Cybersecurity initiatives aren’t about just you, the CIO, or your organization. And because of that, the solutions shouldn’t come solely from you, but from shared knowledge from all sectors.The same model applies to the U.S. government’s approach to cybersecurity initiatives. The Center for Strategic and International Studies’ Commission on Cybersecurity for the 44th Presidency, a panel formed in August 2007 “after the United States suffered a wave of damaging attacks in cyberspace,” recommends that incoming President Barack Obama should establish a new White House office and appoint a presidential assistant to oversee a “comprehensive national security strategy for cyberspace,” CNN is reporting.
As we noted last week, 2008 has been a very spammy year, with threats targeting social networking sites. The cybersecurity report takes the spectre of these threats even further, stating that cybersecurity is one of the major national security problems facing the U.S. and “all the tools of U.S. power” – diplomatic, intelligence, military and economic – are needed to deal with cybersecurity, CNN reports.
Some of the recommendations with regard to national cybersecurity should sound very familiar to enterprise CIOs charged with overseeing cybersecurity protocols in their organizations. For instance, the report recommends “requiring better authentication” of digital identities and limiting government purchasing to secure products and services. Research, training and education should also be expanded, the report says.
The lesson here? Your cybersecurity insights and experiences carry far beyond your individuals organizations’ walls. Share your cybersecurity stories and solutions with others. You can start by clicking the “comments” link below!
There’s nothing like a Hewlett-Packard software news announcement to get me a’wondering.
The typical missive usually begins with some global statement about HP helping IT deliver better business outcomes. Then rapidly devolves into a dizzying catalog of product enhancements and new integrations and, of course, the array of HP services for those IT departments that can’t figure out the new integrations and enhancements on their own. The HP point person cheerfully gets on the phone to sort it all out, but in the end, I realize I’d have to be on much closer speaking terms with the world’s largest technology company to understand what was new, newish or just another name for something HP announced seven months ago…
But today’s HP news (enhancements to its business technology optimization, aka BTO, software) came with a little jolt — namely that there is no more business as usual, even in HP press releases. Right there in the headline was a pitch worthy of a car company: “New HP Software and Zero Percent Lease Financing Helps CIOs Respond to Tough Economy.”
It occurred to me that this must be very expensive software to warrant 0% financing. Unfortunately, HP doesn’t get into how much it costs with the press. I did find out the offer ends Jan. 31.
The software, from what I can glean, sure sounds nifty — a big brain to keep track of all your IT parts and help you figure out how best to use them. (According to the release, it saved “a leading health care provider” $30 million. Who knows what it could do for you?)
In case you missed it, we’ve had a very active discussion on FatWire’s sex-site demo at a Boston Web 2.0 conference. Feel free to add your own views and, while you’re at it, check out our stories and virtualization guide from SearchCIO.com this week:
- Six Sigma, ITIL, other business processes cut IT costs in lean times – Looking to cut IT costs? Who isn’t nowadays? Don’t be too hasty: Business processes such as Lean Six Sigma and ITIL are better ways to reduce your IT costs than just blindly making cuts, say Forrester experts.
- Domestic and offshore outsourcing facts CIOs need to know – Think you’re up on the latest trends in outsourcing, which has seen both highs and lows this past year? Take this outsourcing quiz on offshore and domestic outsourcing to determine your knowledge of the IT outsourcing industry.
- Internet search technology shifts from content to intent – You know how it sometimes seems like search engines can read your mind? There’s a reason for that: Internet search is moving from content to intent, Yahoo says. The company’s new open source development tools allow users and developers to customize how their search results look.
- Data center and desktop virtualization guide for CIOs — Data center virtualization has become fairly widespread, but now focus is shifting to the desktop. In addition to general data center and virtualization trends, execution strategies and tools and technologies, this guide addresses decision criteria for extending virtualization to the desktop; hardware and software options; best practices in deployment; cost analysis and network considerations.
Symantec has released its MessageLabs Intelligence 2008 Annual Security Report, and social networking sites and the credit crisis are providing new platforms and fears upon which new spam attacks are being launched, CNNMoney.com reports.”Web 2.0 offers endless opportunities to scammers for distributing their malware — from creating bogus social networking accounts to spoofed videos — and in 2008 the threats targeting social networking environments became very real,” said Mark Sunner, chief security analyst at MessageLabs.
“Web 2.0 thrives on user-generated content, as do the spammers. The ability to adapt to new mediums and upload enticing content as ‘snake oil’ to persuade an information-hungry user to activate it is one of the cybercriminals’ strongest talents and has made them successful in transforming deception into a fully scalable business model within the underground shadow economy,” Sunner said.
In addition, towards the end of this year, the credit crisis generated many new finance-related spam attacks as scammers tried to take advantage of the resulting panic and uncertainty. “Spammers increased the number of finance-related emails, including phishing attacks targeting banks and credit unions, lottery scams, loan and job offers and other financial enticements,” the report finds.
In particular, the article mentions phishing via fake profiles on social networking sites, which I’ve witnessed on Facebook this year. In a couple of instances, spammers managed to commandeer an individual’s screen name and post “wall” comments (linking to suspicious-sounding sites) as though they were that person. And I have certainly noticed an increase in the number of emails notifying me of the “contests” I’ve won if only I’ll provide bank account information, or “exciting job opportunities” for the unemployed. I thought I must have accidentally provided my email address to a questionable site, but it sounds like the number of those emails really has increased.
I’d encourage you to look over the full report to better understand the spam landscape. Among the report’s findings: Total spam levels peaked at 82.7% in February and averaged 81.2% for the year, compared with 84.6% the year before (so, surprisingly to me, the percentage of spam has actually decreased). As much of 90% of the spam was distributed by botnets.
Talk about a booby trap. Yogesh Gupta, the president and CEO of FatWire, was glibly making his way through his presentation on “Online Engagement — The Key to Success in Good Times and Bad.” The gist of the first 20 minutes or so was that in hard times companies can exploit the Web to gain market share, retain customers, etc., without spending a ton of money. When it came time for the FatWire commercial — you need a pro to really get your Web presences right — Gupta called up one of his employees to show the audience a demo of what FatWire can do for its customers in terms of data analytics. The site that was called up was none other than Playboy’s and, in particular, Playboy’s Cyber Girls. But no worries, says Gupta to the audience, it’s been “sanitized.”
“It’s still offensive,” calls out a woman in the audience, and therein ensued what must be a first for an IT/Web 2.0 conference: a heated exchange about why Gupta chose this site and did he understand that it was an assault on women in the audience. The woman, who happened to be sitting near me, ended up extracting an apology from the podium and a personal apology after the talk was over. More later…
The Society for Information Management recently asked a panel of CIOs to talk about the attributes of a successful CIO. For CIO Karan Sorensen, an emphasis on the greater good is a must –from developing your staff and learning your company’s business to being the “change agent” role model for your business peers in these tough times.
Sorensen oversees the information technology systems and support for two operating companies of New Brunswick, N.J-based Johnson & Johnson Inc.: J&J Pharmaceutical Research & Development and Centocor Research & Development. She also has responsibility for setting and executing the IT agenda for Centocor’s finance, communications, human resources, sourcing and procurement departments. She put her advice in the form of a top 10 list. Here is a condensed version:
1. Be an inspirational and ethical leader: “Focus on the greater good if you expect others to follow.”
2. Don’t be afraid to be a change agent: “Everything we do in information technology creates change. We’re comfortable with change. Be that beacon of light to the business when they are going through rough times and change.” And when you take your place at the executive table? Go in as a business leader, says Sorensen. “Help bring the business discussions forward. That way, when you want to talk about IT, they are ready to listen because you have brought leadership into the room.”
3. Enable leadership: “Develop individuals, organizational talent and successors. That can be done through mentoring, coaching, sponsoring and networking, but it is all about enabling leadership. Be a leader of leaders and do not hold anyone back.”
4. Know how to run a business: Understand the “back office” — human resources, finance, procurement, negotiating, contracting, vendor management.
5. Understand the commercial side of your business, the sales and marketing, customer support, the multiple business channels.
6. Understand your business’s operations. What makes your business tick? “Whether in manufacturing or in services, understand what it takes to get from input to the output.”
7. Make friends with the R&D function at your company: “Way too many CIOs pass by their R&D departments quickly. Get in there. It is amazing the discovery, the creativity and partnership that they need from you. New ideas are where your future lies.”
8. Deliver on regulatory compliance. Understand the regulatory environment your company lives in and respect that.
9. Deliver on infrastructure. Most companies find that up to 50% of the IT spend is on infrastructure. “You can lead and drive change. There are amazing things to educate your company on, like cloud computing.”
10. Deliver on your commitments — on scope, schedules, budgets, quality and business benefits from IT projects.
I hope all of our readers had a wonderful Thanksgiving holiday! Now it’s back to work. Please check out this past week’s stories from SearchCIO.com:
- Managing user adoption makes the most of a BI solution – What’s the point of purchasing new software if nobody in your organization understands how to use it? This case study explains how Meredith Corp. opted for a BI solution from MicroStrategy based on a user-friendly interface and superior architecture, and why IT’s rigorous “managed adoption” process ensured people used it.
- Giving thanks for a robust technology outlook – The economy was surely felt at many tables around America this Thanksgiving, but that doesn’t mean we should be unappreciative. Take a peek at some of the things we have to be thankful for, including a robust technology outlook.
If you’re reading this on Friday, I’m going to assume you’ve just returned from a harrowing Black Friday shopping experience at your nearest department store or mall. But it’s possible those days of waking up while it’s still dark and dashing off to the closest Kohl’s at 4 a.m. (or earlier) could become a relic of the past.
Online retailers are kicking up their websites in order to promote Black Friday deals, anticipating more visitors who might “map out” their shopping plans. Then, there’s the newer phenomenon known as Cyber Monday, where shoppers might turn online for holiday gifts after shopping ’til they dropped amidst the crowds this weekend.
Online shopping during the holidays (or Black Friday) is nothing new: About 10 years ago, I remember writing a column for my local newspaper about what was then a burgeoning trend. But, now, type Black Friday into Google and you’ll get more than 22 million hits. Clearly, the Web is a new destination for Black Friday shoppers, and beyond – I know I plan to hit up Overstock.com and eBay this holiday season.
According to this article on retailers and Black Friday in the Baltimore Sun, the creator of Blackfriday.info says that his website traffic has doubled in the past year, and he expects 5 million unique visitors this week, more than double the 2 million he received a year ago. The reason? It’s the economy, stupid: Blackfriday.info purveys coupons and Black Friday ads, offering visitors a better shot at bagging an early-morning bargain.
Five million unique visitors in a week, for a site that probably does very little Web traffic the rest of the year? Sounds like somebody must have stepped up his server system in the past year. Check out this post on e-commerce site crashes at the CIO Symmetry blog. (And, for a related story, check out this item on Texas A&M’s Aggies NCAA basketball program, and how the school prepared to handle a spike in traffic when the team played a big game on ESPN.)
I don’t mean to imply that the traditional Black Friday shopping rush is magically going to vanish one of these years. But more and more people are turning to the Web to shop. Especially since it might be tougher for people to part with their hard-earned paychecks this holiday season compared with those past, online retailers must respond with user-friendly websites that make browsing and purchasing a breeze.
Questions for you Software as a Service (SaaS) devotees about SaaS integration:
Did your vendor give you enough information up front about the potential difficulties of integrating the SaaS application with your existing applications? Were you able to find SaaS user groups to vet concerns before signing on the dotted line?
I am asking because I recently heard a panel of Boston-area IT and business executives talk about their companies’ experiences with SaaS implementations. One company had just gone live with customer relationship management (CRM ) software from Salesforce.com. Another talked about her firm’s implementation of a time-tracking and scheduling system from OpenAir Inc. The largest company there was weighing whether to go with Salesforce.com or the CRM on-demand offering from Siebel. The company had just gone through a labor-intensive migration to an on-premise Siebel CRM solution! (I can’t name names: Press is tolerated at these seminars but only as flies on the wall — ugh, not a very appetizing metaphor on the eve of Thanksgiving, sorry.)
All three sounded like happy campers (the flexibility! No capital investment! No server room!) until the moderator probed about integration challenges. Whoa, Nelly! Out came the sob stories, snags and second-guessing. The guy whose company had recently gone live with Salesforce, for example, basically said his team grossly underestimated the technical conundrums that can occur when there is a “significant difference” between the technology of the in-house database and the Salesforce.com “family” of apps and tools. He said that for all the attention they thought they had paid to integration, it wasn’t enough. In retrospect, they should have done a sample movement of data.
“We discovered, frankly too late in the project, that the original technology approach was just not going to work.” In fact, they had to switch integration tools midstream.
Asked if the snags were a matter of his company not asking the right questions or a vendor failure to understand the problems of clients, the guy politely acknowledged it was a “combination,” then pointedly added that the Salesforce.com implementers “are very immersed in the Salesforce community and how you do integration within that community, but what we were doing was going outside that community.”
The kicker? On the question of how this SaaS integration compared with other software integrations he’d done — just as hard, or less so? “I think it is substantially harder just because of some of the unknowns in the process.”
The OpenAir gal? There were problems mapping billable and nonbillable expenses to her firm’s accounting system. Manual checks were still required to make sure the coding was right. But the biggest adjustment was having to modify the firm’s business processes to fit the software. As for the big company trying to decide between Salesforce and Siebel, he’s keeping a close eye on how the CRM on-demand solution will integrate with Business Objects reports that currently feed so nicely into his company’s on-premise solution.
All three panelists said that what was really needed was for the SaaS vendors to go public with the potential problems customers will confront if they are integrating outside the family of apps pushed by the vendor. User groups would help. And the user groups should not be for just existing customers, but for prospective customers before they sign the contract.
Happy Thanksgiving week! I don’t know about you, but I’m really looking forward to mashed potatoes, sweet potatoes … really, any type of potatoes this Thursday. But first, there’s work to be done. Check out the most recent stories from SearchCIO.com, and feel free to comment on any and all of them below!
- Disaster recovery budgeting and recovery time objectives – We all know that your website being down = unhappy customers. But what’s the real cost to your business? Listen to this expert podcast to learn more about disaster recovery budgeting and recovery time objectives.
- Implementing SharePoint enterprise-wide requires governance, partners – Wouldn’t it be nice if SharePoint were simple to install? According to a new report, it’s not as easy as you might hope. If you plan on doing a full-scale implementation you’ll need rules and maybe some partners. Learn more in this story.
- Technology innovation drives data center of the future – Future-thinking CIOs plan to get the most out of their data center resources while reducing how much they spend on power and cooling. Do you have a solid strategy in this area? If not, read on.
- More CIOs consider IT managed services to deal with new technologies – A new report from Forrester Research says the confluence of a scary economy and rapidly evolving technologies will drive explosive growth in IT managed services. So, if you’re looking for an upside to this recession, I guess this might be it.