Information security professionals must keep skills up to date – 2/17/2011 – Computer Weekly

February 22, 2011 Leave a comment

Information security professionals must keep skills up to date – 2/17/2011 – Computer Weekly.

Filed under Uncategorized

2010 – A Failure in Strategic Technology Leadership

January 3, 2011 Leave a comment

Watching the swings in technology predictions over the past few years, Technology Leaders continue to pursue short-term and reactionary technology implementations rather than pursuing strategic planning that focuses on the technologies and applications that will position a business for growth, performance, and enhanced value.

Top 10 of 2009 Top 10 of 2010 Top 10 of 2011
1. Software as a Service (SaaS) 1. Green Computing and Energy Efficiency 1. Security
2. Virtualization 2. Public and Private Cloud Computing 2. Business Intelligence
3. Enterprise Mobility 3. Virtual Desktop Infrastructure (VDI) 3. Virtual Desktop Infrastructure (VDI)
4. Energy-Efficient Data Centers 4. Mobility, Telecommuting and Virtual Meetings 4. Virtualization
5. Security, Risk and Compliance 5. Centralization, Standards and Governance 5. Mobile IT
6. Social Networking 6. Knowledge Sharing, Business Intelligence and Social Networking 6. Software as a Service (SaaS)
7. Web 2.0 7. Security, E-Discovery and Business Continuity 7. ERP, CRM and BPI
8. Document Management and E-Discovery 8. Advances in Application Infrastructure 8. Hardware Refresh
9. Project Management and Project Portfolio Management 9. Investments in Hardware Infrastructure 9. Monitoring and Management of Social Information
10. Web and Video Collaboration 10. Collaboration, Workflow and Productivity 10. Unified Communications

Source:  Baseline Magazine, Annual IT Survey (http://www.baselinemag.com)

Baseline Magazine’s Annual IT Survey doesn’t report the percentage of new vs. repeat respondents, however these swings in technology trends are well documented throughout many sources.

The financial crisis of the past two years challenged Technology Leaders to deliver well architected, properly financed and sustainable solutions; unfortunately, the swings in technology trends suggest that the leaders were focused on technology adoption rather than positioning their business for growth, performance, and enhanced value.  For instance, the swing in Security (#5 in 2009, #7 in 2010, #1 in 2011) suggests that Technology Leaders choose to curtail security planning and architecture while pursuing new technologies, and now must spend more, and work harder to implement security behind the implementation of technology.

The failure of the Technology Leadership to keep the organization focused on achieving well architected, properly financed and sustainable solutions during this financial crisis is similar to the dot com bust that followed un-checked spending on technology ahead of business growth, performance and enhanced value.

Financial challenges are a part of our economic cycle, when Technology Leaders are not adopting strategically aligned corrective courses of action; they tend to follow technology trends, such as:

  • Adopting cloud computing to reduce costs rather than to improve the business’ ability to grow (#2 in 2010, not on the list for 2011)
  • Decentralizing or centralizing, without changing the players (#5 in 2010, not on the list for 2011)

The Technology Leadership role continues to be dominated by leaders who fail to recognize, understand and respond to business and economic trends.  Ten years ago, the Chief Information Officer was thought to be a part of the C-Leadership suite, but most have failed to achieve this goal, as they never moved beyond the stereotypical management style that has plagued Technology for more than 20 years.

Today’s Technology Leaders must – understand Business and Enterprise Strategy, partner with Marketing, Finance and Operations, and focus on Risk Management and Operational Excellence (5 Principles).

Filed under Technology Leadership Tagged with , , , , ,

Contract Penalties do not solve Contracting Issues

September 4, 2010 Leave a comment

For more than a week, three Virginia state agencies — the board of elections, the departments of motor vehicles and the department of taxation have been experiencing “…major computer issues that are hampering their daily operations…” as reported by Marcella Williamson, a spokeswoman for the Virginia Information Technologies Agency (VITA), which oversees the state’s computer network.

Unfortunately, this isn’t Virginia’s first major outage with their outsourcing partner – Northrop Grumman (NG).  In Oct 2009, a legislative audit highlighted deficiencies in planning, communications, and risk management, which lead to interruptions in government services and project delays and eventually contract amendments.

Read/Download the Report at http://jlarc.state.va.us/meetings/October09/VITA.pdf

Lessons learned during the audit include:

  • Vendor’s experience & understanding are key elements for success – success is enhanced when all parties fully understand the goals of the project & have demonstrated the ability to meet them
  • Partnership still requires experienced staff in the public entity
  • Partnership may not produce savings
  • Full & careful evaluation of proposals is critical

Outcomes of the audit included personnel and organizational changes along with contract amendments (see sidebar) – yet problems still exist.

SIDEBAR - Report of the Joint Legislative Audit and Review Commission To the Governor and The General Assembly of Virginia (SENATE DOCUMENT NO. 13 2010)

The most notable change was the elimination of the supervisory body charged with overseeing VITA, the Information Technology Investment Board, which was replaced with the Information Technology Advisory Council. In addition, the State’s Chief Information Officer (who serves as administrative head of VITA) will now be appointed by the Governor and report to the Secretary of Technology, instead of being appointed by and reporting to the Information Technology Investment Board. These actions are consistent with the recommendations made by JLARC staff in presentations to the Commission, the House Appropriations Committee, and the Senate Finance Committee in October 2009.

In addition, on March 30, 2010 VITA and NG signed contract amendments and agreed to implement operational improvements, which have the potential to address several findings in this report

Contracting Services

Contracting for service replacement is far different than purchasing technology through General Services.  Contracting for services requires:

  • An in-depth understanding of key processes and their success criteria (i.e., issuing new drivers licenses with a 0% defect rate in less than 60 min)
  • An understanding of the Enterprise Architecture behind key processes
  • A Portfolio & Project Management methodology that clarifies roles and responsibilities and prioritizes objectives while reducing risk
  • A Risk Management methodology

Unfortunately, Virginia’s focus on organizational changes and contract amendments were not enough to protect critical services from a devastating outage.  They are not alone in their challenges in contracting for IT Services.  Recently Texas announced their intent to rebid IBM’s data center contract and Marin Count recently sued Deloitte over the failed installation of their SAP ERP system.

Texas to rebid IBM’s data center contract - http://www.statesman.com/news/texas-politics/texas-to-rebid-ibms-data-center-contract-865050.html

Understanding Marin County’s $30 million ERP failure - http://www.zdnet.com/blog/projectfailures/understanding-marin-countys-30-million-erp-failure/10678?tag=nl.e539

Conclusion

These organizations made similar mistakes by contracting for services based on a favorable price, rather than strategic decision-making and organizational policies.  The cost savings only approach often leads to cost over-runs, missed expectations and litigation; whereas a collaborative approach focused on solving problems and improving operations, can elevate services and optimize business processes.

Filed under Technology Leadership Tagged with , , , , ,

Google Apps’ Broken Link – a Strategic Focus on User Value

August 18, 2010 Leave a comment

With Google’s Wave dying out, recent Application customer losses to Microsoft, and their Social Networking efforts falling further behind Facebook and Twitter, it is clear that Google has a problem delivering User Focused Value through their application & social networking platforms.

Google loosing ground to Facebook

Read More at CIO.com and ZDNET.com

Google’s Downward Slide

While Google Apps and Google Social efforts lag, analyst Lou Kerner recently suggested that the era of Google’s dominance in Search and Advertising might also be over, as social networking site Facebook continue to be the portal for web users to access other web sites.

“Google is making the vast majority of its revenue on a pay-per-click basis to drive traffic to web sites,” wrote Wedbush analyst Lou Kerner, in a note to clients. “Given its huge base of over 500 million members, the majority of which log on every day, Facebook is already driving more traffic to some leading web sites and it is poised to dramatically grow its share of traffic generation just based on clicks from user news feeds.”

Google shares are down 21 percent this year, underperforming long-time competitor Yahoo, which is down 17 percent.  Kerner initiated Google with an ‘underperform,’ making him just the second analyst to put a ‘sell’ on the stock. The average price target for Google among analysts is $626, while Kerner’s values the search leader at just $525.

Reference Source:  CNBC (see Chart for YTD Value)

Google Apps’ Broken Link

Google has grown and expanded from their single search service to four service areas, Search, Ads, Apps and Mobile.  As Google added services, they relied (mostly) on their practice of internal innovation driven by small teams of Engineers to develop these systems.  This practice works well with Search related services, such as Search, Ads and Mobile (Android primarily remains a search tool that launches apps), where user expectations of value are limited to the retrieval of relevant information.

Unfortunately, internal innovation driven by small teams of Engineers is not a great practice for developing Application and Social Networking services where User Value is determined by a myriad of variable such as ease of use, efficient interactions, and security.

“Google has never come out with any [social networking product] where the experience drove it,” says Jared Spool, founding principal of User Interface Engineering, a consulting firm based in North Andover, MA. “It was always the technology and the engineering that drove it–the experience was sort-of layered on afterward.”

Reference Source:  MIT Technology Review

A Strategic Focus on User Value

Google Wave is the latest example of a Google Application that didn’t offer any real value to the user.

Hopefully the lesson they will learn is that solving the problems of HOW does not guarantee user adoption, and to be successful they must adopt a Strategic Focus on User Value where the combined values of market focus and distinguishing capabilities provide strategically focused user value.

Filed under Technology Leadership Tagged with , , , ,

Accountability in Leadership

June 28, 2010 1 Comment

It’s hard not to think about accountability as we watch the Gulf Oil spill go into it’s 2nd full month, or as we read about Gen. Stanley A. McChrystal’s actions and comments in this months RollingStone.

Recent technology news also brings up questions of accountability as we learned of AT&T exposing more than 100,000 iPad user accounts through an unsecure web application, or as we watched Facebook struggle to resolve it’s privacy issues.

As I follow these stories, I find myself thinking about Accountability in Leadership and how that responsibility shapes and drives the culture of a company.

Defined – Accountability is a concept in ethics and governance equated with the functions of responsibility and liability.

In Action – Accountability is the acknowledgment and assumption of responsibility for actions, products, decisions, and policies within the scope of the role.

In the examples cited responsible parties failed to demonstrate accountability in leadership, BP failed in actions, decisions, and policies, Gen McChrystal (a highly decorated soldier) failed in actions, while AT&T and Facebook’s products failed.

BP’s failures are by far the most tragic, the decisions they made, the policies they created, and their actions have led to the disaster that continues to destroy our coasts and peoples lives.

Gen McChrystal’s comments and actions (as described in RollingStone), where not in alignment with his role which subsequently lead to his resignation.

AT&T and Facebook may have suffered the least from the problems surrounding their products, but that is more a function of exclusivity rather than a lack of concern from the users.  There is strong evidence that customers will leave both AT&T and Facebook should competitors gain a competitive advantage.

Addressing failures in accountability begins with a focus on Ethics and Governance

Ethics (the philosophy of good and bad, right and wrong, justice, and virtue, etc.) and Governance (accountability for consistent, cohesive policies, processes and decision rights) have become focus points in MBA programs following the financial crisis in 2008.

Business schools from Harvard to Berkeley are incorporating lessons from the crisis into their programs to help students avoid repeating the same mistakes.  Among the lessons:

  • Question assumptions behind models
  • Probe for better information about complex products
  • Don’t let greed motivate decisions
  • Understand the role of regulatory agencies and governments

Some argue that ethical behavior cannot be taught and that has to be something that an individual learns as they grow into adulthood.  This is not the first time business schools have focused on ethics and governance following a crisis, ethics classes followed Enron’s collapse, and special emphasis was placed on Sarbanes-Oxley before the collapse of 2008.

Moving Past Short Term Crisis response requires a change in business culture

Crises are unique, their characteristics include:

  • They are unexpected
  • They create uncertainty
  • They are seen as a threat to goals

For years, business leaders have demonstrated their ability to side step crises, and in the process have created a culture that values short term solutions over long-term resolutions.  Going forward leaders must focus on long-term resolutions by turning the crises businesses face into processes of change and transformation.

It is no longer enough to ask, how do we avoid this the next time, rather we must question the assumptions and perceptions behind the models and theories that lead to the crisis.

How do they accomplish this?

Leading companies understand that accountability in leadership is a part of their culture that they must develop and manage.  Examples of these leading companies that develop and manage their culture include, Procter & Gamble, General Electric, McKinsey, Southwest Airlines, and Goldman Sachs.  If your company doesn’t have the benefit of management universities then look for candidates with:

  • MBA’s that integrated ethics lessons into coursework
  • Organization and Business Diversity
  • Collaboration and Teamwork skills and accomplishments

In a recent Newsweek interview John Chambers, CEO of Cisco, suggested that, “a huge part of a leadership role is to drive the culture of the company and to reinforce it.”

Robert Widing, Provost at Thunderbird School of Global Management in Glendale, Ariz., observed that the fiscal crisis in 2008 exposed leaders’ shortcomings, “The roots were in greed and incompetence.”

The bottom line, Accountability in Leadership is a responsibility that shapes and drives the culture of a company.

Filed under Technology Leadership Tagged with , , , , , , , , ,

Understanding Post Recession Turnover

May 19, 2010 Leave a comment

Post Recession Turnover Statistics

Recent statistics show a growing trend of employees interviewing (or looking to interview) for new opportunities, even though most (78%) believe this is the worst job market of their careers.

Data Source:  Adecco Group (Apr 2010)

Background

Understanding why employees willingly leave their jobs following a recession is important to retention and profitability.  Following the recession of 2000, many companies did not anticipate high rates of employee turnover and subsequently they suffered.

This recession has been more destructive (in terms of job loss) than the recession of 2000 (see Unemployment Rate), which may only increase the rate at which employees leave their current jobs for new opportunities.

Data Source:  US Bureau of Labor Statistics (Apr 2010)

Motivation

Management companies are paying attention and examining the phenomenon of post recession turnover.

In a recent Deloitte study (Managing Talent in a Turbulent Economy, Mar 2010), survey results showed:

46% of surveyed executives recalled that voluntary turnover at their companies increased after the 2001-2002 recession ended

52% of surveyed executives predict an increase in voluntary turnover at their companies 12 months after the current recession

The data also suggest that 48% of the executive polled either don’t anticipate high rates of employee turnover or are not focused on it being a significant threat.  Another view suggests that 44% of executives believe additional increases in turnover will lead to future cost savings.

It is a mistake to believe that you can manage a person’s decision to leave, attend to change employee’s minds with counter offers, perks, etc., often only delay departures.  Rather, you must manage the motivators.

Motivators differ from employee to employee, but there are similarities across generations of works, for instance, Baby Boomers often prefer strong leadership whereas Gen X and Gen Y individuals prefer compensation or opportunities for advancement.

Understanding motivators is essential to managing them; the key to understanding them begins with listening to your employees and recognizing how your decisions impact the motivators that influence their decisions.

What Leaders Can Do

Understand that current productivity levels are not sustainable.

Some would say that productivity has gone because employees afraid of loosing their jobs have been working around the clock, while others would argue that productivity is up because companies laid off those who were dragging productivity down.

Regardless of your opinion, it is important that you recognize that many survivors are being pushed to work in ways that aren’t sustainable (see graph below).

Data Source:  US Bureau of Labor Statistics (Apr 2010)

To prevent burnout and employee fatigue you need to recognize that value isn’t generated by the number of hours worked, but rather by how much value is produced during the hours employees are working. Working longer hours, juggling more tasks and answering more emails isn’t the solution.

Recruit critical talent now by taking advantage of sourcing opportunities

Now is the time to assess the greater needs of the organization, finding opportunities where a single, multi-faceted employee can bring value to the organization beyond a single role.

Hiring now may seem like a risk, but revenue growth does not come from cost cutting, rather it comes from competitive and product differentiation, finding a high performer now can save on the bidding war latecomers get into when searching for talent.

Some argue that the high performers are already employed and will bring on a bidding war, as they are recruited.  This simply isn’t so as many committed high performers were among the millions of people who have lost their jobs and used that opportunity to return to school (like myself) or to start their own businesses.

There are the people who are most eager to re-engage in a new opportunity.

Conclusion

Leaders need to act now to stem the high rates of turnover that typically follows deep and long recessions.  Some of the turnover can not be helped as employess are mentally and physically fatigued from years of added work, doing more with less and generally fearful of another round of layoffs.

The keys to effective action include

Listen to your employees – Identify and focus on the most important issues

Invest in Talent and Training – focus on priorities that drive revenue

Differentiate yourself in the talent market – explore what Motivates Your Teams

The Cost of turnover is significant, because of this leaders must take a proactive and balanced view of retention.

Filed under Technology Leadership Tagged with , , , ,

When Security becomes a Liability

May 12, 2010 Leave a comment

Recently Cormac Herley (a principal researcher for Microsoft) published a study that concluded what many users have long suspected and complained about:  many of these irritating security measures are a waste of time.   The study found that instructions intended to spare companies from costly computer attacks often exact a much steeper price in the form of user effort and time expended.  The report argues that users’ rejection of the security advice they receive is entirely rational from an economic perspective.

Reactions to the report followed predictable paths, with users supporting the conclusions, while security advocates spelled out the dangers it presented.  The reaction – not the content – of the paper is what Security professionals should be most concerned about.

The growing separation between users and security is becoming a liability for companies, consider:

Harvard Business Review (HBR) declares “Hacking Work” their #7 Breakthrough Idea for 2010 (http://hbr.org/2010/01/the-hbr-list-breakthrough-ideas-for-2010/ar/1)

In an earlier work “The Compliance Budget: Managing Security Behaviour in Organisations” Beautement, Sasse and Wonham discuss that bypassing security policies on data security is a widely practiced (http://www.nspw.org/papers/2008/nspw2008-beautement.pdf).

In two years, bypassing security went from something rarely discussed to an HBR Breakthrough Idea.  How did this happen?

How Security became a Liability

Fundamentally, Security organizations have spent their time and resources knowing and understanding the threat (hackers, malware, etc.), but not the audience (users).  Worse is that with Social Engineering attacks (Phishing, SpearPhishing, etc.) Security Managers have begun to see their audience (users) as a growing risk.

A 2006 Computing Technology Industry Association survey found that security managers attribute approximately 60 percent of security breaches to human error, CSO Online (http://www.csoonline.com.au/index.php/id;255830211;fp;32768;fpid;20026681)

With users becoming an increased risk, Security Managers reacted by imposing rigorous policies and procedures both within the organization and on the systems users needed for their work, which in turn lowered productivity and raised costs.

Lower productivity led to users finding creative ways around the limiting policies and procedures meant to protect them, and in turn created new risks for Security to address and manage.

In essence, Security became a liability because they failed to understand their users.

Creating a Different Outcome

If we want different outcomes, we have to offer different solutions

It is important to understand that a balanced security program focuses on risk mitigation without impeding productivity.

Valued SecurityWhen security overwhelms the business and users, value is diminished.

Overwhelming SecurityMoving Forward

1) Security teams need to better understand the actual damage endured by businesses and users.

A problem with security advice is that it often exaggerates potential harm.  The advice is offered as protection against worst-case scenarios, but it is mostly ignored as users care only about actual harm.  Research shows that users perform an implicit Cost vs. Benefit calculation when deciding whether to follow security policies and procedures.

Cost is the effort to follow the advice, while the Benefit is avoidance of the harm that the attack might bring.

Therefore, when the frequency of an attack is rare, and given that it imposes a one-time cost, the burden of on-going and ever-increasing security demands ends up being larger than the cost of the following the advice.  Herley examines this Cost vs. Benefit analysis in his paper by examining password policies where the Cost of choosing a strong password, outweighs the Benefit it offers as account protection.

2) Security teams need to determine the attack rate for any exploit when designing appropriate security advice.

Security is well known for its lack of attack relevant data.  Using Herley’s example; can we articulate what percent of user accounts have been compromised because of password strength?

In most cases, Security teams simply do not have (or do not share) information on attack rates (successful and un-successful) and thus can’t show that the cost-benefit calculation is favorable.  Instead, Security teams have relied on depicting worst-case scenarios to persuade and influence the organization.

If Security teams want to be effective, then they must use relevant and factual information to demonstrate attack rates.

3) Finally, Security organizations must combine the actual damage knowledge with the attack rate data to prioritize security policies and measures.

It is important for Security organizations to understand that users are not lazy, and they do not set out to put the company or themselves at risk; rather they make a choice when faced with increased productivity demands and fewer opportunities.

To help employees, Security organizations must prioritize risks and risk management strategies that are in line with demonstrated damage and attack data.  By failing to prioritize, Security organizations are in essence abdicating risk management strategies to employees and must therefore live with the results.

How does Security become a liability?

  • By failing to understand our audience and their concerns
  • By presenting worst-case scenarios rather than actual damage and attack rates
  • By failing to prioritize dangers facing the organization and its users

The goal of Security organizations should be to maximize Business and Technology value, when they fail to do so; they become a liability rather than an asset.


Filed under Information Security Tagged with , , , ,

Competitive Advantages must follow Information – not Technology

April 18, 2010 Leave a comment

There has been a dramatic shift in the ways in which companies gain competitive advantage; previously companies leveraged processes and technology for competitive advantages (look at the growth of SAP and Oracle’s ERP systems).  Today, levering information, not technology, and processes define competitive advantage.

The Global Recession’s Impact on Business

Decades of Business-IT animosity combined with demand for new consumer-oriented Web-based applications (which IT organizations seem unwilling to embrace) and layers upon layers of technology legacy have boiled into frustration and anti-IT sentiment (CIO.com).

Even as the recession turns to recovery, operational flexibility and how fast businesses can seize opportunity will remain the driving strategy. Going forward, strategies, and forecasts will change daily or weekly, if that is what it takes for the business to prosper.

In an article in McKinsey on Business Technology, Michael Chui, a senior fellow, and IT expert at the McKinsey Global Institute explains:  CIO’s are being told to meet demands in three explicit ways:

  • Make the IT function dramatically more productive
  • Use IT more effectively to meet larger corporate goals, and
  • Embrace disruptive technologies that will shape the new economic terrain

With the global recession, CIO’s and technology leaders have to excel at all three of these demands; the bar for success is much higher than that of the past, necessitating competitive advantage through information, not technology and processes.

Information as a paradox

Gartner predicts that the amount of enterprise data will grow 650% during the next five years; increasing both the difficulty and expense in understanding and disseminating information across the business.  To manage all of this data, business leaders need to make technology management decisions based on business strategies and risk management, rather than technology and processes.

This shift in focus is a reality of the new operating environment, where business users have greater control and ownership over data, and business leaders have opted for lower cost managed services over in-house ownership of technology assets – Gartner predicts that by 2012, 20% of businesses will own no technology assets.

Information Management over Technology and Processes Management

Data Graph

Technology Asset ownership vs. Data Growth

The growth in data, combined with the reality of declining technology asset ownership (see inset) necessitates the change from technology and process management to information management.

This shift in focus will not be easy as engaging with business has to change from, a tyrannical mindset to a partnership viewpoint.  Additionally, traditional business and development processes resembling repetition and refinement must shift to disruptive and transformative service based solutions.

Recent discussions on LinkedIn forums demonstrate that technology leaders are passionately divided over the future direction and focus of their roles.  Some argue that technology focused management is more important than ever with the newer technologies, while others argue that business management is more important in the social connected business environment of today.  Unfortunately, these arguments remain focused on technology, which is becoming less of a competitive advantage.

Technology leaders today need to focus on the availability of meaningful information across the business, while managing the risk it presents.

Filed under Technology Leadership Tagged with , ,

The future of IT, foster growth and profitability

February 19, 2010 Leave a comment

The old adage in IT used to be “The Business is IT’s customer,” but that is a belief that goes against the definition of new leadership, sustainable solutions, and most importantly the future of IT.

In their book “The real business of IT: how CIOs create and communicate business value” Richard Hunter and George Westerman describe how a “business is IT’s customer” viewpoint is damaging to IT and offer a more business orientated viewpoint.

“It is a legacy of the era in which the data processing organization was almost entirely populated with people who had very little day-to-day connection with the rest of the business.  Those days are gone, but the mindset subtly persists and it separates IT from the rest of the business in an unhealthy way.” (Hunter & Westerman, 2009)

CIOs must demonstrate that they can deliver services as well, and as economically efficient as any credible vendor, which requires the vision and execution of leadership along with the quality and measurement of sustainable solutions.

To be successful a CIO has establish the management framework that guides the actions of the IT organization, ensuring they support the company’s products and services in the most effective and efficient manner possible.  These CIOs must bring innovation to the forefront, injecting leading-edge technologies into products and services that foster growth and profitability in the enterprise.

Filed under Technology Leadership Tagged with , , , ,

The Evolving CIO role

February 4, 2010 1 Comment

Long term prospects for CIO’s are mixed – the need for the CIO, has and will continue to change as technology advancements enhance business opportunities through commodity based services.  Today users can purchase and customize ERP and CRM modules through cloud-based (inter-networked) services without the involvement of IT, simultaneously enabling competitive advantage while reducing the dependency on formal IT processes.

These changes and challenges dictate an evolution in the role of IT and the influence of the CIO.  A CIO in today’s environment must devote more time to driving business strategy, innovation for competitive advantage and risk management rather than simply managing IT.

The CIO in 2010 must:

  • Be a Business Strategist
  • Be a Transformational Leader
  • Focus on enterprise strategy, innovation, and differentiation
  • Focus on partnering with the business and process transformation
  • Focus on Risk Management and Operational Excellence

The path to CIO can lead in many directions, yet the primary objective of the role remains the same

To provide value to the business through technology innovation, risk management, leadership, and business strategy

read more in the shared PowerPoint – CIO in 2010

Filed under Technology Leadership Tagged with , , ,

Older posts

Newer posts

Follow

Get every new post delivered to your Inbox.