...IT leaders discussed how they can collaborate with their peer executives from marketing and other departments to improve their businesses’ innovation ...
2. As someone who takes a great
interest in digital leadership,
I was delighted to be invited to
the HP CIO Summit in Frankfurt.
I was also curious as to what
extent HP’s capability would
resonate with CIOs given it is
best known for infrastructure
products and services rather
than IT leadership matters.
This white paper captures some
of the major issues facing CIOs
that came to light during the
various sessions that took place
during the Summit.
CIO Summit 2012
2
3. Dante’s Inferno or Planet Alignment?
It is not clear whether this is a good or bad time to be a CIO. Budget
cuts, user activism, operational pressures and perhaps a question
mark in some cases over strategic relevance, particularly with the
cloud looming, all conspire to raise anxiety levels.
Put this into the wider context of globalisation, morphing business
models, energy security, economic power shifts and a growing
shortage of talent, the pressures facing today’s CIOs appear
incredible.
For CIOs who judge their worth by data farm acreage or staff
headcount, and those who focus their energies on technology
management, each day must feel like a deeper descent into Dante’s
Inferno.
However for CIOs who are focused on information leadership,
business transformation and demand creation this will feel like the
alignment of the planets.
The reality is that most CIOs are living a portfolio of the above. Much
like the organisations they serve, they need to migrate away from
technology management and towards the customer to enhance
their ‘business relevance’.
Opportunity Pool or Cost Desert?
We had an opportunity to listen to and engage with HP’s senior
executives including CEO Meg Whitman and CIO Ramon Baez.
Some of the key points discussed:
• The pressure remains on businesses to deliver more for less and
to do it quicker than ever.
• CEOs need to steer the ship through an ever more turbulent
environment. They recognise that the key to success is customer-
centricity.
• Market turbulence, often triggered by technological seismic shifts,
is uncovering ‘opportunity pools’ which if recognised enable the
more agile organisations to steal a march on their competitors.
• CIOs have a critical role to play here and so the technology
management playbook has to be replaced by one focused on
business partnership.
• CIOs need to create a compelling story that captures the
imagination of the senior executives. The art of the possible
rather than a statement of facts.
• Whilst technology is driving the storm, it is also smoothing the
path that many organisations and thus many CIOs need to take.
• Technology management remains as important as ever, but it is
business-relevance that will position the IT function as a value-
enabler rather than a cost to be managed.
HP clearly recognises the importance of CIOs taking their rightful
place in the boardroom, where they can play an active role in
advancing both the innovation and growth agendas.
The issues discussed by CIOs during the Summit fell into
four areas:
• Mobility
• Cloud
• Security
• Information management.
We will take a look at these in this white paper.
Free the mobile genie!
Life would of course be easier for the CIO if the technology assets
were locked down inside the fortress. But the notion of asset control
is becoming increasingly quaint.
Users want mobility and they are not waiting for permission.
Increasingly they define their work place as where they are as
opposed to where the property portfolio manager decrees it.
Users want to collaborate more. Organisations also need their staff
to collaborate more so that better and faster decisions are made
between decision-making stakeholders.
Whilst mobility does not equal user device, the latter is an important
subset of the former. In many respects this is where the sparks fly
in the CIO’s world. Bring Your Own Device (Byod) is an unplanned
reality.
The broad sense is that CIOs recognise that they cannot control
this trend and are at various stages of evolving a ‘coping’
strategy. Issues discussed covered:
• The role of mobility in respect of securing and retaining talent.
• Who owns the device.
• How is the device partitioned – corporate / personal.
• What is the policy if the device needs to be wiped.
• To what extent should the corporate applications be ported to
personal devices.
• How is access control managed.
• Is there actually a business case for mobility when stacked up
against the associated risk.
• Young people use a variety of communication channels and see
security in a very different light to previous generations.
• Young people are adept at using apps to get things done and so
may feel constrained by the in-house IT function service menu.
• Now that data is increasingly sprinkled across perhaps thousands
of devices, how at risk is the organisation from major events that
have litigious consequences, particularly if such events trigger the
need for e-disclosure.
• The role of mobility in respect of growing the business, particularly
as the mobile channel becomes increasingly the primary access
path to services. There is a great opportunity to capture clients by
creating remarkable mobile experiences.
CIO Summit 2012
3
4. In broad terms it appears that CIOs are in the problem definition
phase of the mobility revolution. It was uplifting to witness a
high degree of realism about the role of mobility in 21st century
organisations and a sense of pro-activeness in embracing it. There
was a time when a discussion on mobility would have focused on
suppression.
It is fair to say that the mobile genie has escaped from the IT lamp.
Do you really want to be the Chief
‘IT Manager’ Officer?
The cloud has been on the agenda for some time now. The
challenge is that many consumers of IT services perceive the cloud
as technologically simple; little square icons at next to no cost
offering a hypermarket of choice for every element of work and life.
Some CFOs see the cloud as a ‘no brainer’ in that it makes eminent
sense to move fast depreciating under-utilised assets off the
balance sheet.
Some CEOs see the cloud as a model that will enable a step-change
increase in productivity from the IT function whilst at the same time
driving down the associated cost.
The reality is that the public cloud in particular portrays this
simplified perception of what in reality is a highly complex model for
both enterprises and governments.
Issues raised by CIOs included:
• How can one migrate users to a self-service applications model.
• More thought needs to be given as to whether the cloud offers a
step change in business value rather than just being the ‘delivery
channel du jour’.
• Some users are happy with the existing arrangement and are not
keen to move to a cloud based model.
• There is an issue in respect of service level agreements -
particularly around security and availability.
• Business transformation puts tremendous pressure on the IT
architecture so there is a demand for solid cloud service providers
to lead CIOs along the journey.
• How does one manage a private cloud in a multi-source
environment.
• How does one address applications strategy given the cloud,
existing non-cloud apps and application development plans going
forward.
• CIOs continue to be responsible so how can they stay in control of
hybrid cloud environments.
• Decision makers expect interoperability in order to minimise
‘vendor lock-in’.
CIOs are at various stages of embracing public, private and hybrid
clouds. The question is not whether to embrace the cloud but when
and how fast. Whilst delivering best of breed applications to the
users without the associated infrastructure is attractive, the issue of
preserving the enterprise data model becomes a challenge as does
the integration of core applications, particularly when the public
cloud is part of the mix.
The cloud has the potential to free up the CIO from the drudgery of
technology management enabling them to focus their attention on
matters that are more strategically relevant.
Black Swans Bite!
The Internet coupled with the shift of organisational assets (eighty
per cent of total twenty years ago) from largely tangible to largely
intangible (eighty per cent of total today) has moved security
centre stage from both an operational IT and a strategic business
perspective.
Given that security is increasingly understood to mean cyber
security, there is a lingering feeling that security can be
‘abdicated’ to the IT function. The increased threat emerging from
malicious users suggests that security management cannot be
compartmentalised in this manner.
Issues raised by the CIOs include:
• Senior executives including CEOs cannot understand why security
is so complex.
• In turn CIOs feel that the business as a whole needs to take a more
proactive role in respect of security management.
• CIOs are faced with increasing regulatory demands but have
decreasing resources in which to respond.
• There needs to be greater dialogue between the CIO, CISO and CEO.
• Users need to be educated so that they do not compromise
security by falling for phishing scams or inadvertently
downloading malicious software.
• Security is too important to be outsourced.
• Security cannot be approached in a ‘big bang’ manner.
A multi-year road map comprising small projects appears to be
the most pragmatic way forward.
• Whilst clear and enforced policy is important, technologies
have a role to play in respect of protecting the organisation. Such
technologies include:
o Security information and event management.
o Intrusion prevention systems.
o Applications security testing.
o Enterprise governance, risk management and compliance systems.
CIO Summit 2012
4
5. Whilst the financial impact of security breaches is often significant,
the greater risk is reputational damage. Customers are loath to trust
organisations that are unsecure. Banks clearly feature highly here,
but so do organisations that ‘manage’ private / sensitive customer
information.
CIOs facing tremendous cost pressures might be tempted to migrate
their security management philosophy to one more akin to security
speculation. Keeping one’s fingers crossed that the rare but high
impact ‘Black Swan’ event does not occur is just too risky.
CIOs need to ensure that security is a regular boardroom
agenda item to in turn ensure that the senior executive team
understands:
• The risks the organisation is exposed to.
• The costs of the associated countermeasures.
• The potential costs of not investing in these countermeasures.
Chief Insight Officer?
The ‘I’ in CIO should remind us why the role exists. Too often the ‘I’
stands for IT manager.
The IT industry as a whole has built its foundations on hardware,
software and data. This focus on data has in the past led to the
creation of large well-intended and fundamentally useless data
warehouses.
The reality is that businesses want information and not data. It is not
clear whether we as an industry know the difference. Information
has value, data does not. A pile of resumes is data and of no specific
value to anybody. The number of those resumes containing Java
skills is information to a person looking for Java programmers.
The information management market has grown steadily since the
eighties with business intelligence and more recently big data. The
latter perhaps reflecting the IT industry’s misguided focus on data
rather than information.
It is certainly a characteristic of 21st century CIOs that they build
their service proposition around information rather than data.
With that in mind the topics emerging around the discussions on
information management included the following:
• IT services need to be built around the information needs of
the business so we need to ask the business what it needs in this
respect.
• Good information management can lead to great business insight.
CIOs need to learn how to whet the appetite of the business so
that they yield more value from the information assets lying
dormant in the data centre.
• Those that work in information management need to have both a
technology and business appreciation. They could come from
either the user or IT community.
• In the context of a fast moving market where the boundaries
are blurring, decisions have to be made around how information
is classified from a security perspective. Speed of decision making
needs to be weighed up against information leakage.
Genuine Information leadership provides a real opportunity for CIOs
to increase their business relevance. Organisations that can make
quicker and more informed decisions will outperform those that are
essentially operating blindfolded.
As the management of IT shifts from the end-user IT department
to the service providers, increasingly via the cloud, this is an
opportunity that CIOs should grasp with both hands.
CIO Summit 2012
5