Here’s a story that’s going to run and run – and one I predict will start to make national news headlines once its significance sinks in to the consumer press.
As part of its plans to create a national identity assurance scheme for online public services, the government is proposing to establish a market for our personal data, to be used as a means of confirming that we are who we say we are when dealing electronically with government.
I have to say that I think it’s exactly the right way to go – when the coalition scrapped ID cards last year, I wrote on this blog that the way forward could be the creation of identity banks, and this latest move looks at first sight to be a big step in that direction.
The concept is relatively simple – since our personal data is an increasingly valuable currency, why not set up a network of identity banks, in the same way we have a network of money banks.
But even if the concept is simple, the delivery will be anything but.
Technically, it’s likely to be feasible – there will be difficulties of course, but it can be done. The big challenges will be commercial and legal – not to mention the perceptions that might be created by allowing organisations like banks or the Post Office to act as a repository for our most sensitive identity information.
Jerry Fishenden, an advisor to the House of Commons on the government IT inquiry and former chief technologist at Microsoft UK, pointed out to me via Twitter that we’ve been here before – see this story from 2000 on a previous attempt by government to work with industry on secure identity assurance online, one that ended in failure two years later.
There is little doubt this will be a controversial move, but I hope this is one new policy the coalition doesn’t backtrack on. Get this right, and the UK has a secure infrastructure for ID-assured online public services. With that in place, you can be sure that private sector e-commerce players will want to be the same game, and this soon becomes a national electronic identity system – one that avoids the Big Brother nature of identity cards, and helps to minimise or eliminate identity theft.
Of course it also risks establishing the perfect target for hackers – Sony’s experience with the Playstation Network hack shows the dangers of holding large quantities of sensitive data in one place. But while security is a risk, it shouldn’t be a showstopper if it is designed in from the start.
Watch this story – it’s going to be big.
At Computer Weekly, we’ve loved the NHS National Programme for IT (NPfIT), it’s been such a great source of articles and of ideas for these leader columns in its long existence. Of course, the truth is that we wish we hadn’t been given cause to write about it quite as often as we have. For the NPfIT, no news would have been good news, because it has generated more than enough bad news.
The hugely critical National Audit Office (NAO) report last week has driven yet another stake into the barely beating heart of this particular terminal patient. The Department of Health continues to insist the £6.4bn spent so far on the programme has been value for money – and perhaps if you were to concentrate only on the success stories, such as the PACS digital X-ray and imaging system, that would be true. But when the NAO says it has “no grounds for confidence” about the £4.3bn planned spend remaining on electronic care records, and questions whether the project should be scrapped forthwith, then “value for money” becomes a point of political opinion.
We’ve been here so often before. NPfIT is “yet another example of a department fundamentally underestimating the scale and complexity of a major IT-enabled change programme,” according to NAO chief Amyas Morse. And that has been the over-riding challenge that the NHS never got to grips with – the sheer scale of the project proved as over-ambitious as many experts warned.
So what next? If the NHS is to reduce bureaucracy and cut costs, it has little choice but to streamline and IT-enable administration. Furthermore, can you really imagine an NHS in 2020 that doesn’t have electronic patient records as standard? What would that say about our modern health service?
NPfIT is over in all but name. Localism is the new buzzword, and NHS IT managers are already being given greater autonomy, regardless of what is said about those huge central contracts. The National Programme may have flatlined, but IT in the NHS lives on and needs better care than this unlamented mega-project.
There has already been plenty written about the launch of what Google is calling Chromebooks – netbooks running Chrome OS – and what this means for the future of the PC. I don’t intend to add to that in this post, but I did want to make one observation from the launch at Google’s I/O developer conference this week.
When Google made its announcement, it opened with a jokey slide showing its Android character eating an Apple. No mention of Microsoft. So who does Google actually see as its competition?
Clearly Microsoft is too big a beast to go away, despite all the debate over the future of the PC. But it’s interesting to see how the dynamics of the IT industry have shifted and who the new players such as Google and Apple see as their rivals. Of course they would be foolish to discount Microsoft, but the atmosphere reminds me of the late 1980s when the big PC players – Microsoft, Compaq et al – were equally dismissive of IBM. A few years later, IBM announced what was then the biggest loss in corporate history.
IBM is still here and is thriving, but it’s a very different company today. Microsoft will still be here even if we’re all using Chromebooks/netbooks and tablet computers in 10 years, but if it is still as influential at that time, it will also have to be very different to the company it is today.
We have Sony to thank for raising the bar of the world’s biggest data breaches – with some 100 million people potentially affected by the hack on its Playstation Network. That goes quite a way to beat the UK’s previous best – the notorious lost HM Revenue & Customs CDs containing the details of 25 million child benefit records.
There’s been a bit of a flood of incidents lately – Play.com, Lush, RSA among them – which can only suggest that years of education and learning on risk management and protecting networks has not been entirely successful. In many cases, the hacks have not been especially sophisticated, but they have been determined and well targeted. There will never be a better security strategy than vigilance.
At a recent Computer Weekly event, IT security expert Peter Sommer, a visiting professor at the London School of Economics, highlighted the simple truth that cyber attacks will happen, no matter what. His blunt advice was to assume you will be hit – and that the most important part of IT security should be contingency planning.
Be prepared, as Boy Scouts would say, and have plans in place for how to deal with a cyber attack when it happens. This has been a particular weakness for Sony, whose slow response to the data breach and poor customer communication in the aftermath have been widely criticised.
But before long it is likely to be about more than just good planning, as IT leaders will need to also be prepared for the day, coming soon, when mandatory data breach notification becomes law for all. This month, the European Union introduces data breach disclosure laws for telecoms companies and ISPs – and even if the new legislation only affects those sectors now, their very existence is a sign of the EU’s direction of travel in information security regulation.
Lawyers fully expect the laws to be extended to cover more and more organisations – so now is the time to prepare.
The article below is the editorial leader column from the last ever printed issue of Computer Weekly magazine.
If you like nostalgia, you may want to treasure the magazine you hold in your hands now, as this is the last time that Computer Weekly will be produced in its paper format.
On 22 September 1966 we started an era, as the world’s first weekly IT newspaper. Today, we start another, even more exciting era as the UK’s best, oldest and most widely respected IT publication goes 100% digital.
Every week for 45 years Computer Weekly has written about how technology is changing the way companies and governments work. In recent years, as we have covered how the internet is revolutionising so many aspects of all our lives, we have also been experiencing ourselves the changes that are transforming the publishing industry faster than almost any other sector.
Our readers’ habits have changed, with IT professionals leading the move to finding information and following the news online. Our advertisers’ preferences have changed even more, with fewer and fewer IT suppliers looking to printed magazines as an outlet for their marketing spend – as every reader will have witnessed in the shrinking pagination of this and other magazines. We may have been the first IT paper to be printed, but we will not be the last to go out of print.
Meanwhile, we have not been sitting on our paper-based laurels. For years we have been growing our online and digital content to meet those changing audience and advertiser needs, and today Computerweekly.com is one of the most popular IT websites in the UK. We have branched out into new forms of content – video, photos, podcasts, blogs, web seminars, online communities and face-to-face events, to name but a few. And those of you who currently receive the printed magazine will instead receive a digital version by email every week.
But one thing that has not and will not change is our commitment to providing the latest news, analysis, opinion and in-depth coverage of the UK IT scene, and to act as a champion for IT professionals, helping you to do your job better, with the information you need, supporting readers throughout their career in the most exciting industry in the world.
We also mark the move to being fully digital with a further change for the Computer Weekly team. We are leaving Reed Business Information, our home since launch in 1966, to become part of Techtarget, one of the biggest specialist IT publishing companies in the world. It’s an exciting time for all of us as we move to an organisation that really understands the needs of our demanding audience, and will provide the investment and growth to keep Computer Weekly at the forefront of IT publishing in the UK for the next 45 years and beyond.
Some of the UK’s best journalists have written for Computer Weekly across the past five decades – some of whom you may recognise from the television and national newspapers. We have won awards for our journalism and supported the careers of many of today’s top IT leaders as they have risen through the profession. By going digital, we can continue to deliver those same standards, and the same high quality, in the modern formats that you choose to use.
Technology has become part of everyday life like never before, and it’s our privilege to be writing about IT at such a critical point in the information revolution. As a digital, multimedia publication, we will not just be writing about those changes, but living them. Thank you and goodbye to paper and ink, you were great while you lasted. Welcome instead, to our new era.
There are few topics that stir debate among IT professionals as much as offshore outsourcing. Readers of the Inside Outsourcing blog at Computerweekly.com engage in often heated exchanges on their concerns about offshoring being a threat to their jobs and livelihoods. There was anticipation that the government’s new policies on immigration would bring some clarity to the use of overseas workers.
But the exclusion of intra-company transfers (ICTs) from the immigration cap has only served to increase confusion.
Let’s be clear about one thing – offshore outsourcing is a good thing, and in a globalised industry it is inevitable. It allows UK firms access to cost-effective IT services that are essential for UK plc’s international competitiveness.
But offshoring stirs concerns about the career prospects for UK IT professionals. A future where more and more organisations relied on overseas resources – whether located offshore or working in the UK on an ICT – would lead to a dangerous decline in our local IT skills and capabilities. Our international competitiveness relies just as much on our own skills base as it does to accessing that in other countries.
The challenge is to get the balance right, and it seems unlikely that government immigration policy is going to make much difference to achieving that balance.
So it will be left to the UK IT community to work out the solution. It is not as simple as “don’t offshore” – the answer is wrapped up inside a melee of issues such as training, IT education in schools, cost control and even emerging technology trends such as cloud computing.
It is also down to responsible employers. There are too many apocryphal stories about abuse of the system with blatant replacement of a UK worker by a cheaper one from overseas, flouting the principles if not the letter of immigration laws.
Ultimately it is an issue of investment in people. A UK software programmer would be less concerned with an offshore alternative if his or her skills were being developed and career progressed. Offshoring is a vital part of the IT leadership toolkit, but should never be a replacement for the even more important aspect of investing in your staff.
The initial reaction from some observers to the new government IT strategy was, “So what’s new?”
Certainly there is little in terms of the practicalities that we hadn’t heard already – open source, cloud computing, smaller projects, more diversity in the supplier base – but these are just the latest in a long list of technologies and trends that have evolved through various past iterations of public sector IT policy.
Ultimately the strategy will not be judged on the products it implements, but on the change it enables.
Let’s face it, does it really matter if civil servants use OpenOffice instead of Microsoft, for example? As long as they are delivering public services in the most cost-effective manner, then surely not – no matter what the open source activists will say.
The most important change the strategy needs to deliver is to change the conversation around government IT – or ideally to stop people talking about it altogether. Nobody talks about successful IT systems – they just use them. The only time the technology becomes an issue is when it doesn’t work. There is no doubt that IT can, should and must transform the delivery of public services, but it will be judged a success when it becomes invisible.
Deputy government CIO Bill McCluggage is right to say that a commitment to accountability is one of the most important facets of the new plan. Someone has to know that they shoulder the blame for failure – and that they will be acknowledged for success. Too often in the past the originators of problem projects have long since moved on by the time they make the headlines for their collapse, then the finger pointing begins and nothing happens.
When IT-enabled public services meet the requirements of citizens, support the cost-cutting needs of these austere times, are flexible and adaptable to change, and when they just work, nobody will care what logo is on the box or what name is on the invoice.
The government IT strategy is critically important, but to be a success it must make itself irrelevant.
How often do you, as an IT leader, tell people in other parts of the business what you have achieved?
For many IT folk, that sort of self-promotion doesn’t always come naturally – and often that can be one of the causes of negative misperceptions about the IT department and its contribution to the organisation. There’s no harm in selling yourself a little.
Does your profile as an IT leader matter? I think it does – not only for success within your employer, but also for your career development and perhaps most of all for your next job move.
Of course, I’m saying that as a journalist. I like people who want to have a high profile because it usually means they are keen to talk to the press. But it’s a skill that more senior IT professionals would do well to master.
Last night, I was a speaker at a BCS event about IT leadership, and in particular what makes an influential IT leader. I was invited to talk about Computer Weekly’s UKtech50 list of the most influential people in UK IT, and how we decided on that list.
My fellow speakers included two of the top IT leaders in the UK, both of whom made it onto the UKtech50 – NHS CIO Christine Connelly and HM Revenue & Customs (HMRC) CIO Phil Pavitt. Both are high achievers, both highly influential, and both with different views on that most subjective of the criteria that defines influence – profile.
Phil came prepared, presumably knowing someone from Computer Weekly would be there. He quoted from an article on our Public Sector IT blog, one which he interpreted as labelling him a “lumbering mandarin”.
He then went on to describe his achievements in the 18 months since he joined HMRC from his previous CIO post at Transport for London – and a hugely impressive list it is too. Pavitt inherited something of a mess, with plenty of opportunity for change for someone willing to lead that change. He’s delivered huge cost savings, renegotiated major supplier contracts, and improved efficiency – the very model of what the new government ICT strategy aims to achieve.
“Does that make me a lumbering mandarin?” he asked?
I enjoyed the banter – and was also pleased that the HMRC CIO reads our website. Phil clearly has, wants and deserves a high profile. He joked about being irked that he wasn’t in the top 20 of the UKtech50 list.
“Do you mind that you weren’t in the top 20?” he asked Connolly. “Not at all,” she replied. “Well I do!” he retorted, to laughter from the audience.
And in many ways he is right – he, like any other CIO who has delivered change, improved their organisation, and put IT at the heart of business strategy – deserves every recognition they can get. I invited him to be interview by Computer Weekly so he can put his case to our readers – his peers – and I hope he will accept.
But Pavitt also highlighted the potential downside of profile, citing how a national newspaper called him “the most incompetent CIO in government” after the HMRC PAYE underpayment fiasco last year, and had reporters doorstepping him in his front garden.
That’s a symptom of being a high-profile public sector CIO. As he rightly pointed out, nobody writes stories about the HMRC computer systems that calmly collect £435bn of taxes a year, handle 75,000 import/exports into the UK every day, and process a billion transactions a year. Get one thing wrong, and that’s what most people remember.
Connolly made a similar point – wishing that in some cases she could make her profile a little lower, particularly where the old National Programme for IT was concerned, citing some of the important achievements even that much-criticised programme has delivered.
But like any successful individual, you have to learn to take the rough with the smooth.
I’ve always thought that IT has been too slow, or sometimes too scared, to shout from the rooftops about what we do and what we achieve. So for me, it’s great to see achievers like Connolly and Pavitt talking about what they do and getting out that positive message about IT. It is time UK IT put to bed old misperceptions about IT departments always getting things wrong.
I recognise that Computer Weekly has a part to play in that, and we’ll continue to do so. I hope more IT leaders will too, through whatever channels and on whatever platforms they prefer.
So, from me to you Phil: good job, keep it up.
Chancellor George Osborne labelled the latest contents of his tattered red briefcase as a Budget for business, and if that proves to be the case then it would be a good one for the IT sector and IT professionals.
It’s going to be a big “if” though.
On paper, the Budget promises to be positive for IT – support for entrepreneurs will help tech start-ups; funding for apprenticeships and technical colleges could help get more young people into IT; and measures to cut red tape and reduce corporation tax could free up time and money for firms to invest in new technology projects.
Osborne has shuffled his pack and now it is up to those businesses to play their cards, because the ultimate test of whether this will prove to be a successful Budget will come not from yesterday’s announcements but from the reaction of UK plc.
Take IT skills and employment, for example. This is hardly the first time that government has put in place policies that should in theory encourage IT employers to take on more young people and develop IT skills. But can you now think of any of those initiatives that have really made a difference? Can you even remember the initiatives? Young people continue to avoid IT in their thousands, with a whole range of statistics showing the lack of desire to work in technology from the most tech-savvy generation ever.
What about tech start-ups and small IT suppliers? They will welcome the support from Whitehall, but would welcome even more to have support from big IT buyers. In its own purchasing policy, the coalition says it want to end the IT oligopoly that sees 18 suppliers responsible for 80% of government IT spending, and encourage more SMEs, but we have yet to see that working in practice.
Similarly, there remains a reticence among many IT leaders to take a risk on new technology products from emerging suppliers and start-ups. UK IT purchasing is predominantly risk averse, and when IT budgets are under scrutiny it is hard to convince the CEO to take a chance on an unproven supplier.
The biggest disappointment for UK IT in the Budget was the fact it was not even mentioned, while other sectors were singled out as likely engines of economic growth.
What about more support, more quickly, for superfast broadband roll-out? There is £830m or so on offer but that’s a drop in the ocean and yet to be allocated.
What about concrete moves to purchase more government IT from SMEs and start-ups? We’re still waiting for the new Whitehall IT strategy – due soon – and evidence of a change in procurement policy.
What about specific programmes to help fill the 110,000 new entrants into IT that we need every year – many of whom will have to come from other sectors and professions and be cross-trained?
We should not be so churlish as to criticise Osborne, for he has at least introduced measures that have the potential to help support UK IT, even if he could have gone further. But if this is to be a Budget for business – and in particular, a Budget for business IT – then it will be down to business and IT leaders to make it so.
Any mention of “women in IT” is often received by certain sections of the male IT profession with a sigh, a shake of the head, and a cynical “not again…” Perhaps it’s the same in any male-dominated industry, but I find it hugely disappointing whenever I come across such a dinosaur attitude from people in technology.
I spent much of yesterday afternoon at the Everywoman in Technology Awards in London, along with over 200 of the most successful and inspiring women working in IT today. It was a real privilege for Computer Weekly to be involved, and for me personally to be invited to present the Inspiration of the Year award, which was given to Nikki Walker, senior director for inclusion, diversity & sustainability at Cisco Systems.
(Photo copyright Everywoman Ltd)
Over lunch, I was talking to one of the finalists, Ella Romanos, managing director of digital design and gaming firm Remode. Ella is just 27 (that’s young as far as I’m concerned!), and only two-and-a-half years after graduating from university, she and her business partner are running a successful tech firm that has recently signed a deal for its main game, Mole Control, to be sold in Wal-Mart stores across the US – a huge piece of business for a fledgling UK company. Of course, she hasn’t achieved that because she is a woman, but because she is a fantastic businessperson and leader – and we need as many of those in the UK IT industry as we can get.
For someone like me who has been in and around IT for over 20 years, it is an enormously pleasant change to be in a room where men were in the minority. I’ve been writing for far too long about the shamefully low proportion of women working in IT – as low as 18% of the workforce – and frankly I wish we didn’t have to raise it as an issue any more, not to please the male cynics mentioned above, but because one day I hope it is no longer the case.
This isn’t an issue of positive discrimination, and I’m not particularly in favour of quotas for mandating the employment of women – anybody who gets a job should justify it on their ability, not their gender. But a more diverse IT workforce can only be to everyone’s benefit. Chatting to some of the winners of the awards, they said the same thing – while they hope to encourage more women into the industry, it’s not out of any “come the revolution” feminist campaign, but simply because the workplace is more productive, more enjoyable and more fun when it is more mixed and diverse.
It’s also interesting to experience how different is the mood, atmosphere and sorority at an IT event dominated by women, compared to the typically male-dominated events I normally attend.
When male IT folk are networking, the feel is very much one of, “What can you do for me?” Among the women at yesterday’s event, it was much more a case of, “What can I do for you?” In these troubled economic times, with so much uncertainty over the future of the UK IT profession and the alarming slump in young people entering the industry, that feeling of support and mutuality is one we could all benefit from.
We will be featuring several of the award winners on our WITsend blog – it’s worth reading what they have to say, you might just learn something.