Does your organization have a private cloud? Are you sure?
“Nearly 60% of the folks that we spoke to were happy to say that they had a private cloud,” Burke said. “But when you started to pick it apart and get to what the actual functional aspect of it was, you’d wind up with maybe 10% to 15% having an actual cloud of any sort internally.”
What is private cloud? According to National Institute of Standards and Technology, a private cloud is “provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed and operated by the organization, a third party or some combination of them, and it may exist on or off premises.”
There are two main types of private cloud. One is what’s called hosted private cloud: An organization rents exclusive infrastructure space in a provider’s data center and the managing and maintenance is done by the provider. The other is internal private cloud, which an organization builds in its own data center and manages it itself.
Private clouds also must have characteristics NIST calls essential to be called cloud — they need to have elasticity, for example, so resources can be scaled up or down to meet demand. They also need to be available on-demand without having to contact the service provider — what is called self-service — and resources need to be measured, like electricity or other utilities are, so users know exactly what they have used.
In the Nemertes study, Burke said most respondents had a “well-virtualized data center” in which they can spin up new computing environments quickly but which required some manual network task — so not meeting the self-service requirement. These so-called private clouds lacked other cloud features, like metering capabilities such as chargeback and showback.
Naveen Chhabra, an analyst at Forrester Research, said there are various reasons CIOs and other IT leaders might say that noncloud environments are cloud, including internal politics or fear that competitors might be ahead on the latest technology.
“Who would want to say that ‘I do not have a cloud,’ right?” Chhabra said.
During his keynote talk, Nigel Travis, CEO at Dunkin’ Brands Group Inc., provided a handful of leadership tips to the CIOs and senior IT leaders who attended the recent SIM Boston Technology Leadership Summit. Here’s one: When CIOs get a seat at the leadership table, he said, “be strategic, not technical.”
His advice comes from years of working in customer-facing organizations from likes of Blockbuster, where he learned the value of customer data, to Papa John’s, where he served as CEO and president and helped build the company’s online ordering sales from 6% to 30% in four years, to Burger King, which included a brief stint in IT.
Some of his most detailed leadership tips focused on how to manage teams effectively, what he called his “tenets for success.”
- Avoid turnover, invest in your people. Travis recommended two ways to build greatIT teams: First, provide avenues for extra training or additional benefits. Second, pay to get the best. “If you’ve got great people, reward them well,” he said. “Because the cost of losing them is unbelievable.”
- Communication is key. As the CEO of a global company, Travis can’t be everywhere at once, so he regularly uses technology to communicate with employees and franchisees — from quarterly webcasts to weekly voicemails to in-person coffee talks. “You can never communicate enough,” he said.
- Inspire your employees. IT leaders have a reputation for “being dull and unexciting,” he said after asking attendees not be offended by the comment. Good leadership, he went on to say, means motivating the troops. “Do you truly inspire your department? That’s a question you should think about,” he said.
- Create the right culture. Culture is “absolutely critical,” especially as markets become increasingly competitive, Travis said. What the culture looks like is less important than how the culture functions; he suggested CIOs build a culture “that engages people, that encourages people, that makes people feel good.”
Out with the old, in with the new. Many of us will be thinking about what we will do differently in 2016. Will we tackle our jobs anew? Can we be creative?
At the Society for Information Management’s recent SIM Boston Technology Leadership Summit, three veteran CIOs were asked to talk about IT innovation — not about the buzzword but about the nuts and bolts of doing new things in IT.
The panelists’ charge from moderator Mark Staples, CIO at the Wentworth Institute of Technology in Boston, was to dig into their own experiences for the structures, practices, and leadership tactics they’ve used over the years to keep innovation alive and to help their IT teams be creative.
In their own words, here are some of the tips from the three panelists.
Brian Shield is vice president of IT, for the Boston Red Sox and before that the CIO at The Weather Channel. Ray Pawlicki, recently retired, is the former CIO at Novartis and Biogen. Steve Morin is CIO at Demandware, an e-commerce software platform vendor in Burlington, Mass. The quotes have been edited for clarity.
Innovation mind-set: Committed vs. compliant
We used to make a distinction about working in a compliant fashion and working in a committed fashion. If you are committed about something, you talk from the heart; when you are compliant about your job, you are going through the motions a little bit.
When you are working on something that you’re committed to, that is when innovation happens. You have that intellectual curiosity that pulls things through.
In my career, I spent a lot of time on trying to help make that distinction between commitment and compliance and to encourage people to work in a committed fashion. If they were not in a place where they could commit, then they needed to do raise their hand and go to their boss and say, ‘Hey, I need to do something else.’ And that is OK. — Ray Pawlicki
Innovation structures: ‘Unconferences’ and an internal VC fund
There is an interesting balance and dichotomy between unstructured innovation and the need for structure. You want to use both. Here’s how we do it: Innovation is in our goals and a core competency for everyone. Then at the leadership level, three or four times a year, we have unconferences: The top 60 people in the company, business and IT, unstructured. The CEO might frame it up by describing some challenges facing the company, and we have an open session. Some good ideas have come from that.
Then you also need a structured process. We have just gone through budgeting for 2016, and I am being asked to put numbers to a vehicle for innovation. We’re basically putting an internal venture capital fund — that is what we are calling it — into the budget, so if something requires some outside expertise, some technology investment, the seed money is there to fund it. — Steve Morin
Bi-modal IT to ensure innovative and reliable IT
What is emerging now, as opposed to five or 10 years ago, is actually structuring the IT organization where you have somebody running the operations and then a separate group — whether it is a chief digital officer or head of innovation — but somebody who is taking accountability for what a pilot is, for defining how long a pilot lasts, and determining the funding for it. You have a person driving that and who has the correct title.
One of the organizations I work with as a CIO and a deputy CIO. The deputy CIO runs most of the operations and reports to the CIO. That seems to be emerging model because technology has become so core to the business. — Ray Pawlicki
No matter how successful you have been at your company and no matter how good your reputation is for delivering solutions, external input is always going to be valuable.
Every year [at the Weather Channel] we had a conversation — internally and externally — asking: How would you compete with our company? What would you do right now, if you started a new company to compete with our company? What would you do differently? It is sort of a fascinating exercise. All the things we are talking about — mad-scientist ideas — are frivolous unless you are aware of the business metrics and drivers around you and can align your solutions to those metrics. — Brian Shield
A day after I went to the Watertown, Mass., campus of Perkins School for the Blind to interview Bill Oates, the former CIO at the City of Boston and the Commonwealth of Massachusetts who now heads the school’s business and technology division, Perkins Solutions, I got a phone call. It was Marilyn Rea Beyer, director of public relations for the school.
Before I wrote a profile on Oates and his new role at Perkins, she wanted to make sure of something. Did I use people-first language?
People-first? I didn’t know what she meant.
Person before condition
“People-first” language, explained Beyer, is a way of speaking and writing about people with disabilities that aims to emphasize the person and de-emphasize the condition the person has. Preferable to blind person is person who is blind.
It’s about showing respect, Beyer said, and it’s the official line of the school.
“Perkins, from a communications viewpoint, wants to model the most respectful language possible when talking about our students, graduates and the community at large and that would go for any person of any description,” she said.
As a journalist, I thought immediately about the linguistic twists and turns I might have to do when writing my article. The traditional English syntax of adjective-noun is simpler and shorter than noun-relative clause. But the reasoning behind people-first language made sense to me. It was accurate and more expansive than the usual shorthand: a short man, an overweight woman, illegal immigrants. (Plus, there’s a journalistic tradition embraced by many, including the Associated Press — whose guide on style and usage SearchCIO uses as a resource — that sources should be described the way they’d like to be.)
Oates follows the school’s policy on people-first language. In an hourlong conversation about his new role and the transition from being a CIO at state and city government to a business manager looking to technology to help his user population, he used the adjective-noun construction (blind person) just once.
No one is keeping tabs, Beyer said (though for the purposes of this article, I just did). What’s important is that people begin their references with people-first language.
And though the blind is not a term Perkins uses, the historical name of the school isn’t changing.
Conflicting views on people-first
Though people-first language is widely encouraged and used across the U.S by advocacy groups and government organizations like Centers for Disease Control and Prevention, it has its detractors. Sociologist C. Edwin Vaughan says the use of people-first language is awkward and repetitious and “calls attention to a person as having some type of ‘marred identity.'”
The National Federation of the Blind adopted a resolution against people-first language in 1993, saying it amounts to politically correct euphemisms that are “unacceptable and pernicious.”
Strong words indeed, especially when considering the mission of an organization like Perkins: “to prepare children and young adults who are blind with the education, confidence and skills they need to realize their potential.” Certainly, it’s a mission advocates on either side of the debate would stand by.
Digital business has created a new seat at the C-suite table: the chief digital officer. But according to research from Strategy&, a global strategy consulting team at PricewaterhouseCoopers, the role is not as popular as all the chief digital officer chatter would have you believe.
In a survey of the top 1500 companies globally, Strategy& found that only 6% have a chief data officer (CDO) or the equivalent. That said, momentum for the role is on the upswing. The authors of the report, “Adapt, disrupt, transform, disappear: The 2015 chief digital officer study,” pointed out that more than a third of digital leaders who made up that 6% were appointed just in the last year.
The report found that larger companies (defined as having more than 10,000 employees) were more apt to hire a CDO than smaller companies (those with fewer than 10,000 employees). There are two reasons for this, according to the report: One, digital leaders aren’t cheap, and the hire “may be beyond the means of many smaller firms.” Two, digital transformation for larger companies is often more complex than it is for smaller companies, requiring a leader rather than parceling out digitization efforts among existing staff.
The biggest digital hurdle is people
Shawn Banerji, managing director at Russell Reynolds Associates, an executive search firm in New York, said the job of the chief digital officer once installed — and no matter how much desired by the company — is rarely easy. One of the biggest hurdles CDOs face in leading digital transformation is people and culture. This is especially the case at large global companies, where corporate culture is often more entrenched than at mid-sized companies. The situation will be familiar to any CIO who has undertaken a large ERP implementation, he said.
“ERP implementations usually did not fail because someone couldn’t integrate Oracle or SAP into the company’s operating backbone,” Banerji said. “It was because the users, themselves, by and large, rejected the new workflows and processes that were required.”
Resistance to change sets a CDO up for failure. “You can’t expect one individual, no matter how senior or hip or cool or smart, to come in and individually affect this kind of change and transformation,” he said. For CDOs to succeed, they need support from top executives and, as important, Banerji argued, from the people doing the actual work.
“It has to be something that is embraced at an institutional level — not just at the highest level, but something that permeates the organization, especially at the level where a lot of the work gets done, which I would describe as senior middle management,” he said.
Industry clouds will be the next big cloud thing, predicts research shop IDC, and they present a huge opportunity for IT. Technology vendors that don’t pay attention, though, may see business slip through their fingers.
Industry clouds are joint ventures among organizations in a vertical market that give members access to industry-specific cloud services — and in many cases they’re forums for sharing information to solve problems (see “2016 forecast: Industry clouds on horizon? IDC thinks so“).
“This is probably one of the greatest opportunities the IT department has seen in a long time,” said IDC analyst Eric Newmark. Today, a lot of IT purchases are not made by IT — they’re made by marketing, finance and other business departments that want a quicker route to the latest technology.
Industry cloud a new hope for IT
“When I look at what keeps CIOs up at night, I think it’s more about, ‘How do IT organizations reposition themselves and their companies as being something that helps to generate top-line revenue rather than being viewed as just sort of a cost center?'” Newmark said.
One way for IT to change that view is by helping the organization identify opportunities for creating or being a part of an industry cloud, he said. First, IT should call out any special expertise or value it can offer up to other organizations in the industry — for a profit. For example, an organization may have custom-developed a technology that addresses issues that a particular industry needs to address, like compliance. Can it offer that as a service in the cloud?
Second, IT should factor in the concept of industry clouds in the traditional “build vs. buy” approach to new technology, Newmark said.
“As companies consider buying particular software applications or particular capabilities, you’ll start to have the option of ‘Do we want to buy a software package for this? Or do we want to consume this as a service in an industry cloud?” Newmark said.
For tech vendors, a dark side
While industry clouds can be a powerful new tool for IT, they may be a looming danger for technology vendors — that is, if they don’t keep a watchful eye on their markets.
When organizations come together with a tech vendor on an industry cloud to provide certain technological and operational capabilities, that vendor very quickly takes on a lot of business indefinitely. Other vendors that sell the same wares will essentially be shut out of the circle.
“It’s very important that technology vendors out there pay close attention to this market because they’re going to have new competitors popping up left and right,” Newmark said.
Coming in at No. 8 in market research outfit IDC’s tech predictions for 2016 and beyond, was this: “industry clouds.” In a webcast, analyst Frank Gens said companies like John Deere and UnitedHealthcare are turning industry cloud platforms into “epicenters of innovation, growth and disruption” — and he said half of U.S. organizations will either create or partner with one to distribute or source their innovations by 2018.
The predictions highlighted developing technologies like the Internet of Things — 22 billion devices are forecast to be hooked into to it by 2018 — and familiar ones that nonetheless are growing madly, like cloud computing. But industry clouds was a new one on me, so I turned to Eric Newmark, an IDC analyst who helps life-sciences organizations make technology decisions. He also leads the company’s industry cloud platform service.
“Industry cloud is at its essence about buyers becoming suppliers,” Newmark said, referring to buyers and suppliers of cloud computing services. It’s a sort of joint cloud venture for vertical markets: An organization in a specific industry creates a cloud platform for other organizations in that industry — for example, a hospital offering cloud services to other hospitals — or organizations come together on a customized cloud platform to work toward a common goal.
“So it’s more of a many to many not just a one to one,” Newmark said.
Industry clouds a ‘win-win’
There are three models for development of industry clouds, he said. In one, an organization offers up a particular expertise in the cloud for others, who pay for it on a subscription basis. In another, a vendor creates a cloud platform specifically for an industry. And a third is a partnership of user organizations in a specific industry and one or more technology vendors. It’s the most popular model today. For everyone involved, Newmark said, the models are a “win-win.” (See “Industry cloud boon for IT, bane for unwary tech vendors.”)
“The end-user company creating the industry cloud gets to create a new revenue opportunity for themselves,” he said. “All the other entities on the other side of the coin that decide to consume this as a service win as well because they don’t have to re-create the wheel for themselves.”
An example of the partnership model began at Mercy, a healthcare operator in the Midwest. It created a data center as a service for itself as a cloud backup service. It was so successful, Newmark said, “they realized that ‘Wow, this is something that other hospitals could use.'”
So Mercy partnered with several technology vendors to create Mercy Technology Services, which first started offering its cloud backup service. As more hospitals signed on, Mercy offered more services, like application management and telemedicine, and now aggregates data from constituent hospitals to provide data analytics services and insights on how to improve medical care.
Collaboration leads the pack
Healthcare is the forefront of the industry cloud market today, Newmark said. He credited the changes introduced by the Affordable Care Act as a catalyst for entry.
“I think that people have been trying to solve a lot of the different challenges and problems in the healthcare space — tackling things collaboratively has made a lot of sense,” he said.
Life sciences is another area where the collaborative nature of industry clouds is a boon. Sharing R&D may shorten the path to a disease cure, for example — and collaborative partnerships of this sort in the industry have existed for decades, Newmark said. Oil and gas and other utilities companies are slower to come together on the platforms. They’re highly competitive, and “there’s less of a history of working together.”
There are between 100 and 150 industry clouds today, Newmark said. But he expects there will be around 500 by 2018 and 1,000 by 2020. In revenue, hundreds of millions of dollars today will balloon to tens of billions in just three to five years.
In late October, The New York Times Co. pulled the trigger on a decision that reflects how digitization is disrupting more than business models: It named Nick Rockwell its new CTO.
That Rockwell was named to the role makes sense. For more than a decade now, he’s racked up a blend of digital technology and digital media experience as a CTO or a vice president at the likes of Conde Nast, TheLadders.com and MTV Networks. What stands out about the decision is this: Rockwell is the replacement for the former CIO, Marc Frons, who left the company in June. Digital transformation, in other words, is upending the corporate structure itself — and in more ways than introducing new roles to the C-suite.
“If you’re a CIO right now, and if you’re not adapting and evolving, you risk being marginalized. It’s tough,” said Shawn Banerji, managing director at Russell Reynolds Associates, an executive search firm in New York.
It’s too early to call the CIO-CTO shuffle a trend, but it’s safe to say The New York Times isn’t alone in its decision. “As more and more companies, irrespective of their industries … are looking at data information assets and how they productize and monetize those assets, they need an individual, whether it’s the CIO or the CTO, that can do so,” Banerji said. “And many are opting for the CTO title, so we’re starting to see the emergence of that.”
Earlier in October, Starbucks announced that it was appointing Gerri Martin-Flickinger as its first-ever CTO, a replacement for former CIO Curt Garner. And last year, Brook Colangelo, who was originally hired as Houghton Mifflin Harcourt’s CIO, convinced the company to nix the CIO title in favor of CTO. “The killing of the IT title was a rebranding of who we are as an organization and how we’re delivering,” he said in an interview with SearchCIO a few months back.
Colangelo has retained his CIO responsibilities despite the title change. But by becoming a CTO, he has positioned himself as more of a front-office entity where he can serve Houghton Mifflin Harcourt customers directly, he said.
The CIOs in this story are examples of how digitization is disrupting the role of senior IT leader, but they are also examples of how CIOs are evolving with the times. Frons, for example, shed the CIO title — for now; he currently serves as senior vice president and global head of mobile platforms and deputy head of technology at News Corp, which publishes The Wall Street Journal and The New York Post. Garner, former CIO at Starbucks, is currently serving as Chipotle’s first CIO. And even Martin-Flickinger provides a CIO adaptation story: She’s performed the CIO-CTO shuffle, having served as the CIO at Adobe before joining Starbucks.
“Our telecommunications networks were not wired for privacy. They were not designed for digital security.”
When the telecommunications industry began to shift away from analog phones in the 1990s and telephone companies started building the networks to accommodate them, they didn’t have privacy in mind. In fact, these networks were built with the intent of giving law enforcement and the intelligence community the ability to access any communication at any time, said Soghoian.
As anyone with a cell phone can attest, Silicon Valley companies have disrupted the business models of traditional telecommunications companies. (The text message is a good example: What once cost customers 20 to 30 cents per text — a huge source of revenue for phone companies — became free when Apple rolled out iMessage in 2012, no user opt-in required. Soon after, other companies developed free alternatives to text messaging, such as WhatsApp, Viber and Facebook Messenger.)
Granting government access to telecommunication networks, however, persists for many providers, including Silicon Valley disruptors. The exception is Apple. The result is what Soghoian describes as two-tiered consumer privacy: full protection from government prying for those people who can afford Apple products — and something less for everybody else.
Last year, Apple CEO Tim Cook announced that his company would now be in the business of protecting customers’ digital privacy and provide “end to end” encryption on iPhones: Devices running the most recent versions of iOS can no longer be unlocked by the company even if it were faced with a warrant from authorities. Only these phones’ users have access to data on their Apple device.
“Apple’s customers got security without having to do any work, without having to think about security, without having to research anything, without having to go into any configuration options, which none of us ever do. Apple’s customers got security for free,” he said.
This end-to-end encryption, which is turned on in Apple’s devices by default, is a major step in the right direction. But it’s not enough, Soghoian said.
The other major mobile device OS, Google’s Android, is a different beast. Google doesn’t manufacture its smartphones — OEMs do. And they are not as keen on keeping up with the speed of encryption technology. If you walk into a store today and buy an Android phone, it’s unlikely to have data encryption turned on by default.
That’s why Android smartphone manufacturers have been able to keep its prices so low, at $50 to $100 a pop. Apple’s devices are sold for about $600 or $700 each, on average.
The resulting “digital security divide” is a problem, Soghoian said.
“What does it mean when the phone used by the rich is encrypted by default and cannot be surveilled? And the phones used by those in the global South, and the poor and the disadvantaged in America, cannot protect themselves from surveillance?” he asked the audience.
Soghoian’s bottom line? It’s promising that Apple has taken the lead in building devices that are encrypted by default, and in some cases even “frustrate” law enforcement surveillance. But these devices should not just reach the higher tiers of our society — the rest of Silicon Valley should follow Apple’s suit.
“Everyone should be free of surveillance,” Soghoian said.
Last week, I asked cybersecurity experts about their reactions to calls from President Barack Obama, Congress and Democratic presidential candidate Hillary Clinton on Silicon Valley tech giants to use their technological wizardry to help foil terrorism.
Khalid Kark, a director in Deloitte’s CIO research program, said the government, technology companies and non-tech companies need to share information and work together to crack thorny issues like how to curb terrorism recruitment online and sniff out traces of attacks on the Web before the happen in the real world.
Gartner analyst Avivah Litan said hyperawareness on the part of everyone — the government, technology companies, retailers, libraries, shopkeepers — is needed to thwart terrorists. Using Israel as an example of a place where security is woven into the fabric of everyday life, she suggested an approach along the lines of the “If you see something, say something” public-service initiatives in the months and years following the terrorist attacks of Sept. 11, 2001 — on a massive scale.
“If everybody was hyperaware, that’s the best intelligence,” Litan said.
CIO role in sharing information
The interlocking benefits of sharing and awareness aren’t lost on CIOs. They see the implications in their own organizations: the fewer the silos, the broader extent of knowledge throughout the organization, the better the business decisions. In a national security initiative based on sharing and hyperawareness, the fewer the silos, the broader extent of knowledge throughout the government and corporate America, the better the security decisions. The CIO role could be key in keeping companies — and the country — safer.
But we may be years from it. For meaningful collaboration between the government and the private sector, Kark said, the government would need to convince companies that their customer data is not compromised. In the wake of attacks in Paris and San Bernardino, Calif., there is a renewed debate in Washington about whether government agencies should be granted “backdoor” access into encryption codes on popular apps to better monitor criminals and terrorists.
“That’s definitely a no-go zone for many of the tech companies,” Kark said. “If you want to engage them you have to ensure and you have to respect their ability to ensure privacy for their customer data.”
Hyperawareness in CIO role
For CIOs to be effective in any grand national security program, Litan said, they need to hyperaware to all signals in their organizations. That means everything from making sure cybersecurity is airtight to determining whether there are potential terrorists working alongside other employees.
But to keep any kind of threat from spreading, CIOs need a “safe harbor,” or whistleblower, policy that lets them bypass legal departments — and ensures the CEO won’t sack them.
Litan gave the high-profile, hypothetical example of the self-proclaimed Islamic State trying to take down NBC Studios by installing malware on its computers. If IT detected the malware, it couldn’t report that to the government so they could alert other companies to the threat.
“There’s a bunch of lawyers at NBC Studios that would stop the IT department from sharing that level of information,” she said. “All they could say is, ‘We see signs of suspicious activity.'”
A bill working its way through Congress, the Cybersecurity Information Sharing Act, would give companies some legal immunity for sharing data with the government. But the legislation has drawn criticism from tech companies like Apple to groups like the American Library Association, which say it doesn’t adequately safeguard Americans’ privacy. As is, the bill allows the Department of Homeland Security to share information — including personal customer data — with the FBI or National Security Agency.