Tuesday, June 7, 2016

8 items to put on your CIO ‘bucket list’

8 items to put on your CIO ‘bucket list’

Show a bit of foresight and create a list of things you want to do before you leave your job as a CIO.

 
http://www.cio.com.au/article/600870/8-items-put-your-cio-bucket-list/
We all are aware that the average time a CIO spends in a role is 3 to 4 years. Of course, there are exceptions but often, a CIO has done what he or she needs to do by the time year 4 rolls around.

Given that it’s likely that it won’t be an overly long stay, it’s always good to have a ‘bucket list’ prepared of tasks that you must complete during your time in the role.

The CIO ‘bucket list’ will vary according to the experience of the respective executive, and not having one shows a lack of foresight and perspective. It is also just good career management.
What’s on your list?

For every CIO I would anticipate that there would be some degree of similarity and also an element of individuality. Here is what I expect to be in that common bucket:

1. Create a CIO succession plan
Take the time to help talented individuals build the capability they need to succeed. This may be immediate or in the next generation but you have developed leaders who can learn from your own approach and eventually become a CIO.

2. Salvage careers
In every place that I have worked I have seen examples of staff that have been written off by their supervisors or peers. As a CIO, one of the most rewarding aspects is to identify who has been wrongly classified. I recall a number of such persons and indeed one person who is now a CIO but was considered to be not of that caliber.

3. Experience different industries and countries
It’s an incredible privilege to get given the opportunity to be a leader in different industries and countries. There is reward for yourself in learning about new cultures and business models, which enrich you and make you a better leader.

4. Forgive those who trespass
Every CIO will have stories of examples of poor behaviour from colleagues, supervisors and peers. In some cases this is directed against yourself or your team members.
 
It is easy to be caught in the moment and react, but try the harder path to be ‘zen’. Forgive them for their poor judgments and move on - actually it is hard but it helps you as well.

5. Give back
There are multiple ways that you can help others and traditionally this has been to mentor new talents and potential CIOs. Another option that you can try is to be an advisor or mentor for an innovative startup. This is not about monetary reward but that you are actually really kick starting someone else’s life.

6. Strive to always be uncomfortable
Seek comfort from uncomfort, when things are too simple and easy then you can’t be doing your job. In fact you are threatening the legacy that you so dearly want to leave. Be comfortable by being uncomfortable; in other words, break out of your comfort zone. You need to do this if you want to lead a team of true change agents.

7. Choose the healthy option
Your personal health matters and being able to disconnect is an incredibly healthy sign. This is not about the work-life balance as we all know that is always out of kilter. Instead be mindful of the need to make healthy choices – don’t ever skip lunch or forget to take that break you desperately need. If you don’t put your health first, your work will suffer.

8. Be a leader
Have the courage to always do what is right, not what you think others want of you. That is really being a leader and having the courage of your own convictions. When you take this path, you will always be able to use integrity as your compass.

So it’s now over to you. 8 items on your bucket list is a good start – see if you can think of two more to make it ten!

The 3C’s of digital transformation

The 3C’s of digital transformation

Having the right capability, capacity and culture are the key to the success of digital transformation projects.


 
http://www.cio.com.au/article/599722/3c-digital-transformation/
I recently ran two events in the same week on digital transformation and it was a unique juxtaposition.

One event was attended by more than 150 enterprise sales managers who are striving to learn how to sell digital transformation strategies to the c-suite. The other was attended by an elite group of more than 20 CIOs who were sharing stories about the challenges they face when rolling out digital transformation projects.

It struck me that in both cases that there were 3C’s that were key to their success. Both parties were all trying to achieve the same goal for different sets of customers. In both cases, external customers and in one case also an internal one.

3C’s for CIOs: Capability, capacity and culture
For the group of CIOs, I asked the question for their respective enterprises as they looked forward on these 3C’s. What were their gaps? Did they have right digital ‘capability’ to drive the enterprise forward?
  • Design thinking
  • UI/UX
  • Lean startup
  • Customer journey mapping
  • Analytics
  • DevOps
I then asked the CIOs if they had the ‘capacity’ to manage true transformation in all of these areas.

Every transformation creates stress and strain, I’ve never seen any organisation have excess capacity – particularly of the right capability.

Bearing in mind some past scar tissue, I also asked if their enterprises had the right depth in of staff and skills to tackle the peaks of the effort required to make that breakthrough and truly transform their processes. Most were struggling with the bandwidth that was required.

Finally I asked the CIOs if they have the right ‘culture’ that will enable and sustain the digital transformation. The CIOs all gravitated immediately to the gaps in their organisation’s culture.

It is clear that they understand that both in the business and in IT, that there are significant gaps which will impede the success of digital transformation.

Culture is all about the right ‘mindset’, and how do we create this with our own teams and indeed with business partners. And this is not about ‘good or bad’ culture but more about culture that will embrace and support this digital transformation.

3C’s for enterprise sales managers: Capability, culture and content
In the second session, I ran a fireside chat with the CEO of a respected enterprise provider. This organisation is moving into a broader solution set and as a result, looking to engage with the c-suite.

The CEO’s team of 150+ sales and sales support members were keen to make the leap into providing tools for digital transformation.

My role was to help them prepare to make this pitch to the CIO and his peers. It is clear that these meetings are a critical element of their overall account management and sales approach, and we talked about the best ways to tackle this. I even suggested that if the CIO looked too distracted should he suggest the meeting is rescheduled?

It was insightful that this organisation, like many of its competitors, understand that digital transformation is where their customers are facing. Hence they want to be able to sell solutions to meet this demand.

We also talked about the day in the life of the CIO, and how to prepare for a pitch. It is clear that suppliers are providing ‘capability’, but to succeed they too need to have the right ‘culture’.

By ‘culture’, what was meant was confidence – that their solutions would stack up against new competitors and they the planned approaches in this new territory would have a high probability of success.

And there was a new ‘C’ and that was ‘content’. This was a weapon to be used to help position their capability, I explained that being able to share a best practice use case from another industry is powerful.

For instance, being able to add that a client ABC has 100 per cent hybrid cloud or big data implementation and you would be happy to ‘connect’ them is the really a big deal.

How the sales manager can help make the CIO, understand and learn new things can potentially also make him or her look good.

Selling to the c-suite
No CIO ever wants to be ‘sold to’, but we all want to have good partners to work with and rely on.

It is intriguing when you start to look at the idea of would a CIO want to have a partner sell to his c-suite and the answer is ‘maybe’. This all depends on the level of trust that exists and the partnership that is in place.

Every CIO during a transformation needs to add capability and capacity. The leader also wants this to be a good cultural fit, and needs to be able to sense if a partner has the right stuff.

My personal hypothesis is that the way to sell this to the CIO is around content.
Using stories that illustrate your products is key and when others are doing this, then it’s even more powerful.

Yes, content is king – but is a means to an end.

Friday, May 27, 2016

Why continuous monitoring is like observing your teenager

Why continuous monitoring is like observing your teenager

http://www.computerworld.com.au/article/593819/why-continuous-monitoring-like-observing-your-teenager/
 
What is continuous monitoring?
For many parents, keeping an eye on your teenagers is a critical activity. You worry about all the bad things that could happen and try to prevent this from occurring.

There are technologies in the market for the nervous parent, such as TempTraq – which provides a 24-hour intelligent thermometer. It continuously senses and records your child’s temperature and can send alerts to your mobile device.

The problem in enterprises is that we have, metaphorically, a bunch of teenagers working for us and we have no choice but to ‘trust but verify’. These teenagers want to work with corporate data on their mobile devices from every airport and locations that are uncontrolled.

Enter continuous monitoring

Continuous monitoring is on the brink of doing to cyber security what cloud deployment did for global productivity.The definition:“Continuous monitoring is the process and technology used to detect compliance and risk issues associated with an organisation's financial and operational environment” 

Every good CIO and CISO has this on his or her watch list of new technologies to, er, monitor. Continuous monitoring has a role to play to prevent data breaches and also assist enterprises to achieve compliance.

The old-fashioned password, even the strong ones are usually insufficient.We witnessed LastPass get hacked recently, and, as suspected, this is about the human element and tricking someone.

Biometrics only take you part of the way
Most banks have been quick to embrace biometrics – finger, face, voice or iris.These are good 2nd factor authentication approaches and can bolster the security that is already in place.

Biometric authentication technologies can lock things down “using something we are rather than just something we know”. But there are issues with adopting this approach.What happens when there is an accident or a person is sick – then the finger is injured or voice different to normal. You are locked out of the account.






What is continuous monitoring?

This is all about watching multiple factors to constantly validate who you are.Yes you got the right password from an IP address that is recognized. Then you are also accessing the same applications that you normally use at the business hours that you usually keep.

But it just goes deeper.


The best way to introduce this concept is to look at a few examples.
Darktrace
Darktrace is a startup that is based on the biological principles of the human immune system and uses advanced machine-learning technology to analyse raw network traffic. This startup has already raised $110 million in VC funding.

There are no signatures or patterns that are predefined; instead Darktrace’s machine learning technology “allows it to learn what is normal for a company’s network environment, so that it can then determine if any behavior is abnormal”.

Biocatch
Biocatch is another startup that has a unique approach to continuous monitoring and it is a little spooky. It is watching you and how you interact with the technology.

It uses all the data from the accelerometers that are built into modern smartphones.BioCatch records comprehensive data on all of these movements, acting as a sort of seismograph.

“We can not only detect it, we can try to see if it is consistent, because if it is and you don’t look like other people, that is a very good way to analyse your behaviour and see if it is you operating within your account,” the company says.

A great mobile banking example
Turn it on and you will be observing very subtle things like the angle you hold a device and to the way you browse around an app. How hard you are tapping on the phone and the speed that you type.

This is all based around building an individual profile for you; you yourself are unaware of these small idiosyncrasies. Once this pattern is established it operates as a background tasks, always watching – when something unusual occurs then you may be flagged for closer monitoring.

We all use the keyboard differently, including commonly used keys. A small example —I never use the numeric keypad but I know that my wife will routinely use it. Continuous monitoring software can measure hundreds of these parameters.

Biocatch will build a profile after 10 visits of around 500 parameters — ‘physiological’ from your smartphone and ‘cognitive’ from how you use your PC.

Maybe I was right - it’s just like watching your teenager?

How does Singapore's startup scene compare to Australia's?

How does Singapore's startup scene compare to Australia's?

http://www.computerworld.com.au/article/593974/how-does-singapore-startup-scene-compare-australia/
 
The Singapore government has a framework to support startups at every stage of their journey
I recently had a discussion with Neal Cross the chief innovation officer at DBS Bank in Singapore.
It started with a statement from me, noting that based on a recent visit to Singapore it seemed that the innovation startup scene is stronger was Australia.

Neal said that he has had a meeting with the Singapore minister for education, as he had commented that there were not enough startups and entrepreneurs in the country.That being said, Neal thought that Singapore will win ‘hands down’.

The case for Australia
I argued that we had the smartest prime minister for many decades, who also had built and owned a technology startup.We have an innovation minister who is engaged with the community and ecosystem — things were looking positive, with many new startups (particularly fintech startups in both Sydney and Melbourne).
Further, I added, we have a great premier in NSW who ‘gets it’, and the ongoing competition between Sydney and Melbourne will serve us well.
Innovation is high on the on the national agenda.

The case for Singapore

Neal noted shared that unlike Australia, Singapore is flush with funds — and VCs in Singapore can get funds from the government with only an expectation of a 5 per cent return.

A big believer in getting the model right, Neal explained that the Singapore government has a framework to support startups at every stage of the journey — from pure R&D activity all the way through to series B and even C.

It can also provide space, mentorship, incubation and acceleration.
In Singapore there is the EDB (Singapore Economic Development Board), NRF (National Research Foundation), Spring (for seed funding) and IDA (Infocomm Development Authority).
 
Support from the government also extends into corporate, and DBS has active partnerships with EDB, IDA, NRF and the regulator MAS (Monetary Authority Singapore), to drive a cohesive strategy to help turn Singapore into a smart nation.

The jury is out
Australia has a larger population and a naturally innovative mindset. We need, however, to make shifts to how we encourage the ecosystems to operate. It is the interaction between business and government that appears to be where we need to do the most homework.

We should be aiming higher, but the reality is that we are not yet set up for success.
 

The problem with cloud


The problem with cloud

What barriers to cloud adoption are holding enterprises back?

What barriers to cloud adoption are holding enterprises back?
 
http://www.computerworld.com.au/article/594537/problem-cloud/ 

Cloud has made headway but within most enterprises it is still confined to a minority of workloads.
A survey by RightScale (PDF) revealed that almost 70 per cent of enterprises ran less than a fifth of their workloads on cloud services.

Why is this the case?
Moving applications from each enterprise from legacy is not that easy, with most of these solutions not having been built with the cloud in mind.

The truth is also that the discipline around test management means that the test scripts are likely to be quite specific to the legacy infrastructure.

There is significant work in recreating test scripts to validate this on the new cloud platform. Perhaps the costs of migration outweigh the potential savings.
Decision making is split
To move the bulk of applications to the cloud will require business agreement — and this is not merely a decision for the CIO.Who pays? Answering this question is always going to a significant factor.

The way I see it is the only way is to take an enterprise approach and sweep all these into a single budget with a savings target to achieve. The decision making can be still business and IT but it is completed at a holistic level.

Unfortunately this is not the reality at most enterprises.

True commitment to cloud strategy
To be truly committed is to be ‘cloud first’. But who has really done this? From what I understand Suncorp, GPT and News Corp have been very aggressive with cloud adoption

Compared to many enterprises, however, they remain an exception. Many of the Big Four banks, for example, would not be considered to be ‘cloud focussed’ and perhaps at best ‘cloud explorers’, according to the RightScale methodology.

Cloud readiness in IT
Are we ready for the cloud? For most teams there are new skills to learn and risks to consider.All current monitoring, security and reporting tools will need to be evaluated and perhaps a change required in order to manage a combined cloud and non-cloud environment.

There are usually staff reductions in the infrastructure teams and as a result a ‘go slow’ attitude.I’ve heard a story from a few good sources about a Big Four global head of infrastructure saying he “never wants to ever implement cloud”.

Quite a silly thing to say, given this was based not on logic but more personal preference and positioning to maintain power.But resistance both passive and active will have a slowing effect.

DevOps maturity
To get the true benefits of Cloud, we have to be able to integrate the whole process of getting code into production.Most enterprises are making progress with adoption of Agile. I’m not convinced that DevOps has progressed as quickly and more maturity that is required in these new processes.

Without this maturity, there will not be the same uptake as our appetite.

Cloud security
There is a need for new approaches to security to take an enterprise into the cloud world.It is equally important for cloud beginners, cloud explorers and cloud focused organisations.In the absence of this capability projects will remain stalled.

Unfortunately, security resources for BAU are heavily invested in existing projects and there is not that much capacity for cloud projects.
Legacy and cloud integration
This is still at a somewhat clumsy stage with the degree and ease of integration limited between the newer cloud applications and enterprise applications on legacy.

Having to navigate between non-cloud and cloud applications across a business process can cause frustrations.This is a problem not just for the architects; but what is needed is a new blueprint to take these a collection of new startup apps and figure out how this replaces and/or integrates with existing technology.

This creates a new level of architecture maturity and discipline.

My crystal ball:

Cloud adoption will never be 100%: This will only happen for new enterprises that have no legacy. The cost and benefits of migration will get in the path of this change. This will also be adversely affected by the earlier factors I outlined.

Industries that are moving to digital will be faster adopters: Yes, a no-brainer. New digital channels work better on cloud thanks to the ability to be able to scale swiftly.

Industries facing significant cyber security threats will be slower adopters: Unfortunately many that are moving to digital channels for opportunity are also going to be facing cyber security threats.This will create natural gravity and slow down any momentum.

Take away the choice: The problem with cloud is that we expect corporate IT to immediately embrace and move. But that’s not going to be the way it pans out.
New startups all embrace cloud as it their only choice.

While there is choice, there will be a slower uptake.That’s simple: Remove the choice and enterprises can move faster into the cloud and perhaps also compete on level terms with startups.

What kind of CIO do I want to be?

What kind of CIO do I want to be?

David Gee offers his insights on chief information officer archetypes
http://www.computerworld.com.au/article/597319/what-kind-cio-do-want/

It is arguably the greatest job in the world – so what kind of CIO do you want to be?
[Read part 1 of this series Who wants to be a CIO?]

Well, I’m sure that like me you have observed some really good ones and some poor ones. To protect the innocent, I’m not going to mention any real names or ‘pseudonyms’.But I have to use some actual stories to illustrate.

In my 18-year career as a CIO, I have observed leaders that had qualities that I admired; frankly every one had some good attributes. The question is always: Do the good attributes overshadow the bad?

It is only by reflecting on different characters that you can try to distill what is the real essence of that leader and what makes that person great.What kind of CIO do you want to be like?
There are many types but let’s try to summarise these into a few categories:

The Machiavellian CIO
Let’s start with the one you don’t want to emulate: The Machiavellian CIO.This is the one who has read The Prince and actively re-models him- or herself on it.This CIO is all about allegiances and alliances, and is willing to cross over to the dark side willingly and without any conscience.

Machiavellian CIOs can be either male or female. It is not about testosterone but more about the survival behavior.The trait to observe is if ‘fear’ is used as a weapon on a regular basis. When you see that then, I suggest you have found one.
It is not a bad thing, to want to survive. The question is more about personal integrity and what you stand for. There are times as a CIO that you have to wear this ‘hat’, but I personally think this is old school management.

The Transformational-Entrepreneur CIO
A rare species. They are always looking at the bright and shiny objects.You can learn some great habits from these CIOs in terms of how they think or even ‘think about thinking’.
Entrepreneur CIOs are all over external ecosystems and focus on digital, big data, cyber security and customer experience.They do care about operational IT, but only that it runs smoothly and is a platform for their new ideas.

Often their weak point is around attention for details; they love to have staff around them to fill in this gap.

By nature, this CIO is about inspiration and vision and rarely uses the ‘fear’ approach.They are collaborative and want their staff in the world to also be inspired.

Working for this boss, will be exhilarating and fun (at times) but can be stressful as they push the boundaries and make you stretch. They think abstractly and are hard to keep up with.

The Professional CIO
A much more common species, these are solid citizens who get on with supporting the business and getting things done. They do not have the high highs or low lows, are much more consistent and balanced.

The Operational CIO is perfect for ‘Run IT’ and can sometimes stretch into ‘Change IT’. However, they tend to get uncomfortable with truly being the leader for a Transformation.

They are organised by nature; you will see that they have strong governance in place, with weekly operational staff meetings. The Professional CIO is in control and manages the whole portfolio.

They have good staff coaching skills and are very effective at managing their team and the customer’s demands.

Got-there-by-chance CIO
Then there is the CIO that doesn’t really fit any of these categories. They have come from an unusual background via the business or after completing a major program of work.

Their career path has not been aimed at reaching this role, but nevertheless they found themselves in this senior position.Typically, their experience is quite narrow in terms of IT, but they usually have other attributes that can compensate for this gap.

In some cases, they have excellent interpersonal skills or great ability to analyse and drive programs of work. The ‘got there by chance CIO’, is never that comfortable in the role but will become more at ease over time.I’ve seen brilliant CIO’s that have come from strategic business roles and been elevated into global CIO positions.

What happens is that their strength is also the weakness. In some cases, being naïve and curious can be valuable; it can also mean that you don’t have any context to understand what has gone before.

Frankenstein CIO

Yes, technically Frankenstein was the scientist, but with this category I am more interested in evoking a creature created out of an assortment of different parts. My view is that the best CIO is a combination of all three of the three preceding positive CIO archetypes.I have worked for all of these different types of CIOs in the past.Taking the ‘best’ parts and rejecting what I consider to be their ‘worst’ attributes has been the approach I have adopted.

I’ve had an unusual career with 18 years as a CIO in a 28-year career; I was elevated earlier than many of my peers. Because of this I really wanted to be the best CIO and observed others in action.

In many ways I believe that I am myself a Frankenstein CIO. If your ambition is the top job in IT, the question you need to ask yourself is: What kind of CIO do you want to be?

Who wants to be a CIO?

Who wants to be a CIO?

David Gee offers his take on what it takes to become a chief information officer
http://www.computerworld.com.au/article/595553/who-wants-cio/

For many IT managers becoming a chief information officer is an ambition that may be openly or — more likely — secretly hold.

Being the CIO can be the greatest job in the world and, some times, the worst.
A natural starting point when trying to understand the top role in enterprise IT from the perspective of someone with the ambition of becoming a chief information officer may be to think about one or two CIOs that you have worked with in the past.

That’s okay, but I would encourage you to start observing a broader sample set.The more senior executives that you can learn from the better!
From my own standpoint, I’ve worked with many good executives and also some who are not so great.You will learn from both — traits that are worth emulating and pitfalls that are worth avoiding
So who wants to be a CIO? It may be the highest paying role in IT, but with it comes the ‘A’ from the RACI model (Responsible, Accountable, Consulted and Informed). The buck stops with the CIO for so many things.

The CIO is supposed to take all the ‘heat’ from management — although I have seen some bad ones that just reflect this to their staff.

When you are the CIO you have a job that has incredible variety and you are expected to be broadly experienced, wise and fair. The role is testing on the individual but that is also part of the allure.

For me this is what makes you grow and continue to learn; the level of constant re-invention is the best part of being a CIO. (Later in this series I will talk about the different types of CIO that exist and
I’m sure that you will identify with some of these characters.)
The loneliest job in the world?
The CIO role can be ‘lonely’ as you have to make the tough decisions.However, my personal belief is that the best CIOs will involve their teams in nearly all decisions, taking their input and then making a final deliberation based on understanding all points of view.

The decisions are tough, as they never occur in isolation — a simple technology decision has short-, medium- and long-term implications.A decision always has a customer impact; it might be small but it can never be ignored.

There is always pressure to have made a decision ‘yesterday’, so being able to handle time pressure and conflict is all part and parcel of the role.Being totally honest in your dealings is the only way to operate.
As a CIO, your decisions are always being second guessed by others and it is best to be able to explain what and why.

Passing the smell test
Passing that ‘red face’ test is always the acid test for the CIO. Being caught out is never a place that you want to be; it just sets a precedent that your team or a business partner will hold up in future.

The personal brand that you have as a leader is what others say about you, when you are not there to defend yourself. That’s the brand that you carry and it always precedes you into a meeting, including with people who don’t know you.
This brand will be part of your executive ‘presence’. So let’s make sure that it is a brand that is positive and resembles what you actually intended it to be.

CIO = career is over?
Most CIOs have a fairly short tenure; around three to four years. Not surprisingly the tenure of the CEO is around five years and this is a clue to the length of time CIOs tend to spend in organisations.
There is much to be said for the CEO wanting his or her CIO to be a certain style and have a compatible approach to their job.

When you get a gig as a CIO, it is always important to work out where the CEO is in his or her own career path in the organisation. I have even asked this question directly in the first few weeks. By doing this you can try to ensure that you are aligned to where that boss is actually going.
When they are in different stages of their own career, both broadly and more specifically within a particular company –this can inform you of what might be their preferred approach. I’ve nearly always had as a boss a CEO who brought me into the organisation with a mandate for change.

Everybody wants a piece of you
The role has evolved over the 18 years that I have performed as CIO across 15 countries.There have been new partners to work with and a constant trend for new technologies to emerge.

To start with the CIO traditionally worked for the chief financial officer and that was an interesting relationship. I’m not saying this is inappropriate but to make it works requires complete honesty and to basically ensure that the CFO understands that his or her own priority list has to be part of the overall business portfolio.
 
The CIO has to work with the chief marketing officer, the COO, the CRO and the CEO.
Each of these executives will have different requirements and approach. That’s all part of the fun of the role.In the last few years you have had to also work with chief digital officer, chief innovation officer and chief data officer.

Everybody wants a piece of you and I mean that in the both positive and negative sense. It is arguably the greatest job in the world.
(This article is the first part of a series on what it takes to become a CIO.)