the rise of the mighty
DESCRIPTION
The CTO Forum 21st December 2009 IssueTRANSCRIPT
V
DO YOU MEASURE
Info-Security & Privacy Measures
UPSIDE
IT Still Considered as Cost Centre
DOWNSIDE
as VP/Sr. VP IT.A small number (17%)
are still called as Head IT.
OUT OF 200 RESPONDENTS
said they bear a ‘CIO’designation followed by
38%
27%CUSTOMER SATISFACTION WITH IT SERVICES?
Internally
12% 56%
31%
1%
Externally
Internally & Externally
No
Dr. Jai Menon, Group CIO,
Bharti Enterprises says under-
standing customer is a dimension
that does not require technology.
Rajesh Uppal, Chief GM,
Maruti-Suzuki says unless you
feel the heat, you will never be
able to understand the criticality.
Laxman Badiga, Corporate
VP & CIO, Wipro says a CIO is an
enabler and efficiency generator in
every aspect of the business.
Ajay Dhir, Group CIO, JSW Ltd.
says CIO can be a value creator and
the role goes beyond cost-cutting
and tech deployment.
A 9.9 Media Publication
December | 21 | 2009 | Rs.50Volume 05 | Issue 09
Undaunted by the adversities and global
economic fear, a large number of Indian CIOs are
CREATING INTERNAL EFFICIENCIES
leading to remarkable innovations.
70%CIOs say the enterprise IT
BUDGETS WILL INCREASE
in the year 2010-11
41%survey respondents say
they are now REPORTING
DIRECTLY to their CEOs
To read the first annual CTO Forum
‘State of the INDIAN CIO’survey turn to
page number 16
Technology for Growth and Governance
FIR
ST
AN
NU
AL
CT
O F
OR
UM
‘STA
TE
OF
TH
E IN
DIA
N C
IO’ S
UR
VE
YVolum
e 05 | Issue 09
EDITORIALRAHUL NEEL MANI | [email protected]
1thectoforum.com 21 DECEMBER 2009CTOFORUM
You have arrived Having emerged winners
from a beastly economy, what's next?
Like for everyone else, it has been a tumultuous couple
of years for CIOs. The economic meltdown transformed the world and hit IT organisations in its wake. CIOs have faced extraordi-nary situations and unique risks – with no ‘quick fix’ solutions in sight. Budgets and team sizes were trimmed to begin with. And expectedly, many much-awaited and ambitious projects were either curtailed or put on hold.
Undaunted by these adversi-ties and global apprehensions,
To find the answers, The CTO Forum launched its first “State of the Indian CIO” survey. We focused on the emergence of the CIO’s role and his growing influ-ence as a strategic leader. With nearly 200 responses from lead-ing CIOs in India, we believe this is as insightful a study, as one could hope for to set the trend going forward. The results show the continuing transforma-tion of the CIO’s role.
As we look into the year 2010, the survey shows that CIOs will place emphasis on aligning IT with their business goals to cre-ate an efficient enterprise. Many of our respondents expect to move further from the mundane to the strategic i.e start spend-ing more time on planning and implementing new technologies. Organisationally too, there are telling shifts. A growing number of CIOs now report directly to
a large number of Indian CIOs forged ahead to create internal efficiencies and some remarkable self-funded innovations. These innovations have demonstrated that select CIOs are harbingers of success, with the ability to win against all odds.
Can the same skills work for them as the economy enters a growth phase? Can the CIO who essentially played the role of an IT leader, grow into the shoes of a business strategist and an able pragmatist?
their CEOs and are an integral part of top level management in their organisations.
The good news continues and the most heartening element of the survey was the prediction for IT spends. More than 70 percent of India’s technology decision-makers expect their budgets to increase in the New Year. With this stimulant, CIOs will have an opportunity to use their ‘new-found’ influence and collabora-tive partnership with business to invest strategically and transform their organisations. While this is not an easy task, it will present opportunities for CIOs to emerge winners yet again!
With 2010 a few days away, I wish you all success and happi-ness in the new year.
EDITORS PICK31
Part time freighter - Full time CIOA firsthand account from the CIO who steered a mammoth logistic function.
2 21 DECEMBER 2009 thectoforum.comCTOFORUM
DECEMBER09VO
LUM
E 0
5 |
ISS
UE
09
CTOFORUM
COVE R S TORY X X X X X X X X X X
18 21 DECEMBER 2009 thectoforum.comCTOFORUM
X X X X X X X X X X COVE R S TORY
19thectoforum.com 21 DECEMBER 2009CTOFORUM
CO NTE NT S THECTOFORUM.COM
CO
VE
R D
ESI
GN
: B
INES
H S
REE
DH
AR
AN
COVER STORY
16 | Rise of the mighty. Undaunted by the adversities and global apprehensions, a large number of Indian CIOs are creating internal efficiencies and some remarkable innovations.
COPYRIGHT, All rights reserved: Reproduction in whole or in part without written permission from Nine Dot Nine Interactive Pvt Ltd. is prohibited. Printed and published by Kanak Ghosh for Nine Dot Nine Interactive Pvt Ltd, C/o K.P.T House, Plot Printed at Silverpoint Press Pvt. Ltd. TTC Ind. Area, Plot No. A-403, MIDC Mahape, Navi Mumbai 400709
COLUMN04 | I BELIEVE:CIO: INNOVATIVE, PROAC-TIVE AND PROGRESSIVE. A varied approach to how a CIO should do his businessBY GRAHAM CLARK
52 | VIEW POINT: DECISION MAKING WEB. How to make smarter, faster deci-sions everywhereBY ROD KING
FEATURES14 | BEST OF BREED: EMERGENCE OF FABRIC COMPUTING. One needs to treat fabric computing similar to virtualisation.
16
S E C T I O N N A M E S TORY NA M E
3thectoforum.com 07 DECEMBER 2009CTOFORUM
DECEMBER09
A QUESTION OF ANSWERS
10 | “In terms of cloud adoption, even developed markets are at adolescent stage”. Jeremy Cooper, VP, Regional Marketing, APJ, Salesforce.com
VOLUME 05 | ISSUE 09 | 21 DECEMBER 2009
Managing Director: Dr Pramath Raj SinhaPrinter & Publisher: Kanak Ghosh
Publishing Director: Anuradha Das Mathur
EDITORIALEditor: Rahul Neel Mani
Resident Editor (West & South): Ashwani MishraSr. Assistant Editor: Gyana Ranjan Swain
Consulting Editor: Shubhendu ParthPrincipal Correspondent: Vinita Gupta
Sr. Correspondent: Jatinder SinghCorrespondent: Sana Khan
DESIGNSr. Creative Director: Jayan K Narayanan
Art Director: Binesh Sreedharan Associate Art Director: Anil VK
Manager Design: Chander Shekhar Sr. Visualisers: PC Anoop, Santosh Kushwaha
Sr. Designers: TR Prasanth & Anil T Photographer: Jiten Gandhi
ADVISORY PANELAjay Kumar Dhir, CIO, Jindal Stainless
Anil Garg, CIO, DaburDavid Briskman, CIO, Ranbaxy
Mani Mulki, VP-IS, Godrej IndustriesManish Gupta, Director, Enterprise Solutions AMEA, PepsiCo
India Foods & Beverages, PepsiCoRaghu Raman, CEO, National Intelligence Grid, Govt. of India
S R Mallela, Former CTO, AFLSantrupt Misra, Director, Aditya Birla Group
Sushil Prakash, Country Head, Emerging Technology-Business Innovation Group, Tata TeleServices
Vijay Sethi, VP-IS, Hero Honda Vishal Salvi, CSO, HDFC Bank
Deepak B Phatak, Subharao M Nilekani Chair Professor and Head, KReSIT, IIT - Bombay
Vijay Mehra, Executive VP, Global Head-Industry Verticals, Patni
SALES & MARKETINGVP Sales & Marketing: Naveen Chand SinghNational Manager Online Sales: Nitin Walia
National Manager-Events and Special Projects: Mahantesh Godi (09880436623)Product Manager – Rachit Kinger
Asst. Brand Manager: Arpita GanguliCo-ordinator-MIS & Scheduling: Aatish Mohite
Bangalore & Chennai: Vinodh K (09740714817)Delhi: Pranav Saran (09312685289)
Kolkata: Jayanta Bhattacharya (09331829284)Mumbai: Sachin Mhashilkar (09920348755)
PRODUCTION & LOGISTICSSr. GM. Operations: Shivshankar M Hiremath
Production Executive: Vilas MhatreLogistics: MP Singh, Mohd. Ansari,
Shashi Shekhar Singh
OFFICE ADDRESSNine Dot Nine Interactive Pvt Ltd
C/o K.P.T House,Plot 41/13, Sector-30,Vashi, Navi Mumbai-400703 India
Printed and published by Kanak Ghosh forNine Dot Nine Interactive Pvt Ltd
C/o K.P.T House, Plot 41/13, Sector-30,Vashi, Navi Mumbai-400703 India
Editor: Anuradha Das MathurC/o K.P.T House, Plot 41/13, Sector-30,
Vashi, Navi Mumbai-400703 India
Printed at Silverpoint Press Pvt. Ltd.D 107,TTC Industrial Area,
Nerul.Navi Mumbai 400 706
www.thectoforum.com
34 | NEXT HORI-ZON: IT IN THE NEW NORMAL. Recession or not IT lead-ers continue to see IT as key efficiency enhancer
REGULARS
01 | EDITORIAL04 | ENTERPRISE
ROUNDUP13 | TECHCRAP
advertisers’ index
VERIZON IFC
IBM 54,55
INTERFACE IBC
CANON BC
This index is provided as an additional service.The publisher does not assume
any liabilities for errors or omissions.
42 | NETWORK OF THE FUTURE: THE RELEVANCE OF NETWORK MONITORING. It can help in managing a fast changing IT envi-ronment.
10
34 42
4 21 DECEMBER 2009 thectoforum.comCTOFORUM
I BELIEVE
CURRENTCHALLENGE
OPERATING ENVIRONMENT FOR IT MANAGERS, ALIGNMENT OF IT WITH BUSINESS
THE AUTHOR IS a skilled senior IT professional, with experience in operational
management and IT services consultancy gained across multiple industries.
BY GRAHAM CLARK | Head of IT, Regenersis Plc, London
CIO: Innovative, proactive and progressiveA varied approach to how the CIO or IT Director works within their respective businesses
THE ENVIRONMENT in which a CIO operates can certainly influence the level of contribution they are capable of making. However, it is wrong to think that an organisational hierarchy in itself can be an answer to the problem.
The biggest factor in how an individ-ual can be proactive or progressive is the individual. A job title or reporting structure does not qualify anybody to be anything.
Many sociologists now consider a different approach to the functional hierarchy and advocate the industry to move away from the extreme reli-ance upon the traditional organisa-tional chart and consider employing personal networks as one of the greatest drivers of success.
If the CIO reports into the CFO who, by the nature of the job, can tend to be rather staid in their out-look, but has a strong and open relationship with other key decision makers, does this impact the CIO's ability to make or influence change?
In most cases the IS/IT function is treated as a support function to the business. Sometimes this can also be as a profit centre and managed as such. At other times it is more appro-priate to recognise IT is a 'cost sink' and manage it accordingly.
If the CIO can see beyond the confines of his/her own function by understanding all the moving parts of the business and contribute to the overall improvement of the greater machine then this is true ‘proactive contribution’. Learn to recognise the key influencers in the organisation, understand what and who they are, build relationships at that level and then consider how you can help to influence and drive change in those areas.
Understanding and effectively managing the 'plumbing' of IT sys-tems is necessary, managing cost or profit contribution is also part and parcel of the role. However, if the focus of the CIOs is inward to their own function, by definition this limits opportunity for progression as there is limited scope.
S E C T I O N N A M E S TORY NA M E
5thectoforum.com 21 DECEMBER 2009CTOFORUM
LETTERSCOVE R S TORY E VE RY T H I N G A S A S E RV I CE
26 07 DECEMBER 2009 thectoforum.comCTOFORUM
E VE RY T H I N G A S A S E RV I CE COVE R S TORY
27thectoforum.com 07 DECEMBER 2009CTO FORUM
ed in all levels of the company. Spread over several locations, the organisation needed a system to manage operations efficiently. The operations were also in many ways exactly like a bank, though in some ways distinctly different. This included a solution that would help organise customer information and pro-vide a single customer view, to support new product development and improve cross-selling capabilities. Finally, the system had to be quick to deploy, easy to use and technically robust.
Cloud comes callingAccordingly Janalakshmi selected a combination of solutions, which were all based on cloud computing:
a core banking system for the banking operations
a smart card system for field operations
a CRM system for the management of the customer relationship through the life of the same
“We selected the applications on the cloud, because it did not require upfront capital expenditure and met with their technical specifications,” says Janalakshmi’s Vice President - Special Projects,Ramaswami Dasarathy.
FINO is the service provider for the core banking system and the smart card system. The microfinance company then selected Wipro as the implementation partner for the Sales-force.com and leveraged the bank’s documented business processes to ease implementation. The first stage of roll-out involved the collection module and later extended to the cus-tomer acquisition module.
Janalakshmi's technology infrastruc-ture is defined by a three-tier frame-work. At the foundation lies the IT architecture comprising the technology services and infrastructure. The archi-tecture enables growth and ensures scalability of the business. Next, the core banking system (CBS) complemented by the CRM application drives the busi-ness processes of the company. Finally, delivery mechanisms such as the smart card seamlessly interface with CBS and CRM to cater to the needs of the cus-
tomer. Janalakshmi utilises the CRM application to streamline the collection process from the customer acquisition to the collections phase. This custom-ised solution allows for one data set for all to view and enables management to update on a real time basis.
The benefits The applications have helped Janal-akshmi’s employees to have a single view of the customer, across the various levels of the organisation and take appropriate action. “The solu-tions helped fill gaps in information which in turn helped in streamlining processes and managing operations more efficiently,” adds Dasarathy.
Salesforce CRM helped the bank to improve information sharing, which was critical to planning and selling related financial products to the same set of customers.
“Additionally, the company can reduce the costs and complexities associated with a cash-based transac-tion environment, intrinsic to the microcredit world,” he adds.
Future plansThe company is now planning to create a single and uniform informa-tion system based on processes and procedure. It plans to launch a 'portal' which will host the CRM applications and organisation wide processes and documents. The portal will enable all location offices to access the applica-tion and data seamlessly and provide a reliable and consistent IT Infrastruc-ture through the implementation of a Network and Security management system. This includes an Enterprise Data Storage solution for corporate data requirements.
The company is also planning to implement an additional delivery channel interfaced with CBS and Salesforce.com. “This is to be accom-plished through mobile phone based solutions particularly for the collec-tions and customer update require-ments,” says Dasarathy.
Serving the financial needs of the sub-prime customers, Janalakshmi Financial Services banks upon cloud to minimise its capex BY GYANA RANJAN SWAIN
MICRO DEBITMEGA CREDIT
BANKING AND FINANCIAL INSTITUTIONS thrive upon customer satisfaction and trust, and it is achieved when you entirely focus on providing the best service to the customer without any hassles.Bangalore-based Janalakshmi Financial Services (JFS), a midsized microfi-nance firm is mainly focused at the Indian sub-prime sector. Commencing service in 2006, it currently serves more than 55,000 customers.
BENEFITS
Reliable, Authentic and uniform customer view
– The applications
have helped
Janalakshmi’s
employees to
have a single view
of the customer,
across the various
levels of the
organisation and
take appropriate
action.
Streamlined operations –
The solutions
helped fill gaps in
information which
in turn helped
in streamlining
processes
and managing
operations more
efficiently – thereby
aligning the
organisation.
Reduced business risks
– Salesforce CRM
helped the bank to
improve information
sharing, which was
critical to planning
and selling related
financial products
to the same set of
customers.
COMPANY DASH BOARD
COMPANY NAME:Janalakshmi Financial
Services
CORPORATE OFFICE:
Bangalore
AREA OF OPERATION:
Microfinance
CUSTOMER BASE:55,000+
ESTABLISHED:July 2006
MD & CEO:R Srinivasan
ChallengesEarly on, Janalakshmi had made an investment to define and document the processes of the core business life-cycle. Beginning with the customer acquisition phase, loan disbursement, collection phase, and finally the clo-sure phase, the mapping of processes identified the vital role of technology in driving business processes.
These documented procedures now ensure that standardisation, improve-ment, and compliance are implement-
2707 DECEMBER 2009FORUM
Serving the financial needs of the sub-prime customers, Janalakshmi Financial Services banks
BY GYANA RANJAN SWAIN
MICRO DEBITMICRO DEBITMEGA CREDIT
thrive upon customer satisfaction and trust, and it is achieved when you entirely focus on providing the best service to the customer without any hassles.Bangalore-based Janalakshmi Financial Services (JFS), a midsized microfinance firm is mainly focused at the Indian sub-prime sector. Commencing service in 2006, it currently serves more than 55,000 customers.
employees to
have a single view
of the customer,
across the various
levels of the
organisation and
take appropriate
action.
Streamlined operations –
The benefitsThe applications have helped Janal-akshmi’s employees to have a single view of the customer, across the various levels of the organisation and take appropriate action. “The solu-tions helped fill gaps in information which in turn helped in streamlining
vide a single customer view, to support new product development and improve cross-selling capabilities. Finally, the system had to be quick to deploy, easy to use and technically robust.
Infrastructure 2.0 A step closerPAGE 14
BEST OF BREED
Capacity,Reliability&QualityPAGE 44
NO HOLDS BARRED
OnlineSecurityCIO’smajorconcern PAGE 10
A QUESTION OF ANSWERS
SERVICEAT YOUR
Enterprises are in a new era of computing where everything
is now being offered as a service (EaaS) | PAGE 18
A 9.9 Media Publication
AT
YO
UR
SE
RV
ICE
| CA
PA
CIT
Y,RE
LIA
BIL
ITY
& Q
UA
LIT
Y | S
TAN
DA
RD
DE
VIA
TIO
NS
Volume 05 | Issue 08
December | 07 | 2009 | Rs.50Volume 05 | Issue 08
S P I N E
Technology for Growth and Governance
CT
O
FO
RU
M
USER-CENTRIC APPROACHThe new CTO Forum looks better than its earlier avatar. I have a
few suggestions. As opposed to pure technology information, you
must cover implementation and usage of technology. This can be
done by seeking feedback from the business users. In addition,
select one technology e.g. cloud computing and cover the same in
details across multiple issues.
SUKANTA K NAYAK, Asst Vice President, Mawana Sugars
CTO FORUM HAS PUNCHThe new-look CTO Forum is far more refreshing. There is a
marked difference in the content, presentation, and clarity. I per-
sonally liked it very much.
UC DUBEY, Executive Vice President – IT, IFFCO Tokyo
General Insurance Company
WRITE TO US: The CTO Forum values your feedback. We want to know what you think about the magazine and ways
and means to make it a better read for you. Our endeavour continues to be work in progress and your comments will go a long way in mak-ing The CTO Forum the preferred publication of the CIO Community.
Send your comments, compliments, complaints or questions about the magazine to [email protected]
“The redesigned CTO Forum looks good. I am particularly interested in user deployments. I read one on a Microsoft deployment recently, but it still doesn't answer my concern: "which architecture for which user quality?" So a simple article about scalability and deployment advice could be nice.” MANIKKAM V.S., Head IT & AGM Materials, Henkel CAC
6 21 DECEMBER 2009 thectoforum.comCTOFORUM
Enterprise
ROUND-UP
INTERVIEW INISDE
The CIO and COO roles are increasingly
overlapping. Pg 07
OF CO2 IS GENER-ATED BY A WEBSITE IN 1 SEC OF WEB BROWSING
Gartner identifies top 10 strategic technologies for 2010. These technologies are expected to change the shape of the IT world.
GARTNER analysts highlighted the top 10 technologies and trends that will be strategic for most organisations in 2010. The analysts presented their findings during Gartner Symposium/ITxpo, held during October 09.Gartner defines a strategic technology as one with the potential for significant impact on the enterprise in the next three years. The top 10 strategic technologies for 2010 include: Cloud computing. Using cloud resources does not eliminate the costs of IT solutions, but does re-arrange some and reduce others. In addition, con-suming cloud services enterprises will increasingly act as cloud providers and deliver application, infor-mation or business process services to customers and business partners.Advanced analytics. Optimisation and simulation is using analytical tools and models to maximise busi-ness process and decision effectiveness by examining alternative outcomes and scenarios, before, during and after process implementation and execution. This can be viewed as a third step in supporting opera-tional business decisions. The new step is to provide simulation, prediction, optimisation and other analyt-ics, not simply information, to empower even more decision flexibility at the time and place of every busi-ness process action. Client computing. Virtualisation is bringing new ways of packaging client computing applications and capa-bilities. Enterprises should proactively build a five to eight year strategic client computing roadmap outlin-ing an approach to device standards, ownership and support; operating system and application selection, deployment and update; and management and secu-rity plans to manage diversity.IT for green. IT can enable many green initiatives. Com-mon green initiatives include the use of e-documents, reducing travel and teleworking. IT can also provide the analytic tools that others in the enterprise may use to reduce energy consumption in the transportation of goods or other carbon management activities.Reshaping the data centre: Newly-built data centres often opened with huge areas of white floor space, fully powered and backed by an Uninterruptible
DATA BRIEFING
PH
OT
OS
BY
PH
OT
OS
.CO
M
20mg
7thectoforum.com 21 DECEMBER 2009CTOFORUM 7thectoforum.com 21 DECEMBER 2009CTOFORUM
Power Supply (UPS), water-and air-cooled and mostly empty. However, costs are actually lower if enterpris-es adopt a pod-based approach to data centre construction and expan-sion. Cutting operating expenses, which are a nontrivial part of the overall IT spend for most clients, frees up money to apply to other projects or investments either in IT or in the business itself.Social computing. Enterprises must focus both on use of social software and social media in the enterprise and participation and integration with externally facing enterprise-sponsored and public communities. Do not ignore the role of the social profile to bring communities together.Security – Activity monitoring. Information security professionals face the challenge of detecting malicious activity in a constant stream of discrete events that are usually associ-ated with an authorised user and are generated from multiple network, system and application sources. A variety of complimentary (and some-times overlapping) monitoring and analysis tools help enterprises better detect and inves-tigate suspicious activity, often with real-time alerting or transaction intervention. By under-standing the strengths and weaknesses of these tools, enterprises can better understand how to use them to defend the enterprise and meet audit requirements.Flash memory. At the rate of price declines, the technology will enjoy more than a 100 percent compound annual growth rate during the new
few years and become strategic in many IT areas including consumer devices, entertainment equipment and other embedded IT systems. Virtualisation for availability. Vir-tualisation has been on the list of top strategic technologies in previ-ous years. It is on the list this year because Gartner emphases new elements such as live migration for availability that have longer term implications. Live migration is the
movement of a running virtual machine (VM), while its operating system and other software continue to execute as if they remained on the original physical server.
The key value proposition is to displace a vari-ety of separate mechanisms with a single “dial” that can be set to any level of availability from baseline to fault tolerance, all using a common mechanism and permitting the settings to be changed rapidly as needed. Mobile applications. By year-end 2010, 1.2 bil-lion people will carry handsets capable of rich, mobile commerce providing a rich environ-ment for the convergence of mobility and the Web. There are already many thousands of applications for platforms such as the Apple iPhone, in spite of the limited market and need for unique coding. It may take a newer version that is designed to flexibly operate on both full PC and miniature systems, but if the operating system interface and proces-sor architecture were identical, that enabling factor would create a huge turn upwards in mobile application availability.
E N T E R PR I S E RO U N D - U P
M86 Security predictions for 2010. Highlight sophistication of traditional threatsM86 SECURITY a global
provider of Web and mes-
saging security products,
released Predictions
2010, which is a report on
its expectations for Web
and messaging-based
threats for the year 2010.
The report is based
on M86 Security Lab's
research into the current
trends in threats over the
past year and its views on
the major vulnerabilities
facing organisations.
The report highlights the
increasing sophisti-
cation of traditional
threats such as botnets,
scareware, compromised
legitimate websites and
blended threats.
Specific 2010 security
predictions from M86
Labs are as follows:
BOTNETS GROW IN
SOPHISTICATION:
Botnets continue to be
a major problem. They
have moved away from
traditional IRC-based
command and control, in
favour of HTTP or other
custom protocols, utilis-
ing Twitter, Google and
Facebook.
CONTINUED RISE OF
SCAREWARE: Scareware
is a traditional tactic that
grew popular in the sec-
ond half of 2009 because
of its effectiveness. In
2010, these attacks
should escalate, as the
look and feel of scareware
pages get updated and
criminals find new ways
to reach users.
FACT TICKER
BILLION PEOPLE
WOULD BE USING
M-COMMERCE
ENABLED MOBILE
PHONES BY 2010
STRIKING BALANCE
Today’s CIOs – the enterprise technol-
ogy leaders – are struggling to strike the
right balance between the technology
adoption, business agility and smart
spending. There are some very impor-
tant questions that Nick Athanassiadis,
CTO, Q Ventures LLC answers for us:
How much of know-how on tech-
nology, business and people should
a CIO have to distinguish himself
from a tech-only leader?
Nick Athanassiadis: “Yesterday’s CIO
is today’s new COO. With the industry
increasingly working hand-in-hand with
technology, the CIO and COO roles are
increasingly overlapping, and, in many
cases, can even be interchangeable.
The CIOs role is more about having a
keen understanding of a business and
how specific information technology
can help that particular business move
forward and meet its goals. It is no lon-
ger simply about choosing technology
and managing projects.”
How much of management skills does
he require to make his next career move
into the boardroom?
“The modern CIO has to posses the
same management skills as any other
C-level executive and in particular,
those of a COO. Without these skills,
it will be impossible to be effective in
the boardroom.”
Does a CIO essentially become the mas-
ter in sales to have internal buy-in?
“If the CIO reports to the CEO and
EXECUTIVE INTERVIEW
Continued on page 8
1.2
8 21 DECEMBER 2009 thectoforum.comCTOFORUM
E NT E R PR I S E RO U N D - U P
New guidelines for secure cloud . The Cloud Security Alliance (CSA) releases 2nd version of its “Guidance for Critical Areas of Focus in Cloud Computing”.
is hired to implement the strategic vision of
the company, then internal buy-in becomes
an easier task. On the other hand, the inter-
nal buy-in will depend solely on his ability to
sell the solution or direction to different levels
within the organisation.”
Should a CIO be an excellent marketing pro to
sell himself as a brand?
This is a must-have for any C-level execu-
tive. Information technology is still viewed
in many instances as a ‘necessary evil’ or a
pure cost. Therefore, part of the job of the
CIO is changing the perception that many
executives have that a senior level informa-
tion technology officer is not needed at the
executive ‘table’ and can actually improve a
company’s bottom-line results.
What are the key challenges facing a CIO while
dealing with CFOs and CEOs?
Making sure that the CEO embraces technol-
ogy as a must-have asset of the company that
needs to evolve and grow.
Involve stakeholders and division heads in pro-
active discussions and brainstorming sessions.
Use the business processes and discuss spe-
cific examples where tools can have a positive
impact to the bottom line.
If IT is done well, it saves company money
rather than being a profit-centre, and this fact
makes the position disposable in many execu-
tives’ eyes.
Should innovation be a driving force for CIOs
going forward?
Innovation is important but in my opin-
ion there are several steps before reaching
this stage.
Intimate knowledge of the business
Engineering and re-engineering processes
Successful implementation of technol-
ogy tools that can increase efficiencies and
decrease cost
Be one step ahead of the business next step
(acquisition, new product, new service) to help
the new step rather than joining after the fact
When all of the above steps have been utilised
it will be time to start innovating so the busi-
ness can reach the next plateau and differenti-
ate itself in the market place.
—By Rahul Neel Mani
POISONING SEARCH
ENGINE RESULTS: A
growing trend is in the
use of Search Engine
Optimization (SEO)
techniques to drive
users to Web pages
hosting malicious
code. The technique is
commonly paired with
scareware to capitalise
on users' trust in
search engines.
EVOLUTION OF WEB-
SITE INFECTIONS:
The standard attack
vector for cybercrimi-
nals is to compromise
legitimate websites
to spread malware. In
2010, the majority of
malicious behaviour
will reside on legitimate
websites that have
been compromised
by various scripts and
worms.
SETTING SIGHTS ON
SAAS AND CLOUD
SERVICES: As a result
of popularity of cloud-
based services, more
corporate data is being
stored outside of the
network, making it
difficult for IT admin-
istrators to have direct
control over the data.
In 2010, cybercriminals
will target the larger
cloud-based provid-
ers and attacks will
increase.
EXPLOITING THIRD
PARTY APPLICA-
TIONS: Cybercriminals
commonly exploit
highly deployed third
party applications, such
as Adobe Flash and
Acrobat Reader. The
ability to embed one
file type in another will
result in more complex
attacks gaining popu-
larity in 2010, due to the
ability to evade detec-
tion mechanisms.
INTERNATIONAL
DOMAIN NAME
ABUSE: In 2009, the
Internet Corporation
for Assigned Names
and Numbers (ICANN)
approved the registra-
tion of Internation-
alised Domain Names,
enabling the use of
non-Latin characters in
domain names. As a
result, phishing attacks
should rise, as cyber-
criminals can register
phony websites with
URLs that are nearly
indistinguishable from
legitimate ones.
ATTACKING APPLICA-
TION PROGRAM-
MING INTERFACES:
Social networks such as
Twitter and Facebook
are extending their
services for third party
development through
the use of application
programming inter-
faces (APIs). There is
an implicit level of trust
provided through the
use of APIs, granting
access to user profiles
and data, so the threats
that target them are
likely to increase in
2010.
The popularity of
Twitter and link sharing
has given rise to URL
shortening services that
reduce the number of
characters needed to
parse a link. However,
these services enable
cybercriminals to
spread spam and
malware.
Source: M86Security.com
Continued from page 7
THE CLOUD The Cloud Security Alliance (CSA) has issued the second version of its “Guidance for Critical Areas of Focus in Cloud Computing”.
The guidance outlines key issues and provides advice for both Cloud Computing customers and providers within 13 stra-tegic domains. Version 2.1 provides more
concise and actionable guidance across all domains. It has also attempted to define cloud computing more precisely basing upon the deployment experience in the last six months in various industry verticals. The first edition was released in April this year.
The CSA's report tackles cloud security on 13 different fronts, from governance issues like e-discovery, compliance and audits to operational concerns such as disaster recovery, application security and identity management.
The alliance which is now 23-member strong is a not-for-profit organisation with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.
9thectoforum.com 21 DECEMBER 2009CTOFORUM
E N T E R PR I S E RO U N D - U P
Top Tech Releases of 2010 Hightech gadgets from Intel, Nokia and Apple to flood the markets.APPLE multi-touch tabletThere is finally good news for all Apple fans. Apple tablet PC is going to be released in 2010 and the company is making sure that the device matches customer expectations. This is a 10-inch, 3G enabled tablet and will be priced between iPhone and an affordable Mac notebook. It will probably come with the OS version similar to current Mac OS X. Nokia’s Maemo-based tablet Nokia seems to be in no mood to give up on its fate in front of giants like Apple and Google and is working hard on its own platform called Maemo 5. The company is preparing to launch Maemo 5-based N900 Phone. The key features of the phone will be
a large screen, QWERTY slide out keyboard and proportions bigger than a Smartphone. These N series of Nokia will have mobile ver-sion of the Linux called Maemo.Intel’s Moorestown and New Moblin LinuxEarlier this year, Intel sent out the details of its Moorestown chip platform and informed that the release will happen sometime in the mid 2010. This launch will provide the new version of Moblin which is a Linux-based OS of Intel specially designed for small devices. It is 3G technology and consumes ten times less power when idle as compared to other devices running Intel atom. Microsoft Office 2010Microsoft Office 2010 will be a big release
because of its features and online sup-port. Office 2010 Web Apps will be competing against Google Docs which is the leader in the online version of documentation. It will be exciting to watch what features Web Apps provide. We hope that the desktop version of the Office will be better and richer. Office 2010 will be as to Office 2007 as Windows 7 is to Windows Vista in our point of view.Intel Xeon Nehalem-EX ProcessorIt looks as if Intel Xeon Nehalem-EX will form the high-end Intel server platforms. They will provide count-less technical advancement, which will boost enterprise computing to great extent.
Nehalem will be having eight cores inside a single chip supporting 16 threads and 24MB cache.Few of the features of Xeon Processor are as follows: Intel Nehalem Architecture built on Intel’s unique 45nm high-k metal gate technology process Up to 8 cores per processor Up to 16 threads per processor with Intel Hyper-threading Scalability up to eight sockets via Quick Path Interconnects and greater with third-party node controllers 24MB of shared cache Integrated memory controllers Intel scalable memory buffer and scalable memory interconnects Up to 9x the memory bandwidth of previous generation Support for up to 16 memory slots per processor socket.
New kids on the block:(Left) Intel's Moorestown micro chip to be released in 2010, and (below) Apple's 10-inch 3G-enabled tablet PC to be released next year.
Global mobile & smart phone market
A recent report from Frost & Sullivan estimates that in 2010 nearly 1.3 billion mobile phones will ship globally, and 250 million of them will be smart phones.
2009
1.2
billi
on
1.3
billi
on
190
mill
ion
250
mill
ion
20092010YEAR
2010
Total Mobiles ShippedSmart Phones
GLOBAL TRACKER
10 21 DECEMBER 2009 thectoforum.comCTOFORUM
A Q U E S T I O N O F AN SWE RS J E RE MY CO O PE R
Cloud Computing: Jeremy Cooper, Vice President, Marketing, Asia Pacific & Japan, Salesforce.com talks about the paradigm shift in modern era computing practices.
11thectoforum.com 21 DECEMBER 2009CTOFORUM
J E RE MY CO O PE R A Q U E S T I O N O F AN SWE RS
In an exclusive conversation with Gyana Ranjan Swain, Salesforce.com's Regional Marketing VP (APJ) Jeremy Cooper talks about the technological advancements and market potential of cloud computing. Excerpts:
How do you see the cloud computing as a trend? How
is the market shaping here?Cloud computing is an emerging trend, and the picture here is very satisfying. We are finding that many Indian companies are taking a lot of interest in this model. It is enabling a new class of entrepreneurs since one doesn't need to build offices, distri-bution centres, data centres or really infrastructure of any kind - every-
thing is managed in the cloud. Also, the current economic downturn has compelled many an enterprises to think about cloud. As you say that necessity is the mother of invention, the necessity of reducing Capex as well Opex has forced enterprises to think beyond conventional means. The potential in India is huge. There are more than eight million SMBs. And if I refer to a Springboard report, then the mar-
ket size could touch $260 million by 2011 that is in just two years. Still, I would say, that is just the beginning.
Can you tell us about some important global trends?
Compared to India, trends and adop-tion practices are more matured in the developed markets like the US and the EU. But still, I would say, seeing the potential of cloud com-puting, even the developed markets
JEREMY COOPER | SALESFORCE.COM
“In terms of cloud adoption, even the developed markets are at adolescent stage”
12 21 DECEMBER 2009 thectoforum.comCTOFORUM
A Q U E S T I O N O F AN SWE RS J E RE MY CO O PE R
are at an adolescent stage, if not at infancy. However, the adoption rate in APAC is very encouraging. Some markets are moving faster than the developed countries.
In India, which industry ver-ticals are more proactive in
cloud adoption and why?Cloud computing is a different kind of solution, and it is really very difficult to say which verti-cals are more pro-cloud. Because whichever industry intends to lower its expenditure, without compromising with quality would go for cloud. In India, we have seen tech cautious companies embracing cloud with open arms. However, in general, manufactur-ing, pharma, healthcare and edu-cation sectors are adopting cloud faster than other verticals.
What are the services that your customers mainly
select?We have more than 1,35,000 cus-tomised applications for various requirements and all applications have their own demand, but the most selling product has been our CRM application. More than 50,000 enterprises and 1.5 million subscrib-ers are using Salesforce CRM. That is the most on-demand application across industry verticals.
What are some of the new developments at this front?
Cloud computing is a general con-cept that includes many things. In the case of Salesforce.com, we see cloud computing encompassing both Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS), through Internet. The PaaS ecosys-tem is growing faster than others except SaaS. Our Force.com provides a platform from where developers can build and deliver any application, all with-out buying or maintaining any infra-structure. These applications are accessed from a web browser, while
Any example where govern-ment agencies took up your
solutions? About India?Many government agencies in the US, more prominently in San Fran-cisco, Singapore and Australia are using cloud computing and other cloud solutions for the last few years.Here, we are actively in discussions with the government agencies, creating awareness, showing them various case studies of governmental deployments elsewhere for require-ments that matches India. Though, the discussions are at various level, I would say, it has been very satisfying till date.
the software and data are stored on our servers. The Force.com PaaS pro-vides the necessary building blocks to make cloud computing real time for enterprises.
How do you see govern-ment look at the cloud com-
puting? What could the potential bottlenecks?Though the response of Govern-ment agencies in India is not very satisfying until now, but they have started thinking about cloud seri-ously. And any government has justified reasons to be apprehen-sive about a new technology as they have to think about the whole nation before taking a decision. Awareness level about cloud in gov-ernment departments are compara-tively low which is another factor of slow adoption.
Trust The next two
years would see
surge in cloud
adoption.
Target To incorporate
government
stakeholders in
the value chain.
Achievement More than
135,000
customised
applications
on cloud are
available with
Salesforce.com.
THINGS I BELIEVE IN
“Though the response of Government agencies in India is not very satisfying as of now, but they have started thinking about cloud seriously”
12 21 DECEMBER 2009 thectoforum.comCTOFORUM
13thectoforum.com 21 DECEMBER 2009CTOFORUM
TECHCRAP
Are you ESN ready? If not, get back to the drawing board and chalk out an enterprise wide strategy to reap the benefits of the fast growing social media.
I AM OFTEN intrigued by the way everybody today is talking about how social media tools should be used by those other than for whom the likes of LinkedIn, Facebook and Twitter had originally been created for. However, I have never been able to fathom how these could change the business para-digm, the way majority of the analysts and experts have been projecting.
According to Forrester, enterprise spending on Web 2.0 technologies is going to increase dramatically over the next five years. This increase will include more spending on social net-working tools, mashups, and RSS, with the end result being a global enterprise market of $4.6 billion by the year 2013.
So where would this revenue come from? Do these social networking sites have enough enterprise-grade social software to drive a large scale adoption? Are enterprises ready for this cultural-cum-generational shift in human-to-human communication without compromising their security?
While the answer to these questions might be yes, most of the CIOs and CXOs whom I have spoken to on the benefits of using Enterprise Social Networking (ESN) tools, have not been able to quite justify, leave alone quan-
The answer, I firmly believe, lies in the ability of the CIOs to list specific goals and objectives that their organisations can achieve using these tools. Equally important is the fact that an organisa-tion should have a matrix to measure these achievements.
In fact, while evaluating various enterprise-grade social software CIOs need to make sure that the social media tools should improve organisa-tion's productivity. It is also imperative to have in place solutions that can help an enterprise monitor public conversa-tions, its sentiment and tonality.
Having proper measurement tools also means that the organisation is able to identify and analyse events and their outcomes. Further, CIOs should look at integrating the data with the enterprise wide Business Intelligence and Business Analytics software to capitalise on the information better.
However, all this requires a clear organisation wide strategy or a social media optimisation (SMO) roadmap. Experts suggest that like SEO, the SMO should also be in sync with pro-cesses and best practices of the organi-sation. The SMO should also be part of the CIOs’ 2010 resolution, particularly if ESN is one of the big bang things planned for the year ahead..
tify the benefits. Most of them were, however, unanimous in their belief that these tools for interaction, collabo-ration and content sharing can be a powerful way to disseminate informa-tion and connect with all stakeholders.
But ask them about the return on investment (RoI), and you hit a wall!
I quite agree with the argument made by Stephen Baker in his article "Beware Social Media Snake Oil" in Business Week that the hype around social networks—Wikis, and blogs for business—neglects the potential risks and time wasted. Baker also raises an important question that all proponents of ‘social media for enterprise’ need to answer: What's the business value of using ESN?
Baker warns of the ensuing risks. Employees encouraged to tap social networking sites can fritter away hours, or worse, spill company secrets or harm corporate relation-ships by denigrating partners, irre-spective of the fact that whether its intentional or incidental.
Morten Hansenin in his Harvard Business Review blog raises another bigger issue—managers and organi-sations are often not aware about the challenges that they are trying to address using the social media tools.
THE AUTHOR IS the Executive Director and Founder Editor of
iGovernment.in, Editor of IT Next and Consulting Editor of CTO
Forum. You can reach him at [email protected]
Before evaluating enterprise-grade social software, CIOs need to list down specific goals and objectives that their organisa-tions aspire to achieve using these tools
SHUBHENDU PARTH [email protected]
14 21 DECEMBER 2009 thectoforum.comCTOFORUM
BEST OF
BREED
Last week I attended Gartner's annual Data Centre Conference in Las Vegas. It was a four-days affair packed with pre-sentations on cloud computing, IT opera-tions, virtualisation and more.
Surprisingly, a number of sessions directly were cen-tred on fabric computing -- including "The Future of
Emergence of Fabric Computing Fabric computing might just be the next big thing after operating system (OS) virtualisation. BY KEN OESTREICH
PH
OT
O B
Y P
HO
TO
S.C
OM
Ken Oestreich is VP of Product Marketking with Egenera.
ABOUT AUTHOR
Server Platforms" by Andy Butler, "Blade Servers and Fabrics" by Jeff Hewitt, and "Integrated Infrastructure Strengths and Challenges" by Raymond Paquet, Philip Dawson, Cameron Haight and Stanley Zaffos.
All of these presentations were substantive analy-ses of what fabric computing was, but very little information was presented on why they were impor-
WILL BE THE GLOBAL RISE IN SERVER SALES IN 2011 AS OPPOSED TO THE SLUG-GISH GROWTH IN 2010
2.9%DATA BRIEFING
15thectoforum.com 21 DECEMBER 2009CTOFORUM
FA B R I C COM PU T I N G B E S T O F BR E E D
tant. In fact, fabric computing might just be the next big thing after operating system (OS) virtualisation.Think of it this way: fabric computing is the creating components and abstraction of infrastructure such as CPU, memory, network and storage. These components can then be logically re-configured as needed. Fabric computing is similar to how OS virtu-alisation creates components and abstracts OS and application software stacks.
However, the focus of most fabric related vendors is still centred on the most funda-mental level of fabric computing, which is simply virtualising I/O and using a con-verged network. This is the same initial level of sophistication where the industry believed that OS visualisation was only about a hypervisor. Rather, we need to take a long-term view of fabric computing and bring about value by manipulating the infra-structure in the same way we manipulate virtual machines (VM). A number of heady
thinkers supporting the concept of Infra-structure 2.0 are already beginning to crack some of these revolutionary issues.
Enter: Fabric as an enablerIf we think of fabric computing as abstraction and orchestration of IT com-ponents, then there is a logical progres-sion of what gets abstracted, and what services can be constructed: Virtualising I/O and convergingthe transport
This is just the first step, not the destina-tion. Virtualising I/O means no more Network Interface Card (NIC) and Host Bus Adapters (HBA) on the server; rather, the I/O presents itself any number of configurable devices or ports. Transport can be Ethernet, Fibre Channel over Eth-ernet (FCoE), Infiniband, or others. In this manner, the network connectivity of the physical server can be simplified and changed instantaneously.
Virtual networkingThe next step is to define in software the converged network, its switching and net-work devices such as load balancers. The result is a wire-once physical network topol-ogy, but with an infinitely reconfigurable logical topology. This permits physically flat-ter networks. Provisioning of the network, VLANs and IP load balancing can be simpli-fied and accomplished via software as well. Unified (or Converged) Computing
Now that we can manipulate the server's I/O state and its network connections, we can create software-based profiles of complete server configurations -- literally defining the server, its I/O, networking, storage con-nections, and even what software boots on it. (Software being either a virtual host, or a traditional native OS). Having defined the entire server profile in software, we can even define the entire environment's profile.
Defining servers and environments in software allows us to provide: 1) high avail-ability - With a hardware failure, we can simply re-provision a server configuration to another server in seconds. 2) disaster recovery - we can re-constitute an environ-ment of server profiles, including all of their networking, ports, addresses, even if that environment hosts VMs and native OSs. Unified Management
To achieve the ultimate in an agile IT envi-ronment, there's one remaining step: to orchestrate the management of infrastruc-ture with the management of workloads. I think of this as an ideal Infrastructure-as-a-Service – a physical infrastructure that adapts to the needs of workloads, scaling up or out as conditions warrant, and providing workload-agnostic HA and DR. From an IT agility perspective, we would now be able to abstract nearly all components of a modern datacentre, and logically combine them on-the-fly as business demands require.
Getting back to the Gartner conference, I now realise one very big missing link. While Gartner has been promoting their Real-Time Infrastructure (RTI) model for some time, they have yet to link it to the coming revolution that will be enabled by fabric computing. Maybe we'll see some clue emerging on this next year.
The next step is to define in software the converged network, its switching and network devices such as load balancers. The result is a wire-once physical network topology, but with an infinitely reconfigurable logical topology. This permits physically flatter networks.
FABRIC AS AN ENABLERENTER:
Virtualised I/O & Converged
"Fabric"
Technology Software defined I/O Converged transport
Technology Virtual switching Virtual load balancing
Technology Full system provisioning(High Availability
Environment provisioning (Dissaster Recovery)
Technology Infrastructure mgmt synched w/software & VM management
Virtual Networking
Unified Computing
Unified Management
(IaaS)
Source: Ken Oestreich
COVE R S TORY X X X X X X X X X X
16 21 DECEMBER 2009 thectoforum.comCTOFORUM
Undaunted by the adversities and global
apprehensions, a large number of Indian CIOs
are CREATING INTERNAL EFFICIENCIES
and some remarkable innovations.
16 21 DECEMBER 2009 thectoforum.comCTOFORUM
X X X X X X X X X X COVE R S TORY
17thectoforum.com 21 DECEMBER 2009CTOFORUM 17thectoforum.com 21 DECEMBER 2009CTOFORUM
IF YOU happen to represent a company or an enterprise then there are high chances that you might have come across a certain 'breed' called CIO. What does he do? How do you define his role? Does he just lead the 'IT' shop? Or, does he do anything else too?
Yes, he is involved not just in laying out the IT infrastructure or its various aspects in the organisation, he is also actively involved in outlining business strategies and planning, administration and operations, procurement, finance and even human resource activities.
The stature of the mighty CIO is growing day by day, and so is his responsibilities and remunerations. Now he reports directly to the CEO, and is being inducted into the core management team. He is being taken seriously not only in businesses related to IT, but also in the overall business process of the company.
To get a clear picture, recently, we did a survey involving the CIOs or the IT heads of various companies. Nearly 200 CIOs were asked 15 pertinent questions. The response was mesmerising. The old joke in the IT circles that CIO stands for 'Career Is Over' is passé. Rather, the CIO today stands tall among the company's executive management team. As high as 78 percent CIOs are now a part of the core team, and they do not think that their career is over as 57 percent of the respondents have already spent more than four years in their role and happily continuing.
What does it suggest? The induction of the CIOs in the decision making body which makes them feel more important than what they were portrayed earlier, has helped not just the individuals involved but also the business involved. Making the CIOs a part of the core team boosted their morale who in turn started actively involving themselves in other activities of the company. The next pages give you more details about the growing stature of the mighty CIO.
By Gyana Ranjan Swain & Sana Khan
SURVEY METHODOLOGYCTO Forum’s first annual “State of the Indian CIO” survey was administered from 7 Dec ’09 through 17 Dec ’09. We selected only CIOs and IT decision-makers from our database and invited them to take the survey. The survey consisted of 15 questions. We did not select the respondents on the basis of company revenue, locations or the size of the IT organisation. We got nearly 200 responses during the aforesaid period. The survey results were tabulated on the basis of responses from the CIOs and the same is graphically represented here. In some cases the percentages may not add to 100 due to rounding.
SURVEY18 | From backroom to boardroom19 | IT investment-business’s call20 | Cost centre syndrome21 | Barriers to effectiveness22 | Customer satisfaction23 | Budget blues24 | Top priorities25 | What gets CIO’s time
COLUMN26 | Ajay Dhir28 | Tamal Chakravorty29 | Laxman Badiga30 | VVR Babu31 | Rajesh Uppal
INTERVIEW32 | Dr. Jai Menon
I N S I D E
S TAT E O F T H E I N D I A N C I O SU RVE Y COVE R S TORY
“BEING PART OF THE TOP MANAGEMENT GIVES A HOLISTIC VIEW OF THE ORGANISATION and as CIO you can align IT with business as you tend to get a better perspective of the organisation’s needs and priorities.”VIJAY SETHICIO, Hero Honda Motors
FROM BACKROOM TOFROM BACKROOM TOFROM BACKROOM TO
BOARDROOM From the days when CIOs were considered as mere keepers of MIS, they have come a long way. Today a majority of them are not only reporting in to the CEOs but also are part of the company’s executive management team.
Out of 200 respondents, 38% SAY THEY BEAR A ‘CIO’ DESIGNATION FOLLOWED by 27% as VP/Sr. VP IT. A small number, 17%, are still called as Head-IT.
78%respondents say they are part of their company’s Executive Management team.
Chief Executive Officer Chief Financial Officer Chief Operating Officer Others
REPORTING STRUCTURE
41%
16%
16%
27%
Who do you report to?
A growing number of CIOs, i.e. 41%, are reporting to their respective CEOs.
18 21 DECEMBER 2009 thectoforum.comCTOFORUM
COVE R S TORY S TAT E O F T H E I N D I A N C I O SU RVE Y
“Having no high-level committee to review IT investments makes the CIO’s office the single point of accountability.
THE FLIP SIDE TO IT IS THAT THE CIO
BEARS THE BRUNT IN CASE OF A WRONG
DECISION”ARUN GUPTA
Group CIO K Raheja Corp.
IT INVESTMENT – BUSINESS’S CALLGone are the days when IT investment decisions were made in silos and the CIO had to fight for required budgets with the CFO. Today the IT investment decisions are the responsibility of either a top level executive committee comprising the company’s top management (including CIO) or there is a cross-functional IT steering committee within the company to take the call.
58% CIOs SAY THERE IS A TOP LEVEL EXECUTIVE COMMITTEE which reviews/governs IT investment decisions in their companies.
of IT decision makers are now
involved in setting technology investment
priorities, strategic planning and
investment goals.
Is there a high-level group in your organisation that reviews/governs IT investment decisions?
21% of survey respondents reveal there is still no top level team governing IT decisions.
Top level executive committee
A cross-functional IT steering committee
An ad hoc group
No
58%
19%
2%
21%
19thectoforum.com 21 DECEMBER 2009CTOFORUM
S TAT E O F T H E I N D I A N C I O SU RVE Y COVE R S TORY
37%
COVE R S TORY X X X X X X X X X X
20 21 DECEMBER 2009 thectoforum.comCTOFORUM
42%
21%
37%
“In the near future, IT WILL BE A KEY ELEMENT WHICH WILL GIVE ORGANISATIONS THE REQUIRED PRODUCT DIFFERENTIATION and competitive edge. Hence IT should be viewed as an investment and not as a cost centre”SATISH PENDSECIO, Hindustan Construction Company
SYNDROMESYNDROMECOST CENTRE
“Old habits die hard.” Even after reaping extraordinary benefits from IT deployment across organisations and automating the processes, most enterprises think IT is still a cost centre. Although the mindset seems to be fast changing, a majority of CIOs say their organisations are not ready to change the stance as of now.
Slightly less than half, 42%, OF THE RESPONDENTS SAY IT IS CONSIDERED as a cost centre in their organisation.
21%respondents do not really know whether IT is a cost centre in their organisation or not.
Is IT still considered a cost centre in your company?
Since IT is a cost centre, a large portion of CIOs, 32%, are still busy configuring and managing systems in the production environments.
20 21 DECEMBER 2009 thectoforum.comCTOFORUM
Yes
No
May be
COVE R S TORY S TAT E O F T H E I N D I A N C I O SU RVE Y
X X X X X X X X X X COVE R S TORY
21thectoforum.com 21 DECEMBER 2009CTOFORUM 21thectoforum.com 21 DECEMBER 2009CTOFORUM
What else makes it to the list?
CHANDAN SINHA CIO, GHCL
BARRIERSTO CIO’s OFFICE’SEFFECTIVENESSEven if the office of the CIO has earned dignity and due respect, it is still not free from hassles. Some of these problems come as natural constraints while others as organisational pressures. Amidst all this a CIO has to give his 100 percent or probably more. In their quest to become effective leaders, CIOs have to roll up their sleeves and overcome the operational constraints, if not the natural ones.
26% CIOs THINK THAT INADEQUATE IT BUDGETS and proving the value of IT internally are the biggest barriers to the effectiveness of the CIO’s office.
CIOs say they have a disconnect with
other C-level peers in the company
“Vendors make tall promises on support,
but these are seldom met after the implementation
is completed. POOR VENDOR SUPPORT
PUTS CIOS IN A TIGHT SPOT as they have
already marketed the product internally with
high expectations.”
Aligning IT with business goals
Ineffective communication with users/unrealistic user demands
Shortage of time for strategic thinking and planning
Lack of required skills among the staffers
Pace of technology change/refresh
Poor vendor support and diminishing service levels
Disconnect with the top level executives in the company
S TAT E O F T H E I N D I A N C I O SU RVE Y COVE R S TORY
5%OnlyUPSIDE
COVE R S TORY X X X X X X X X X X
22 21 DECEMBER 2009 thectoforum.comCTOFORUM
“MEASURING CUSTOMER SATISFACTION WITH IT SERVICES IS AN INTEGRAL PART OF THE CIO’S ROLE. I have personally tried to do it, but have not succeeded so far. The reason is that standard methods available are not satisfactory”S N ROYVP-IT, Murugappa Group
CUSTOMER SATISFACTIONCUSTOMER SATISFACTIONCUSTOMER SATISFACTIONCUSTOMER SATISFACTIONCUSTOMER SATISFACTIONCUSTOMER SATISFACTIONTHE TOPMOST KRAMeasuring customer satisfaction – both internal and external – is an area which often remains neglected while measuring success or failure of IT in enterprise organisations. Our survey reveals that even today more CIOs are focused on measuring customer satisfaction internally. However, there is a growing proportion of CIOs who are now focusing on both external and internal customers of IT.
31% CIOs SAY THEY REGULARLY MEASURE CUSTOMER SATISFACTION with both internal and external customers.
12%CIOs say they have no way of measuring customer satisfaction with IT services.
Does your IT organisation regularly measure customer satisfaction with IT services?
COVE R S TORY S TAT E O F T H E I N D I A N C I O SU RVE Y
22 21 DECEMBER 2009 thectoforum.comCTOFORUM
12%
56%31%
1%
Yes, internally – internal employees Yes, externally – customers and partners Yes, both internally and externally No
X X X X X X X X X X COVE R S TORY
23thectoforum.com 21 DECEMBER 2009CTOFORUM
BUDGET BLUESFIGHTING FORDuring the past few years, IT budgets have been the most talked about aspect of a CIO’s life. The economic catastrophe has not only made every CIO spend money prudently but also has made it tough to get fresh sanctions. As things look up, a huge number of CIOs say they are expecting the budgets to increase as against a moderate number who saw increase in IT budgets for the year 2009.
A whopping 69% CIOs SAY THEY EXPECT THE IT BUDGETS to go up in the year 2010, which means the economy is looking up and businesses are ready to spend more on IT.
of survey respondents say
they had a lower IT budget in the year
2009-10.
How long have you been in your
current job? Compared to FY 2009-10, FY 2010-11 will see a sharp rise in enterprise IT budgets, say the survey respondents
15% of CIOs say that they take part in formulating company's business strategies.
S TAT E O F T H E I N D I A N C I O SU RVE Y COVE R S TORY
23thectoforum.com 21 DECEMBER 2009CTOFORUM
THE RIGHT
2010-11 2009-10
Increase Decrease Remain the same
69%
51%
6%
25% 25% 24%
Less than 1 year 1-2 years 2-4 years 4 years and more
57%
15%
25%
3%
25%
COVE R S TORY X X X X X X X X X X
24 21 DECEMBER 2009 thectoforum.comCTOFORUM
“OURCOMPANY IS NOT FULLY OUT OF RECESSION, hence bringing down costs is still high on the agenda. At the same time it is essential to ensure that marketing campaigns strike the right chord with the customers for which robust business analytics is important” MANI MULKIExecutive VP, Corporate IT, Godrej Industries Limited
TOP IT/BUSINESSTOP IT/BUSINESSTOP IT/BUSINESSTOP IT/BUSINESSTOP IT/BUSINESSTOP IT/BUSINESSPRIORITIESA few years ago supply chain, knowledge management and project management and staff development were some of the key words surrounding CIOs. Today CIOs have started putting more emphasis on strategic planning, IT-business alignment, and innovation. It not only shows the maturity in their role but also underlines the fact that a CIO is a strategic leader than just an IT head.
19% CIOs SAY THAT STRATEGIC PLANNING AND ALIGNING IT with organisational goals will be their top priority in 2010.
UPSIDE: ‘Information security and privacy measures’ is going to be one of the top four priorities of CIOs going forward.
CIOs' other top priorities for 2010 in order of maximum preference
Integrating systems and processes
Implementing new technologies and innovation
Implementing security and privacy measures
Lowering costs
External customer relationship management
Knowledge management
Optimising IT Supply Chain
Project management improvements
Staff development and retention
24 21 DECEMBER 2009 thectoforum.comCTOFORUM
COVE R S TORY S TAT E O F T H E I N D I A N C I O SU RVE Y
X X X X X X X X X X COVE R S TORY
25thectoforum.com 21 DECEMBER 2009CTOFORUM 25thectoforum.com 21 DECEMBER 2009CTOFORUM
WHAT GETS CIOs MAXIMUM TIME?A few years ago, CIOs spent most of their time fire fighting with vendors and service providers and did not get much time to know the aspirations of the business executives. They also did not have time for the team members and their grooming. Today the scenario has changed. CIOs are looked upon as visionaries. They able to devote more time with business executives and staffers.
Close to half (47%) CIOs SAY THAT DEALING WITH BUSINESS EXECUTIVES takes most of their time.
CIOs say that IT staff and team
building takes most of their time.
In your current role as CIO, which activity takes most of your time?
“Spending quality time with business
executives at all levels across the
organisation helps in appreciation of mutual
ideas, CONCERNS AND LIMITATIONS AND ALSO SERVES
AS A FEEDBACK MECHANISM for
assessment of quality of service”
ANAND PUNDLIKDirector, Information Services,
Wyeth Limited
9%
23%
21%
47% Dealing with business executives IT staff & team building Dealing with partners & vendors External partner & customers
S TAT E O F T H E I N D I A N C I O SU RVE Y COVE R S TORY
21%
26 21 DECEMBER 2009 thectoforum.comCTOFORUM
THERE HAS been a lot of debate in recent times about the role of the CIO in an organisation, especially in today’s turbulent and challenging times. Ranging from the ‘I’ in CIO, whether it signifies ‘Innovation’, ‘Information’ or ‘Irritation’, to the ‘Board Readiness’ of the CIO, or whether the relationship between the CEO, CFO and CIO is one of ‘conflict’ or ‘partnership’ ?
If you see over the last 30 years or so, many of the early entrants in the IT industry were either from engineering or science back-ground, and were responsible for their in-house IT systems. Most of the work used to be manual and over a period of time, these sys-tems were ‘computerised’ or simply automated to reduce manual work.
Consequently, the systems administrator was a person, who was more of a technocrat than a business manager, and very often this role was reporting to the finance or operations head, depending on the structure of the organisation and the way computerisation was being perceived by the management. Very often, this resulted in a skew whereas the automation efforts were focused on the com-mercial functions. This has done so much damage that today, many
CEOs and senior management look at IT with a skeptical eye.Today’s CIO is expected to be a business savvy leader, coupled with his expertise in technology and excellent people manage-
ment skills. Just being part of the ‘C’ suite does not get him acceptability in the organisation. He is expected to understand
business, know the language of business and speak the same with his peers. The CIO of today must understand
technology, but more importantly, understand how this technology has to be aligned with the business needs of the organisation.
Speaking of IT-business alignment, what does management expect from the CIO? In today’s chal-lenging times, mere automation or integration does not endear the CIO to the stakeholders or the board. Most importantly, he is expected to deliver value to
the business by deploying technology in a strategic manner.
The value cannot be mere cost reduction, it has to extend across the entire value chain
of the organisation, viz streamlining internal processes, restructuring oper-
In order to bring the business value through IT, it is important for a CIO to build alliances with his peers and key stakeholders BY AJAY DHIR, GROUP CIO, JSW LIMITED
SO, YOU WANT TO BEA SALESMAN?
COVE R S TORY S TAT E O F T H E I N D I A N C I O SU RVE Y
27thectoforum.com 21 DECEMBER 2009CTOFORUM
ations, innovative ideas to make the busi-ness more agile and responsive, integration of the partner ecosystem such as suppliers, customers, service providers etc. with the IT systems of the organisation, permeation of systems across all layers, integration of manufacturing systems with ERP etc are all examples of innovation and how the CIO can bring value to the organisation.
A point not to be missed is the aspect of information security and managing risk and compliance. These are two very important areas where organisations are facing chal-lenges due to regulatory pressure and mini-mising risk to the business due to IT. The CIO can play an exemplary role in deliver-ing value to the business by focusing on the ‘C I A’ triad, i.e., ‘confidentiality, integrity and availability, and creating a risk assured IT landscape for the organisation.
As we have seen till now, the role of the CIO has now transformed to a value creator and an innovator, rather than being a mere ‘techie’ in the organisation. The message for CIOs is to be as innovative as they can, and if that is a challenge, then at least create and foster an environment that supports innova-tion, collaboration and direct alignment to the business.
How CIOs should think about business value - Creating Value for the Enterprise :
Many organisations cannot get a true fix on the value that IT adds to the businesses it serves – defining, measuring and maximis-ing that value remains elusive. Needless to say, CIOs who are successful in this endeav-or, broaden their scope of action beyond the technical sphere and traditional IT levers.
If we have to look at IT generated Value, the core business priorities for an organisa-tion will be –
Operational excellence Security and risk assurance Investment protection Operational Planning Innovation Transformation
The business value from IT is of an eco-nomic and strategic nature, it has different facets depending on business priorities. The metrics of measuring IT value vary in accordance with business context, prime driver being that business units own the IT projects and the value created.
Application of these thoughts and concepts in JSL : The steel industry has seen tremendous pressure since the last couple of years, and we have seen a lot of contraction in the eco system. As an organisation, we have always been circumspect in our investments and spending pattern, and have a robust frame-work for corporate and IT governance in place. Some of the very interesting examples where IT has delivered significant value to the organisation are :
1Partner ecosystem We have a well defined partner ecosys-
tem which operates on integrity, trust and mutual respect. A very close alignment of the partners with our organisational vision and IT roadmap ensures a healthy and equi-table relationship for both. Our cost conser-vation efforts resulted in almost 28 percent reduction in operational expenditure over the last two years.
2Innovation We used open source tools for our net-
work monitoring system across the entire organisation. Since last four years, we had been on the lookout but the tools available were proprietary and expensive to own and sustain. This acted as a great motiva-tor for the team and they were gainfully occupied during this tough time. In addi-tion to that, we save money for the organi-sation as the investment was miniscule, compared to the gains.
Another interesting deployment was on the front of security, where we moved our
pattern update to the cloud. The savings in time and effort was around 80 percent.
3Transformation By actively investing in HMI (Human
Machine Interface), we have brought a competitive edge to our organisation. Our efforts in implementation of bar coding at the shop floor, use of RF/ biometric sys-tems for attendance recording, interface of SCADA with SAP in our manufacturing, etc., have all given a technology push to the organisation.
4Collaboration and knowledge management
We have facilitated collaboration and knowl-edge management in JSL by deploying our corporate Intranet ‘JConnect’, which has been developed in house and is maintained by the team from IT and HR. We have our e-library called our knowledge centre, which is linked with this portal and information stored and available online is a real treasure.
5Security and governance We have defined our IT vision and road-
map for a three-year period and have pub-lished it across the organisation. In addition to this, our internal team has created the IT Policy for JSL and its group entities and this is being deployed in a systematic manner to create a risk assured landscape.
Thus, it is clearly visible how the CIO and his team can be a value creator for the organisation, and the role goes much more beyond mere cost cutting and technology deployment.
“The CIO can play an exemplary role in delivering value to the business BY FOCUSING ON THE ‘CIA’ TRIAD, - ‘CONFIDENTIALITY, INTEGRITY AND AVAILABILITY”
S TAT E O F T H E I N D I A N C I O SU RVE Y COVE R S TORY
PH
OT
OS
BY
JIT
EN
GA
ND
HI
IMA
GIN
G B
Y A
NIL
T
28 21 DECEMBER 2009 thectoforum.comCTOFORUM
CIOs IN INDIA can be identified by the way they speak about their key objectives or KRAs. If I hear a CIO talking about per head IT cost reduction, I know he has an operational approach and spends time in keeping the works on at low-est possible cost. There are others who are customer-focused, for example, an airlines CIO whose main job is to reach out to his customers through Internet or any other means. Then there is another kind who is more involved in synergising business pro-cess and IT.
These three types are not necessarily an evolutionary path, it is just how their busi-ness works and expects of IT, which drives the CIO behaviour. Most of my time is spent on operational IT services to deliver services efficiently. I spend about 40 per-cent of my time on operations, 20 percent working with non-IT colleagues, 15 percent working on M&A strate-
gies , 10 percent on new initiatives and about 15 percent in redefining business processes. Ide-ally, CIOs need to allocate 15 percent of their time on operations and over 50 per-cent for business interactions and business process refinement.
So, is there a structure to deliver IT with-out CIO intervention?
I have used concepts of sales and supply chain management to implement a seamless
IT delivery organisation through a model I would call consultative
IT. To make IT delivery seam-less, building a ‘demand to delivery’ structure with a busi-ness wrapper, is key.
There is a need to build an advisory
function whose job is to sit in
the specific business units, who can act as the first hand conduit to the business units for their IT requirements. The advisory can then pass on requirements around new applications, changes or infrastructure to the build-up team, who then build the solu-tion and pass it to service management.
The advisor is a smart alec with good negotiation skills. The build-up guy executes as per plan and gets a toll-gate decision to move to production once the business user accepts the solution. These people can be brought closer to the business units at HQ, and by nature they are technical freaks and architects. The job of the delivery or service management person is to ensure what worked yesterday works today.
My service management team has system managers whose job is to look at the whole system (application + infrastructure) on a higher level aided by system performance managers (SPM) whose job is to review agreed performance matrix to actual perfor-mance, monthly. The skill sets of these two guys are vastly different as one of them is customer facing, while the other is vendor facing. The last link to the business process team is the account manager, an IT person who works closely with the markets where actual deliveries and usage is happening closer to the market. Example could be an R&D IT responsible. If I look at this entire spectrum of people and their skill sets there is a little chance that there will be an over-flow to my desk, and if it is, it will be to the tune of 10-15 percent and not more.
We need to spend more time with business leaders; move beyond operationsBY TAMAL CHAKRAVORTY, CIO, ERICSSON INDIAIT WILL FOLLOW
THINKBUSINESS
“I have used CONCEPTS OF SALES AND SUPPLY CHAIN MANAGEMENT to implement a seamless IT delivery organisation”
CIO
IT
Demand Delivery
Business unit owner
Advisory Build DeliverMonitor/Acct Mgt.
Business Process owner
COVE R S TORY S TAT E O F T H E I N D I A N C I O SU RVE Y
29thectoforum.com 21 DECEMBER 2009CTOFORUM
The processes that have been put during the downturn to increase business productivity and efficiency will stay in the future as wellBY LAXMAN K BADIGA, CORPORATE VICE PRESIDENT AND CIO, WIPRO TECHNOLOGIES
CIO AND COST cutting in the current downturn: I do not think that a CIO in the current downturn should justify his role as a relentless cost cutter. According to me, a CIO should be an enabler and efficiency generator. They should bring in more efficiency in every aspect of the business. This may at times lead to cost cutting. For enabling and creat-ing efficiency, the CIO must have a sound knowledge of the business. This will help to get a buy-in for initiatives from the other business units in the company.
Focus on all business aspects: The other key factor for a CIO is the need to become data oriented. For example, a CIO can go to a business head of other function within the company and discuss certain issues that are detrimental to business and how they can be resolved. This will help the business head to understand the CIO in a better way rather than looking at him as someone who wants to cut costs etc. The CIO also has to ensure that new solution offered makes life easy for the users than before.
Will cost-cutting continue post downturn? Whatever efficiencies or processes that have been put during the downturn to make business become more productive will not go away. We have been reading that despite growth posted by many com-panies, the numbers of jobs being added
are lesser. This is due to the efficiency built in the systems.
For example, let's say that we create a mechanism for self service. Previously, we had a lot of manpower to support various functions. Now, with a site or portal being created, employees can get their queries answered or resolved by using the self ser-vice mechanism. This reduces the number of people by at least 50 percent. Companies have done this as a part of cost control and efficiency. Now, when the growth returns, would anyone go back to hiring more peo-ple and discard the self service portal? The answer is no because the efficiency created can never go out.
My contribution over the past couple of years to increase efficiency and curtail costs: Earlier when buying servers, we used to carry requisition of the serv-ers, do the procurement and finally get them after six long weeks. Today, by provisioning and consolidating in
a virtual environment,we can get the same kind of efficiency in maximum one to two hours. So we have saved costs and also addressed the demands of the end user.
The second example is on transportation. We have used new software to optimise people utilisation that has helped us reduce our transport costs by 40 percent.
Third is more in terms of energy savings and the green initiatives. We deployed a back-end utility tool that scans computers when not in use and puts them in hibernat-ed mode and reduces power consumption. All these initiatives were aimed at cost cut-ting, but now will stay as a regular process.
Look at innovative technologies to create efficiency: Collaboration, video conferenc-ing and tele-presence are essential technolo-gies to save costs and increase employee efficiency and productivity. We want to con-tinue using these tools and make it more flexible and adaptable to our end-user. The other area is the creation of private clouds to increase the efficiency of the various busi-ness applications and enable business.
ECONOMY
CLASS
“COLLABORATION, AND TELE-
PRESENCE are essential technologies to save costs and increase employee efficiency and
productivity”
S TAT E O F T H E I N D I A N C I O SU RVE Y COVE R S TORY
30 21 DECEMBER 2009 thectoforum.comCTOFORUM
THE ROLE of the erst-while MIS manager has today expanded and transitioned into that of the CIO or Chief Information Manager. The CIO is entrusted with managing the information assets of the company and not IT assets alone. This enhanced role entails that the CIO is responsible not only for keeping technology ticking, but also proactively charting out and implementing IT strate-gies through which IT can be used to differentiate the company in the market-place. Hence, alignment of IT with busi-ness strategy will become key to driving business growth.
The CIO needs to not only be adept at managing IT operations and delivering IT solutions, but also focus and direct his attention towards enabling growth, and innovate using business transforming infor-mation technology solutions.
To achieve this, the CIO needs to work very closely with business users to chalk out a business process transformation roadmap and integrate IT into the business opera-tions. In line with this strategy, many pro-gressive CIOs are partnering with business and taking accountability to realise ROI benefits from the IT investments.
So how can a CIO transition to be a value creator in today’s environment? In most of the organisations, CIOs would have already put in place a robust base foundation IT platform comprising of –
1IT infrastructure : Enterprise-wide VPNs to connect operating locations,
strong IT security policies, secure enterprise mail messaging, network and security mon-itoring, high-availability centralised servers and data centres (either own or third- party) will enable business users to tap into IT ser-vices on demand.
2Enterprise IT solutions : Best business-fit transaction processing backbones
such as SAP ERP, Oracle Financials, etc. to integrate, streamline and standardise busi-ness processes across the organisation.
As a next step, the CIO’s priority should be to move into a harvesting phase, where the base IT platform could be leveraged to implement innovative and business trans-forming IT solutions. These include -
1.Extension of ERPs to integrate with shop floor, sales force automation and cus-tomer relationship management tools
2.Enable effective decision making of ERP data through data warehouse and business intelligence solutions
3Help businesses attain strategic com-petitive advantages by implementing
solutions for predictive analysis, lead indica-tor analysis, etc.
4Implement optimisation and planning systems for various business functions
like Demand Planning, Supply Network Planning, Financial Planning, etc.
5Risk management : With businesses today being critically dependent on
IT systems and solutions, the CIO should ensure that processes and tools exist to identify, monitor, manage, mitigate and eliminate risks to the IT assets that are com-mensurate with the importance of the asset to the organisation.
6Extend BPO model for master data management, accounts payable, payroll
processing, loyalty management, etc.
7Free up business managers time by cre-ating business analyst teams that operate
on a KPO model to analyse specific business scenarios and generate reports that are pushed to the business managers on a need basis.
8IT for sustainability : Going beyond implementing Green IT technologies
like blade servers and virtualisation there are other IT solutions that help identify, improve, measure and manage energy and resource efficiency across business processes and departments, thereby saving costs and earn-ing carbon credits.
To measure the business impact of IT investments, CIOs can implement stan-dardised IT portfolio management tools/ frameworks like IT scorecard. These frame-works can assist the CIO accurately map the business benefits and ROI of IT systems. It is estimated that the total cost of ownership of any IT system is approximately 10 times its cost of procurement.
A value creator CIO while concentrating on deriving value for IT investments should not lose focus on optimising IT costs and continuously benchmarking the IT systems in the organisation with the business ben-efits they bring in.
BEYOND PRICEVALUE A value creator CIO while concentrating
on deriving value for IT investments should not lose focus on optimising IT costs BY VVR BABU, GROUP CIO, ITC INFOTECH
“Many progressive CIOs are
PARTNERING WITH BUSINESS
AND TAKING ACCOUNTABILITY
to realise ROI benefits from the IT
investments”
COVE R S TORY S TAT E O F T H E I N D I A N C I O SU RVE Y
31thectoforum.com 21 DECEMBER 2009CTOFORUM
FOUR YEARS ago, when the outbound logistics of Maruti-Suzuki was not in good shape, our managing direc-tor Jagdish Khattar asked me if I can handle that challenge and streamline the process. The challenge was daunting but exciting enough to give him my assent. As a result, in April 2006, I took the additional charge of company’s logistics function. The first six months were really tough. The only advantage
I had was the knowledge of processes created by the IT department. But when you handle these things as a process executive, a lot of soft issues and other unheard elements crop up. As a process owner, you are required to know these tiny business issues.
When I took up the responsibility, I started by streamlining the logistics process, followed by creating adequate capacity to increase dispatches. However, the most important decision that I took up as logistics head was to get this whole transportation function within the legal ambit.
The transportation of cars in the large, oversized carriers illegal because that size was not allowed to run on the Indian roads by the Ministry of Surface Transport. But if you transport the cars in smaller carriers, the whole economy goes for a toss. I personally created a committee within the ministry and chaired the same to do advocacy on behalf of
the entire industry. Based on the initial suggestions of the committee, the government allowed the movement of those
oversized carriers. They were considered as legal till such time government came up with the recommendations. As a result, the process of getting stopped at the interstate borders and check-posts just vanished.
From technology point of view, I recom-mended the implementation of GPS (Global Positioning System) on our entire fleet of carriers. This enabled us to not only track the vehicles. but also monitor the accidents caused due to high speeds and the negli-gence of the drivers.
Non-conventional thinkingAs a visionary CIO – a proactive thinker outside the comfort zone - you can do won-ders to streamline other parts of the busi-ness. Your expertise as a technology process owner should not merely confine to technol-ogy implementation. Those can also be used in areas such as logistics, supply-chain etc., which are purely technology-driven. There is no better person than a CIO to make it successful all along.
A CIO++ role puts you to rigorous, unfore-seen tests. It also helps you in exploring more avenues of work outside IT. Understanding the processes of user area is something that every CIO does but unless you feel the heat of the process, you will never be able to under-stand the criticality. As the owner of a process you learn how to run it as a profitable business unit. By doing so, you can be as indispensable asset to your organisation.
Learning curve realitiesHaving stabilised the required systems and setting up the right processes, my learning curve was already peaking the top. And if you are the top custodian of IT, you will see to it that with your reduced involvement, the innovation in IT suffers some setbacks. I felt the same in my organisation. Though the IT projects didn’t derail, yet there was a visible lack of progress. As a CIO, IT always remains your core function and you can’t neglect this fact.
It can be fatal if CIOs create comfort zones for themselves. There is a possibility of getting redundant in your own organisation.Having talked about my return to IT, my CIO ++ role hasn’t come to an end. There are chances that I take up yet another additional business role or a totally different role than IT within the organisation soon.
“It can be FATAL IF CIOs CREATE COMFORT ZONES FOR THEMSELVES. There is a possibility of getting redundant in your own organisation”
A firsthand account from the CIO who steered a mammoth logistic functionBY RAJESH UPPAL, CHIEF GENERAL MANAGER-IT, MARUTI-SUZUKI INDIA
FULL TIME CIO
PART TIMEFREIGHTER
S TAT E O F T H E I N D I A N C I O SU RVE Y COVE R S TORY
32 21 DECEMBER 2009 thectoforum.comCTOFORUM
Dr Jai Menon, Group CIO, Bharti Enterprises, spoke to Rahul Neel Mani on how the approach of the company has changed from effort-oriented to outcome-oriented customer service.
QThe role of customer service in any business is essential to its growth and survival. How have you managed this
role at Bharti Airtel?At Airtel, I play the role of a custodian of customer service in addi-tion to the classic CIO role. Before we look at customer service, I would like to first throw an overview on how we look at our internal and external customers.
Customer service calls for the understanding of three critical questions. The first question that arises is who are these custom-ers? The second question is what services are we offering them and finally how are these services been offered to them.
We have two large segments of customers that fall in the B2C and B2B category. In the B2C segment, we look at the consumer seg-ment that comprises urban and rural areas. We provide our services in 5,000 cities in the country and 4,00,000 villages. The consumer segment also includes homes where we offer mobile and other ser-vices like broadband and television.
On the B2B front, we have large corporate customers as well as small and medium businesses (SMBs). Now what we offer to these customers is four screens. These four screens are mobile, computer, television and silver screen. For the mobile screen, we offers a bouquet of communication, content and commercial services. For the com-puter, we offer broadband services, while on the television platform we have Direct to home (DTH) and IPTV. For the silver screen, we are now working on digital cinema distribution etc.
Besides the four screens, there is also four Cs: communica-tion, content, commerce and computing. Communication is our base class of service that includes voice and
Dr Jai MenonDirector- Technology
and Customer Service, Airtel and Group CIO, Bharti
Enterprises
CUSTOMER SERVICEOUTCOME ORIENTED
COVE R S TORY S TAT E O F T H E I N D I A N C I O SU RVE Y
33thectoforum.com 21 DECEMBER 2009CTOFORUM
tariff plans that users can choose.So customers can get access to any infor-
mation from any channel they choose with the same customer experience. We have more than 100 million transactions a month on these combined channels.
Since customer service is closely knit with the CIO responsibility, we have realised that various platforms and processes need to efficiently converge in order to help the end customer.
What according to you are the chal-lenges that many enterprise CIOs
face when it comes to customer service and how can they overcome these?Traditional CIO roles worldwide have evolved from the technical community of engineering, training etc. At the end of the day, a CIO is more of a consumer of tech-nology than a creator of new technology. So when they consume technology, they need to do it keeping the business needs and pro-cesses in mind.
In this process of consuming technology, there is more time and effort spent on get-ting just that piece right. Therefore, every element that a CIO has to do from business process all the way to design and implemen-tation, operations etc. is typically been done by the CIOs own shop.
Given the changes in the outsourcing scenario, CIOs can divide their responsibili-ties so that they focus more on the business while the outsourcing partner can focus on the technology aspect of the business. This will help release a lot of time of the CIO, and who can now focus more on business.
Also, if you were to do a CIO scan across the globe, you will find that most of them have reached the position through a unilat-eral path. Their career experience has only gone up the technology chain. As the next-generation CIOs get created, it is desirable that they actually go through other business experiences.
Would coming closer to customer call in for more and newer technol-
ogy deployments?Understanding the customer is a dimension that does not require a lot of technology. I feel that technology is just an add-on to cater to the customer needs that provides value in a smart way.
SMS; content is what we offer on Airtel Live through mediums such as mobile, broadband and television portal. Commerce is brought in through mobile commerce, while computing is tendered through Soft-ware-as-a-Service (SaaS) and other cloud-based services.
The process by which we serve these cus-tomers by employing the four screens and four Cs is what we call as the beach model where our customers are our ocean and our partners form the beach that touches all our customers. These partners include all of the frontline touch points that interact with our customers. These touch points include our retail showrooms, retailers, call centre agents, collection agencies etc.
We have a customer base of around 110 million, and there are 130 to 140 million people who support us as partners. The way we look at customer service is to ensure that there is a tight business engagement to accelerate customer happiness. In fact BEACH is an acronym for Business Engage-ment to Accelerate Customer Happiness.
This means that the beach house (compa-ny) has to work in sync with the beach (part-ners) so that the DNA of the brand from the beach house goes through the beach and is shared with the ocean (customers).
How has the ‘beach’ model helped in empowering the customer? Could
you cite some examples?The ‘beach’ model has worked well as we built a business engagement model between our set of partners. This business engage-ment model was built from our learnings based out of our IT model. In the IT model, we built an outcome oriented model, where the IT costs were linked directly to revenues. This is nothing but percentage of revenue and within that percentage it includes capi-tal expenditure, operating expenditure and end projects costs etc.
As an example, using this strategy we changed the model of our BPO partners by moving them away from effort orientation and focusing on outcome orientation. We have in place a measurement ratio that we call as the outcome to effort ratio.
Effort, for example, is simply picking up the phone and answering a call. Now has the call resolved the customer query and ensured customer satisfaction? Has it
reduced churn and increased our overall satisfaction scores? So we now look at a host of such outcome parameters.We have bought together technology to empower our customers. We have been doing multi-channel empowerment to solve their needs. Multi-channel implies using services like the Web, Interactive Voice Response (IVR), interactive SMS and Unstructured Supplementary Services Data (USSD) where all of these are shared in a simple manner. These services are indepen-dent of the channel and are transmitted to back-end IT systems.
For example, our * 121# application answers all the queries of customers. This has been a hit with users, and since this service is USSD-based, it can run on any mobile device. This is also integrated real- time into our backend CRM billing and pro-visioning systems. There is another service called as My Airtel My Offer (MAMO) that has a recommendation engine to look at previous usage trends and recommend best
“We have brought together technology to empower our customers. We have been doing MULTI-CHANNEL EMPOWERMENT to solve their problems”
S TAT E O F T H E I N D I A N C I O SU RVE Y COVE R S TORY
34 21 DECEMBER 2009 thectoforum.comCTOFORUM34 21 DECEMBER 2009 thectoforum.comCTOFORUM
NEXTHORIZONS
The economic tumult of the past 18 months has affected every facet of corporate opera-tions, and it has not spared IT. In McKinsey’s fourth
annual survey on information technology strategy and spending, we asked chief infor-mation officers (CIOs), chief technology officers (CTOs), other executives in the IT function, and additional C-level executives about their companies’ business technol-ogy agendas, the impact of the recession on their IT organizations, and their approaches to developing and executing IT strategies.
The results affirm the continuing impor-tance of IT to strategic success, despite the recession. CIOs have felt strong pressure to deliver ever greater levels of efficiency in the downturn, but overall satisfaction with IT organizations remains high. In addition, most respondents foresee an increase in IT investment, perhaps because companies are applying IT to solve problems across the business. Meanwhile, as technology-related disruptions continue to affect businesses, executives persist in pushing for closer inte-gration between business units and IT.
IT’s response to the recessionThe value executives (both inside and out-
IT in the New NormalRecession or no recession, corporate and IT leaders continue to see a key role for IT, especially to capture efficiencies across the enterprise.
FEATURES INSIDE
Myths About Cloud Computing Demystifying cloud. Pg 38
Walk The Talk A CIO needs to be a top level communicator. Pg 39
35thectoforum.com 21 DECEMBER 2009CTOFORUM 35thectoforum.com 21 DECEMBER 2009CTOFORUM
T E CH AG E N DA N E X T H OR I ZO N S
side the IT function) perceive IT as offering their companies have held up well since our previous survey, in October 2008. Respon-dents indicate that IT has become more important to improving business efficiency and reducing costs across the enterprise than it was last year. Notably, a smaller share of respondents indicate that their pri-mary focus is to achieve the lowest IT cost (Exhibit 1). This suggests that executives are realizing better results from applying IT to solving problems across the business.
However, running a tight IT organization remains important. We asked IT executives about the actions they have taken in the past year, as well as those they plan to take in the next 12 to 18 months in response to the crisis (Exhibit 2). Respondents indicated a strong preference for structural cost reduc-tions: three of the top four actions discussed focus on reducing structural costs through efficiency improvements, including applica-tions development, infrastructure consolida-tion, and contract renegotiation. Looking ahead, two-thirds of the respondents report they plan to undertake structural cost reduc-tions in the next 12 to 18 months.
Green IT programs, such as those that increase energy efficiency in data centers, have fared well despite the slowdown. At companies with a green IT agenda (almost half of those surveyed), more than 25 per-cent of respondents indicate they are accel-erating their plans, and about half say their plans will be unaffected by spending reduc-tions. Cost savings and reputation enhance-ment are likely behind this strong push to protect green investments.
Spending in the right placeLooking forward to 2010, projections for operating budgets follow trends seen in last year’s survey. More than 60 percent of respondents expect IT operating expenses to decline or hold steady (Exhibit 3), reflecting a continued focus on “resetting” operating costs for an uncertain future.
Expectations for new investments, how-ever, paint a different picture. More than 45 percent of respondents expect to increase investments, while about 20 percent see them holding steady. When there is a payback, it seems businesses are willing to invest; many of these investments are geared toward improving business opera-
and 61 percent are considering an increase in new investments (up from 40 percent last year).
Another notable finding is that spend-ing plans for public and private companies diverge sharply. Only 31 percent of respon-dents at public companies expect to maintain or increase their current IT spending in 2010, while 62 percent of respondents at pri-vate companies say the same. For new invest-ments, the pattern is similar: 60 percent of
Exhibit 1 % of respondents who ranked given IT
capability no. 1
How well each capability currently furthers company goals
Delivers services at lowest possible cost
Improves business efficiency
Supports our company’s growth ambitions by delivering services or products that set us apart from competitors
Plays a leading role in transforming our business
The role of IT2009, n = 4442008, n = 548
2733
1920
1615
3931
Exhibit 2
% of respondents who ranked given action no. 1,1 n = 270
Possible actions taken by an IT function in response to the global economic turmoil
Taken inpast year
Planned for next 12–18 months
Responding to the crisisStructural-cost reduction
Changes to delivery model
Reduction in shortterm demand
20 28
1118
1617
1416
1210
810
119
Focused on efficiency improvements in application development and maintenance (eg, lean IT, process streamlining)
Reduced demand by canceling or deferring projects/activities
Increased infrastructure consolidation or virtualization
Renegotiated existing vendor contracts
Changed scope of projects to reduce costs
Rationalized or eliminated services or offerings (including reduced service levels)
Increased outsourcing and offshoring
1Base does not include respondents who answered “none of the above” or “don’t know.”
tions, both to lower costs and improve effec-tiveness, echoing respondents views on where IT is offering value to the business.
Digging deeper into the data, financial-services firms lead all sectors with their spending and investing plans, a finding that may reflect improving business conditions in that industry. 33 percent of financial-services respondents expect to increase operating expenses in 2010 (up from the 15 percent who expected increases last year),
36 21 DECEMBER 2009 thectoforum.comCTOFORUM36 21 DECEMBER 2009 thectoforum.comCTOFORUM
N E X T H OR I ZO N S T E CH AG E N DA
public-company respondents expect to main-tain or increase new investments, compared with 73 percent at private companies.
IT’s effectivenessThe view from respondents who aren’t IT executives suggests that, by and large, they believe their IT functions are responding effectively to the crisis and adjusting well to their businesses’ changing needs and priori-ties. Among non-IT executives, 55 percent say current performance in providing basic IT services is very or extremely effective—an increase from last year’s 50 percent level. For higher-value activities, such as on-time/on-budget project delivery and proactive engagement from IT, the share of executives who say IT is very or extremely effective hov-ers in the 30s, with roughly another third of respondents indicating that IT’s performance is somewhat effective. Significantly, these figures are largely unchanged from last year, despite all the economic turmoil.
IT executives’ own view of their perfor-mance is less sanguine (Exhibit 4). Just under half of the IT executives surveyed say their management of IT infrastructure is extremely or very effective. Only 30 percent say their IT governance is extremely or very effective, and only 21 percent are happy with their ability to target places in their organi-zations where IT can add value (compared with 30 percent of non-IT executives who say IT is very or extremely or very effective on a corresponding measure).
Measured against last year, IT execu-tives’ satisfaction with their performance is down across the board, including several categories that show double-digit declines. It seems likely that this drop is driven by a continued sense of frustration among IT staff, who are being asked both to reduce their own costs and, at the same time, to help business units do more to improve their operations.
Shared vision for IT strategyAt the highest level, all executives remain concerned about information- and technol-ogy-based disruptions—albeit with some key differences from last year. These worries include competitors embedding IT in their products, executing strategies based on bet-ter analytics and information, and using IT to improve the effectiveness of their busi-
ness processes. The degree of concern has eased,however: in this year’s survey, 50 per-cent of respondents say their companies are very or extremely at risk given the potential effects of information- or technology-based disruptions on their companies, down from 65 percent in 2008. At the same time, the share of respondents rating their companies as somewhat at risk has increased to 30 per-
cent, from 19 percent last year. Seen in the light of the overall survey, this finding indi-cates that while core concerns about disrup-tions remain in the short term, recession-related preoccupations have become more acute. Nonetheless, companies remain exposed to the key unknowns they cited in 2008: shifts in customer expectations and bargaining power as a result of access to
Exhibit 3
% of respondents1, n = 444
By how much, if at all, do you expect your organization’s IT budget for operating expenses and new investments will change in 2010?
Spending more on new investmentsIncrease No change Decrease Don’t know
Operating expenses
27
2140
13
New investments2
21
13
46
191Figures may not sum to 100%, because of rounding. 2Includes operating and capital expenditures.
Extremely/very
Somewhat Slightly/not at all
Don’t know
1Figures may not sum to 100%, because of rounding; all respondents are IT executives.
Exhibit 4
% of respondents,1 n = 232
Percentage-point change from 2008
Extremely/very
Slightly/not at all
Currently, how effective is your IT organization in each of the following areas?
Lower satisfaction
Managing IT infrastructure
Implementing a strategic approach to sourcing
Governing IT performance
Introducing new technologies faster/moreeffectively than competitors
Driving technology enablement or innovation in business processes, operations
Targeting places in organization whereIT can add the most value
49
30
30
22
21
21
30
35
34
23
33
37
19
32
34
52
45
40
2
4
2
3
2
2
-13
-5
-8
-1
-13
-10
9
9
6
10
15
10
37thectoforum.com 21 DECEMBER 2009CTOFORUM 37thectoforum.com 21 DECEMBER 2009CTOFORUM
T E CH AG E N DA N E X T H OR I ZO N S
better information, and significant changes in the cost to deliver existing products or services (Exhibit 5).
While the recession has shifted some short-term priorities for IT, the longer-term vision for IT remains consistent with views expressed by respondents in prior surveys. Non-IT executives continue to say they want to forge a closer partnership with IT in order to improve performance and better man-age the risks and disruptions that lie ahead. While only 16 percent of respondents say they have put into place tightly coupled busi-ness and IT strategies (Exhibit 6), two-thirds of respondents indicate that this configura-tion would be their ideal. Significantly, the level of strategy integration is strongly cor-related to the perceived effectiveness of IT: for both business and IT executives, effective-ness materially increases as the strategies become more tightly linked.
Looking ahead• IT executives’ dissatisfaction with their job performance could eventually lead to deeper problems in morale and performance. Clear and effective communication by both IT and business executives will be critical to ensure that the IT organisation continues to under-stand how integral its efforts are to the suc-cess of the enterprise.• Respondents say they are willing to increase IT investments that drive real returns to their companies. Delivering on this promise requires business and IT to partner in building a comprehensive view of
the necessary process and system changes, as well as defining a clear, measurable, and achievable set of returns.• Despite the economic crisis, leaders need to continue improving the integration of their business and technology strategies. IT can help underwrite growth when the recov-
How we crunchedthe numbers
THE ONLINE SURVEY was in the field from
October 13, 2009, to October 26, 2009, and
received responses from 444 executives rep-
resenting the full range of industries, regions,
and company sizes.
“IT’s unmet potential: McKinsey Global Sur-
vey Results,” mckinseyquarterly.com, Decem-
ber 2008.
See James M. Kaplan, Roger P. Roberts, and
Johnson Sikes, “Managing IT in a downturn:
Beyond cost cutting,” mckinseyquarterly.com,
September 2008.
ery comes, but only if executives begin lay-ing the groundwork during lean times.
Contributors to the development and analysis
of this survey include Roger Roberts, a principal
in McKinsey’s Silicon Valley office; and Johnson
Sikes, a consultant in the New York office.
Exhibit 5
% of respondents who say that their companies are ‘extremely,’ ‘very,’ or ‘somewhat’ at risk from informationand technology-based disruptions and ranked given disruption no. 1,1 n = 342
To which of the following disruptions, if any, is your company most exposed?
Shifts in customer expectations (eg, to better or differentiated service for existing offerings)
Changes in costs to deliver current products or services(eg, others deliver for significantly less)
Increased customer bargaining power from increased information about existing product offerings and alternatives
Significantly improved products or services (including substitutes) emerging at current or higher prices
Development of new offerings outside ‘traditional’ scope(eg, bank branches offering insurance a few years ago)
Increased use of third-party resources/infrastructure,such as OEMs or outsourcing
Emergence of new channels or points of purchase
Top disruptions
Rank in 2008
1
2
3
4
5
6
7
28
20
13
13
12
6
5
1Respondents who answered “other” are not shown.
Total
% of respondents in selected category who say IT is effective1
Business leaders IT leaders
Exhibit 6
% of respondents, n = 444
How tightly coupled, if at all,are your company’s business andIT strategies currently?
More effective, with tighter integration
1Composite metric representing the percentage of respondents who rated three or more activities as "extremely" or "very effective."
Business and IT strategy are tightly integratedand influence each other
Business strategy is developed with someinput from IT
Business strategy is developed first andused to guide IT strategy
Business and IT strategy are not linked
16 66 46
35
27
16
28
27
8
18
47
19
38 21 DECEMBER 2009 thectoforum.comCTOFORUM38 21 DECEMBER 2009 thectoforum.comCTOFORUM
N E X T H OR I ZO N S CLO U D COM PU T I N G
Myths About Cloud ComputingWhile experts say that cloud computing is the in thing, in reality, it'll take at least a year for companies to adopt it as a norm for their operations. BY RICHARD GOUGH
Cloud computing is largely misunderstood, both as a concept as well as a delivery platform. In fact, the cloud is as big as the e-commerce revolution wit-nessed in the beginning of this millennium. Like e-commerce, cloud computing will take some time to
sort out. Today, every technology supplier and vendor use the term cloud in marketing material to make sure they appear relevant. In reality, it will take at least one more year for organisations to adopt cloud computing as a norm for their operations. In fact, this is a good time to look at some of the myths that have build up around cloud computing.
MYTH 1 The bigger the vendor, the betterReality: The presence of industry titans such as Amazon.com, Salesforce.com, Microsoft Azure and Google is certainly enhancing the profile of cloud computing especially among large enterprises like the Telegraph Media Group. But size and brand name amount to very little if a vendor can’t deliver quality of service. Thomas Bit-tman, chief of research for Gartner’s infrastructure and operations
branch, said, “Being big in the future of cloud may not be a benefit.” Take, for exam-ple, Amazon.com’s S3 cloud experienced an outage for about three hours, in 2008 leav-ing companies worldwide without access to their stored data. Likewise, Google Gmail and its application service platform were badly disrupted globally in February 2009. However, Gmail didn't collapse completely, while web access to email was shut down, IMAP accounts, the sort that you might use on an iPhone, were operating normally which should be seen as a plus for a always on 24/7 cloud platform. The point here is to carefully consider your options and do your homework before signing on the dotted line. When your life blood is your data then carrying out a full risk assessment is crucial to your success wherever you decide to host your computing systems.
MYTH 2 Cloud computing heralds a revolutionReality: Vendors’ public relations people would have you believe that cloud computing is a revolutionary new technology. But the truth of the matter is companies have been heading in the direc-tion of this pay-per-service model for some time now with prod-ucts like Salesforce.com for Customer Relationship Management and web site hosting by datacentre providers. Cloud computing is a natural evolution of infrastructure and application technolo-gies. SaaS (Software-as-a-Service), for example, is a type of cloud computing that delivers a single application through a web-based browser to thousands of end users. The well-known concept of utility computing also falls under the umbrella of cloud comput-ing, as do managed services that often entail fully outsourced network-management arrangements.
MYTH 3 Only small businesses need applyReality: According to a recent Forrester Research report on Cloud
PH
OT
O:
PH
OT
OS
.CO
M
39thectoforum.com 21 DECEMBER 2009CTOFORUM 39thectoforum.com 21 DECEMBER 2009CTOFORUM
CO NVE RSAT I O N E T H I C S N E X T H OR I ZO N S
Walk the Talk
The modern CIO doesn't often get the luxury of being misun-derstood. Their peer group requires coher-
ent language that is high on detail and at the same time low on techni-cal jargon. Those of you who have experienced conversations between technocrats and lay business people know of what I speak.
Such conversations go something like this. The technocrat starts off and the lay businessman listens intently for two minutes hoping to become wiser and attuned with technology. Soon, the blank stares appear followed by a confused (if not angered) look on their faces. The techie has not only lost his audience, but also his opportu-nity to gain buy-in for their idea or proposal.
Enter the CIOThis is where the modern CIOs earn their money. Conceptually, a CIO is hired to manage the best use of technology for the company. For many years, there was a hidden reason behind the CIOs vital role. They were treated as a bridge between the hard core techie and the management. That role is no longer a secret. CIO job descrip-tions routinely include explicit language about their role as a top-
level communicator. In fact, a few larger corporations hire
CIOs less for their technology skills and more for their ability to communi-cate, influence, sell, and manage oth-ers. Such a non-technical CTO can be dangerous also. The lack of technology background has led to some very costly business decisions. There are other cases where the CTO lacked the techni-cal background to understand the finer points involved in delivering on plans sold to a naive peer group.
It's the audience, stupid!Having made a back door entry into
technology, I learned the value of communication at all levels. One of the precepts to excellent communication is knowing your audi-ence. Always make the assumption, when you are communicating with others (unless you can guarantee otherwise), that your audi-ence knows less about the topic than you do, and that your audience is less technically conversant than you are. Not to make your peers seem like morons because they aren't, but you have to dumb down the techie a little bit. Ease them into it; define your terms along the way into easily digestible bites. Remember, if you were in a room of actuaries, you would probably come away feeling as ignorant of their lingo than they would be of yours.
How should a CIO smooth talk his way to the boardroom. BY THOMAS STRUAN
Computing, The main consumers of cloud computing are small companies that don’t have a legacy of IT investments to manage. But while cloud computing’s cost-effective model appeals to small businesses, large enterprises with well-crafted SLAs (Service Level Agreements) and mature IT teams also stand to benefit. Challenges, however, remain for mid-size organisations, as there are a significant middle market that without some planning will have a tough time using cloud computing technology.
MYTH 4Everything should be in the cloudReality: Trying out cloud computing doesn’t
necessarily entail handing over your entire database to a third-party provider. Rather, companies can choose to farm out just bits and pieces in the same way many HR teams outsource recruiting but keep payroll pro-cessing in-house. A perfect example: The New York Times used Amazon EC2 and S3 to generate PDFs of 11 million articles in the newspaper’s archives, but kept produc-tion of the newspaper in-house.
MYTH 5 Cloud computing is a cure-all Reality: As much as marketers would have you believe that cloud computing can solve all your server and storage headaches; there
are still plenty of system design challenges to work out. For example, not all applica-tions are ideal candidates for cloud comput-ing based on their sensitivity, especially when it comes to handing over financial applications governed by strict compliance regulations. What’s more, as outlined in the Forrester report, “most cloud vendors today still do not do not provide availability assur-ances. Service-level agreements are mostly nonexistent.” In other words, cloud comput-ing can potentially come with its fair share of downtime so make sure your prepared for this. On the plus side, we are already seeing companies like Google work hard to address this.
40 21 DECEMBER 2009 thectoforum.comCTOFORUM40 21 DECEMBER 2009 thectoforum.comCTOFORUM
N E X T H OR I ZO N S DATA M A N AG E M E N T
Play it again SamAnother key communication tool is to repeat what you just said. I actually refer to this as a reiterative tool. You don't need to become redundant in your conversation, but after you make several key points it is a good idea to put forward a quick summary of what you just said. In many presenta-tions, I actually paint high value targets three times so that at the end of my commu-nication everyone at least knows the main points. Another reiterative tool is the follow up. If I am trying to get a plan or initia-tive put forward I find ways of tying it into other communications. Having stressed my points before, I subtly drop them into future emails, presentations, proposals and discus-sions. Remember, subtlety is key!
Killing the messengerIf you have not heard this expression, then you need to be aware that there are times that you will be communicating with hos-tile audiences. In ancient times, when kings were sent messages that included unpleasant news they would often kill the
messenger out of rage, thus the reference of ‘don't kill the mes-senger’ emerged. Such situations are unavoidable at times and you need to prepare for them.
Now - there are shades of gray here. In some cases, the people in your audience are just simply not interested in what you have to say. In such cases, you have to lighten the conversation, make it personal for them, and give them a sense of fellowship in your cause. An example of this would be going in front of your board of directors with a proposal requiring a bunch of treasure to expand your infrastructure. The way you bring them to your point of view is to actually know that extra bit: what are their key priorities for the company? what are the key initiatives they are discussing? how can your proposal help to accomplish them?
Follow throughYour communication is built on history. By
that I mean, when you have a dia-logue your effectiveness is based on whether you have a history of delivering on what you have discussed and whether or not you appear knowledgeable in your prior communications history. People will remember the most amazing things - many of which are not what you wanted them to remember. So, keep in mind that everything you say will, at some point, come back to you.
Once you are known as a person that paints a tainted picture you lose credibility. In
this game, we call life credibility is really one of the few things we have to offer. So, prepare yourself. You will require informa-tion from individuals and there are times you will have to trust that information, but due diligence is never to be abandoned for the sake of a quick response. It is better to delay what you want to say than to rush something into production that has a ques-tionable amount of truth to it.
ARTICLES WERE
ADDED TO ITS
ARCHIEVE BY THE
NEW YORK TIMES
USING AMAZON
EC2 AND S3
PLATFORM
11 mn
CMS: Plenty to Go
Having started social media interaction, having acquired many third party applications that inter-face to your ERP system, how can you manage all this extraneous data? The problem that this causes for an organisation is the unstructured
data that this produces. There are several implications for unstruc-tured data being storage, indexing, tagging, ability to reuse and access data with email are problems an organisation will continue to face.
Organisations have always had a difficult time capturing the unstructured data. Often valuable information is shared with no real way to leverage this goldmine. This problem extends throughout the organisation stemming from product design all the way to the entire supply chain. The lack of internal data capture extends to outside the enterprise when social media is invoked.
Systems that capture data such as PLM systems have started to evolve as the backbone to organisational storage. The link of stor-
ing data and the ability to reuse it has caused some PLM vendors to incorporate content management and PLM functionality. This provides a basis for metadata tagging, indexing, storage, ability to leverage existing intellectual property and reusing company data that should be reusable.
Enter one evolution of content management system. These sys-tems can not only store data effectively but store it as usable chunks that can be indexed and readily accessible for many purposes. These CMSs can be thought of as another weapon to harness busi-ness performance. As these applications spread and start to merge with other applications we are seeing a new evolution of PLM and CMS to start to include social media. By including this functionality here it may alleviate some concerns about capturing data, customer feedback etc. It is pretty easy to see as more of these applications evolve and include greater features and functions they are encroach-ing on the ERP itself. — Dylan Persaud, Managing Director Eval-Source
With growing use of social media, managing extraneous data is a challenge. BY DYLAN PERSAUD
40 21 DECEMBER 2009 thectoforum.comCTOFORUM
41thectoforum.com 21 DECEMBER 2009CTOFORUM
THINKINGBEYONDCHRIS CURRAN | [email protected] CHRIS CURRAN is Diamond Management
& Technology Consultants’ chief technology
officer and managing partner of the firm’s
technology practice. He writes the CIO
Dashboard blog at www.ciodashboard.com
The Fine Art of Persuasion If the IT department wants its annual budget to pass muster, it needs to eliminate the unnecessary steps in IT planning.THINK BACK a few months. It’s August and you are starting to mar-shal the troops for the annual combat called the annual IT budget. You arm each of the IT leaders with a template, spreadsheet, and other tools with which they will collect the requests from the various business areas – cus-tomer segments, product businesses and corporate functions. Depending on your organisation, you may also start collecting some sizing data for each initiative – costs and benefits.
Once each of the field operatives are done collecting, then the real fun starts. Each of the lists are then consolidated into a big list and additional details are added with the goal of prioritising them against some kind of framework (that may or may not already be agreed to). If the business value data hasn’t been collected, some basic sizing data is added. Then this list often gets massaged several times in IT leadership meetings.
Just about the time that the CIO and his team is getting a feeling for the size and shape of the business-driven list, the CFO starts sharing the
set the boundaries up front. This draft should be developed by the CIO and his leadership team – 5-10 people max. Agree upon scope and other plan-
ning assumptions, including how much time will be spent in each phase, who will participate and how much money will be available, even if the definitive budgets aren’t set yet by the CFO. Communicate the draft plan, plan-
ning process and expectations to business and IT stakeholders so they know what you expect from them.
Typically, I see some forms of #2-3 but very few organisations draft a plan before going out and solicit-ing business input. I think this is one of the primary jobs of the CIO that is often skipped in the name of business-IT collaboration. Once the gathering, analysis and prioritisa-tion work (and time) is eliminated for the initiatives that would never make it anyway, you can focus on adding some time back into plan-ning, but focus it on more produc-tive things, which I will cover in my next post.
available budget and the CIO gets to go back to the group to report that the company can’t fund all of the projects that have been requested. In fact, it can probably only do about one-third of them. The remaining planning time, maybe into January, is then applied to further prioritising, sort-ing, iterating and finally telling users that their requests didn’t make it.
Yes, this is an extreme case, and not all organisations work this way. But, many companies I have worked with had long, reactive and wasteful planning processes. In fact, in Dia-mond’s 2009 Digital IQ survey, com-panies reported that they spent 240 man months performing IT plan-ning. I’m certain that this time is not all productive – we can do better.
Agile IT Planning, Then Agile Business: Addressing this problem is a two-step process. First, we need to eliminate the unnecessary steps in IT’s approach to planning. The key to this is to begin with the end in mind, as follows: Develop a draft of the plan before
asking for additional inputs. It’s okay to have gap, but it’s critical to
Drafting a plan should be the pri-mary job of a CIO before going out and solicit business input.
N E T WOR K O F TH E F U T U R E N E T WO RK S E CU R I T Y
42 21 DECEMBER 2009 thectoforum.comCTOFORUM
Most tech-nology and security managers ensure that at least one of their permanent systems is deployed for the function of network monitoring
Modern day network monitoring technologies can help in manag-ing a fast changing IT environment in economic crisis BY TEAM CTOF
Network MonitoringTHE RELEVANCE OF
Network monitoring therefore refers to a system that supervises all activi-ties within a computer network. This system keeps a check on all aspects of the network - from the power situation to an expected crash or a LAN malfunction. This network diag-nostic tool monitors LAN and WAN networks to eventually provide a graphical report of network statistics gathered by its different tools. This information available to network administrators can be used for day-to-day troubleshooting tasks such as managing downtime or handling any sort of security breach. The systems are particularly useful with large corporate networks or a populated university universe.
As we focus our minds towards network security, one key thing that takes centrestage is network monitoring. Rallying about network security without placing a concrete plan of action cannot be called a smart move. What is smarter is to have a monitoring system that is able to notify the administrator about all happenings within your network.
PH
OT
O B
Y P
HO
TO
S.C
OM
N E T WO RK S E CU R I T Y N E T WOR K O F TH E F U T U R E
43thectoforum.com 21 DECEMBER 2009CTOFORUM
A network monitoring system con-tinually takes snapshots of the inter-nal systems and creates a report as soon as it detects a problem. It then informs the network administrator of any suspension of operation. A subset of the different tasks carried out under network management, network monitoring works as an effective tool towards security. It takes care of any failures that might arise from within the network such as information overload or flailing network connections. They can also sound an alarm against virus infec-tions or lost network connections. The monitoring system sends mes-sages in the form of emails, pagers or even phone calls. These are also called watchdog messages.
There are a range of network moni-toring tools available in the market today. These include ping tools, network sniffers, web log analys-ers and such other. Ping tools such as free ping and servers alive are mature monitoring devices that are employed by technology managers for effective network monitoring. These tools are usually easy to config-ure and come with multiple alerting utilities. Network sniffers include real-time traffic monitors and net-work protocol analysers. These are useful to monitor network traffic on peer to peer applications and instant messaging networks. Log analysers can study data such as number of visitors and they can be used to gen-erate monthly or weekly reports. Log analysers can also report real time information that can be produced on spreadsheets or HTML files. These files are also called capture files. They can be accessed the network administrators in real time or at a later point in time.
A network monitor collects all the information required by the system by a process called capturing. As a rule, a network monitoring system collects information on all the frames it detects on the network. This data is collected onto what is called a capture buffer. A capture buffer is a reserved
area that has been defined in the storage memory of a system so that the information is readily available. In case the network administrator requires information only on a set of frames, they can use a capture filter. Once the required information has been captured, the network admin-istrator can further create a display filter that will predefine how much of the captured information will even-tually be displayed in the system’s frame viewer window.
Most technology and security man-agers ensure that at least one of their permanent systems is deployed for the function of network monitoring. Therefore, there are a number of network monitoring software avail-able in the market today. Dotcom-Monitor is one such that has applied remote agents on three continents that work like internet browsers. They can monitor particular URLs for clients to undertake network monitoring services. Their network monitors check the client network to ensure that it is accessible and yet secure. Functions such as these help managers to reduce down time due to a break down or security hack. Products such as Lithium work as a suite of network, server and storage monitoring applications. They use SNMP and proprietary monitor-ing protocols such as those used by Apple’s Xserve, Xsan and Xserve RAID devices.
Network monitoring solutions work for clients who would like to measure what is travelling through their networks or to gauge the rea-sons for a network slowdown. The network monitoring tool that works to check network slowdown is a network probe. It is also a protocol analyser that can track network traffic and therefore determine the cause for a slowdown in a matter of seconds. Network monitoring utili-ties comprise tools that can moni-tor the performance of routers and switches. These include tools such as bandwidth monitors, network monitors, wake-on LANs and port
scanners. With the use of such tools, network monitoring is also able to check bandwidth bottlenecks of a network. They can be used to study the response time of multiple devices and send alerts in case a problem is detected. Wake-on LAN can be used to switch on a PC from a remote cen-tre, while a port scanner can check the traffic in a TCP port.
Most network monitoring packages today are able to simplify complex networks to manage it without fac-ing any legacy problems. This makes the tools easily scalable and easy to afford. Users can pick from a range of network tools for their LAN and WAN networks. Network monitoring tools can also be used to study long term trends in a network.
Prevent issues of bandwidth
Solve bottlenecks that hurt server performance
Makes the network a proactive entity that allows users to
perform better
Makes one’s IT infrastructure more cost effective
One is able to purchase bandwidth and hardware based on
actual traffic numbers
Makes network troubleshooting easy
According to a Microsoft case study, a network monitor can
display the following types of information: 1 Source address of the computer that sent a frame onto
the network. This address is a unique base-16 number
that defines a computer on the network.2 Destination address of the computer that received the
frame.3 Protocols used to send the frame.4 The data, or a portion of the message being sent.
Advantages of network monitoring
What information can network monitors provide?
44 21 DECEMBER 2009 thectoforum.comCTOFORUM
The second CSO Summit discussed information security challenges and their possible solutions. BY VINITA GUPTA
Event CSOSummit
The second annual CSO Summit 2009 witnessed a gather-ing of more than 50 Chief Security
Officers (CSOs) from various verticals to help them gain greater insights about their role. The two-day Summit was organised by The CTO Forum and took place on the 11th and 12th December 2009 at The Westin Sohna Resort in Gurgaon.
DAY 1 SESSIONS
Keynote 1: Evolving role of the CSOVishal Salvi, CISO, HDFC Bank gave the first keynote where he spoke about the stra-tegic role of the CSO within the enterprise. He stated that security becomes intangible
until it is delivered and that today many people are making their career as security officers as this role is now more indepen-dent than just a part of IT.
Salvi stressed on the CSO's role that should focus to make business more accountable for cost and risks. “Instead of the CSO asking the management for invest-ment, they should explain the risks that the company can face and how technology can help them mitigate such risks,” he said.
He added that it would always be the
CSO's role to provide sponsorship and program management and also control the security policy of the company and for this they should update themselves with latest technology implementations.
Keynote 2: Trends in information security in 2010The second keynote of the summit was delivered by Pinkesh Shah, VP, Product Management, Policy Compliance and Risk Management at McAfee who briefed the
participants about today's evolv-ing threats, top security trends and ways that can help organi-sations manage information security.
Shah revealed that host of new threats like malware, phishing attacks etc. are being targeted towards organisations and in every 30 seconds a new malicious website is detected. Ninety percent of these threats are financially motivated as compared to 40 percent in 2005. He said that it is important for enterprises to understand the
root cause behind such threats and also look at the various reasons for their existence like misused functionality, malicious intent, design flaws and poor common sense.
According to Shah, the three key trends in Information Security for 2010 would be: Extinction of standalone signature based
anti-virus Patch panic will no longer be an issue as
96 percent of attacks are patched Data centric security would be more
important than just network security
Pinkesh Shah, VP, Product Management, Policy Compliance & Risk Management, McAfee Inc. delivering the first keynote.
Vishal Salvi, CISO, HDFC Bank making
a point at the 2nd CSO Summit.
45thectoforum.com 21 DECEMBER 2009CTOFORUM
C SO SUM M I T E VE N T R E POR T
Panel Discussion: UTM- The new rules of ensuring security The first day witnessed a panel discussion on emerging trends and technologies in the Uni-fied Threat Management (UTM) landscape. The panel was moderated by Rahul Neel Mani, Editor, The CTO Forum that included Pramod Reddy, AVP and CISO, Applabs and Sachin Jain, CIO and CISO, Evalueserve.
Jain said that having a UTM in a distrib-uted network will not make sense, but for small companies it would be useful.
According to Reddy, small offices only need Internet connectivity, and hence UTM is the best solution . He cited an example of how Applabs has been using UTM for firewall and IPS from the last four years and not for spam and anti-virus, and it is taking the load without facing any threats.
The discussion was quite engaging with many audience members throwing up ques-tions one after the other to the expert panel.
Observations from the summit par-ticipants:Vipin Kumar, Chief General Manager, Head-Information Services, Agri Machinery Group at Escorts: “UTM will not be replaced by desktop agent as it is security in one box; standalone products are very complex. We have been using UTM since the last three years and have never faced any problem.”
K.S. Narayanan, Head-Information Risk Management, ING Vysya Bank: “UTM gives an organisation all the functionality in one box, but I think the market is not yet matured for this solution.”
Pinkesh Shah, VP, Product Management, Policy Compliance and Risk Management at McAfee: “UTM is consolidation of different security solutions into one and vulnerability of application is not UTM's job and hence wheth-er it is less or more important for a particular organisation (enterprise or SMBs) is not an issue but is about their requirement.”
Panel Discussion: Economics of securityEnterprises are challenged to optimise bud-gets, resources and time, particularly the IT organisations and hence this discussion addressed topics like consolidation, point products, juggling the cost of prevention against the cost of risk and remediation, building a hybrid architecture of virtual,
hosted and on-premise security and manag-ing costs of audits.
The panel was moderated by Sameer Shel-ke, COO and Co-founder, Aujas Networks and the panel included Ganapathi Subrama-niam, GAP Resilience-Information Security Lead, Global Asset Protection, Accenture; Sabyasachi Chakrabarty, Regional Security Manager, APAC, British Telecom and Amit Raj Singh, Practice Manager, Managed Ser-vices, Wipro.
Amit Raj Singh, Practice Manager, Man-aged Services at Wipro: “Information security policies should match the organisation's goals as the CSO needs to answers different stake-holders. Also while rolling out security the CSO should make sure whether the SLA is required or not, if it is it should be properly signed. Hosted model is cost effective and hence should be preferred.”
K.S. Narayanan, Head-Information Risk Management- ING Vysya Bank: “Consider
Some of the important comments from the participants:Sameer Shelke, COO and Co-founder, Aujas Networks: “We as a CSO need to fix security issues in a preventive control manner. Almost 60 percent of the risks that is found in the first audit are repeated and hence we need to focus on risk management.”
Ganapathi Subramaniam, GAP Resil-ience-Information Security Lead, Global Asset Protection, Accenture: “Security is more in terms of peace of mind, and hence measurement of security is not achievable and achievement of security is not measurable.”
security as a business risk and then IT risk. With this consideration ROI can be easily achievable.”
Session: Application and role of information security
G Kiran Raju, Senior Consultant, Appli-cations and Database Security at Wipro in this session mentioned that the new threat landscape is moving from informa-tion based security to web application and database security that involves securing the custom code, libraries, back-end systems, web application and database servers and monitoring databases.
From Left: Rahul Neel Mani, Editor The CTO Forum, Sachin Jain, CISO, Evalueserve and Pramod Reddy, CISO and AVP IT App Labs discussing Unified Threat Management and its future adoption in enterprises.
Gan Subramaniam, GAP Resilience-Information Security Lead, Global Asset Protection, Accenture India making his point during the discussion on Economics of Security.
K S Narayanan (right), CISO, ING Vysya Bank expressed opinions around the emerging threats and possible safeguards in the current scenario.
46 21 DECEMBER 2009 thectoforum.comCTOFORUM
E VE NT R E POR T C SO SUM M I T
Raju said that applications are easily avail-able on the Internet to hack into a network. For example if a bank’s website is not secure then it will lead to hacking of the customer's data. This happens because net-work security mostly ignores the contents of HTTP traffic.
He recommended some threat mitigation steps like: Performing application and database scan-
ning for vulnerability Implementing Web application firewall Building a better and more secure SDLC
Patching the application and the databases.
more on data security by identifying data and it gets leaked.”
Vishal Salvi, CISO, HDFC Bank: “ CSOs are maturing on risk management but they should also focus on engaging in the busi-ness by acting as enabler.”
Captain Raghu Raman, CEO, National Intelligence Grid: “CISOs should start assess-ing themselves; they should start explaining the management the reasons why things went wrong. Also while negotiating the budget with the management the CSO should be straight forward in discussing the pros and cons of not deploying a security solution.”
Kaushal Kumar Chaudhary, GM-CISO:
security- A public-private partner-ship model to threat avoidanceThe three key stakeholders in the informa-tion security space today are government, industry and end-users. The panel discus-sion, with participation from all the stake-holders discussed about the possible ways to deal with threats like identity thefts, cyber crime, warfare and corporate espionage.
The panel was moderated by Anuradha Das Mathur, Co-founder and Director at 9.9 Media and the panel included Captain Raghu Raman, CEO, National Intelligence Grid; Felix Mohan, CISO, Bharti-Airtel and Summet Singh, Senior Consultant, Wipro Consulting Services.
Comments from the participants:Captain Raghu Raman, CEO, National Intel-ligence Grid: “Security needs public-private partnership. The big difference between govern-ment and private sector firms is that private sector is profit oriented. In government sector each crime is dealt by different government segments and hence there should be complete synchronisation.”Summet Singh, Senior Consultant, Wipro Consulting Services: “The public-private partnership should not be an option but should be made mandatory. Government also plays a crucial role by forming laws and systems to tackle threats.”Felix Mohan, CISO, Bharti-Airtel: “The public-private partnership is of two types viz. regulatory and collaboration driven. Regulatory mandates are there in all countries but what we as corporate entities should not counter it but should stand in a unified form.”
Panel Discussion: Transforming business through governance, risk and compliance (GRC)This track discussed the best practices including how to leverage risk metrics and the need of a unified control framework to reduce the total cost of ownership of com-pliance. The panel concluded that GRC is more than software as it involves IT, risk, finance etc. and hence a comprehensive GRC will be handy. In addition, a unified approach to adopt the framework was also necessary.
The panel included Vishal Salvi, CISO, HDFC Bank; Burgess Cooper, General Manager Information Security at Vodafone;
Sameer Shelke, Co-founder and COO , Aujas Networks sharing his thoughts on 'Leading the security and risk management through turbulent times'.
Burgess Cooper, CISO, Vodafone India took an open house session during the 2nd CSO Summit to set the Information Security agenda for the year 2010.
G Kiran Raju, Senior Consultant, Applications and Database Security, Wipro speaking on how to protect the applications and databases from attacks.
Open House: Setting the agenda for 2010-11This session was led by Rahul Neel Mani and Burgess Cooper, General Manager (CISO), Information Security at Vodafone. Priorities related to technology, business and leadership of CISO/CSOs for the year 2010 were discussed.
Comments from the participants:Murli Nambiar, CIO-Security officer, Reli-ance Capital: “ CSOs should concentrate
“Most of the CISO are biased towards IT; we need to lift ourselves from IT towards business and try to handle both.”
Nadeem Quraishi, CISO, Tata Motors: “We should try to reduce costs and this can be done through outsourcing. At the same time, we should also factor the risks associated with it.”
DAY 2 SESSIONS
Keynote Session: Information war-fare, cyber terrorism and end user
47thectoforum.com 21 DECEMBER 2009CTOFORUM
C SO SUM M I T E VE N T R E POR T
Murli Nambiar, CIO-Security officer, Reli-ance Capital and B M Rangan, CSO, Quattro BPO. The session was moderated by Rahul Neel Mani.
Views of the summit participants on growing concerns around GRC: B M Rangan, CSO, Quattro BPO: “The GRC initiative connects directly to the management and there is a need to look at all possible shareholders.”Vishal Salvi, CISO, HDFC Bank: “ Today I cannot think of any organisation that has adopted an automated GRC but in future they will be.”Murli Nambiar, CISO, Reliance Capital: “There is a need to have a unified GRC instead of having them in silos as there could be over-laps when they function in silos.”
Panel Discussion: Leading the security and risk management teams through turbulent timesThis track discussed leading information security or risk management function as a special responsibility requiring a mix of technical, political and social skills.
The panel included Sameer Shelke, COO and Co-founder, Aujas Networks; Rishi Bhargava, Director, Product Management, Risk and Compliance Business, McAfee; Sunil Gujral, CTO, Quattro BPO and Sid-dharth Vishwanath, Associate Director, Per-formance Improvement, PWC India.
Observations from the summit par-ticipants: Rishi Bhargava, Director, Product Man-agement, Risk and Compliance Business, McAfee: “There is a need to go cross function-al. The cost of reporting that a customer’s cred-it card is stolen is high and hence it’s crucial to articulate the cost of non-compliance.”Siddharth Vishwanath, Associate Director, Performance Improvement, PWC India: “Specific measures related to a particular ini-tiative should be looked upon and then depend-ing on the initiative clear metrics should be defined.” Sameer Shelke, COO and Co-founder, Aujas Networks: “The most difficult task is to man-age our own team. Also creating awareness among the user is not helpful, we need to edu-cate them.”Sunil Gujral, CTO, Quattro BPO: “Security
should be looked as a facilitator. Organisations should focus on innovation and skill sets.”
Panel Discussion: Security in vir-tual and cloud environment
Cloud computing is picking up traction with businesses, and thus this session dis-cussed the unique security risks it entails. The panelist of this last session included Pramod Reddy, AVP and CISO, Applabs; Rajeev Seoni, CIO, Ernst and Young and Felix Mohan, CISO, Bharti Airtel.
Important comments from the panel members: Felix Mohan, CISO, Bharti Airtel: “Cloud computing risks are related to data, people, organisation, provider and supply chain, gover-nance and compliance etc.”Rajeev Seoni, CIO, Ernst and Young: “Every vendor has different definition for cloud com-puting, we need to have a common platform. There are vendors that are pushing cloud but it depends on the need of the organisation. Secu-rity in the cloud is a critical aspect as the data resides in an unknown place and hence it is not safe. Private clouds are more secure.”
Pramod Reddy, AVP and CISO, Applabs: “Security in the cloud is business driven. The organisation should first consider what type of data they want to move on the cloud, if the data is not critical than security is not a major con-cern. Cloud is evolving and the issues related to it would be discussed and resolved in the com-ing years.”Vishal Salvi, CISO, HDFC Bank: “In terms of convenience there is lots of scalability that a virtual environment can provide but cost and compliance are major challenges. Questions linked to some legal aspects of the cloud are still not defined.”
Security means business: Participants and panelists engaged in serious debates on enterprise information security during the sessions.
Captain Felix Mohan, CISO Bharti-Airtel shared insightful information on cyber crime and security risks in the cloud computing.
Rajeev Seoni, CIO, Ernst & Young and Pramod Reddy, CISO & AVP IT App Labs shared their valuable thoughts on security in cloud environments. Burgess Cooper, CISO, Vodafone India making a point during
the discussion on Governance, Risck and Compliance while other panelists look on.
D I G I TAL AGE
48 21 DECEMBER 2009 thectoforum.comCTOFORUM
The Decade of Digital Decadence
A decade since the human race overcame the fear of Y2K, technology has made inroads into our DNA. BY RICHARD GOUGH
At the end of the 20th century technology entered into the next millennium - the focus of the world’s media. The big question was would the
world melt down at midnight on the 31 December 1999 as the world’s computers
fell foul to the Year 2000 (Y2K) bug. This bug was caused by the practice of abbreviat-ing a four-digit year to two digits in many of the early computer systems that the world now relied on. Some programs could not distinguish between the year 2000 and the
year 1900 and it was feared that this practise by IT professionals to save precious com-puter memory could bring a much feared melt down of computers around the world. However, clocks ticked, parties were held, and for a moment we all held our breath at the thought of what the next millennium and decade would bring. More importantly, would our technology survive the transition into the 21st century?
Ten years on we not only have witnessed the survival of our technology but possibly witnessed the first decade of digital deca-dence - a decade where our self-indulgence with technology has changed our cultural and working landscape beyond all recog-nition for us and future generations to come. The first decade of the 21st century
has turned the use of technology on its head. Like the Dandies of the 19th century decadence era, for whom looks were every-thing, today society seems to be driven by an unending appetite for digital decadence. This is a landscape where a mobile phone is no longer for speaking but is the centre of the social media world. In this 24/7 ‘always connected world’, products like the iPhone and Blackberry are king providing the digital hub that drives societies pas-sion for technology.
But at what cost does this digital decadence bring with it?
D I G I TAL AGE
49thectoforum.com 21 DECEMBER 2009CTOFORUM
In the UK, a new term “e-rage” has been identified in a survey by the Internet service provider Eclipse Inter-net. This survey looked at the effects of email downtime on staff in a
selection of businesses types, and demonstrated that “the frustration of not having access to email can see them resort to extreme measures in an attempt to fix the prob-lem”. This extreme behav-
iour extends to both agitated “mouse-clicking”, kicking computers and verbally abusing IT staff. There is also the human aspect of being connoted on a 24/7 basis. In 2001, the technol-ogy author Gil Gordon coined the phrase “defensive overworking”, which suggested that people now worked longer hours because of technology and a fear of unemploy-ment. Gordon suggested that this “may be why some people who in the mid-1980’s would never have dreamed of interpreting their holiday to con-tact the office now carry a Black-berry and check their voicemail and email regardless of the fact they are enjoying a break.
Technology has changed everything in the last ten years including how we listen to music, take photographs, watch movies, communicate, socialise, shop and even meet people for sexual encounters, love and marriage. We have a generation of children that have grown up digital, that have no idea what is like to not to have the Internet or a mobile phone at the centre of their social world. This has, in turn, brought problems with it as the darker side of society found that lurking in digital meeting places was another way of accessing the vulnerable and naive. For every new digital product realised there is a new digital challenge for IT pro-
fessionals to ensure data is protected and a company's intellectual prop-erty is not stolen. However, a number of other key technology events have helped highlight the importance of technology and in particular the use of consumer technology in this digital age. When President Barack Obama took office as the first black American President on 20 January 2009 history was made. By embrac-ing technology, and in particular social networking and instant messaging, he has helped on his journey to the White House. The use of www.barackobama.com changed the way politics is played on the Internet, and on the ground.
Obama connected to a new generation of voters across America by allowing his cam-
paign and message to become viral through sites like Facebook, You Tube and the short message blog service Twitter. The main devices these messages were viewed on were consumer mobile phones and laptops of this new generation of voters who went on to spread the Obama message to their physical and virtual friends.
The impact of digital decadence does present a challenge to IT professionals and the workforce who rely on it. It impacts on
the fine line between what is work and what is home life due to the now ubiquitous nature
of email and access to work sys-tems. But in a digital age society adapts as we have done before with previous new technology. It is thanks to technology that water can reach our homes. Food can be processed and preserved help-ing make it easier for us [the human race] to satisfy our basic needs. It could be said that many people in many countries can lead a luxurious life, thanks to technology. As knowledge becomes the new basic need we now see a new generation of workforce and consumer seize upon its access [to connect online] at every opportunity.
Like clean water and sanitation was a must to our forefathers, 24/7 access
to information is a necessity for our digital decadence generation, not only to survive but also to pros-per Here's to the next decade of digital decadence and all the inno-vation it may bring!
—Richard Gough is Charted IT Professional, Fel-
low BCS, Chartered Institute for IT and Member
of Institute of Leadership and Management. You
can follow him on www.richardgough.com
24/7 ACCESS TO INFORMATION IS A NECESSITY for our digital decadence generation, not only to survive but also to prosper.
52 21 DECEMBER 2009 thectoforum.comCTOFORUM
VIEWPOINT
Decision-making web. How
to make smarter, faster decisions everywhere
ACCORDING to James Surowiecki in his book, “The Wisdom of Crowds,” the answer may lie in harnessing col-lective wisdom or the wisdom of crowds. Well, what if we could access online the Wisdom of the World (WoW) for decisions involving busi-nesses, products, services, places, and even personalities? Wouldn’t smarter and faster decisions on everything be just a click away?
For example, if we are thinking of buying a product, using a service, visiting a place, or even dealing with a workplace or personality, we would be able to know the painful and delightful experiences of members in our social network as well as the ‘world’ regarding the product, ser-vice, place, or personality. If such a web of information were instantly available, wouldn’t we all be mak-ing smarter and faster decisions? In such a world, we would be making decisions that really maximise our delight while minimising our pain.
Google dominates the world of Internet search. The Red Ocean of Internet search is littered with corpses
such tools. Another tool is the Deci-sion-making Web. After all, many people deeply and often want to make smarter and faster decisions. What if one could access the world’s wisdom in just one click?
At its core, a search engine is an instantly searchable repository of website addresses, a modern “Yellow Pages” of the Internet. Yellow Pages are often used to find where businesses are located in an area or a region. A Yellow Pages book contains a listing of physical addresses. In contrast, Internet search engines provide web addresses or links that are most rel-evant to a query. But what if there was a decision-making engine that went beyond providing web addresses? What if there is a social network that allows people to easily document their painful and delightful experiences regarding products, services, business-es, and places? Wouldn’t such informa-tion on customer experience be valu-able to us when making our decisions? That’s what we are piloting in the Wisdomsourcing group on Ning. It’s an exciting collaborative project.
that have tried to unseat Google from its top position. Do people still remem-ber Cuil, Wikia Search, or Powerset? ‘Once positioned as a Google killer’ may be the epitaph shared by these search engines that haven’t quite taken off. Nevertheless, the relentless attack on Google Search continues. Bing is Microsoft’s latest attack on Google Search. Positioned as a “decision engine” that helps people to “make smarter decisions,” Bing currently has about 10 percent of Internet market share in the US. In contrast, Google Search has over 60 percent. So, how can a business best compete with Google Search? Should businesses in future engage in head-to-head compe-titions with Google in the Red Ocean of Internet search?
Effectively competing against Google Search requires that a business rede-fines the perception and meaning of Internet Search. One approach is to develop a Blue Ocean tool that creates an uncontested market space while making traditional Internet search largely irrelevant. Social networking such as in Facebook is one category of
ABOUT ROD KING: Dr. Rod King is
a thought leader,
consultant, and
trainer on Trade-
Off Mapping
& Customer
Experience
Innovation as
well as Blue
Ocean Project
Management.
The goal of these
approaches is to
facilitate visual
analysis, innovation,
and decision-
making for 'hit'
products, services,
and business
models.
ROD KING | [email protected]