Digital Magna Carta time?

Recently I seem unable to avoid reading material on security risks associated with the use of technology.  It is certainly a good thing that the topic has a growing profile as that can positively drive upward awareness of the risks.  However, I do worry that many articles only tend to articulate the risks and remain silent on the potential benefits arising from technology enabling our lives.  Writing about the dangerous downsides of how easily Internet of Things (IoT) context devices can be hacked will definitely get attention.  This is fine if we also gain the value of people being more aware and then engaging on an informed basis with technology and related information security risks.

I noticed recently that the New York Stock Exchange (NYSE) had sponsored and circulated a publication called Navigating The Digital Age: The Definitive Cybersecurity Guide (for Directors & Officers) to every NYSE listed company board member.  This was produced in partnership with Palo Alto Networks and a wide and impressive range of contributing writers and organisations.  I found it an excellent read.  What I particularly liked was the recognition clearly conveyed that people as much as technology (or process) are at the heart of both the information security threat and the defences.   The need to educate both the consumers of technology enabled solutions and those operating and defending them was well articulated.

The criticality of all of us being aware of the risks to our data and the steps we can take to mitigate them is becoming clearer to most people.  The publicity around corporate hacks like Sony and the recent press around the cyber “front” in the current challenging situation in the Middle East are hard to avoid.  However, in recent weeks the questions I have been asked most often around information security have been related to stories on many and various IoT devices that have allegedly proved vulnerable to hacking.  People have raised many concerns with me on a wide range of devices from connected car systems to house alarms to healthcare wearables to pacemakers.   I remember reading, but annoyingly cannot now find, an article which used the term “Internet of Nosey Things” in its discussion of the type and value of data involved.

Digital Law - shutterstock_120641284 (2)

Indeed the ISACA 2015 Risk Reward Barometer declared that its 7000+ contributors saw IoT as being the prime area of information security concern.  The survey reported that over 70% of respondents saw a medium to high likelihood of attack via such devices either in the consumer or in corporate context as they become more common in the workplace.  This concern is then compounded by the (ISC)2 Global Information Security Workforce Study 2015  which forecasts that we will simply not have enough security skilled people in the workforce to provide adequate defences.  They see the gap being as many as 1.5 million security workers too few by 2020.

If that forecast proves true then we need to have placed information security at the centre our technology design process.  In fact if you look at the automation and machine to machine implications of IoT then we clearly have to ensure our defences are not operator dependent.  The imperative to automate defences is nicely highlighted by the HP Cyber Security Report 2015.  This is a sobering read of results from interviewing 252 companies in 7 countries.   What particularly stood out in the material is that the time to recover from a cyber-attack has risen from 14 days in 2010 to 46 days in 2015; that the number of successful attacks reported has risen by 46% since 2012; and that the average cost of cybercrime per participating company was $7.7m.

So having started saying I was wary of scare mongering articles on information security I have now drifted towards the negative perspective.  It is quite hard to avoid when considering this topic I fear.  As the benefit delivered by technology is huge and alluring so does it comes risk and as ever some people don’t see a problem with acting illegally to make money.  In that sense this challenge is nothing new and we have a good track record across many societies of working out how to protect ourselves (eventually?!) from such threats.

Magna Carta - shutterstock_287752943 (2)

Perhaps we do indeed need a digital age Magna Carta or its mirror incarnations across the globe.  The content of this updated Magna Carta was built on the input of over 30,000 people having begun as an initiative focused on school children.  The British Library site hosting the debate has lots of other excellent material worth reviewing.  The good news is that the debate is still open as to what this digital age Magna Carta should state. Why don’t you go and place your vote?

Images via Shutterstock,com.

Beyond Infancy?

The trend over recent years has been for technology services to be provided on an “as a service” (aaS) basis.  The flexibility of an always available, highly and immediately scalable service for which you subscribe on a short term basis with fees directly linked to usage based metric(s) is compelling.  The drive to adopt aaS offerings by consumers and businesses has been one of the signs of our world going digital.    I do recognise that concerns remain for some primarily in relation to data portability and security.  However, we have moved beyond the initial virtualised server offerings to more sophisticated platform and software based services.  Access methods have expanded beyond web browsers on computers to the current world of “apps” from a multiplicity of devices consuming “platform services”.  So all very empowering and exciting but where do we go next?

I am not alone in thinking that the future “aaS” offerings will be shaped by the Internet of Things (IoT).  The services we consume in the near future will be delivered based on many diverse real time data streams.  Data will be drawn from existing stores and combined with data generated by an ever larger set of sensor equipped devices, human centric or automated machine to machine (M2M). The scale of this connected device proliferation is forecast to be vast.  CISCO predict 50 billion connected devices by 2020, Gartner 30 billion.  IDC believe that by the end of 2015 across the globe we will have connected just under 5,000 devices per minute for each of the 365 days.  The data from these devices will be used to enable and inform the digital services that will pervade our lives.

These digital services will be highly personalised, based on real-time analytics and contextual.   The personalisation will be all pervasive and extend beyond data unique to an individual.  Services will constantly learn and tailor themselves to each user or user group based on a vast stream of real-time received and analysed data that is context informed.   It is the contextual aspect that fascinates me the most.   Truly contextual services will be able to anticipate our needs and deliver unique experiences specific to us or defined user communities.   That ability for the digital service to anticipate will come with need for careful design to avoid slipping into being annoyingly intrusive.

The privacy aspects of digital services are complex and fascinating.  They could seriously inhibit how services evolve over the next 5 to 10 years.  Many commentator are alarmed at how lightly many people trade data privacy to access a desirable service.  Some argue that currently services tend to be relatively isolated and so the risk of unexpected data leakage is acceptable.


This would seem to be at best naive to me.  However, I do accept that refusing to accept provider terms relies on there being viable equally alluring alternatives or strong willpower!  The security of the service platforms and volume of connected devices enabling these digital services is also clearly key.  Hence the increasing focus on this aspect of the enabling IoT wave in the last 12 months.  An interesting report published by HP in 2014 looked at 10 connected devices in the market today to enable various smart home services and all failed their security testing.  A similar outcome was reported by the BBC in testing they conducted on various domestic smart devices where their hackers were successful.

If we think the current aaS offerings are flexible and add value then the good news is that we have only begun to see the potential.  Digital services are just leaving the infant stage and moving becoming toddlers.  Any parent will know that this is both an exciting, challenging and at times worrying period as the toddler becomes adept in their new skills.  Learning to walk is one thing, just remember that after that comes running!

The post has been previously published on the Business Value Exchange.
Image via  Shutterstock.

Transformation by any other name?

The world of IT is often a tribal one where people frequently have strongly held views which they love to outline on competing technologies, product vendors, service providers and anything else you care to mention.  There are some subjects which can always be relied upon to spark the euphemistic “free and frank exchange of views”.  So it was no surprise recently when I found myself in a group of CIOs with decades of experience (and the associated scars!) that the topic of IT transformation proved somewhat provocative.

The discussion started with the usual tussle over defining the term and distinguishing a technology upgrade/deployment from a business change enabled by technology programme.  The group reassuringly quickly reached agreement that the term implied an undue focus on technology.  The group preference was for the term “IT enabled business transformation”.  There was also rapid agreement on the key characteristics conveyed by that term.  These included the delivery of material business benefits gained by a tightly managed and closely measured technology enabled process change which is implemented with a clear focus on the people change requirements.

However, the debate restarted when it was suggested that the term “digital transformation” was a far better label.   The discussion also covered the term “two speed IT function” used by some analysts or “bimodal IT” as coined by Gartner to recognise the digital age facets.  All agreed that the digital age was driving a far higher focus on people within technology deployments, both in terms of the expectations created by consumerisation of IT services and the technical competence of the people consuming them.

I quite like the concept of “bimodal IT” as I do think it helps describe the duality corporate IT functions now face, namely the incessant demand for innovation at speed balanced against need to ensure appropriate data security and integrity.  We certainly must retain the disciplines of a well-defined, managed and executed business transformation enabled by technology painfully learned over many decades!  However, we do need to find risk managed ways to combine those virtues with that of rapid development, deployment and evolution of products and services.  The mantra of “measure carefully and if you are going to fail, fail early” is a good one in my view.

The importance of ensuring that the delivery remains current, valuable and aligned to requirements is not new.  However, what is new is the speed at which these programmes are now expected to deliver and so the imperative of ensuring relevance becomes more key.  That said if you leverage the right communication tools it is possible to address that requirement by harnessing the power of the population your delivery is to serve.  Doing so requires a high level of agility in every aspect of the transformation programme not to mention in its senior management sponsors.

It has always been tempting for people to label IT initiatives as transformational.  Arguably the inherent characteristics of what is truly an IT transformation programme have not changed over the years.  However, it seems very clear that some of those characteristics have evolved and gained importance in the digital age.  The people engagement imperative has become unavoidable and truly central in every sense.  This collaboration expectation combines with the relentlessly increasing pace at which delivery is demanded to create a new sense of excitement.  Successfully delivering an IT enabled business transformation programme has never been easy and we continue to improve our ability to get them right.

I think using the term digital transformation is helpful.  I much prefer it to IT transformation and it is less cumbersome than the more wordy IT enabled business transformation.  I think the word digital encapsulates business, information and technology.  It recognises for me that it is increasingly hard to distinguish between the “business” and the “IT” in the digital age.

This post was previously published on the Business Value Exchange.

Customer Experience – Digital Imperatives? (Part 2)

Customer experience is fundamentally about the quality of the interaction between the consumer and the company offering the service.  Companies are very keen to ensure that their declared brand values are seen as represented within their delivery experience.  A company called Havas Media publishes annually a report called “Meaningful Brands®” which seeks to measure that customer assessment of the overall experience.   It is fundamentally a report focused on measuring and understanding the dynamics around brand strength.  However, it adds the context of looking at how our quality of life and wellbeing connects with those corporate brands, i.e. the value judgements we make as we experience the service.  The research scale is impressive, 1,000 brands, 300,000 people, 34 countries and covering 12 industries. The report states that it “covers all aspects of people’s lives, including the impact on our collective wellbeing (the role brands play in our communities and the communities we care about), in our personal wellbeing (self-esteem, healthy lifestyles, connectivity with friends and family, making our lives easier, fitness and happiness) and marketplace factors, which relate to product performance such as quality and price”.

The Meaningful Brands® 2015 research shows that customer experiences that are felt to contribute significantly to the consumer’s individual quality of life or that of their society are rewarded with stronger business results.   In hard commercial terms the research claims that well rated Meaningful Brands outperform the stock market by some 133% and on average gain 46% more “Share of Wallet” than less well perceived players.  This analysis appears to support the assertions that many analysts have made that the transparency implicit in the digital age (reviews/referrals being examples) makes the integrity of the brand and the reality of the customer experience critical.   Interestingly as a technologist there are 5 technology companies in the top ten global performers and 3 in the top five; Samsung, Google and Sony. Geographic variations are also interesting, only 31% of brands are trusted in Western Europe and only 22% in America.  The percentage of brands that are perceived to contribute positively to quality of life are only 7% and 3% respectively.  In Latin America that measure is reported at 38% and even higher in developing countries in Asia at 75%.   Maria Garrido, Global Head of Data & Consumer Insights at Havas Media is reported as saying:  “Brands that enhance the wellbeing of people, communities and societies are more meaningful. In the West, we have a more functional relationship with brands so continuous innovation and product delivery is key. In high growth markets, the relationship between people and brands is one that focuses more on personal benefits. In these regions people look to brands to help them achieve economic status, better experiences and every-day inspiration”.   There is a wealth of information and analysis to be found on the Meaningful Brands website and it repays the time spent reviewing.

Business Ethics - shutterstock_292372004

I would argue that customer experience is not just about the quality of the interaction during the purchase transaction.  It is about the values of the brand and how they are felt by the customer as they experience the service and the degree to which they feel connected to that company.  The integrity of relationship and the ease with which disappointment can be widely shared are key factors in providing a compelling customer experience.  Digital technologies are enabling more direct interactions for companies with their customers.  The cost of direct engagement with customers relative to the recent past has dropped and is continuing to do so.   Equally at the same time digitalization makes information to assess service quality easily accessible and is enabling ever more transparency.   This complex relationship is explored in an excellent article in The Drum by Tash Whitmey entitled “Creating Experiences Customers Actually Value”.

Delivering highly valued customer experiences certainly includes the quality of the product offered and the qualitative nature of consuming it.  However, it also seems to be increasingly about how that consumption experience relates to the declared brand values and whether they are consistently lived by the company.   Indeed we have seen over the last year or so the impact on corporate reputations which have been tarnished by perceptions over their entirely legal but not admired tax optimisation strategies.  At the heart of this dynamics is a complex relationship between consumer and vendor.  How that relationship is valued by either party and how the integrity of the interaction is defined has become far more holistic and interesting in the digital age.

This post was previously published on the Business Value Exchange.
Image courtesy of

Customer Experience – Digital Imperatives? (Part 1)

I recently need to make changes to some mobile phone contracts for family members.  Our contracts were with two different mobile phone providers and one performed far better than the other.   The positive experience was with O2.  The website was clear and easy to use, the “instant messaging chat to advisor” service was quick and convenient, the human looking after me was engaging, efficient and extremely helpful.  A truly positive customer experience.  The other provider who I think should remain nameless provided an experience that had none of those attributes.  Customer experience in the digital age is often characterised as our demanding ever more flexibility in how we engage, ever more efficient and enjoyable transactions,  ever more rapid delivery and the truism of everything being immediately available at all times.   I held my engagement with O2 late on a Sunday night so I think I ticked a few of those characteristics!

The view of the consumer has arguably never been more important or more easily shared.  Over recent years the value of a referral or positive review has become increasingly important with access to many different sources at our fingertips.

I realised recently that I now automatically use reviews on sites like prior to booking any accommodation, sorting the available options by customer review scores.   Many market analysts assert that 75% of all purchase decisions are now preceded by a review, even if the review is online but the purchase is made in-store.   Of course in this context the trust in the review source and it offering the collation at sufficient scale for the scores to be meaningful is critical to creating trust in the data integrity.

At the heart of these enhanced customer experiences is the dynamic combination of mobile devices and cloud computing.  It is clear that the pace of change is stressing the capability and indeed budget of many IT organisations.   Someone recently pointed me at some excellent Forrester material on this challenge.  They use the term “Business Technology” and argue that successful CIOs need to lead their organisations from traditional style operating models to managing business technology outcomes and not IT assets.  Given a deal of this useful information is behind the Forrester paywall this Computer Weekly article is an excellent articulation of their argument, “Forrester – Manage Business Technology Outcomes Not IT Assets“.    At the same time I also recently came across an excellent article entitled 5 Metrics for Digital Success by Aaron Rudger.  I particularly liked his suggested five key metrics for the digital age: responsiveness, latency, third party app impact, load testing metrics and finally competitor benchmarking.  I will not do justice to the article here but it is well worth a read.

Digtial Service - shutterstock_203618407 (2)

Regardless of what you measure the challenges and the opportunities for IT teams is going to continue to evolve at pace.   A common message from analyst articles is that over the next five years the combination of the Internet of Things, pervasive cloud computing and big data will enable organizations to offer services which are able to learn and evolve, are contextually aware and able to react in real time to change.  So your strategy needs to ensure that the design is user-centric, that it provides for a high degree of personalisation and contextualisation and that you are able to rapid iterate to innovate.

Customer experience is fundamentally about the quality of the interaction between the consumer and the company offering the service.  The intent is to build a relationship of trust and value with the consumer so they are both a repeat buyer but more important an advocate for you.  There is as deal of research you can find that explores what transforms a buyer into a brand advocate.  The quality of the product or service is clearly key but is it sufficient?  Are there other factors being assessed by your customers when they decide whether to post that glowing review on your service?   I would argue that there are a range of criteria explicitly and implicitly being assessed every time someone experiences your service.  It would seem to me that the value judgements being made are becoming more sophisticated and perhaps based on some interesting research I recently read far more holistic that we might expect?

This post was previously published on the Business Value Exchange.
Image via

D For Device? Or Data? Or Both?

I think most people would agree that the blurring of the boundary between our working and personal lives is accelerating.  I know from many discussions that some people are more comfortable with that trend than others.  Typically those yet to see their 35th birthday seem to be mostly supportive, those that have gone past that milestone tend to be at best more sceptical at the value proposition.  There are countless case studies on highly successful companies that demonstrate their success is linked in some way to their employees having a personal commitment and deep affinity to the corporate objectives. However, recently I have read a few reports which argued that part of building that alignment can be enabled by removing the distinction between corporate devices and personal devices.  They argue that in some way this step impacts on the psyche of the employees making work more personal and so building a stronger sense of ownership.  Typically the term used in this context is Bring Your Own Device (BYOD) although there is a variant which has proponents where the employee is enabled to select device of choice from a defined catalogue, namely Choose Your Own Device (CYOD).  The latter is intended to mitigate perceived risks associated with the operating model of BYOD and its implicit wide range of device options.

BYOD Figure shutterstock_156558971

I must confess to have some doubts on the impact ascribed to BYOD in the context of employee empowerment.  I certainly accept that it can reduce operating expenses and decrease the level of corporate investment in enabling technology.  I have been involved in defining and deploying a BYOD strategy twice thus far in my career.  I can point to the financial benefits arising from trading convenient access to selected corporate data stores from employee’s smartphone for the cost of providing a corporate variant.  However, the more I talked to CIOs who have deployed BYOD schemes and some of their highly enthused employees I have heard the empowerment message coming through loud and clear.  A very confident “millennial” enthusiast for BYOD pointed out to me that she saw her smartphone and tablet as being in many ways an extension of her personality.  The growth of highly personalised wearable devices which often have a key link to the smartphone of choice is only going to make this blurred boundary more challenging.   It seems likely that intelligent watch is going to become mainstream particularly now with the arrival of the Apple Watch.  People are not likely to distinguish between their personal and corporate watch.  They will want the benefits from their device of choice in the workplace both in personal and corporate terms.

However, accepting that engagement can be driven upward by a BYOD scheme it is very clear that the most important “D” in that context is not the “device” but rather the “data”.
Information assurance and how the corporate data set is protected is undoubtedly the key to unlock BYOD deployment and the promise of more engaged, committed and enabled employees.  Data Security shutterstock_104783210 (2)If you cannot securely manage access to the corporate data employees need or want or both to access from their own device then the scope of the BYOD deployment is going to be constrained and most likely disappoint the user community.  We can all identify sectors where this constraint is in place.  Indeed it is clearly shown when you look at BYOD adoption by industry sector analysis that there are sectors where there are specific restrictions driven by information assurance policies.

I recently read (in a Forrester report I think) that by 2017 over 50% of private sector organizations will no longer provide devices to their employees.  This same report highlighted that the majority of IT decision makers believe they would be at a competitive disadvantage if they do not embrace BYOD.   A quick look via the internet search engine of your choice will provide a great deal of material on how to define and deploy a BYOD policy.

There are some great case studies available from the early adopters with  interesting insights including one that stuck in my memory of a company whose network performance was crippled as the BYOD was so successful and their policy did not limit the number of devices each employee could bring to the party.   The vast majority of what I have read focuses on the criticality of managing access to the corporate data and so the associated risk.  So you have the classic compromise situation whereby the drive from employees for an expansive BYOD deployment needs to be balanced with a securely managed data access model.  If these two aspects can be balanced then there is undoubtedly huge value in what can be derived from embracing BYOD.  Indeed many would argue that approaching corporate IT from the “IT consumerisation” user perspective can lead to valuable innovation of the corporate data security model.  A good case for  this line of argument is made by Stacey Leidwinger in her blog post entitled “Embracing Employee Empowerment“.

At the heart of this debate are what might be termed two absolute truths.  Employees that are frustrated and thwarted by restrictive technology will generally find a way around those obstacles or at the very least introduce risk by trying to do so.  At the same time in the digital age it is clear that security of corporate data must not constrain user enablement.    I think it is well recognised today that King Canute like IT departments that attempt to resist the oncoming tide of end user expectations are going to find themselves drowning under a wave of “Shadow IT” challenges.  They may well find that crucially in so doing they have driven a range of key business risks subterranean too.

Part of this post has previously been published on the Business Value Exchange.
Images courtesy of Shutterstock.

Far Too Few!

Like many of us I tend to notice articles flagging up the next big skills set demand wave.  Recently an article caught my eye proclaiming that now is the time to have cyber security skills.  A recent study called Global Information Security Workforce 2015 released by (ISC)2  reports that there will be an estimated 1.5 million people too few with skills in this key area.  The study has been conducted annually since 2004 reporting a workforce shortage at each time, however it seems that the supply to demand gap is now accelerating.

The importance of this workforce aspect in relation to cyber security demands is also highlighted in a report I recently read by Accenture entitled “Intelligent Security: Defending The Digital Business“.  In it they summarise the most common issues challenging organisations in having an effective response to cyber security, namely:

  • Linking security and business.Tie security programs to business goals and engage stakeholders in the security conversation.
  • Thinking outside the compliance (check) box.Go beyond control- or audit-centred approaches and align with two key elements: the business itself and the nature of the threats the enterprise faces.
  • Governing the extended enterprise.Establish appropriate frameworks, policies and controls to protect extended IT environments.
  • Keeping pace with persistent threats.Adopt a dynamic approach including intelligence, analytics and response to deal with a widening variety of attacks.
  • Addressing the security supply/demand imbalance.Develop and retain staff experienced in security architecture planning and design, tools and integration to increase the likelihood of successful outcomes.

Supporting the report they also have a very good infographic that is worth a visit “Take A Security Leap Forwards“.

The point Accenture make that compliance to a given industry’s cyber security regulations is only a good starting point particularly resonates.  This is a discussion I have had many times over recent months with colleagues.  Meeting compliance requirements is only the minimum level to achieve.  It also often tends to be associated with relatively static time based audits rather than  real-time monitoring and indeed adaptation.  It is pretty clear that the sophistication of externally originated cyber-attacks evolves extremely rapidly.  The points attacked are those where defences are strongest and in the hyper-connected digital world securing the perimeter or specific “citadels” within that perimeter is challenging.   The defenses need to be real-time, automated, holistic and appropriately funded to both meet the risk and reflect the asset value.

It seems to me that the last year or so has seen a growing understanding of the importance of the Chief Information Security Officer (CISO) role. Based on hearsay it seems that they are having an easier task in obtaining adequate funding for their function.  Of course the tooling needs to match the sophistication and evolutionary pace of the cyber attackers.  The CISO needs to be enabled to engage with new and disruptive technologies as their emerge so they can define a layer defensive strategy that does not become perceived as a blocker but rather adding value and an absolute necessity.  Constructive, frequent and open access to the senior leadership team of any business is critical for a CISO that is empowered to bring real value to their organisation.  Often the decision points will be difficult as concepts such as innovation, agility and pace are confronted directly by valid concerns on information integrity and protection appropriate to the value it represents.

cyber security - shutterstock_204844114 (2)

As ever in the world of technology there is money to be made by vendors providing tooling that enables appropriate levels of security in the digital world.  A recent Financial Times article by Hannah Kuchler highlighted that the cyber security market is now estimated as a $15bn-$20bn over the next three years.  The article reports that venture capital funding flowing into this area exceed $1bn for the first time in the first quarter of 2015.  Apparently the venture capital funding for the whole of 2014 for cyber security was $2.3bn, itself an increase of 33% over 2013.  The money is certainly flowing into the cyber security space.  Given the recent experiences of Sony and the publication of information the hackers extracted by WikiLeaks it does start to seem rather unsurprising.

All that said I do think many organisations face their biggest cyber security risk from threats that are far from new to us.  The first is the often depressing factor of your own company’s people doing something that in hindsight they would fully accept as being dim.  This is often despite the act exposing the corporate information being heavily and frequently communicated as unacceptable.  However, in my career to date the threat that has caused me most issues has been obsolete software.  Obsolete software that is not listed in the IT asset database and might be lurking under a desk or part of the “shadow IT” world procured on a credit card and forgotten.  This software is no longer being actively patched for security vulnerabilities by the vendor.  It is so easily missed and the first time you become aware of its existence might well be a very unfortunate moment.  Sounds trivial compared to the sophisticated cyber attacker but it does represent an easy access point for them.  There are many examples of obsolete software that has been around long enough to be very well embedded.  The next one I think might create a few issues for many of us is MS Windows Server 2003 which goes out of support in mid July 2015.  Might be worth another check to be sure you will have no surprises in late July?

Image via

Just Connect?

Is 2015 the year in which the much discussed Internet of Things (IoT) is becoming mainstream?  I was prompted to muse on this question by watching a friend remotely check and then reset the temperature of his home via their smartphone from our restaurant table.  Also that same evening saw me extolling the benefits of my health wearable device and demonstrating how to review my statistics via an app on my smartphone.  This is certainly different from the initial smart sensors on goods and within warehouses that help track stock levels and triggered replenishment orders.  My first encounter with IoT was in the smart meter space in the energy sector.  This is where meters enhanced with sensors are deployed to enable the providers to remotely monitor energy usage real-time and use that feedback to optimise their delivery model.

IoT 2 - shutterstock_254834209 (2)Indeed defining the term IoT can be problematic.  I like this definition from a McKinsey article, that it is “the networking of physical objects through the use of embedded sensors, actuators, and other devices that can collect or transmit information about the objects. The data amassed from these devices can then be analysed to optimize products, services, and operations”.   In 2011 when IoT first hit my radar I remember many articles from analysts predicting that by 2020 the market for connected devices would have reached somewhere between 50 billion and 100 billion units.  Generally analysts today seem to be talking about a reduced but still material 20 billion or 30 billion units by that date.

To enable that scale to be reached we need to look beyond the “Things” and indeed even the connectivity aspect.  Ultimately the old mantra of “it is all about the data” is at the heart of the key ingredients required.  It is not just about getting the data to a store in the cloud.  It is about doing so in a way that reflects the information privacy and security dimension within a framework of enabling technology standards.  I don’t think we will realise the promise if we end up with an IoT that is more the “Internet of Proprietary Things”.

I picked up on the proprietary angle in an article by Matt Honan in the magazine Wired:  “Apple is building a world in which there is a computer in your every interaction, waking and sleeping.  A computer in your pocket.  A computer on your body.  A computer paying for all your purchases.  A computer opening your hotel room door.  A computer monitoring your movements as you walk through the mall.   A computer watching you sleep.   A computer controlling the devices in your home.  A computer that tells you where you parked.  A computer taking your pulse, telling you how many steps you took, how high you climbed and how many calories you burned – and sharing it all with your friends…. The ecosystem may be lush, but it will be, by design, limited.  Call it the Internet of Proprietary Things.”

Many see a darker side to the IoT vision.   They see a world where you are constantly tracked, monitored and the data about you monetised without your permission on a massive scale.  Indeed some go as far as seeing the IoT as enabling a far more effective and efficient surveillance by the state, yet with the added twist that we seem to be volunteering to have it.

Cyber Surveillance - shutterstock_95308294 (2)

The threat seen is that we end up being monitoring by every device in our lives from our cars, to our household white goods, to a massive range of smartphone or wearable type apps and to the more understood spend trail we leave with credit and debit cards.  This set of data points will then be correlated, analysed and without the relevant protections on privacy sold on to businesses without you being explicitly aware and agreeing.

There are a number of articles around that counter this point by making a link from IoT in this regard to social media.  I think the point they miss in doing so is that social media is for those that are suitably wary about presenting a curated view of yourself.  As the world becomes ever more digitized and people tracked by a growing myriad of devices it will almost certainly leave fewer and fewer opportunities to decide not to participate.   It’s one thing to curate the view of yourself that is broadcast on social media.  It would seem to me to be quite another to see how much curated content will exist in the world IoT might create.  I think it is vital that the IoT promise is achieved by having an appropriate model of regulation to ensure privacy remains an option.

Images sourced from Shutterstock.
This blog post was previous published on the Business Value Exchange.

Digital Zoom – Part 2

It seems clear that cloud computing in public, private and/or hybrid guise will become the norm for corporate IT over the course of 2015.  However, to deliver the promised pricing and supply elasticity it will be critical for suppliers to have achieved scale.   As a result it seems very likely that suppliers sometimes called the “hyper scale cloud players” will become an even more material presence in the corporate sector.  The key three players of the “hyper scale cloud” club would seem to be AWS, Azure and Google.

However, scale alone will be insufficient as it will not just be all about lower cost per unit consumed.  During 2014 it has become increasingly clear that management of cloud services, particularly integrated management of multiple cloud platforms is going to be a key differentiator for suppliers.  The recent collaboration announcement by Accenture and Microsoft on their Hybrid Cloud Platform initiative is arguably recognition of this point.  Many analysts are also rightly seeing the management imperative as being tightly linked to one of automation.  Automation will be critical to deliver the essential real time monitoring and self-healing facilities as well as enabling the required cost economics to operate shared platforms at scale.  Responding successfully to these imperatives will require bold investment strategies and the associated financial means to invest and await the returns in future years.  To help manage the investment implications I also think we will see more partnerships announced as well as a willingness to enter into joint ventures.

Digital Zoom - shutterstock_96758821 (2)

In the software arena I think 2015 will see big winners in those with analytic tooling that can enable access to digital stores, increasingly across multiple data silos.  The software architectures will have to accommodate the mobile device favoured by data consumers and deliver a highly contextualised interaction model.  The key challenge is going to be how to make money quickly enough to fund the required software development in a way that matches the flexibility and fragmentation of the demand.

Pace will be a critical factor and it will continue to be one of the key threats to the enabling infrastructure both in terms of meeting the function demand but also in being able to iterate rapidly to remain current.  This last point brings me to my first New Year’s resolution scarily early.  At a recent CIO webinar the topic of DevOps came up as one of the key tactics technology providers will need to adopt to achieve the required flexibility and speed of action and reaction.  My resolution is to address my feckless knowledge gap and educate myself on DevOps as I was somewhat embarrassed on the call to be largely uninformed on this topic.  I will return to this topic to update on my progress or lack thereof in early 2015, but if useful to you too here is an excellent DevOps focused site!

Post was original made on the Business Value Exchange site.
Image is via Shutterstock.

Digital Zoom – Part 1

As always December is a good month to find opinions being shared on what 2015 will bring in terms of technology trends.  My good intentions are always to commit my thoughts to writing early in the month.  Typically each year I fail to act and reach the middle of January before sitting down to write.  This year I aim to break the trend!  However, my other firm resolve to get the Christmas cards into the post early has once again proved fruitless.

I think 2014 was the year in which the “drive to a digital world” really gathered pace and became all pervasive. How that digital content is being consumed is key and many analysts are arguing that more time is being spent consuming data via mobile applications than via the web.  A good articulation of this argument has been made by Benedict Evans in his post entitled “Mobile Is Eating The World”.  It seems that the drive to a digital world and mobile devices are completely intertwined.  It is clear that success in 2015 in virtually all business spheres will depend on how adeptly companies continue to adapt their business model and offerings to the digital world.

Digital World - shutterstock_69191626

The expectation that services can be consumed at the total convenience of the customer is now deeply embedded, certainly in the societies of the G20 countries and arguably globally.  That “anytime, anyplace, anywhere” mantra (yes I am old enough to remember the famous Martini advert!) is conditioned I think by the importance of brand recognition, context and trust.  It seems to me that people are becoming slowly more aware of the risks of the digital world, particularly the ability to trust content and to rely on privacy for data and identity.  A Forrester analyst Heidi Shey recently blogged that “Today, about a third of security decision-makers in North America and Europe view privacy as a competitive differentiator.  Forrester expects to see half of enterprises share this sentiment by the end of 2015”.  The detail of the research is behind the Forrester pay-wall but the summary is worth a read.

Clearly to enable the hyper-connected digital world we will need to see the underlying infrastructure continue to evolve at an ever increasing pace.  I think the argument that the digital world is made real through an ever growing population of devices and sensors combining to enable contextual data consumption is right.  A very persuasive summary of this argument was given by Satya Nadella back in March 2014 early in his tenure at Microsoft in his “Mobile first, Cloud first” strategy messaging.  The Internet of Things (IoT) concept will become ever more real and valuable in 2015. It will require underlying cloud based services to enable the collection, collation and presentation back in a value adding form and context.  The rapid proliferation of wearables technology is just one visible sign of the devices landscape that will enable the digital world and realise the IoT promise.  The sheer number of mobile phones (often quoted as being over 7 billion now in use) with the “there is an app for that” assumption is bringing the connected digital world into the consumer mainstream ever more quickly.

We are all now expecting that the different data units required to enable a transaction or consumer experience to take place will be seamlessly collated and enacted.  The initial “wow that is clever” reaction to data being combined to enable something that was once slow and painful to execute will increasingly be replaced by impatience and frustration if it is not so.  I tried to explain to someone the other day how hard it used to be to renew car road tax as opposed to the online seamless checking of the various key components required for validation delivered by the DVLA website. I felt ancient!

So in short I see 2015 as the year where the IoT concept becomes visible to the mainstream.  It will be the year where the difference between a strong digitisation strategy and an average one will translate to material competitive advantage.  It will be the year where brands that demonstrate the quality of their content and deliver a superb customer experience combined with an appropriate contextualised respect for data and identity privacy will win.

All very exciting might be your reaction, but what does that mean for those of us in the technology sector then?

Post was also published on the Business Value Exchange.
Image is via Shutterstock.