IT Security

Bi-Modal IT / CIO Strategy / Cloud Computing / Cloud infrastructure / IT Governance / IT Security / IT StrategyComments Off on CIO Insight – Two-Speed IT: Juggling Competing Agendas (Part 1)
03
Aug 17

CIO Insight – Two-Speed IT: Juggling Competing Agendas (Part 1)

How can IT leaders juggle seemingly competing agendas: to meet the business’ demands for increased innovation, while cutting costs and slashing budgets?

With the ever-increasing interest in technology solutions, IT’s stakeholders are giving them two competing demands:
1. Produce new innovative, strategic technology-based capabilities.
2. Do so with reduced resources.

How can IT leaders step up to the plate and juggle these seemingly competing agendas: to meet the business’ demands for increased innovation, including new digital systems and services, all while cutting costs and slashing budgets?

Unleash Your DevOps Strategy by Synchronizing Application and Database Changes Register
One popular solution has emerged within IT thought leadership. Often called “two-speed IT,” this idea proposes that the IT organization does not attempt to resolve the tension between these two ideas. Instead, IT lumps all of its technology into one of two broad buckets: operational technology and innovative technology. Do this, and operations won’t slow down innovation, and expensive innovation investments won’t inflate operations’ budgets.

More of the CIO Insight post from Lee Reese

Data Center / Data center compliance / IT Governance / IT SecurityComments Off on The Register – Healthcare dev fined $155 MEEELLION for lying about compliance
28
Jul 17

The Register – Healthcare dev fined $155 MEEELLION for lying about compliance

A health records software company will have to pay $155m to the US government to settle accusations it was lying about the data protection its products offered.

The Department of Justice said that eClinicalWorks (eCW), a Massachusetts-based software company specializing in electronic health records (EHR) management, lied to government regulators when applying to be certified for use by the US Department of Health and Human Services (HHS).

According to the DoJ, eCW and its executives lied to the HHS about the data protections its products use. At one point, it is alleged that the company configured the software specially to beat testing tools and trick the HHS into believing the products were far more robust and secure than they actually were.

More of The Register article from Shaun Nichols

CIO Strategy / Cloud Computing / Cloud infrastructure / Digital Transformation / IT Governance / IT Security / IT StrategyComments Off on HBR – The Board Directors You Need for a Digital Transformation
20
Jul 17

HBR – The Board Directors You Need for a Digital Transformation

When the term digital transformation was first bandied about by consultants and business publications, its implications were more about keeping up and catching up than true transformation. Additionally, at first it was only applied to large, traditional organizations struggling, or experimenting, in an increasingly digital economy. But true digital transformation requires so much more. As evidenced by the recent Amazon acquisition of Whole Foods, we’re living in a new world.

Early transformation efforts were focused on initiatives: e-commerce, sensors/internet of things, applications, client and customer experience, and so on. Increasingly, our clients are coming to us as they realize that in order for these disparate initiatives to thrive, they need to undergo an end-to-end transformation, the success of which demands dramatic operational, structural, and cultural shifts.

More of the HBR post from Tuck Rickards and Rhys Grossman

CIO Strategy / Cloud Computing / Cloud infrastructure / IT Governance / IT Security / IT StrategyComments Off on Arthur Cole – When the Cloud Becomes Just Normal Infrastructure
12
Jul 17

Arthur Cole – When the Cloud Becomes Just Normal Infrastructure

Strange as it may seem, the cloud only holds about a fifth of the total enterprise workload, which means there is still time for the enterprise to suddenly decide that the risks are not worth the rewards and start pulling data and applications back to legacy infrastructure.

Unlikely as this is, it nonetheless points out the fact that there are still many unknowns when it comes to the cloud, particularly its ability to provide the lion’s share of data infrastructure in ways that are both cheaper and more amenable to enterprise objectives.

According to Morgan Stanley’s Brian Nowak, the cloud is nearing an inflection point at which it should start to show accelerated growth into the next decade.

More of the IT Business Edge post from Arthur Cole

CIO Strategy / Digital Transformation / IT Governance / IT Security / IT Staff Retention / IT StrategyComments Off on Data Center Knowledge – How to End On-Call IT Burnout and Post-Traumatic Alert Fatigue
11
Jul 17

Data Center Knowledge – How to End On-Call IT Burnout and Post-Traumatic Alert Fatigue

In so many ways IT operations has developed a military-style culture. If IT ops teams are not fighting fires they’re triaging application casualties. Tech engineers are the troubleshooters and problems solvers who hunker down in command centers and war rooms.

For the battle weary on-call staff who are regularly dragged out of bed in the middle of the night, having to constantly deal with flaky infrastructure and poorly designed applications carries a heavy personal toll. So, what are the signs an IT organization is engaged in bad on-call practices? Three obvious ones to consider include:

Support teams are overloaded – Any talk of continuous delivery counts for squat if systems are badly designed, hurriedly released and poorly tested.

More of the Data Center Knowledge post from Peter Waterhouse

Business continuity / CIO Strategy / Disaster Recovery / IT Governance / IT Security / IT StrategyComments Off on Continuity Central – Organizational risks that you should definitely be acting on
07
Jul 17

Continuity Central – Organizational risks that you should definitely be acting on

It is easy for organizations to feel overwhelmed by the number and scale of the risks that are faced; but often the perception of the potential harm engendered by various risks is exaggerated. In this article Chris Butler lists the real risks that every organization needs to consider.

Did you know the world’s most dangerous animal is not a shark, or a bear, but is in fact a mosquito? What’s certain is that human perception of risk is notoriously flawed; often, the events that concern and outrage us the most are the least likely to happen.

From political and economic tremors to cyber threats, 2017 represents another minefield of risks for businesses. For organizations, forging a deepened understanding of both threats and risk factors is crucial for remaining robust, resilient, and most of all, ahead of the competition. Part of this involves separating the myths from reality. So, what then are the real risks to business today?

More of the Continuity Central article

CIO Strategy / Cloud Computing / IaaS / IT Governance / IT Security / IT StrategyComments Off on TechTarget – Avoid steep network integration costs in multicloud
06
Jul 17

TechTarget – Avoid steep network integration costs in multicloud

While a VPN is useful for multicloud networks, IT teams still need to be careful to avoid high traffic charges, as applications move from one provider to another.

One of the most important — and most complex — concepts in multicloud is network integration between public cloud providers. This model facilitates cross-cloud load balancing and failover but, without careful planning, can also lead to hefty network integration costs.

Nearly all enterprises have a virtual private network (VPN) that connects their sites, users, applications and data center resources. When they adopt cloud computing, they often expect to use that VPN to connect their public cloud resources as well. Many cloud providers have features to facilitate this, and even when they don’t, it’s usually possible to build VPN support into application images hosted in the cloud.

More of the TechTarget article from Tom Nolle

Business continuity / CIO Strategy / Disaster Recovery / IT Governance / IT Security / IT StrategyComments Off on Continuity Central – Why business continuity managers need to trust ‘gut feel’
15
Jun 17

Continuity Central – Why business continuity managers need to trust ‘gut feel’

Agree or disagree?

Sometimes as a business continuity manager you have a feeling that a certain decision is the wrong one, despite qualitative and quantitative evidence pointing to the contrary. Dominic Irvine explains how research is starting to support the reliability of trusting your gut feeling…

Qualitative and quantitative evidence is sometimes used as a weapon to force decisions through when not everyone involved is convinced; in the face of charts, spreadsheets and PowerPoint decks, gut feel seems like a poor response, and yet what we are learning from research into exertion and fatigue, is that it is one of the most useful tools in our armoury of tests.

After the First World War, much work was done to find a way to measure fatigue but it was deemed such a subjective concept as to be impossible to develop any meaningful way of objectively measuring it. It was not possible to fathom out the complex interaction between emotional, physical and mental aspects of fatigue in a way that could be reliably and accurately counted. And yet, we all know the feeling of being fatigued and how tired we are.

More of the Continuity Central post

CIO Strategy / Cloud Computing / Cloud infrastructure / DevOps / Digital Transformation / IaaS / IT Governance / IT Security / IT StrategyComments Off on ZDNet – Three ways to survive the rise of the cloud and ‘big software’
14
Jun 17

ZDNet – Three ways to survive the rise of the cloud and ‘big software’

Applications that were once simple to manage are now rolled out across thousands of physical and virtual machines.

These sprawling applications include multiple components, with the potential points of integration spread across the enterprise and out into the wider cloud.

So, what are the key challenges CIOs will face as they overhaul their IT departments in readiness for the next stage of enterprise computing? Here are some key lessons for CIOs.

1. Build a platform for business change

Successful companies in the digital age are characterised by their ability to absorb technology into everyday processes and by ensuring there is no division between what might previously have been classed as IT and business professionals.

More of the ZDNet article from Mark Samuels

CIO Strategy / Cloud Computing / Cloud infrastructure / Data Center / Data center compliance / IT Governance / IT Security / IT StrategyComments Off on HBR – The Behavioral Economics of Why Executives Underinvest in Cybersecurity
12
Jun 17

HBR – The Behavioral Economics of Why Executives Underinvest in Cybersecurity

Determining the ROI for any cybersecurity investment, from staff training to AI-enabled authentication managers, can best be described as an enigma shrouded in mystery. The digital threat landscape changes constantly, and it’s very difficult to know the probability of any given attack succeeding — or how big the potential losses might be. Even the known costs, such as penalties for data breaches in highly regulated industries like health care, are a small piece of the ROI calculation. In the absence of good data, decision makers must use something less than perfect to weigh the options: their judgment.

But insights from behavioral economics and psychology show that human judgment is often biased in predictably problematic ways. In the case of cybersecurity, some decision makers use the wrong mental models to help them determine how much investment is necessary and where to invest. For example, they may think about cyber defense as a fortification process — if you build strong firewalls, with well-manned turrets, you’ll be able to see the attacker from a mile away.

More of the Harvard Business Review post from Alex Blau

← Older Entries
Newer Entries →