CIO Symmetry

February 5, 2016  5:20 PM

Intel diversity report shows progress; how to bolster security in the cloud age

Fran Sales Fran Sales Profile: Fran Sales
CIO, CIO Decisions

Intel’s annual diversity report was released this week, shows that it’s made some headway into increasing its workforce diversity: 43.1% of new hires last year were women or minorities, and there were 14.3% more women in leadership roles. But there’s still more progress to be made, as Associate Site Editor Brian Holak discusses in Searchlight. See if the report will help nudge the industry to make more changes.

Giving advice for how to shore up IT security in the age of cloud computing isn’t exactly easy said Brian Lillie, CIO at data center builder Equinix. For starters, every company is different, he told Features Writer Jason Sparapani. Head to the Total CIO blog to get Lillie’s three guidelines for buttressing your cloud cyberdefense, and then read about why he believes building a security culture is vital to information security.

The new, revamped issue of CIO Decisions ezine is out! Read about when building an internal private cloud pays off – and when it’s more practical to pursue other cloud computing options such as hybrid IT or public cloud. Plus check out an exclusive interview with Alec Ross, Hillary Clinton’s former innovation adviser, and more.

Onto compliance matters…

The number of connected devices will reach 6.4 billion this year. This number is only going to grow exponentially – along with the number of IoT security risks. In this feature, writer Mary K. Pratt lays out the IoT security challenges company executives should keep in mind, and how data analytics can help address them.

When it comes to insider threats, people frequently think of malicious employees, but negligence and accidents also play a part. In this Q&A, Information Security Forum managing director Steve Durbin explains how these factors contribute to a growing number of security incidents and shares best practices to minimize them.

And in the latest IT Compliance Advisor news roundup, the SEC announced that global banks Barclays and Credit Suisse settled “dark pool” trading charges for a record $154.3 million; plus, other GRC news.

Please follow @SearchCIO, @SearchCIOSMB and @ITCompliance for our new stories throughout the week.

January 31, 2016  12:29 PM

The fine line between data-driven culture and being data-obsessed

Nicole Laskowski Nicole Laskowski Profile: Nicole Laskowski

It seems as though everyone is rallying behind the notion of a data-driven culture these days, and Gartner is no exception. The consultancy has conducted surveys and released research documents that tout its importance and provide insight into how CIOs can build a data-driven culture in the enterprise.

But there are moments when too much of a data-driven culture can lead to an unhealthy data obsession. CIOs would be wise to walk the line.

Case in point: Analysts Alan Duncan and Frank Buytendijk released the research note How to Establish a Data-Driven Culture in the Digital Workplace in June 2015, which included a list of top-down recommendations such as finding the right talent and educating the troops to successfully make the transition. But Duncan and Buytendijk’s research also included a word of caution: “Companies should not become data obsessed,” they wrote. Doing so is a little like putting blinders on a horse.

Duncan and Buytendijk listed three instances where a data obsession can work against the enterprise.

  1. Unavailable data. There are instances when the data is unavailable or inaccessible or simply doesn’t exist yet, such as when entering a new market, according to Duncan and Buytendijk. But a lack of data doesn’t automatically preclude data-based decision-making. When CIOs run into this experience, the Gartner analysts suggest using alternative techniques such as scenario planning or “what if” modeling.
  2. Ethical dilemmas. Data isn’t great at distinguishing between right and wrong, and so making data-driven decisions in a bubble can hurt the business. Supporting a staff or a neighborhood initiative, for example, may not make good business sense on paper, but engaging with the community can pay off in ways that cannot be measured by business metrics or key performance indicators, the authors wrote. Or, in the Big Brother world of big data, businesses have discovered that just because they can leverage their data doesn’t always mean they should.
  3. Metrics obsession. Metrics and innovation don’t always mix. In fact, according to the analysts, having a singular focus on current performance metrics can create what’s known as “analysis paralysis,” where so much time is spent analyzing the data that a decision never gets made and risks are never taken. Being too metrics- obsessed can also have unintended consequences, according to the analysts, creating instances where the desired employee behavior doesn’t necessarily correspond with what’s being measured. CIOs should step back and remember that “not all decisions can be supported with data, and there will be occasions when evidence is not taken into account,” the authors wrote.

January 29, 2016  5:00 PM

Big data success needs a data-driven culture; renowned AI visionary dies

Fran Sales Fran Sales Profile: Fran Sales
Big Data, Big Data analytics, Blockchain, CIO, Cloud Computing, Cognitive computing, Disaster recovery and business continuity, Information security, Public Cloud, Robotics

Successfully reaping the benefits of big data remains a huge challenge for many companies. Big data projects involve not just identifying the right data analyze, but also finding the right people to implement the right technology. But as big data experts and IT leaders tell Senior News Writer Nicole Laskowski, the biggest reason companies encounter big data problems is not the wrong technology or the quality of the data, but the wrong culture.

Marvin Minsky, renowned professor and early explorer of artificial intelligence, died of a cerebral hemorrhage this week at the age of 88. In this week’s Searchlight, features writer Jason Sparapani explores Minsky’s contributions to the AI field and what an AI future means for IT executives. Also: EMC claims Dell deal is on track despite jitters; top Twitter execs are leaving the company.

In an “innovate or die” business climate, business users having access to the power and flexibility of cloud computing is key to moving a company forward. But equally important is having security baked in a company’s operations, said Brian Lillie, CIO at data center space provider Equinix. Features Writer Jason Sparapani spoke with Lillie and other cloud experts to find out how to best foster a cloud security culture and why an organization needs a CISO.

Without clear communication with collaborators and flexible planning, big data projects can quickly go off the rails. Laskowski caught up with Gideon Mann, the head of data science at Bloomberg, to outline the six “gotchas” CIOs and data science teams should watch out for when embarking on a big data project.

Speaking of big data issues, CTO Niel Nickolaisen is no stranger to the costs of advanced analytics projects. In his column, find out how Nickolaisen revamped the admissions model and helped improve student retention rates at the university where he was CIO — with a “dirt cheap” analytics project.

A decade from now, thanks to innovations in fields like robotics, cryptocurrency and genomics, companies will experience huge changes to how they operate. Editorial Director Sue Troy sat down with Alec Ross, Hillary Clinton’s former innovation adviser, to delve into what these developments will mean for technology leaders. In part one of the Q&A, read about Ross’ predictions on blockchain technology and how this technology underlying Bitcoin will affect impact legal processes in the next five years. In part two of the interview, Ross talks about how cognitive robots will affect the labor market and how U.S. companies compete globally.

IoT may be about to change the way we think of food safety. In the coming months, Food safety apps are set to emerge and shake up the industry. In this feature, site editor John Moore details the apps, their implications for CIOs and future obstacles. Also check out SearchCompliance contributor David Loshin’s tip in which he explores major IoT data management questions for both businesses and their customers.

You might want to think twice before you talk to executive headhunter Shawn Banerji about “rock-star CIOs.” “The CIO job or equivalent is bigger than any one person,” Banerji, managing director of the technology officers practice at Russell Reynolds Associates, told Executive Editor Linda Tucci. Find out why Banerji believes great CIOs are those who know how to build a team and grap the corporate values of the companies they work for. Also on the TotalCIO blog, senior news writer Nicole Laskowski details the benefits of properly-managed innovation contests as a way to crowdsource ideas for new products or processes.

According to recent research by IDC, spending on public cloud is set to rapidly surpass overall IT spending in the next four years, growing from $70 billion to $141 billion by 2019 – and SMBs will be making up quite a huge chunk of that total spending: 40%. In a two-part blog post, IDC research director Christopher Chute delves into the drivers contributing to this growth, goes into detail about how the view of public cloud security is changing, and offers tips to SMBs who are tepid about diving into the cloud.

The January issue of our SearchCIO handbook is out! In this edition, columnist and CIO expert Harvey Koeppel offers a list of DR principles to help CIOs design and implement a DR/BC plan that can protect both business and personal data when the next disaster strikes. Also in this issue: Nickolaisen shares how to reap the most value out of DR testing, and writer Mary K. Pratt talks with experts on how to craft a DR/BC plan that can handle any type of disaster, including breaches.

As data threats continue to grow in number and complexity and to endanger business success, end-user security awareness has become vital to protecting corporate information. In this video from the recent ISSA International Conference, Senior Site Editor Ben Cole sat down with Marci McCarthy, CEO and president of Tech Exec Networks, who talks about why end-user security awareness should be in the front lines of organizations’ corporate data protection strategies.

Please follow @SearchCIO, @SearchCIOSMB and @ITCompliance for our new stories throughout the week.

January 28, 2016  12:51 PM

Public cloud security, other drivers of SMB cloud migration

Fran Sales Fran Sales Profile: Fran Sales
CIO, Cloud Applications, Cloud Computing, Cloud service providers, Cloud Services, Public Cloud, SMB

In part one of this two-part blog post on public cloud adoption by small and medium-sized businesses, delve into how worldwide spending on public cloud is set to increase rapidly by 2019, with SMBs making up a significant portion of  total spending (according to recent research by IDC). In part two, read about the shifting perspective on public cloud security and get expert advice for SMBs that are newly making the shift to the cloud. In the U.S., 75% of small companies (100 or fewer employees) and 95% of midmarket companies (100 to 999 employees) have already deployed cloud tools. As SMBs, especially medium-sized firms, become increasingly cloud-first, there are fewer and fewer reasons to deploy and manage apps on-premises – one of which is to meet industry compliance requirements that necessitate tight security controls, according to Christopher Chute, a research vice president at IDC. But even the perception of public cloud security is changing. The level of security that hyperscale cloud service providers like AWS can provide nowadays is also driving the acceleration of cloud adoption among SMBs, said Chute. “I think we’re going to start to see more and more of cloud service providers market on security as a positive, as opposed to saying, ‘Don’t worry, we are secure,'” which was the reverse case even just a couple of years ago, he said. With the threat landscape becoming increasingly complex and dangerous, “even the smaller cloud service providers … are going to start to say, ‘We have that threat detection expertise and mitigation in house” in a way that your 1.5 IT staff at your 100-person law firm can never manage on their own,” he added. For SMBs that still haven’t made the leap to cloud, Chute advises they start soon — competitors likely already have a leg up. “They probably have already adopted at least a handful of cloud services,” Chute said. His advice for SMBs that are on the fence about cloud adoption is to follow the lead of half of all U.S. midmarket firms: Deploy core communication functions such as email to Office 365, a basic cloud service that Chute said offers familiarity and comfort. “The look and feel is very similar to Outlook; you have an on-premises/client component, and then you have the Web component,” he said. From there, Chute believes SMBs’ familiarity with the cloud should grow to the point where they will feel more comfortable upgrading other office productivity applications to the cloud; eventually, an SMB should be able to work with service providers to evaluate cloud services specific to their vertical industry.

January 28, 2016  12:47 PM

IDC: SMBs will contribute to 40% of worldwide public cloud spending by 2019

Fran Sales Fran Sales Profile: Fran Sales
CIO, Cloud Applications, Cloud Computing, Cloud service providers, Cloud Services, Midmarket, Public Cloud, SMB

Global spending on public cloud services will grow six times faster than overall IT spending in the next four years, according to recent research by IDC. Small and medium-sized companies will continue to be a significant contributor to this total spending, according to the market researcher.

Public cloud spending will grow at an annual rate of 19.4% in the coming years, or from about $70 billion in 2015 to more than $141 billion by 2019, according to data from IDC’s “Worldwide Semiannual Public Cloud Services Spending Guide,” published this month. While most of this spending will come from large companies and enterprises (which will spend over $80 billion on public cloud in 2019), small and medium-sized businesses will contribute to 40% of this total, or $61 billion, in 2019. Infrastructure as a service and platform as a service will be the fastest-growing segments, according to IDC.

This forecast follows a pattern that was already trending upward. According to a report based on IDC’s cloud adoption survey, U.S. SMB adoption of IT-sanctioned cloud computing apps and services has grown rapidly in the past five years, rising from below 20% of SMBs to now 75% of small companies (those with fewer than 100 employees) and 95% of midmarket companies (those with 100 to 999 employees). Not only that, but the number of IT-sanctioned cloud applications has risen swiftly among SMBs, with small companies running an average of four apps (up from three in 2013) and midmarket firms currently deploying an average of eight apps (up from six in 2014).

One of the main factors driving this rapid growth in public cloud spending among SMBs is maturity in the cloud space, said Christopher Chute, a research vice president at IDC. This is combined with the fact that companies today no longer have the budget or the time to develop applications on-premises like they did in the past, he added.

“We’ve moved to a point where, if you want to be competitive and agile and respond to customer demands, and essentially … to grow revenue, you have to be engaged with different types of cloud services and cloud applications,” he said.

One area that small businesses in particular are increasingly moving to the cloud is back-office functions, such as email, data backup and payroll. For example, instead of hiring a payroll manager or a staffer to manage accounts payable, the payroll function can be outsourced to the cloud so an office manager can manage more functions on their own. “It’s that level of operational efficiency that’s driving the small-business space,” Chute said.

Midmarket companies, on the other hand, are heading to a cloud-first IT infrastructure environment, with most of the cloud growth in that space revolving around Office 365 and accounting/finance functions. These companies are not just moving back-office functions to the cloud, but also ERP, CRM, e-commerce capabilities and mobile functions, said Chute.

SMBs in the finance, retail and healthcare industries are driving this shift to the cloud, with the last sector leading the way, especially in the U.S., said Chute. This is partially attributed to the impact of government regulations, such as the Affordable Care Act and HIPAA, that are changing how healthcare is being delivered.

“[These mandates are] essentially requiring what was a sort of unregulated industry to become very regulated, in terms of having to meet basic efficiency requirements, basic customer service requirements. So if you wanted to get paid out for Medicare, [for example], you had to offer a higher-level quality of service that, oh by the way, the patients are going to report on, are going to get surveyed about,” Chute said.

He added that these factors have pushed healthcare SMBs not just to the cloud, but to mobile technology like purpose-built tablets and mobile apps that can link to cloud-based data repositories, allowing staff to be more efficient.

Head to part two to read more about public cloud adoption among SMBs and advice for SMBs that are looking to move to the cloud.

January 22, 2016  4:53 PM

SaaS shines amid low global IT spending; tips for your private cloud journey

Brian Holak Brian Holak Profile: Brian Holak

Last year’s record decrease in IT spending is still causing ripples in 2016, according to a recent Gartner report. But despite depressed global IT spending in 2016, software and IT services expenditures are set to increase in the coming year. In this week’s Searchlight, Gartner analyst John Lovelock discusses the IT spending forecast and what it means for CIOs. Also: the Dell-EMC deal threatens to fall apart in the eleventh hour; Microsoft gets philanthropic by donating $1 billion in public cloud services to non-profits.

Building your own internal private cloud comes with many benefits, as State Street Corp. discovered when the financial services provider built its own cloud platform. It is also a complex endeavor that requires a wealth of resources. In part one of his feature, Jason Sparapani details exactly what is needed to build a private cloud. In part two, he investigates the challenges of creating and managing a private cloud.

There’s more cloud coverage where that came from: Are you ready to make the leap to private cloud, or do you already have one? Over on TotalCIO, Sparapani outlines the top considerations, starting with the varying definitions of private cloud. Then, he explores whether public or private cloud is cheaper and talks getting a handle on cloud ROI. Finally, he discusses the right time for big data in the cloud with a cloud expert.

On SearchCompliance, discover cybersecurity spending’s importance to the business and learn why it can be critical in helping companies ensure information is accurate and reliable. On the IT Compliance Advisor blog, Site Editor Fran Sales runs down the highlights of the FTC’s recent report on big data.

Please follow @SearchCIO, @SearchCIOSMB and @ITCompliance for our new stories throughout the week.

Fran Sales contributed to this blog post.

January 15, 2016  4:37 PM

FTC highlights unethical big data usage; IT pros share regrets and resolutions

Brian Holak Brian Holak Profile: Brian Holak

We’ve officially entered the era of big data, but it might not be to the benefit of all, according to a recent 50-page Federal Trade Commission report. The report touches on the benefits of big data, but also on the concerns of harmful, unethical practices that can impact a range of consumers. In this week’s Searchlight, Brenda Sharton, head of law firm Goodwin Procter LLP’s business litigation group, discusses the issue and gives advice for how companies can minimize errors. Plus: Uber wants to make your rides more entertaining and Google cars are not yet ready for the road.

In today’s digital enterprise, CEOs are focusing more of their efforts on technology than ever before. That’s why their relationship with CIOs is becoming vital. In this two-part story, Senior News Writer Nicole Laskowski talks about how digital business is disrupting the CIO-CEO relationship and lays out four ways to make sure those relationships are successful.

It’s nearly impossible not to have some regrets when looking back on 2015. In this #CIOChat recap, SearchCIO followers share their biggest IT regrets from 2015. Also, they reveal some of their top resolutions for 2016. See how yours compare.

At the recent SIM Boston Technology Leadership Summit, Nigel Travis, CEO at Dunkin’ Brands Group Inc., gave four interesting leadership tips. This TotalCIO blog post lays them out.

According to SearchCompliance expert Jeffrey Ritter, embracing three new data classifications could prove vital to your organization’s governance and security in 2016. Ritter explains the new classifications and how to best take advantage of them in this SearchCompliance tip.

Please follow @SearchCIO, @SearchCIOSMB and @ITCompliance for our new stories throughout the week.

January 8, 2016  5:13 PM

Advice for handling a data breach; how to test DR/BC plans

Brian Holak Brian Holak Profile: Brian Holak

Here are the SearchCIO and SearchCompliance articles from this week:

Is your company prepared to handle a data breach? In this tip, SearchCIO contributor Mary K. Pratt talks to IT professionals to find out best practices for how to manage public perception post-data breach. The first words of advice: Don’t play the victim. Also, Pratt lays out an eight-step data breach plan that addresses the many variations a hack can take.

Speaking of disaster recovery and business continuity, the right kind of testing can save companies a lot of trouble. SearchCIO contributor Niel Nickolaisen details how IT organizations should test their DR/BC plans to make sure they are prepared for the worst. Plus, SearchCIO expert Harvey Koeppel gives his take on data recovery and business continuity plans in the age of breaches.And there are more data breach tips where that came from! This article outlines key steps to follow to make sure your IT organization is ready for a data breach.

Over on the IT Compliance Advisor blog, Site Editor Fran Sales runs down the latest GRC news, including data analysis that found HIPAA violators face minimal punishment, merchants’ two-year PCI DSS compliance extension on a key requirement and upcoming changes to FCPA enforcement.

Please follow @SearchCIO, @SearchCIOSMB and @ITCompliance for our new stories throughout the week.

December 30, 2015  2:00 PM

Tough cookie: Food-focused platform business model grows amid rivals

John Moore John Moore Profile: John Moore

The Cookie Dining formally launched back in August as a platform business model in the competitive online food ordering space.

The presence of established players such as GrubHub and Just Eat made the venture seem a bit quixotic. Indeed, Marko Manojlovic, the platform’s founder, cited the task of getting restaurants to sign up for the online ordering system as his biggest challenge. The issue of attracting a sufficient number of sellers (in this case restaurants) to attract a sufficient number of customers is known as the platform business model’s chicken-and-egg problem.

Four months on, however, The Cookie Dining continues to expand. Notable restaurant signings include Big Smoke Burger, a chain based in the Toronto suburb of Richmond Hill, Ont. with outlets in Canada, the U.S. and Middle East. Manojlovic said the platform’s expansion in Toronto, Montreal and Calgary has gone much faster than his company predicted. Urban areas in the U.S. targeted for expansion include Seattle, Los Angeles and New York.

And, in a case of one platform business model converging with another, The Cookie Dining plans to recruit delivery drivers along the lines of the Uber model, according to Manojlovic. The platform is working on hiring drivers in Vancouver, Montreal, Toronto, Calgary, Seattle, Los Angeles and New York.

“This will be promoted aggressively in January 2016,” Manojlovic said. In conjunction with the food delivery capability, The Cookie Dining will integrate a real-time food tracking and a driver rating and review feature into the platform. Other delivery services have also launched food tracking apps.

Other platform developments include:

  • The Cookie Dining point-of-sale device, which will arrive in January.
  • “Giving Back” program: Platform customers can select a charity or cause in their local community and The Cookie Dining will donate to that organization on their behalf.

The Cookie Dining

The Cookie Dining’s charitable giving is built into the app.

December 29, 2015  4:09 PM

Project management best practices for SMBs

Fran Sales Fran Sales Profile: Fran Sales
CIO, project, Project and portfolio management, Project management, SMB

Project management is commonly thought of as a practice suited mainly to larger businesses. But these days, small and medium-sized business owners and employees also need to think about the discipline.

“We’re all project managers now,” said Dave Scarola, vice president of The Alternative Board, which offers coaching for small-business owners.

SMBs need to be able to adapt project management best practices and templates to their business, but they often don’t, said Scarola in the webinar “Project Management for Small Businesses.” This is because they often find project management practices to be intimidating.

This perception starts with what SMB employees think the definition of a project is.

“Projects are perceived to be complex, but even relatively simple endeavors can be projects,” Scarola said.

So what exactly is a project?

According to the Project Management Institute, it’s a temporary endeavor that has a definitive start and end and a specific outcome. This outcome doesn’t necessarily have to be concrete, like a software product; it can be a new process, information or an idea. (Some examples include creating a process manual for the sales department and developing a customer retention program.)

Which brings us to the definition of project management: the organization and oversight of a project with the ultimate goal of successfully accomplishing the project in terms of scope, timeline, quality and budget.

“Project management is about execution, not about planning and strategy (which are just elements). Project management is about getting things done,” Scarola said.

The two common process methodologies for project management are Waterfall and Agile; Scarola believes the latter is the way to go for most SMB projects. “But be careful with it, [because it] can turn into a free-for-all,” he warned. “You need good expertise on how to properly deliver [Agile].”

Scarola offered the following project management best practices:

  • Have a well-defined scope that is not subject to interpretation. The project scope not only includes basics like who the project manager is, a high-level description of the project and the due date, but also justification for the project, who the client is, the project’s objectives and an outline of its purpose to create alignment with stakeholders. It also includes deliverables, and not just the technical aspects: “Does the project need a process to be created with it? Is there training needed?” said Scarola.
  • Have objective success criteria. “There should be no question if the project was successful or not; it needs to meet all criteria in the success criteria definition,” Scarola said. Emotion can be factored into whether to go forward with the project — passion can go a long way in getting a project accomplished. But he cautioned against looking at the endeavor with rose-colored glasses. “Too many projects can become someone’s pet,” he said.
  • Choose the right team and assign them the right roles and responsibilities. Scarola stressed that it’s important not to confuse roles with people. “It’s not uncommon for a single person to fill the role of analyst, trainer or QA,” he said. He recommended using the PAVE model: passion (is the person you assigned passionate about the role?); aptitude (can they do it successfully?); vision (does their vision match that of the organization?); and empathy (can they handle the responsibilities of the role while maintaining an empathetic personality?).
  • Create a project plan that outlines the “how.” A project plan is not just a schedule, although that’s a part of it. It also includes other things like assumptions, risks, known issues, budgets and implementation plans. A project plan should also be a “breathing” document, said Scarola. “A project plan is based on the best information we have now; we may have to make adjustments along the way,” he said. A flexible plan is not a substitute for thorough planning at the outset, however. Scarola also suggested setting up a weekly meeting with the project team. “Encourage dissension. You want to have folks challenge each other; you get the best results that way,” he said.

Have any project management best practices to add? Write to us at

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: