Recently I seem unable to avoid reading material on security risks associated with the use of technology. It is certainly a good thing that the topic has a growing profile as that can positively drive upward awareness of the risks. However, I do worry that many articles only tend to articulate the risks and remain silent on the potential benefits arising from technology enabling our lives. Writing about the dangerous downsides of how easily Internet of Things (IoT) context devices can be hacked will definitely get attention. This is fine if we also gain the value of people being more aware and then engaging on an informed basis with technology and related information security risks.
I noticed recently that the New York Stock Exchange (NYSE) had sponsored and circulated a publication called Navigating The Digital Age: The Definitive Cybersecurity Guide (for Directors & Officers) to every NYSE listed company board member. This was produced in partnership with Palo Alto Networks and a wide and impressive range of contributing writers and organisations. I found it an excellent read. What I particularly liked was the recognition clearly conveyed that people as much as technology (or process) are at the heart of both the information security threat and the defences. The need to educate both the consumers of technology enabled solutions and those operating and defending them was well articulated.
The criticality of all of us being aware of the risks to our data and the steps we can take to mitigate them is becoming clearer to most people. The publicity around corporate hacks like Sony and the recent press around the cyber “front” in the current challenging situation in the Middle East are hard to avoid. However, in recent weeks the questions I have been asked most often around information security have been related to stories on many and various IoT devices that have allegedly proved vulnerable to hacking. People have raised many concerns with me on a wide range of devices from connected car systems to house alarms to healthcare wearables to pacemakers. I remember reading, but annoyingly cannot now find, an article which used the term “Internet of Nosey Things” in its discussion of the type and value of data involved.
Indeed the ISACA 2015 Risk Reward Barometer declared that its 7000+ contributors saw IoT as being the prime area of information security concern. The survey reported that over 70% of respondents saw a medium to high likelihood of attack via such devices either in the consumer or in corporate context as they become more common in the workplace. This concern is then compounded by the (ISC)2 Global Information Security Workforce Study 2015 which forecasts that we will simply not have enough security skilled people in the workforce to provide adequate defences. They see the gap being as many as 1.5 million security workers too few by 2020.
If that forecast proves true then we need to have placed information security at the centre our technology design process. In fact if you look at the automation and machine to machine implications of IoT then we clearly have to ensure our defences are not operator dependent. The imperative to automate defences is nicely highlighted by the HP Cyber Security Report 2015. This is a sobering read of results from interviewing 252 companies in 7 countries. What particularly stood out in the material is that the time to recover from a cyber-attack has risen from 14 days in 2010 to 46 days in 2015; that the number of successful attacks reported has risen by 46% since 2012; and that the average cost of cybercrime per participating company was $7.7m.
So having started saying I was wary of scare mongering articles on information security I have now drifted towards the negative perspective. It is quite hard to avoid when considering this topic I fear. As the benefit delivered by technology is huge and alluring so does it comes risk and as ever some people don’t see a problem with acting illegally to make money. In that sense this challenge is nothing new and we have a good track record across many societies of working out how to protect ourselves (eventually?!) from such threats.
Perhaps we do indeed need a digital age Magna Carta or its mirror incarnations across the globe. The content of this updated Magna Carta was built on the input of over 30,000 people having begun as an initiative focused on school children. The British Library site hosting the debate has lots of other excellent material worth reviewing. The good news is that the debate is still open as to what this digital age Magna Carta should state. Why don’t you go and place your vote?
Images via Shutterstock,com.
The trend over recent years has been for technology services to be provided on an “as a service” (aaS) basis. The flexibility of an always available, highly and immediately scalable service for which you subscribe on a short term basis with fees directly linked to usage based metric(s) is compelling. The drive to adopt aaS offerings by consumers and businesses has been one of the signs of our world going digital. I do recognise that concerns remain for some primarily in relation to data portability and security. However, we have moved beyond the initial virtualised server offerings to more sophisticated platform and software based services. Access methods have expanded beyond web browsers on computers to the current world of “apps” from a multiplicity of devices consuming “platform services”. So all very empowering and exciting but where do we go next?
I am not alone in thinking that the future “aaS” offerings will be shaped by the Internet of Things (IoT). The services we consume in the near future will be delivered based on many diverse real time data streams. Data will be drawn from existing stores and combined with data generated by an ever larger set of sensor equipped devices, human centric or automated machine to machine (M2M). The scale of this connected device proliferation is forecast to be vast. CISCO predict 50 billion connected devices by 2020, Gartner 30 billion. IDC believe that by the end of 2015 across the globe we will have connected just under 5,000 devices per minute for each of the 365 days. The data from these devices will be used to enable and inform the digital services that will pervade our lives.
These digital services will be highly personalised, based on real-time analytics and contextual. The personalisation will be all pervasive and extend beyond data unique to an individual. Services will constantly learn and tailor themselves to each user or user group based on a vast stream of real-time received and analysed data that is context informed. It is the contextual aspect that fascinates me the most. Truly contextual services will be able to anticipate our needs and deliver unique experiences specific to us or defined user communities. That ability for the digital service to anticipate will come with need for careful design to avoid slipping into being annoyingly intrusive.
The privacy aspects of digital services are complex and fascinating. They could seriously inhibit how services evolve over the next 5 to 10 years. Many commentator are alarmed at how lightly many people trade data privacy to access a desirable service. Some argue that currently services tend to be relatively isolated and so the risk of unexpected data leakage is acceptable.
This would seem to be at best naive to me. However, I do accept that refusing to accept provider terms relies on there being viable equally alluring alternatives or strong willpower! The security of the service platforms and volume of connected devices enabling these digital services is also clearly key. Hence the increasing focus on this aspect of the enabling IoT wave in the last 12 months. An interesting report published by HP in 2014 looked at 10 connected devices in the market today to enable various smart home services and all failed their security testing. A similar outcome was reported by the BBC in testing they conducted on various domestic smart devices where their hackers were successful.
If we think the current aaS offerings are flexible and add value then the good news is that we have only begun to see the potential. Digital services are just leaving the infant stage and moving becoming toddlers. Any parent will know that this is both an exciting, challenging and at times worrying period as the toddler becomes adept in their new skills. Learning to walk is one thing, just remember that after that comes running!
The post has been previously published on the Business Value Exchange.
Image via Shutterstock.
Customer experience is fundamentally about the quality of the interaction between the consumer and the company offering the service. Companies are very keen to ensure that their declared brand values are seen as represented within their delivery experience. A company called Havas Media publishes annually a report called “Meaningful Brands®” which seeks to measure that customer assessment of the overall experience. It is fundamentally a report focused on measuring and understanding the dynamics around brand strength. However, it adds the context of looking at how our quality of life and wellbeing connects with those corporate brands, i.e. the value judgements we make as we experience the service. The research scale is impressive, 1,000 brands, 300,000 people, 34 countries and covering 12 industries. The report states that it “covers all aspects of people’s lives, including the impact on our collective wellbeing (the role brands play in our communities and the communities we care about), in our personal wellbeing (self-esteem, healthy lifestyles, connectivity with friends and family, making our lives easier, fitness and happiness) and marketplace factors, which relate to product performance such as quality and price”.
The Meaningful Brands® 2015 research shows that customer experiences that are felt to contribute significantly to the consumer’s individual quality of life or that of their society are rewarded with stronger business results. In hard commercial terms the research claims that well rated Meaningful Brands outperform the stock market by some 133% and on average gain 46% more “Share of Wallet” than less well perceived players. This analysis appears to support the assertions that many analysts have made that the transparency implicit in the digital age (reviews/referrals being examples) makes the integrity of the brand and the reality of the customer experience critical. Interestingly as a technologist there are 5 technology companies in the top ten global performers and 3 in the top five; Samsung, Google and Sony. Geographic variations are also interesting, only 31% of brands are trusted in Western Europe and only 22% in America. The percentage of brands that are perceived to contribute positively to quality of life are only 7% and 3% respectively. In Latin America that measure is reported at 38% and even higher in developing countries in Asia at 75%. Maria Garrido, Global Head of Data & Consumer Insights at Havas Media is reported as saying: “Brands that enhance the wellbeing of people, communities and societies are more meaningful. In the West, we have a more functional relationship with brands so continuous innovation and product delivery is key. In high growth markets, the relationship between people and brands is one that focuses more on personal benefits. In these regions people look to brands to help them achieve economic status, better experiences and every-day inspiration”. There is a wealth of information and analysis to be found on the Meaningful Brands website and it repays the time spent reviewing.
I would argue that customer experience is not just about the quality of the interaction during the purchase transaction. It is about the values of the brand and how they are felt by the customer as they experience the service and the degree to which they feel connected to that company. The integrity of relationship and the ease with which disappointment can be widely shared are key factors in providing a compelling customer experience. Digital technologies are enabling more direct interactions for companies with their customers. The cost of direct engagement with customers relative to the recent past has dropped and is continuing to do so. Equally at the same time digitalization makes information to assess service quality easily accessible and is enabling ever more transparency. This complex relationship is explored in an excellent article in The Drum by Tash Whitmey entitled “Creating Experiences Customers Actually Value”.
Delivering highly valued customer experiences certainly includes the quality of the product offered and the qualitative nature of consuming it. However, it also seems to be increasingly about how that consumption experience relates to the declared brand values and whether they are consistently lived by the company. Indeed we have seen over the last year or so the impact on corporate reputations which have been tarnished by perceptions over their entirely legal but not admired tax optimisation strategies. At the heart of this dynamics is a complex relationship between consumer and vendor. How that relationship is valued by either party and how the integrity of the interaction is defined has become far more holistic and interesting in the digital age.
This post was previously published on the Business Value Exchange.
Image courtesy of Shutterstock.com
I recently need to make changes to some mobile phone contracts for family members. Our contracts were with two different mobile phone providers and one performed far better than the other. The positive experience was with O2. The website was clear and easy to use, the “instant messaging chat to advisor” service was quick and convenient, the human looking after me was engaging, efficient and extremely helpful. A truly positive customer experience. The other provider who I think should remain nameless provided an experience that had none of those attributes. Customer experience in the digital age is often characterised as our demanding ever more flexibility in how we engage, ever more efficient and enjoyable transactions, ever more rapid delivery and the truism of everything being immediately available at all times. I held my engagement with O2 late on a Sunday night so I think I ticked a few of those characteristics!
The view of the consumer has arguably never been more important or more easily shared. Over recent years the value of a referral or positive review has become increasingly important with access to many different sources at our fingertips.
I realised recently that I now automatically use reviews on sites like Booking.com prior to booking any accommodation, sorting the available options by customer review scores. Many market analysts assert that 75% of all purchase decisions are now preceded by a review, even if the review is online but the purchase is made in-store. Of course in this context the trust in the review source and it offering the collation at sufficient scale for the scores to be meaningful is critical to creating trust in the data integrity.
At the heart of these enhanced customer experiences is the dynamic combination of mobile devices and cloud computing. It is clear that the pace of change is stressing the capability and indeed budget of many IT organisations. Someone recently pointed me at some excellent Forrester material on this challenge. They use the term “Business Technology” and argue that successful CIOs need to lead their organisations from traditional style operating models to managing business technology outcomes and not IT assets. Given a deal of this useful information is behind the Forrester paywall this Computer Weekly article is an excellent articulation of their argument, “Forrester – Manage Business Technology Outcomes Not IT Assets“. At the same time I also recently came across an excellent article entitled 5 Metrics for Digital Success by Aaron Rudger. I particularly liked his suggested five key metrics for the digital age: responsiveness, latency, third party app impact, load testing metrics and finally competitor benchmarking. I will not do justice to the article here but it is well worth a read.
Regardless of what you measure the challenges and the opportunities for IT teams is going to continue to evolve at pace. A common message from analyst articles is that over the next five years the combination of the Internet of Things, pervasive cloud computing and big data will enable organizations to offer services which are able to learn and evolve, are contextually aware and able to react in real time to change. So your strategy needs to ensure that the design is user-centric, that it provides for a high degree of personalisation and contextualisation and that you are able to rapid iterate to innovate.
Customer experience is fundamentally about the quality of the interaction between the consumer and the company offering the service. The intent is to build a relationship of trust and value with the consumer so they are both a repeat buyer but more important an advocate for you. There is as deal of research you can find that explores what transforms a buyer into a brand advocate. The quality of the product or service is clearly key but is it sufficient? Are there other factors being assessed by your customers when they decide whether to post that glowing review on your service? I would argue that there are a range of criteria explicitly and implicitly being assessed every time someone experiences your service. It would seem to me that the value judgements being made are becoming more sophisticated and perhaps based on some interesting research I recently read far more holistic that we might expect?
This post was previously published on the Business Value Exchange.
Image via Shutterstock.com.
I think most people would agree that the blurring of the boundary between our working and personal lives is accelerating. I know from many discussions that some people are more comfortable with that trend than others. Typically those yet to see their 35th birthday seem to be mostly supportive, those that have gone past that milestone tend to be at best more sceptical at the value proposition. There are countless case studies on highly successful companies that demonstrate their success is linked in some way to their employees having a personal commitment and deep affinity to the corporate objectives. However, recently I have read a few reports which argued that part of building that alignment can be enabled by removing the distinction between corporate devices and personal devices. They argue that in some way this step impacts on the psyche of the employees making work more personal and so building a stronger sense of ownership. Typically the term used in this context is Bring Your Own Device (BYOD) although there is a variant which has proponents where the employee is enabled to select device of choice from a defined catalogue, namely Choose Your Own Device (CYOD). The latter is intended to mitigate perceived risks associated with the operating model of BYOD and its implicit wide range of device options.
I must confess to have some doubts on the impact ascribed to BYOD in the context of employee empowerment. I certainly accept that it can reduce operating expenses and decrease the level of corporate investment in enabling technology. I have been involved in defining and deploying a BYOD strategy twice thus far in my career. I can point to the financial benefits arising from trading convenient access to selected corporate data stores from employee’s smartphone for the cost of providing a corporate variant. However, the more I talked to CIOs who have deployed BYOD schemes and some of their highly enthused employees I have heard the empowerment message coming through loud and clear. A very confident “millennial” enthusiast for BYOD pointed out to me that she saw her smartphone and tablet as being in many ways an extension of her personality. The growth of highly personalised wearable devices which often have a key link to the smartphone of choice is only going to make this blurred boundary more challenging. It seems likely that intelligent watch is going to become mainstream particularly now with the arrival of the Apple Watch. People are not likely to distinguish between their personal and corporate watch. They will want the benefits from their device of choice in the workplace both in personal and corporate terms.
However, accepting that engagement can be driven upward by a BYOD scheme it is very clear that the most important “D” in that context is not the “device” but rather the “data”.
Information assurance and how the corporate data set is protected is undoubtedly the key to unlock BYOD deployment and the promise of more engaged, committed and enabled employees. If you cannot securely manage access to the corporate data employees need or want or both to access from their own device then the scope of the BYOD deployment is going to be constrained and most likely disappoint the user community. We can all identify sectors where this constraint is in place. Indeed it is clearly shown when you look at BYOD adoption by industry sector analysis that there are sectors where there are specific restrictions driven by information assurance policies.
I recently read (in a Forrester report I think) that by 2017 over 50% of private sector organizations will no longer provide devices to their employees. This same report highlighted that the majority of IT decision makers believe they would be at a competitive disadvantage if they do not embrace BYOD. A quick look via the internet search engine of your choice will provide a great deal of material on how to define and deploy a BYOD policy.
There are some great case studies available from the early adopters with interesting insights including one that stuck in my memory of a company whose network performance was crippled as the BYOD was so successful and their policy did not limit the number of devices each employee could bring to the party. The vast majority of what I have read focuses on the criticality of managing access to the corporate data and so the associated risk. So you have the classic compromise situation whereby the drive from employees for an expansive BYOD deployment needs to be balanced with a securely managed data access model. If these two aspects can be balanced then there is undoubtedly huge value in what can be derived from embracing BYOD. Indeed many would argue that approaching corporate IT from the “IT consumerisation” user perspective can lead to valuable innovation of the corporate data security model. A good case for this line of argument is made by Stacey Leidwinger in her blog post entitled “Embracing Employee Empowerment“.
At the heart of this debate are what might be termed two absolute truths. Employees that are frustrated and thwarted by restrictive technology will generally find a way around those obstacles or at the very least introduce risk by trying to do so. At the same time in the digital age it is clear that security of corporate data must not constrain user enablement. I think it is well recognised today that King Canute like IT departments that attempt to resist the oncoming tide of end user expectations are going to find themselves drowning under a wave of “Shadow IT” challenges. They may well find that crucially in so doing they have driven a range of key business risks subterranean too.
Part of this post has previously been published on the Business Value Exchange.
Images courtesy of Shutterstock.
Like many of us I tend to notice articles flagging up the next big skills set demand wave. Recently an article caught my eye proclaiming that now is the time to have cyber security skills. A recent study called Global Information Security Workforce 2015 released by (ISC)2 reports that there will be an estimated 1.5 million people too few with skills in this key area. The study has been conducted annually since 2004 reporting a workforce shortage at each time, however it seems that the supply to demand gap is now accelerating.
The importance of this workforce aspect in relation to cyber security demands is also highlighted in a report I recently read by Accenture entitled “Intelligent Security: Defending The Digital Business“. In it they summarise the most common issues challenging organisations in having an effective response to cyber security, namely:
- Linking security and business.Tie security programs to business goals and engage stakeholders in the security conversation.
- Thinking outside the compliance (check) box.Go beyond control- or audit-centred approaches and align with two key elements: the business itself and the nature of the threats the enterprise faces.
- Governing the extended enterprise.Establish appropriate frameworks, policies and controls to protect extended IT environments.
- Keeping pace with persistent threats.Adopt a dynamic approach including intelligence, analytics and response to deal with a widening variety of attacks.
- Addressing the security supply/demand imbalance.Develop and retain staff experienced in security architecture planning and design, tools and integration to increase the likelihood of successful outcomes.
Supporting the report they also have a very good infographic that is worth a visit “Take A Security Leap Forwards“.
The point Accenture make that compliance to a given industry’s cyber security regulations is only a good starting point particularly resonates. This is a discussion I have had many times over recent months with colleagues. Meeting compliance requirements is only the minimum level to achieve. It also often tends to be associated with relatively static time based audits rather than real-time monitoring and indeed adaptation. It is pretty clear that the sophistication of externally originated cyber-attacks evolves extremely rapidly. The points attacked are those where defences are strongest and in the hyper-connected digital world securing the perimeter or specific “citadels” within that perimeter is challenging. The defenses need to be real-time, automated, holistic and appropriately funded to both meet the risk and reflect the asset value.
It seems to me that the last year or so has seen a growing understanding of the importance of the Chief Information Security Officer (CISO) role. Based on hearsay it seems that they are having an easier task in obtaining adequate funding for their function. Of course the tooling needs to match the sophistication and evolutionary pace of the cyber attackers. The CISO needs to be enabled to engage with new and disruptive technologies as their emerge so they can define a layer defensive strategy that does not become perceived as a blocker but rather adding value and an absolute necessity. Constructive, frequent and open access to the senior leadership team of any business is critical for a CISO that is empowered to bring real value to their organisation. Often the decision points will be difficult as concepts such as innovation, agility and pace are confronted directly by valid concerns on information integrity and protection appropriate to the value it represents.
As ever in the world of technology there is money to be made by vendors providing tooling that enables appropriate levels of security in the digital world. A recent Financial Times article by Hannah Kuchler highlighted that the cyber security market is now estimated as a $15bn-$20bn over the next three years. The article reports that venture capital funding flowing into this area exceed $1bn for the first time in the first quarter of 2015. Apparently the venture capital funding for the whole of 2014 for cyber security was $2.3bn, itself an increase of 33% over 2013. The money is certainly flowing into the cyber security space. Given the recent experiences of Sony and the publication of information the hackers extracted by WikiLeaks it does start to seem rather unsurprising.
All that said I do think many organisations face their biggest cyber security risk from threats that are far from new to us. The first is the often depressing factor of your own company’s people doing something that in hindsight they would fully accept as being dim. This is often despite the act exposing the corporate information being heavily and frequently communicated as unacceptable. However, in my career to date the threat that has caused me most issues has been obsolete software. Obsolete software that is not listed in the IT asset database and might be lurking under a desk or part of the “shadow IT” world procured on a credit card and forgotten. This software is no longer being actively patched for security vulnerabilities by the vendor. It is so easily missed and the first time you become aware of its existence might well be a very unfortunate moment. Sounds trivial compared to the sophisticated cyber attacker but it does represent an easy access point for them. There are many examples of obsolete software that has been around long enough to be very well embedded. The next one I think might create a few issues for many of us is MS Windows Server 2003 which goes out of support in mid July 2015. Might be worth another check to be sure you will have no surprises in late July?
Image via Shutterstock.com.
It seems clear that cloud computing in public, private and/or hybrid guise will become the norm for corporate IT over the course of 2015. However, to deliver the promised pricing and supply elasticity it will be critical for suppliers to have achieved scale. As a result it seems very likely that suppliers sometimes called the “hyper scale cloud players” will become an even more material presence in the corporate sector. The key three players of the “hyper scale cloud” club would seem to be AWS, Azure and Google.
However, scale alone will be insufficient as it will not just be all about lower cost per unit consumed. During 2014 it has become increasingly clear that management of cloud services, particularly integrated management of multiple cloud platforms is going to be a key differentiator for suppliers. The recent collaboration announcement by Accenture and Microsoft on their Hybrid Cloud Platform initiative is arguably recognition of this point. Many analysts are also rightly seeing the management imperative as being tightly linked to one of automation. Automation will be critical to deliver the essential real time monitoring and self-healing facilities as well as enabling the required cost economics to operate shared platforms at scale. Responding successfully to these imperatives will require bold investment strategies and the associated financial means to invest and await the returns in future years. To help manage the investment implications I also think we will see more partnerships announced as well as a willingness to enter into joint ventures.
In the software arena I think 2015 will see big winners in those with analytic tooling that can enable access to digital stores, increasingly across multiple data silos. The software architectures will have to accommodate the mobile device favoured by data consumers and deliver a highly contextualised interaction model. The key challenge is going to be how to make money quickly enough to fund the required software development in a way that matches the flexibility and fragmentation of the demand.
Pace will be a critical factor and it will continue to be one of the key threats to the enabling infrastructure both in terms of meeting the function demand but also in being able to iterate rapidly to remain current. This last point brings me to my first New Year’s resolution scarily early. At a recent CIO webinar the topic of DevOps came up as one of the key tactics technology providers will need to adopt to achieve the required flexibility and speed of action and reaction. My resolution is to address my feckless knowledge gap and educate myself on DevOps as I was somewhat embarrassed on the call to be largely uninformed on this topic. I will return to this topic to update on my progress or lack thereof in early 2015, but if useful to you too here is an excellent DevOps focused site!
Post was original made on the Business Value Exchange site.
Image is via Shutterstock.
Earlier this week my eye was caught be an email I received entitled “Eight New Tech Job Titles”. One of the most unusual job titles I have come across in my career is “Chief Monster” which was used for a while by Jeff Tayler the founder of monster.com. Although I believe that role title was unique I do tend to keep an eye on what role titles are emerging in the corporate world and so of course I clicked on the link. Nothing particularly startling in the eight titles listed but the “Chief Analytics / Data / Science Officer” entry did catch my eye, not least because I had recently for the first time encountered someone who carried the title “Chief Data Scientist”. The chap was presenting on a webcast and worked for a large US retailer and the context was a session on “big data” on which he had some very interesting views. I would share the link to the webcast but it is behind a subscription service paywall.
However, first it is perhaps worth defining the term “big data”. In general it seems accepted to refer to the exponential growth and availability of structured and unstructured data, a key dynamic of the digital age. People typically refine that broad definition by referencing some concepts I believe were first articulated by Doug Laney in 2001. He defined “big data” in terms of the characteristics of volume, velocity and variety. I recently came across an excellent IBM infographic entitled “The Four Vs of Big Data in which they had added veracity. The infographic is an excellent summary and it would be foolish of me to try and restate it here. I did register that within it is an arresting statement that by 2015 IBM believe that there will be 4.4m new IT jobs created in the big data field; note to self, can this old dog learn some new tricks to reinvent himself?
So you can imagine that on coming across my first Chief Data Scientist I had a number of questions to pose to him. I’m sure you will all have seen the various statistics about the exponential generation of data both in terms of the social media type context such as 30billion pieces of content shared on Facebook every month or facts like there are 6 billion mobile phones in use or that by 2016 it is forecast that there will be 18.9 billion network connections or that today each day there is estimated to be 2.3 trillion gigabytes of data created. Sadly I didn’t get to pose any of my (in my view!) insightful questions, however others admirably stepped into the breach.
The first question set to him was by a CIO musing on the number of “challenging” data warehouse projects in her past (snap!) and was focused on his approach to handling the complexity implicit in the big data arena. The data is arriving at speed from multiple sources both structured and unstructured and to be of value it is necessary to process the data sets (link, match and cleanse at a minimum) before you can start to meaningfully connect/correlate relationships to turn data into information into insight. I liked his initial answer; “Frankly if it was at all easy no one would be interested in paying me to hold a role with such a fancy job title!”. I liked his second point even more which was “It is easy to get over excited about the neat new analytic tools, how much processing power you need or whether you can leverage cloud based analytic engines. What is absolutely critical is domain knowledge, you have to understand the business context in which the data is created and in which it is being interpreted to create business insight and ultimately competitive advantage.” However, driven by the questions being posed he did then actually proceed to talk at length about technology tools at which point I will confess to losing interest quite quickly.
Of course what was extremely familiar was the message around needing to be able to use the power of the technology to create a context for the data whilst taking due note of the implications of the “four Vs” so well-articulated by the IBM infographic. This is the core message that CIOs and their teams hear all the time. It is those that internalise and act upon it that typically become the success stories and the technology capacity seen as an innovation engine for the business enabling competitive advantages. To get a sense of the size of the prize around big data and some case studies on success stories I recommend a read of the report Big Data In Big Companies by Thomas Davenport and Jill Dyche. To reflect on the gestation time for trends in technology to become deployed innovations in the business world I suggest reading the 2011 McKinsey report “Big Data The Next Frontier For Innovation, Competition & Productivity”. I remember reading this report in late 2011 when preparing a presentation on the Internet of Things and pondering whether it would be more than hype by 2015; I think we can declare yes at this point in time.
A recent blog post by Vincent Rousselet entitled “A Tale Of Digital Literacy” resonated greatly with me. I particularly liked the discussion on whether Instagram was a force for ill between his daughters! However, it starting me thinking about two questions: what exactly is the definition of digital literacy and how does that relate to the corporate IT? A quick meander around the Internet courtesy of the ubiquitous Google and I found this excellent blog post by Cindy Plunkett, “What Is Digital Literacy?” . There is a wealth of excellent material on this site and on many others debating the societal imperatives in the digital age. I particularly liked the quote from Alvin Toffler I came across on what being illiterate in the twenty first century means, namely “The illiterate of the 21st century will not be those that cannot read and write, but those who cannot learn, unlearn and relearn”.
I do despair of those in the corporate world that equate mastery of the digital world with knowing all about the latest and greatest technology, generally focused on the latest end user device. I tend to label the technology fad obsessed senior executive as being a devotee of the “Magpie Approach” to technology. These technology enthusiasts sadly confuse the allure of the latest shiny thing with considered adoption of technology to derive business benefit with an appropriate assessment of the associated risks of being an early adopter. Now I am not arguing that being an early adopter of a new technology is a bad thing, what I am arguing is that sitting at the pointy end of technology advances is a high risk strategy that needs to be underpinned by a clear sighted assessment of the risk to reward equation. Generally my heart sinks in the corporate context when I hear people enthusing about the latest tablet, smartphone, laptop, application or business solution. In my view once people view technology with the same perspective most of us apply to a new pen or other commonplace tool they are probably taking a balanced view. If they enthuse first about the business benefits that the new shiny IT object can deliver and then make a passing comment to exercise their inner geek, my alarm sensors see nothing worthy of triggering an alert!
Digital literacy in the corporate context needs the senior executives to be focused on leverage exciting benefit from the unexciting and the workforce trained and empowered to make effective use of the technology tooling. Clearly a sense of buzz generated from shiny new devices can be a powerful motivator as part of the adoption process within the business change programme, but it should just be the means to an end not the means in itself. So ultimately I am arguing that the digitally literate senior executive is someone that understands the value to be gained from the digital world but is not unduly driven by the glittering latest shiny new technology. I am arguing that once you view technology as a tool to be deployed in the digital age to enable and empower your business, then that is when as a business leader you are digitally literate.
Image via Shutterstock.com
This post was previously published on the Business Value Exchange.
A recent interim role opportunity advert listed among the required skills “extensive mergers and acquisition (M&A) experience” but on further discussion the need really seemed to be focused on systems integration. Clearly the ability to plan a sensible integration of two or more corporate IT landscapes into a strategic coherent whole is critical in a M&A context, including re-conforming previous decisions on delivery models still meet the needs of the organisation. However, there is equally value, potentially more value, to be gained from engaging the CIO prior to the deal being struck rather than simply to handle the consequences. If the acquisition is not a technology company it can be very easy to ignore hidden value or costs within its IT assets, a relatively trite example being that buying a company today with only Microsoft XP deployed on very aged computers will very quickly present a potentially material investment cost. In a previous role I was taken along to a newly acquired company in Germany by my regional CEO on the Monday morning we took possession. The employees joining the company were there bright and early in the very smart office but there was no IT kit on any desk as the detail of the deal had failed to actually acquire those assets; hard to believe but a true story. It was this incident that made it very easy for me to insist on the IT team being engaged with any acquisition deal right from the start and being part of the final buy decision review process.
If anyone is needing convincing of the criticality of IT and its leader on successful M&A then point them at this excellent McKinsey article from 2011, Understanding the strategic value of IT in M&A. If M&A is all about finding synergies then the McKinsey statistic in this article that over 50% of those synergies tend to relate to IT probably wins any debate on why CIOs should be actively engaged from the twinkle in the eye stage through to the fully integrated with no seams showing outcome. This argument holds true if you are part of the divesting team equally and a compelling articulation of the strength of the corporate technology and how it is designed to enable rapid and low cost integration could well help close the deal.
I do struggle to understand why the CIO role in M&A is open to question but at a recent industry event I found a number of CIOs that were feeling excluded from the decision process and very concerned at the potential consequences that they would inherit and have to resolve. The common pitfall it seemed to me listening to the debate was to express the imperative in technology terms rather than using business language and describing the concerns in terms of business outcomes that would be thwarted as well as the clear attention grabber of how much money getting the IT assessment and integration plan wrong could require. I’m not sure it can really be that simple, but then again perhaps it might just be that straightforward?