THE FUTURE CIO & CHALLENGES

WHO IS FUTURE CHIEF INFORMATION OFFICER

THE CURRENT CHIEF INFORMATION OFFICER

In my humble 22 years of Global experience across 50+ countries, I had interacted with many CIOs. Some are very powerful people like in Banking, Insurance, Telco, Auto etc and some quite less powerful but solid technocrats mostly involved in solution companies patching various technologies into one creating some of the most complex solutions which actually can be designed in most simplified manner.

For example in Short term Insurance sector, to manage and dig out fraud we use various analytical tools costing millions but no one would like to implement a simple solution like virtual eye which actually filter out the fraud in very first place of origin. So to invest $50 million to investigate $100 million fraud is better or Invest $2 million for prevent $100 million is better. But unfortunately most companies choose the first one because its lobbied, pushed and a nice future picture is presented by some of the most expensive sales people.

So either way what comes into the end user space is a patchwork of rocket science. The most unfortunate part is that 80% of these CIOs don’t want to take risk of innovation and are just internal brokers for big IT Vendors. For example, we say X client is I shop, Y client is O shop, Z client is S shop and so on.

In last 5 years all big IT vendors are trying to say how good and innovative they are building Cloud as if they invented Cloud for the first time. The fact is, when I opened my first Yahoo account almost 20+ years back, what was it? A Cloud based email??

In another joke, today everyone is racing for Big Data. Yes the amount of data what is generated today is much more then what was there before smart phones and would be far greater in another 10 years. The requirement is Quality Data and this requirement is today and was 10 years back too and will be in future. What is required is a robust simple analytical tool to dig out the right stuff.  Even if we get 40% quality data, which is available in current data, the business can jump by almost 250%.

One simple example is “single view of current customer”. Most of customer centric organization like retail, banks, insurance, airline, telco don’t have this in place. They don’t even analysis the user trend with current customers, what they will do with so called BIG DATA?? But still our so called brilliant CIO ask for millions to get it because the big IT vendors have pumped him so much that they believe it will solve all problems.

The fact is that moon will remain where it is and no one can bring it to you weather it’s a big IT vendor or your lover.

We CIOs have to understand that IT is a business enabler and not a business.

THE NEW CHIEF INFORNATION OFFICER

The new CIO is not an alien coming from outer space but a person who has the ability of multi tasking and highly business savvy person. This person has to be one who can stand on rooftop and look around. He should be able to understand the effects of other industries on it’s organization and can plan 5 years down the line along with the cultural factor both local and international.

It is well proven that if you have a CIO who understand business and its surrounding well, is the most successful. Unless you look for someone who is either “yes sir” or “file pusher”.

I have seen many customers especially in South African banking and Insurance sectors where the big IT vendors and consulting houses like the I’s, O’s, S’s, A’s, D’s etc have put in their employees as Sector CIOs. I fail to understand how can they bring in innovation since they have vested interest in pushing business to core employer.

Hence in my view based on hand-on practical experience, A CIO is a multi tasking person with business mind set.

Chief Information Officer : In today fast moving space, Chief Information Officer is a combination of 4 core I’s.

1.     Chief Integration Officer : The integration officer will connect various IT systems. One important task will be bridging legacy and cloud services.

2.     Chief Infrastructure  Officer : Top priorities for infrastructure officers will include eliminating "shelfware," adopting virtualisation and cloud technologies, and renegotiating contracts in the best interest of current & 5 years of organization requirement.

3.     Chief Intelligence Officer : The intelligence officer will be tasked with getting the right data to the right people on the right devices. This includes generating quality data, data mining & analysis.

4.     Chief Innovation Officer : Innovation officers will focus on identifying disruptive technologies and finding ways to apply them in the enterprise in an innovative manner then just buying what is sold by vendors.

THE CIO NEW CHALLANGES

Few years back, the job was quite simple. You have a need, call few vendors, understand their offerings, and discuss cost and award. If it exceeds timeline, blame it on business and get extra time and money.

Today the new requirement is not once in 6 months or year but almost every week at the least and the biggest challenge, how to deliver the solution to business in the least possible time and money.

These new challenges are not limited to solution but governance, standards and to keep the team together motivated all the time. The world has moved toward 24x7x365 and time wasted is nothing but advantage to competition.

Some of the core challenges where I personal work and experience are listed below. I am sure more can be added and that means one need to learn all the time.

•       Technology Strategic Plan

•       The Projects for Business

•       The Projects for IT

•       The PMO Office and Approved Process

•       The Technology SWOT

•       The Vision / Strategic Choices

•       The Strategic Alignment between IT and Business

•       Super Strategic Issues

•       The Technology Structure

•       The Balanced Scorecard

•       The CIO Performance Scorecard

•       The IT Risk Universe

•       Risk and Compliance Challenge

•       King III Scorecard

•       Asset Health Assessments

•       Innovation, Cloud and Mobility

•       Customer Satisfaction Survey

•       Deployment Calendar

•       Application Landscape

THE ROLE OF THE CIO IN CHANGING BUSINESS NEEDS

Till 10 years back, the business had a choice between local operation and global. Today globalization is need and that means changing business expectations. This new dynamics to business has created bigger challenges to The CIO in modern times. The CIO has to change and change very fast. Now its no more a choice but necessity. Either you change or vanish, and till the CIO change, business can’t change.

Hence the new CIO role should have following core skill set / ability.

•       Innovator : Cannot buy source of competitive advantage out of a box

•       Architect : To mould disparate and isolated non-integrated IT worlds into one

•    Personal, Hybrid Skill Set : Ability to blend business and technology experience and knowledge

•       Skills Management : Build Broader IT skills to meet business expectations

•       Strategist as well as a tactical player : Great involvement and focus on activities of a strategic nature

•       Information Broker : Make information and appropriate skills available across the business enterprise

•       New Leadership Style : From command-and-control to lead by example; good people motivator with positive relationships

•       Project Delivery excellence : CIO’s need to make this a key focus area, in alignment with business strategies

•       Build Business Credibility : The CIO needs to build interpersonal relationships with business executives. Get business results from available scarce resources

•       Making a Difference : Continue delivering operations excellence, but now additionally become a business partner in delivering competitive advantage via distinctive project solutions

•       Collaborator : Improving integration and collaboration across boundaries

•       Center of Excellence : Built internal center of excellence for natural learning both on business and IT for continuous team development and reduce dependency on external contractors.

•       Social Media : Today’s CIO should be an active participant on Social Media.

With above explanation of desired skills of Future CIO, the most relevant question is “How The CIO remain relevant for the future”. In my experience and practice following are some of the more relevant steps one need to follow.

1.     Simplify the operating environment, governance, work processes and task priorities that form the context for IT work.

2.     Move toward a simpler organisational structure for IT, centralising infrastructure responsibilities and decentralising application development and implementation responsibilities wherever possible.

3.     Focus some of your time and energy outside the functional IT organisation. Spend time with external Customers, Internal Customers,  Suppliers and social media

4.     Establish clear, explicit goals for shortening IT decision and development cycles. Focus the entire IT organisation on accelerating all of its core business processes.

5.     Manage your own time and personal agenda carefully-and explicitly. Be sure to reserve enough time for reflection, learning, and peer-to-peer networking.

6.     Adapt your leadership style to match the needs of your organisation, combining collaborative problem solving with task-focused direction setting to produce a cohesive, committed organisation.

7.     Focus your time and attention on strategic issues, on external relationships, and on the future.

8.     Develop an open door policy within your organization but definitely your department and motivate people to think out of box ideas.

IN SUMMARY

Greatness in a CIO is not a function of the company they work for, the salary they earn, the size of their title or other factors.  There are great CIOs at small companies and not so great CIOs at big companies.

In today’s changing IT World where a CIO’s role is very much in flux. Following are some of the top 10 qualities of a good, resulted oriented, visionary CIO.

• ·      Good supply management capability
• ·      A solid understanding of financials
• ·      Ability to think strategically to support the business’s goals and objectives
• ·      Managing expectations effectively
• ·      Tech savvy
• ·      Selecting a good team
• ·      Ability to rally the troops
• ·      Visionary outlook
• ·      Politically savvy without being political
• ·      Skilled communicator

It is not wrong to say that in this new world of mobility, A CIO should actually be termed as CTM (Chief Technology Marketer)

The above article is based on my keynote address to 150 CIOs in Silicon Valley in January 2013. The content is based on my personal hands-on experience and what I practice everyday. Based on my personal development in last 22 years, I can confidentially say that there is no course, which can make you a CIO, but it’s all about positive attitude towards continuous learning.

In short the above article is also a reflection of who I am and what I do. Chief Information Officer is not a Job title but a long journey of continuous learning. 

The Management Consulting arm of TIMETUNNEL offers CIO advisory services and contract CIOs.

In my next CIO post, i will write about the role of CIO with CMO. Should we call it CTM, Chief Technology Marketer and should your CIO be under 50 years of age or elder. 

Dr. Gaurav Pradhan

Today & Tomorrow CIO

 

The increasing commoditization of information technology infrastructure and companies’ growing reliance on IT outsourcing during the past few years has given rise to speculation about the future of the chief information officer (CIO) role. Given these trends, some suggest that the CIO today is less vital to the organization and the influence of the role is likely to diminish over time.

I disagree. In fact, I have seen the CIO role become more prominent in top-performing organizations that recognize the key strategic role of technology and the CIO in enabling the company to achieve its objectives. Best-in-class CIOs are in demand more than ever.

The role has changed, however. As information technology has become more integrated with the business & more digitized, CIOs today must embody the leadership characteristics and competencies of the CEO and other senior-level executives. Beyond the day-to-day responsibilities, CIOs have emerged as strategic members of the senior leadership team.

They are taking on greater responsibility for managing transformation programs; business process streamlining and restructuring; negotiating smart outsourcing agreements; and finding innovative ways for IT to advance the business objectives of the company through technology, all in addition to their traditional CIO responsibilities.

To drive these initiatives, CIOs not only must possess the necessary business and technical skills and experiences, but also be able to relate these skills to the organization’s unique culture.

Creativity is just connecting things. When you ask creative people how they did something, they feel a little guilty because they didn't really do it, they just saw something. That's because they were able to connect experiences they've had and synthesize new things. And the reason they were able to do that was that they've had more experiences or they have thought more about their experiences than other people.

The role of the CIO is changing and we need to develop the next generation of CIO business leaders to meet the ever-changing needs and demands of our businesses

Keeping in mind the fast changing & challenging world and need for hands on experienced based training, I decided to start writing papers for Management Schools for their Executive Programs. Later people asked me to actually stand in classroom & conduct workshops. Hence, Now I launch my World Series “The Future CIOs”

During this 2 day paid workshop, I am not teaching technology but trying to bring out the hidden talent of executives, which is CREATIVITY.

You call it CREATIVE CIO, Future CIO or simply “Chief Technology Marketer” CTM.

Some key topic covered during workshop are :

• The four “I” for a Future CIO
• Digital Creativity
• The Hackers Mind
• Customer is CIO Wife of Girlfriend
• CIO In-house Center of Excellence
• The Strategic CIO
• The Innovation Cycle
• Spiritual Leadership

Eligibility for Workshop: Current CIO, IT Heads, Sector CIO, IT Managers.

Duration of Workshop: 2 days including 1 hours of group discussion / day

Post Workshop : CIO Mentoring Scheme (Optional)

The scheme has been developed in response to the desire expressed by leading corporate CIOs to use their knowledge and experience to provide a development boost to the next generation of IT leaders.

Please feel free to suggest any topic, which you may feel, is most important & I missed 

The Advent Of ‘Blockchain’ And What It May Mean For Lawyers

In simple layman terms, Blockchain is a technology which removes the middleman for any kind of transaction and that includes financial.

The financial world may be headed for a major change. As with any change to society, there will be disputes, and good lawyers need to be ready.

“Everything that can be invented has been invented” — these words are generally attributed (perhaps erroneously) to Charles Duell, commissioner of the United States Patent and Trademark Office from 1898 to 1901. As the story goes, Duell said this just a few years before the invention of both the typewriter and the telephone. The advent of either one would have been enough to prove the falsity of his pronouncement.

When the industrial revolution began in England and then the United States two centuries ago, people in every walk of life in both of those countries and then the world were angry (or, more likely, scared) at the daunting prospect of progress. As the first caravan owners thousands of years ago learned once seafaring ships were built, and as we’ve all learned every year since, as new industries arise, old jobs are phased out.

Hopefully, as Americans we can also recognize that as new industries arise there are new opportunities. And as lawyers we can hopefully see how these new opportunities allow us to serve our clients better. Today, a new industry has arisen known as “blockchain.” Many claim that the technology — a new type of decentralized network — will replace the internet, offering a model in which fraud and lack of integrity can be stamped out immediately.

Blockchain represents a major shift in information management, in a time some have called the Information Age. In the past, to make a database, someone would spend time crunching numbers on Microsoft Excel. Today, there’s an opportunity to collaborate on what essentially is a secure, global spreadsheet shared by multiple parties. One of the most promising examples of blockchain technology is Ethereum, and it contains some exceptional opportunities to disrupt the legal industry.

Blockchains determine what is truthful by using a so-called “consensus mechanism” effectively to compare each party’s statements immediately, alerting the parties involved as soon as there is a discrepancy. As an example, imagine a blockchain being used for a legal case. The relevant legal texts would be fed into this blockchain so that particular laws could be cited and referenced. The software could then identify if there is an incorrect statement by either party in a brief or other filing. Companies are already using databases as powerful tools for legal teams. One such example is Tim Hwang’s FiscalNote, where changes in legislature are tracked in real-time and lobbyists are also alerted to changes in real-time. The software supposedly can even predict the probability with which a certain lawmaker might vote given past opinions from prior votes.

In law perhaps no concept is more central to the role of the blockchain than what are called “smart contracts.” These are agreements that are written in computer code that automatically monitor the actions of the individuals involved, and will immediately provide notice when a violation takes place, or when a contractual obligation has been fulfilled. If provided adequate, accurate information, these processes would be nearly instant, because a computer is reviewing the actions, rather than a person. This would be equally beneficial for corporations and individuals. London-based law firm Hogan Lovells has already begun to involve smart contracts in their practice.

An example of how this could work would be a charitable donor or investor who writes a check with a smart contract that provides, “I’d like to fund your project and I’ll give you $10,000, but only if you have raised the $1 million that it’s going to take to fund your entire project. Otherwise, the money reverts back to me.”  This allows people to turn contractual terms into computer code and govern the way they are executed. In the code, the money would automatically be returned without the need for making a claim if a counterparty did not fulfill the pre-conditions for non-reversible execution of the wire.

Lawyers are needed here (if not necessarily for the grunt work). A contract is only as smart as the humans writing the code. Humans have not been made perfect here; we will need lawyers to guide the code writers. And, of course, for trial lawyers like us and our colleagues, there will be a role to play when things go wrong.

Applications of blockchain technology offer great promise and potential that may give rise to major upheaval in industries all over the world. The practice of law may be one of the industries most primed to benefit from the immediate, anonymous, verifiable, decentralized, and truly fair power of the blockchain. And of course, there will be disputes. As lawyers, we need to be ready.

Dubai is planning to remove middlemen like lawyers, accountants, bankers, immigration officers & govt. officials by year 2020 by adapting to blockchain technology. 😱 

What will governments look like 5 years from now? Today Dubai announced its plan to be “The World’s first blockchain powered government” with a plan to move 100% on blockchain by 2020:

> Arabian Chain is moving all Dubai’s government paperwork onto the blockchain, so it doesn’t need lawyers and government departments for verification.

> ObjectTech is providing digital passports and blockchain security to Dubai International airport to deliver seamless entry and exit from the country.

> The Dubai Land Department has launched a blockchain system to record all real estate contracts and record all property-related transactions such as rental, utility and telecom bills.

Inputs from  John Balestriere, Sam Tabar 

Cyber Warfare, The new Weapon

Cyber warfare is very similar in nature to the naval warfare. In international water navy encounters enemy warships, large merchant vessels, small merchant ships, fishing boats and guised surveillance ship from all directions. There are no borders to clearly establish that everything on other side belongs to enemy assets. Though there are Sea-Lanes-of-Communication but two ports are actually on connectionless service and no ship is bound to follow SLOC. In cyberspace IP address is the flag which every asset on the Internet displays but ruse is not uncommon.  It is therefore necessary to identify the cyber assets positively in any cyber-conflict before any aggressive response is initiated. Wearing flag of convenience is common by sea vessels as well as cyber assets.

Tallinn Manual while drawing the rules for Cyber War has based the identity of any cyber-asset on its territorial linkages. If Tallinn Manual is used as start point for taking any decision on ‘Laws of Cyber Conflict’, then geo-spatial tagging will be a critical in deciding whether an act by a military leader amounts to war-crime or not. It is therefore necessary that any attack or counterattack in any cyberwar should be focused primarily using geospatial intelligence rather than general purpose destructive force. That is why cyber weapons such as Stuxnet, Duqu and Flame are geographically focused and are unlike other normal viruses and malwares which are general purpose to infect every vulnerable system.

Advanced Persistent Threats (APT) are selecting specific targets based on location, similarly large data mining and analytic tools are also focused to attack based on geospatial information. Operations Titan Rains, Olympic Games, ATP1, Night Dragon, and Ghostnet are all pre-war surveillance. Only Operation Orchard and Stuxnet can be called acts of Cyberwar and both operations had target location mechanism built into them. Therefore unlike other acts in cyberspace geolocation of a target is critical.

There are several techniques for IP- geolocation. Some of them are host-dependent while other are independent of host and based purely on IP address to get physical location. A brief on some of the techniques used for IP-Geolocation are discussed below.

A.  Global Positioning System. Global Positioning System has become a standard fit in most of the mobile devices and tablets. The GPS uses Doppler Effect of satellites orbiting in the space. The accuracy which is achieved by non-military GPS system is about to 2 meters, it can also provide information related to altitude of the system. Most of the social-media application such as twitter, Facebook, Instagram, has integrated geolocation tagging for the images. Photographs taken by inbuilt GPS devices also have the capability of IP- geolocation tagging with the photographs. While gathering data from such device application by twitter, Google, Microsoft, Facebook, and others that correlate the IP address with geolocation of the device. In fact in a incident, where the location of the INS Vikramaditya on her maiden passage to India got compromised through social-media due to auto geolocation tagging of the photographs. The GPS project was developed in 1973 is run by US Department of Defense. Other similar systems such as Russian’s – Global Navigation Satellite System (GLONASS) , European’s – Galileo , China’s – Compass Navigation System and India’s – Indian Regional Navigation Satellite system, though exist are not extensively used with the IP enabled devices.

B.  Wifi Positioning system (WiPS). WiPS is used where GPS system is not installed or switched off or signals are blocked. Each WiFi device in the world is unique through the combination of its Service Set Identification (SSID) and Media Access Control address (MAC address). Various commercial companies such as Google, Infsoft, Navizon, AlterGeo, Skyhook Wireless and  Combain  Mobile provide the services of IP-geolocation through WiPS, the location of the WiFi system is collated in the database while other geolocation tools such as GPS are used on a device with enabled WiFi services. In fact once the geolocation of a WiFi hotspot is fixed the location of the computers using WiFi can also be found out remotely. Using signal strength techniques accuracy less than 1 meter can be achieved.

C.  Mobile networks. The mobile phones using mobile networks of GSM or CDMA can provide geolocation information of such devices even in absence of GPS and WiFi receivers. The technique of geolocation in this based on the delayed time between the mobile phones and the cell tower, whose position is fixed and known. Accuracy through this technique is reasonably course. In case these mobiles phones are using GPRS, 3G or 4G services, then it automatically provides IP geolocation.

D. Anti-theft hardware. Most of the motherboards of computers, laptops and mobile devices have inbuilt features for remote activation for the anti-theft mechanism. These anti-theft mechanisms keep continuously gathering geolocation information of the host, as and when same is reflected in any application. This collated information is then used to develop reasonably accurate geolocation of the device. In addition, it can ping back the mother-site through well-established geolocated servers, where delayed times through various routes can provide reasonable accurate IP-geolocation. The leading company providing such services is Computrace.

E. Device independent IP geolocation. There exists a reasonably high possibility that computers may not be fitted with features such as GPS, GSM or CDMA. There exist several client independent geolocation techniques to link IP address with the physical location. One of such techniques is using geolocation method at each step to improve the accuracy in an iterative manner using time delay calculations in the following sequence:

1. Harvest Geolocation on the web of well-known servers in an area.
2. Geolocating primary servers of ISP.
3. Geolocating last mile routers of ISP.
4. Time delay between last mile router and the host.

F.  Non-Technical – web based information.

a.  Traceroute – Traceroute fired from multiple locations to an IP address can provide IP geolocation by calculating time delay between various routes.

b.  The information provides in whois records can give a reasonable accuracy of such servers. The whois records are publically available. When compared with the location of such companies in many cases geolocation at least up to Zipcode/ Pincode level can be established.

G.  Non-Technical – Database of ISP

Stealing or legally getting information from ISP of their registered user's details can also provide a reasonable accurate geolocation.

Determining the geographical location of an Internet Protocol host is valuable for many Internet-based application including marketing and anti-fraud activity. However, in planning and execution of Cyberwar, IP-Geolocation has far more important value.   Some of the applications of IP-geolocation in Cyberwar are:

(a)  Allocation or area of responsibility to Cyberwar Sector Commanders

(b)  Implementation of Rules of Engagement

(c)  Avoiding fratricide

(d)  Avoiding over-concentration of fire power or leaving gaps in attacks

(e)  Encirclement and isolation of heavily defended Cyber Targets.

(f)  Minimizing collateral damages

(g)  Simplify Battle Damage Analysis (BDA) of cyber-attack or real-world attack.

(h)  Control intensity and pace of cyber conflict.

(i)  Integrate HUMINT and kinetic (physical) weapon attack with cyber-attack.

And many more.

Cyberwar in future may be launched independently or in the prelude to or in support of real world conflict. An unstructured cyber-attack based on opportune target methodology (as presently being practiced) can be counter-productive to the objective of the mission. To properly control the scope, pace and intensity of cyberwar, it is necessary to IP-geolocate the target host.  Therefore IP-geolocation of enemy targets is a precondition for launching any effective cyber-offensive.

Disclaimer : Inputs for this post is drawn from various articles. This is a summary of those articles.