The big news this week? A defect in one of the Internet’s key security methods, OpenSSL, that’s forcing two-thirds of all websites to consider changes to protect the security of consumers. Learn more about what this OpenSSL heartbeat bug — appropriately named “Heartbleed” — means for CIOs in today’s Searchlight column.
Are you looking to perfect your organization’s enterprise risk management strategy? Look no further than our April CIO Briefing! In this Essential Guide, learn to recognize, observe and banish threats to your beloved organization with tips and news stories from SearchCIO. Featured articles cover risks related to human error, natural disasters, financial uncertainties and more.
Evan Schuman, a freelance writer specializing in security, mobile and payments issues, delivered six tips on avoiding mobile application security problems. Read all about these application threats, then weigh in on whether your organization plans to hire a mobile security expert to vet its apps.
Another big question we’re aiming to answer: Does more data ever trump clean data? Greg Pfluger, vice president of information systems at American Family Insurance, took on this burning question at the Fusion 2014 CEO-CIO Symposium — and his response might leave CIOs wide-eyed.
In another data-oriented piece, Senior News Writer Nicole Laskowski explains why Gartner urges CIOs to plan analytics strategies for smart devices — beginning right now. If they snooze on strategizing for a workplace filled with smart T-shirts, smart light bulbs and smart contact lenses, they may very well lose.
March’s #CIOChat coverage is never-ending: Get four CIO tips for bringing software as a service ideas to the executive planning board, and read up on why communication in IT is key to managing rogue IT in the enterprise.
Over on SearchCompliance…
New governance, risk and compliance (GRC) regulations are forcing cloud services providers and customers to modify their data management and security processes. Site Editor Ben Cole shares what your security team needs to know in this SearchCompliance tip. Cole also blogged about the importance of business-wide transparency and buy-in as part of a larger GRC strategy.
How about another round of tweet jams? Join SearchCompliance next Thursday, April 17, at 12 p.m. EDT to discuss information lifecycle governance during the monthly #GRCchat. Two weeks later, mark your calendar for SearchCIO’s predictive/prescriptive analytics-themed #CIOChat on Wednesday, April 30, at 3 p.m. EDT.
This week on SearchCIO.com, we dished up expert advice pertaining to prescriptive analytics, cloud security and shadow technologies.
CIOs hoping to conquer the next business frontier should look no further than our e-zine on prescriptive analytics. In the April issue of CIO Decisions, learn how prescriptive analytics can revolutionize how work gets done and serve as an RX for CIOs aiming to optimize forecasted outcomes.
Last week’s rogue technology-themed tweet jam stirred up quite the discussion on Twitter, much of it revolving around how rogue and shadow are unfit terms to describe what’s going on with unsanctioned IT. Discussions also covered why communication is key in avoiding — or embracing — rogue implementations, as well as the benefits and pitfalls of going rogue.
Did you hear about the new wolf of Wall Street? The lead item in this week’s Searchlight column by Associate Editor Emily McLaughlin focuses on Michael Lewis’s revelations about high-frequency trading. Read the full column for more from the week, including Greenpeace on why Amazon’s cloud is the dirtiest and reasons why carrying two phones — one for personal use and one for business — might benefit users.
This week’s Data Mill column by Senior News Writer Nicole Laskowski outlined five tips for a secure cloud-first strategy, inspired by the Massachusetts Technology Leadership Council’s seminar on securing data, availability and reputation in the cloud. Bonus: Advice on crafting a hybrid cloud strategy.
Cloud chatter isn’t reserved for SearchCIO readers. On SearchCompliance, we held our #GRCchat tweet jam of the year, with a focus on cloud computing security. Read our first recap to learn who readers think is responsible for security in the cloud. Then, learn how GRC regulations force cloud service providers to rethink their security offerings in this tip by Site Editor Ben Cole. And while we’re swapping security tips: How can security professionals ensure privacy in a mobile device management (MDM) policy? Contributor Jeffery Ritter provides the answers.
Could it be true? Mobile users are officially driving the decisions of head honchos. How, you ask? Yesterday, Microsoft CEO Satya Nadella announced the company was launching Office for iPad. As of 11 a.m. Pacific time on Thursday, March 27, all-touch versions of some of the most successful office productivity applications in history — Word, Excel and PowerPoint — became available on the world’s most popular tablet. Read more about this long-awaited announcement in Linda Tucci’s Searchlight column.
Highlighted in our most recent CIO Decisions e-zine, “Rogue Technology: What Lies Beneath,” is this feature on Bart Murphy, CIO/CTO at the Careworks Family Companies. Murphy’s just-say-no-to-rogue-IT mission is aimed at heading off surreptitious technology purchases by giving employees what they need to get their jobs done.
Executive Editor Linda Tucci takes on this month’s Future State, a SearchCIO column focused on emerging technology and its potential impact on CIOs and their organizations. Tucci writes about the latest attempt to mass produce a semi-autonomous flying car — and while this isn’t the first time we’ve heard about the flying car, you should really read the full column to find out the latest advances.
Up on our TotalCIO blog, Senior News Writer Nicole Laskowski shares a Q&A with Gartner Inc. analyst Tom Austin in advance of the Gartner Business Intelligence and Analytics Summit. The big question on deck: “What will be the biggest pain point for CIOs when it comes to embracing “smart machine” technology?”
In another piece by Laskowski, Greg Pfluger, vice president of information systems at American Family Insurance, explains under what circumstances more data trumps clean data
Finally, do you know enough about risk management to put your CEO at ease? Take our CIO quiz to make sure you are protecting your most valuable IT assets in light of new threats and emerging mobile trends.
In case you missed it…
Laskowski shared advice from Mark McDonald, managing director and digital business strategy lead at Accenture, on developing a well-thought-out digital business strategy. Karen Goulart’s Searchlight column last week highlighted a “lifelogging” story on Mashable, New York Times news about Android pioneering the official start of the wearable device era and an NPR clip explaining why the Warren Buffet-Quicken Loans billion-dollar March Madness bracket is worth a fortune.
What is expected from the Securities and Exchange Commission (SEC) in terms of regulatory enforcement in 2014? SEC Chair Mary Jo Foley says that this will be “an incredibly active year in enforcement.” Get the full story in this FAQ.
Also on SearchCompliance, contributor Judith Myerson shares five steps for handling residual risks as part of the risk assessment process.
Next week, watch for recaps from the SearchCIO rogue IT #CIOChat and cloud compliance #GRCchat tweet jams. Stay tuned for our next weekly roundup here on CIO Symmetry and follow @SearchCIO, @SearchCIOSMB and @ITCompliance to get news as it’s posted.
“Talking smack” is often frowned upon, but talking “SMAC”? Completely acceptable. In a two part-interview with Andi Karaboutis, Executive Editor Linda Tucci got the Dell CIO to discuss SMAC — social, mobile, analytics and cloud — and the many enterprise uses of these technologies. Karaboutis also opened up about how IT can turn itself from an order taker into a business partner while driving efficiency and productivity.
SearchCIO expert contributor Harvey Koeppel brought his usual array of charts, humor and historical perspective to his latest column on big data. In the first part, Koeppel explains why enterprises can’t simply treat big data as little data writ large, but must understand that it changes everything. In part two, Koeppel points to the myriad ways in which CIOs can draw value from disruptive technologies such as social, wearables, the Internet of Things and robotics.
Can we give some of the “CIO vs. CMO” talk a rest, and focus instead on the synergies a partnership can create? Senior News Writer Nicole Laskowski explains how a strong alliance between CIOs and their organization’s chief marketing officers can bring about a new era of data-drive marketing strategies.
In her weekly Data Mill column, Laskowski took an in-depth look at whether employees are circumventing the official company intranet in favor of the external social platforms they use in their non-work life. Got an opinion? Weigh in on the story page. Laskowski also shares this handy list of five questions CIOs should as in crafting an effective digital business strategy.
Our latest SearchCIO handbook, “Big Data in Motion,” is ready for your reading pleasure. It’s stuffed with some amazing case studies of healthcare of organizations that are using data proliferation to improve health outcomes, despite the sometimes-sticky matter of protecting data on the move.
In SMB coverage: We round up some of the best free IT templates from around the Web and share a webcast that lays out the benchmarks of a winning bring your own device program and shares the five W’s that every organization should consider as part of a BYOD acceptable use policy.
Last but not least: It’s almost #CIOChat time! Plan to join us Wednesday, March 26, at 3 p.m. EDT when we discuss rogue and shadow IT and all of its benefits and drawbacks.
Our latest FAQ looks at how Securities and Exchange Commission enforcement and development of rules will evolve in 2014, which has already been an active year, contributor Caron Carlson explains.
What are your organization’s biggest governance, risk and compliance (GRC) snafus and obstacles? In this video from the recent GRC Summit in Boston, Site Editor Ben Cole speaks with an expert about how a lack of collaboration and poor third-party management can doom a GRC program.
SearchCompliance will also be hosting its own tweet jam, #GRCchat, next week! Tune into Twitter Thursday, March 27, at noon EDT to talk with our editors and followers about the role of compliance in the cloud.
Looking to develop a digital strategy? Start with the basics “but with a digital twist,” says Mark McDonald, managing director and digital business strategy lead for Accenture. McDonald, a keynote speaker at the Fusion 2014 CEO-CIO Symposium in Madison, Wis., said every digital business strategy should answer five questions:
1. Who wants to be your customer? “That’s a fundamentally different question than we’ve had in the past,” McDonald said during his talk. “Who are our customers presumes we are in control of who does business with us.” But in the digital world, it’s the customers who have the control. In a blog post, which he published after his talk, he expanded on this idea, writing, “This inverts the answer to this question and the approach to finding that answer.”
2. Why will digital outperform the current business model? Don’t fall into thinking you can simply digitize the way you’re already doing business; that “does not constitute a digital business strategy,” writes McDonald. To avoid “the digital substation trap,” start asking why. “It’s a motivation question,” McDonald said. “Yes, I can put it out there, but why are people going to use it and why are people going to abandon a different kind of activity?”
3. Where will the value be demanded and delivered? Related to the question above, digital businesses demand different thinking. And things as basic as a “value chain” simply don’t translate. That’s being replaced by customer networks and ecosystems, according to McDonald. One way to answer the question of where value will be delivered is to think “less about where you play and more about who you play with,” McDonald writes (emphasis added).
4. When will digital transformation happen? Only a soothsayer could pinpoint exactly when a market will transform or face digital disruption but, McDonald said, if you can learn to recognize the “forces that shape the market,” you’ll be able to see the storm before it strikes. Signals to consider: customer direction, product selection and pricing, and even product information intensity.
5. How will you win? To answer that, McDonald suggested businesses must first know this: How will the players assemble — both internally and externally? Both questions get at the same thing: survivability. As he pointed out in his blog, a strong digital business strategy needs a direction. One to consider: How to shift from using new technology to improve business as usual to using “new technology to bring new value proposition and operations to market.”
As the workweek winds down, catch up on all of the news, tips, guides and videos you might have missed this week on SearchCIO and SearchCompliance.
Is your CIO career in tip-top shape, or do you have a lot to learn about the CIO role? In our latest Essential Guide, we look at how to achieve a high-level career in information technology. Learn about the management techniques that work, the tools and technologies available to you and the real-life case studies of CIOs who have gotten ahead by, well, getting ahead of their peers.
We’re on the verge of St. Patrick’s Day, not Valentine’s Day, and yet, love is in the air. In her weekly Searchlight column, Senior News Writer Nicole Laskowski asks whether contextual computing is the love child of big data, mobility and the Internet of Things. It’s a love triangle only likely to grow as our digital and physical lives become more intertwined, so be sure you’re ready to pounce on the enterprise applications of ubiquitous computing.
Editorial Director Christina Torode rolled out a two-part podcast interview with Derek Lonsdale, an IT transformation leader, Lean expert and CIO advisor of global management and IT strategy with consulting firm PA Consulting. The topic at hand? Configuration and IT asset management, and why it’s important that the two processes be sympatico. In the first part, find out why these systems need to be integrated. In part two, listen to the case for merging asset and configuration management systems.
Our March issue of CIO Decisions e-zine tells a whale of a tale about rogue IT — those technology set-ups that lurk under the surface of your enterprise, enabling ability while also putting your information at risk. Are you prepared to take on — and make the most of — these rogue technology arrangements?
Our latest SearchCIO handbook asks the question, “What’s mobility got to do with it?” As the bring-your-own-device movement expands, it’s up to the CIO to enable a mobile workforce, one that thrives off the latest portable tools in order to achieve business results. This handbook provides advice on how to propel your mobile program forward.
This week’s CIO Searchlight kicks off with a witty look at the effects of the appification trend through the lens of some classic 1990s slacker movies. Read the full column for info on the Web’s 25th birthday, Edward Snowden at SXSW and more.
We shared two more video interviews from the Governance, Risk and Compliance Summit held last week in Boston, Mass. In the first one, Duke Alden, vice president of global information governance at risk-management firm Aon plc, spoke with Editor Ben Cole about how companies can build a converged approach to data governance and the risk management processes that go along with it. The second video, featuring Gretchen Herault, vice president of site standards and user safety and deputy chief privacy officer at Monster, examines the numerous security risks that exist around BYOD and explains how companies can protect corporate information. (And, if you missed last week’s video with keynote speaker Brian Barnier about proactive risk assessment, catch up here.)
Finally: It’s listicle time. SearchCompliance contributor Jeffrey Ritter weighs in on the four rules of mobile information management you don’t want to neglect. Designing your governance program is only the first step.
It’s conference season for the CIO/IT Strategy Media Group! With one group in San Francisco, another in Wisconsin and a third at a local show in Boston during the past two weeks, our brains (and recorders) are packed with CIO content to share.
Coming out of the Fusion 2014 CEO-CIO Symposium this week in Madison, Wis., Karen Goulart’s weekly Searchlight looks at what dooms a digital strategy – and apparently, if your business is diving right into digital, you’re doing it wrong. Also from Fusion: Nicole Laskowski shares tips about forming partnerships in the C-suite between CIOs, chief marketing officers and even chief financial officers.
On our blog, Goulart discusses gauging the benefits of cloud ERP and why it’s a more talked-about topic among small-business IT leaders than enterprise CIOs. And speaking of the cloud, in an Ask the Expert tip, Forrester Research Inc. analyst James Staten shares why bring your own encryption (BYOE) — a cloud computing security model that allows cloud services customers to use their own encryption software and manage their own encryption keys — is an important model for enterprises today.
In other SearchCIO news…
Take it from Ann Mei Chang, CIO at global aid agency Mercy Corps: IT could be wasting an immense amount of money and resources in deploying technology without a clear understanding of its value and value to end users, Linda Tucci reports from MIT’s Disrupting Life! event.
This week also brought us the latest issue of CIO Decisions e-zine, focusing on rogue IT. CIOs are often unaware of these technology deployments, but IT leaders bear responsibility for managing security and data on these devices, services and apps — and could grow their careers by squeezing additional agility and value out of them.
Over on SearchCompliance…
Coming out of the RSA Conference in San Francisco, Calif., last week, Christina Torode pulled together a quick read featuring four luminaries’ POVs on underestimated security threats. In this blog post, hear from Marcus Ranum, Howard Schmidt, Dave Cullinane and Eugene Spafford.
SearchCompliance also hit the 2014 Governance, Risk Management and Compliance Summit in Boston, Mass., Wednesday to learn about emerging trends in risk management from leaders in the field. Ben Cole caught up with Brian Barnier, principal analyst and advisor at ValueBridge Advisors LLC, after his morning keynote to ask more about his proactive approach to enterprise risk management in this on-camera interview.
The ERP system is the workhorse of the business, housing critical information — from human resources to finances. Ideally, it’s the silent backbone, working in the background of the business. But for SMBs, where the IT department could very well be a party of one, upkeep and troubleshooting could become an all-consuming, overwhelming task. Add to that cost and security considerations, and cloud ERP can seem quite alluring.
In fact, in a recent web presentation, Gartner analyst Nigel Montgomery said cloud ERP is a hot topic for SMBs — even more popular than among enterprises. This is due in large part to the fact that cloud ERP offerings for SMBs are maturing at a faster rate.
But whether cloud is right for a particular small business depends on several factors. For example, whether you’re self-contained, a satellite office or on the small side of “small business” will factor in to what your company should consider when it comes to cloud ERP. The decision also hinges on whether ERP is viewed by the organization as a value or simply a cost. More often than not, ERP is viewed as the latter because its value goes unmeasured. In a recent Gartner poll, only 37% of SMB respondents said they actually calculated the value of their ERP. You can’t expect to get budget approval for cloud acquisitions without providing information about the value of traditional ERP, Montgomery said.
Cloud shouldn’t be seen as an all or nothing proposition, especially for SMBs that have been doing ERP on premises for years Montgomery pointed out. For some companies, yes, cloud could come in as a wholesale replacement. But for businesses with years of legacy add-ons, this all-in approach is neither reasonable nor particularly wise. That doesn’t mean counting out cloud. As Montgomery noted, there are a myriad of ways cloud can be used to aid or augment on-premises systems, either for the long-term or as part of a gradual, calculated move away from a legacy system.
It’s also important to evaluate business goals and priorities you’re hoping an investment in cloud ERP will achieve before you or your IT organization starts considering cloud vendors. Decide what exactly you want to do:
• Leverage existing investments
• Deliver new capabilities/application modernization
• Deliver rapid time to market
• Avoid operating expenses, preserve capital
• Support scalability requirements more cost effectively
• Provide access to all users, all customers, all devices
• Free-up data center space
• Improve operational efficiencies
• Develop easier integrations with other web and cloud apps
As with any major change or acquisition in IT, it can’t — or at least shouldn’t — be done without a clear strategy. If you organization is lacking an ERP strategy, build one. Without that strategy and how it serves the business, the desired benefits will never be achieved, Montgomery said. These are some of his recommendations for those considering cloud ERP:
• Do not seek cloud solutions unless there are clear business objectives. Cloud is not one-dimensional, it involves significant business
• Understand the continuing development of cloud and its potential impact. Even within a domain, there are different levels of adoption and benefits for SaaS, PaaS and IaaS.
• Keep pushing established on-premises vendors for their road maps, proofs of viability and case studies.
• Use pace layers to structure the discussion with the business and adjust your application strategy as needed.
• Fuse pace layers with the cloud options available today and in the next three to five years. Generate a workable road map.
As a short (and chilly!) month rounds to a close, SearchCIO is stuffing our coverage with a range of hot topics to leave readers feeling satisfied (and toasty).
“One man’s gold is another man’s garbage,” says Ken Gleason, director of electronic trading product development at New York City-based Deutsche Bank Securities, in this week’s Data Mill column by Nicole Laskowski. Gleason shares his framework to help CIOs separate the good data from the bad data with his four C’s of data quality.
Think you’ve got what it takes to get ahead? This information technology careers quiz draws advice from TechTarget’s recent IT Salary and Careers Survey coverage and feature stories highlighting influential leaders in the IT space. Find out: Do you have what it takes to climb the IT career ladder?
After learning how to lead, be the best innovator you can be. In this feature, Gartner analyst Leigh McMullen talks catch-22s, City of Palo Alto CIO Jonathan Reichental discusses lean IT and MetLife CIO Gary Hoberman shares his thoughts on IT startup culture.
News out of MIT…
Ann Mei Chang is chief innovation officer at Mercy Corps, a global aid agency using mobile technology and the Internet to improve the lives of people, particularly populations affected by flood, famine, political persecution or genocide. Last week, Executive Editor Linda Tucci attended Chang’s keynote at MIT’s “Disrupting Life!” conference and examined methods of using disruptive technology to change the way people live.
In today’s news…
Privacy is the new black… or is it the other way around? In today’s Searchlight column, Karen Goulart follows talk at the Mobile World Congress 2014 in Barcelona, where the world was introduced to Blackphone, “the world’s first smartphone which places privacy and control directly in the hands of its users.” And speaking of Searchlight, check out last week’s column on wearable technology, where “it’s all about the work, stupid.”
Over on SearchCompliance…
Site editor Ben Cole and editorial director Christina Torode just returned to (frigid) Boston from RSA’s 2014 conference in San Francisco. Here Torode shares some of her discussions with Information Systems Security Association (ISSA) members and industry VIPs regarding threats those in the security profession need to pay more attention to.
In this recap of last week’s #GRCchat, learn why remote device wipe could be the best option for IT departments looking to safeguard data — both corporate and personal. Another way to feel at ease is to keep tabs on new access points that continue to complicate data protection strategies. Finally, expert Ed Moyle instructs enterprises on how to stay compliant when faced with shadow IT.
Keep an eye on SearchCIO for recaps of this week’s #CIOChat tweet jam on new-wave security technologies. Stay tuned for our next weekly roundup here on CIO Symmetry and follow @SearchCIO, @SearchCIOSMB and @ITCompliance to get news as it’s posted.
Hot off the press! Senior Features Writer Karen Goulart hits on three big questions in her weekly column: Should CIOs focus on the potential, not just the problems, of wearable technology? What’s in store for WhatsApp and Facebook? Why all these big hacks? Get it all in today’s Searchlight.
Another burning question: What’s in a title? In this CIO Snapshot, Goulart talks to Bart Murphy, the CIO and CTO at the CareWorks Family of Companies. Murphy was hired as vice president of shared services, tasked with building a shared services framework for the company and lending a hand in their massive insourcing project. In this Q&A, Murphy dishes about what it’s like to hold two critical titles.
This wasn’t all Murphy had to share with our readers this week. In the first installment of a two-part CIO Innovator feature, Murphy explained his shared services strategy and how he puts the fun into IT service management. In part two, Murphy explains how a flexible ITSM platform can make a difference.
Contributor Niel Nickolaisen — a CIO-turned-CTO — addresses disaster recover in his latest CIO Matters column, advising that it may be best to look outside your IT department when it comes to DR, and offering guidelines to determine what provider might work for your organization.
It’s no secret that big data is complicating information security, disaster recovery and business continuity efforts within enterprise organizations. Senior News Writer Nicole Laskowski’s weekly Data Mill column covers a recent talk by security technologist Bruce Schneier at the Massachusetts Institute of Technology. Turns out, CIOs have a lot to learn from the National Security Agency (NSA) data collection mission.
In another CIO Snapshot…
Finding and retaining top IT professionals is a major hurdle faced by today’s CIOs. In this CIO Snapshot by Laskowski, CIOs from Partners HealthCare and Harvard University discuss their talent retention strategies and offer advice for other IT organizations on identifying and managing good employees.
In tweet jam news…
Join our next SearchCIO #CIOChat this Wednesday, Feb. 26, at 3 p.m. EST. We’ll be discussing new security technologies and the need for similarly newfangled enterprise risk management plans.