CIO Symmetry

May 23, 2014  5:28 PM

In digital transformation, customer engagement and teamwork are key

Fran Sales Fran Sales Profile: Fran Sales
Agile, Big Data analytics, CDO, CFO, CIO, CMO, Customer engagement, Internet of Things, ITSM, VDI

The MIT Sloan CIO Symposium, which focused on how CIOs can use digital technology to help transform their enterprises, dominated conversations across media platforms this week. On SearchCIO, read the five takeaways Senior News Writer Nicole Laskowski gleaned from the show that can help CIOs and other senior execs head up the digital journey, including broader IT-business alignment, creative new channels of customer engagement and more.

On the TotalCIO blog, meet SearchCIO’s brand-new features writer, Kristen Lee! In her take on MIT, Lee concentrates on two themes: One, CIOs need to draw from their peers’ strengths and ideas to bolster their own IT strategies; two, they need to integrate machine smarts into that collective intelligence. She dedicates another blog post to the Internet of Things and the challenges it brings up for CIOs around business process integration, common architecture, security and more.

In the latest Searchlight, Associate Editor Emily McLaughlin gives a rundown of MIT’s lively “CIO, CDO, CMO Perspectives on Digital Transformation” session, where the focus was not on which C-level exec should take the digital helm, but rather on best practices for how each can facilitate a digital transformation across the business. And on TotalCIO, Associate Editor Fran Sales digs into each nugget of advice from the panel, including partnering across functions, measuring customer engagement and more.

Also on Searchlight: other tech headlines from the week, including eBay’s data breach, Martha Stewart’s drone and a calf fitted with (spotted!) high-tech prosthetics.

Elsewhere on SearchCIO…

In his latest column, CTO Niel Nickolaisen tackles today’s digital reality from another angle: looking at the business perks and downsides of our consumer’s digital footprints. On one side of the coin, the rich information from these footprints provides microtargeting fodder for company’s marketing campaigns; on the other is the oft-mentioned issue of privacy.

It doesn’t just take CIOs and IT execs to extract value from big data. A key message at the recent CFO Technology Conference was that CFOs need to get in on the conversation as well. In her latest Data Mill, Laskowski explains that financial execs need to look at how big data funds are distributed, which will help organizations boost IT productivity and effectively extract insight from that data. Plus, she discusses how businesses should leverage online platforms (not ads) to refresh their content marketing campaigns.

Delivering virtual desktop infrastructure has more than nifty technological aspects to offer — it also has the potential to deliver huge business value. In our latest Ask the Expert, CTO Brad Maltz explains why, in today’s consumer-driven IT market, using VDI to deliver on user experience translates into ROI for the business.

Southwest Airlines, Pixar and PayPal may serve different industries, but they’ve got one thing in common, according to expert contributor Joseph Flahiff: They’re agile. In other words, they’re flexible enough to adapt to customer needs or industry changes such as mobile. Read Flahiff’s tip on the four aspects of agility to learn how to make your business nimble.

The demands of increasing data and technology innovations has CIO expert Harvey Koeppel waxing urgent about the value of modernizing business processes, particularly in the realm of IT service management (ITSM). In our latest CIO Matters column, read Koeppel’s take on how customer expectations, the cost of service delivery and newer skill sets factor into the necessity of constantly evolving your ITSM practices.

Now, we want your take: How do you think CIOs must adapt their current ITSM processes to today’s reality of mobile, cloud and anytime-anywhere computing — not to mention the ever-present IT skills gap? Join us and our tweet jam expert, Jerry Luftman, founder of the Global Institute for IT Management, for our next #CIOChat Wednesday, May 28, at 3 p.m. EDT and share your thoughts on how IT leaders must transform their ITSM processes.

In SearchCompliance matters…

Since the 2008 financial crisis, the U.S. Securities and Exchange Commission has been emphasizing the role that corporate culture plays in its investigations. On our IT Compliance Advisor blog, Site Editor Ben Cole describes why, given the SEC’s emphasis on transparency and a willingness to cooperate, it’s important to build your culture around business ethics rather than financial gain.

For this month’s #GRCchat, we recruited former Federal Communications Commission CIO Robert Naylor as our tweet jam expert on the topic of minimizing data breaches’ impact on businesses. Check out our latest recap to get Naylor’s and other tweet jammers’ two cents on balancing network monitoring with budget restrictions, as well as using risk assessments to prioritize areas that need protection.

That’s all the news we’ve got this week! Catch us again at next week’s Symmetry roundup; in the meantime, get your fix of news and tips by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

May 16, 2014  5:11 PM

The future is nigh: IoT, wearable tech, open APIs and other disruptors

Fran Sales Fran Sales Profile: Fran Sales
Application Programming Interface, CIO, cybersecurity, Data Analytics, GRC strategy, Internet of Things, PCI compliance, User experience

The future looms large this week on SearchCIO – starting with recent findings from a Pew Research survey indicating that IT and everyday life will be infiltrated by wearable tech and the Internet of Things (IoT) in the next decade. In this week’s Searchlight, Associate Editor Emily McLaughlin writes how these disruptors will pose yet another challenge for CIOs as they tackle the techs’ security risks and big data implications. Also headlining: The FCC approves rules that allow pay-for-priority on the Net; in wake of Jill Abramson’s replacement at The New York Times, the paper focuses on digital strategy; and a text-911 plan starts to roll out.

Another disruptor stole the limelight at TechCrunch Disrupt New York, where Senior News Writer Nicole Laskowski homed in on a feature many intrepid startups have in common: the leading role application programming interfaces (APIs) play in their mobile apps. APIs allow these startups to achieve two things: improve customer experience on the front end and build deeper relationships with their service providers on the back end. Read about open APIs and other disruptive technologies from the show in this week’s Data Mill.

Our April tweet jam on prescriptive analytics found participants waxing poetic about the importance of building trust by demonstrating the value of good data through open conversation; trust is an equally important player to well-crafted algorithms when it comes to data decision making. Executive Editor Linda Tucci asked whether machines will take over in the next stage of prescriptive analytics, but tweet jam expert Tom Doub believes a “new normal” of human-machine interaction will take place, as it has in years past.

In other SearchCIO happenings…

In the latest profile in our CIO Innovators series, Tucci chats with Sigal Zarmi, CIO of GE Capital Americas, about how she balances her two customer bases: internal employees and the business’ external customers. Find out how Zarmi boosts internal productivity by improving customer experience – for example, by automating internal processes through GE Americas’ self-service site.

Over at TotalCIO, Laskowski digs deeper into TechCrunch Disrupt’s theme of user experience by looking at the rocky road that Jawbone, known for its wireless speakers and activity-tracking wristbands, took from a military consumer base to a civilian one. Find out how, by getting hardware, software and data teams to focus on the common goal of customer experience, Jawbone’s CEO was able to get them to start learning from each other.

Over at SearchCompliance…

Site Editor Ben Cole sat down with Branden Williams, EVP of strategy for compliance service provider Sysnet, at this year’s RSA conference to talk payment card industry (PCI) cybersecurity strategy in the face of increasingly sophisticated cyberthreats. Check out this Q&A to get Williams’ take on overcoming PCI compliance hurdles, addressing emerging cyberthreats, and leveraging analytics-driven security methods.

As an increasing number of businesses move their operations to the cloud, governance, risk management and compliance (GRC), as well as thorough vetting of cloud providers, are now even more crucial players in ensuring data security. Contributor Christine Parizo looks at questions to ask providers, how organizations can maintain cloud GRC and how to mitigate risks inherent in various cloud models.

That’s it from me! Until next week’s Symmetry roundup, get your news and tips fixin’s by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

May 9, 2014  4:55 PM

Measure your data assets’ value; the net neutrality debate rages on

Fran Sales Fran Sales Profile: Fran Sales

How valuable is your data? If you’re a CIO or chief financial officer and manage data every day, you’d probably say very  — which begs the next question: Exactly how much value does your data have? Infonomics, or the economics of data information, could help you answer that question. SearchCIO Senior News Writer Nicole Laskowski details how data can boost your market value. In part two of her feature, Gartner analyst Doug Laney lists six ways CIOs can measure the value of their data assets.

To that end, what should you do with all your open data? In this week’s Data Mill, Laskowski has the answers, culled from Laney’s presentation at the recent Gartner Business Intelligence and Analytics Summit. Laney lays out a number of use cases that have leveraged open data to create benchmarks, develop predictive indicators, generate ideas and more. Laskowski also recently shared analyst Don Sommer’s “tipping points” that will shake the BI and analytics market — and readers had a lot to say about it. In the latest CIO Chatter, we dug into the reader buzz on the battle between old and new BI vendors.

In this consumer age, perhaps it’s no surprise that data discovery is shifting into the hands of customers. Laskowski blogged from TechCrunch’s Disrupt New York conference, where she explored the potentially disruptive “discovery retail” business of Birchbox and how its consumers are taking advantage of the company’s data-driven business model.

Elsewhere on SearchCIO…

Get ’em while they’re hot off the e-presses! May’s CIO Decisions e-zine focuses on the latest in innovative and disruptive technologies: Find out how the mobility age should skew CIOs’ mobile strategies toward the customer, how the connected car is reshaping business for better or worse, and more. Then, download a copy of SearchCIO’s latest handbook on cybersecurity strategy, where, in light of the changing face of cyberthreats, we offer advice on how to use a strong cybersecurity program as a competitive differentiator.

This week’s Searchlight column addresses the public uproar this week over the Federal Communications Commission (FCC) chairman’s proposed net neutrality rules. Chairman Tom Wheeler’s proposal — a set of Open Internet rules that might allow companies to pay for high-speed access to their content — has drawn opposition from various individuals, companies and interest groups, among them Amazon, Facebook and Google. Plus, read about the sign-off of Target’s CEO, leaked info on Amazon’s 3-D smartphone and more in this piece by Associate Editor Emily McLaughlin.

SearchCIO’s Essential Guide on enterprise IT sourcing strategy, the latest installment in our CIO Briefings series, targets IT sourcing from all angles, including business process outsourcing, video advice from experts, the use of cloud services, the fine print behind an IT sourcing strategy and more.

One of the leading questions in last week’s #CIOChat on prescriptive analytics concerned whether this brand of business analytics can be applied to all industries. Centerstone Research Institute CEO Tom Doub, our tweet jam expert, as well as other practiced participants, agreed: While it’s good to take precautions (Target’s diaper analytics snafu comes to mind), the pros of prescriptive analytics can outweigh any of its potential restrictions. We also discussed how using the right data mining algorithms can spell out competitive advantage.

Finally, in CIO Citings, Managing Editor Rachel Lebeaux tackles the question: Can prescriptive analytics — the brand of BI that predicts the best course of action using existing data — really work for your industry? Luckily, this collection of quotes from experts who use prescriptive analytics across a broad range of industries — including a media company and a nonprofit institute targeting healthcare — should set your minds at ease.

Let’s head over to SearchCompliance…

It’s no surprise information managers are constantly besot with requests to enable more and more workers’ personal devices. Doing so, however, exposes companies to significant risk and regulatory complications — which is where a strong information governance and mobile strategy comes into play. In this SearchCompliance tip, expert Jeffrey Ritter details the policies and procedures enterprises should have in place to avoid bring-your-own-device snags.

Another issue with which organizations must contend in today’s ever-changing security landscape: the sheer number of regulatory mandates to which they must adhere. In this SearchCompliance video, Site Editor Ben Cole speaks with Brian O’Hara, chief information security officer at security consulting firm Mako Group, about the steps businesses must take to adapt in this landscape and how to dovetail governance, risk and compliance (GRC) processes with their overarching business strategy.

Harken, tweet jammers! Former FCC CIO Robert Naylor will be our guest expert in SearchCompliance’s upcoming #GRCchat, hosted by @ITCompliance. On Thursday, March 15, at 12 p.m. EDT, join us as we chat about the timely topic of mitigating the business impacts of information security breaches.

And that’s all, folks. Catch me on next week’s Symmetry roundup; until then, get your fix of our news and tips by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

May 9, 2014  12:33 PM

Birchbox delivers data-driven beauty to your doorstep

Nicole Laskowski Nicole Laskowski Profile: Nicole Laskowski

Data scientists know that rich, interactive visualizations can turn complex data sets into something employees (of all backgrounds) can dig in to and discover new insights and ask new questions of. But maybe it’s time to deliver that same kind of “discovery” service into the hands of customers for other than data mining purposes.

Meet Katia Beauchamp and Hayley Barna, co-founders of Birchbox, a “discovery retail” cosmetics business launched in 2010. Customers who sign on to the Birchbox service receive a box every month containing four or five cosmetic, grooming or lifestyle samples. Customers get a chance to try something they’ve never bought before — without making a costly, up-front investment. If they like it, customers can return to the Birchbox site to buy a full-sized version, or go to any other retail outlet, for that matter, to make their purchase.


“The mission behind Birchbox is to make it easy, efficient and fun to buy beauty products online,” Barna said at TechCrunch’s Disrupt New York earlier this week.

What will come as no surprise to CIOs and IT leaders is the potent ingredient at the center of the Birchbox business model: Data. “We are data junkies!” Beauchamp recently exclaimed on Twitter. And when faced with a question at Disrupt New York about a Birchbox contingency plan if consumers scale back their cosmetic cravings, Beauchamp turned to data. “No need for a contingency plan,” she said. “We continue to monitor how consumers are spending their time with us, how they’re spending their money with us, and that informs what goes into the box. We will always be data driven.”

The co-founders see the boxes as “the beginning of the conversation we have every month with our customers,” Beauchamp said at Disrupt New York. And, based on data alone, it’s a conversation that’s getting louder and louder. To date, Birchbox has 800,000 paid subscribers who receive a box every month, according to Barna. And, starting this summer, customers in the New York City area will be able to visit the first Birchbox brick-and-mortar store, where data will play a big role in helping Barna and Beauchamp measure the store’s success.

“For us, we’re thinking about it as a laboratory,” Barna said.

“We’re going to see the numbers and how it will impact our online business, customer acquisition, the lifetime value of businesses who engages with us in that space,” Beauchamp said.

Those kind of data points are, no doubt, helping attract investor interest. Last month, Birchbox raised $60 million in a Series B funding round from firms such as Viking Global Investors and First Round Capital.

The funds will be used to grow the discovery retail business, Beauchamp said at Disrupt New York. That could, in part, help finance future acquisitions — specifically those that will push Birchbox into new markets. In 2012, Beauchamp and Barna picked up the Paris-based JolieBox, which paved the way for Birchbox to sell services and products in France, Spain and the United Kingdom. While the acquisition made good business sense, it also benefitted the Birchbox customer base.

“Through our expansion to Europe, we were able to bring European brands to the United States for the first time,” Barna said. “It’s been great for our customers.”

She probably has data to back up a statement like that one.

May 2, 2014  4:09 PM

CDO role on the rise, security in the limelight, and more

Fran Sales Fran Sales Profile: Fran Sales

Are chief digital officers a boon to the business, or might they eventually be the bane of the CIO? That’s one of many questions we explored on SearchCIO this week.

Digital strategy is where it’s at; combine that with customer engagement and you have a winning formula. Just ask Taco Bell, which posted on Facebook its exchange with a customer about his request for a customized speedo; unsurprisingly, user interaction exploded. In this week’s Data Mill, Senior News Writer Nicole Laskowski digs into how the organizations can take advantage of that winning formula in the form of the chief digital officer (CDO).

Indeed, with digital innovation topping companies’ priority lists, the glamorous-sounding CDO role is rapidly growing. But it won’t always be so rosy for the CDO, panelists at the recent CDO Summit in New York agreed: As organizations go all-digital, other chief officer roles likely will evolve to take on digital responsibilities, leaving less and less for the CDO role to manage. Check out Associate Editor Emily McLaughlin’s tweet-laced coverage in this conference recap.

Elsewhere on SearchCIO…
Security takes center stage (once again!) in this week’s Searchlight. In the wake of last year’s epic credit-card breach, retail giant Target is rebounding with its biggest move yet: appointing heavyweight Bob DeRodes as new CIO. Target’s CEO says that DeRodes, who was a senior information technology advisor to multiple government bodies, is well-positioned to “lead our continued breach responses and guide our long-term digital strategy.” Read the full column and find out what else the Web is buzzing about this week.

Speaking of data breaches, it’s time to go back to the basics to combat today’s breed of data-driven cybercrime. That was IT execs’ resounding response when asked what new security technologies they recommend. In our latest Future State column, Editorial Director Christina Torode explores how security oldies-but-goodies such as systems logging are worthy means of battling data-driven security problems.

On that note: If you’re using cloud, you’ve probably heard that security breaches are almost inevitable, so how should you prepare for sneak attacks and mitigate the consequences? Security experts offer their advice in the latest CIO Symmetry blog post by Laskowski.

Our CTO contributor Niel Nickolaisen has a few things to say about cybersecurity as well. He advises fellow IT leaders to adopt a hybrid security approach, relying on both experts’ knowledge and your own homegrown intelligence. Read his tip on how to use risk assessment profiling as a foundation for a strong hybrid strategy.

It’s no surprise security is a point of focus this week — and really, this year. Check out the results of TechTarget’s recent survey of enterprise IT priorities for 2014 and you’ll see that various security initiatives — including mobile and network security — easily make the top 10. Click through our slideshow by Associate Editor Fran Sales for more on enterprise tech investments in 2014.

Other SearchCIO happenings…
Thanks to the monopolies of cable TV, we buy ridiculous cable bundles of 200+ channels even though many of us would be happy with just five. Are Internet service providers (ISPs) headed in the same direction? In this week’s CIO Matters column, guest CIO contributor and “netizen” Ravi Ravishanker examines the implications of the D.C. Circuit Court of Appeals’ ruling, which found that the Federal Communications Commission can’t impose net neutrality on ISPs. Find out how that could lead them to serve up preferential treatment to companies with the big bucks.

It’s quiz time again! The IT outsourcing landscape is constantly evolving and there are ever-more components to consider, so review our recent coverage and make sure you’re up to date on outsourcing management considerations.

Over on SearchCompliance…
Security is dominating the compliance sphere as well, as seen in the rise in intelligence-driven security. SearchCompliance editor Ben Cole sat down with Kim Jones, chief security officer and senior vice president Vantiv Company LLC, at the RSA 2014 Conference to discuss what counts as intelligence-driven security, its limits and how to use it to drive sound decisions.

Meanwhile, the latest installment in the IT Compliance FAQ series answers the top questions on Heartbleed, the OpenSSL bug experts are calling one of the worst in Internet history. Make sure you’re aware of its ins and outs and that you’ve taken the steps necessary to address potential vulnerabilities.

And onto chattier matters: If you missed last week’s #GRCchat on Twitter, our tweet jam recap has all the juicy info on the role of information governance in meeting GRC requirements in the digital, big data age. Calendar note: Quell your #GRCchat hankerings with our next SearchCompliance tweet jam, scheduled for May 15 at 12 p.m. EST (topic TBD).

Stay tuned for next week’s CIO Symmetry roundup, and stay on top of our news and tips by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

April 28, 2014  7:38 PM

How to prepare your business for a cloud security breach

Nicole Laskowski Nicole Laskowski Profile: Nicole Laskowski

It’s not if, it’s when. That’s how a Massachusetts Technology Leadership Council panel of security experts talked about the potential for security breaches in the cloud. That inevitability might be one of the reasons why enterprise CIOs are still reluctant (though less so than they used to be) to head to the cloud, a luxury small and mid-sized businesses simply cannot afford. The good news for those in charge of SMB IT: There are ways to diligently prepare for a sneak attack that can help mitigate the potential damage.

In this SearchCIO small business IT tip, Nick (aka Rattle) Levay, CSO at security provider Bit9 in Waltham, Mass.; Chris Ray, chief information security officer for targeted marketing firm Epsilon; and Chris Wysopal, co-founder and CTO at Software as a Service security provider Veracode, address the question: “How do you prepare your company to respond to a breach?” Here are their pointers:

Reach out to business teams, law enforcement and security trainers

Chris Ray

Chris Ray, CISO, Epsilon

Chris Ray: Make sure you have other departments involved up front [such as] legal and corporate communications. Have a preexisting relationship with external law enforcement, consult with them. … I’m also a firm believer that if you don’t have a large team, leverage someone else and do not take this all upon yourself. There are plenty of companies out there that have forensic retainer services. Get that in place [because] when something happens, you don’t want to be scrambling around trying to get a contract signed. Have someone available. And when you do a retainer-type service, they’ll offer so many hours of free training to help you in your program. Having that in place is, by far, one of the most important things to make sure you do.

Visualize worst case scenarios

Nick Levay

Nick Levay, CSO, Bit9

Nick Levay: I understand that a lot of small organizations can’t do a full written response plan, but as someone whose responsibility it is to do security, you should spend some time working through some of your worst-case scenarios and doing mental preparations. That’s because at any given point, you could come into work one day and find out it just turned into the worst day in your career. At that time, it’s going to be important to senior management that you are calm and in control. If you can do that, all of those interactions with executives, help desk, the legal department … all of that stuff gets easier if you can convey calm and control. The only way you can do that is by working through worst-case scenarios in your head.

Organize drills to provide hands-on experience

Chris Wysopal

Chris Wysopal, co-founder and CTO, Veracode

Chris Wysopal: One of the things we do, and we do this quarterly, are “table top exercises.” So we all get into the board room — the security team, people from IT, people from corporate communications, the corporate council — and come up with the different scenarios that could potentially happen. Usually it’s about a two- to three-hour exercise, and the person leading rolls out the information you’re discovering. I guess it helps if you play Dungeons & Dragons. It’s been very helpful for us when we’ve had incidents that just resulted in downtime that could have been a security incident but turned out to be some sort of human error. Having those processes in place so people know to get together and work through it is invaluable.

Get to know the business

Levay: If you’re in charge of security and response for a company, you have to understand the business. If you are a pure technical person and you only understand the technical infrastructure and you don’t understand how the business works, it’s going to be hard to run a security response. That’s one of the things about practicing security that makes it so intellectually challenging when you really get to the management levels: You need to understand the business really well. Not necessarily as well as the CEO or the CFO does, but you need to understand the business mechanics: where the money flows, where the crown jewels are, how the groups interact with each other. Otherwise, you’re not going to be able to make informed decisions.

April 25, 2014  7:17 PM

Cybersecurity for competitive gain, cyberdefense myths, and crowdsourcing for talent

Fran Sales Fran Sales Profile: Fran Sales

Cybersecurity is front and center on SearchCIO this week.

With cyberattacks coming from every corner, CIOs and security experts believe a strong security program can be a competitive differentiator for their companies, similar to how car safety determined the rise and fall of certain brands in the auto industry. But can these security evangelists convince the rest of the business that a function traditionally viewed as a cost can help the bottom line? Executive Editor Tina Torode looks into various infosec case studies in this week’s feature.

Speaking of ‘cyber’ matters — the perimeter defense is officially dead. That’s according to our expert contributor Harvey Koeppel, who addresses common cyberdefense myths in this week’s CIO Matters column and explains why it’s time to play some cyberoffense.

Koeppel isn’t alone in the call for modernizing cyberdefenses. Ed Amoroso, CSO at AT&T, proclaimed at New York’s recent Landmark CIO Summit that it’s time we scrap outdated perimeter defenses and — wait for it — head for the cloud to shore up enterprise security. Executive Editor Linda Tucci reports in our TotalCIO blog.

Also on SearchCIO…

Senior News Writer Nicole Laskowski looks into how Thomson Reuters used crowdsourcing to search for engineering talent, with a twist: through internal competitions. See how Mona Vernon, head of Thomson Reuters’ innovation data lab, got her crowdsourcing project off the ground, and what problems she suggests are crowdsource-worthy.

Meanwhile, wondering what the analytics landscape will look like in a few years? You’re in luck, because some high-profile BI experts have lots of ideas. At Gartner’s Business Intelligence and Analytics Summit, BI heads from the likes of Cisco, GE and Caesar’s Entertainment exchanged views on hiring chief digital officers, predictive analytics and more.

The latest on Searchight: Facebook tuned in to users’ penchant for creating private content, particularly in the mobile realm — and now has $2.5 billion in Q1 revenue to show for it. Take a hint from the social media giant on how to engage your users; plus, news on Apple considering environmental sensors, Obama’s soccer match with a humanoid robot, and more.

Lastly, remember the prediction that by 2017 CMOs will spend more on IT than CIOs? Forrester Research analyst Andrew Bartels digs into three big reasons why CIOs are still very much in control — and should be — of their business’ tech budgets, despite the increasing technology appetites of their colleagues at marketing.

And on SearchCompliance…

What’s so noteworthy about the Department of Health and Human Services’ announcement of an upcoming pre-HIPAA-audit survey? After all, the Office of Civil Rights has been auditing covered entities since 2012. As Ed Moyle covers in this SearchCompliance tip, what’s different in this new round of audits is that business associates will now be in the regulatory bull’s eye. Find out how business associates should address this challenge.

Hear ye, hear ye: The latest issue of our SearchCompliance handbook has arrived! Read up on the latest happenings in cloud risk management, governance and compliance, including the questions you need to ask cloud providers to gauge GRC readiness, and how cloud strategies are involving to take security into account.

If you missed April’s #GRCchat tweet jam on information lifecycle management, please check out our recap to catch up on how IT organizations are dealing with mounting data and the resulting governance issues by fortifying their information management strategy.

And on that chatty note — get ready for another #CIOChat tweet jam! Join SearchCIO next Wednesday, April 30, at 3 p.m. EDT to talk predictive and prescriptive analytics. And be on the lookout for next week’s CIO Symmetry roundup; plus, get our news and tips in real time by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

April 18, 2014  5:44 PM

Old BI battles new and Boston executes IT-focused crisis management plan

Emily McLaughlin Emily McLaughlin Profile: Emily McLaughlin

There is a war going on in IT between old and new business intelligence — and it’s slated to be a tough matchup. A story getting a lot of attention on SearchCIO this week came out of Dan Sommer’s session at the Gartner BI and Analytics Summit. Scroll through the comments to learn whether readers are choosing old BI or new BI — but not until you’ve formed your own opinion!

In today’s Searchlight column, learn about this year’s IT-heavy crisis management plan at the Boston Marathon. Also read about Microsoft’s forced update, how you can buy a fancy Toshiba Satellite Pro laptop and the first Heartbleed-related arrest.

Also on SearchCIO…

Does cloud spell the end of corporate IT? Not for CIO Don Baker and CTO Michael Beckley. These two corporate executives are exploiting cloud computing for business gains. This feature story by SearchCIO contributor Dina Gerdeman can also be found in our recent cloud computing ezine.

If IT professionals aren’t worried about cloud technologies taking their jobs, maybe self-service BI tools will have them shaking in their boots. In Monday’s Data Mill column, Nicole Laskowski shares why data scientists might be deemed useless by enterprise organizations in the near future.

In small business news, contributor Christine Parizo shares why it’s important to find a website developer that fits your  corporate culture as well as fulfill your organization’s requirements.

On SearchCompliance…

In this video from the RSA 2014 Conference in San Francisco, security architect Robert Shullich sits down with site editor Ben Cole to discuss how many companies don’t understand the scope of their data assets and why this ignorance creates big information security holes.

What info management processes are needed to separate corporate and personal data to avoid privacy issues?  Jeffrey Ritter, Esq., founder of the Ritter Academy, offers his expert opinion on protecting information assets, whether personal or corporate.

Watch SearchCompliance for recaps from this week’s information lifecycle governance-themed #GRCchat. Interested in joining our next tweet jam? Pencil SearchCIO in for a predictive/prescriptive analytics-themed #CIOChat on Wednesday, April 30, at 3 p.m. ET.

Stay tuned for our next weekly roundup here on CIO Symmetry and follow @SearchCIO, @SearchCIOSMB and @ITCompliance to get news and tips as they’re posted.

April 11, 2014  5:45 PM

Heartbleed bug, building a risk management plan and cleaning up data

Emily McLaughlin Emily McLaughlin Profile: Emily McLaughlin

The big news this week? A defect in one of the Internet’s key security methods, OpenSSL, that’s forcing two-thirds of all websites to consider changes to protect the security of consumers. Learn more about what this OpenSSL heartbeat bug  — appropriately named “Heartbleed” — means for CIOs in today’s Searchlight column.

Are you looking to perfect your organization’s enterprise risk management strategy? Look no further than our April CIO Briefing! In this Essential Guide, learn to recognize, observe and banish threats to your beloved organization with tips and news stories from SearchCIO. Featured articles cover risks related to human error, natural disasters, financial uncertainties and more.

Evan Schuman, a freelance writer specializing in security, mobile and payments issues, delivered six tips on avoiding mobile application security problems. Read all about these application threats, then weigh in on whether your organization plans to hire a mobile security expert to vet its apps.

Another big question we’re aiming to answer: Does more data ever trump clean data? Greg Pfluger, vice president of information systems at American Family Insurance, took on this burning question at the Fusion 2014 CEO-CIO Symposium  — and his response might leave CIOs wide-eyed.

In another data-oriented piece, Senior News Writer Nicole Laskowski explains why Gartner urges CIOs to plan analytics strategies for smart devices — beginning right now. If they snooze on strategizing for a workplace filled with smart T-shirts, smart light bulbs and smart contact lenses, they may very well lose.

March’s #CIOChat coverage is never-ending: Get four CIO tips for bringing software as a service ideas to the executive planning board, and read up on why communication in IT is key to managing rogue IT in the enterprise.

Over on SearchCompliance…

New governance, risk and compliance (GRC) regulations are forcing cloud services providers and customers to modify their data management and security processes. Site Editor Ben Cole shares what your security team needs to know in this SearchCompliance tip. Cole also blogged about the importance of business-wide transparency and buy-in as part of a larger GRC strategy.

How about another round of tweet jams? Join SearchCompliance next Thursday, April 17, at 12 p.m. EDT to discuss information lifecycle governance during the monthly #GRCchat. Two weeks later, mark your calendar for SearchCIO’s predictive/prescriptive analytics-themed #CIOChat on Wednesday, April 30, at 3 p.m. EDT.

Stay tuned for our next weekly roundup here on CIO Symmetry and follow @SearchCIO, @SearchCIOSMB and @ITCompliance to get news and tips as they’re posted.

April 4, 2014  4:39 PM

Shadow technologies, prescriptive analytics and cloud compliance

Emily McLaughlin Emily McLaughlin Profile: Emily McLaughlin

This week on, we dished up expert advice pertaining to prescriptive analytics, cloud security and shadow technologies.

CIOs hoping to conquer the next business frontier should look no further than our e-zine on prescriptive analytics. In the April issue of CIO Decisions, learn how prescriptive analytics can revolutionize how work gets done and serve as an RX for CIOs aiming to optimize forecasted outcomes.

Last week’s rogue technology-themed tweet jam stirred up quite the discussion on Twitter, much of it revolving around how rogue and shadow are unfit terms to describe what’s going on with unsanctioned IT. Discussions also covered why communication is key in avoiding — or embracing — rogue implementations, as well as the benefits and pitfalls of going rogue.

Did you hear about the new wolf of Wall Street? The lead item in this week’s Searchlight column by Associate Editor Emily McLaughlin focuses on Michael Lewis’s revelations about high-frequency trading. Read the full column for more from the week, including Greenpeace on why Amazon’s cloud is the dirtiest and reasons why carrying two phones — one for personal use and one for business — might benefit users.

Our expert contributors Harvey Koeppel and Niel Nickolaisen, each contributed pieces to SearchCIO this week, offering advice on advice on cloud adoption and VDI implementation, respectively.

This week’s Data Mill column by Senior News Writer Nicole Laskowski outlined five tips for a secure cloud-first strategy, inspired by the Massachusetts Technology Leadership Council’s seminar on securing data, availability and reputation in the cloud. Bonus: Advice on crafting a hybrid cloud strategy.

On SearchCompliance…

Cloud chatter isn’t reserved for SearchCIO readers. On SearchCompliance, we held our #GRCchat tweet jam of the year, with a focus on cloud computing security. Read our first recap to learn who readers think is responsible for security in the cloud. Then, learn how GRC regulations force cloud service providers to rethink their security offerings in this tip by Site Editor Ben Cole. And while we’re swapping security tips: How can security professionals ensure privacy in a mobile device management (MDM) policy? Contributor Jeffery Ritter provides the answers.

Stay tuned for our next weekly roundup here on CIO Symmetry and follow @SearchCIO, @SearchCIOSMB and @ITCompliance to get news as it’s posted.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: