15
Jun 17

Continuity Central – Why business continuity managers need to trust ‘gut feel’

Agree or disagree?

Sometimes as a business continuity manager you have a feeling that a certain decision is the wrong one, despite qualitative and quantitative evidence pointing to the contrary. Dominic Irvine explains how research is starting to support the reliability of trusting your gut feeling…

Qualitative and quantitative evidence is sometimes used as a weapon to force decisions through when not everyone involved is convinced; in the face of charts, spreadsheets and PowerPoint decks, gut feel seems like a poor response, and yet what we are learning from research into exertion and fatigue, is that it is one of the most useful tools in our armoury of tests.

After the First World War, much work was done to find a way to measure fatigue but it was deemed such a subjective concept as to be impossible to develop any meaningful way of objectively measuring it. It was not possible to fathom out the complex interaction between emotional, physical and mental aspects of fatigue in a way that could be reliably and accurately counted. And yet, we all know the feeling of being fatigued and how tired we are.

More of the Continuity Central post


14
Jun 17

ZDNet – Three ways to survive the rise of the cloud and ‘big software’

Applications that were once simple to manage are now rolled out across thousands of physical and virtual machines.

These sprawling applications include multiple components, with the potential points of integration spread across the enterprise and out into the wider cloud.

So, what are the key challenges CIOs will face as they overhaul their IT departments in readiness for the next stage of enterprise computing? Here are some key lessons for CIOs.

1. Build a platform for business change

Successful companies in the digital age are characterised by their ability to absorb technology into everyday processes and by ensuring there is no division between what might previously have been classed as IT and business professionals.

More of the ZDNet article from Mark Samuels


12
Jun 17

HBR – The Behavioral Economics of Why Executives Underinvest in Cybersecurity

Determining the ROI for any cybersecurity investment, from staff training to AI-enabled authentication managers, can best be described as an enigma shrouded in mystery. The digital threat landscape changes constantly, and it’s very difficult to know the probability of any given attack succeeding — or how big the potential losses might be. Even the known costs, such as penalties for data breaches in highly regulated industries like health care, are a small piece of the ROI calculation. In the absence of good data, decision makers must use something less than perfect to weigh the options: their judgment.

But insights from behavioral economics and psychology show that human judgment is often biased in predictably problematic ways. In the case of cybersecurity, some decision makers use the wrong mental models to help them determine how much investment is necessary and where to invest. For example, they may think about cyber defense as a fortification process — if you build strong firewalls, with well-manned turrets, you’ll be able to see the attacker from a mile away.

More of the Harvard Business Review post from Alex Blau


06
Jun 17

Data Center Knowledge – Most Data Center Outages aren’t Caused by Tech Failure

Many critical industries such as nuclear energy, commercial and military airlines—even drivers’ education—invest significant time and resources to developing processes. The data center industry … not so much.

That can be problematic, considering that two-thirds of data center outages are related to processes, not infrastructure systems, says David Boston, director of facility operations solutions for TiePoint-bkm Engineering.

“Most are quite aware that processes cause most of the downtime, but few have taken the initiative to comprehensively address them. This is somewhat unique to our industry.”

Boston is scheduled to speak about strategies to prevent data center outages at the Data Center World local conference at the Art Institute of Chicago on July 12. More about the event here.

More of the Data Center Knowledge article from Karen Riccio


05
Jun 17

The Register – So your client’s under-spent on IT for decades and lives in fear of an audit

Infrastructure as code is a buzzword frequently thrown out alongside DevOps and continuous integration as being the modern way of doing things. Proponents cite benefits ranging from an amorphous “agility” to reducing the time to deploy new workloads. I have an argument for infrastructure as code that boils down to “cover your ass”, and have discovered it’s not quite so difficult as we might think.

Recently, a client of mine went through an ownership change. The new owners, appalled at how much was being spent on IT, decided that the best path forward was an external audit. The client in question, of course, is an SMB who had been massively under-spending on IT for 15 years, and there no way they were ready for – or would pass – an audit.

Trying to cram eight months’ worth of migrations, consolidations, R&D, application replacement and so forth into four frantic, sleepless nights of panic ended how you might imagine it ending. The techies focused on making sure their asses were covered when the audit landed. Overall network performance slowed to a crawl and everyone went home angry.

More of The Register article from Trevor Pott


02
Jun 17

Continuity Central – Revamping the business continuity profession: a response

Recently, Continuity Central published ‘Revamping the business continuity profession’; an article in which Charlie Maclean-Bristol looked at challenges faced by business continuity professionals and offered his suggestions for revamping the discipline. Here, David Lindstedt and Mark Armour, developers of the Adaptive Business Continuity methodology, offer their response to the article:

David Lindstedt: Naturally, most folks starting to embrace Adaptive Business Continuity will agree that traditional business continuity methods are not working and it’s time for a change. I totally agree that ‘resilience’ will not be the ‘savior’ of business continuity. As Charlie correctly points out, resilience is an inter-discipline, not a discipline on its own. A business continuity practitioner could run it, but so could anyone from any of the inter-disciplines like ERM, EM, IT DR, etc. The chief concern with resilience will always be: what are the boundaries to what gets included (individual personal psychology to environmental sustainability to the entire content of a MBA program?) and how do you measure its effectiveness?

More of the Continuity Central article


01
Jun 17

TechTarget – Enlightened shadow IT policy collaborates with users

A cloud-era shadow IT policy still needs to manage risk, but the era of “no way” is giving way to allow users quick access to the productivity apps they need.

Most IT departments have spent time rooting out the shadow, or non-IT-sanctioned, applications and systems in use within their organizations. Today, users find that cloud-based services not necessarily approved by IT enable them to quickly subscribe to applications and platforms that improve their collaboration and productivity. That advantage is prompting IT organizations to rethink how to work with users rather than have a shadow IT policy that is in full-out combat against apps that haven’t been fully blessed by the enterprise and could introduce security risks.

More of the TechTarget article from Sandra Gittlen


15
May 17

CIO insight – Why So Much of a CIO’s Day Is Devoted to Security

65% of network and systems admins struggle to determine whether app issues are caused by the network, systems or apps, while 53% run into difficulties measuring latency and delay problems when troubleshooting apps.

A growing number of CIOs, other technology leaders and IT professionals are spending a considerable amount of their time troubleshooting security-related issues, according to a recent survey from Viavi Solutions. The resulting report, “State of the Network Study,” reveals that a significant number of survey respondents are spending a quarter of a standard work week on the detection and mitigation of threats. One of the trend-drivers is that email and browser-based malware has increased over the past 12 months, as has the overall sophistication of attack methods. “Enterprise network teams are [devoting] more time and resources than ever before to battle security threats,” said Douglas Roberts, vice president and general manager of the enterprise and cloud business unit for Viavi Solutions. “Not only are they faced with a growing number of attacks, but hackers are becoming increasingly sophisticated in their methods and malware. Dealing with these types of advanced persistent security threats requires planning, resourcefulness and greater visibility throughout the network to ensure that threat intelligence information is always at hand.

More of the CIO Insight slideshow from Dennis McCafferty


03
May 17

ZDNet – Cloud v. Data Center: Key trends for IT decision-makers

Cloud-based compute, networking and storage infrastructure, and cloud-native applications, are now firmly on the radar of CIOs — be they in startups, small businesses or large enterprises. So much so that, whereas a few years ago the question facing them was “Which workloads should I move to the cloud?”, it’s now becoming “Which, if any, workloads should I keep on-premises?”. While most organisations will probably end up pursuing a hybrid cloud strategy in the medium term, it’s worth examining this turnaround, and the reasons behind it.

The general background, as ZDNet has explored in recent special features, is the competitive pressure for organisations to undergo a digital transformation based on cloud-native applications and methods such as DevOps, in pursuit of improved IT and organisational performance.

More of the ZDNet article from Charles McLellan


01
May 17

Arthur Cole – The Reality of an Intelligent IoT

The Internet of Things (IoT) may be barely off the ground, but developers are already looking for ways to imbue the technology with high degrees of intelligence.

On one level, an intelligent IoT is a reason unto itself given that the scale and complexity of the data environment is beyond the capabilities of today’s management tools. But ultimately, the expectation is that much of the IoT will govern itself, and that includes the basic interactions between systems and users.

Zebra Technologies’ Tom Bianculli gave eWeek a good overview of all the ways in which intelligence is likely to affect the IoT. From the intelligent enterprise itself, capable of dynamic data streaming, real-time analytics and self-managing applications, to advances in health care, transportation, retail and virtual every other industry, the intelligent IoT has the potential to revolutionize the way we live, work and play.

More of the IT Business Edge article from Arthur Cole