CIO Symmetry


January 8, 2016  5:13 PM

Advice for handling a data breach; how to test DR/BC plans

Brian Holak Brian Holak Profile: Brian Holak

Here are the SearchCIO and SearchCompliance articles from this week:

Is your company prepared to handle a data breach? In this tip, SearchCIO contributor Mary K. Pratt talks to IT professionals to find out best practices for how to manage public perception post-data breach. The first words of advice: Don’t play the victim. Also, Pratt lays out an eight-step data breach plan that addresses the many variations a hack can take.

Speaking of disaster recovery and business continuity, the right kind of testing can save companies a lot of trouble. SearchCIO contributor Niel Nickolaisen details how IT organizations should test their DR/BC plans to make sure they are prepared for the worst. Plus, SearchCIO expert Harvey Koeppel gives his take on data recovery and business continuity plans in the age of breaches.And there are more data breach tips where that came from! This article outlines key steps to follow to make sure your IT organization is ready for a data breach.

Over on the IT Compliance Advisor blog, Site Editor Fran Sales runs down the latest GRC news, including data analysis that found HIPAA violators face minimal punishment, merchants’ two-year PCI DSS compliance extension on a key requirement and upcoming changes to FCPA enforcement.

Please follow @SearchCIO, @SearchCIOSMB and @ITCompliance for our new stories throughout the week.

December 30, 2015  2:00 PM

Tough cookie: Food-focused platform business model grows amid rivals

John Moore John Moore Profile: John Moore

The Cookie Dining formally launched back in August as a platform business model in the competitive online food ordering space.

The presence of established players such as GrubHub and Just Eat made the venture seem a bit quixotic. Indeed, Marko Manojlovic, the platform’s founder, cited the task of getting restaurants to sign up for the online ordering system as his biggest challenge. The issue of attracting a sufficient number of sellers (in this case restaurants) to attract a sufficient number of customers is known as the platform business model’s chicken-and-egg problem.

Four months on, however, The Cookie Dining continues to expand. Notable restaurant signings include Big Smoke Burger, a chain based in the Toronto suburb of Richmond Hill, Ont. with outlets in Canada, the U.S. and Middle East. Manojlovic said the platform’s expansion in Toronto, Montreal and Calgary has gone much faster than his company predicted. Urban areas in the U.S. targeted for expansion include Seattle, Los Angeles and New York.

And, in a case of one platform business model converging with another, The Cookie Dining plans to recruit delivery drivers along the lines of the Uber model, according to Manojlovic. The platform is working on hiring drivers in Vancouver, Montreal, Toronto, Calgary, Seattle, Los Angeles and New York.

“This will be promoted aggressively in January 2016,” Manojlovic said. In conjunction with the food delivery capability, The Cookie Dining will integrate a real-time food tracking and a driver rating and review feature into the platform. Other delivery services have also launched food tracking apps.

Other platform developments include:

  • The Cookie Dining point-of-sale device, which will arrive in January.
  • “Giving Back” program: Platform customers can select a charity or cause in their local community and The Cookie Dining will donate to that organization on their behalf.

The Cookie Dining

The Cookie Dining’s charitable giving is built into the app.


December 29, 2015  4:09 PM

Project management best practices for SMBs

Fran Sales Fran Sales Profile: Fran Sales
CIO, project, Project and portfolio management, Project management, SMB

Project management is commonly thought of as a practice suited mainly to larger businesses. But these days, small and medium-sized business owners and employees also need to think about the discipline.

“We’re all project managers now,” said Dave Scarola, vice president of The Alternative Board, which offers coaching for small-business owners.

SMBs need to be able to adapt project management best practices and templates to their business, but they often don’t, said Scarola in the webinar “Project Management for Small Businesses.” This is because they often find project management practices to be intimidating.

This perception starts with what SMB employees think the definition of a project is.

“Projects are perceived to be complex, but even relatively simple endeavors can be projects,” Scarola said.

So what exactly is a project?

According to the Project Management Institute, it’s a temporary endeavor that has a definitive start and end and a specific outcome. This outcome doesn’t necessarily have to be concrete, like a software product; it can be a new process, information or an idea. (Some examples include creating a process manual for the sales department and developing a customer retention program.)

Which brings us to the definition of project management: the organization and oversight of a project with the ultimate goal of successfully accomplishing the project in terms of scope, timeline, quality and budget.

“Project management is about execution, not about planning and strategy (which are just elements). Project management is about getting things done,” Scarola said.

The two common process methodologies for project management are Waterfall and Agile; Scarola believes the latter is the way to go for most SMB projects. “But be careful with it, [because it] can turn into a free-for-all,” he warned. “You need good expertise on how to properly deliver [Agile].”

Scarola offered the following project management best practices:

  • Have a well-defined scope that is not subject to interpretation. The project scope not only includes basics like who the project manager is, a high-level description of the project and the due date, but also justification for the project, who the client is, the project’s objectives and an outline of its purpose to create alignment with stakeholders. It also includes deliverables, and not just the technical aspects: “Does the project need a process to be created with it? Is there training needed?” said Scarola.
  • Have objective success criteria. “There should be no question if the project was successful or not; it needs to meet all criteria in the success criteria definition,” Scarola said. Emotion can be factored into whether to go forward with the project — passion can go a long way in getting a project accomplished. But he cautioned against looking at the endeavor with rose-colored glasses. “Too many projects can become someone’s pet,” he said.
  • Choose the right team and assign them the right roles and responsibilities. Scarola stressed that it’s important not to confuse roles with people. “It’s not uncommon for a single person to fill the role of analyst, trainer or QA,” he said. He recommended using the PAVE model: passion (is the person you assigned passionate about the role?); aptitude (can they do it successfully?); vision (does their vision match that of the organization?); and empathy (can they handle the responsibilities of the role while maintaining an empathetic personality?).
  • Create a project plan that outlines the “how.” A project plan is not just a schedule, although that’s a part of it. It also includes other things like assumptions, risks, known issues, budgets and implementation plans. A project plan should also be a “breathing” document, said Scarola. “A project plan is based on the best information we have now; we may have to make adjustments along the way,” he said. A flexible plan is not a substitute for thorough planning at the outset, however. Scarola also suggested setting up a weekly meeting with the project team. “Encourage dissension. You want to have folks challenge each other; you get the best results that way,” he said.

Have any project management best practices to add? Write to us at editor@searchcio.com.


December 18, 2015  5:13 PM

Global impact of EU data protection legislation; top analytics trends of 2016

Fran Sales Fran Sales Profile: Fran Sales
CIO

Three years in the making, EU officials have finally made public a draft of the General Data Protection Regulation (GDPR), an EU-wide legal framework data collection, sharing and privacy standards that are stricter and more comprehensive than its U.S. federal law counterpart. In this week’s Searchlight, Associate Editor Brian Holak talks to two digital information experts to dig into how GDPR will impact U.S. IT leaders.

The International Institute for Analytics (IIA) has released its annual list of data analytics trends for 2016, this year splitting it up into predictions and priorities. Among the highlights: the rise of analytical microservices and data curation tools. Read on a two-part Data Mill, by Senior News Writer Nicole Laskowski.

Can CIOs play a role in fighting online terrorism? It’s certainly possible, but it means enterprise CIOs have to be open to sharing intelligence with the government and become hyperaware to all threat signals in their organization. But it will be a while before we get there, writes Features Writer Jason Sparapani on Total CIO.

Telephone networks are not traditionally wired to protect our privacy. In fact when digital phones first came around, their networks were built so that law enforcement was technologically able to easily access communications. Silicon Valley is starting to disrupt that, starting with Apple. But end-to-end encrypted iPhones, available mostly to wealthy people, isn’t enough, argues Christopher Soghoian, principal technologist at the American Civil Liberties Union.

New CIO handbook hot off the presses: Get a checklist for CIOs looking to support digitally enabled enterprises with ITSM practices; learn as a CTO draws on his own experience how to deliver radical business change with ITSM; and check out a Q&A with ITSM consultant George Spalding on how a well-implemented IT asset management strategy helps protect companies against license compliance audits by software vendors.

TechTarget’s 2015 Annual IT and Careers Survey polled 248 senior IT executives in the U.S. to gather data on their current and future compensation, IT priorities and metrics for success. Get all the details in this handy infographic and see how your stats compare.

Statements of work are key to helping CIOs and other IT professionals keep IT projects on track and meet business objectives. To help, we’ve gathered free statement of work template examples from around the Web.

Having security and privacy coexist is a tough balancing act for businesses today. In this tip, information governance expert Jeffrey Jenkins shares advice on how building PII management mandates into data protection efforts can help.

That’s all we’ve got for this week! Follow our @SearchCIO@SearchCIOSMB and @ITCompliance accounts to get updates on our upcoming stories.


December 11, 2015  5:36 PM

The struggle of innovation teams; should big tech help fight online terrorism?

Fran Sales Fran Sales Profile: Fran Sales
CDO, CIO, cybersecurity, grc, IT innovation, Startup

The mass shooting in San Bernadino, Calif., and other recent horrific acts of terrorism have spurred politicians everywhere to call for a means to make it more difficult for terrorist groups to use the Internet to communicate. But what’s lacking in their speeches is exactly how exactly to do this. In this week’s Searchlight, Features Writer Jason Sparapani digs into whether big tech should help answer that question.

Turning innovation into a discipline is becoming an increasingly important call to action for enterprises. But it isn’t easy, and is currently a work in progress in many organizations. At the recent Future M conference in Boston, innovation leaders from the likes of PepsiCo, Fidelity Investments and IBM discuss what makes their innovation teams important, as well as why they cultivate startups to help drive innovation.

The question of whether chief data officers (CDOs) will take over their jobs has been nagging CIOs recently. But they might be asking the wrong question about data strategy, according to Richard Wendell, founding board member of the MIT-affiliated International Society of Chief Data Officers (ISCDO), at the recent Chief Data Officer Summit in New York.

Odds are that, like most organizations, you don’t employ desktop as a service. But maybe you should. In part one of Sparapani’s blog post, he lays out how the service — which takes the operations of a desktop operating system and puts it in a virtual infrastructure — can save companies time and money. In part two, Sparapani gets Forrester analyst Glenn O’Donnell’s take on why another cloud computing product, internal private cloud, is also seeing minimal success.

Back in February, Oracle published its top 10 CIO challenges for the year. At the CDO Summit, ISCDO’s Wendell used the list to illustrate not only his point that CIOs and CDOs to team up, but also to show how data and analytics continue to transform businesses. Did you struggle with any of these CIO challenges?

Speaking of all this buzz around CDOs, are they experiencing their heyday? Or is it all just hype? If we let Google Trends and Google Analytics be the judge, it appears to be a bit of both. Senior News Writer Nicole Laskowski goes through some findings.

On SearchCompliance…

Haven’t been hit by a cyberattack yet? The odds are that you will, no matter how minor. That’s why identifying your organization’s security vulnerabilities and planning for the inevitable has never been so urgent. Find out how GRC rules influence companies’ approach to data protection.

On the latest IT Compliance Advisor GRC news roundup, the governor of New York introduces new state banking rules to help block terrorism funding, the majority of healthcare organizations lack HIPAA-compliant messaging apps, and more.

Our end-of-the-year #CIOChat is on the horizon: Join us on Wednesday, December 16, at 3 p.m. EST to share your 2016 IT predictions and resolutions. Get the details here. See you there!

That’s all for this week! Follow our @SearchCIO, @SearchCIOSMB and @ITCompliance accounts to get updates on our upcoming stories.


December 4, 2015  5:20 PM

The rise of the programmable economy; the present and future of AI

Brian Holak Brian Holak Profile: Brian Holak
Agile, Artificial intelligence, IT Metrics, ITSM

As our technology changes, so do our business transactions. In this two-part feature, Editorial Director Sue Troy explores how our current economic systems will keep pace with technology like IoT and robotics. In part one, Troy talks about the rise of the ‘programmable economy,’ and in part two, she explains why the blockchain ledger is an essential ingredient to this new economy.

The buzz around artificial intelligence (AI) is only growing. Senior News Writer Nicole Laskowski covers the exciting topic in a new two-part story. In part one, she ponders whether deep learning is the key to more human-like AI, getting two AI luminaries’ thoughts. In part two, those same luminaries discuss the future of AI, what’s possible and what is still a ways off.

IT teams can have a seat at the table too. In this week’s Searchlight, Site Editor Fran Sales reports from the Gilbane Conference on how Harvard Business Review’s IT team became a partner to the business. Hint: They got some help from Agile. Also in Searchlight: Yahoo’s board might sell the company’s Internet business, and the NSA shuts down its surveillance program after 14 years.

Traditional IT service management (ITSM) support doesn’t cut it in today’s digital business environment, according to SearchCIO contributor Harvey Koeppel. In his two-part column, he describes the problem with traditional ITSM and then gives seven CIO tips for navigating the future ITSM roadmap. Plus, contributor Niel Nickolaisen explains, through personal experience, why a top-notch ITSM strategy is key to digital transformation.

Making the Waterfall-to-Agile transition isn’t easy, but may be necessary for your business. In this tip, the CIO of Bose gives five pieces of advice for CIOs making the move to Agile.

The app economy is upon us. In this issue of our CIO Decisions ezine, IT leaders and experts offer app performance management tips and best practices for the new app economy.

In our latest Essential Guide, explore best practices around key IT metrics that can help CIOs optimize cost, align strategies with the business and make the case for IT investment.

New laws encouraging cybersecurity information sharing between the public and private sector have sparked debate. Will these protection measures infringe on privacy? SearchCompliance contributor Mary K. Pratt tries to get to the bottom of it in this feature.

The results of our salary and careers survey are in, and they show that GRC professionals’ skill sets are becoming highly prized across industries. Find out more of the survey results in this story by Senior Site Editor Ben Cole.

Please follow @SearchCIO, @SearchCIOSMB and @ITCompliance for our new stories throughout the week.


November 25, 2015  1:30 PM

TechTarget’s 2015 salary survey results; the difficulties of organizational agility

Brian Holak Brian Holak Profile: Brian Holak
IT Agility, IT salary, salary survey

The results from TechTarget’s 2015 Annual IT Salary and Careers Survey are in! SearchCIO members broke down the numbers and got reactions from CIOs and IT executives:

Also this week, SearchCIO contributor Joseph Flahiff explains how organizational agility is a double-edged sword that can save and destroy your company.

Over on the blogs, Laskowski talks about the shift in big data conversations to IoT and Sales breaks down the privacy vs. public safety encryption debate.

Please follow @SearchCIO, @SearchCIOSMB and @ITCompliance for our new stories throughout the week.


November 20, 2015  4:58 PM

Google unveils app streaming; business lessons from blackjack

Brian Holak Brian Holak Profile: Brian Holak
Big Data, Deep linking, Governance, Mobile app, Mobile Application Development, Mobile applications

Google’s new app-streaming feature is taking deep linking even further, seeking to improve the mobile experience of users reluctant to download apps. But what does it mean for developers? In this week’s Searchlight, Site Editor Fran Sales discusses Google’s deep-linking experiments and gets analysts’ takes on their enterprise impact. Also in Searchlight: The Paris attacks re-ignite device encryption debates, and Oxford Dictionaries named its Word of the Year — but it’s not a word.

Follow the data, says Jeff Ma, author and former member of the infamous MIT blackjack team that used math and card counting to win big. He used data-driven decisions to win in blackjack, but those data-driven decisions are also key to business success, according to Ma. Read about his experiences with data and get advice on how to use data to succeed in the most recent Data Mill column.

Over on the IT Compliance Advisor blog, Diane K. Carlisle — executive director of content at ARMA International — explains how new technology is driving digital information governance and runs down steps for planning an IoT initiative.

Please follow @SearchCIO, @SearchCIOSMB and @ITCompliance for our new stories throughout the week.


November 13, 2015  8:11 PM

Gartner predicts IoT surge in 2016; why APM should focus on UX

Fran Sales Fran Sales Profile: Fran Sales
APM, CIO, Cloud Computing, cybersecurity, Internet of Things, iot, mobile app security, Mobile Application Development

The number of connected “things” in use will rise to 6.4 billion in 2016, Gartner predicted. That’s a 30% rise from this year. The consultancy also said that this explosion will drive a surge in IoT services as companies seek providers to help jumpstart their IoT initiatives. Associate Editor Brian details what this means for the CIO agenda in this week’s Searchlight.

In today’s “app economy,” companies heavily rely on apps to communicate and connect with their partners, employees and — most especially — customers. And in today’s app economy, having an updated application performance management (APM) strategy is more important than ever. In this feature by freelance writer Mary K. Pratt, see how various IT execs have revamped their APM practices to remain competitive in this economy.

To reap the business benefits of cloud computing, companies need expertise in their IT departments and an informed user community. But organizations will have trouble passing muster, said Pamela Wise-Martinez, chief cloud and enterprise data architect at Pension Benefit Guaranty Corp (PBGC). Fortunately, customer advocacy groups like the the Cloud Security Alliance (CSA), which offer free advice on cloud challenges, are here to help. Wise-Martinez sat down with Features Editor Jason Sparapani to recount just how critical these cloud references have been to PBGC.

A powerful user experience (UX) is the ultimate goal of mobile app development, but getting there isn’t easy; many failures are the result of failing to balance UX with one of the biggest obstacles of mobile app dev: data security risks. In SearchCIO’s latest handbook, get tips from SearchCIO columnist and former CIO Harvey Koeppel on how to harmonize mobile UX and data security.

On SearchCompliance…

At this year’s ISSA International Conference, Senior Site Editor Ben Cole sat down with security experts to discuss the new business focus on building a “culture of security” in the digital age, when information has become a vital business asset. In one video, Nick Merker, an attorney with Ice Miller LLP, talks about how information security professionals’ role has changed in this era. In another, Vincent Sritapan, program manager with the Department of Homeland Security, discusses new mobile app security strategies and best practices.

IT Compliance Advisor roundup: In recent GRC news, Federal Reserve Chairwoman Janet Yellen testifies before a House panel that large financial firms still face persistence regulatory compliance and risk management breakdowns, and a study shows that Dodd-Frank “clawback” rules might not end up being as effective as anticipated.

That’s all for this week! Follow our @SearchCIO, @SearchCIOSMB and @ITCompliance accounts to get updates on our upcoming stories.


October 31, 2015  5:20 PM

Survey: SMBs will run half of their apps in the cloud by 2018

Fran Sales Fran Sales Profile: Fran Sales
Cloud Applications, Cloud Computing, Gartner, IT budget, PaaS, SaaS, SMB

Spending on cloud-based services make up only a small portion of the IT market, but, at least among small and medium-sized businesses (SMBs), investments in these offerings are expected to grow considerably by 2018, according to a survey conducted by Gartner Inc. These findings, according to the firm, are a sign of how increasingly significant the cloud is becoming to these companies.

SMBs, which Gartner characterizes as companies that employ between 1 and 999 workers and have an annual revenue between $50 million and $1 billion, currently invest about 33% of their IT budgets in cloud-based services; these SMBs plan to allocate more of their budgets to cloud, particularly lower-midmarket midsized businesses (those with 100 to 499 employees).

SMBs are also more open than their enterprise counterparts to purchasing public cloud offerings, even in business-critical areas like business intelligence, CRM and ERP.

The main driver for this growing group of SMBs is that they “are in a hurry to accelerate their business growth with the support of more advanced IT solutions. Cloud is seen as a business accelerator and a cost-containment enabler,” wrote the authors of a report that summarized Gartner’s survey findings.

Gartner’s survey also found that by 2018, SMB organizations will have 50% of their applications running in the cloud. The use of SaaS continues to grow as SMBs introduce new applications into their environments, building extensions to their existing apps using cloud-based services, said the authors. Small businesses (1 to 99 employees), in particular, are interested in public cloud SaaS because of the constraints of their internal IT capabilities. “SMBs have not been able to invest in business applications to the extent that enterprises have, but public cloud solutions are seen as a way to close the gap,” the authors wrote.

Other noteworthy findings from the survey:

  • Platform as a service (PaaS) usage among SMBs will grow between 15% and 20% year over year through 2017. This increase will be driven by these organizations’ urgency to digitize their business quickly but at a reasonable cost, said the authors. PaaS, along with SaaS and other public cloud offerings, facilitates “a development environment that provides quicker time to deployment, enables operational agility and provides concrete tools to help SMBs gain business advantage,” which are currently top priorities for SMBs, they wrote.
  • Through 2018, between 30% and 38% of SMBs will buy communication apps and UC products through the cloud. As cloud UC providers mature and improve their products’ capabilities, UC cloud adoption will rise accordingly, according to Gartner. “SMBs are also in a rush to provide more mobile applications on the communications solutions side, so mobility and cloud go hand in hand in the communications applications segment,” added the report’s authors.
  • By 2018, 50% more mobile devices will be adopted by SMBs for vertical-specific use cases. SMBs are more aware of the benefits of a mobile workforce and the vertical-specific use cases of mobile devices, according to Gartner. For instance, small businesses that range from restaurants and hairdressers currently use tablets for customer engagement, digital signage, inventory tracking and points of sale. And in the manufacturing vertical, for example, SMBs are equipping maintenance workers with mobile devices on which they can access business apps, creating efficiencies in workplace utilization.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: