Could you be using the recent Russian hack to your advantage? If you’re a CIO, the answer is yes, according to Ronald Breaux, head of the privacy and data security Group at Hayes and Boone, an international law firm.
Associate Site Editor Fran Sales talked with Breaux about the massive theft and what it means for CIOs in this week’s Searchlight. Breaux’s advice is to strike while the iron is hot, so to speak, and use the theft as yet another lever to reinforce security compliance and to get the security budget required for today’s cyberthreat environment. Find his recommendations for upgrading your security protocols in Fran’s column.
In other news of note this week: the C-suite shakeup in the wake of Walgreens’ $15 billion merger with Swiss-based Alliance Boots, airline cyber-attacks and Google’s purchase of the smart messaging app Emu — in this week’s Searchlight.
If you’re a CIO who takes offense when someone questions your IT security program, it may be time to get out of your own way for the sake of your company. That’s the provocative view of Kevin Beaver, an information security consultant — floated in this week’s Searchlight news roundup by Associate Site Editor Fran Sales.
“The interesting thing, to me, that rarely comes up in these discussions is how the CIO can actually be part of the security problem. Not many, but quite a few CIOs view security as a threat to their jobs,” said Beaver. “If you point out security risks, then you’re pointing out their shortcomings.”
But, as Sales gently admonishes, this is no time for protecting egos or turning a blind eye to security. Guarding a company’s information assets will require the attention of everyone in the enterprise from the top down, as a new report published by the Department of Homeland Security makes clear.
Released this week, the report reveals that attackers use brute-force cracking to log into remote desktop solutions. Once they gain access, hackers deploy Backoff, a family of malware capable of memory scraping, keylogging, and command-and-control communication and injecting malicious stubs. With malware like Backoff to contend with, companies need a multilayered approach to security — and a lot of human vigilance. The column also includes the report’s tips for improving security.
In other news, Facebook is giving its mobile messaging user the next few days to download its dedicated Messaging app, Singapore has managed to integrate NSA’s mass surveillance and data mining into their society without laws getting in the way (hmmm!), and much more in this week’s Searchlight.
For my ongoing research on the economics of cloud, I interviewed Cynthia Nustad, CIO at Health Management Systems, Inc., on how she vets her cloud providers. For starters, Nustad said she looks at cloud as “more of a business technology strategy versus an IT project.” And, for that reason, she doesn’t negotiate without having the board of directors in the loop and a business partner by her side.
HMS provides cost-containment solutions for government and commercial healthcare programs. The Irving, Texas-based company crunches petabytes of data to let its customers know if the right party was paid for a claim and if the payment was correct. The cloud service providers Nustad generally contracts with must be able to handle heavy compute, to meet her company’s stringent security needs, and to lower costs.
Cloud vendors are treated no differently by her than traditional enterprise vendors. If, for example, she were comparing a Workday cloud solution to a PeopleSoft solution, she “would put them through the same paces. I wouldn’t cut the cloud any slack.”
Nustad says she also leans on her company’s procurement and vendor management team when considering a cloud vendor. “They’re like the important quarterback in these negotiations [with vendors],” she said. “You need a third party from the outside looking at the vendors without any bias.”
Look out for “stickiness”
Nustad says she pays particular attention to how easy it is to switch from one cloud provider to another. Many cloud vendors look for “stickiness”, or ways to keep you there as a customer, “but you don’t want that as a purchaser of those services,” and especially not as a CIO responsible for getting the best tools for the job at hand. “If one vendor really outdoes another in performance, price and quality, you need to be able to switch,” Nustad said.
But it can be tough to get vendors to be transparent about this issue, Nustad said, so going into negotiations with a strategy is important. She, for one, does not sign a contract that doesn’t spell out that her organization — not the cloud vendor — owns the data.
Nustad also pays close attention to the cloud vendor’s roadmap, to make sure it is in sync with her IT application strategy. “Are they moving their applications down a path that you would also build your applications out on?”
As for who she looks to for advice on how to vet cloud costs, outside of her own organization and company?
She relies heavily on the network in “CIO land” to get a sense of cost.
“If I really want to find out what one of my friends in the neighborhood has paid I just pick up the phone and call them,” Nustad said. “And that is one of the best ways to get market intel on cost.”
Let us know what you think about the story; email Kristen Lee, features writer, or find her on Twitter @Kristen_Lee_34.
If you’re doubting fully integrating mobile into your business model, take a good hard look at Uber. As reported in this week’s Searchlight, many finance professors argued Uber wasn’t worth the $17 billion price tag indicated by investors this spring. But their argument, it seems, was based on a false premise. Let’s call it, prehistoric thinking.
Uber is “already way past what the total addressable market was [and is] creating significant new value,” according to consultant Michael Davies, one of the speakers at “The Future of Mobile” event some of us at SearchCIO attended this week.
Put another way, Uber is one of those pesky disruptive innovation companies we’re all familiar with, thanks to Clay Christensen, the Harvard Business School guru. Taxi drivers aren’t the only ones being disrupted by mobile apps; it’s pretty likely many industries will be in danger of being disrupted before this mobile thing is over.
As Sales suggests: “If companies don’t make a concerted effort to incorporate mobile into their business strategies now, they are courting oblivion.”
(What are you waiting for? It seems Yahoo got that memo, announcing this week that it had purchased Flurry, the mobile add and analytics platform that runs on 1.4 million mobile devices.)
Also in this week’s Searchlight, Dropbox is adding new features that it hopes will lure more users, Facebook is testing a “buy” button that lets users purchase products from ads without ever leaving the Facebook site, and so much more.
I love my iPhone. Who doesn’t? It’s a great product, as millions of users would agree, but it’s not exactly the most efficient tool to get my day job done. That’s about to change, IBM and Apple hope, with their announcement this week that the two iconic brands — can we call them Big Blue Apple? — are teaming up.
The official take: IBM will build, from the ground up, enterprise-specific mobile applications for Apple’s iOS to support the management of employees’ mobile app use. Touting IBM’s big data and analytics capabilities and Apple’s “legendary consumer experience,” the partners promise they will “create apps that can transform specific aspects of how businesses and employees work using iPhone and iPad….” And “new levels of efficiency, effectiveness and customer satisfaction” will follow.
“This is a radical step for enterprise and something that only Apple and IBM can deliver,” Tim Cook, Apple’s CEO, said in the press release.
As SearchCIO’s associate editor Fran Sales points out in this week’s Searchlight news roundup, the mutual admiration was glaringly absent 30 years when Steve Jobs equated an IBM-centric victory with a return of the Dark Ages. Of course, today, the partnership not only makes sense, Sales reports, but when you combine IBM’s enterprise cred with Apple’s loyal followers in the enterprise (did I mention that 98% of them work for Fortune 500 companies?) you get a formidable alliance. Not only poor beleaguered BlackBerry should be worried — shares were down 9.4% in the wake of the announcement. The deal also has competitors like Google and Microsoft plotting their next moves.
Speaking of Microsoft, the rumors are official and they are cutting 18,000 employees from their roster of 125,000. This week, big tech is disrupting itself. Read all about it and more, here in Searchlight.
Silicon Valley companies are going back to high school; but not in the way that you’re thinking. They’re stalking the unhallowed halls for summer interns and paying them dearly for their wisdom, as chronicled in this week’s Searchlight news round-up.
The story of a 17-year-old still in braces flown out to Facebook for a one-on-one with Mark Zuckerberg and a place in the social network’s summer intern program makes for good copy. But it will probably also send shudders down the spines of CIOs. Finding talented IT folks is a perennial challenge for CIOs and it seems to get harder every year. When the LinkedIn CEO Jeff Weiner shouts to his 2014 crop of interns that “Talent is our No. 1 operating priority and our most important asset,” it’s clear the hunt for tech talent is ferocious.
At least out in Silicon Valley, somebody’s decided that technology belongs to the young. That tech sophistication is not something they’ve learned in school; it comes with the territory of being under 20 years old. While it’s doubtful your company will find its edge courtesy of a teenager this summer, the hunt for highschoolers does suggest CIOs keep an open mind when recruiting talent. Age matters.
Go to Searchlight for the details – and the rest of the news roundup, including: a fitness app that is proving useful for more than just fitness, troubled electronics firms being turned into farms and more!
I’m embarking on a month-long investigation into the economics of cloud computing and what makes the most financial sense for CIOs of certain companies in certain industries. I’ll be speaking with a wide variety of experts in the field from CIOs to analysts to consultants with the purpose of figuring out what works and what doesn’t. Along the way, I’ll be giving TotalCIO readers periodic updates on what I’m hearing.
For David Linthicum, senior vice president of Cloud Technology Partners (CTP), a Boston software and services provider specializing in cloud migration services, Cloud Economics 101 starts with a homework assignment.
“It really gets down to the planning and understanding of your own requirements. That’s kind of the boring answer I don’t think people want to hear,” Linthicum said.
Boring or not, CIOs, together with their business colleagues, need to identify what CTP has dubbed their “value drivers” for the cloud — that is, where and how the cloud can boost performance based on where the business is and where it needs to go.
Obviously, the value drivers for a big bank, for example, are going to be very different from those of a manufacturing company or a healthcare company and so on, but Linthicum recommends starting the analysis by examining the three areas in every business where there is potential for value to be found in moving to cloud:
- operational costs
- security and compliance issues
Identifying the operational cost savings of migrating to the cloud — “the whole Capex vs. Opex thing,” as Linthicum put it — is probably the most straightforward analysis for most companies. If a company is about to build another $10 million data center and they’re trying to avoid [the cost of ownership], using cloud computing can add to the bottom line,” he said. Or if a company foresees having a big bolus of data that will need processing and realizes it would take 500 more servers to do it, then outsourcing those operations to cloud could pay off immediately, Linthicum said.
In an area such as security and compliance, however, the ROI of moving to the public cloud will be more difficult to calculate. On first glance, many heavily regulated companies will decide the potential risks of the public cloud will outweigh its benefits. “They just want to maintain the systems and control them more closely than outsourcing them to Amazon or Rackspace or Microsoft [would allow].” But even in these cases, Linthicum recommends CIOs not jump to conclusions. “In the majority of cases, I find out that’s typically not the case,” he said.
For companies that absolutely need to control sensitive data, an alternative is to use a private cloud; however, this option may not be very economical in the end, because you still need to buy your own software and hardware, among other things, Linthicum said. (Much more on the economics of private cloud to come in the next update.)
Still, when it comes to security and moving to the public cloud, “there has to be some planning and some architecture,” Linthicum said, starting with a rigorous assessment of what kinds of data will be stored in the cloud and whether it contains sensitive information.
Probably the most overlooked reason for companies to move to the cloud is agility, Linthicum said. Companies have been so enamored by how the cloud can save them money on operational costs, they neglect to think about the revenue it can generate by helping their businesses move into new markets, acquire companies, and change and shift their core processes around new opportunities. “That typically is where cloud pays off,” said Linthicum.
The move to the multi-cloud
One trend Linthicum has noticed is the increasing move to the multi-cloud, or what he describes as “hybrid cloud on steroids.” Interestingly, the strategy has come to the forefront in part because of all the “shadow cloud IT” commissioned by the business and the need to find a unifying architecture for the sundry cloud services. Cloud management platform vendors such as ServiceMesh, VMware, and IBM sell technology that automates the movement of workloads in between the various cloud services a company may be using.
This cloud strategy is also beneficial for smaller companies and startups because they can leverage multi-cloud as an IT strategy in lieu of building their own data center or renting data center space.
For those CIOs who may be loath to embrace something that has emerged from shadow IT, Linthicum urges CIOs not to rush to judgment.
“When guys like me come in and kind of run the map for them, it does make sense for their marketing department to put their almost-100 TB of video files on a public cloud at $1,000 a month versus making [the marketing department] buy massive amounts of EMC servers, physical servers, for the data center [for] multimillions of dollars,” Linthicum said.
Let us know what you think about the story; email Kristen Lee, features writer, or find her on Twitter @Kristen_Lee_34.
I think it’s safe to say we’ve covered bring your own device from almost every angle, from crafting a successful BYOD program to managing and securing mobile devices to integrating mobile in disaster recovery plans — I could go on. Why? Because it’s an accepted reality today that employees use mobile devices — their own as much as their companies’ — to do work. We’ve even got Gartner’s backing on that: The consultancy says that 80% of companies will have a mobile workforce armed with tablets by the end of this year.
But do you really know how many of your employees actually use tablets for work? And taking it a step further: who exactly makes up that number? Forrester says it’s got an answer, and it appears to go against Gartner’s take on the tablet landscape, as this week’s Searchlight spells out.
Reasons for the disparity? Myriad factors, says NYT Bits blogger Victor J. Blue, not least of which is that managers and individual workers are expected to do productive work, not just consume and view, and most of today’s tablets just aren’t completely up to the task — yet.
What do you think? Is it just part and parcel of being a lowly worker?
Also causing sparks in tech news this week: Wired offers pro tips on taking ace firework photos; Facebook collects “feelings” data from users on the sly; and Russian hackers take aim at Western oil and gas companies.
Get the deets at this week’s Searchlight — and then enjoy a merry Fourth!
A brand is a contract between a company and its consumers, says marketing consultant Marc de Swaan Arons on The Atlantic, and the customers its judge and jury. And never has it been more crucial to uphold that contract than in today’s digital market, as evidenced by Gartner’s prediction that by 2017, chief marketing officers (CMOs) will be spending more on technology than CIOs. As such, a new role has emerged in the C-suite: the chief marketing technologist (CMT), as this week’s Searchlight details.
The CMT (who could go by various monikers, including head of marketing technology and business information officer for global marketing) is vital not only to effectively managing this deluge of technology investments, but also to ensuring that marketing and IT see eye to eye. CMTs must embrace and encourage a holistic approach to marketing — founded on both technical expertise and a passion for marketing — and function as “the connective tissue” among their business’ many key constituencies, Scott Brinker and Laura McLellan write in Harvard Business Review , including the CMO, the CIO and third-party providers.
Liaison, strategist, aligner, enabler, innovator — the wide-ranging and continuously evolving role of the CMT is no mean feat.
Other timely tech tidings: The Supreme Court rules on suspects’ phone data privacy; GE hooks up airline systems to the Internet of Things; futurist Ray Kurzweil applies his theory of intelligence to online information; and more.
Get your fix of these headlines by heading over to Searchlight!
By now, everyone and their mother knows about the massive financial damage that payment card data breaches wreak upon companies and their consumers, in the form of replacing credit cards, credit monitoring, lawsuits and lost business. Target, for example, may end up incurring a staggering total loss of $18 billion in the wake of its high-profile breach.
But, as we cover in this week’s Searchlight, avoiding the monetary damage of such crimes isn’t the only detriment CIOs should consider — these breaches could also cost CIOs and their C-suite cohorts their jobs. Target and fellow prominent data-breach victim Neiman Marcus have learned these lessons the hard way. The former parted ways with its CEO and CIO earlier this year and is adding General Motors exec Brad Maiorino to its own executive team in the CISO role. Neiman Marcus is looking to fill a brand new CISO role on its board.
Another hidden cost is the impact of the media’s sensationalism of the criminal market, engendering greater numbers of your “everyday hacker[s] … willing to burn down your home in order to steal the copper plumbing inside.” The takeaway for CIOs and CISOs: Assume your systems will be breached and plan accordingly.
In other tech news: Netflix asks for FCC intervention in its ISP dealings; Amazon finally unveils its Fire Phone to mixed reviews; a “smart cup” could help you celebrate the World Cup wisely; and more.
Check it all out in this week’s Searchlight!