Thinking Business Value by ctof magazine

cio & leader.com

Best of Breed

Tech for Governance

Viewpoint

Unlocking Big Data in Social Technologies Pg 16

Privacy Breaches and High School Physics Pg 46

Private Parts Pg 48

Volume 02 Issue 02 February 2013 150

02 T r a c k t e c h n o lo g y

B u i ld b usi n ess

â&#x20AC;&#x153;Cost-Effectiveness Driving MPS Marketâ&#x20AC;? | Security Analytics: Hype or Huge?

A special section on leadership designed keeping in mind the evolving information needs of CIOs Page 26A to 36

Shape self

Thinking

Business Value

Volume 02 | Issue 02

A 9.9 Media Publication

A banker, a business leader and a CIO. Sandeep Phanasgaonkar has what it takes to be a true leader. Page 20

editorial yashvendra singh | yashvendra.singh@9dot9.in

Business Leader or Technologist?

Instead of saying that CIOs are not business savvy, we should say that CEOs are not technology savvy

senior CIO once quoted his boss as saying, “There are only two types of projects: business successes and IT failures.” For an enterprise technology decision maker, the irony could not be starker. A CIO has to shoulder complete accountability in the absence of complete authority. While his several successful projects escape praise, the few failed ones attract criticism. No CIO would want to be in such a sticky situation. To avoid getting between a rock and hard place, a CIO should possess strong IT management skill set. So, those who

have been crying hoarse over the urgency of a CIO to talk the language of business instead of technology, need to weigh their words. Lots of people are convinced that by becoming a business leader, a CIO can get a seat at the high table. They could not be more wrong. The reliance of businesses on technology has increased more than ever before. IT has become core to what they do. Consider marketing, for instance. Today, marketing for an enterprise is all about click patterns, big data analytics and split testing. Against this backdrop, can a

editors pick 20

Thinking Business Value A banker, a business leader and a CIO. Sandeep Phanasgaonkar has what it takes to be a true leader.

CEO trust his marketing to someone who has no clue about these tools and technologies? Similarly, IT too has increased in complexity. Today, a corporate’s website delivers far more than just static content. It has evolved into a collaboration and transaction application supporting far greater workloads. Managing its performance would require fine-tuning of several elements. Can someone without an in-depth technology knowhow manage this dynamic and complex environment? Someone who stopped his quest for technology knowledge back in 1990 would find the shoes of the head of enterprise IT too big for himself. However, this argument in no way entails that a CIO can afford to be completely oblivious to his company’s business. He needs to ensure that everybody in the IT department understands three basic things — the enterprise’s value proposition, how

does it make money, and the cost of a rupee per share in earnings. A strong grip on technology and an understanding of these key aspects of business, a CIO will do justice to his position. In this issue’s cover story, we focus on one such CIO who has done justice to his position — Sandeep Phanasgoankar, who recently quit from his position as the President & CTO, Reliance Capital — has what it takes to be a true leader. On the issue of whether CIOs need to be business leaders or technologists, I feel it is time we gave the argument a different spin. Instead of saying that CIOs are not business savvy, we should say that CEOs are not technology savvy.

February 2013

february 2013 20

Cover Story

RegulArs

20 | Thinking Business Value

February 2013

tECH for govErnanCE

viEwPoint

Privacy Breaches and High School Physics Pg 46

Private Parts Pg 48

T r a c k T e c h n o lo g y

Volume 02 | Issue 02

Copyright, All rights reserved: Reproduction in whole or in part without written permission from Nine Dot Nine Interactive Pvt Ltd. is prohibited. Printed and published by Anuradha Das Mathur for Nine Dot Nine Interactive Pvt Ltd, Bungalow No. 725, Sector - 1, Shirvane, Nerul, Navi Mumbai - 400706. Printed at Tara Art Printers Pvt ltd. A-46-47, Sector-5, NOIDA (U.P.) 201301

BEst of BrEED

Unlocking Big Data in Social Technologies Pg 16

Volume 02 Issue 02 February 2013 150

â&#x20AC;&#x153;Cost-EffECtivEnEss Driving MPs MarkEtâ&#x20AC;? | sECurity analytiCs: HyPE or HugE?

Please Recycle This Magazine And Remove Inserts Before Recycling

S p i n e

cio & leader.com

While CIOs often struggle to find their place in the board, Sandeep Phanasgaonkar always saw himself as a business leader, a trait that helped him head various businesses

01 | Editorial 06 | Enterprise Roundup 48 | viewpoint B u i ld B uSi n eSS

A special section on leadership designed keeping in mind the evolving information needs of CIOs Page 26A to 36

Shape Self

Thinking

Business Value

A banker, a business leader and a CIO. Sandeep Phanasgaonkar has what it takes to be a true leader. Page 20

A 9.9 Media Publication

Cover design by: shokeen saifi imaging by: Peterson PJ photos by: Jiten Gandhi

Special leadership section Page 26A to 36

27 | Top Down Preparing Future Leaders, Ashok Cherain, CIO, JK Cement, feels that the best way to learn is by taking up responsibilities

34| opinion What happened at copenhagen?

Future negotiations for climate change need to take place swiftly, and probably best done by having a ‘side’ deal of binding commitments signed between the nations

28 | Leading edge the first 100 days of a New CIO It’s critical to get

me & my mentee

31 | Grooming the Team for Leadership Jayanta Prabhu,

CIO, Essar Group and Keyur Desai, AVP, IT Infra, Aegis Ltd shares their professional bonding

a good start when stepping into the CIO role. Consider several measures when you share your course

36 | SHELF LIFE the business of T20 The book reveals how the author guided a T20 cricket team to championship glory. His success mantra: Cricket in not a team game

February 2013

www.cioandleader.com Managing Director: Dr Pramath Raj Sinha Printer & Publisher: Anuradha Das Mathur Editorial Executive Editor: Yashvendra Singh Consulting Editor: Atanu Kumar Das Assistant Editor: Varun Aggarwal & Akhilesh Shukla DEsign Sr. Creative Director: Jayan K Narayanan Sr. Art Director: Anil VK Associate Art Directors: Atul Deshmukh & Anil T Sr. Visualisers: Manav Sachdev & Shokeen Saifi Visualiser: NV Baiju Sr. Designers: Raj Kishore Verma, Shigil Narayanan & Haridas Balan Designers: Charu Dwivedi, Peterson PJ & Midhun Mohan MARCOM Designer: Rahul Babu STUDIO Chief Photographer: Subhojit Paul Sr. Photographer: Jiten Gandhi

12 A Question of Answers

12 | Creating a Flexible, Secure IT Architecture Minhaj Zia, Director,

Cisco India and SAARC shares his views on UC

46 | tech for governance: privacy breaches and high school physics A look at the damage caused by patient privacy breaches

18 | Best of breed: defining the qualities of cyber warfare Accusations about cyber attacks are increasing, with Iran ranking high on the danger list

40 | Next Horizons: security analytics: Hype or huge? Big data is here to stay and security analytics just needs to figure out the best way to use it

February 2013

advisory Panel Anil Garg, CIO, Dabur David Briskman, CIO, Ranbaxy Mani Mulki, VP-IT, ICICI Bank Manish Gupta, Director, Enterprise Solutions AMEA, PepsiCo India Foods & Beverages, PepsiCo Raghu Raman, CEO, National Intelligence Grid, Govt. of India S R Mallela, Former CTO, AFL Santrupt Misra, Director, Aditya Birla Group Sushil Prakash, Sr Consultant, NMEICT (National Mission on Education through Information and Communication Technology) Vijay Sethi, CIO, Hero MotoCorp Vishal Salvi, CISO, HDFC Bank Deepak B Phatak, Subharao M Nilekani Chair Professor and Head, KReSIT, IIT - Bombay NEXT100 ADVISORY PANEL Manish Pal, Deputy Vice President, Information Security Group (ISG), HDFC Bank Shiju George, Sr Manager (IT Infrastructure), Shoppers Stop Farhan Khan, Associate Vice President – IT, Radico Khaitan Berjes Eric Shroff, Senior Manager – IT, Tata Services Sharat M Airani, Chief – IT (Systems & Security), Forbes Marshall Ashish Khanna, Corporate Manager, IT Infrastructure, The Oberoi Group Sales & Marketing National Manager – Events and Special Projects: Mahantesh Godi (+91 98804 36623) National Sales Manager: Vinodh K (+91 97407 14817) Assistant General Manager Sales (South): Ashish Kumar Singh (+91 97407 61921) Senior Sales Manager (North): Aveek Bhose (+91 98998 86986) Product Manager - CSO Forum and Strategic Sales: Seema Menon (+91 97403 94000) Brand Manager: Jigyasa Kishore (+91 98107 70298) Production & Logistics Sr. GM. Operations: Shivshankar M Hiremath Manager Operations: Rakesh Upadhyay Asst. Manager - Logistics: Vijay Menon Executive Logistics: Nilesh Shiravadekar Production Executive: Vilas Mhatre Logistics: MP Singh & Mohd. Ansari OFFICE ADDRESS Published, Printed and Owned by Nine Dot Nine Interactive Pvt Ltd. Published and printed on their behalf by Anuradha Das Mathur. Published at Bungalow No. 725, Sector - 1, Shirvane, Nerul, Navi Mumbai - 400706. Printed at Tara Art Printers Pvt Ltd. A-46-47, Sector-5, NOIDA (U.P.) 201301 For any customer queries and assistance please contact help@9dot9.in

advertisers’ index IBM IFC Riverbed IBC Falcon (Expo 2020 Dubai) BC This index is provided as an additional service.The publisher does not assume any liabilities for errors or omissions.

This issue of CIO&Leader includes 12 pages of CSO Forum free with the magazine

ANNOUNCING THE MUMBAI CHAPTER OF

THINK TANK Join a select group of 25 - 30 CSOs and find answers to: Network Security Risk in 2013: Emerging Trends, Threats and Mitigation. Developing an Application Security Center of Excellence. Is your security plan board-ready? Establishing a Data Breach Response Process. Managing Identity and Access in the Hybrid World.

Date: March 15, 2013 Time: 10 am to 5 pm Venue: Hyatt Regency, Mumbai

Organised by

Presenting Partner

http://tinyurl.com/apwtnoc

Knowledge Partners

FOR ANY QUERIES, PLEASE CONTACT: Astha Nagrath Khanna , astha.nagrath@9dot9.in

CSO_Think tank_Ad.indd 40

2/22/2013 4:07:17 PM

Enterprise

Cloud, Analytics to Drive Data Centre Growth Pg 08

image by photos.com

Round-up

story Inside

Scams to Watch Out for this Season Symantec has observed an

increase in phishing attacks The year has started with a bumper crop of online frauds, cons, ID thefts, and check stealing this year. Some of them can steal your returns, others cost you your life savings or money you have not even begun to earn. Valentine’s Day Spam - Valentine's Day represents one of the big shopping periods of the year. Online shoppers will be seen expressing their love this week as both online retailers and spammers continue to take steps to attract and convert shoppers. This year, Symantec has observed that Valentine’s Day spam messages offer unbelievable discounts on jewellery,

February 2013

dinning opportunities, and expensive gifts to shoppers. (See alongside image about the volume of spam during Valentine’s Day) The top word combinations used in spam messages includes: Find-Your-Valentine; eCards-for-Valentine; Valentine’s-Day-Flowers. The e-card spam message arrives with a malicious attachment called ValentineCard4you.zip. After opening the attachment, malware is downloaded on to the user's computer. Symantec detects the attachment as Backdoor.Trojan whose primary functionality is to enable a remote attacker to have access to or send commands to a compromised computer.

Data Briefing

294.9% SMARTPHONES’ GROWTH IN INDIA Source: IDC

Enterprise Round-up

They David Said it Cameron

image by photos.com

Asked during a question and answer session at the Unilever office, in Mumbai, if he thought governments were doing enough to boost the green economy, Cameron said green technologies such as wind turbines should be promoted in the face of opposition.

Cloud Adds Complexity to DR in India Virtualisation led 71 percent to re-evaluate DR plans in 2010 Symantec has announced the India findings of its sixth annual Symantec Disaster Recovery Study. The study demonstrates the growing challenge of managing disparate virtual, physical and cloud resources because of added complexity for organisations protecting and recovering mission critical applications and data. In addition, the study shows that virtual systems are not properly protected. As Indian enterprises increasingly adopt virtualisation, it is having a big impact on their disaster recovery plans. The study highlights that in India nearly 50 percent of data on virtual systems is not regularly backed up and only 10 percent of the data and mission-critical applications in virtual environments is protected by replication. The data also highlights that 70 percent of those surveyed were concerned about data loss as an impact of a disaster. The study indicated that virtualisation led 71 percent to re-evaluate DR plans in 2010; this is up from the 61 percent reported by respondents in 2009. “While Indian enterprises are adopting new technologies such as virtualisation and the cloud to reduce costs, they are currently adding more complexity to their environments and leaving mission critical applications and data unprotected,” said Anand Naik, director, Systems Engineering, Symantec.

illustration by photos.com

QUICK BYTE ON COMPUTING

“All over the world governments are not doing enough. We are not on track to deal with climate change and make sure our policies are sustainable.” —David Cameron British Prime Minister

Although crashes are as old as computers, some UK researchers may be taking the first steps toward sending blue screens to the same graveyard where 5.25-inch floppy disks are buried.

February 2013

illustration by photos.com

Enterprise Round-up

Cloud, Analytics to Drive Data Centre Growth APAC will account for 25% of the global data center investment

Data center transformation is one of the three key trends driving IT growth in 2012, according to analyst firm Canalys (the others being consumerisation of IT and enterprise mobility). Its latest forecasts reveal that the market for data centre IT infrastructure globally, including servers, storage, networking, security and virtualisation, will reach $128 billion this year, up six percent from $120 billion last year. Total investment will

grow five percent on average per annum to reach $152 billion in 2016. Large data centers will lead this expansion, posting an average annual increase of eight percent over the same period. Much of this infrastructure will be used to form the backbone of cloud services for both consumer and commercial customers. ‘On the consumer side, everything from social networking platforms to online

Global Tracker

Google Sites led the US explicit core search market in January with 67 percent market share, followed by Microsoft Sites with 16.5 percent

February 2013

Source: comScore

Search Market

banking services will require resilient infrastructure on which to run,’ said Alex Smith, Senior Analyst at Canalys. ‘This is particularly evident in the Asia Pacific region, where businesses in China and India are investing heavily in infrastructure to provide online services to their customers. The size of the populations in these markets presents a huge potential demand for data center infrastructure.’ Cloud computing has been a hot topic in the enterprise space in recent years and will continue to disrupt established patterns of IT purchasing behaviour. The management of hardware and software traditionally conducted in-house will increasingly be transferred to third-party providers, with resources charged for on an on-demand, metered basis. This transition is already well underway in many public sector organizations, particularly in Europe where government spending is being re-shaped by the ongoing economic challenges. These trends are helping to concentrate investment into fewer, but larger, data centers, as opposed to being distributed across many smaller facilities. Analytics is another driver of large data center investment. ‘Different organisations, with different interests spanning commerce, the environment and a spectrum of scientific disciplines will require large data warehouses and the ability to analyse vast quantities of information,’ Smith added. ‘The need to routinely process exabytes of data will become common.’ Canalys predicts Asia Pacific will be the fastest growing region over the next five years and will account for a quarter of worldwide data center infrastructure spend by 2016. ‘IT infrastructure expansion is critical to support the high-growth economies and rising online populations in this region,’ said Matthew Ball, Canalys Director of Enterprise Services. ‘The leading US vendors must focus resources on expanding their channel coverage in key Asia Pacific markets in order to capitalise on these growth opportunities. And they should not underestimate the challenge presented by local vendors, such as Fujitsu, Hitachi, Huawei and NEC.’ Canalys forecasts that North America will remain the biggest data centre infrastructure market, though its share of total worldwide investment will fall from 43 percent in 2011 to 41 percent in 2016.

Illustration by photos.com

Mahindra Satyam Acquires Complex Attractive cost structures create tough competition for India

Mahindra Satyam, a leading global consulting and IT services provider, today announced the acquisition of a majority stake in Complex IT, one-of-the largest SAP consulting providers, in Brazil. This acquisition will focus on developing solutions for the rapidly expanding Enterprise Solutions market within Brazil. Mahindra Satyam and Complex IT will be going to market with proprietary solutions for large manufacturing, financial and consumer services

companies in the market. This initiative marks another important milestone in offering Mahindra Satyam’s customers a global delivery capability in Latin America. “This combination of Complex and Mahindra Satyam strengthens our commitment to the Brazilian market, which is one of the fastest growing Enterprise solutions markets. We look forward to expanding our market presence and offer global delivery capabilities to our customers” said Arvind Malhotra, Global Head, Latin America & Strategic Accounts, Mahindra Satyam. “The BRICS countries have the potential to achieve a leadership position in the global economy and we believe that Mahindra Satyam and Complex will contribute significantly to this strategic vision.” “The relationship with Mahindra Satyam will mean enhanced career opportunities for our team, and increased quality of services to our customers and partners.” said Antonio Rossi, Chairman and CEO, Complex IT. Brazil is the second fastest growing geography globally for SAP AG. Software revenues for SAP AG grew 20 percent in the last year. The current spend on IT by companies in Brazil is approximately US$70B, with US$36B being spent on services and software. As Brazil gears up to host FIFA 2014 and the Olympics in 2016, it would only provide an increased impetus to an already rapidly growing IT services market. Together, Complex IT and Mahindra Satyam would be well positioned to combine local expertise with ability to deliver large and complex projects, in a period of sustained profitable growth for both partners.

Fact ticker

Worldwide IT Spending to Surpass $3.6 Trillion in 2012 Three percent increase from 2011 Worldwide IT spending is on pace to reach $3.6 trillion in 2012, a 3 percent increase from 2011 spending of $3.5 trillion, according to the latest outlook by Gartner, Inc. Gartner's 2012 IT spending outlook has been revised up slightly from the 2.5 percent projection last quarter. Gartner's global IT spending forecast is relied upon by more

October 2012

than 75 percent of the Global 500 companies in their key technology decisions. The market segments are analyzed by more than 200 Gartner business and technology analysts who are located in all regions of the world. “While the challenges facing global economic growth persist — the eurozone crisis, weaker US recov-

ery, a slowdown in China — the outlook has at least stabilised,” said Richard Gordon, research vice president at Gartner. There has been little change in either business confidence or consumer sentiment in the past quarter, so the short-term outlook is for continued caution in IT spending. However, there are some bright spots for IT providers. In contrast to the rather lackluster growth outlook for overall IT spending, Gartner expects enterprise spending on public cloud to grow from $91 billion worldwide in 2011 to $109 billion in 2012.

Supercomputer

he recent installation of India’s fastest supercomputer at C-DAC, Pune was implemented by Netweb Technologies, a company implementing supercomputers in India for almost a decade. Starting in 2003, when Netweb deployed a supercomputer at IMSc Chennai, which was then the number one supercomputing system in India. The current supercomputer that was inaugurated on the 8th February 2013, at Centre for Development of Advanced Computing (C-DAC), Pune is the next-generation PARAM System, which is an upgrade of the existing PARAM Yuva system. This system consists of 224 Intel based Tyrone servers having Intel’s latest Xeon Sandy Bridge Processors & Xeon Phi co-processors, with over 30000 processing cores including coprocessors and total 14 TB of memory. The next-gen PARAM supercomputer is India’s largest supercomputer built with hybrid technology and has a peak computing capacity of more than 500 Teraflops. Netweb Technologies has tested and efficiently achieved a sustained performance of 370 Teraflops over LINPACK benchmark. The LINPAK benchmark is the measure of a system’s computing power and is used for ranking the supercomputers worldwide.

February 2013

C I O & L E A D E R c u s t o m s erie s | H e w le t t - P ac k ard ( H P )

CIOs Need to Contribute to Bottomline HP is positioned to understand the needs and challenges associated with todayâ&#x20AC;&#x2122;s multivendor, industry-standard IT infrastructures

February 2013

What should a CIO keep in mind in order to achieve the results expected from a converged cloud environment? Ans: A converged cloud environment would essentially include all infrastructure seamlessly integrated between servers, storage, networks, software and environmental controls. It is key that the converged environment is secure, performing, elastic and 24x7x365 available. This requires thorough planning, execution, control and effective governance across internal and external stakeholders. Essentially, end-to-end business transactions cannot suffer and hence comprehensive SLAs are warranted. The journey to a converged cloud environment begins with standardisation and moves through optimisation, service-enablement, differentiated service-sourcing, and finally ready as a cloud service provider. The critical part of this journey is that each of these will cut across the organisation imperatives viz, technical infrastructure and architecture, service management framework, governance, finance, security, culture and staff, best-practice processes, and service portfolio management. The results expected are reduction in time and risk which helps in improved market responsiveness and agility.

Please throw more light on the holistic approach adopted by HP through its Datacenter Care initiative. Ans: The CIO today is supporting business more than ever by leading company-wide strategic projects impacting business. It is imperative that the CIO need to shift his priorities from maintaining existing systems (running the systems) to contributing more to the bottom line (changing the system). New enabling technologies like cloud, mobility and analytics has its own challenges in security and implementations. Today, the CIO has to ensure that the organisation is adapting to these quickly for competitive advantage. From IT perspective, the Data Center is the critical backbone here. HPâ&#x20AC;&#x2122;s Datacenter

H e w l e t t - P a c k a r d ( H P ) | C I O & LEADER c u s t o m s e r i e s

Care Service offers comprehensive end-toend support to provide environment-wide entitlement and enhanced call handling as in mission critical requirements. These are fully customisable support solutions for HP and multi-vendor systems. The value for the customer comprises the following being the most holistic offering in the industry today Most flexible - high touch and highly customised Simplified support management End-to-end Datacenter support including multi-vendor technologies

How does HP help CIOs in gaining more structure, accountability, and ongoing support that their business needs? Ans: Increasingly, CIOs want to consolidate the number of vendors supporting their Datacenters. A primary service vendor can provide overall service management expertise and ensure that the service management vision is executed. The primary service vendor should be capable of implementing a broad span of control and oversee the big picture. The fundamental premise here is that the service provider must have a SPOC who is able to operate in all parts of the system, with a thorough knowledge of hardware and firmware, as well as an understanding of products from key independent software vendors (ISVs). Ideally, the SPOC is someone who will own the problem and is able to act as the arbiter for any finger-pointing. HP is perfectly positioned to understand the needs and challenges associated with today’s multivendor, industry-standard IT infrastructures. The company has broad and deep technical expertise that spans many hardware and software platforms, as well as strong partnerships with leading ISVs and a worldwide network of authorised support partners. HP brings all of these attributes to bear in Datacenter Care, the industry’s premier support service offering.

CIOs have to confront with performance issues that arise from complex interactions among multiple physical and virtual systems — especially as they start supporting multi-vendor and public clouds. How can they overcome this challenge? Ans: A key element used by HP to reduce complexity is support automation, a unique

“New enabling technologies like cloud, mobility and analytics has its own challenges. Today, the CIO has to ensure that the organisation is adapting to these quickly for competitive advantage” — Tirthankar Banerjee, Director – Technology Support Services, HP India

integrated, automated management and support experience that delivers seamless management and HP know-how across the server lifecycle—from server deployment to ongoing support to continual improvement. Support automation is found in most HP support offerings; some example of automation tools are as below HP Support Center – A comprehensive support portal where you can manage contracts and warranties online, submit support cases, and chat with HP experts. HP Insight Remote Support – A remote monitoring and support platform based on innovative onboard management capabilities. Besides providing secure 24x7 monitoring, troubleshooting, and fast problem resolution, Insight Remote Support reduces complexity and saves time with rapid setup and configuration for server features such as onboard phone-home support. HP Insight Online – Secure, one-stop access to the information you need to support your IT environment from anywhere, anytime. Through the HP Support Center portal, Insight Online provides the ability to track service events and support cases, view device configurations, and proactively monitor your HP contracts and warranties. HP Datacenter Services are especially effective at reducing the complexity of designing, implementing, and supporting cloud, multivendor, and virtualised solutions.

tionship management are the basic building blocks for Datacenter Care (DCC) Services from HP. HP Datacenter Care can be customconfigured to meet the support service needs of any company whose business viability and success depends on a smooth functioning and always-on IT engine. The key service features include: Improve IT availability and reduce downtime Collaborative approach to continual improvement, thereby optimising investment and driving efficiency In summary, Datacenter Care is designed to be HP’s most flexible support offering, customisable to fit any specific requirements a customer may have. These range from support of a discrete IT solution to an entire data center containing many thousands of devices including multivendor non HP equipment. The base service provides the customer with an assigned account team to manage their overall support experience plus access to HP’s best call handling experience with fast access to technical staff who knows the customers environment. The new service offering replaces Mission Critical Partnership, adding increased flexibility and new capabilities around service entitlement making it a better fit for Service Providers or any customer with a need for flexible end to end support.

BROUGHT to YOU BY

How is HP enabling enterprise technology decision makers in driving performance levels up and costs down? Ans: Proactive services, environment wide entitlement, enhanced call handling and rela-

February 2013

Key technologies: Mobility, collaboration, and cloud computing are top priorities for CIOs today

Minha j Zia | A Question of answers

Minhaj Zia | Director, Cisco India & SAARC

Creating a flexible, secure IT architecture Minhaj Zia, Director, Cisco India and SAARC talks to Yashvendra Singh about various aspects of UC and shares his views on the key challenges confronting CIOs How can CIOs address business complexities and have a comprehensive and effective collaboration in place? The reality is that the consumerisation of IT is very real and it’s here to stay. Today’s workers demand mobile devices, software-as-a-service (SaaS), and online collaboration tools in order to be more productive. CIOs need to address this without compromising productivity in operations and business resilience. A host of new collaboration technologies, combined with the expanding capabilities of the network, make the possibilities endless for innovation on a global scale. Three strategic levers provide the framework for CIOs to address business complexities and enable innovation today -

Lead with—don’t resist—new collaboration tools and processes that promote innovation within the company and with trusted partners. Create a flexible, secure, and scalable IT architecture that continuously improves “time to capability” for the business. Position IT to provide measurable value (beyond efficiency) at all levels: productivity, experience, and growth. What are the benefits of Unified Communication (UC)? How strong is the business case in support of UC? The nature of work is changing rapidly. Multiple trends like dis-

persed workforces, explosion in content and devices, proliferation of video, social networking are causing a profound transition in the way that people interact and do business. I believe that the next breakthrough levels of innovation are unlikely to come from adding more traditional IT systems, but rather from embracing these new trends, actively engaging employees, partners and customers to work more closely together, anytime, anywhere, in a more natural and integrated way which UC enables. A lot of organisations, both large and small now understand this and are looking at UC to streamline their business processes and boost productivity, reliability, and competitiveness.

February 2013

A Question of answers | Minha j Zia

What are some of the challenges that CIOs encounter while deploying a UC solution? How can they overcome these challenges? Mobility, collaboration, and cloud computing are top priorities for CIOs today. All three can work together to create a whole that is greater than the sum of its parts. However, in bringing together mobile, collaboration, and cloud computing, CIOs face some unique challenges. First, all of these technologies create more data, which can create storage and data-management challenges. Furthermore, it creates an integration challenge, because just as colleagues need to share information, so too do applications. What are the top 2-3 emerging trends in the UC space? How can CIOs make the most of these trends? Numerous trends affect today’s business strategies and decisions; some affect specific functional areas of a business, while others represent broader social, technological, or competitive areas. Examined as a whole, they align around three integral areas – Empowered user: Individuals are using new technologies to innovate within their workplaces and communities. They are rapidly adopting video, web 2.0 technologies, such as social networking, peerto-peer collaboration, blogs, wikis, and multimedia content for mobile devices. Enterprises are challenged to deliver new tools and capabilities that meet the expectations of their empowered users, while simultaneously coping with the growing technology complexity, support, security, and compliance issues associated with them. Real-Time Information; All businesses recognise the importance of using real-time information to increase their companies’ agility and competitiveness. However,

February 2013

“Our portfolio is influenced by rapid changes in the consumer market” “increasing business velocity” requires more than simply speeding up existing data processing systems — it demands a different kind of IT and business architecture than has traditionally been required and CIO need to address this to stay competitive. The Borderless Enterprise: Since work can now be performed almost any time and in any location, new business models are emerging that benefit from global, mobile capabilities. To address this, CIOs today are exploring ways that can openly and securely enable collaboration beyond borders. What is Cisco’s UC strategy? As mentioned earlier, the next breakthrough levels of innovation and productivity will come from the ability to embrace new workplace trends — Cisco is converging social, mobile, video, and virtual communications capabilities

things I Believe in The next breakthrough levels of innovation will come from the ability to embrace new workplace trends Individuals are using new technologies to innovate within their workplaces and communities Position IT to provide measurable value

to shape the new collaboration experience. Our collaboration portfolio is influenced by rapid changes in the consumer market and no other firm empowers collaboration style as well as Cisco. What are some of the best practices that a CIO has to keep in mind when implementing a UC solution? Given that these new consumerinspired technologies cannot be divorced from the current IT infrastructure, CIOs need to address them effectively. They must consider how these new technologies affect data security and performance of the network and applications, as well as how they fit into the overall enterprise architecture strategy. In addition to increasing employee efficiency and improving the overall efficiency of the business, CIOs must also ensure that their IT staff maintains its productivity.

Best of

Breed Features Inside

Defining the Qualities of Cyber Warfare Accusations about cyber attacks are increasing, with Iran ranking high on the danger list By Jarno Limnéll

yber warfare is one of the hottest topics currently trending in newsfeeds and, although many are quick to use the term, not everyone fully understands the concept. Cyber warfare is a reality, but the reality of the situation may be far different than many believe. It’s notable that we’re already living in an era of state-led cyber warfare activities, even if most of us aren’t fully aware of it.

February 2013

illustration by photos..com

Unlocking Big Data in Social Technologies Pg 18

cyber warfare | Bes t of breed

The Reality “We are at the beginning of a new and dangerous era of cyber warfare,” according to the CEO of Kaspersky Lab Eugene Kaspersky, and F-Secure chief research officer Mikko Hypponen. An article in the UK’s TheGuardiansummarised their presentation at the DLD13 conference in Munich, and the summary was not pretty. The reality is not pretty either. Governments are taking potential threats seriously, with at least 12 of the world’s 15 largest military powers building cyber warfare programs that assess tactics and capabilities that will be critical in any future war. Intelligence sources additionally told ISSSource that the number of intrusions and attacks has increased dramatically over recent years. Accusations about cyber attacks are also on the increase worldwide, with Iran ranking high on the accusation and danger list, according to allthingsd.com. Iran has become “a force to be reckoned with,” US Air Force’s Space Command leader General William Shelton said in a January speech in Washington, DC Allthingsd.com reports that Iran has been fortifying its own cyber attack capabilities following the Stuxnet malware attacks believed to have resulted in the explosion of several Iranian nuclear centrifuges.

The Changes in Warfare The world is moving towards a greater strategic use of cyber weapons to persuade adversaries to change their behavior. At the same time it is essential to understand that cyber operations, such as cyber espionage and cyber attacks, are now a recognised part of strategic influence and combat. Past conflicts required soldiers that were physically and mentally tough enough to succeed in battle, but strength is no longer the only requirement for fighting wars. Physical strength need not be an issue at all for the new breed of soldiers that instead must possess a sophisticated knowledge of computer security and code. “Hackers now are either criminals out to make money, activists out to protest or governments engaged in targeting their own citizens or attacking other governments, whether for espionage or cyber warfare,” says The Guardian. Not every malicious attack, however, falls into the cyber warfare category, which is largely where unwar-

A country impoverished by erased banking records could very well be a victim of cyber warfare although no physical damage has been done ranted paranoia and misuse, and misconceptions of the term, arise.

The Misconceptions What counts as “cyber warfare” remains an open question, but it does have certain stipulations. A major misconception is that cyber war takes place in a different domain, i.e. the fifth domain, that is totally separate and disconnected from all other forms of warfare, be it land, sea, air or space. Rather than being disconnected from all other types of warfare, the cyber “world of bytes” is an integral part of all other domains. Warfare taking place on land, at sea, in the air or in space has its own cyber components, and the “world of bytes” is everywhere. It penetrates all the levels and dimensions of warfare, with cyber components prevalent in weaponry, communications, equipment and other war-related matters. Any future crisis, even one not deemed a cyber war per se, is likely to have a cyber component to it. It would be tough to avoid it, particularly in major wars between developed countries. Cyber is the only dimension that allows you to have an impact on all other dimensions. Cyber components may alter submarine and shipping steering, impede flight control functions and airdrop accuracy, interfere with satellites, cut off the distribution of electricity, affect the performance of smartphones, automobiles, prisons, and engage in a laundry list of additional maneuvers that shut down, deter or otherwise work to destroy your enemy.

and control without physical destruction. A country impoverished by erased banking records, for example, could very well be a victim of cyber warfare although no physical damage has been done. An attack that qualifies of cyber warfare must, however, occur in the political and strategic context of warfare. “War is thus an act of force to compel our enemy to do our will,” says the famous formulation of Prussian military strategist Carl von Clausewitz. Chinese military general Sun Tzu’s ideal of warfare was “to subdue the enemy without fighting.” Neither case necessarily involves physical destruction, although both function as a means to achieve a political aim. The same holds true with cyber warfare. The cyber instrument may have its own grammar, but its logic is that of war as a whole. The ongoing and sophisticated online conflict in Syria reported by DefenseNews.com serves as a prime example of cyber warfare. While the efforts on both the side of Syrian government and the side of its opponents are meant to “sabotage, disrupt and destroy,” not all involve physical destruction. One of the cyber weapons was a destructive Trojan known as “DarkComet.” The digital-rights group Electronic Frontier Foundation described it as: “a remote administration tool that allows an attacker to capture webcam activity, disable the notification setting for certain antivirus programmes, record key strokes, steal passwords and more — and sends that information to an address in Syrian IP space.”

The Definition While Kaspersky limits his definition of cyber war to activity that uses cyber weapons to cause physical damage, only Stuxnet fits that definition to date. Cyber weapons can also indeed be deployed to disrupt command

War vs. Peace While it is painfully clear Syria is the midst of an ongoing civil war, many other nations are instead in a grey area that is neither a state of war – nor a state of peace. Cyber

February 2013

B EST OF B REED | b i g d a t a

reality further blurs the boundaries between war and peace, adding a dangerous new dimension of instability. Instead of being an obvious form of war, future conflicts involving cyber warfare may instead become vague with no clear beginning or end. It is also important to observe that the concept of war might be blurred intentionally referring to different “cyber actions.” The cyber (warfare) victims may not even be conscious of being in conflict with someone, just acutely aware that unpleasant, tangible things “just happen.” Those unpleasant events may be a regular occurrence or they may crop up at random and infrequent intervals. Although such events may seem to have neither rhyme nor reason, they could in fact be part of a larger strategy in the cyber

what qualifies as war and what warfare game. does not is challenging in the Cyber warfare is definitely out cyber realm. To qualify as offithere, but it should not be the cial “warfare,” the term needs to catchall phrase for any malibe put into the right context as a cious computer-related activity. part of the strategic and political Distributed denial-of-service inrease in business decision making process. We attacks that have no physical intelligence market can also take one more cue from impact should not automatically in malaysia in 2013 Clausewitz who said that war be considered cyber warfare, nor is “the continuation of politics should activities such as spying. by other means.” To qualify as If cyber warfare were used to cyber war, the means may be virclassify every single malicious tual – but the impact should be real. attack or unpleasant event, we would be a war-torn world indeed. Additionally, there would be no term — This article is printed with prior permission remaining to describe a severely devastating from infosecisland.com. For more features and and debilitating cyber war when it did occur opinions on information security and risk manin the open between nations. Truely defining agement, please refer to Infosec Island.

Unlocking Big Data in Social Technologies Oracle’s Exadata database and its Exalytics inmemory analytics appliance were used to analyse nearly five billion Twitter posts

he quote was being bandied about to promote an ambitious global project called “The Human Face of Big Data,” an effort commissioned by EMC, and sponsored by the likes of Cisco Systems and VMware, that aims to use crowdsourcing to get a handle on humanity’s increasing need to generate and crunch data. For example, a widely distributed smartphone application collected data, between Sept. 25 and Oct. 2, that indicated that the reason people can’t find a cab when it rains in Singapore is that drivers looking to avoid having their pay withheld for accidents simply pull over to wait out rainstorms. They don’t pick up new fares. While such findings may not hold much value for the average IT executive, the implications of big data certainly do. And although the news from OpenWorld centered on Oracle’s slew of new cloud services and a new platform that socially enables all of the company's applications, big data was clearly the dominant theme. Oracle CEO Larry Ellison’s anticipated keynote address, which was entitled “The Oracle Cloud: Where Social is Built In,” focused instead

February 2013

on how the company’s venerable database and analytics technologies can crunch the big data inherent in social network streams. Ellison began his keynote touting Oracle’s cloud — which now features new services such as planning and budgeting, financial reporting, and data and insight — as having the broadest set of applications in the industry. He then quickly introduced Oracle’s new social platform, which he characterised as being far preferable to stand-alone social applications. But what he clearly wanted to demonstrate was the kind of insight that can be gleaned from social data when the right analytical tools are used. Specifically, he showed the packed hall how two products — Oracle’s Exadata database and its Exalytics in-memory analytics appliance — were used to analyse nearly five billion Twitter posts to determine what celebrity would be the best spokesperson to promote a new Lexus sedan. Ellison made it clear that Twitter data, in particular, consists of much more than the posts themselves — it includes timestamps, geotags, device types, and more, and the data is of both the struc-

image by photos.com

b i g d a t a | B EST OF B REED

Twitter data, in particular, consists of much more than the posts themselves — it includes timestamps, geotags, device types, and more

tured and unstructured variety. In the end, Oracle ended up analysing 27 billion relationships, nearly a billion retweets and hashtags, 2.8 billion mentions and another 1.3 billion replies. And as Ellison pointed out, the conclusion itself — that gold-medal Olympic gymnast Gabby Douglas was the best fit to promote the new Lexus — wasn’t nearly as significant as the process by which that conclusion was reached, which included drilling down into the data to find out whose posts most frequently mentioned cars, for instance. “This was a very simple question that required an enormous amount of data processing to get the data,” Ellison said. “This is something we would have had to guess at before.” Now that sophisticated data crunching tools from Oracle, EMC and the like are making it possible to extract the value of big data, companies have no choice but to try and use that data to change their business. “Otherwise,” said EMC CEO Joe Tucci during a morning OpenWorld keynote “they’ll be out of business.” — This article was first published in CIO Insight. For more stories please visit www.cioinsight.com.

C O V E R S T O R Y | T h i n k i n g b u s i n ess v a l u e

Thinking

Business 20

February 2013

Value

According to an axiom, what doesn't kill you makes you stronger. This holds true for Sandeep Phanasgaonkar too who moved up the ladder of business and technology leadership by sailing through tough times and coming out stronger from every situation. He not only proved his leadership through technology innovation but also through his business acumen. In a journey that started as a banker, he went on to becoming the President & CTO for Reliance Capital before turning an entrepreneur. He is now looking at creating products that can bridge the expectation and delivery gaps in IT consulting by varun agGarwal Design by: shokeen saifi Imaging by: peterson pj Photos by: jiten gandhi

C O V E R S T O R Y | T h i n k i n g b u s i n ess v a l u e

The True

Business Leader

While CIOs often struggle to find their place in the board, Sandeep Phanasgaonkar always saw himself as a business leader, a trait that helped him head various businesses while being a technology leader at the same time By Varun Aggarwal

science student, who always had a keen interest in both IT and busines, Sandeep Phanasgaonkar took up Mathematics and Physica as specialisation while pursuing his BSc Degree from the University of Mumbai. A sharp student, Phanasgaonkar also enrolled into courses such as Diploma in Operations Research, and Diploma in Advanced Computing from National Institute for Training in Industrial Engineering. He also did his MBA in Finance from Jamnalal Bajaj Institute of Management Studies. Phanasgaonkar started his career as a banker with the State Bank of India (SBI) in 1984.

February 2013

"This was a time when computer revolution was just taking off in India. I started working at the bank as a probationary officer," Phanasgaonkar recalls. At SBI, Phanasgaonkar gained extensive domain knowledge of the various processes in banking. After completing the probation period of three years, Phanasgaonkar moved to the branch office and headed the office automation project at SBI. He was involved in software deployment, training of staff and gathering specifications for the IT projects. He was later shifted to the head office and started looking at MIS. This was where he started software

coding. From 1986 to 1990, Phanasgaonkar was involved in extensive programming for key head office functions, software testing and deployment for the branch automation project. By 1990, the IT industry started to boom in the country and lured Phanasgaonkar. He, therefore, decided to enter the industry and joined Tata Unisys, a collaboration between Tata and Unisys, which was into mainframe systems. His role at Tata Unisys was to drive the countryâ&#x20AC;&#x2122;s first offshore development centre for a European client named Banque Indosuez. Here, Phanasgaonkar leveraged his bank-

T h i n k i n g b u s i n e s s v a l u e | C O VE R S T O R y

ing and IT experience to help clients from the banking industry in the areas of SWIFT payment interface, FX and MM dealing and total banking solutions. He also worked for an insurance client based in the US. Taking initiative, Phanasgaonkar went beyond the role of IT and got himself involved in the development of products on trade finance for the company. He even got into the marketing and support of the products. The biggest challenge that Phanasgaonkar faced at Tata Unisys was that the people working on programming assignments on international projects were valued more. Since the products team was small and new and it was a green field initiative, it wasn’t given its due credit. In 1993, he joined iFlex, which was then called Citicorp Infotech. The company was working on many banking and finance software products. Phanasgaonkar was a domain expert in banking with a good IT experience. According to Phanasgaonkar, this was one of the best learning experiences in his career. He was given the opportunity to work on large software development projects at multiple sites and varied requirements. He was made the incharge of testing and later headed an implementation in Philippines. This was the time he also got exposed to sales in East Africa, South Africa, Egypt and Middle East. He was involved in product development, pre sales and implementation. The experience at iFlex helped Phanasgaonkar get a clear understanding of customer expectations from banking ERP systems and products. By 1999, Phanasgaonkar developed an interest in the position of a CIO as it seemed to be an influential role from an IT vendor and business benefit perspective. Seizing the oppotunity, he joined Deutsche Bank as the Regional Technology Head-India, Pakistan, Sri Lanka. He was hired at the time of the Y2K, an issue that made the CIO role

very important. As a CIO, he had to ensure that every software at the company was validated for Y2K. Phanasgaonkar also implemented many large deployments in India during his tenure at Deutsche Bank including a locally acquired core banking solution that acted as a backup option in case the core system at Singapore failed. In 2001, Phanasgaonkar moved from Mumbai to Delhi to join GE Capital in Gurgaon. This was a much bigger role for him and in his own words, “This was a significant job in my career in terms of learnings in various aspects of banking and six sigma among many other things.” In 2004, the CEO of GE Capital International Services (GECIS), Pramod Bhasin, decided to focus on expanding the business. From the existing business of outsourcing, he decided to create an independent company under the name of Genpact. The new company brought together several GE BPO companies based in China, Mexico, Hungary, and the US and merged them with the Indian entity of GECIS. Phanasgaonkar was appointed the Global CIO of Genpact. After taking up this position, the the biggest challenge that confronted Phanasgaonkar was to move from GE Capital's infrastructure and set up an independent and globally deployed IT systesms and infrastructure. The task at hand for Phanasgaonkar was not only to create new infrastructure but also to implement a new ERP system and a new service delivery platform. Phanasgaonkar describes this project as the most important one in his career. From January 2004 to June 2004, he and his team worked 24X7 to achieve what they aspired for. The team comprised of 150 IT full time employees and 350 vendor consultants. With a large number of GE businesses outsourcing their mission critical processes to Genpact, Phanasgaonkar and his team had to

Key

Milestones Public Cloud Deployment: At Reliance Capital Group, his team enabled10,000 users on Google Apps in the public cloud. This is being looked upon as a major collaboration platform through the use of tools such as GMail, Google Talk, Google Docs, YouTube, Google Sites and the social media tool Google+. Google Docs, which is the cloud based office suite, will almost entirely replace MS Office, except for some power users. Private Cloud: Under Phanasgaonkar's leadership, Reliance Capital (RCap) and its 5 Lines of Business have their entire back-end servers, core systems, storage, security and specialised network equipment co-located at the third party data center facility of Reliance Communication in Vashi, Mumbai. His team created specific capability for perimeter security and edge network which is shared by all the businesses. SAP for finance and HR was entirely centralised for RCap and lies in a shared services cloud that is accessed by all businesses. The same architecture has also been extended to the company's DR setup in Chennai and Bangalore. Mobility: RCap's mobility journey, initiated by Phanasgaonkar, commenced in 2009. RCap experimented with multiple platforms including Volantis (now a part of Antenna) and used wrapper software such as Seattle Clouds to enable mobile apps on different mobile operating systems and form factors. Today, RCap has largely standardised on Android with some of the older apps on version 2.3 and newer apps being developed in Java on Android version 4.0 and above. Only specific development happens on iOS. The business apps are largely focused on customer service, lead management, collections, claims survey, new business mobilisation, mobile trading etc. Mail and messaging are available on most mobile devices including android, IOS, BlackBerry with data security driven through enterprise servers, VPN and mobile device management (MDM).

February 2013

ensure a smooth transition without disrupting business. The project turned out to be a huge success and helped Phanasgaonkar gain rich experience in the areas relating to business, customers, reduction in resolution time and improved communications. During the process, Phanasgaonkar realised that the project would be impossible to implement if there was a lack of communication with employees, customers and vendors. He needed effective comunication to several questions — What changes will take place? How would customer care executives take calls? What capabilities would be available and what wouldn’t be available? How would some of the existing services change? He then hired a third party consultant to put a communications plan in place. The exercise lasted six months and Phanasgaonkar reached out to GE’s global CIO in July 2004 to make the final transition. Giving an animated description of the excited moment, Phanasgaonkar said, “The transition worked like a perfect orchestra—the instruments worked perfectly, musicians (read employees) knew how to play and the audience (customers) could enjoy the music.”

People are always looking for advisory services like a customised service that isn’t very expensive and gives focused consulting –Sandeep Phanasgaonkar

In 2006, Phanasgaonkar joined Reliance Capital and went back to Mumbai. While getting him onboard, Amitabh Jhunjunwala, Vice Chairman of Reliance Capital told him, “IT is not just a business enabler, it is the key differentiator for us. IT is core to us. Everything we do relies on IT.” Those words gave Phanasgaonkar the encouragement to start looking at growing the business with the help of new IT systems. He ensured the company had the right systems in place that could help create new business avenues. However, the financial meltdown in 2008 changed everything. Suddenly the focus was on maintaining a

February 2013

T h i n k i n g b u s i n e s s v a l u e | C O VE R S T O R y

good bottom-line and on cost management. IT costs had to become variable and be in sync with sales and since the sales were down, the IT costs were also required to go down. That said, most of the IT costs were fixed and reducing them was going to be very difficult.

Key Initiatives Phanasgaonkar took the recession as an opportunity to deploy modern IT systems in the company. He took the virtualisation route to cut close to 50 percent servers. He also renegotiated vendor contracts and brought variability in licence costs to make costs proportional to business revenues. From that point on, he started looking at IT costs from a bottom-line perspective. He leveraged emerging cloud infrastructure and SaaS technologies to ensure that the company paid only for what it used and not for idle or peak capacity. Phanasgaonkar later saw an opportunity in the mobile space and latched onto it. “We realised that mobile subscribers were a great opportunity area for us.” What started two years ago as an experiment to tap a set of potential customers, has turned into a revolution at Reliance Capital. When Phanasgaonkar started on the mobility journey, the large number of mobile form factors was a big challenge from a technical issues perspective. There were also too many mobile platforms, making service delivery even more complex. The company, therefore, decided to focus only on Android platform and tap into a growing market. Reliance Capital is now planning to extend even its corporate applications on to the mobile for employees to enable anywhere anytime access on mobiles and tablets. To enable the mobile strategy within the enterprise, Phanasgaonkar zeroed in on Cirtix Virtual Desktop solution, which also coincided with the company's desktop refresh cycle. For end point devices, the company decided to use the VDI technology and also leveraged the same to give enterprise application access on mobile devices. It has turned out to be a major cost advantage for the company in terms of bandwidth, power costs etc. There are close to 1000 users already on VDI and by the end of 2013, the number is expected to go up to 5000.

Key Facts Favourite Book: Da Vinci Code by Dan Brown. He also likes to read fiction and periodicals Favorite Sports: Phanasgaonkar is into sports big time. He likes to involve himself in various sporting activities such as cricket, table tennis and swimming Acitvities: He loves to travel. Phanasgaonkar is a people's person and visiting new countries and meeting people from different walks of life always excite him Leadership Mantra: Encourage team participation, knowledge sharing and absorb this knowledge for taking innovative decisions Favorite Wheels: Toyota Fortuner

Reliance Capital Group implemented 10,000 users in Google Apps in the public cloud. This was being looked upon as a major collaboration platform through the use of tools such as GMail, Google Talk, Google Docs, YouTube, Google Sites and the social media tool Google+. Google Docs is being used as the defacto office suite. Google Talk has enabled audio and video communication between the leadership and its teams. Hangout in Google+ has enabled low cost simultaneous, multi-location and interactive video conferencing with the additional ability to stream live to thousands of employees through “Hangout on Air” on YouTube. Login authentication, website lockdown, data loss to the internet is implemented through on-premise tools. Google has also worked on enhancing security features as appropriate for a financial services enterprise. Large storage, host of apps and features have compelled users for adoption. In 2009, the company needed to enhance profitability. It was decided that what was neeeded were user insights to take better

and faster business decisions. Phanasgaonkar deployed a BI solution from SAS to get insights that previously didn't exist in the system. The company started putting special focus on customer segmentation. Along with using analytics to get better insights into the company's business, Reliance Capital also started using predictive analytics to implement new business models in the field.

Management Style Phanasgaonkar believes that as a CIO, you not only grapple with technology but also business. It is therefore important for CIOs to keep pace with both technology as well as business. He is a firm believer of encouraging his team members to create and share knowledge. He feels it is important for a CIO to absorb all this knowledge generated by the team to see how he can innovate and act as a true leader. According to Phanasgaonkar, focus on end-users and customers is very important. A CIO needs to adapt to change, given the dynamic nature of business and technology. Phanasgaonkar recently decided to quit his position at Reliance Capital. Given his penchant to be an entrepreneur, he is considering to take up strategic consulting and mentoring high-tech startups. “I might look at offering innovative IT services, create a package of innovative service concepts and different models of delivery.” “People are always looking for advisory services like a customised service that isn’t very expensive and gives focused consulting. This is something that is still lacking and I hope I would be able to bridge this gap sometime.”

Future of IT Phanasgaonkar believes that going forward, customers would be more IT savvy, technology would be more self service and delivery time of a service would go down drastically. Moreover, App store concepts would become essential to enterprise computing. He believes that even complex tools such as analytics would get into the hands of the end users as end points tend to get more and more powerful. Phanasgaonkar also feels that the line between work and personal life would get blurred going forward.

February 2013

C O V E R S T O R Y | T h i n k i n g b u s i n ess v a l u e

“Sandeep gives full independence to his team and also ensures that team members are given suitable responsibilities so that they function in the best possible way and achieve the objectives” –Murli Nambiar, CTO & Group CSO, Reliance capital

How do you see Sandeep Phanasgaonkar as a person? I’ve worked with Sandeep closely and I feel he is a very genuine and warm person. He’s also a very open person who has a great sense of humor.

“Phanasgaonkar is a Genuine Person” Murli Nambiar, CTO and Group CSO, Reliance Capital worked very closely with Sandeep Phanasgaonkar. In an interview with CIO&Leader, he shares his personal experience about working with him.

February 2013

What is Phanasgaonkar’s style of working? Sandeep gives full independence to his team and also ensures that team members are given suitable responsibilities so that they can function in the best possible way and achieve the objectives. How do you rate him on the leadership scale? In my opinion, Sandeep should be rated high on the leadership scale. While I can’t put a number to it, all I can say is that he’s an excellent leader. What are the things that you have learned from Phanasgaonkar? What I learnt from Sandeep was that it is important to trust your team members and allow them to take newer responsibilities along with accountability for the job. It is also very important to have trust in your team and allow them to find ways in which they can perform better than the expectations.

on ial cti ec se Sp ship er ad le

“The art of leadership is saying no, not saying yes. It is very easy to say yes.”

—Tony Blair

February 2013

26A

I n t r o d u c ti o n

CIO&LEADER This special section

on leadership has been designed keeping in mind the evolving role of CIOs. The objective is to provide an eclectic mix of leadership articles and opinions from top consultants and gurus as well as create a platform for peer learning. Here is a brief description of each sub-section that will give you an idea of what to expect each month from CIO&Leader:

28 27

Leading edge An opinion piece on leadership penned by leadership gurus. Plus, an insightful article from a leading consulting firm

top down

This feature focusses on how CIOs run IT organisations in their company as if they were CEOs. It will comment on whether IT should have a separate P&L, expectation management of different LoB heads, HR policies within IT, operational issues, etc. This section will provide insights into the challenges of putting a price on IT services, issues of changing user mindset, squeezing more value out of IT, justifying RoI on IT, attracting and retaining talent, and competing against external vendors

ME & MY MENTEE

Cross leveraging our strong traction in the IT Manager community, this section will have interviews/features about IT Managers and CIOs talking about their expectations, working styles and aspirations. In this section, a Mentor and a Mentee will identify each otherâ&#x20AC;&#x2122;s strengths and weaknesses, opine on each otherâ&#x20AC;&#x2122;s style of functioning, discuss the biggest lessons learnt from each other, talk about memorable projects and shared interests

SHELF LIFE

A one-page review of a book on leadership

26B

February 2013

The best advice I ever got Featuring a top CIO/Technology Company Head and the best guidance/ recommendation he received with respect to his personal or professional growth. The advice could relate to dealing with people, managing personal finance, and balancing work and life

Top Down Ashok Cherian CIO, JK Cement

Preparing Future Leaders

When I joined JK Cement, there were lots of things that needed to be done to make the IT process streamlined. Since I am JK Cement’s first CIO, my mandate is to set up an IT department that would increase the company’s bottomline. As I had to set up the IT team from scratch, I hand picked each member. I communicated to them that their job was not only to build an IT system but also work closely with the various departments to understand their issues and provide solutions to them through IT. Today, we have a 33-member IT team. It took us two years to set it up. We have a centralised IT team and everything is structured perfectly which ensures that It plays an important part in the company’s growth. We have to ensure that we come up with innovative products to move ahead of the competition. It is very important for a company as big as JK Cement to have an IT network that is centrally accessed as it helps the

iimage by subhojit paul

Ashok Cherian, CIO, JK Cement, feels that the best way to learn is by taking up responsibilities company to track different needs in the market. I believe in helping my team members in leadership traits. As a leader, I have always believed in delegating work. There will be 99 percent instances where you will find me delegating work to my juniors. In this way I am preparing my juniors to be the future leader in the organisation. If you don’t put the subordinate in a position where he is answerable for his actions, then you are depriving him of the opportunity of becoming a future leader. The best way to learn is to take up responsibilities and think in a manner where you are the business leader. Once you expose your team members to greater responsibilities, they will learn to take bigger decisions and their confidence also increases manifold. Another important trait that I teach my juniors is to keep their cool and think over the problem in a rational manner. This helps them in coming up with solutions rather than getting impatient and in turn creating a situation where the whole team panics. I believe in team work and keep on motivating them from time to time. — As told to Atanu Kumar Das

February 2013

Leading edge Michael Bloch and Paul Willmott

The first 100 days of a new CIO

It’s critical to get a good start when stepping into the CIO role. Consider several measures when you shape your course By Michael Bloch and Paul Willmott

The early months of a CIO’s tenure are an extremely important time to learn about a company’s culture and critical issues, shape an agenda for change, build relations with peers and senior leaders, and make decisions—on people, funding, and other matters—that will provide a solid foundation for the future. Ian Buchanan, who has served several financial institutions as CIO or COO, says: “In the first 100 days, you have to make your mark. In that period, you also need to formulate a compelling vision, because if you want to lead, as opposed to executing the visions of others, you do need to come out quickly with a story that everybody can align around.” (For more, see “Hitting the ground

February 2013

running as a new CIO: An interview with Barclaycard’s Ian Buchanan.”) By working over the years with many senior executives stepping into this role, we’ve learned about elements to cover, priorities to make, and mistakes to avoid. We have attempted to distill the most important topics to address during these critical first months. Of course, the particulars of each situation will have an impact on the priorities of each CIO. But we believe every new CIO will benefit from reviewing these elements and using them as a starting point to shape his or her own course of action.

1. Start the first 100 days before your first day

Use the interview process to understand organisational dynamics and expectations. Ensure you see all stakeholders, such as corporate directors, to form a better perspective. Talk with systems integrators and other outside experts to obtain a fuller view. Start building a hypothesis of your plan.

2. Clarify and strengthen your mandate Understand what is expected of you and how you will be measured, for example, with regard to new business capabilities, cost targets, automation levels, and projects to fix. Set out your “strategic posture”—for instance, emphasising IT as a

M i c h a e l B l o c h a n d Pa u l W i ll m o tt | L e ad i n g e d g e

when necessary. Many executives are nervous about IT simply because they don’t understand it.

4. Understand the upside and downside Understand the specific role of technology in the industry and how it creates value. Study the best and most admired users of technology in your industry. What do they do that your company does not? Ensure that an IT-enabled innovation pipeline is in place. Start building this capability if needed. Make sure you understand the IT-driven risks in the organisation, for instance, regarding cybersecurity and large, ongoing programs that might not deliver on expectations. See to it that regular review and mitigation plans are in place.

illustration BY photos.com

5. Develop the plan

driver or enabler of strategy. Set clear expectations with the CEO and other stakeholders on the levers that you must have control over, such as the freedom to cancel projects, change reporting lines, replace business unit CIOs, or outsource functions. Enlist CEO support for early symbolic actions, for instance, stopping a high-profile project or replacing an underperforming executive.

3. Build relationships with business unit executives and agree upon priorities You only get one opportunity to make a strong first impression, so prepare for these meetings well. Get input from

members of your team who know the executives you’re meeting. Learn as much as possible about their priorities and concerns up front. Form a hypothesis of the likely answers, and test and refine them in every discussion. Develop alliances across the group. Set meetings with business unit heads and other key executives, for instance, client account managers and R&D leaders. Focus on the business imperatives that IT can enable or transform with regard to, for example, channels, customer relations, and products. Set the tone for peer relationships and avoid conversations about executives’ IT concerns. Challenge current priorities and plans when appropriate. Educate others

Create transparency on performance and health. Develop a fact base not only on IT performance—for instance, cost levels, service levels, head count, and key projects—but also on IT health with regard to architecture, capabilities, culture, and delivery. Understand your technical assets and benchmark them against best practice. Consider technological discontinuities, such as cloud computing, mobility, and social media, and study how you can leverage them. Choose levers selectively. There are many levers for improving IT, but the most effective transformations focus on just a handful. Sequence improvements to build capabilities. Partner or outsource where required to fill capability deficits, but make sure to develop internal capabilities as part of the plan.

6. Build your team Start with organisational design. Incumbent team members might be effective in their current roles but not in a new structure. Aim high. Sketch out the profiles of your “dream team” rather than shuffling existing players. Michael Bloch is a director in McKinsey’s Tel Aviv office, and Paul Willmott is a director in the London office.

February 2013

The best advice I ever got

“Create value out of every project” The best advice that I have got was during the early years of my career. At that time I had seven to eight years of work experience and was about to move into a managerial level role from being an engineer. One day my boss gave me the good news about my promotion. He told me about my new role, opportunities and challenges that lay ahead. It was a completely new role for me, as earlier as an individual I was responsible for my own work but in a manegirial role I had to take care of others’ work as well. The new role came with new responsibilities and I was given the opportunity to lead an entire team. I was supposed to execute the orders and guidelines of my superior. Infact, the opportunity was a stepping stone towards a leadership role. My boss gave me an important advice which I cherish till today. He told me to try and create value out of every project that I execute. While at that point of time it sounded sweet and simple even after completing more than two decades of my professional life, I still find it was a very profound statement. I followed that advice throughout my career. Even today, I follow it in my day-today life. I try to create value for my customers, who are largely the internal audiences. The advice has helped me to a great extent. Earlier, the management used to look at the IT team as executors. We were never involved in any decision making process.

February 2013

Muralidharan Ramachandran CIO, Syntel

Orders and guidelines were issued to us and we were supposed to execute them. This perspective began to change when we started creating value in every project that we executed. The IT team soon started gaining respect among the stakeholders. Our role was transformed from being executors to becoming enablers. The IT team started to get involved in decision making at much earlier stage, as opposed to earlier when it was informed about any new project after the top management took the final decision. The advice is relevant even in today’s time when the role of a CIO has changed from just running the IT infrastructure to critically supporting the business role.

It was easy for me to adopt this new change because I was already doing this since the early stages of my career. I pass on this advice to my juniors, especially those in the support team. They are the people who never gets any appreciation, which they deserve. The moment things go haywire, they start getting the brickbats. As my boss adviced me, I too adviced my juniors to create value in every project that they execute. This will help them get recognition and appreciation. I hope they will follow my advice during their journey ahead. —As told to Akhilesh Shukla

me & my Mentee

MENTOR

Jayanta Prabhu CTO, Essar Group

MENTEE

Keyur Desai

AVP, IT Infrastructure & Projects Group, Aegis Limited

Grooming the Team for Leadership

What do you look for in a mentee? (qualities, attributes, skills, etc.) Jayanta Prabhu The basic ingredient of a Mentor – Mentee relationship is “Trust”. Although technical skill sets have their own place, an individual with hard + smart working skillsets, Positive attitude, Enthusiastic, Open for new learning in life with honest approach are some of the key qualities and attributes desired in a mentee.

individual in the very first instance, this gives you the right way to prioritise the areas of improvement in your mentee. Keyur has been with me since quite some years and over the period of time have known him very well, time and again have been able to guide him to focus on the key areas that has helped him to grow.

What do you look up to in your mentor? (qualities, attributes, skills, etc.) Keyur Desai My Journey from a Trainee to Associate Vice President within the span of 11 years at Essar Group has been very exciting and the most memorable in my Life. I have always admired Jayantha Prabhu – my mentor for People management skills, inspiring Leadership Skills, Positive instinct towards growth and change and Practical approach in life. He is a Quick Thinker — Decision maker and last but not the least — a very good human being. His never tiring spirit has always inspired me to work relentlessly meeting the deadlines. There have been many incidents where, by his mere statements, I could perform more than the expectations. It felt amazing how he could gauge the potential within the person.

Do you think your mentor spends enough time with you? How do you think your mentor could contribute more towards your professional growth? Keyur Desai Jayantha, although keeping himself very busy with the important meetings all day long, he ensures that he speaks to me in person or over call, couple of times a day either to discuss official matters or at least to say “How are you doing?” I feel this is an encouraging way that helps to ease the work pressure and maintain a better relation. At times, there are chances when have actually not met in person due to his busy travel schedules and other important meetings. I strongly feel, if I can meet him in person more frequently, it will open up lot many horizons between us that will enable more professional interactions and help in my professional growth. The “Core Insights” and the “Managing Power” will be the key takeaways from this change.

How do you identify and priorities areas where you think your mentee needs to focus on for further professional development? Jayanta Prabhu It is always important to judge the

How do you think your mentee can take on more responsibilities? Jayanta Prabhu Keyur has been very energetic in his approach and has a cool temperament to analyze

February 2013

m e & m y M e n t e e | J a y a n ta P r ab h u & K e y u r D e s a i

Keyur Desai Jayantha strongly believes in job delegation with justified empowerment to his team and has believed in grooming the team as Leaders. He has always empowered me with the authority to take decisions in my domain verticals and have genuinely supported my decisions. I remember an incident where the project got delayed and there was a chaos situation. He supported me in those critical moments and later explained me my missed out pointers. He has always guided me with the principle, “Never fear the Failures, they are the learning steps to Success.” Today, at times - even in his absence I have the confidence to take the decisions in my areas ensuring the right protocols are followed.

image by jiten gandhi

Are there any conflicts between you and your mentee? If so, how do you resolve them (you may also cite one or two instances)? If not, what do you think is the secret of your smooth working relationship? Jayanta Prabhu There have been some instances where we have difference in opinion on the technical approach to which I prefer to discuss and understand his point of view before the final call is taken. It always has been my strong belief in empowering my mentees and grooming them into Leaders. I prefer to give chance to Keyur to prove his point, that has helped him to boost his self-confidence and improve his leadership qualities as well.

“The basic ingredient of any Mentor–Mentee relationship is undoubtedly “Trust” and handle the pressure situations very efficiently. His timely adherence to commitments with the blend of good communication and People management skills has always encouraged me to assign more responsibilities on his shoulders. He is a quick learner with sharp wittedness that gives me confidence to allow him handle bigger decisions. Does your mentor delegate enough tasks and responsibilities to you? How often do you take key decisions yourself? How would you like the situation to change (if at all)?

February 2013

Please describe your working relationship with your mentor and how the two of you address key challenges together or resolve any conflicts of opinion. (You may cite a couple of examples.) Keyur Desai While Jayantha has the art of extracting the best out of the team and his ability to motivate people – he believes in maintaining a good rapport with all. At times, he has gone out of his ways to help people and never look back by giving “extra efforts” for others. During the critical times at work, I used to desperately try to speak to him — since I was always sure that by just talking to him, I’m going to get the enough strength to put more efforts and achieve success. He works on simple principles and backs up his team at all times. I remember an incident couple of years back when I was working on a critical international project and was struggling with my team to have the vendor support due to weekends. He went out of his ways to arrange the vendor support while myself and my team worked relentlessly ensuring the deadlines were met. There has always been a trust relationship between us that has been one of the key factor of our relation. At times there have been difference of opinion, I always opted to suggest with healthy discussions to come to a mutual conclusion and at

J a y a n ta P r ab h u & K e y u r D e s a i | m e & m y M e n t e e

Keyur Desai Over the years, although I have learnt a lot of good virtues from him — I believe, being humble and helping others is one of the key learning and have been practicing in my life. Leadership is influence – His instincts to groom Leaders within the team and the Positive energy towards life that keeps him charged at any hour of the day have been fascinating and has helped me achieve success in my personal and professional life.

What are the challenges and constraints for a mentor/CIO to devote more time and effort for the development of their immediate juniors? Jayanta Prabhu Owning the responsibilities of Group CTO of Essar Group and the schedules due to meetings with our Senior management, Technology Vendors, Business CIOs & CEOs along with travel schedules, at times it becomes difficult to spend quality time with my leadership team — my direct reports. My busy schedules, always encouraged me to stay in touch with my subordinates over call on daily basis to ensure my personal touch with them. I always believe in going one extra mile understanding their personal problems to ensure I can extend all my support to them.

“Jayantha strongly believes in job delegation with justified empowerment to his team” times where the decisions were not clear, I respected his word as final. What are the two or three key things you have learned from your mentee? Jayanta Prabhu Although we share a good professional relationship, I admire his adventurous nature and the way he builds personal rapport with different People in his personal and professional life. What are the two or three key things you have learned from your mentor?

What are your views on the need for a mentor for IT managers in realizing their full potential? Keyur Desai I strongly feel that a mentor is a must for any individual irrespective of the professional field. Mentoring helps to groom the individual with the true virtues of experience and success in personal and professional life. IT is an ever changing dynamic field and IT managers have to keep themselves abreast with the latest technologies to keep up the pace while ensuring right technology is implemented within the Organization. IT Leaders are the IT Enablers in any Organization that acts as the catalyst in improving the productivity of end users and thereby contributing in overall growth of the Organisation. A mentor plays a very important role to help IT Managers keeping the right attitude at work towards betterment of the people, help improve the productivity and achieve success in life. Please share your views on the role you think a CIO can play in mentoring IT managers and take them to the next level. Jayanta Prabhu Role of a CIO / CTO is very important in mentoring the next level IT leadership team within the organisation. Today’s mentees are the future leaders and they need to be groomed to take care of the current dynamic situation and keep them prepared for the upcoming challenges in future. I strongly believe, developing leaders within the team is the best approach towards Organization’s Growth and Success. —As told to Yashvendra Singh

February 2013

OPINION David Lim

What Happened at Copenhagen? Future negotiations for climate change need to take place swiftly, and probably best done by having a ‘side’ deal of binding commitments signed between the nations that impact carbon emissions level most significantly

ABOUT THE AUTHOR David Lim, Founder, Everest Motivation Team, is a leadership and negotiation coach, best-selling author and twotime Mt Everest expedition leader. He can be reached at his blog http:// theasiannegotiator. wordpress.com, or david@ everestmotivation. com

The much vaunted United Nations conference at Copenhagen is over — but not the wheeling and dealing that led to a much criticised conference statement which promised some improvements in carbon emissions, but held no one accountable for any targets. From the outset, from a leadership perspective the challenge was huge: 15,000 delegates and officials, 5,000 journalists and 98 world leaders attempting to agree on something – ANYTHING. Essentially, the delegates were split into two broad camps – the developed countries resisting an agreement that would legally bind them to cut emissions by a certain amount by 2020; and the developing world that wanted more help to reduce their emissions, and also to avoid being tied down to legal agreements that might both save the planet and nix their growing economies. These were dense, multilateral negotiations, and here are what we can learn from the negotiation skills displayed by the players.

1) Stonewalling and Avoiding China, one of the world’s biggest polluter (bit not by a per capita basis) adopted two effective negotiation tactics. They were staunchly resistant to committing to anything, and thus avoided making any commitments throughout the proceedings. By simply postponing and avoiding doing anything, you can sometimes get away with what you want, rather than cause increased ten-

February 2013

D av id L im | o p inio n

2) Managing Expectations and Setting More Defined Goals A key letdown was the near-total inability with the UN meeting convenor to set a series of intermediate and achievable goals that the majority of the nations present could adopt and move ahead. Wildly optimistic statements, and ambitious carbon control targets set way beyond the lifetime of democratic governments just set up Copenhagen for failure.

3) Introducing New Players Into the Game can Change the Dynamic Faced with a total non-result, Obama’s persuasion and influence led to, at least, a non-binding commitment from richer nations to help poorer nations by a sum of some billions of dollars. This was hardly a victorious end to Copenhagen, but it was at least something as a start. If only UN head Ban Kim Moon had framed

China adopted two effective negotiation tactics. They were staunchly resistant to committing to anything, and thus avoided making any commitments throughout the proceedings. By simply postponing and avoiding doing anything, you can sometimes get away with what you want, rather than cause increased tension and/ or outright hostilities by adopting a proactive stance the meeting as a ‘start’ and not the solution in the very beginning, delegates would not have been negotiating over so many non-negotiables from the start

3B) Invoke the Doomsday Tactic Obama probably invoked what we call the Doomsday tactic – that a non-result finish to the conference would make all of the top leaders look stupid and obstinate, and that unpalatable public relations reality likely spurred the rest of the key players to grudgingly make the final concessions (though non-binding). So what now? Future negotiations for climate change need to take place swiftly, and probably best done by having a ‘side’ deal of binding commitments signed between the nations that impact carbon emissions level most significantly, and overseen by observers. This won’t be liked by the less influential nations, but then you won’t have valuable time taken away by lengthy diatribes of little value spouted by tinpot dictators – as what happened in Copenhagen. This is where pure democracy worsens rather than improves a climate for healthy negotiations and actual, binding action and results. Give me a pound of action over a ton of talk anytime. DAVID LIM IS A LEADERSHIP AND NEGOTIATION COACH AND CAN BE FOUND ON HIS BLOG http:// theasiannegotiator.wordpress.com, OR subscribe to his free e-newsletter at david@everestmotivation.com image BY photos.com

sion and/or outright hostilities by adopting a pro-active stance. Recall that it was President Obama who had to find the ‘missing’ Chinese delegation — who were later found to be cutting a side deal with other developing nations from the BRIC (Brazil, Russia, India and China) bloc.

February 2013

SHELF LIFE

“I do not think owners have a role to play in how a team performs on field. That is the job of the coach and the captain” — ravi ramu

The Business of T20

The book reveals how the author guided a T20 cricket team to championship glory. His success mantra: Cricket is not a team game What is most

important while selecting a good cricket team? How do you value a cricket team in a league that has not been launched yet? These are some of the questions Ravi Ramu and his friends had to find answers to after bidding for one of the teams in the inaugural Karnataka Premier league in 2009. The answers to these questions form the crux of the book Inside Indian T20 . The book penned by Ramu takes readers into a journey of the process of setting up a T20 squad in a nascent league (KPL) and leading it to victory in the first season. Says Ramu: “We started with just an idea to bid for a team. We had no idea about the returns from the investment from the venture and whether it would be a success. We decided to take a gamble and it paid off.” He adds, “I have worked in many management roles across the globe and was initially wary on how managing a team would be. It has been a great experience and I have enjoyed it thoroughly. It has helped me take to the T20 format of the game as well.”

February 2013

Ramu is a keen follower of the game and felt that a side needs a good captain and a coach. “They need to be people who would rally their players and make everyone give their best. I wanted a captain and coach who have the correct attitude to lead.” “This holds true in a cricket field and a corporate office, ” says Ramu. Giving an example from the cricket field, he contends, “Mike Brearley was a mediocre player, but an excellent captain. He had the knack of managing a team well and getting results from the players. That is the perquisite for any captain.” Ramu says that he met his players only once in the course of the tournament. “I do not think owners have a role to play in how a team performs on field. That is the job of the coach and the captain.” “I feel that it is very important that every player should be in his own zone, when he is on the field,” says Ramu He adds, “I do not agree with the oft repeated statement that cricket is a team game.”

ABOUT THE AUTHOR Ravi Ramu is a member of the Institute of Chartered Accountants in England and Wales, London. After many years in London, Amsterdam and Dubai, Ravi returned to India in 1994. Ravi is also working on his next book: a novel set in the corporate world.

“It is not a team game like football or hockey, where you need passes, good saves and a team effort to do a good job. In cricket, when you are batting or bowling, you are playing an individual game. The team does not determine how you bat or bowl as an individual,” says Ramu. The main problem that the Indian team has faced in its slump over the last 18 months has been the lack of a communicative coach and captain, says Ramu. “You need someone who makes you comfortable in the zone or coaxes you into it. That does not seem to be happening, which is a major cause of concern.” —This book review was originally published in The Hindu. — To read the original article, please visit http://www.thehindu.com/todayspaper/tp-features/tp-metroplus/thebusiness-of-t20/article4338147.ece

N O H O L D S B A R R E D | A lo k B harad w a j

DOSSIER Company: Canon Established: 1937 Headquarters: Tokyo, Japan Products: SLR cameras, still cameras, digital cameras, camcorders, printers, scanners etc employees: 198,307

â&#x20AC;&#x153;Cost-Effectiveness

Driving MPS Marketâ&#x20AC;? Alok Bharadwaj Executive Vice President, Canon India Pvt Ltd talks to Varun Aggarwal about the growth and opportunities in the managed document and print services market in India

February 2013

A l o k B h a r a d w a j | N O HOLD S B A RR E D

Managed services market in India is still very fragmented with re-filler and printer outsourcing vendors selling their services under the MPS umbrella. How do you distinguish your services in such a market? India is getting more globalised and it has become imperative for organisations to adopt newer technologies in order to streamline their business processes and become more effective and efficient. With the changing technology MDS not only caters to specific segments but also to a group of small and large enterprises. There is increasing awareness about the MPS market in India as outsourcing as a service model matures and early adopters demonstrate benefits. As the technology is redefining the ways, solutions software services are becoming increasingly a lot more critical to the success of the business. With Canon Managed document services, organizations can achieve efficiencies in document workflow, making their staff more productive at the same time. A successful MDS partnership with Canon will enable following long term benefits for organisations: 1. Reduce Operational Cost in Document Management 2. Enhanced Employee Productivity 3. Improved Document Processes 4. Greener Working Environment 5. Enhanced Print & Document Security Most of the MPS contracts are restricted to per page cost. How are you highlighting the values offered by these services? Do you see a change in the way CIOs look at MPS? With India getting more globalised it is imperative for CIOs to be aware of and adopt new technologies in order to streamline businesses and the right management of resources. India produces approximately 4.4 lakh tons of e-waste and this is growing at 20 percent YoY with less than five percent being recycled. The better side is that, companies today are going green and the first thing a CIO looks at when it comes to MDS is paper management. MPS provides anywhere and anyplace printing reducing 20 percent to 30 percent reduction in IT support costs for print/copy/fax/scan user issues. These

services help reduce fleet management by saving electricity, real estate i.e. space saving and manpower saving. This helps in a reduction of print-related Help Desk calls that brings IT related costs down. The machines provided by Canon consume least electricity even when in a sleep mode in comparison to industry standards. There is increasing awareness about MPS market in India. The momentum is currently evident in large enterprises and the vibrancy in the market with the entry of more players offering MPS is slowly but surely permeating to other segments including the medium and small enterprises. Printing is often not handled by the CIOs and is considered to be an admin function. That said, what are you doing to sensitize CIOs towards the importance of these services?

“Canon works towards building awareness amongst CIOs on the importance of adequately managed print fleet” Indian CIOs have recognised the need to reduce costs and optimise resources so they can build higher competitiveness for the organisation. According to Gartner estimates, organizations spend approximately one to three percent of their annual revenue on print activities and these document output costs are rising at around 30 percent per annum. Companies have started to realize that printing is one of the few remaining areas of IT spending where substantial savings can be realized with little risk. Printing cannot be neglected as the printed information adds values to the business by supporting the brand and helping to create sales opportunities. Though print management is the ‘the last grey area of uncontrolled costs’, if handled efficiently and strategically

by companies there are huge opportunities wherein they can save up to 30 percent of these costs with effectively managed document services. CIOs are also realising the need for domain experts to manage processes and activities more effectively. Thus, outsourcing has gained importance in document management and other spaces. Enterprises today are looking at saving costs by shifting from CAPEX to OPEX models and bringing in operational excellence and we feel one of the major areas where this can be implemented is print infrastructure. The first thing on a CIO’s mind today is paper management to go green. Along with paperless office and streamline workflow optimization of storage, readiness and accuracy of data, security and digital color printing is also on their mind. Some of the other factors that play a big role is- will outsourcing their entire printing requirement will help streamline their infrastructure, what kind of infrastructural changes will the organization have to do for adopting MDS, issues around having partial print management solutions that only cover a portion of their printers. Canon’s managed document services provide users appropriate contract and optimization of processes with automated supplies, controls around the usage, pool printing, job accounting and rules-based printing, providing significant cost savings. We at Canon believe that CIOs today have to be sensitised about these issues and the need to have effective MPS. Canon works towards building awareness amongst CIOs on the importance of adequately managed print fleet. Lack of the right printing facilities affects the company’s ability to adopt to change in addition to constant management and maintenance. How big is MPS business for Canon? What are your growth plans in India? The MPS market in India is growing fast and according to a study by Infotrends the market size for managed print services in India will exceed $275 million by 2014. Canon has 15 percent of market share in the MDS business in India. We have already signed up with 75 large enterprises by the end of 2012. MDS accounts for 1/3rd of the B2B office imaging business.

February 2013

image by photos.com

HORIZONS

Features Inside

Security Analytics: Hype or Huge? Big data is here to stay and security analytics just needs to figure out the best way to use it By Simon Moffatt

February 2013

Data Privacy and Information Security Pg 42 iPad Users Say Tablet is Mission Critical Pg 43 More

“B

ig Data” has been around for a while and many organisations are forging ahead with Hadoop deployments or looking at NoSQL database models such as the opensource MongoDB, to allow for the processing of vast logistical, marketing or consumer lead data sources. Infosec is no stranger to a big approach to data gathering and analytics. SIEM (security information and event monitoring) solutions have long since been focused on centralising vast amounts

se c u rit y a n a l y ti c s | N E X T H O R I Z O N S

of application and network device log data in order to provide a fast repository where known signatures can applied.

Big and Fast The SIEM vendor product differentiation approach, has often been focused on capacity and speed. Nitro (McAfee’s SIEM product) prides itself on it's supremely fast Ada written database. HP’s ArcSight product is all about device and platform integration and scalability. The use of SIEM is symptomatic to the use of IT in general — the focus on automation of existing problems, via integration and centralisation. The drivers behind these are pretty simple — there is a cost benefit and tangible Return on Investment of automating something in the long term (staff can swap out to more complex, value driven projects, there’s a faster turn around of existing problems) whereas centralisation, provides simpler infrastructures to support, maintain and optimise.

The Knowns, Unknowns and Known Unknowns of Security

This complex chain of correlated “security big data,” can be used in a manner of ways from post-incident analysis and trend analytics as well as for the mapping of internal data to external threat intelligence using a helicopter-in a approach. Can this approach be extended further? A pure bigdata style approach for security? How can we start to use that vast data set to look for the unknowns?

I don’t want to take too much inspiraBenefits to Security tion from George Bush’s confusing path The first area which seems to be gaining of known unknowns, but there is a valid popularity is the marrying of SIEM activity point, that when it comes to protection data to identity and access management in any aspect of life, knowing what you’re (IAM) data. IAM knows about an individuprotecting and more importantly, who, or als identity (who, where and possibly why) what you are setting protection from, is as well as that identity’s capabilities (who, incredibly important. SIEM products are has access to what?), but IAM doesn’t know incredibly useful at helping to find known what that user has actually been doing with issues. For example, if a login attempt fails their access. SIEM on the other hand, knows three times on a particular application, or exactly what has been going (even with out the ability to identify traffic going a blackany signature analytics) but doesn’t neceslisted IP address. All characteristics have sarily know by whom. Start to map activity a known set of values, which help to build user id's or IP addresses to real identities up a query. This can develop into a catalog stored in an IAM solution and you suddenly of known queries (aka signatures) which have a much wider scope of analysis, and can be applied your dataset. The larger the also a lot more context around what you’re dataset, the more bad stuff you analysing. This can help with hope to capture. This is where attempting to map out the the three S’s of SIEM come in ‘unknowns’ such as fraud and - the sphere, scope and speed internal and external attacks. of analysis. Deployments want huge datasets, connected to Unknown Use-Cases will be the size of numerous differing sources of Managing the known attacks global business information, with the ability to intelligence software is probably an easier place to very quickly run a known signastart with. This would involve market by 2016 ture against the data in order to understanding what metrics find a match. The focus is on a or signatures an organisation real-time (or near time) analysis whats to focus on. Again, this

$17bn

would be driven by a basic asset classification and risk management process. What do I need protecting and what scenarios would result in those assets being threatened? The approach from a security-analytics perspective, is to not be focused on technical silo’s. Try to see security originating and terminating across a range of business and technical objects. If a malicious destination IP address is found in a TCP packet picked up via the firewall logs in the SIEM environment, that packet has originated somewhere. What internal host device maps to the source IP address? What operating system is the host device? What common vulnerabilities does that device have? Who is using that device? What is their employee-id, job title or role? Are they a contractor or permanent member of staff? Which systems are the using? Within those systems, what access do they have, was that access approved and what data are they exposed to and so on? Suddenly the picture can be more complex, but also more insightful, especially when attempting to identify the true root cause. This complex chain of correlated “security big data,” can be used in a manner of ways from post-incident analysis and trend analytics as well as for the mapping of internal data to external threat intelligence. — The article is printed with prior permission from www.infosecisland.com. For more features and opinions on information security and risk management, please visit Infosec Island.

February 2013

N E X T H O R I Z O N S | in f or m a tion se c u rit y

Data Privacy and Information Security Cyber Insurance Trends Report 2013 offers an impressive lineup of recognisable industry experts that offer their insightful views

Besides the weekly round, or of late what seems to be becoming more of a daily occurrence of cyber attacks just as much continues to happen offline as well. “Unencrypted” mobile devices continue to get lost which in turn increases the number of data breaches that we all read about in the media headlines on what seems like a weekly basis. Inadequate security measures on government and private sector networks, critical infrastructure and telecommunications represent perhaps the most potent national security and economic risks facing the nation. There also seems to be a disconnect and an element of collaboration missing between the Federal Government and the private sector as it pertains to cyber security. TeamInroduction work is essential to getting things done. In todays global Beyond embarrassment, today the private and public and digital 24/7 world, challenges are more complex; it’s sectors face financial and reputational damage, competibecoming increasingly important to bring more, diverse tive inroads, and significant regulatory sanctions when minds to the table and to break down silos. We all know confidential information is inadequately protected. that life offers no guarantees and that “when one door Clearly enough reasons as to why cyber security must be will be the increase closes, another one opens.” This holds true for cyber prioritised regardless of what sector one conducts their in it spending by security, especially with today’s evolving threat environorganisation. healthcare providers ment and the force of attacks that continue to knock on As our nation has become heavily reliant on the interin india in 2013 the doors of countless networks. net, organisations, public and government agencies Enter “cyber insurance.” While cyber insurance canand businesses of all sizes continue to struggle with not stop incidents or prevent them from happening, it cyber security due to the continuous force and increascan help respond to incidents when they do happen. ingly sophisticated cyber threats that have become the When a security incident or a data breach happens, most cyber new norm. Intrusion prevention suppliers reveal privately that their insurance policies have a team of experts already in place to help systems are unable to keep up with the sophistication of attacks, and determine how your incident happened, whether or not any sensianti-virus companies report that attackers are reverse-engineering the tive (PII) Personally Identifiable Information or (PHI) Personal vendors’ antivirus software and building new viruses so sophisticated Health Information has been exposed and helps determine if that the tools cannot stop them. At the time this report was published, the security breach needs to be reported. Cyber insurance offers it was reported that the hacktivist group, Anonymous had taken over the private and public sector the ability to mitigate the residual the website of the US Justice Department’s Sentencing Commisrisk, losses and associated costs of a security incident and/or data sion and threatened to release sensitive government data and use breach. Cyber insurance protects against the liability that comes computer-code based “warheads” against other sites. Simultaneously, from compensating others because cyber security has failed. Cyber US financial institutions are being pounded with high-powered cyber insurance, aka “privacy and security” insurance continues to evolve attacks that some suspect are being orchestrated by Iran.

o help show support of Data Privacy Day 2013 and the importance of “Data Privacy and Security risks,” Cyber Data Risk Managers chose to release its 2nd Annual Data Privacy, Information Security and Cyber Insurance Trends report on Data Privacy Day 2013. This exclusive report offers an impressive lineup of recognizable industry experts that offer their insightful views of the 2013 Data Privacy, Information Security and Cyber Insurance landscape relevant to businesses and organisations of all sizes and sectors.

February 2013

t a b l ets | N E X T H O R I Z O N S

illustration by photos.com

as many more businesses, organisations and risk managers are realising that it can be used as a way to respond to a data breach and/or security incident and as a key component of an incident response plan. While cyber insurance has been around for 10+ years, it is only within the last few years that more policies have come to market. It remains a specialised product, which should naturally require working with a specialist. Would you ask your General Medical Doctor for specialised advice on a health threat he does not follow or practice? Of course not This same theory applies to cyber insurance. With over 30+ cyber insurance carriers today offering non-standard policies, a broker specialising in cyber insurance can help make what’s been stated as a difficult process become an easier and informative process.

A cyber insurance specialist understands the cyber risks and threats that public sectors face

— The article is printed with prior permission from www.infosecisland.com. For more features and opinions on information security and risk management, please visit Infosec Island.

iPad Users Say Tablet is Mission Critical Apple iPad users would rather skip a meal than have to travel without their beloved tablet

hen it comes to business, Apple’s popular iPad tablet is viewed as a critical tool, according to an online survey of 1,320 iPad owners employed at companies of varying sizes and across industries, conducted by online and mobile presentation company Brainshark. The iPad is helping users with their jobs to such a great extent, almost half of respondents (47

percent) said they’d rather have an iPad for work than a bigger or better office or a more senior title (34 percent). Tixty-eight percent said they’d rather have an iPad than their own parking space at work, while almost one in four (23 percent) would prefer the tablet over an extra week of vacation each year. The survey, conducted in August, asked respondents about how they use their iPad for personal and business

activities, and how and whether the device has impacted their lives and routines. The survey found 92 percent of iPad owners said the device currently supplements their notebook, but more than half (51 percent) think it will be their primary computing device within the next two years. “Ever since the iPad burst onto the technology scene, it s indelibly changed the way and speed at which individuals and busi-

February 2013

nesses communicate,” Andy Zimmerman, CMO for Brainshark, said. “No one doubts the device’s popularity, but what’s really eyeopening about these statistics is just how inextricable the iPad has become from users everyday lives. From a business perspective, it's now incredibly important for companies to find ways to conveniently reach their audiences on this device of choice” When using their device for business, owners say they check work emails (82 percent), do Web research (72 percent), use business apps (46 percent) and view or deliver presentations (74 percent). Sixty-four percent of those surveyed said the iPad has made them more productive, while 32 percent said they have become more successful at their jobs an able to close deals more effectively (21 percent). When traveling for business, 89 percent of iPad owners reported using their iPad, with 79 percent saying it improves connectivity while on the go. Sixty percent of users say they currently bring their iPad and notebook with them, but more than one in three (35 percent) bring just their iPad and leave the notebook at home. The usefulness of the tablet —

image by photos.com

N E X T H O R I Z O N S | m a n a g e m ent

and business users dependence on it, is reaching new heights, which the survey illustrated through the use of some eyeopening questions. When asked what they would go without before they would give up travel with their iPad, nearly half (48

percent) say they would forego meals, 41 percent would skip drinking water, and more than one in three (35 percent) would give up bathroom breaks. — The article was first published in CIO Insight. For more stories please visit www.cioinsight.com.

The Rise of the Quantum Age of IT The Quantum Age of IT represents a shift from a monolithic IT organisation that “owns” its technology to one that delivers value By Charles Araujo

eThe shift in power to the customer represents the dawning of a new era in IT organisations. Call it the Quantum Age of IT. It involves a shift in focus away from a monolithic IT organisation that “owns” its technology to one that is purpose-built to deliver value as either a strategic sourcer or a strategic innovator. It will result in both the explosive application of technologies that drive innovation and a highly optimised approach

February 2013

to the delivery of IT services. And it will require an unrelenting focus on the customer and the constant retuning of the IT organisation to deliver meaningful value. ““I learned to design everything from the customer perspective,” says Bill Wray, CIO of Blue Cross Blue Shield of Rhode Island. “It is like storming the beaches of Normandy without disturbing the people getting a tan on the beach.”

m a n a g e m ent | N E X T H O R I Z O N S

image by photos.com

The Quantum Age of IT will be a time of change and disruption as the delivery models of IT shift. But like Thomas Edison before us, for those who see what is to come and seize it, it is a time of great opportunity by their experience,” Manfredo says. “If they haven't In the Quantum Age of IT, the customer is at the cendone it before, it doesn't exist.” There was a prevailing ter of everything--finally. The focus will no longer be on sense among the team that Manfredo’s efforts were just “owning” technology, but on creating a highly optimised another thing that would eventually pass without having delivery model that provides the greatest value to the increase in public any meaningful impact. customer. It will be about moving away from a focus on cloud services Manfredo began by focusing on a set of tactical technology itself to a focus on a set of five organisational market in middle east activities that would produce an immediate, positive traits that will enable IT to consistently and reliably and north america improvement in service. But his focus was less on the deliver both explosive and optimised value. in 2013 activities themselves and more on teaching his team The Quantum Age of IT will be a time of great to expect that change was possible, to embrace change change and disruption as the fundamental delivery and to understand how to continually pursue improvemodels of IT shift. But like Thomas Edison before us, ment. Whether his team knew it or not, Manfredo was for those who see what is to come and seize it, it is a creating a “learning organisation” out of the chaos he inherited--and time of great opportunity. laying the groundwork for taking his organisation into the Quantum When Joel Manfredo joined the County of Orange, Calif., as CTO, Age of IT. he found a lot of good people — and a chaotic mess. There were 77 active projects and no priorities. “It was like five-year-old soccer,” he says. “Everyone chased the last ball.” His job was to create order — Charles Araujo is the founder and CEO of The IT Transformation Institute. out of the chaos — and to begin the journey of taking the County of He frequently speaks on a wide range of subjects related to his vision of the Orange into the Quantum Age of IT. future of IT. Manfredo instinctively knew his first priority was to change the — The article was first published in CIO Insight. For more stories please visit perspectives of his team. "People are constrained in their thought www.cioinsight.com.

25%

February 2013

TECH FOR

image by photos.com

GOVERNANCE

25% Data Briefing

Of DDoS attackes that will happen in 2013 will be application-based

Privacy Breaches and High School Physics A look at the damage caused by patient privacy breaches and why patient data security is like high school physics By Danny Lieberman

February 2013

s ec u r i t y | T E C H F O R G O V E R N A N C E

Patient data loss is a lot like planes disappearing in the Bermuda

Triangle — no one really knows where the planes disappeared to, since the people on the planes never return to tell the story. We talk about patient data loss and never really consider how you can “lose” patient data and whether it can be “returned”

The question am I about to ask is really quite simple: Does it matter how many patient records are lost, or does it matter whose patient data records was lost? Let’s take an analogy for airplane crashes. If an Airbus A380 (http://en.wikipedia.org/wiki/Airbus_A380) with 525 tourists from Elbonia on board was lost in the Bermuda triangle, it would be a big deal for a few days, but people would forget. Who cares about people from Elbonia anyhow? On April 2010, when a Polish Airforce TU-154 crashed on approach to Smolensk, all 96 people on board were killed including President Lech Kaczyński and his wife Maria, former President Ryszard Kaczorowski, the chief of the Polish General Staff, other senior Polish military officers, the president of the National Bank of Poland, Poland’s deputy foreign minister, Polish government officials, 15 members of the Polish parliament. It was a national diaster for Poland. Today – 2.5 years later, I believe that the rest of the world scarcely remembers when the event happened. Buddy Holly, was an American singer-songwriter and a pioneer of rock and roll. Although his success lasted only a year and a half before his death in an airplane crash in 1959 – his work and innovation influenced the Beatles, Rolling Stones, Bob Dylan and Eric Clapton and had a profound influence on popular music. Over 50 years later – Buddy Holly is still a household word. I think you get my drift – there is some kind of a relationship between the magnitude of the damage from a patient data loss event and the identity of the patient. The next question is – can this relationship between patient identity and patient data loss impact be measured? The answer is yes: by using a high school physics model. A high school physics model for calculating the damage of a patient data loss event The estimated value of an asset is analogous to it’s momentum mv, the product of its mass and velocity. A very large database of 20 year old patient data that was archived somewhere in the cloud might have a large mass but almost zero velocity and therefore low value.If a EMRsystem for a big network of hospitals had 100,000 patient-related transactions/day then it would have a high

velocity and correspondingly high momentum and high value. I note that this model runs counter to all privacy regulation but I think it holds water from a practical perspective. (I’m trying not to confuse logic with regulation). This physical analogy leads to some interesting conclusions. If an attacker were to steal 10 million patient datarecords from 20 year old archive in the cloud – the dollar value of the damage would actually be low in this model.On the other hand, if political hactivists were to access patient records at a private clinic in Virgina; the damage might be astronomical if it was disclosed that President Obama had just spent an intimate weekend with Toni Braxton under the pretext of minor elective surgery on his elbow and the data was disclosed just before his reelection campaign. The ability of an attacker to damage an asset is analogous to the force it can exert on the object we call an asset. The ability of a security countermeasure to protect an asset is analogous to the force it can exert on the attacker. Observed from an inertial reference frame, the net force on the object (the asset) is proportional to the rate of change of its momentum F = d (mv) / dt. Force and momentumare vectors and the resulting force is the vector sum of all forces present.Newton’s Second Law says that “F = ma: the net force on an object is equal to the mass of the object multiplied by its acceleration.”If the attacker manages to decelerate the asset to v=0, then the momentum of the asset is zero and it has been rendered inoperative. In a case like this — the damage to the asset is 100 percent if the asset runs faster than the attacker or another force deflects the attacker,thenthe asset momentum is unchanged, and damage to the asset is zero percent. This simple-minded physical argument shows that risk is indeed a dependent variable;Risk = the vector sum of the forces of the attackers and security countermeasures relative to the asset. Not easy – but doing the right thing is the cheapest thing – and better than being written in the history books as the health IT organisation that cost President Obama the 2012 election because of shoddy patient data handling practices and network security.

2 3 4

February 2013

POINTS

Patient data loss is a lot like planes disappearing in the Bermuda Triangle High school physics model can be used to calculate the damage of patient data loss The ability of an attacker to damage an asset in analogous According to physical argument risk is indeed a dependent variable Doing the right thing is the cheapest thing

VIEWPOINT Steve Duplessie | steve.duplessie@esg-global.com

illustration by peterson pj

Private Parts Don’t feel bad for the company that goes public

After 30 years or so Michael Dell is taking his baby private again. Good for him. Why on earth wouldn’t he? Who, in their right mind, would suffer the stupidity and often indignity of being endlessly questioned for your every move — by a 28-year old who has never had a real job let alone run a real company? Why would anyone want to be perpetually Monday morning quarterbacked? Why would anyone other than the truly perverse welcome an uncomfortable rectal exam daily? No one would - unless the pain, suffering, and foolishness was tolerated for a bigger “good” namely, money. The stock market avails entrepreneurs and private money people the opportunity to “exit” — to cash out on their hard work and brilliance (the entrepreneurs, that is — normally the money guys are simply lucky sperm), but that comes along with selling your corporate soul to the devil. Once you take public money you are no longer beholden to your own values, your products, your

February 2013

customers, or your employees. First and foremost, you are beholden to your stockholders. Stockholders care about one thing — return on their investment. Everything else is superfluous noise. Thus, when the quest for returns outweighs the “long term” strategic objectives of the business (long term = 91 days +), the business ceases to operate as a platform for “good” (for said entrepreneur, employees, customers, etc.) and instead operates to spit as much money as is possible into the hands of those who control the stock. While this is not necessarily evil, it tends to be that way. Don’t feel bad for the company that goes public —they know exactly what they are doing — and why. In the case of Dell, there no longer is any value in dealing with Wall St. for Mr. Dell, et. al. He/they already have all the money they could ever want, so why bother to suffer fools if they don’t have to? Now he/they can operate the business with a long term strategy - focus on products, customers, and employees instead of the 28-year old controlling a billion

About the author: Steve Duplessie is the founder of and Senior Analyst at the Enterprise Strategy Group. Recognised worldwide as the leading independent authority on enterprise storage, Steve has also consistently been ranked as one of the most influential IT analysts. You can track Steve’s blog at http://www. thebiggertruth.com

bucks of stock without ever having a real job, and try to get something done. In transformative markets, being public can DESTROY a company. It forces you to focus on the wrong things - and often leads to death. The times have changed - and so too must Dell in order to remain relevant. Old Mr. Dell (a year younger than me, the bastard) must have woken up six months ago and finally figured out that he didn’t need to deal with this crap anymore. He could put a pile of his own money in (because really, how much does anyone need? After a billion or two it really becomes a nuisance!) and now work for himself - doing what he/ they think best for the real stakeholders of the business - the employees and the customers. There probably is something to the fact that his name is on the building, every product, and is itself a cultural icon, but frankly I’m not sure I read too much into that. The guy is a work animal and always has been. I don’t see it changing. It’s just now he can do things for his own reasons — not someone else’s.