CIO Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

CIO

Asset financing – and how to avoid getting stung by unexpected costs from hyperscalers

 960 640 Guest Post
By:
0
0

“To hyperscale or not to hyperscale” remains a key question for any CIO. And, while the majority of large organisations have already taken that step, for some, if not all, they question whether their IT infrastructure strategy is delivering the  cost and flexibility benefits expected. At a time when capex budgets are coming under ever greater pressure, pushing CIOs even harder towards the hyperscale opex alternative, Mark Grindey, CEO, Zeus Cloud calls on CIOs to read the small print – or pay the price…

Escalating Costs

Drivers for the adoption of public cloud platforms vary, but for many larger organisations, the agility, innovation and scalability have outweighed the expected cost benefits. The ability to spin up new systems has improved time to market, accelerated digital transformation and enhanced business resilience. For CIOs, the shift away from on premise to the hyperscalers has met objectives – in the main. There is one, very notable exception: cost. While cost control may not have been the priority, it is always a factor in any IT strategic change. Few businesses expected to incur the level of ‘additional’ costs associated with the public cloud. And, given the on-going economic challenges, this upward trend is raising serious concerns.

The biggest problem is that, despite the perception, the price of public cloud service is not ‘known’. Monthly costs are not consistent. The subscription model is just one element in a sliding scale of usage- based costs. Companies are discovering the additional fees demanded for extra security and support. They are incurring far greater storage costs, due to the tendency to charge for both storing and deleting data. Even a user inadvertently changing Active Directory settings can lead to an unexpected hike in costs.

Add in the limitations on bandwidth, the additional charges for cpu or RAM, plus the fact that if the business is using VMWare, it will be paying again based on those same usage factors. Therefore, it’s these further hidden costs of the cloud that have caught many companies by surprise.   

Security and Latency Risks

Of course, unexpected IT costs are nothing new. Big companies have deep pockets – if the public cloud is delivering the required agility and flexibility, is the higher price tag worth it? The problem is that the escalating level of security attacks on these high profile hyperscalers is also causing serious concerns, especially for organisations dependent upon 100% uptime and very low latency.

Financial services organisations cannot endure the increasing latency associated with essential additional levels of security. Key infrastructure providers, including telecommunications and utilities, are justifiably concerned about the risks associated with Distributed Denial of Service (DDoS) attacks occurring almost continuously on these organisations.

But what is the alternative? At a time of economic and geopolitical uncertainty, there is little if any desire to revert to the traditional IT finance model, however deep an organisation’s pockets. Add in new compliance demands and the need to adapt to a changing marketplace, and capex projects are already oversubscribed. Further, large businesses have embraced the flexibility and agility associated with scaling up and down in line with demand. New business innovation is now predicated on the ability to accelerate IT development.

Retaining Flexibility

The cloud model works on so many levels. The issue that organisations have to address is how to retain a cloud-based infrastructure without incurring unacceptable costs. Clearly, it is vital to read the small print. But it is also important to consider the alternatives. Would an on-premise private cloud option work, for example?

Using flexible financing, Service Integration & Management (SIAM) vendors can offer the agility of the cloud with the benefit of locating the kit either on premise or in a dedicated co-location centre. Unlike Managed Service Providers (MSPs), a SIAM doesn’t mark up the equipment. It will simply use its market buying power to access the best prices for the kit required.

Critically, when compared head-to-head with the equivalent hyperscaler cost, this model is typically 50% cheaper. And, with simpler, transparent contracts, companies can – finally – achieve the known monthly cost model that was one of the original promises of the cloud.

Photo by John Vid on Unsplash

Nearly half of EMEA CIOs are shifting to co-owning digital leadership with their CxO peers

 960 640 Stuart O'Brien
By:
0
0
Forty-six per cent of CIOs in Europe, the Middle East and Africa (EMEA) are partnering with their CxO peers to bring IT and business area staff together to co-own digital delivery on an enterprise-wide scale.

That’s according to Gartner’s annual global survey of CIOs and technology executives, which has found that CIO’s relationship with their CxO peers is ‘reaching a different level’.

Daniel Sanchez-Reina, VP Analyst at Gartner, said: “CIOs who co-own efforts with their CxO peers to place the design, management and delivery of digital capabilities with teams closest to the point where value is created, are most effective at maximising digital investments.”

In this CIO-CxO co-ownership, also called democratization of digital delivery, the CIO acts as a franchiser of technology within their organization.

Gartner analysts presented the survey findings during Gartner IT Symposium/Xpo, taking place here through Thursday. The 2024 Gartner CIO and Technology Executive Survey gathered data from 2,457 CIO respondents in 84 countries and all major industries, representing approximately $12.5 trillion in revenue/public-sector budgets and $163 billion in IT spending. In EMEA, 917 CIOs participated in the survey, representing nearly $3.9 trillion in revenue and $66 billion in IT spending.

“Consciously or unconsciously, CIOs have already been laying the foundation for democratized digital delivery with technologies such as low-code platforms,” said Sanchez-Reina. In EMEA, 66% of CIOs said they have deployed or plan to deploy low-code platforms in the next 24 months. Artificial intelligence (AI), which 72% of EMEA CIOs say will be a game-changing technology in the next three years (29% for generative AI), will also rapidly advance the democratization of digital delivery beyond the IT function.

The survey revealed that CIOs’ top areas for investment in 2024 include cybersecurity, data analytics and AI (see Figure 1).

Figure 1. EMEA CIOs’ Expected Change in Technology Investments in 2024

Source: Gartner (November 2023)

CIOs who franchise IT ‘by design’, which is through co-leading, co-delivering and co-governing digital initiatives with their CxO peers, perform significantly better at general IT management activities, such as executive leadership development and digital business strategy.

“Franchiser CIOs are breaking down the barriers of IT, allowing other business units to produce IT beyond using it,” said Sanchez-Reina. “Those business units participate in the IT delivery responsibility and are accountable for the success of their own IT applications and systems they produce. Such participation in technology production goes from managing to implementing and building technology initiatives.

“This shows that the distinction between what is “IT” and what is “business” is becoming virtually impossible.”

There is no one pattern for franchised digital delivery. Several factors such as the enterprise culture and CEO sponsorship will influence the design and inner workings of the franchise model and the ways in which CIOs and their CxO peers engage. Above all, the CIO must coach their business partners on the journey, offering advice and frameworks, and brokering the internal and external connections they need to successfully co-own digital delivery.

“The payoff of modeling CxO-CIO partnerships for digital delivery on a franchise model is substantial,” said Sanchez-Reina. “CxOs who embrace this franchise model are twice as likely to meet or exceed expectations from digital investments, compared with those who don’t embrace it.”

Photo by ThisisEngineering RAEng on Unsplash

Proving ROI in cyber security

 960 640 Guest Post
By:
0
0

Research shows that almost half of businesses have reported cyber security breaches or attacks in the last 12 months. Amongst these businesses that identified breaches or attacks, more have experienced these issues at least once a week so far this year.

Moreover, the unprecedented events of recent months have seen the number of attempted data breaches continue to rise, with cyber hackers using the increase in remote working and individuals’ fears over the coronavirus to their advantage. In fact, a survey showed that 50% of organisations were unable to guarantee that their data was adequately secured when being used by remote workers.

The issue is serious and many businesses are stepping up their cyber security strategies accordingly, with CIOs and their teams increasingly taking a seat at the executive board table. But one thing is still lacking: cyber security ROI. To truly engage with a strategy, board members need to see ROI from every department of an organisation, and cyber security is not exempt from that. However, demonstrating business value in areas such as compliance, risk management or data assurance, has always been challenging. 

Consequently, data security has historically been looked upon as a necessary cost of doing business. However, this no longer needs to be the case. As CIOs, CISOs and network security teams mature into their C-Suite role, proving the value of data security is now both a realistic and achievable corporate objective. Frank Richmond, Vice President Sales Europe, Certes Networks, explains just how CISOs and CIOs can get the Board on board… 

Cyber security as a strategic investment

Today’s current network and data security approaches focus primarily on keeping the cyber hackers out with threat detection and vulnerability management at the core. But modern CIOs and CISOs want – and need – more than this when reporting to the Board; they want “provable security”.

Securing data should be a strategic investment in an organisation’s risk strategy and should quantifiably contribute to the overall value of the business. CISOs expect their network security teams to be equipped with tools that will enable them to make real-time changes to applications based on observable network flow. They want to see that securitypolicies are being enforced properly and, most importantly, prove that their security strategy is actually effective.

To put this into practice, cyber security should be quantifiable, measurable and outcomes-driven. It shouldn’t just be a case of successfully keeping a cyber attacker out of the network after a single breach; a successful cyber securitystrategy is effective only when it is continuously putting data security first and measuring impact against key performance indicators (KPIs) that will instantly show Board members how imperative the strategy – and the technology behind it – really is.

In order to truly demonstrate the effectiveness of the organisation’s security strategy, CIOs and CISOs need to be able to visualise and understand their data, the associated applications, workloads and behaviour, with real-time contextual insight. This, in turn, will enable this understanding to be passed on to other executive Board members. 

The real value of cyber security

Armed with this insight, organisations can then take actionable steps not only to measure the effectiveness of their security strategy, but to gain deep understanding into how to enhance their security posture and to manage and enforce policies. With a data-driven approach to cyber security, the guesswork can be removed and CISOs and CIOs will be able to clearly demonstrate to the Board that ROI has been achieved.

With buy-in from the Board, data security is now more than a ‘necessary cost’, and is instead a fundamental of business operations. The businesses that succeed in enforcing this way of thinking will then truly be able to continuously evolve their cyber security practices to keep their data safe.

Coronavirus: Business Continuity During a Global Crisis

 960 640 Stuart O'Brien
By:
0
0

By Nicole Alvino, Cofounder and Chief Strategy Officer, SocialChorus

We’re living through an unprecedented time, globally and for how long, none of us are that sure. While the new coronavirus may seem like a singular threat, dealing with crises is a fact of doing business—one companies can expect to encounter with increasing frequency. According to PWC, 69% of businesses had experienced a crisis in the last five years even before COVID-19, and the most disruptive causes of crises in the U.S. were natural or environmental. 

Under these conditions, it’s likely that your company already has crisis management and business continuity plans in place. But what should you do to ensure your infrastructure is robust enough and capable of helping you to reach all your workers?

There are five critical challenges that CIOs will face as they try to utilise their stack to reach employees. If you’re a CIO, then you know that you’re the best equipped person in your executive team to plan for business continuity but to be successful you’re going to need every person, across the entire business to understand your plans. Ultimately, your company is looking to you to:

·       Establish a source of truth for your company and communicate with one voice, so employees can separate rumours from facts and trust what they’re being told

·       Reach every worker on every digital channel with the targeted, personalised information they need to respond in an emergency

·       Use intelligent automation to certify message delivery, prompt response, and make sure your crisis communications are not just read but understood

·       Track the success of crisis initiatives and measure the effectiveness of your communications using in-depth analytics

·       Be prepared for emergency situations during COVID-19 and beyond – your stack and your workforce need to prepared for every twist and turn during this pandemic.

As you and the senior leadership team implement your crisis communications strategy you (and they) will ask whether you can reach every employee on every digital channel, even those that are deskless. And can you reach them with personalised, up-to-the minute information that they need? You’ll need to ensure that whatever communications technology you use, whether it be SharePoint, Slack, Zoom, Teams, mobile apps or others, that you can consistently reach and broadcast your company’s messages to all.

One thing we’re hearing is that people are overwhelmed with communications. On average a worker receives 120 emails per day, that’s not counting the ones via other channels such as Slack, IM or Teams. Now consider that your people, like you, are also getting bombarded by emails from school, IM from friends and family and messages via Facebook and WhatsApp. There is an information overload going on so whatever you do, you need to make sure your messages reach people urgently and that they can review them promptly. Our latest paper on CIO Crisis Communications takes you through several steps on how to reach all employees, across all channels, consistently.

Consistency from your business will help to establish trust in your message, especially if you’re able to deliver it immediately to all. And that’s of paramount importance. You don’t want workers in the London office getting communications three hours later than those in Paris or Madrid, or the other side of the world for that matter. All employees are equal, and all deserve to be communicated with, no matter where they are. They may consume your communications in different ways so use your different channels to reach all.

You’ll also need to judge how many times you communicate. Don’t hassle people as we’ve said, they’re inundated with messages already. If you need to know that they’ve received a critical message or piece of advice, then track acknowledgements or read receipts. Then you can take further communications actions with those that are unresponsive and not send repeat messages company wide.COVID-19 is changing the way we live and the way we work. In a world where change seems to be the only constant be the consistent voice across your organisation. Your emergency plans may need to be tweaked over the coming weeks, your infrastructure might need to be extended to ensure your reach is truly companywide but remember it is the companies that manage this situation well that will thrive through the chaos.

Image by Thor Deichmann from Pixabay