Posts Tagged ‘it alignment’

« Older Entries
Newer Entries »

The Insider Threat: What CIOs Need To Know

Monday, October 12th, 2009
CIOs Know That Insiders Represent The Biggest Threat (c) - 2004

CIOs Know That Insiders Represent The Biggest Threat (c) - 2004

When you think about someone trying to make off with your company’s private data, what comes to mind? Some wily Russian hacker who sneaks into your company’s network through the backdoor? Perhaps you need to update your thinking. A recent report from Cisco revealed that the real threat is coming from insiders. What’s a CIO to do?

Identifying The Threat

By now all CIOs realize that their corporate networks and data are under almost constant assault. However, most of the steps that CIOs have taken to secure their networks have been designed to defend themselves against the attacker who comes from the outside.

Information that was revealed in the Cisco report included that workers are sharing corporate information with outsiders for a variety of reasons. These include sharing data simply in order to get an outsider’s opinion on something, to show off work that they’ve done to others, etc.

On top of the active taking of corporate data, Cisco’s report revealed that some 66% of those who responded admitted to engaging in activities that would allow someone else to access corporate data (things like not logging off and then leaving their computers on at work overnight!)

Data Loss Prevention

If a CIO ever wants to get to sleep again, something has to be done to solve the data loss threat that insiders pose to the firm. There is no magic bullet, but one approach to dealing with this problem is to deploy a data loss prevention (DLP) suite of tools.

In true “big brother” fashion, a DLP suite generally consists of a network scanner coupled with multiple tools that allow an IT department to collect information on what data is being used and by whom.

Before moving forward with implementing a DLP solution, CIOs need to take the time to prepare to use this new set of tools. The steps involved include:

  • Secure The Important Stuff: before you go worrying about trying to secure how data is used throughout the enterprise, first identify the most important data and ensure that it is locked down.
  • Close Your (Network) Doors: before you can worry about insiders doing you harm, you need to make sure that outsiders can’t get in. This requires analyzing both your network ports and the protocols that the company’s network is using to make sure that they are secure.
  • Create A Baseline: in order to detect when the wrong things are being done, you need some way to detect them. Creating baselines such as point-in-time content signatures for sensitive data stores is a first step in doing this.
  • Start Inspecting Traffic: the way that you can prevent information from going to internal sources that don’t have a need to know is by installing automated network traffic inspectors. Setting parameters so that notifications of data breeches are flagged will do a great deal to prevent data loss by internal threats.

Final Thoughts

The value that a CIO brings to a firm is that he / she is able to harness IT resources in order to help the company succeed. As part of this task, the CIO is also responsible to make sure that sensitive corporate data remains secure from both external and internal threats.

CIOs that learn how to deploy DLP solutions in order to protect against the data loss threat from insiders will be better at finding ways to apply IT to enable the rest of the company to grow quicker, move faster, and do more.

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

What We’ll Be Talking About Next Time

Since most firms have no idea about what to do with their corporate research facilities, responsibility for the labs often falls under the control of the CIO (because most firms don’t know what to do with IT either). Great. So what’s a CIO to do when he/she is responsible for a corporate R&D lab?

Tags: , , , , , , , , , , ,
Posted in security | 5 Comments »

Who Should A CIO’s BFF Be: The CEO or The CFO?

Wednesday, October 7th, 2009
Worldcom's Bernard Ebbers Would Have Been A Bad Friend For CIOs To Have

Worldcom's Bernard Ebbers Would Have Been A Bad Friend For CIOs To Have

The times they are changing. Let’s take a moment and have a talk about one of a CIO’s key survival skills: the ability to successfully negotiate office politics. Specifically, if you could only have one best friend, who should it be: the CEO or the CFO?

Changes In The Workplace

The workplace that a CIO works in looks nothing like it did as little as 10 years ago. The changes that have happened have reshaped the boundaries of power. The CEO used to be the rock star who acted as a visionary leader. Think of Bill Gates, Tom Siebel, and Larry Ellison. However, the corporate scandals that rocked the business world at the start of the new millennium (i.e. Worldcom, Enron, etc.) has created the need for a change at the top.

Philip Tulimieri and Moshe Banai have taken a look at the that changes that have been taking place in the C-suites of major firms. They believe that a new focus on ensuring accountability by the senior executives, especially the CEO, plus the arrival of new regulations such as the Sarbanes-Oxley Act have changed who investors want to have running the company.

In the past, CFO were generally in the shadows of the CEOs – simply acting as mangers of the company’s money and trying to make sure that the company didn’t do anything too wild that they couldn’t pay for. This is all changing now.

The Arrival Of Co-Leaders Of A Company

In today’s corporate world, the balance of power is shifting. No longer is the CEO the only person running the show. Instead, the CFO is now playing a larger role – sorta a co-leader if you will.

The roles of a CEO and CFO are still different. A CEO has the responsibility of always being positive and working to move the company forward at all times. The CFO, on the other hand, is responsible for making sure that the company approaches every situation with caution and does its best to minimize the risk that it is being exposed to.

Tulimieri and Banai have made the interesting discovery that the rise of the CFO has meant that the role of the Chief Operating Officer (COO) has started to decline. The CIO is also responsible for this – that automation of much of a firm’s back office operations has reduced the need for the COO.

What’s A CIO To Do?

CIOs need to navigate these new corporate political waters very carefully. Yes, the CEO is still an important ally to have on your side; however, no longer is this enough – now you also have to be on good terms with the CFO.

One of the biggest challenges going forward will be keep both leaders happy. It’s important to realize that there will be disagreements between the CEO and CFO and that’s when the CIO needs to be most careful.

The challenge for any CIO is on which relationship should the most time should be spent. This will be different for every company. However, the CIO has the opportunity to show a great deal of value by facilitating communication between these two executives.

Final Thoughts

A CIO who can provide the information that a CEO needs in order to drive the company forward while at the same time providing the information that the CIO needs in order to measure the risk, will be seen as valuable.

The arrival of the CFO at the top of the company’s decision making structure means that being able to measure the financial value of every IT project will become even more critical. The world changes and CIOs need to make sure that they pick their corporate friends very carefully!

CIOs who can survive in the new world of company leadership and who can find a way to make friends with both the CEO and CFO will be better at finding ways to apply IT to enable the rest of the company to grow quicker, move faster, and do more.

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

What We’ll Be Talking About Next Time

When you think about someone trying to make off with your company’s private data, what comes to mind? Some wily Russian hacker who sneaks into your company’s network through the backdoor? Perhaps you need to update your thinking. A recent report from Cisco revealed that the real threat is coming from insiders. What’s a CIO to do?

Tags: , , , , , , , , , , ,
Posted in leadership | 1 Comment »

Can CIOs Drive Innovation & Boost Quality At The Same Time?

Monday, October 5th, 2009
How To Capture Innovation Without Going Broke

How To Capture Innovation Without Going Broke

How are you at walking and chewing gum at the same time? It’s sorta a classic challenge – do two different things simultaneously and do them well. CIOs are facing the challenge today – cut costs and simultaneously use IT to make the business more competitive. How hard can that be?

Say Hello To Six Sigma

If you’ve been to a book store recently and looked at any of the books in the business section, you may have been overwhelmed by the number of titles that had the words “Six Sigma” in them. Six Sigma is an approach to business that makes use of constant measurement and analysis in order to continue to optimize business operations.

Dr. Sara Beckman has researched this technique and points out that Six Sigma was invented at Motorola and popularized by Jack Welch at GE. If you apply it to how an IT shop goes about doing its work, it can be a great way to drive out costs and boost quality. However, it will do nothing to drive innovation.

Say Hello To Design Thinking

Design thinking is a new set of skills that are designed to drive innovative thinking. The starting point for design thinking is for solution designers (who else?) to start by focusing on what problems their customers are having on a daily basis. Once they understand the problems, the next step is to consider the wide universe of possible ways to solve these problems.

The Problem

Here in lies the problem. If you go out and talk to today’s CIOs you’ll find that they have generally implemented one of these two different solutions (Six Sigma is more popular because it’s easier to understand and measure).

This causes problems. It is possible to focus too much on driving out costs and then lose your way and not be able to provide the innovation in IT that is needed to keep the business competitive – this is the problem that HP is currently facing.

Likewise, if an IT department is too innovative and doesn’t watch the bottom line closely enough, then they can quickly drive themselves and the company out of business. The dot.com fiasco was a great example of this.

What’s The Correct Solution To This Problem?

You may have already guessed it, but the right way to solve this challenge is for CIOs to take the time to find a way to incorporate both the design thinking and the Six Sigma approaches into their IT departments.

The design thinking technique allows an IT department to find ways to explore new approaches to solving the problems that the business is facing. Six Sigma techniques allow an IT department to find ways to improve how they are currently doing things.

Final Thoughts

CIOs can’t allow their IT departments to become too focused on just one approach or they risk failing. Design thinking tries to find out what a good solution to a problem is while Six Sigma assumes that a solution is good and then goes about trying to make it even better.

CIOs who can find a way to reduce costs while at the same time driving IT innovation will be better at finding ways to apply IT to enable the rest of the company to grow quicker, move faster, and do more.

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

What We’ll Be Talking About Next Time

The times they are changing. Let’s take a moment and have a talk about one of a CIO’s key survival skills: the ability to successfully negotiate office politics. Specifically, if you could only have one best friend, who should it be: the CEO or the CFO?

Tags: , , , , , , , , , ,
Posted in innovation | 3 Comments »

You Don’t Do A Good Job At Multitasking CIO, Get Over It

Wednesday, September 30th, 2009
People Who Multitask Think That They Can Do It Well, But They Can't! (c) - 2009

People Who Multitask Think That They Can Do It Well, But They Can't! (c) - 2009

Too little time, too much to do. Does that adequately describe your CIO job? I don’t know about you, but often is the time that I’ve looked with envy at my peers who are great multitaskers and wished that I could be more like them. It turns out that I was wishing for the wrong thing – multitaskers actually do a lousy job at just about everything.

The Study

Ruth Pennenaker reports that some researchers at Stanford University have just completed a groundbreaking study on people who multitask. You know who you are – you’re talking on the phone even as you are answering emails and zipping off text messages on you iPhone all at the same time. Oh how I have so wanted to be you!

The researchers found that most persistent multitaskers actually performed badly in a variety of tasks that they were asked to do. As the researchers dove deeper to find out why the multitaskers were doing so badly, what they found was that they don’t do a very good job of focusing on what they are trying to do. This also means that they are much more likely to get distracted while they are trying to perform a task. On top of all this, the study showed that they are actually weaker than non-multitaskers at shifting between tasks and organizing the information that they collect.

Results Of The Study

My favorite part of the study is where the researchers discovered that people who are always multitasking are actually worse at multitasking than those of us who ordinarily don’t multitask!

When the study was started, the researchers started with the idea that multitaskers have some characteristic that makes them better at multitasking than regular folks. What they discovered is that multitaskers are just pretty much lousy at doing everything.

One of the researchers was quoted as saying “We kept looking for multitaskers’ advantages in this study. But we kept finding only disadvantages. We thought multitaskers were very much in control of information. It turns out, they were just getting it all confused.”

However, doesn’t it LOOK like multitaskers are always busy? Shouldn’t that mean that they must be getting more done than the rest of us who just can’t do that much all at the same time? It turns out that high multitaskers are “suckers for irrelevancy“. Simply put, sure they are doing things, but what they are working on more often than not really doesn’t matter.

A Personal Multitasking (Failure) Story

I firmly fall into the “not a good multasker” camp and I should know it. However, every once in awhile I try my hand at multitasking, generally with disastrous results. Allow me to share my most recent story:

I was late for a doctor’s appointment and yet I had a conference call that I needed to participate in (not just listen to). I jumped into the car, programmed the Garmin GPS system with the doctor’s office address, stuck my Blackberry headset in my ear, and set the Garmin on “mute” so that it wouldn’t interfere with my conference call.

As I hurtled down the highway in the far left lane at about 70 mph jabbering away in an animated conversation on the conference call, I happened to look over at the Garmin and noticed that it was signaling that I needed to be taking the exit that I was just about to pass by (remember that I had been smart enough to mute it so I had no warning). Oh, oh.

A non-multitasking person would have realized that (1) I had already gone too far past the exit to make it, (2) I was in the wrong lane to try to make the exit, (3) I was going too fast to make the exit. In my multitasking state, I realized none of this and I attempted to go for it.

I didn’t make it. I was going to fast and I was too far past the exit to have ever had any chance of making it. What I ended up doing was plowing headfirst into the aluminum guardrails which were anchored to solid 4″x4″ chunks of wood. I probably hit them going a good 40 mph despite having tried to stand on the breaks once I realized what was going to happen.

Thanks to seatbelts and airbags, I walked away without a scratch. However, the car was a total loss. Oh, and I got a $100+ ticket from the police for basically being a bad driver. I say once again – I can’t multitask!

Final Thoughts

CIOs who multitask will perform at a lower level than those who focus on one task at a time. Although this seems to fly in the face of everything that we’ve seen in our workplace (don’t multitaskers get all of the promotions?), you can’t argue with research results.

Should you try to convince your friends and peers who are multitaskers to stop doing it because it just doesn’t work? No. The core of the problem is that not only do multitaskers think they’re great at what they do; they’ve also convinced everybody else they’re good at it too.

Ultimately those of us who are not multitaskers will be able to show better results for how we’ve spent our time. If we can make sure that the rules of the game that we’re playing are all about results and not appearances, then the non-multitaskers will win every time.

CIOs who can focus on one task at a time and do it well instead of trying to do multiple tasks at the same time poorly will be better at finding ways to apply IT to enable the rest of the company to grow quicker, move faster, and do more.

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

What We’ll Be Talking About Next Time

How are you at walking and chewing gum at the same time? It’s sorta a classic challenge – do two different things simultaneously and do them well. CIOs are facing the challenge today – cut costs and simultaneously use IT to make the business more competitive. How hard can that be?

Tags: , , , , , , , ,
Posted in balance | No Comments »

Has The Glory Gone Out Of Working In IT?

Monday, September 28th, 2009
Has IT Finished Growing So Fast? (c) - 2007

Has IT Finished Growing So Fast? (c) - 2007

Why did you decide to go to work in the IT field? I can really only speak for myself, but there was a bit of glamour to the IT field when I entered it. Everything seemed to be so shiny and new and change was happening so fast that you just knew that this was going to be “the place” to be in order to have a great career. Is that still true or has something fundamental changed about our profession?

What Tom Siebel Thinks About IT Today

Randall Stross over at the New York Times ran across a speech that Tom Siebel (founded Siebel Systems, made Billions of $) gave to some Stanford engineering students about the current state of the IT industry.

Basically Tom said that he feels that IT has become a mature industry. He expects that going forward it will be growing at a rate that is no faster than the overall economy. What he was really saying is that he thinks that IT’s glory days are behind it. In fact, he thinks that the party was over as of about 2000.

What Happened To IT?

Siebel has gone back and run the IT industry growth numbers. It is his belief that there were about 20 years from 1980 to 2000 in which the IT industry experienced runaway growth rates that averaged out to about 17%.

Why has it all stopped? Siebel believes that we’ve accomplished what we set out to do: “the promise of the post-industrial world has been realized.”

Furthermore, Tom believes that what remains to be done really is not all that exciting(!)

Re-Looking At The Numbers

Stross reached out to Dr. Shane Greenstein at Northwestern University and asked him to relook at the IDC numbers. Good news for all of us working in IT, Dr. Greenstein has drawn some different conclusions about where IT stands than Siebel did.

It turns out that if you take a close look at IDC’s annual IT spending estimates, they show that there was a 11.6% spending rate from 1980 – 2000 instead of 17%. I’m not sure if this information is going to make you happy, but it does point out that Siebel’s numbers were just a bit off.

What was even more interesting about this second pass at crunching the IT growth numbers is that it turns out that the most golden years of IT were in the 1960′s. The reason that this was the best period of grow was because it was when the use of mainframe computers spread widely.  Way back in the years from 1961 to 1971 the compounded annual growth rate was 35.7%. That’s why IBM got to be so big!

Final Thoughts

Look, IT is (still) a great field to be working in. Yeah,  yeah if you look at certain reports it can look like the growth rate of the IT field is starting to go down. However, you need to remember something very important: declining growth rates over time are to be expected – it doesn’t take many sales to show huge percentage gains when the base is small.

I don’t know about you, but I’m going to take comfort in the fact that when the economy recovers, there is no dearth of unfinished projects for IT. Now that’s going generate some serious growth in the IT field!

CIOs who believe that IT’s glory days are still ahead of it and who don’t get held back by reports of declining IT industry growth numbers will continue to look for ways to apply IT to enable the rest of the company to grow quicker, move faster, and do more.

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

What We’ll Be Talking About Next Time

Too little time, too much to do. Does that adequately describe your CIO job? I don’t know about you, but often is the time that I’ve looked with envy at my peers who are great multitaskers and wished that I could be more like them. It turns out that I was wishing for the wrong thing – multitaskers actually do a lousy job at just about everything.

Tags: , , , , , , , ,
Posted in growth | 2 Comments »

« Older Entries
Newer Entries »