Digital Magna Carta time?

Recently I seem unable to avoid reading material on security risks associated with the use of technology.  It is certainly a good thing that the topic has a growing profile as that can positively drive upward awareness of the risks.  However, I do worry that many articles only tend to articulate the risks and remain silent on the potential benefits arising from technology enabling our lives.  Writing about the dangerous downsides of how easily Internet of Things (IoT) context devices can be hacked will definitely get attention.  This is fine if we also gain the value of people being more aware and then engaging on an informed basis with technology and related information security risks.

I noticed recently that the New York Stock Exchange (NYSE) had sponsored and circulated a publication called Navigating The Digital Age: The Definitive Cybersecurity Guide (for Directors & Officers) to every NYSE listed company board member.  This was produced in partnership with Palo Alto Networks and a wide and impressive range of contributing writers and organisations.  I found it an excellent read.  What I particularly liked was the recognition clearly conveyed that people as much as technology (or process) are at the heart of both the information security threat and the defences.   The need to educate both the consumers of technology enabled solutions and those operating and defending them was well articulated.

The criticality of all of us being aware of the risks to our data and the steps we can take to mitigate them is becoming clearer to most people.  The publicity around corporate hacks like Sony and the recent press around the cyber “front” in the current challenging situation in the Middle East are hard to avoid.  However, in recent weeks the questions I have been asked most often around information security have been related to stories on many and various IoT devices that have allegedly proved vulnerable to hacking.  People have raised many concerns with me on a wide range of devices from connected car systems to house alarms to healthcare wearables to pacemakers.   I remember reading, but annoyingly cannot now find, an article which used the term “Internet of Nosey Things” in its discussion of the type and value of data involved.

Digital Law - shutterstock_120641284 (2)

Indeed the ISACA 2015 Risk Reward Barometer declared that its 7000+ contributors saw IoT as being the prime area of information security concern.  The survey reported that over 70% of respondents saw a medium to high likelihood of attack via such devices either in the consumer or in corporate context as they become more common in the workplace.  This concern is then compounded by the (ISC)2 Global Information Security Workforce Study 2015  which forecasts that we will simply not have enough security skilled people in the workforce to provide adequate defences.  They see the gap being as many as 1.5 million security workers too few by 2020.

If that forecast proves true then we need to have placed information security at the centre our technology design process.  In fact if you look at the automation and machine to machine implications of IoT then we clearly have to ensure our defences are not operator dependent.  The imperative to automate defences is nicely highlighted by the HP Cyber Security Report 2015.  This is a sobering read of results from interviewing 252 companies in 7 countries.   What particularly stood out in the material is that the time to recover from a cyber-attack has risen from 14 days in 2010 to 46 days in 2015; that the number of successful attacks reported has risen by 46% since 2012; and that the average cost of cybercrime per participating company was $7.7m.

So having started saying I was wary of scare mongering articles on information security I have now drifted towards the negative perspective.  It is quite hard to avoid when considering this topic I fear.  As the benefit delivered by technology is huge and alluring so does it comes risk and as ever some people don’t see a problem with acting illegally to make money.  In that sense this challenge is nothing new and we have a good track record across many societies of working out how to protect ourselves (eventually?!) from such threats.

Magna Carta - shutterstock_287752943 (2)

Perhaps we do indeed need a digital age Magna Carta or its mirror incarnations across the globe.  The content of this updated Magna Carta was built on the input of over 30,000 people having begun as an initiative focused on school children.  The British Library site hosting the debate has lots of other excellent material worth reviewing.  The good news is that the debate is still open as to what this digital age Magna Carta should state. Why don’t you go and place your vote?

Images via Shutterstock,com.

Beyond Infancy?

The trend over recent years has been for technology services to be provided on an “as a service” (aaS) basis.  The flexibility of an always available, highly and immediately scalable service for which you subscribe on a short term basis with fees directly linked to usage based metric(s) is compelling.  The drive to adopt aaS offerings by consumers and businesses has been one of the signs of our world going digital.    I do recognise that concerns remain for some primarily in relation to data portability and security.  However, we have moved beyond the initial virtualised server offerings to more sophisticated platform and software based services.  Access methods have expanded beyond web browsers on computers to the current world of “apps” from a multiplicity of devices consuming “platform services”.  So all very empowering and exciting but where do we go next?

I am not alone in thinking that the future “aaS” offerings will be shaped by the Internet of Things (IoT).  The services we consume in the near future will be delivered based on many diverse real time data streams.  Data will be drawn from existing stores and combined with data generated by an ever larger set of sensor equipped devices, human centric or automated machine to machine (M2M). The scale of this connected device proliferation is forecast to be vast.  CISCO predict 50 billion connected devices by 2020, Gartner 30 billion.  IDC believe that by the end of 2015 across the globe we will have connected just under 5,000 devices per minute for each of the 365 days.  The data from these devices will be used to enable and inform the digital services that will pervade our lives.

These digital services will be highly personalised, based on real-time analytics and contextual.   The personalisation will be all pervasive and extend beyond data unique to an individual.  Services will constantly learn and tailor themselves to each user or user group based on a vast stream of real-time received and analysed data that is context informed.   It is the contextual aspect that fascinates me the most.   Truly contextual services will be able to anticipate our needs and deliver unique experiences specific to us or defined user communities.   That ability for the digital service to anticipate will come with need for careful design to avoid slipping into being annoyingly intrusive.

The privacy aspects of digital services are complex and fascinating.  They could seriously inhibit how services evolve over the next 5 to 10 years.  Many commentator are alarmed at how lightly many people trade data privacy to access a desirable service.  Some argue that currently services tend to be relatively isolated and so the risk of unexpected data leakage is acceptable.


This would seem to be at best naive to me.  However, I do accept that refusing to accept provider terms relies on there being viable equally alluring alternatives or strong willpower!  The security of the service platforms and volume of connected devices enabling these digital services is also clearly key.  Hence the increasing focus on this aspect of the enabling IoT wave in the last 12 months.  An interesting report published by HP in 2014 looked at 10 connected devices in the market today to enable various smart home services and all failed their security testing.  A similar outcome was reported by the BBC in testing they conducted on various domestic smart devices where their hackers were successful.

If we think the current aaS offerings are flexible and add value then the good news is that we have only begun to see the potential.  Digital services are just leaving the infant stage and moving becoming toddlers.  Any parent will know that this is both an exciting, challenging and at times worrying period as the toddler becomes adept in their new skills.  Learning to walk is one thing, just remember that after that comes running!

The post has been previously published on the Business Value Exchange.
Image via  Shutterstock.

Customer Experience – Digital Imperatives? (Part 1)

I recently need to make changes to some mobile phone contracts for family members.  Our contracts were with two different mobile phone providers and one performed far better than the other.   The positive experience was with O2.  The website was clear and easy to use, the “instant messaging chat to advisor” service was quick and convenient, the human looking after me was engaging, efficient and extremely helpful.  A truly positive customer experience.  The other provider who I think should remain nameless provided an experience that had none of those attributes.  Customer experience in the digital age is often characterised as our demanding ever more flexibility in how we engage, ever more efficient and enjoyable transactions,  ever more rapid delivery and the truism of everything being immediately available at all times.   I held my engagement with O2 late on a Sunday night so I think I ticked a few of those characteristics!

The view of the consumer has arguably never been more important or more easily shared.  Over recent years the value of a referral or positive review has become increasingly important with access to many different sources at our fingertips.

I realised recently that I now automatically use reviews on sites like prior to booking any accommodation, sorting the available options by customer review scores.   Many market analysts assert that 75% of all purchase decisions are now preceded by a review, even if the review is online but the purchase is made in-store.   Of course in this context the trust in the review source and it offering the collation at sufficient scale for the scores to be meaningful is critical to creating trust in the data integrity.

At the heart of these enhanced customer experiences is the dynamic combination of mobile devices and cloud computing.  It is clear that the pace of change is stressing the capability and indeed budget of many IT organisations.   Someone recently pointed me at some excellent Forrester material on this challenge.  They use the term “Business Technology” and argue that successful CIOs need to lead their organisations from traditional style operating models to managing business technology outcomes and not IT assets.  Given a deal of this useful information is behind the Forrester paywall this Computer Weekly article is an excellent articulation of their argument, “Forrester – Manage Business Technology Outcomes Not IT Assets“.    At the same time I also recently came across an excellent article entitled 5 Metrics for Digital Success by Aaron Rudger.  I particularly liked his suggested five key metrics for the digital age: responsiveness, latency, third party app impact, load testing metrics and finally competitor benchmarking.  I will not do justice to the article here but it is well worth a read.

Digtial Service - shutterstock_203618407 (2)

Regardless of what you measure the challenges and the opportunities for IT teams is going to continue to evolve at pace.   A common message from analyst articles is that over the next five years the combination of the Internet of Things, pervasive cloud computing and big data will enable organizations to offer services which are able to learn and evolve, are contextually aware and able to react in real time to change.  So your strategy needs to ensure that the design is user-centric, that it provides for a high degree of personalisation and contextualisation and that you are able to rapid iterate to innovate.

Customer experience is fundamentally about the quality of the interaction between the consumer and the company offering the service.  The intent is to build a relationship of trust and value with the consumer so they are both a repeat buyer but more important an advocate for you.  There is as deal of research you can find that explores what transforms a buyer into a brand advocate.  The quality of the product or service is clearly key but is it sufficient?  Are there other factors being assessed by your customers when they decide whether to post that glowing review on your service?   I would argue that there are a range of criteria explicitly and implicitly being assessed every time someone experiences your service.  It would seem to me that the value judgements being made are becoming more sophisticated and perhaps based on some interesting research I recently read far more holistic that we might expect?

This post was previously published on the Business Value Exchange.
Image via

D For Device? Or Data? Or Both?

I think most people would agree that the blurring of the boundary between our working and personal lives is accelerating.  I know from many discussions that some people are more comfortable with that trend than others.  Typically those yet to see their 35th birthday seem to be mostly supportive, those that have gone past that milestone tend to be at best more sceptical at the value proposition.  There are countless case studies on highly successful companies that demonstrate their success is linked in some way to their employees having a personal commitment and deep affinity to the corporate objectives. However, recently I have read a few reports which argued that part of building that alignment can be enabled by removing the distinction between corporate devices and personal devices.  They argue that in some way this step impacts on the psyche of the employees making work more personal and so building a stronger sense of ownership.  Typically the term used in this context is Bring Your Own Device (BYOD) although there is a variant which has proponents where the employee is enabled to select device of choice from a defined catalogue, namely Choose Your Own Device (CYOD).  The latter is intended to mitigate perceived risks associated with the operating model of BYOD and its implicit wide range of device options.

BYOD Figure shutterstock_156558971

I must confess to have some doubts on the impact ascribed to BYOD in the context of employee empowerment.  I certainly accept that it can reduce operating expenses and decrease the level of corporate investment in enabling technology.  I have been involved in defining and deploying a BYOD strategy twice thus far in my career.  I can point to the financial benefits arising from trading convenient access to selected corporate data stores from employee’s smartphone for the cost of providing a corporate variant.  However, the more I talked to CIOs who have deployed BYOD schemes and some of their highly enthused employees I have heard the empowerment message coming through loud and clear.  A very confident “millennial” enthusiast for BYOD pointed out to me that she saw her smartphone and tablet as being in many ways an extension of her personality.  The growth of highly personalised wearable devices which often have a key link to the smartphone of choice is only going to make this blurred boundary more challenging.   It seems likely that intelligent watch is going to become mainstream particularly now with the arrival of the Apple Watch.  People are not likely to distinguish between their personal and corporate watch.  They will want the benefits from their device of choice in the workplace both in personal and corporate terms.

However, accepting that engagement can be driven upward by a BYOD scheme it is very clear that the most important “D” in that context is not the “device” but rather the “data”.
Information assurance and how the corporate data set is protected is undoubtedly the key to unlock BYOD deployment and the promise of more engaged, committed and enabled employees.  Data Security shutterstock_104783210 (2)If you cannot securely manage access to the corporate data employees need or want or both to access from their own device then the scope of the BYOD deployment is going to be constrained and most likely disappoint the user community.  We can all identify sectors where this constraint is in place.  Indeed it is clearly shown when you look at BYOD adoption by industry sector analysis that there are sectors where there are specific restrictions driven by information assurance policies.

I recently read (in a Forrester report I think) that by 2017 over 50% of private sector organizations will no longer provide devices to their employees.  This same report highlighted that the majority of IT decision makers believe they would be at a competitive disadvantage if they do not embrace BYOD.   A quick look via the internet search engine of your choice will provide a great deal of material on how to define and deploy a BYOD policy.

There are some great case studies available from the early adopters with  interesting insights including one that stuck in my memory of a company whose network performance was crippled as the BYOD was so successful and their policy did not limit the number of devices each employee could bring to the party.   The vast majority of what I have read focuses on the criticality of managing access to the corporate data and so the associated risk.  So you have the classic compromise situation whereby the drive from employees for an expansive BYOD deployment needs to be balanced with a securely managed data access model.  If these two aspects can be balanced then there is undoubtedly huge value in what can be derived from embracing BYOD.  Indeed many would argue that approaching corporate IT from the “IT consumerisation” user perspective can lead to valuable innovation of the corporate data security model.  A good case for  this line of argument is made by Stacey Leidwinger in her blog post entitled “Embracing Employee Empowerment“.

At the heart of this debate are what might be termed two absolute truths.  Employees that are frustrated and thwarted by restrictive technology will generally find a way around those obstacles or at the very least introduce risk by trying to do so.  At the same time in the digital age it is clear that security of corporate data must not constrain user enablement.    I think it is well recognised today that King Canute like IT departments that attempt to resist the oncoming tide of end user expectations are going to find themselves drowning under a wave of “Shadow IT” challenges.  They may well find that crucially in so doing they have driven a range of key business risks subterranean too.

Part of this post has previously been published on the Business Value Exchange.
Images courtesy of Shutterstock.

Far Too Few!

Like many of us I tend to notice articles flagging up the next big skills set demand wave.  Recently an article caught my eye proclaiming that now is the time to have cyber security skills.  A recent study called Global Information Security Workforce 2015 released by (ISC)2  reports that there will be an estimated 1.5 million people too few with skills in this key area.  The study has been conducted annually since 2004 reporting a workforce shortage at each time, however it seems that the supply to demand gap is now accelerating.

The importance of this workforce aspect in relation to cyber security demands is also highlighted in a report I recently read by Accenture entitled “Intelligent Security: Defending The Digital Business“.  In it they summarise the most common issues challenging organisations in having an effective response to cyber security, namely:

  • Linking security and business.Tie security programs to business goals and engage stakeholders in the security conversation.
  • Thinking outside the compliance (check) box.Go beyond control- or audit-centred approaches and align with two key elements: the business itself and the nature of the threats the enterprise faces.
  • Governing the extended enterprise.Establish appropriate frameworks, policies and controls to protect extended IT environments.
  • Keeping pace with persistent threats.Adopt a dynamic approach including intelligence, analytics and response to deal with a widening variety of attacks.
  • Addressing the security supply/demand imbalance.Develop and retain staff experienced in security architecture planning and design, tools and integration to increase the likelihood of successful outcomes.

Supporting the report they also have a very good infographic that is worth a visit “Take A Security Leap Forwards“.

The point Accenture make that compliance to a given industry’s cyber security regulations is only a good starting point particularly resonates.  This is a discussion I have had many times over recent months with colleagues.  Meeting compliance requirements is only the minimum level to achieve.  It also often tends to be associated with relatively static time based audits rather than  real-time monitoring and indeed adaptation.  It is pretty clear that the sophistication of externally originated cyber-attacks evolves extremely rapidly.  The points attacked are those where defences are strongest and in the hyper-connected digital world securing the perimeter or specific “citadels” within that perimeter is challenging.   The defenses need to be real-time, automated, holistic and appropriately funded to both meet the risk and reflect the asset value.

It seems to me that the last year or so has seen a growing understanding of the importance of the Chief Information Security Officer (CISO) role. Based on hearsay it seems that they are having an easier task in obtaining adequate funding for their function.  Of course the tooling needs to match the sophistication and evolutionary pace of the cyber attackers.  The CISO needs to be enabled to engage with new and disruptive technologies as their emerge so they can define a layer defensive strategy that does not become perceived as a blocker but rather adding value and an absolute necessity.  Constructive, frequent and open access to the senior leadership team of any business is critical for a CISO that is empowered to bring real value to their organisation.  Often the decision points will be difficult as concepts such as innovation, agility and pace are confronted directly by valid concerns on information integrity and protection appropriate to the value it represents.

cyber security - shutterstock_204844114 (2)

As ever in the world of technology there is money to be made by vendors providing tooling that enables appropriate levels of security in the digital world.  A recent Financial Times article by Hannah Kuchler highlighted that the cyber security market is now estimated as a $15bn-$20bn over the next three years.  The article reports that venture capital funding flowing into this area exceed $1bn for the first time in the first quarter of 2015.  Apparently the venture capital funding for the whole of 2014 for cyber security was $2.3bn, itself an increase of 33% over 2013.  The money is certainly flowing into the cyber security space.  Given the recent experiences of Sony and the publication of information the hackers extracted by WikiLeaks it does start to seem rather unsurprising.

All that said I do think many organisations face their biggest cyber security risk from threats that are far from new to us.  The first is the often depressing factor of your own company’s people doing something that in hindsight they would fully accept as being dim.  This is often despite the act exposing the corporate information being heavily and frequently communicated as unacceptable.  However, in my career to date the threat that has caused me most issues has been obsolete software.  Obsolete software that is not listed in the IT asset database and might be lurking under a desk or part of the “shadow IT” world procured on a credit card and forgotten.  This software is no longer being actively patched for security vulnerabilities by the vendor.  It is so easily missed and the first time you become aware of its existence might well be a very unfortunate moment.  Sounds trivial compared to the sophisticated cyber attacker but it does represent an easy access point for them.  There are many examples of obsolete software that has been around long enough to be very well embedded.  The next one I think might create a few issues for many of us is MS Windows Server 2003 which goes out of support in mid July 2015.  Might be worth another check to be sure you will have no surprises in late July?

Image via

Digital Zoom – Part 2

It seems clear that cloud computing in public, private and/or hybrid guise will become the norm for corporate IT over the course of 2015.  However, to deliver the promised pricing and supply elasticity it will be critical for suppliers to have achieved scale.   As a result it seems very likely that suppliers sometimes called the “hyper scale cloud players” will become an even more material presence in the corporate sector.  The key three players of the “hyper scale cloud” club would seem to be AWS, Azure and Google.

However, scale alone will be insufficient as it will not just be all about lower cost per unit consumed.  During 2014 it has become increasingly clear that management of cloud services, particularly integrated management of multiple cloud platforms is going to be a key differentiator for suppliers.  The recent collaboration announcement by Accenture and Microsoft on their Hybrid Cloud Platform initiative is arguably recognition of this point.  Many analysts are also rightly seeing the management imperative as being tightly linked to one of automation.  Automation will be critical to deliver the essential real time monitoring and self-healing facilities as well as enabling the required cost economics to operate shared platforms at scale.  Responding successfully to these imperatives will require bold investment strategies and the associated financial means to invest and await the returns in future years.  To help manage the investment implications I also think we will see more partnerships announced as well as a willingness to enter into joint ventures.

Digital Zoom - shutterstock_96758821 (2)

In the software arena I think 2015 will see big winners in those with analytic tooling that can enable access to digital stores, increasingly across multiple data silos.  The software architectures will have to accommodate the mobile device favoured by data consumers and deliver a highly contextualised interaction model.  The key challenge is going to be how to make money quickly enough to fund the required software development in a way that matches the flexibility and fragmentation of the demand.

Pace will be a critical factor and it will continue to be one of the key threats to the enabling infrastructure both in terms of meeting the function demand but also in being able to iterate rapidly to remain current.  This last point brings me to my first New Year’s resolution scarily early.  At a recent CIO webinar the topic of DevOps came up as one of the key tactics technology providers will need to adopt to achieve the required flexibility and speed of action and reaction.  My resolution is to address my feckless knowledge gap and educate myself on DevOps as I was somewhat embarrassed on the call to be largely uninformed on this topic.  I will return to this topic to update on my progress or lack thereof in early 2015, but if useful to you too here is an excellent DevOps focused site!

Post was original made on the Business Value Exchange site.
Image is via Shutterstock.

Engagement Drivers?

Many companies gather employee feedback at this time of year wishing for an engagement score that is an improvement over the previous results.  I find that people often confuse employee satisfaction with employee engagement.  High satisfaction levels with a current employer do not necessarily indicate that the workforce is actively striving to deliver to the corporate goals with a high degree of emotional investment and willingness to “go the extra mile or more”.  Indeed I have sometimes seen a team deliver demonstrate fantastic commitment to the cause whilst simultaneously being extremely ambivalent about the company itself and its declared vision.  There needs to be a binding force that propels the team to collective and collaborative success, but that is not always a positive endorsement of the corporate goals.  People are complex but team dynamics arguably even more so.

Perhaps the most frequent cul-de-sac I see companies rush into at high speed is to confused engagement with a multitude of technological enabled interaction channels.  This particular vice seems most likely when the senior management feels it has to engage with the younger segments of its demographic.  A fixation on terms like “Generation Y” or “Millennials” and the imperative to focus on digital world based interaction above all else.   Clearly taking advantage of the opportunity presented by social media to engage with the workforce is today an essential step.  However it is equally important to have the compelling content to stimulate debate and sell the key messages to the team.  At the risk entering a world of clichés the right approach is to have a well-articulated and compelling set of messages conveyed via a communication strategy blending a range of channels to enable individuals to engage, absorb and contribute in the manner most relevant and comfortable to them.

Engage - shutterstock_223446205 (2)

Identifying the behavioral drivers for individuals, teams and entire organisations, and effectively aligning those to the corporate objectives is a key part of the workforce engagement puzzle.  Over recent years I have seen a rising number of situations where a key component of a successful engagement strategy has been placing those actions and desired goals beyond personal or corporate gain to having a positive impact on society itself.  In short to have a clear link to a clearly articulated corporate social responsibility commitment.  I am not discounting the criticality of having an employee engagement strategy with integrity that ensures convergence of vision, values and actions.  I am arguing that the truly high performing organisations with highly engaged and motivated employees frequently seem to create a balance between the drivers of the individual, the company and the society within which they sit.  My musings along this line of thought were triggered by reading an excellent interview with Adam Grant a professor from Wharton Business School discussing his recently published book “Give and Take: Why Helping Others Drives Our Success”.  I think his material does hit on some key themes which need to be contemplated when considering what exactly does employee engagement mean and how is it used as a force for good.


Image via Shutterstock, Engage – 223446205

Context Is All

Earlier this week my eye was caught be an email I received entitled “Eight New Tech Job Titles”.  One of the most unusual job titles I have come across in my career is “Chief Monster” which was used for a while by Jeff Tayler the founder of  Although I believe that role title was unique I do tend to keep an eye on what role titles are emerging in the corporate world and so of course I clicked on the link.  Nothing particularly startling in the eight titles listed but the “Chief Analytics / Data / Science Officer” entry did catch my eye, not least because I had recently for the first time encountered someone who carried the title “Chief Data Scientist”.  The chap was presenting on a webcast and worked for a large US retailer and the context was a session on “big data” on which he had some very interesting views.  I would share the link to the webcast but it is behind a subscription service paywall.

However, first it is perhaps worth defining the term “big data”.   In general it seems accepted to refer to the exponential growth and availability of structured and unstructured data, a key dynamic of the digital age.  People typically refine that broad definition by referencing some concepts I believe were first articulated by Doug Laney in 2001.  He defined “big data” in terms of the characteristics of volume, velocity and variety.  I recently came across an excellent IBM infographic entitled “The Four Vs of Big Data in which they had added veracity.  The infographic is an excellent summary and it would be foolish of me to try and restate it here.  I did register that within it is an arresting statement that by 2015 IBM believe that there will be 4.4m new IT jobs created in the big data field; note to self, can this old dog learn some new tricks to reinvent himself?

So you can imagine that on coming across my first Chief Data Scientist I had a number of questions to pose to him.  I’m sure you will all have seen the various statistics about the exponential generation of data both in terms of the social media type context such as 30billion pieces of content shared on Facebook every month or facts like there are 6 billion mobile phones in use or that by 2016 it is forecast that there will be 18.9 billion network connections or that today each day there is estimated to be 2.3 trillion gigabytes of data created.  Sadly I didn’t get to pose any of my (in my view!) insightful questions, however others admirably stepped into the breach.

The first question set to him was by a CIO musing on the number of “challenging” data warehouse projects in her past (snap!) and was focused on his approach to handling the complexity implicit in the big data arena.  The data is arriving at speed from multiple sources both structured and unstructured and to be of value it is necessary to process the data sets (link, match and cleanse at a minimum) before you can start to meaningfully connect/correlate relationships to turn data into information into insight.  I liked his initial answer; “Frankly if it was at all easy no one would be interested in paying me to hold a role with such a fancy job title!”.   I liked his second point even more which was “It is easy to get over excited about the neat new analytic tools, how much processing power you need or whether you can leverage cloud based analytic engines.  What is absolutely critical is domain knowledge, you have to understand the business context in which the data is created and in which it is being interpreted to create business insight and ultimately competitive advantage.”  However, driven by the questions being posed he did then actually proceed to talk at length about technology tools at which point I will confess to losing interest quite quickly.

Of course what was extremely familiar was the message around needing to be able to use the power of the technology to create a context for the data whilst taking due note of the implications of the “four Vs” so well-articulated by the IBM infographic.  This is the core message that CIOs and their teams hear all the time.  It is those that internalise and act upon it that typically become the success stories and the technology capacity seen as an innovation engine for the business enabling competitive advantages.  To get a sense of the size of the prize around big data and some case studies on success stories I recommend a read of the report Big Data In Big Companies by Thomas Davenport and Jill Dyche.  To reflect on the gestation time for trends in technology to become deployed innovations in the business world I suggest reading the 2011 McKinsey report “Big Data The Next Frontier For Innovation, Competition & Productivity”.  I remember reading this report in late 2011 when preparing a presentation  on the Internet of Things and pondering whether it would be more than hype by 2015; I think we can declare yes at this point in time.

Digital Literacy – A Corporate Perspective?

A recent blog post by Vincent Rousselet entitled “A Tale Of Digital Literacy”  resonated greatly with me.  I particularly liked the discussion on whether Instagram was a force for ill between his daughters!  However, it starting me thinking about two questions: what exactly is the definition of digital literacy and how does that relate to the corporate IT?  A quick meander around the Internet courtesy of the ubiquitous Google and I found this excellent blog post by Cindy Plunkett, “What Is Digital Literacy?” .  There is a wealth of excellent material on this site and on many others debating the societal imperatives in the digital age.  I particularly liked the quote from Alvin Toffler I came across on what being illiterate in the twenty first century means, namely “The illiterate of the 21st century will not be those that cannot read and write, but those who cannot learn, unlearn and relearn”.


I do despair of those in the corporate world that equate mastery of the digital world with knowing all about the latest and greatest technology, generally focused on the latest end user device. I tend to label the technology fad obsessed senior executive as being a devotee of the “Magpie Approach” to technology.  These technology enthusiasts sadly confuse the allure of the latest shiny thing with considered adoption of technology to derive business benefit with an appropriate assessment of the associated risks of being an early adopter.  Now I am not arguing that being an early adopter of a new technology is a bad thing, what I am arguing is that sitting at the pointy end of technology advances is a high risk strategy that needs to be underpinned by a clear sighted assessment of the risk to reward equation.  Generally my heart sinks in the corporate context when I hear people enthusing about the latest tablet, smartphone, laptop, application or business solution.  In my view once people view technology with the same perspective most of us apply to a new pen or other commonplace tool they are probably taking a balanced view. If they enthuse first about the business benefits that the new shiny IT object can deliver and then make a passing comment to exercise their inner geek, my alarm sensors see nothing worthy of triggering an alert!

Digital literacy in the corporate context needs the senior executives to be focused on leverage exciting benefit from the unexciting and the workforce trained and empowered to make effective use of the technology tooling. Clearly a sense of buzz generated from shiny new devices can be a powerful motivator as part of the adoption process within the business change programme, but it should just be the means to an end not the means in itself.  So ultimately I am arguing that the digitally literate senior executive is someone that understands the value to be gained from the digital world but is not unduly driven by the glittering latest shiny new technology.  I am arguing that once you view technology as a tool to be deployed in the digital age to enable and empower your business, then that is when as a business leader you are digitally literate.

Image via

This post was previously published on the Business Value Exchange.

Success To One: Failure To Another

The very moment I sat down my dinner guest’s agitation could clearly no longer be contained.  “A failure, a failure?  I have delivered a £15 million IT transformation project to scope, to budget and to deadline!  A miracle based on the company’s track record over the last few years!  A failure!” he declared bitterly.   By the main course the agitation had subsided somewhat and the facts had become clearer and I was beginning to see the nub of the divergence between what he saw as his team’s big success and what his CEO’s viewed as failing.  The critical word was the often misused “T” word, transformation. shutterstock_84273679 The project was extremely complex and had been a real challenge to deliver across many sites integrating together a number of vendors whilst managing a seamless transition from the legacy platform.  However, it became clear the longer we talked that there had indeed been virtually no focus on the wider business benefits beyond that directly derived from the new technology solution.    The more I asked annoying questions using phrases like “benefits value chain”, “stakeholder engagement” and “holistic business case” the more obvious it became that whilst the CEO clearly felt he’d invested in a full blown business transformation initiative, his company had actually mobilised and enacted a technology refresh project.  There appeared to have been no shared vision of the outcomes expected from the investment and certainly nothing evolved from that vision into measurable successful delivery of the business value.  It was clear to me that the project team had worked extremely hard and had delivered what can depressingly be a rare event; a technology refresh project within budget to scope and deadline. I am sure we have all come across variants of this tale during our careers, perhaps even been to some degree in the position of my friend as we learned our trade and worked up to a CIO position.  Whenever I hear the word transformation I am now pre-programmed to question the scope, the stakeholder engagement and how success will be recognised at the end of the project.  To some extent this is based on bitter experience as I carry some scars from earlier in my career, don’t we all if we are honest? But it is also because there are so many cautionary case studies in the technology industry that arguably there can be no excuse to repeat the history of others.  Yet there seems to be a steady flow of new examples of transformational woe and these are not errors made by the slightly dim and deranged, these are errors made by highly capable business and technology leaders.  The sparkle of a technologically  challenging project can still blind us to the real business drivers and indeed to the truism that mostly the technology is the easier element.  The hard part is driving behavioural change in individuals, in teams and in organisations.  Indeed I think we can argue that technology mastery whilst often a key element to delivering business change is not the most critical aspect.  That label is reserved for the often over-looked element of excellent project management, a viewpoint argued by this interesting article published recently by Forbes.  However, equally I could offer up examples of talented managers that don’t seem to grasp how to deliver programmes that do have material technology components but which also demand the ability to deliver a holistic vision and achieve organisational change leading to enhanced business value.  So the “T” word needs to be treated with respect and the right team mobilised to truly deliver transformational change rather than just change.   Post was previously published on the Business Value Exchange. Image provided by Shutterstock