May 16

CIO Insight – How Security Laws Inhibit Information Sharing

Third-party vendors could provide compliance services to companies and ISAOs, a likely market solution given that they already have expertise and can spread the cost among many clients.

A new report finds that although there is a need for actionable threat intelligence and information-sharing worldwide, significant obstacles exist because of data privacy and protection and national security laws. The result is a chilling effect on cross-border cooperation that must be addressed. In that spirit, the report, “Information Sharing and Analysis Organizations: Putting Theory into Practice,” by Price Waterhouse Cooper, analyzes global legal hurdles to information-sharing and offers potential solutions.

More of the CIO Insight article from Karen Frenkel

May 16

HBR – https://hbr.org/2016/05/the-impact-of-the-blockchain-goes-beyond-financial-services

The technology most likely to change the next decade of business is not the social web, big data, the cloud, robotics, or even artificial intelligence. It’s the blockchain, the technology behind digital currencies like Bitcoin.

Blockchain technology is complex, but the idea is simple. At its most basic, blockchain is a vast, global distributed ledger or database running on millions of devices and open to anyone, where not just information but anything of value – money, titles, deeds, music, art, scientific discoveries, intellectual property, and even votes – can be moved and stored securely and privately. On the blockchain, trust is established, not by powerful intermediaries like banks, governments and technology companies, but through mass collaboration and clever code. Blockchains ensure integrity and trust between strangers. They make it difficult to cheat.

In other words, it’s the first native digital medium for value, just as the internet was the first native digital medium for information. And this has big implications for business and the corporation.

Much of the hype around blockchains has focused on their potential to fundamentally change the financial services industry – by dropping the cost and complexity of financial transactions, making the world’s unbanked a viable new market, and improving transparency and regulation. Indeed, it is already having a big impact on that sector. However, our two-year research project, involving hundreds of interviews with blockchain experts, provides strong evidence that the blockchain could transform business, government, and society in perhaps even more profound ways.

More of the Harvard Business Review article from Don Tapscott and Alex Tapscott

May 16

CIO Dashboard – 3 Strategies to Decrease IT Costs and Increase Business Impact

Guest post by Suheb Siddiqui and Chetan Shetty

A veteran CIO recently said, “The last few months felt like I time traveled back to the 1980s. Business stakeholders are demanding the applications they want, designed the way they like, and at a speed dictated by their priorities.” He wasn’t talking about an AS400 based Cobol program; he was talking about custom apps written on industry standard platforms, provided by numerous Platform as a Service (PaaS) providers such as Salesforce, Oracle and ServiceNow.

Our industry has undergone numerous transitions. In the 1980s and part of the 1990s, business users were in control. They could pick their favorite “best of breed” applications, and design and customize them how they wanted. Integration and governance was expensive and difficult. Then, Y2K fueled the growth of Megasuite ERPs. Starting in the late 1990s, IT started controlling the agenda and strong governance led to cost efficiencies, albeit at the expense of user satisfaction.

Fast forward to 2016, Software as a Service (SaaS) and PaaS solutions are empowering users to be in control again. As a result, we are witnessing a growing gap between the total IT spend of an organization, which is increasing as users buy their own SaaS solutions, and the IT budget controlled by the CIO, which is under constant cost pressure. Successful CIOs have to find new strategies to bridge this growing “Digital Divide.”

More of the CIO Dashboard article

May 16

IT Business Edge – Setting the Right Tone for Risk Management

Without one person in an organization responsible for managing third-party risk, companies face a serious barrier to achieving effective third-party risk management, according to a new study. The study, “Tone at the Top and Third-Party Risk,” was conducted by the Ponemon Institute and sponsored by Shared Assessments, a member-driven, industry-standard body specializing in third-party risk assurance. “Tone at the Top” describes an organization’s environment, as established by its board of directors, audit committee and senior management. It is set by all levels of management and trickles down to all employees. “If management is committed to a culture and environment that embraces honesty, integrity and ethics, employees are more likely to uphold those same values,” according to the report. ”

More of the IT Business Edge post by Karen Frenkel

May 16

Continuity Central – Expanded NIST disaster and failure data repository aims to improve resilience

NIST has announced that data from the February 27th 2010 Chile earthquake has now been added to the NIST Disaster and Failure Studies Data Repository, providing a great deal of useful information for regional and global resilience planning.

The repository was established in 2011 to provide a place where data collected during and after a major disaster or structural failure, as well as data generated from related research, could be organized and maintained to facilitate study, analysis and comparison with future events. Eventually, NIST hopes that the repository will serve as a national archival database where other organizations can store the research, findings and outcomes of their disaster and failure studies.

Initially, the NIST Disaster and Failure Studies Data Repository was established to house data from the agency’s six-year investigation of the collapses of three buildings at New York City’s World Trade Center (WTC 1, 2 and 7) as a result of the terrorist attacks on Sept. 11, 2001. With the addition of the 2010 Chile earthquake dataset, NIST is broadening the scope of the repository to begin making it a larger collection of information on hazard events such as earthquakes, hurricanes, tornadoes, windstorms, community-scale fires in the wildland urban interface, storm surges and man-made disasters (accidental, criminal or terrorist).

More of the Continuity Central article

May 16

IT Business Edge – IT Pros Say Wearables Their Greatest IoT Security Threat

Are we on the edge of an explosion of the Internet of Things (IoT)? It appears so, and it seems like organizations are serious about securing the IoT, according to new Gartner research. According to ZDNet, Gartner predicts that:

global spending on security for the Internet of Things (IoT) will reach $348 million this year, a 23.7 percent increase from last year’s $281.5 million spend.

As the IoT gains momentum, Gartner expects the 2017 worldwide spend to fall just shy of $434 million, whilst the 2018 predicted spend is $547 million.

It sounds like a lot of money, but Gartner says that this is a drop in the bucket when you compare it to overall security spending. The analyst group also predicts that in the next four years, a quarter of all attacks will target the IoT, well out-gaining the percentage of security dollars budgeted for IoT security.

Where will the bulk of enterprise IoT security threats be? According to new research from Spiceworks, expect that threat to be coming primarily from wearable technologies. The majority of IT professionals said their greatest IoT security concern is wearables, followed by video equipment.

More of the IT Business Edge article from Sue Marquette Poremba

May 16

CustomerThink – Should Your CIO Drive CX?

What every CIO must know to bridge the customer experience technology gap…
A couple of weeks ago, we published a white paper titled “What Every CIO Must Know to Bridge the Customer Experience Technology Gap.” Unsurprisingly, we reached out to our database and others to let people know we’d done so. Surprisingly, we appear to have stepped on the toes of a few sacred cows. Who knew such a simple question could spark such passion?

Apparently even suggesting that IT bear responsibility for customer experience was enough to inflame some recipients. Here’s the thing. Customer experience is the responsibility of everyone. And, technology continues to become even more central to customer experience and competitive advantage.

While not every IT organization is looked at as leading on CX, the fact is that CIOs are increasingly drawn into the core of customer experience. After all, the end-to-end experience continues to rely heavily on the platforms, networks, and technologies most often controlled by IT.

At the same time, we recognize that customer experience is most often thought of as the domain of the marketing, sales, operations, or support organization—parts of the business that either set the agenda with, maintain relationships directly with, collect payment and deliver product, or provide problem resolution for customers.

More of the CustomerThink post from Michael Hinshaw

May 16

CIO Insight – The Essential Requirements of a Digital CIO

Here’s another excellent Dennis McCafferty slide deck on the modern CIO.

CIOs are becoming more central to overall business strategy, and a full arsenal of soft and hard skills are needed to meet the challenge.

What’s the difference between “yesterday’s CIO” and the modern-day digital one? Digital CIOs maintain a higher profile in the corporate board room, where board members have raised their expectations of IT performance and the delivery of new, business-benefiting innovation, according to a recent survey from BT. The resulting “The BT CIO Report 2016: The Digital CIO” also indicates that, given these challenges, board members increasingly recognize that today’s CIOs must be more creative than in the past. Indeed, in assessing the “must have” qualities of digital CIOs, survey respondents were most likely to cite the need to work in a flexible manner with new business models and remaining open to new ideas/solutions, along with “soft skills” such as effectively responding to feedback and looking at situations from different perspectives. However, even with these shifting needs, CIOs still spend more time maintaining IT systems rather than looking for new solutions, but that balance appears to be reversing. “Digital transformation is under discussion at the board level, in IT and operational teams, in every organization and in every industry,” according to the report. “That’s exactly how it should be (because) the scope of what is digitally possible is uncertain

More of the CIO Insight post from Dennis McCafferty

May 16

Continuity Central – The top mistakes that businesses make in a disaster

When the unexpected happens to a business, delayed action – or the wrong action – can cause as much harm as the initial incident itself. That’s the message of John Bresland, former board member and chairman of the US Chemical Safety and Hazard Investigation Board , who will be a keynote presenter at the 2016 World Conference on Disaster Management, to be held June 7th-8th at The International Centre in Toronto.

“The last thing you want to do is be taken by surprise,” says Bresland, who now consults large organizations on chemical process safety. “There are practical steps every business should take to effectively learn, communicate and plan for future disasters to which the organization may be vulnerable.”

Bresland cites the following as the five top mistakes businesses make when preparing to respond to, mitigate and move forward from disaster:

Failing to define worst-case scenarios

What might be considered a relatively small incident can quickly become a very expensive one if a company fails to look beyond the immediate safety issues and consider business impacts. For example, even a small event like a fire can lead to significant loss of production and profits long after the fire is extinguished. “Ask yourself what’s the worst possible scenario and prepare for that,” advises Bresland.

More of the Continuity Central article

May 16

TechTarget – AWS, partners’ balancing act weighs on users, too

AWS partners are a critical part of the growing ecosystem, but the choice between third-party services and the waiting game for native tooling can create problems for users.

There’s a constant balancing act between Amazon and its AWS partners over how best to fill the gaps in its cloud platform — and that creates a set of dilemmas for customers, too.

Amazon has put considerable effort in recent years into expanding its ecosystem, with more than 2,400 AWS partners in technology and consulting. At the same time, it’s constantly churning out improvements to its cloud platform, adding hundreds of upgrades and new services every year. Those parallel efforts can create a strain as both sides try to fill the gaps. For customers, the uncertainty around the ever-changing ecosystem can mean tough decisions for their own environment.

Amazon releases the minimal viable product and iterates from there to add more features, so the challenge often becomes deciding to wait for those additions or go third-party, said Theo Kim, vice president, technical operations and security at Jobvite, Inc., a recruiting software company in San Mateo, Calif. Kim used the example of Web Application Firewall from Amazon which he said has a great price point, but Jobvite is holding out for an expected version that supports Elastic Load Balancing (ELB).

More of the TechTarget article from Trevor Jones