Exploring the Future Potential of AI-Enabled Smartphone Processors
How Enterprises Can Gain Data Privacy, and Build their Bottom Lines, By Complying with the New European GDPR
1. How Enterprises Can Gain Data Privacy, and Build their
Bottom Lines, By Complying with the New European GDPR
Transcript of a sponsored discussion on Europe's new data-privacy regulation and how it can be
turned to a competitive advantage.
Listen to the podcast. Find it on iTunes. Get the mobile app. Sponsor: Hewlett
Packard Enterprise.
Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions, and you're
listening to BriefingsDirect.
Today, we present a sponsored podcast discussion on the implications of the
European Parliament’s recent approval of the General Data Protection
Regulation or GDPR.
This sweeping April 2016 law establishes a fundamental right to personal
data protection for European Union (EU) citizens. It gives enterprises that
hold personal data on any of these people just two years to reach privacy
compliance -- or face stiff financial penalties.
But while organizations must work quickly to comply with GDPR, the strategic benefits of doing
so could stretch far beyond data-privacy issues alone. Attaining a far stronger general security
posture -- one that also provides a business competitive advantage -- may well be the more
impactful implication.
The Changing Face of Risk
Protect Your Digital Enterprise
Watch the Video to Get Started
We're now joined by three cybersecurity and legal experts to explore the new EU data privacy
regulation and present ways that companies can begin to extend these needed compliance
measures into essential business benefits.
Here to help us sort through the practical path of working within the requirements of a single
digital market for the EU are Tim Grieveson, Chief Cyber and Security Strategist, Enterprise
Security Products EMEA, at Hewlett Packard Enterprise (HPE). Welcome, Tim.
Tim Grieveson: Hi, great to be here.
Gardner: We're also here with David Kemp, EMEA Specialist Business Consultant at HPE.
Good to have you with us, David.
Gardner
2. David Kemp: Thank you very much, and I appreciate the opportunity to share our experiences,
especially thanks to our relationship with PwC Legal.
Gardner: And we are here, too, with Stewart Room, Global Head of Cybersecurity
and Data Protection at PwC Legal. Welcome, Stewart.
Stewart Room: Thanks, Dana. It’s great to be here.
Gardner: Tim, let’s begin with you and perhaps focus on the positive side
of this. The GDPR could mean significant financial penalties in less than two years if
organizations don’t protect all of their targeted data. But how can large organizations look at this
under a larger umbrella, perhaps looking at this as a way of improving their own security
posture?
Review Security
Grieveson: It’s a great opportunity for organizations to take a step back and review the
handling of personal information and security as a whole. Historically, security
has been about locking things down and saying no.
We need to break that mold. But, this is an opportunity, because it’s pan-
European, to take a step back, look at the controls that we have in place, look at
the people, look at the technology holistically, and look at identifying
opportunities where we can help to drive new revenues for the organization, but
doing it in a safe and secure manner.
Gardner: David, is there much difference between privacy and security? If one has to comply
with a regulation, doesn’t that also give them the ability to better master and control their own
internal destiny when it comes to digital assets?
Kemp: Well, that’s precisely what a major European insurance company headquartered in
London said to us the other day. They regard GDPR as a catalyst for their own
organization to appreciate that the records management at the heart of their
organization is chaotic. Furthermore, what they're looking at, hopefully with
guidance from PwC Legal, is for us to provide them with an ability to enforce the
policy of GDPR, but expand this out further into a major records-management
facility.
Gardner: And Stewart, wouldn’t your own legal requirements for any number of
reasons be bolstered by having this better management and privacy capability?
Room: The GDPR obviously is a legal regime. So, it’s going to make the legal focus much,
much greater in organizations. The idea that the GDPR can be a catalyst for wider business-
Grieveson
Kemp
3. enabling change must be right. There are a lot of people we see on the client side who have been
waiting for the big story, to get over the silos, to develop more holistic treatment for data and
security. This is just going to be great, regardless of the legal components, for businesses that
want to approach it with the right kind of mindset.
Kemp: Just to complement that is a recognition that I heard the other day, which was of a
corporate client saying, "I get it. If we could install a facility that would help us with this
particular regulation, to a certain extent relying once again on external counsel to assist us, we
could almost feed any other regulation into the same engine."
That is very material in term of getting sponsorship, buy in, interest from the
front of the business, because this isn’t a facility just simply for this one,
particular type of regulation. There’s so much more that could be engaged on.
Room: The important part, though, is that it’s a cultural shift, a mindset. It’s not
a box-ticking exercise. It’s absolutely an opportunity, if you think of it in that
mindset, of looking holistically. You can really maximize the opportunities that
are out there.
Gardner: And because we have a global audience for our podcast and blog, I
think that this might be the point on the arrow for a much larger market than the EU. Let’s learn
about what this entails, because not everyone is familiar with it yet. So in a nutshell, what does
this new law require large companies to do? Tim, would you like to take that?
Protecting information
Grieveson: It’s ultimately about protecting European citizens' private and personal
information. The legislation gives some guidance around how to protect data. It talks about
encryption and anonymization of the information, should that inevitable breach happen, but it
also talks about how to enable a quicker response for a breach.
To go back to David’s point earlier on, the key part of this is really around record management.
It’s understanding what information you have where and classifying that information. What you
need to do with it is key to this, ultimately because of the bad guys out there. In my world as an
ex-CIO and as an ex-CISO, I was always looking to try and protect myself from the bad guys
who were changing their process to monetize.
They're ultimately out to steal something, whether it be credit card information, personal
information, or intellectual property (IP). Organizations often don’t understand what information
they have where or who owns it, and quite often, they don’t actually value that data. So, this is a
great approach to help them do that.
Gardner: And what happens if they don’t comply; this is a fairly stiff penalty.
Room
4. Grieveson: It is. Up to four percent of the parent company’s annual revenue is exposed as part of
a fine, but also there's a mandatory breach notification, where companies need to inform the
authorities within 72 hours of a breach.
If we think of the Ponemon Report, the average time that the bad guy is inside an organization is
243 days, so clearly that’s going to be challenge for lots of organizations who don’t know they
have been breached, but also that remediation afterwards once that inevitable breach happens, on
average, globally, is anywhere from 40 to 47 days.
We're seeing that trend going in the wrong direction. We're seeing it getting more expensive. On
average, a breach costs in excess of $7.7 million, but we are also seeing the time to remediate
going up.
This is what I talked about with this cultural change in thinking. We need to get much smarter
about understanding the data we have and, when we have that inevitable breach, protecting the
data.
Gardner: Stewart, how does this affect companies that might not just be based in the EU
countries, companies that deal with any customers, or supply chain partners, alliances, the
ecosystem. Give us a sense of the concentric circles of impact that this pertains for inside the EU
and beyond?
Room: Yes, the law has global effect. It’s not about just regulating European activities or
protecting or controlling European data. The way it works is that any entity or data controller
that’s outside of Europe and that targets Europe for goods and services will be directly regulated.
It doesn’t need to have an establishment, a physical presence, in Europe. It targets the goods and
services. Or, if that entity pre-files and tracks the activity of European citizens on the web, they're
regulated as well. So, there are entities that are physically not in Europe.
Any entity outside of Europe that receives European data or data from Europe for data
processing is regulated as well. Then, any entity that’s outside of Europe that exports data into
Europe is going to be regulated as well.
So it has global effect. It’s not about the physical boundaries of Europe or the presence only of
data in Europe. It’s whether there is an effect on Europe or an effect on European people’s data.
Fringes of the EU
Kemp: If I could add to that, the other point is about those on the fringes of the EU, because
that is where this is originating from, places such as Norway and Switzerland, and even South
Africa, with the POPI legislation. These countries are not part of the EU, but as Stewart was
saying, because a lot of their trade is going through the EU, they're adopting local regulation in
order to mirror it in order to provide a level playing field for their corporate.
5. Gardner: And this notion of a fundamental right to personal data protection, is that something
new? Is that a departure and does that vary greatly from country to country or region to region?
I'll open that to anyone.
Room: This is not a new concept. The European data-protection law was first promulgated in the
late 1960s. So, that’s when it was all invented. And the first European legislative instruments
about data privacy were in 1973 and 1974.
We've had international data-protection legislation in place since 1980, with the OECD, the
Council of Europe in 1981, the Data Protection Directive of 1995. So, we're talking about stuff
that is almost two generations old in terms of priority and effect.
The idea that there is a fundamental right to data protection has been articulated expressly within
the EU treaties for a while now. So, it’s important that entities don’t fall into the trap of feeling
that they're dealing with something new. They're actually doing something with a huge amount
of history, and because it has a huge amount of history, both the problems and the solutions are
well understood.
If the first time that you deal with data protection, you feel that this is new, you're probably
misaligned with the sophistication of those people who would scrutinize you and be critical of
you. It's been around for a long time.
Grieveson: I think it’s fair to say there is other legislation as well in certain industries that make
some organizations much better prepared for dealing with what’s in the new legislation.
For example, in the finance industry, you have payment card industry (PCI) security around
credit-card data. So, some companies are going to be better prepared than others, but it still gives
us an opportunity as an auditor to go back and look at what you have and where it fits.
Gardner: Let’s move toward looking at this through the solution lens. One of the ways that the
law apparently makes it possible for this information to leave its protected environment is if it’s
properly encrypted. Is there a silver bullet here where if everything is encrypted, that solves your
problem, or does that oversimplify things?
No silver bullet
Grieveson: I don’t think there is a silver bullet. Encryption is about disruption, because
ultimately, as I said earlier, the bad guys are out to steal data, if I come from a cyber-attack point
of view, and even the most sophisticated technologies can at some point be bypassed.
But what it does do is reduce that impact, and potentially, the bad guys will go elsewhere. But
remember, this isn't just about the bad guys; it’s also about people who may have done something
inadvertently in releasing the data.
6. Encryption has a part to play, but it’s one of the components. On top of that, you have technology
around having the right people and the right process, having the data-protection officer in place,
and training your business users and your customers and your suppliers.
The encryption part isn't the only component, but it’s one of the tools in your kit bag to help
reduce the likelihood of the data actually being commoditized and monetized.
The Changing Face of Risk
Protect Your Digital Enterprise
Watch the Video to Get Started
Gardner: And this concept of the personally identifiable information (PII), how does that play a
role, and should companies that haven't been using that as a designation or an emphasis perhaps
rethink of the types of data and the types of identification with it?
Room: Can I comment on that? The idea of PII is known to US law. It lives inside the US legal
environment, and it’s mainly constrained to a number of distinct datasets. My point is that the
idea of PII is narrow.
The data-protection regime is concerned with something else, personal data. Personal data is any
information relating to an identifiable living individual. When you look at how the legislation is
built, it’s much, much, more expansive than the idea of PII, which seems to be around name,
address, Social Security number, credit-card information, things like that, into any online
identifier that could be connected to an individual.
The human genome is an example of personal data. It’s important that listeners in a global sense
understand the expansiveness of the idea or rather understand that the EU definition of personal
data is intended to be highly, highly expansive.
Gardner: And, David Kemp, when we're thinking about where we should focus our efforts first,
is this primarily about business-to-consumer (B2C) data, is it about business to business (B2B),
less so or more so, or even internally for business to employee (B2E)? Is there a way for us to
segment and prioritize among these groups as to what is perhaps the most in peril of being in
violation of this new law?
Commercial view
Kemp: It’s more a commercial view rather than a legal one. The obvious example will be B2C,
where you're dealing with a supermarket like Walmart in the US or Coop or Waitrose in Europe,
for example. That is very clearly my personal information as I go to the supermarket.
Two weeks ago I was listening to the head of privacy at Statoil, the major Norwegian energy
company, and they said we have no B2C, but in fact, even just the employee information we
7. have is critical to us and we're taking this extremely seriously as the way in which we manage
that.
Of course, that means this applies to every single corporate, that it is both an internal and an
external aggregation of information.
Grieveson: The interesting thing is, as digital disruption comes to all organizations and we start
to see the proliferation and the tsunami of data being gathered, it becomes more of a challenge or
an opportunity, depending on how you look at that. Literally, the new perimeter is on your
mobile phone, on your cellphone, where people are accessing cloud services.
If I use the British Airways app, for example, I'm literally accessing 18 cloud services through
my mobile phone. That then, makes it a target for that data to be gathered. Do I really understand
what’s being stored where? That’s where this really helps, trying to formalize what information
is stored where and how it is being transacted and used.
Gardner: On another level of segmentation, is this very much different for a government or
public organization, versus a private. There might be some verticals like finance or health, where
they've become accustomed to protecting data, but does this have implications for the public
sector as well?
Room: Yes, the public sector is regulated by this. There's a separate directive that’s been adopted
to cover policing and law enforcement, but the public sector has been in scope for a very long
time now.
Gardner: How does one go about the solution on a bit more granular level? Somebody
mentioned the idea of the data-protection officer. Do we have any examples or methodologies
that make for a good approach to this, both at the tactical level of compliance but at the larger
strategic level of a better total data and security posture. What do we do, what’s the idea of a
data-protection officer or office, and is that a first step or how does one begin?
Compliance issue
Room: We're stressing to entities that data view. This is a compliance issue, and there are three
legs to the stool. They need to understand the economic goals that they have through the use of
data or from data itself. So, economically, what are they trying to do?
The second issue is the question of risk, and where does our risk appetite lie in the context of the
economic issue? And then, the third is obligation. So, compliance. It’s really important that these
three things be dealt with or considered at the very beginning and at the same time.
Think about the idea simply of risk management. If we were to look at risk management in
isolation of an economic goal, you could easily build a technology system that doesn’t actually
deliver any gain. A good example would be personalization and customer insights. There is a
8. huge amount of risk associated with that, and if you didn’t have the economic voice within the
conversation, you could easily fail to build the right kind of insight or personalization engine. So,
bringing this together is really important.
Once you've brought those things together in the conversation, the question is what is your
vision, what’s your desired end state, what is it that you're trying to achieve in light of those three
things? Then, you build it out from there? What a lot of entities are doing is making tactical
decisions absent the strategic decision. We know that, in a tactical sense, it’s incredibly important
to do data mapping and data analysis.
We feel at PwC that that’s a really critical step to take, but you want to be doing that data
mapping in the context of a strategic view, because it affects the order of priority and how you
tackle the work. So, some non-obvious matters will become clearer than data mapping might be
if you take the proper strategic view.
A specific example of that would be complaint handling. Not many people have complaint
handling on the agenda -- how we operate inside the call center, for instance. If people are cross,
it's probably a much more important strategic decision in the very beginning than some of the
more obvious steps that you might take. Bringing those things forward and having a desired
vision for a desired end state will tell you the steps that you want to take and mold.
Gardner: Tim, this isn’t something you buy out of a box. The security implications of being able
to establish a breach that has taken place in as little 72 hours sounds to me like it involves an
awful lot more than a product or even a service on this cultural shift or the organizational shift.
How should one approach this from that security perspective and how should one start?
Grieveson: You're absolutely right. This is not a single product or a point solution. You really
have to bake it into the culture of your organization and focus not just on single solutions, but
actually the end-to-end interactions between the user, the data, and the application of the data.
If you do that, what you're starting to look at is how to build things in a safe, secure manner, but
how do you build them to enable your business to do something? There's no point in building a
data lake, for example, and gathering all this data unless you actually have from that data some
insight, which is actionable and measured back to the business outcomes.
I actually don't use the word “security” often when I am talking to customers. I'll talk about
protection, whether that's protection of revenue or growing new markets. I put it into business
language, rather than using technology language. I think it’s the first thing, because that puts
people off.
What are you protecting?
The second thing is to understand what is it that you're going to protect and why, where does it
reside, and then stop to build the culture from the top down and also from the bottom up. It’s not
9. just the data protection office's problem or issue to deal with. It’s not just the CIO or the CISO,
but it’s building a culture in your organization where it becomes normal everyday business.
Good security is good business.
Once you've done that, this is not a project; it’s not do it once and forget it. It’s really around
building a journey, but this is an evolving journey. It’s not just a matter of doing it, getting to the
point where you have that check box to say, yes, you are complying. It’s absolutely around
continuing to look at how you're doing your business, continuing to look at your data as new
markets come on or new data comes on.
You have to reassess where you are in this structure. That’s really important, but the key thing for
me is that if you focus on that data and those interactions, you have less of a conversation about
the technology. The technology is an enabler, but you do need a good mix of people, process, and
technology to deliver good security in a data-driven organization.
Gardner: Given that this cuts across different groups within a large organization that may not
have had very much interaction in the past, given that this is not just technology but process and
people, as Tim mentioned, how does the relationship between HPE and PwC come together to
help organization solve that? Perhaps, you can describe the alliance a bit for us.
Kemp: I'm a lawyer by profession. I very much respect our ability to collaborate with PwC,
which is a global alliance of ours. On the basis of that, I regard Stewart and his very considerable
department as providing a translation of the regulation into deliverables. What is it that you want
me to do, what does the regulation say? It may say that you have to safeguard information. What
does that entail? There are three major steps here.
One, is the external counsel guidance on what the regulation means into set of deliverables.
Secondly, a privacy audit. This has been around in terms of a cultural concept since the 1960s.
Where are you already in terms of your management of PII? When that is complete, then we can
introduce the technology that you might need in order to make this work. That is really where
HPE will come in. That’s the sequence.
Then, if we just look very simply at the IT architecture, what’s needed? Well, as we said right at
the beginning, my view is that this is the scene under the wedge of records management
coherence strategy in an organization. One of the first things is, can you connect to the sources of
data around your organization, given that most entities have grown up by acquisition and not
organically. Can you actually connect to and read the information where it is, wherever it is
around the world, in whatever silo.
For example, Volkswagen, had a little problem in relation to diesel emissions, but one of the
features there is not so much how do they defend themselves, but how do they get to the basic
information in many countries as to whether a particular sales director knew about this issue or
not.
10. Capturing data
So, connectivity is one point. The second thing is being able to capture information without
moving it across borders. That's where technology, which handles the metadata of the basic
components of a particular piece of digital information, can be captured, whether it is structured
or unstructured. Let’s bear in mind that when we're talking about data, it could be audio or visual
or alphanumeric. Can we bring that together and can we capture it?
Then, can we apply rules to it? If you had to say in a nutshell what is HPE doing as a
collaboration with PwC, we're doing policy enforcement. Whatever Stewart and his professional
colleagues advise in relation to the deliverables, we are seeking to effect that and make that work
across the organization.
That's an easy way to describe it, even to non-technical people. So, General Counsel, Head of
Compliance or Risk can appreciate the three steps of the legal interpretation, the privacy audit,
and then the architecture. Then, second, this building up of the acquisition of information in
order to be able to make sure that the standards which are set by PwC are actually being
complied with.
Gardner: We're coming up toward the end of our time, but I really wanted to get into some
examples to describe what it looks like when one as an organization does this correctly, what the
metrics of success are. How do you measure this out toward a state of compliance and
attainment? Do any of you have an example of an organization that has gone through many of
these paces, has acquired the right process, technology and culture, and what does that look like
when you get there or near there?
Room: There are various metrics that people have put in place, and it depends which principles
you're talking about. We obviously have security, which we've spoken about quite a lot here, but
there are other principles: accuracy, retention, delete, transfers, on and on.
But one of the metrics that entitles are putting in, which is non-security controlled, is about the
number of people who are successfully participating in training sessions and passing the little
examination at the very end. The reason that key performance indicator (KPI) is important is that
during enforcement cases, when things go wrong -- and there are lots and lots of these cases out
there -- the same kind of challenges are presented by the regulators and by litigants, and that's an
example of one of them.
So, when you're building your metrics and your KPIs, it's important to think not just about the
measures that would achieve operational privacy and operational security, but also think about
the metrics that people who would be adverse to you would understand: judges, regulators,
litigants, etc. There are essentially two kinds of metrics, operational results metrics, but also the
judgment metrics, that people may apply to you.
11. Gardner: At HPE, do you have any examples or perhaps can describe why we think that doing
this correctly could get you into a better competitive business position? What is it about doing
this that not only allows you to be compliant, but also puts you in an advantageous position in a
market and in terms of innovation and execution?
Biggest sanction
Kemp: If I could quote some of our clients, especially in the Nordic Region, there are about
six major reasons for paying strict and urgent attention to this particular subject. One of them,
listening to my clients, has to do with compliance. That is the most obvious one. That is the one
that has the biggest sanction.
But there are another five arguments -- I won't go into all of them -- which have to do with
advancement of the business. For example, a major media company in Finland said, if we could
only be able to say on our website that we were GDPR compliant that would increase materially
the customer belief in our respect for their information, and it would give us a market advantage.
So it's actually advancing the business.
The second aspect, which I anticipated, but I've also heard from corporates, is that in due course,
if it's not here already, there might be a case where governments would say that if you're not
GDPR compliant, then you can’t bid on our contracts.
The third might be, as Tim was referring to earlier, what if you wanted to make best use of this
information? There’s even a possibility of corporations taking the PII, making sure it's fully
anonymous or pseudonymized, and then mixing it with other freely available information, such
as Facebook, and actually saying to a customer, David, we would like to use your PII, fully
anonymized. We can prove to you that we have followed the PwC legal guidance. And
furthermore, if we do use this information and use it for analytics, we might even want to pay
you for this. What are you doing? You are increasing the bonding and loyalty with your
customers.
So, we should think about the upsides of the business advancement, which ironically is coming
out of a regulation, which may not be so obvious.
Gardner: Let’s close out with some practical hints as to how to get started, where to find more
resources, both on the GDPR, but also on the means by which we've been describing to go about
a better data privacy capability. Any thoughts about where we go to begin the process?
Kemp: I would say that in the public domain, the EU is extremely good at promulgating
information about the regulation itself coming in and providing some basic interpretation. But
then, I would hand it on to Stewart in terms of what PwC Legal is already providing in the public
domain. Can I pass it on to you, Stewart?
12. Room: We have two accelerators that we've built to help entities go forward. The first is our
GDPR Readiness Assessment Tool (RAT), and lots of multinationals run the RAT at the very
beginning of their GDPR programs.
What does it do? It asks 70 key questions against the two domains of operation and legal privacy.
Privacy architecture and privacy principles are mapped into a maturity metric that assesses
people’s confidence about where they stand. All of that is then mapped into the articles and
recitals of the GDPR. Lots of our clients use the RAT.
The second accelerator is the PwC Privacy and Security Enforcement Tracker. We've been
tracking the results of regulatory cases and litigation in this area over many years. That gives us a
very granular insight into the real priorities of regulators and litigants in general.
Using those two tools at the very beginning gives you a good insight into where you are and
what your risk priorities are.
Gardner: Last word to you, Tim. Any thoughts on getting started -- resources, places to go to get
on your journey or further along?
The whole organization
Grieveson: You need to involve the whole organization. As I said earlier on, it’s not just about
passing it over to the data-protection officer. You need to have the buy-in from every part of the
organization. Clearly, working with organizations who understand the GDPR and the legal
implications, such as the collaboration between PwC and HPE, is where I would go.
When I was in the seat as a CIS, I'm not a legal expert, so one of the first things that I did was go
and get that expertise and brought it in. Probably the first place I would start is getting buy-in
from the business and making sure that you have the right people around the table to help you on
the journey.
The Changing Face of Risk
Protect Your Digital Enterprise
Watch the Video to Get Started
Gardner: Very good. I'm afraid we will have to leave it there. We've been discussing the
implications of the European Parliament’s recent approval of the General Data Protection
Regulation or GDPR. And we have heard how attaining a far stronger general security posture --
one that also provides a competitive business advantage -- may well be among the most
impactful beneficial consequences of this new regulation.
13. So please join me now in thanking our guests, Tim Grieveson, Chief Cyber & Security
Strategist, Enterprise Security Products EMEA, at HPE; David Kemp, EMEA Specialist
Business Consultant, also at HPE, and Stewart Room, Cybersecurity and Data Protection at PwC
Legal.
And a big thank you as well to our audience for joining us for this HPE-sponsored security
market transformation discussion. I’m Dana Gardner, Principal Analyst at Interarbor Solutions,
your host for this ongoing series of practical business benefits discussions. Thanks again for
listening and do come back next time.
Listen to the podcast. Find it on iTunes. Get the mobile app. Sponsor: Hewlett
Packard Enterprise.
Transcript of a sponsored discussion on Europe's new data-privacy regulation and how it can be
turned to a competitive advantage. Copyright Interarbor Solutions, LLC, 2005-2016. All rights
reserved.
You may also be interested in:
• Big data enables top user experiences and extreme personalization for Intuit TurboTax
• Feedback loops: The confluence of DevOps and big data
• Spirent leverages big data to keep user experience quality a winning factor for telcos
• Powerful reporting from YP's data warehouse helps SMBs deliver the best ad campaigns
• IoT brings on development demands that DevOps manages best, say experts
• Big data generates new insights into what’s happening in the world's tropical ecosystems
• DevOps and security, a match made in heaven
• How Sprint employs orchestration and automation to bring IT into DevOps readiness
• How fast analytics changes the game and expands the market for big data value
• How HTC centralizes storage management to gain visibility and IT disaster avoidance
• Big data, risk, and predictive analysis drive use of cloud-based ITSM, says panel
• Rolta AdvizeX experts on hastening big data analytics in healthcare and retail
• The future of business intelligence as a service with GoodData and HP Vertica
• Enterprises opting for converged infrastructure as stepping stone to hybrid cloud