address the question: “How do you prepare your company to respond to a breach?” Here are their pointers:

Reach out to business teams, law enforcement and security trainers

Chris Ray

Chris Ray, CISO, Epsilon

Chris Ray: Make sure you have other departments involved up front [such as] legal and corporate communications. Have a preexisting relationship with external law enforcement, consult with them. … I’m also a firm believer that if you don’t have a large team, leverage someone else and do not take this all upon yourself. There are plenty of companies out there that have forensic retainer services. Get that in place [because] when something happens, you don’t want to be scrambling around trying to get a contract signed. Have someone available. And when you do a retainer-type service, they’ll offer so many hours of free training to help you in your program. Having that in place is, by far, one of the most important things to make sure you do.

Visualize worst case scenarios

Nick Levay

Nick Levay, CSO, Bit9

Nick Levay: I understand that a lot of small organizations can’t do a full written response plan, but as someone whose responsibility it is to do security, you should spend some time working through some of your worst-case scenarios and doing mental preparations. That’s because at any given point, you could come into work one day and find out it just turned into the worst day in your career. At that time, it’s going to be important to senior management that you are calm and in control. If you can do that, all of those interactions with executives, help desk, the legal department … all of that stuff gets easier if you can convey calm and control. The only way you can do that is by working through worst-case scenarios in your head.

Organize drills to provide hands-on experience

Chris Wysopal

Chris Wysopal, co-founder and CTO, Veracode

Chris Wysopal: One of the things we do, and we do this quarterly, are “table top exercises.” So we all get into the board room — the security team, people from IT, people from corporate communications, the corporate council — and come up with the different scenarios that could potentially happen. Usually it’s about a two- to three-hour exercise, and the person leading rolls out the information you’re discovering. I guess it helps if you play Dungeons & Dragons. It’s been very helpful for us when we’ve had incidents that just resulted in downtime that could have been a security incident but turned out to be some sort of human error. Having those processes in place so people know to get together and work through it is invaluable.

Get to know the business

Levay: If you’re in charge of security and response for a company, you have to understand the business. If you are a pure technical person and you only understand the technical infrastructure and you don’t understand how the business works, it’s going to be hard to run a security response. That’s one of the things about practicing security that makes it so intellectually challenging when you really get to the management levels: You need to understand the business really well. Not necessarily as well as the CEO or the CFO does, but you need to understand the business mechanics: where the money flows, where the crown jewels are, how the groups interact with each other. Otherwise, you’re not going to be able to make informed decisions.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: