Who should CISOs report to? That has been a longstanding question in the IT field, but, as cybersecurity rises to the tops of the business and IT priority ladders, it has taken a on new sense of urgency. Features Writer Jason Sparapani explores the CISO reporting structure in today’s threat-laden digital business environment.
Speaking of cyberthreats, the U.S. government is starting to assess the digital currencies that are associated with the growing number of cybercrimes such as the recent ransomware attacks on big-name news organizations, as well as blockchain, the technology that underpins these currencies. In this week’s Searchlight, Site Editor Fran Sales explains the ransomware attacks in relation to blockchain and discusses the urgent blockchain security questions that are on Congress’ and IT executives’ minds. Also in Searchlight, Apple is considering boosting iCloud encryption, and Amazon wants your face to be the new password.
Cybersecurity is no longer just an IT concern; it’s a business one. But communicating the value of GRC analysis to the board and determining accountability is easier said than done. In this feature, Sales explores the board’s role in managing cybersecurity and supply chain risks.
The Internet of Things (IoT) has arrived, and the enterprise will never be the same again. In this Essential Guide, get strategic best practices for getting your enterprise IoT initiative off the ground, and find out how IoT is impacting several IT disciplines and how IT executives should respond.
But that’s not all we have on IoT. In this SearchCompliance webcast, learn how a lack of focus on IoT security challenges during the design stage could create a number of data protection vulnerabilities.
How is Soundsgood, a Paris-based startup, different from the plethora of other music streaming platforms available today? The company offers a so-called aggregation platform, a cloud-based service on which music influencers such as DJs and music critics can devise playlists that can be shared across other streaming services with which Soundsgood is partners (these include Spotify and Soundcloud). Senior Site Editor John Moore delves into how aggregation platforms work and the challenges ahead.
Blockchain, the technology underlying cryptocurrencies such as Bitcoin, is the biggest topic of conversation in the financial sector – many banks and financial services companies fear being disintermediated. But it’s only recently gaining the attention of U.S. Congress. More education is needed, said U.S. Rep. David Schweikert (R.-Arizona) at the DC Blockchain Summit last week. In her blog post, Editorial Director Sue Troy, delves into how Schweikert proposes to combat this knowledge gap.
After Safe Harbor was struck down late last year, the introduction of the EU’s General Data Protection Regulation (GDPR) seemed like good news to multinational companies. But with text’s 50 components (each of which the local EU authorities have claimed interpretive authority over), it seems less an overarching standard and more something companies will need extensive guidance to decipher. At this year’s RSA Conference, data privacy experts from Adobe, Google and Microsoft talk about how they think GDPR will impact their compliance processes once the regulation goes into effect in 2018.
There’s a lot of hype around 3D printing, with some calling it the next Industrial Revolution. Does the technology live up to it all? Columnist and former CIO Harvey Koeppel says yes – and more. In our March handbook, he lays out 3D printing use cases across various industries, and offers 12 CIO tips for how to take advantage of the technology.
Onto compliance matters…
While increasing cybersecurity threats have become the bane of today’s enterprises, they’ve brought one good thing: intelligence data that can be analyzed to mitigate future threats. But with companies increasingly moving data management to the cloud and third parties, it’s become harder for their security teams to keep up with the analytics data. Demetrios “Laz” Lazarikos, vArmour’s CISO, details the benefits of a proactive, risk-based approach to InfoSec monitoring in this SearchCompliance webcast.
As the Internet of Things gains popularity, companies are trying to catch up – and also to figure out the best strategies to protect the data stores and transmitted by these devices. This task is made more challenging for companies that have to integrate IoT with their legacy environments. In this video, Lazarikos talks about how IoT is impacting companies’ InfoSec strategies.
“A digital revolution need a trust revolution,” said Marc Benioff at the World Economic Forum last year. In Achieving Digital Trust: The New Rules for Business at the Speed of Light, a new book on the topic written by lawyer and frequent contributor Jeffrey Ritter, outlines how to approach this digital trust, as well as information governance, data security and commerce. Read an excerpt here.
It seems like there’s no stopping the proliferation of connected devices, but there’s one thing that just might. If companies aren’t putting security first in the creation of these interconnected devices, IoT will crash and burn, according to a panel of experts at the recent RSA Conference 2016. In this week’s Searchlight, Site Editor Fran Sales explores IoT security best practices from the panel, including why it’s so important to incorporate security features early in the IoT development process. The Apple-FBI case was also a hot topic at RSA. In this blog post, Sales details why experts at the conference think Apple ‘goofed’ in its encryption fight with the FBI.
How does your team handle innovation projects? In part two of this Q&A (read part one here), Dow Jones’ chief innovation officer, Edward Roussel, discusses his team’s idea solicitation process and how they work closely with IT to further innovation at the company.
University IT departments have to do more today than ever before. In this feature, Features Writer Jason Sparapani details their challenge of maintaining a culture of accessibility while protecting their schools from ever-increasing data threats. In two blog posts, Sparapani also discusses why it’s a great time to be a university CIO and how students’ increasing tech savvy prove a challenge for college IT teams.
The next big thing in tech might come in a small package. In this two-part story, learn about graphene sheets, atom-thick lattices of carbon that could allow solar power, computing and IoT to reach their full potential. In part one, learn about the origins and capabilities of this breakthrough energy-storing material. In part two, go deeper into the material’s IoT and computing applications and find out why it could be woven into all future computing.
Is your company considering investing in 3D printing? There could be many potential benefits to doing so, but there are also a lot of concerns that would need to be addressed. Senior News Writer Nicole Laskowski discusses the challenges CIOs and IT organizations will face with 3D printing technology, including counterfeits, massive data sets and continuous delivery.
Mobile apps are changing the way consumers and the enterprise get things done. In the latest issue of CIO Decisions, discover why a close IT-business relationship on mobile app development will soon become more commonplace as the need for apps increases.
Over on the blogs, Laskowski explores how the project management office could benefit from Agile and goes into the four facets of an Agile PMO. Plus, Executive Editor Linda Tucci talks about how consumer privacy rights have incited a new age of web content management. Tucci also breaks down the ITO/BPO 2016 outlook from global law firm Mayer Brown. Finally, Associate Site Editor Brian Holak finds out what our readers think about the lack of tech diversity and how we can address it.
In higher education today, it’s good to be CIO — if you’re willing to change the way you work.
That’s according to Eric Hawley, who holds the top IT position at Utah State University. The digital age — with its cloud computing and ubiquitous mobile devices — has brought with it a makeover for the role of chief information officer. For Hawley, a university CIO serving a school of nearly 30,000 students, it has changed what the I stands for — to integration.
“We buy components, end users buy cloud components, and we build those together like snapping Lego blocks together,” he said. “And that’s different from the old legacy IT where our job was install software X and keep it running for 10 years.”
Today, Hawley’s central IT department provides and maintains cloud computing platforms and then hands them over to what he calls “the edge” — which includes IT units that work more closely with business or academic departments — “to get their hands dirty in that data to see what they can do.”
For example, his department has given IT staffers in USU’s college of education access to enterprise systems and data, which they’re using to improve ways to track and measure student progress.
Also on the edge are students. Hawley’s team caters to them by giving them file-sharing platforms they want to work with, like Google Drive and Box.com. He also gives them “flipped classrooms,” or video-recorded lectures they can view on their smart devices whenever they want to. In the traditional model of learning, with students taking notes during lectures, Hawley said, “there’s no good way to make sure your notes were correct until the exam shows up.”
Robert Juckiewicz, vice president for IT at Hofstra University, agrees that it’s an exciting time to be in a university CIO role. His team is constantly looking for ways to use technology to improve how faculty teaches and how students learn — whether that’s offering computing courses or holding Hofstra’s version of the traveling science and innovation event Maker Faire.
“You don’t need to come to IT for a server. You can go anyplace. You don’t have to come here for expertise. It’s all over the place,” Juckiewicz said. “So what value can we add so that everybody just sees that and comes to us? I think that’s our challenge, and that means that we’ve got to think slightly differently.”
A recent diversity report by Intel shows the chip maker is making strides towards a more inclusive workplace, but there’s still a lot of work to be done — and both Intel and the rest of the world know it. The real question is: what happens now?
After a Searchlight column exploring what Intel’s report says about tech diversity, SearchCIO readers were quick to give their own thoughts on why diversity numbers are so low in tech companies and what can be done to change it.
They start with the sad truth.
“Except for a few specific jobs, most applicants we see are white males,” Norman C. Berns, CEO and creative director at ReelGrok writes. “When beginning a project there’s usually time to search for more diversity, but in the throes of production, we need to act immediately. Our choices are overwhelmingly white males because they’ve been given greater opportunities, have amassed more experience and odds are good their supervisor will be a white male too. Sad to say, there are very few people of color and even fewer people who are physically challenged.”
Mike Corum, a test manager in the technology field, is similarly tired of the overwhelming presence of white males in IT positions and counts both time crunches and pressure from the human resource department as contributing factors.
“[Lack of women and minority candidates] has been a problem I’ve faced for years – nearly all of the resumes that I received would be from white males,” Corum writes. “Combine that with pressure from HR to fill an opening as quickly as possible, and you don’t have much opportunity to improve diversity.”
Safia Boot, HR and employee relations specialist, also points to HR as a reason for the lack of diverse hires.
“The lack of diversity in HR departments makes them poor role models,” Boot writes. “As a result they miss some very low-cost opportunities to make everyday changes to systems, processes and culture that would have a huge impact on the working lives of underrepresented groups to both attract and retain.”
Until the HR department changes their candidate profiling and hiring practices, then the rest of the organization will continue to move slowly on the issue, Boot notes.
Identifying the problems with the current tech environment is one thing, properly addressing them is another. Corum gives three suggestions for tackling the tech diversity issue.
“I think it needs to be addressed at the educational level,” he writes. “First, we need to educate non-IT people so they know that IT is more than servers and the help desk. Second, we need to start training children at an early age, and forget the ‘males do this’ and ‘females do that’ dichotomy. Third — and this one can really make a difference — recruit more women and minorities. Some of the best IT people I’ve worked with were women that were recruited from other areas of the company.”
What steps do you think need to be taken in order to fix the issue of tech diversity? Sound off below!
The Apple-FBI debate on data privacy versus national security rages on. It has spurred enterprises to look at their own consumer privacy policies. In his Searchlight column, Associate Site Editor Brian Holak talks to the experts about what CIOs should prepare for. And on Total CIO, features writer Jason Sparapani talks about the lack of a law that requires Apple to help disable encryption, ponders whether the Feds need Apple’s help to circumvent device encryption; and what life would look like under a new encryption law.
There’s been a lot of hype lately about the new technology of 3D printing, but it’s actually not new at all, says SearchCIO columnist and former CIO Harvey Koeppel — it’s in fact 30 years old. What’s more, we’re likely underestimating its potential impact on enterprises. In his column, Koeppel lays out various use cases for the technology and shares a 12-step program for CIOs looking to take advantage of the opportunities it offers. In Niel Nickolaisen’s tip, the CTO and SearchCIO columnist explains how CIOs can use 3D printing and other emerging technology to test their organization’s capacity to innovate.
Senior News Writer Nicole Laskowski elaborated more on the CIO role, outlining the ways IT executives can leverage 3D printing to become innovation partners to the business. Then, she turns to experts to get their take on whether businesses should adopt 3D printing technology or turn to third parties.
Also check out her two-part Total CIO blog post, in which Laskowski details what exactly preparing for 3D printing means according Shawn DuBravac, chief economist and director of research at Consumer Technology Association, and talks about how the technology is poised to expand beyond rapid prototyping.
Aligning IT with business objectives is no easy feat, especially when we’re talking about the United Nations. Luckily, Atefeh Riazi, CITO of the UN, likes a challenge. In this Q&A with Executive Editor Linda Tucci, she discusses how she’s making IT more efficient, agile and innovative.
IoT is becoming increasingly embedded in food safety programs, and as they do so, CIOs and CTOs may find themselves being more involved in these initiatives. In his blog post, Senior Site Editor John Moore talks with Bob Whitaker, chief science and technology officer at the Produce Marketing Association, to discuss what this would look like.
Taking advantage of analytics data can help companies prevent breaches and strengthen cybersecurity, but despite the wealth of this data, executives don’t take enough advantage of it, said Reg Harnish, CEO at GreyCastle Security. In a SearchCompliance Q&A with Senior Site Editor Ben Cole, he talks about why business leaders can’t afford to ignore analytics information.
Here’s what else was on SearchCIO and SearchCompliance this week:
- Making travel plans? Consult our 2016 IT events calendar (updated constantly)
- Q&A: Dow Jones takes a two-pronged approach to business innovation
- Roundup: Free IT budget templates to help draft your own
- Three things to know about Privacy Shield, and future challenges and implications of the pact
- Millennial-led midmarket firms lead the way when it comes to SMB SaaS adoption
- SearchCompliance tip: Integrating data management rules to maintain data value in digital age
Midmarket firms are leading the way within the small and medium-sized business space when it comes to software as a service adoption, with 28% of these firms reporting that they have deployed SaaS apps, according to market researcher IDC’s latest SMB IT Decision Maker Survey, published February 2016. Furthermore, Microsoft Office 365 has been successful in the midmarket space, with 50% of these firms reporting adoption.
Midmarket businesses with Millennial-aged IT leadership were also 25% more likely to adopt SaaS than their peers, according to the survey’s findings. Millennial-led midmarket firms, or those whose leadership is composed of a majority of executives aged 35 years or younger, deploy an average of 10 SaaS apps, versus the average midmarket segment’s eight apps. This led IDC to conclude that the age of IT leadership is a good indicator of a midmarket firm’s inclination to purchase SaaS apps. Moreover, desktop as a service, travel booking and human capital management SaaS apps are more likely to be deployed among this subset.
The likely reason for Millennial-led midmarket firms’ greater propensity for SaaS adoption is that “Millennials have grown up with a higher level of trust in having a flexible mindset,” said Chris Chute, research vice president of the global SMB cloud and mobility practice at IDC.
In addition to Microsoft Office 365, the top-growing SaaS apps among midmarket firms (which IDC defines as those with 100 to 999 employees) include ERP, accounting/finance, business intelligence and platform as a service. This growth in apps indicates that midmarket firms are using SaaS to move toward a cloud-first IT environment, according to Chute.
He advises SMBs that don’t have a mostly Millennial-aged IT leadership but want to deploy more SaaS apps to test out a variety of cloud services.
“If one set from a particular vendor doesn’t work out, don’t be afraid to just move on and test-drive another one,” he said, citing no-hassle trials as a way to do so. “Customers don’t have to feel like they are committed to a given IT solution the way they used to,” Chute added.
Small-business SaaS adoption
In the meantime, SaaS adoption among small businesses is less mature, with only 10.8% deploying SaaS. These firms are mainly using SaaS to modernize their email and back-office functions, the top ones being storage, e-commerce capabilities, accounting and payroll.
However, the survey also found that IT-enabled small firms, or those with a formalized IT staff or function, are adopting SaaS in a similar manner as their midmarket counterparts. These businesses’ SaaS adoption rate is 25% — similar to the midmarket’s 28% — but Office 365 is also their second-most-adopted SaaS app.
For small businesses that are not yet IT-enabled but are looking to adopt more SaaS apps, Chute suggests identifying regular business processes that weigh down employee productivity, such as counting inventory monthly or visiting remote sites to audit projects. Then, these small firms can put a particular app to the test among a few employees to see if it fits.
“Oftentimes there’s an app, usually mobile, that has already been solving a regular pain point for other firms,” he said. “Internet searches, forums and word of mouth from other local businesses all can assist here.”
Think augmented and virtual reality technologies are just for gamers and those looking to impress their dinner guests? Think again. In this week’s Data Mill column, experts at Deloitte discuss how AR and VR are making a play for the enterprise and how CIOs can prepare.
The big news of the week was the FBI’s court order demanding that Apple unlock a phone in the San Bernardino shooting case and Apple’s refusal to do so. What are the implications? This Searchlight column details the fight and explores the contentious subject of backdoors and why CIOs should be worried.
Playing it safe is no longer the best option for businesses looking to make it in the digital business economy. In this tip, technology analyst Kurt Marko explains how taking advantage of Mode 2 of bimodal IT can help your organization think more like a startup and reap the rewards of exciting and high-risk business ventures.
How is the education field taking advantage of IoT? In this article, Site Editor John Moore talks to Gonzaga University’s associate CIO to find out how the school is tapping ITSM to manage the growth of connected devices and what overall impact IoT will have on education.
Connected cars are set to be commonplace in the near future, but they’re raising some serious cybersecurity concerns. In this feature, Daniel Allen, research fellow at The Center for Climate Change and Security, talks about the many questions surrounding connected car security and how some of them are being addressed.
In this SearchCompliance handbook, learn how IoT is making companies reexamine data governance, security and compliance processes, and what strategies businesses are employing to take advantage of the surge in IoT data. Also on SearchCompliance, Dan Geer, a cybersecurity pioneer and CISO of In-Q-Tel, talks to Senior Site Editor Ben Cole about how IT network growth is influencing companies’ data protection and information security efforts.
Over on the blogs, Senior News Writer Nicole Laskowski reports the findings of a new study that finds that enterprise interest in location intelligence is rising despite its current nascence. Plus, Features Writer Jason Sparapani talks to IT director Todd Miller about the importance of cloud security. On the SearchCompliance side, Site Editor Fran Sales runs down the latest GRC news, including the Apple-FBI backdoor face off and the Department of Justice’s recent efforts to squash foreign bribery crimes.
For Todd Miller, IT director at Millar Inc., 2015 was “the year of security.” The year of spectacular hacks at the U.S. Office of Personnel Management and infidelity dating website Ashley Madison was also the year Millar, a Houston-based maker of cardiac and neurological catheters, made huge investments in security products and fine-tuned policies and procedures “to help the users be more secure without really forcing things down their throats.”
And so, when it comes to cloud computing options, security is a top consideration. It uses a handful of public cloud services – Salesforce’s customer relationship management app for its sales team, for example, and Barracuda Networks for data backup. But before it signs up for a cloud service, its security goes under the microscope. Take Millar’s assessment back in 2013 of Microsoft Office 365, the cloud-based service offering email and “productivity apps” like Excel and PowerPoint.
“One of the critical things was, ‘Can we trust it to safely and securely store our documents? Can we trust it to provide our email safely and securely?'” Miller said.
The evaluation took six months, but Microsoft eventually convinced Millar to entrust its intellectual property to Office 365. “We have not been disappointed.”
Microsoft 365 also fulfills another of Millar’s requirements for cloud computing options: reducing administration costs. The package costs the company, which has 140 employees in Houston, the U.K. and Auckland, New Zealand, $20 a user — which is far cheaper than what it would cost to maintain operations in-house, Miller said.
But on par with cost for Miller’s IT organization is usability — whether users will find an application, based on-premises or in the cloud, easy to access and easy to use. Office 365, he said, fits the bill here as well, even extending users’ Outlook email application to their mobile devices, so they can check mail on the go. And Millar’s sales folks love Salesforce.
“I think we’d have an internal riot if we ever asked them to move off it,” he said.
The applications fulfill what is, in Miller’s view, IT’s ultimate purpose: keeping the wheels of technology turning so business can go on unobstructed.
“The reality is, if you have a well-run IT department, everything they do is transparent to the user, and if you’re doing your job, then IT is never a discussion,” Miller said. “When people are talking about IT, or they’re talking about your internal help desk, it’s usually because things are not running smoothly or as best as they can.”
The federal government is stepping in to take on cyberthreats. In President Obama’s new $19 billion national cybersecurity proposal, he aims to significantly beef up cybersecurity, but will it be enough to close the cyberskills gap and incite enterprise-wide change? In this week’s Searchlight, Site Editor Fran Sales outlines the proposed legislation and talks to IT professionals to get their take.
Mobile applications aren’t just made for customers anymore — they’re made for employees too. With the proliferation of these employee-geared mobile apps comes a shift in the enterprise and the role of the CIO. In this feature, SearchCIO contributor Mary K. Pratt discusses how this shift impacts CIOs and highlights the challenges of delivering enterprise mobile apps.
A good CEO-CIO relationship is more than just a best practice — it’s a necessity. And if CIOs want to have a hand in business decisions they have to go beyond standard reporting lines. At the recent SIM Boston Technology Leadership Summit, two successful and dynamic CEO-CIO partnerships were on display. Find out what makes those relationships tick in this installment of Conference Notebook. Then check out this TotalCIO blog post for even more tips on a building a successful CEO-CIO relationship.
Thinking of adding a data virtualization layer to your IT systems? In this video, David Loshin, president of consultancy Knowledge Integrity Inc., details three main questions that need to be considered before you start.
Driverless cars are cool; there is no denying that. But, according to MIT professor John Leonard, driverless cars are not a “solved problem.” Leonard explains why in this blog post by Features Writer Jason Sparapani.
In another blog post, Senior News Writer Nicole Laskowski outlines how one pet insurer became more customer-centric by integrating online and call center data.