The Rise of the Mighty by ctof magazine

Technology for Growth and Governance

December | 21 | 2009 | Rs.50 Volume 05 | Issue 09

global re d n a s a itie advers of Indian CIOs e h t y ber CIES nted b Undau ar, a large num L EFFICIEN . ic fe tions RNA econom TING INTE rkable innova CREA ing to rema lead FIRST ANNUAL CTO FORUM ‘STATE OF THE INDIAN CIO’ SURVEY

41%

IT Still Considered as Cost Centre

70%

OUT OF 200

e IT terpris EASE n e e h CR ay t CIOs s TS WILL IN0-11 1 E BUDGn the year 20 i

IO, roup C nderG , n o Men says u Dr. Jai Enterprises a dimension Bharti customer is chnology. te g standin s not require e that do

DO YOU MEASURE CUSTOMER SATISFACTION WITH IT SERVICES? Internally

12%

56%

Volume 05 | Issue 09

& Externally

A 9.9 Media Publication

f GM, ou ie h C , l Uppa says unless y h s e j a i be R Suzuk never Maruti- heat, you will e criticality. h e feel th nderstand t u o t able

te orpora an C , a g i is n Bad s a CIO LaxmaIO, Wipro say generator in VP & C and efficiency siness. r u enable pect of the b s a every

31%

Internally

Info-Security & Privacy Measures

DOWNSIDE

ay ents s ING d n o p RT res survey now REPOir CEOs e re they a CTLY to th E DIR

Externally

UPSIDE

td. , JSW Lnd IO C p u a creator hir, Gro Ajay D can be a value ost-cutting c IO says C oes beyond g le t o n r e e th ym . h deplo c e t d n a

RESPONDENTS

38%

said they bear a ‘CIO’ designation followed by

27%

as VP/Sr. VP IT. A small number (17%) are still called as Head IT.

To read the first annual CTO Forum

‘State of the INDIAN CIO’ survey turn to page number 16

EDITORIAL RAHUL NEEL MANI | rahul.mani@9dot9.in

You have arrived

Having emerged winners from a beastly economy, what's next?

ike for everyone else, it has been a tumultuous couple of years for CIOs. The economic meltdown transformed the world and hit IT organisations in its wake. CIOs have faced extraordinary situations and unique risks – with no ‘quick fix’ solutions in sight. Budgets and team sizes were trimmed to begin with. And expectedly, many much-awaited and ambitious projects were either curtailed or put on hold. Undaunted by these adversities and global apprehensions,

a large number of Indian CIOs forged ahead to create internal efficiencies and some remarkable self-funded innovations. These innovations have demonstrated that select CIOs are harbingers of success, with the ability to win against all odds. Can the same skills work for them as the economy enters a growth phase? Can the CIO who essentially played the role of an IT leader, grow into the shoes of a business strategist and an able pragmatist?

EDITORS PICK 31 Part time freighter - Full time CIO A firsthand account from the CIO who steered a mammoth logistic function.

To find the answers, The CTO Forum launched its first “State of the Indian CIO” survey. We focused on the emergence of the CIO’s role and his growing influence as a strategic leader. With nearly 200 responses from leading CIOs in India, we believe this is as insightful a study, as one could hope for to set the trend going forward. The results show the continuing transformation of the CIO’s role. As we look into the year 2010, the survey shows that CIOs will place emphasis on aligning IT with their business goals to create an efficient enterprise. Many of our respondents expect to move further from the mundane to the strategic i.e start spending more time on planning and implementing new technologies. Organisationally too, there are telling shifts. A growing number of CIOs now report directly to

their CEOs and are an integral part of top level management in their organisations. The good news continues and the most heartening element of the survey was the prediction for IT spends. More than 70 percent of India’s technology decisionmakers expect their budgets to increase in the New Year. With this stimulant, CIOs will have an opportunity to use their ‘newfound’ influence and collaborative partnership with business to invest strategically and transform their organisations. While this is not an easy task, it will present opportunities for CIOs to emerge winners yet again! With 2010 a few days away, I wish you all success and happiness in the new year.

CTO FORUM thectoforum.com

21 DECEMBER 2009

COVE R S TO RY

XXXXXXXXXX

XXXXXX

THECTOFORUM.COM

COV E R D E S I G N: B I N E S H SR E E D HAR AN

CONTE NTS

VO LU M E 0 5 | I S S U E 0 9

DECEMBER 09 CTOFORUM

16 CTO FORUM COVER 18 STORY

16 | Rise of the mighty. 21 DECEMBER 2009

thectoforum.com

COLUMN

Undaunted by the adversities and global apprehensions, a large number of Indian CIOs are creating internal efficiencies and some remarkable innovations.

04 | I BELIEVE: CIO: INNOVATIVE, PROACTIVE AND PROGRESSIVE. A varied approach to how a CIO should do his business BY GRAHAM CLARK

52 | VIEW POINT: DECISION MAKING WEB. How to make smarter, faster decisions everywhere BY ROD KING

COPYRIGHT, All rights reserved: Reproduction in whole or in part without written permission from Nine Dot Nine Interactive Pvt Ltd. is prohibited. Printed and published by Kanak Ghosh for Nine Dot Nine Interactive Pvt Ltd, C/o K.P.T House, Plot Printed at Silverpoint Press Pvt. Ltd. TTC Ind. Area, Plot No. A-403, MIDC Mahape, Navi Mumbai 400709

CTO FORUM 21 DECEMBER 2009

thectoforum.com

FEATURES

14 | BEST OF BREED: EMERGENCE OF FABRIC COMPUTING. One needs to treat fabric computing similar to virtualisation.

thectoforum.com

SECTION NAME

S TORY NA M E

VOLUME 05 | ISSUE 09 | 21 DECEMBER 2009

www.thectoforum.com Managing Director: Dr Pramath Raj Sinha Printer & Publisher: Kanak Ghosh Publishing Director: Anuradha Das Mathur EDITORIAL Editor: Rahul Neel Mani Resident Editor (West & South): Ashwani Mishra Sr. Assistant Editor: Gyana Ranjan Swain Consulting Editor: Shubhendu Parth Principal Correspondent: Vinita Gupta Sr. Correspondent: Jatinder Singh Correspondent: Sana Khan DESIGN Sr. Creative Director: Jayan K Narayanan Art Director: Binesh Sreedharan Associate Art Director: Anil VK Manager Design: Chander Shekhar Sr. Visualisers: PC Anoop, Santosh Kushwaha Sr. Designers: TR Prasanth & Anil T Photographer: Jiten Gandhi

10 A QUESTION OF ANSWERS

10 | “In terms of cloud adoption, even developed markets are at adolescent stage”. Jeremy Cooper, VP, Regional Marketing, APJ, Salesforce.com 34

REGULARS

01 | EDITORIAL 04 | ENTERPRISE ROUNDUP 13 | TECHCRAP

ADVISORY PANEL Ajay Kumar Dhir, CIO, Jindal Stainless Anil Garg, CIO, Dabur David Briskman, CIO, Ranbaxy Mani Mulki, VP-IS, Godrej Industries Manish Gupta, Director, Enterprise Solutions AMEA, PepsiCo India Foods & Beverages, PepsiCo Raghu Raman, CEO, National Intelligence Grid, Govt. of India S R Mallela, Former CTO, AFL Santrupt Misra, Director, Aditya Birla Group Sushil Prakash, Country Head, Emerging Technology-Business Innovation Group, Tata TeleServices Vijay Sethi, VP-IS, Hero Honda Vishal Salvi, CSO, HDFC Bank Deepak B Phatak, Subharao M Nilekani Chair Professor and Head, KReSIT, IIT - Bombay Vijay Mehra, Executive VP, Global Head-Industry Verticals, Patni SALES & MARKETING VP Sales & Marketing: Naveen Chand Singh National Manager Online Sales: Nitin Walia National Manager-Events and Special Projects: Mahantesh Godi (09880436623) Product Manager – Rachit Kinger Asst. Brand Manager: Arpita Ganguli Co-ordinator-MIS & Scheduling: Aatish Mohite Bangalore & Chennai: Vinodh K (09740714817) Delhi: Pranav Saran (09312685289) Kolkata: Jayanta Bhattacharya (09331829284) Mumbai: Sachin Mhashilkar (09920348755) PRODUCTION & LOGISTICS Sr. GM. Operations: Shivshankar M Hiremath Production Executive: Vilas Mhatre Logistics: MP Singh, Mohd. Ansari, Shashi Shekhar Singh OFFICE ADDRESS Nine Dot Nine Interactive Pvt Ltd C/o K.P.T House,Plot 41/13, Sector-30, Vashi, Navi Mumbai-400703 India

34 | NEXT HORIZON: IT IN THE NEW NORMAL. Recession or not IT leaders continue to see IT as key efficiency enhancer

42 | NETWORK OF THE FUTURE: THE RELEVANCE OF NETWORK MONITORING. It can help in managing a fast changing IT environment.

advertisers’ index VERIZON IBM INTERFACE CANON

IFC 54,55 IBC BC

This index is provided as an additional service.The publisher does not assume any liabilities for errors or omissions.

Printed and published by Kanak Ghosh for Nine Dot Nine Interactive Pvt Ltd C/o K.P.T House, Plot 41/13, Sector-30, Vashi, Navi Mumbai-400703 India Editor: Anuradha Das Mathur C/o K.P.T House, Plot 41/13, Sector-30, Vashi, Navi Mumbai-400703 India Printed at Silverpoint Press Pvt. Ltd. D 107,TTC Industrial Area, Nerul.Navi Mumbai 400 706

CTO FORUM thectoforum.com

07 DECEMBER 2009

I BELIEVE

BY GRAHAM CLARK | Head of IT, Regenersis Plc, London THE AUTHOR IS a skilled senior IT professional, with experience in operational management and IT services consultancy gained across multiple industries.

CIO: Innovative, proactive and progressive A varied approach to how the CIO or IT Director works within their respective businesses

THE ENVIRONMENT in which a CIO operates can certainly influence the level of contribution they are capable of making. However, it is wrong to think that an organisational hierarchy in itself can be an answer to the problem.

CTO FORUM 21 DECEMBER 2009

thectoforum.com

CURRENT CHALLENGE OPERATING ENVIRONMENT FOR IT MANAGERS, ALIGNMENT OF IT WITH BUSINESS

The biggest factor in how an individual can be proactive or progressive is the individual. A job title or reporting structure does not qualify anybody to be anything. Many sociologists now consider a different approach to the functional hierarchy and advocate the industry to move away from the extreme reliance upon the traditional organisational chart and consider employing personal networks as one of the greatest drivers of success. If the CIO reports into the CFO who, by the nature of the job, can tend to be rather staid in their outlook, but has a strong and open relationship with other key decision makers, does this impact the CIO's ability to make or influence change? In most cases the IS/IT function is treated as a support function to the business. Sometimes this can also be as a profit centre and managed as such. At other times it is more appropriate to recognise IT is a 'cost sink' and manage it accordingly. If the CIO can see beyond the confines of his/her own function by understanding all the moving parts of the business and contribute to the overall improvement of the greater machine then this is true â&#x20AC;&#x2DC;proactive contributionâ&#x20AC;&#x2122;. Learn to recognise the key influencers in the organisation, understand what and who they are, build relationships at that level and then consider how you can help to influence and drive change in those areas. Understanding and effectively managing the 'plumbing' of IT systems is necessary, managing cost or profit contribution is also part and parcel of the role. However, if the focus of the CIOs is inward to their own function, by definition this limits opportunity for progression as there is limited scope.

SECTION NAME

S TORY NA M E

LETTERS COVE R S TO RY

E VE RY TH I NG A S A SE RVI CE

S P I N E

CTO

Cloud comes calling

Accordingly Janalakshmi selected a combination of solutions, which were all based on cloud computing: a core banking system for the banking operations a smart card system for field Technolo gy for operations Grow th and a CRM system for the management Gov ernance of the customer relationship through the life of the same “We selected the applications on the cloud, because it did not require upfront capital expenditure and met with their technical specifications,” says Janalakshmi’s Vice President - Special Projects,Ramaswami Dasarathy. FINO is the service provider for the core banking system and the smart card system. The microfinance company then selected Wipro as the Enterpri implementation partner for the Salesses are force.com and leveraged the bank’s is now being in a new era offered of documented business processes to as a serv com puti implementation. ng whe The first stage ice ease re collection (Ea of roll-out aS) involved rything | PAGE the eve module and later 18 extended to the cusA QUES TION OF ANSW tomer acquisition module. ERS Janalakshmi's technology infrastrucChallenges ture is defined by a three-tier frameEarly on, Janalakshmi had made an work. At the foundation lies the IT investment to define and document architecture comprising the technology the processes of the core business lifeservices and infrastructure. The archicycle. Beginning with the customer tecture enables growth and ensures acquisition phase, loan disbursement, scalability of the business. Next, the core collection phase, and finally the clobanking system (CBS) complemented sure phase, the mapping of processes PAGE 10 by the CRM application drives the busiidentified the vital role of technology ness processes of the company. Finally, in driving business processes. delivery mechanisms such as the smart These documented procedures now card seamlessly interface with CBS and ensure that standardisation, improveNO HOLD CRM to cater to the needs of the cusment, and compliance are implementFOR UM

MICRO DEBIT

AT Y

AT YOUR

UR SEROV MEGA CREDIT ICE SERV

Serving the financial needs of the sub-prime customers, Janalakshmi Financial Services banks upon cloud to minimise its capex

CITY,R

ELIAB

ILITY

BY GYANA RANJAN SWAIN

& QUAL ITY | STAND

BANKING AND FINANCIAL INSTITUTIONS thrive upon customer satisfaction and trust, and it is achieved when you entirely focus on providing the best service to the customer without any hassles. microfi Bangalore-based Janalakshmi Financial Services (JFS), a midsized microfinance firm is mainly focused at the Indian sub-prime sector. Commencing service in 2006, it currently serves more than 55,000 customers.

ARD DEVIA TIONS

ICE | CAPA

COMPANY DASH BOARD COMPANY NAME: Janalakshmi Financial Services CORPORATE OFFICE: Bangalore AREA OF OPERATION: Microfinance CUSTOMER BASE: 55,000+ ESTABLISHED: July 2006 MD & CEO: R Srinivasan

Onl Secine CIO urity maj ’s concor ern

Capacit Relia y, ity &Quabil lity S BARR ED

CTO FORUM 07 DECEMBER 2009

COVE R S TO RY

E VE RY TH I NG A S A SE RVI CE

ed in all levels of the company. Spread over several locations, the organisation needed a system to manage operations efficiently. The operations were also in many ways exactly like a bank, though in some ways distinctly different. This included a solution that would help organise customer information and provide a single customer view, to support new product development and improve cross-selling capabilities. Finally, the system had to be quick to deploy, easy to use and technically robust.

thectoforum.com

tomer. Janalakshmi utilises the CRM application to streamline the collection process from the customer acquisition to the collections phase. This customised solution allows for one data set for all to view and enables management to update on a real time basis.

BENEFITS Reliable, Authentic and uniform customer view – The applications have helped Janalakshmi’s employees to have a single view of the customer, across the various levels of the organisation and take appropriate action.

The benefits

The applications have helped Janalakshmi’s employees to have a single view of the customer, across the various levels of the organisation and take appropriate action. “The solutions helped fill gaps in information which in turn helped in streamlining Streamlined processes and managing operations operations – more efficiently,” adds Dasarathy. The solutions Salesforce CRM helped the bank to helped fill gaps in improve information sharing, which information which in turn helped was critical to planning and selling in streamlining related financial products to the same processes set of customers. and managing “Additionally, the company can operations more reduce the costs and complexities efficiently – thereby aligning the associated with a cash-based transacorganisation. tion environment, intrinsic to the Decem ber | 07 microcredit world,” he adds. | 2009 Reduced Volum

Future plans The company is now planning to create a single and uniform information system based on processes and procedure. It plans to launch a 'portal' which will host the CRM applications and organisation wide processes and documents. The portal will enable all location offices to access the application and data seamlessly and provide a reliable and consistent IT Infrastructure through the implementation of a Network and Security management system. This includes an Enterprise Data Storage solution for corporate data requirements. The company is also planning to implement an additional delivery channel interfaced with CBS and Salesforce.com. “This is to be accomplished through mobile phone based solutions particularly for the collections and customer update requirements,” says Dasarathy.

| Rs.50

05 | Issue business risks 08 – Salesforce CRM helped the bank to improve information sharing, which was critical to planning and selling related financial products to the same set of customers.

—gyana.swain@9dot9.in

CTO FORUM thectoforum.com

07 DECEMBER 2009

PAGE 44

BEST OF

Volume 05 | Issue 08

Infrastru A step cture 2.0 closer BREED

PAGE 14

A 9.9

Media

Public

ation

USER-CENTRIC APPROACH The new CTO Forum looks better than its earlier avatar. I have a few suggestions. As opposed to pure technology information, you must cover implementation and usage of technology. This can be done by seeking feedback from the business users. In addition, select one technology e.g. cloud computing and cover the same in details across multiple issues. SUKANTA K NAYAK, Asst Vice President, Mawana Sugars

CTO FORUM HAS PUNCH The new-look CTO Forum is far more refreshing. There is a marked difference in the content, presentation, and clarity. I personally liked it very much. UC DUBEY, Executive Vice President – IT, IFFCO Tokyo General Insurance Company

“The redesigned CTO Forum looks good. I am particularly interested in user deployments. I read one on a Microsoft deployment recently, but it still doesn't answer my concern: "which architecture for which user quality?" So a simple article about scalability and deployment advice could be nice.” MANIKKAM V.S., Head IT & AGM Materials, Henkel CAC

WRITE TO US: The CTO Forum values your feedback. We want to know what you think about the magazine and ways and means to make it a better read for you. Our endeavour continues to be work in progress and your comments will go a long way in making The CTO Forum the preferred publication of the CIO Community. Send your comments, compliments, complaints or questions about the magazine to editor@thectoforum.com

CTO FORUM thectoforum.com

21 DECEMBER 2009

INTERVIEW INISDE

Enterprise

The CIO and COO roles are increasingly overlapping. Pg 07

PHOTOS BY PHOTOS.COM

ROUND-UP

Gartner top mg identifies 10 strategic OF CO2 IS technologies GENERATED BY A for 2010. These WEBSITE technologies are IN 1 SEC OF WEB expected to change BROWSING the shape of the IT world.

20 DATA BRIEFING

CTO FORUM 21 DECEMBER 2009

thectoforum.com

GARTNER analysts highlighted the top 10 technologies and trends that will be strategic for most organisations in 2010. The analysts presented their findings during Gartner Symposium/ITxpo, held during October 09. Gartner defines a strategic technology as one with the potential for significant impact on the enterprise in the next three years. The top 10 strategic technologies for 2010 include: Cloud computing. Using cloud resources does not eliminate the costs of IT solutions, but does rearrange some and reduce others. In addition, consuming cloud services enterprises will increasingly act as cloud providers and deliver application, information or business process services to customers and business partners. Advanced analytics. Optimisation and simulation is using analytical tools and models to maximise business process and decision effectiveness by examining alternative outcomes and scenarios, before, during and after process implementation and execution. This can be viewed as a third step in supporting operational business decisions. The new step is to provide simulation, prediction, optimisation and other analytics, not simply information, to empower even more decision flexibility at the time and place of every business process action. Client computing. Virtualisation is bringing new ways of packaging client computing applications and capabilities. Enterprises should proactively build a five to eight year strategic client computing roadmap outlining an approach to device standards, ownership and support; operating system and application selection, deployment and update; and management and security plans to manage diversity. IT for green. IT can enable many green initiatives. Common green initiatives include the use of e-documents, reducing travel and teleworking. IT can also provide the analytic tools that others in the enterprise may use to reduce energy consumption in the transportation of goods or other carbon management activities. Reshaping the data centre: Newly-built data centres often opened with huge areas of white floor space, fully powered and backed by an Uninterruptible

E NTE RPRI SE ROUND -UP

1.2

few years and become strategic in Power Supply (UPS), water-and airmany IT areas including consumer cooled and mostly empty. However, devices, entertainment equipment costs are actually lower if enterprisand other embedded IT systems. es adopt a pod-based approach to Virtualisation for availability. Virdata centre construction and expanBILLION PEOPLE tualisation has been on the list of sion. Cutting operating expenses, WOULD BE USING top strategic technologies in previwhich are a nontrivial part of the M-COMMERCE ous years. It is on the list this year overall IT spend for most clients, frees up money to apply to other ENABLED MOBILE because Gartner emphases new elements such as live migration for projects or investments either in IT PHONES BY 2010 availability that have longer term or in the business itself. implications. Live migration is the Social computing. Enterprises must movement of a running virtual machine (VM), focus both on use of social software and social while its operating system and other software media in the enterprise and participation and continue to execute as if they remained on the integration with externally facing enterpriseoriginal physical server. sponsored and public communities. Do not The key value proposition is to displace a variignore the role of the social profile to bring ety of separate mechanisms with a single “dial” communities together. that can be set to any level of availability from Security – Activity monitoring. Information baseline to fault tolerance, all using a common security professionals face the challenge of mechanism and permitting the settings to be detecting malicious activity in a constant changed rapidly as needed. stream of discrete events that are usually associMobile applications. By year-end 2010, 1.2 bilated with an authorised user and are generated lion people will carry handsets capable of rich, from multiple network, system and application mobile commerce providing a rich environsources. A variety of complimentary (and somement for the convergence of mobility and the times overlapping) monitoring and analysis Web. There are already many thousands of tools help enterprises better detect and invesapplications for platforms such as the Apple tigate suspicious activity, often with real-time iPhone, in spite of the limited market and alerting or transaction intervention. By underneed for unique coding. It may take a newer standing the strengths and weaknesses of these version that is designed to flexibly operate tools, enterprises can better understand how on both full PC and miniature systems, but to use them to defend the enterprise and meet if the operating system interface and procesaudit requirements. sor architecture were identical, that enabling Flash memory. At the rate of price declines, the factor would create a huge turn upwards in technology will enjoy more than a 100 percent mobile application availability. compound annual growth rate during the new

FACT TICKER

M86 Security predictions for 2010. Highlight sophistication of traditional threats M86 SECURITY a global provider of Web and messaging security products, released Predictions 2010, which is a report on its expectations for Web and messaging-based threats for the year 2010. The report is based on M86 Security Lab's research into the current trends in threats over the

past year and its views on the major vulnerabilities facing organisations. The report highlights the increasing sophistication of traditional threats such as botnets, scareware, compromised legitimate websites and blended threats. Specific 2010 security predictions from M86

Labs are as follows: BOTNETS GROW IN SOPHISTICATION: Botnets continue to be a major problem. They have moved away from traditional IRC-based command and control, in favour of HTTP or other custom protocols, utilising Twitter, Google and Facebook.

CONTINUED RISE OF SCAREWARE: Scareware is a traditional tactic that grew popular in the second half of 2009 because of its effectiveness. In 2010, these attacks should escalate, as the look and feel of scareware pages get updated and criminals find new ways to reach users.

STRIKING BALANCE

EXECUTIVE INTERVIEW Today’s CIOs – the enterprise technology leaders – are struggling to strike the right balance between the technology adoption, business agility and smart spending. There are some very important questions that Nick Athanassiadis, CTO, Q Ventures LLC answers for us: How much of know-how on technology, business and people should a CIO have to distinguish himself from a tech-only leader? Nick Athanassiadis: “Yesterday’s CIO is today’s new COO. With the industry increasingly working hand-in-hand with technology, the CIO and COO roles are increasingly overlapping, and, in many cases, can even be interchangeable. The CIOs role is more about having a keen understanding of a business and how specific information technology can help that particular business move forward and meet its goals. It is no longer simply about choosing technology and managing projects.” How much of management skills does he require to make his next career move into the boardroom? “The modern CIO has to posses the same management skills as any other C-level executive and in particular, those of a COO. Without these skills, it will be impossible to be effective in the boardroom.” Does a CIO essentially become the master in sales to have internal buy-in? “If the CIO reports to the CEO and Continued on page 8

CTO FORUM thectoforum.com

21 DECEMBER 2009

E NTE RPRI SE ROUND -UP

POISONING SEARCH ENGINE RESULTS: A growing trend is in the use of Search Engine Optimization (SEO) techniques to drive users to Web pages hosting malicious code. The technique is commonly paired with scareware to capitalise on users' trust in search engines. EVOLUTION OF WEBSITE INFECTIONS: The standard attack vector for cybercriminals is to compromise legitimate websites to spread malware. In 2010, the majority of malicious behaviour will reside on legitimate websites that have been compromised by various scripts and worms.

SETTING SIGHTS ON SAAS AND CLOUD SERVICES: As a result of popularity of cloudbased services, more corporate data is being stored outside of the network, making it difficult for IT administrators to have direct control over the data. In 2010, cybercriminals will target the larger cloud-based providers and attacks will increase. EXPLOITING THIRD PARTY APPLICATIONS: Cybercriminals commonly exploit highly deployed third party applications, such as Adobe Flash and Acrobat Reader. The ability to embed one file type in another will result in more complex

attacks gaining popularity in 2010, due to the ability to evade detection mechanisms. INTERNATIONAL DOMAIN NAME ABUSE: In 2009, the Internet Corporation for Assigned Names and Numbers (ICANN) approved the registration of Internationalised Domain Names, enabling the use of non-Latin characters in domain names. As a result, phishing attacks should rise, as cybercriminals can register phony websites with URLs that are nearly indistinguishable from legitimate ones. ATTACKING APPLICATION PROGRAMMING INTERFACES: Social networks such as

Twitter and Facebook are extending their services for third party development through the use of application programming interfaces (APIs). There is an implicit level of trust provided through the use of APIs, granting access to user profiles and data, so the threats that target them are likely to increase in 2010. The popularity of Twitter and link sharing has given rise to URL shortening services that reduce the number of characters needed to parse a link. However, these services enable cybercriminals to spread spam and malware. Source: M86Security.com

New guidelines for secure cloud . The Cloud Security Alliance (CSA) releases 2nd version of its “Guidance for Critical Areas of Focus in Cloud Computing”.

THE CLOUD The Cloud Security Alliance (CSA) has issued the second version of its “Guidance for Critical Areas of Focus in Cloud Computing”. The guidance outlines key issues and provides advice for both Cloud Computing customers and providers within 13 strategic domains. Version 2.1 provides more

CTO FORUM 21 DECEMBER 2009

thectoforum.com

concise and actionable guidance across all domains. It has also attempted to define cloud computing more precisely basing upon the deployment experience in the last six months in various industry verticals. The first edition was released in April this year. The CSA's report tackles cloud security on 13 different fronts, from governance issues like e-discovery, compliance and audits to operational concerns such as disaster recovery, application security and identity management. The alliance which is now 23-member strong is a not-for-profit organisation with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.

Continued from page 7 is hired to implement the strategic vision of the company, then internal buy-in becomes an easier task. On the other hand, the internal buy-in will depend solely on his ability to sell the solution or direction to different levels within the organisation.” Should a CIO be an excellent marketing pro to sell himself as a brand? This is a must-have for any C-level executive. Information technology is still viewed in many instances as a ‘necessary evil’ or a pure cost. Therefore, part of the job of the CIO is changing the perception that many executives have that a senior level information technology officer is not needed at the executive ‘table’ and can actually improve a company’s bottom-line results. What are the key challenges facing a CIO while dealing with CFOs and CEOs? Making sure that the CEO embraces technology as a must-have asset of the company that needs to evolve and grow. Involve stakeholders and division heads in proactive discussions and brainstorming sessions. Use the business processes and discuss specific examples where tools can have a positive impact to the bottom line. If IT is done well, it saves company money rather than being a profit-centre, and this fact makes the position disposable in many executives’ eyes. Should innovation be a driving force for CIOs going forward? Innovation is important but in my opinion there are several steps before reaching this stage. Intimate knowledge of the business Engineering and re-engineering processes Successful implementation of technology tools that can increase efficiencies and decrease cost Be one step ahead of the business next step (acquisition, new product, new service) to help the new step rather than joining after the fact When all of the above steps have been utilised it will be time to start innovating so the business can reach the next plateau and differentiate itself in the market place. —By Rahul Neel Mani

E NTE RPRI SE ROUND -UP

New kids on the block:(Left) Intel's Moorestown micro chip to be released in 2010, and (below) Apple's 10-inch 3G-enabled tablet PC to be released next year.

Top Tech Releases of 2010 Hightech gadgets from Intel, Nokia and Apple to flood the markets. a large screen, QWERTY slide out keyboard and proportions bigger than a Smartphone. These N series of Nokia will have mobile version of the Linux called Maemo. Intel’s Moorestown and New Moblin Linux Earlier this year, Intel sent out the details of its Moorestown chip platform and informed that the release will happen sometime in the mid 2010. This launch will provide the new version of Moblin which is a Linux-based OS of Intel specially designed for small devices. It is 3G technology and consumes ten times less power when idle as compared to other devices running Intel atom. Microsoft Office 2010 Microsoft Office 2010 will be a big release

2009

2010

YEAR

250 million

Total Mobiles Shipped Smart Phones

190 million

A recent report from Frost & Sullivan estimates that in 2010 nearly 1.3 billion mobile phones will ship globally, and 250 million of them will be smart phones.

Global mobile & smart phone market

1.3 billion

GLOBAL TRACKER

1.2 billion

APPLE multi-touch tablet There is finally good news for all Apple fans. Apple tablet PC is going to be released in 2010 and the company is making sure that the device matches customer expectations. This is a 10-inch, 3G enabled tablet and will be priced between iPhone and an affordable Mac notebook. It will probably come with the OS version similar to current Mac OS X. Nokia’s Maemo-based tablet Nokia seems to be in no mood to give up on its fate in front of giants like Apple and Google and is working hard on its own platform called Maemo 5. The company is preparing to launch Maemo 5-based N900 Phone. The key features of the phone will be

2009

2010

because of its features and online support. Office 2010 Web Apps will be competing against Google Docs which is the leader in the online version of documentation. It will be exciting to watch what features Web Apps provide. We hope that the desktop version of the Office will be better and richer. Office 2010 will be as to Office 2007 as Windows 7 is to Windows Vista in our point of view. Intel Xeon Nehalem-EX Processor It looks as if Intel Xeon Nehalem-EX will form the high-end Intel server platforms. They will provide countless technical advancement, which will boost enterprise computing to great extent. Nehalem will be having eight cores inside a single chip supporting 16 threads and 24MB cache. Few of the features of Xeon Processor are as follows: Intel Nehalem Architecture built on Intel’s unique 45nm high-k metal gate technology process Up to 8 cores per processor Up to 16 threads per processor with Intel Hyper-threading Scalability up to eight sockets via Quick Path Interconnects and greater with third-party node controllers 24MB of shared cache Integrated memory controllers Intel scalable memory buffer and scalable memory interconnects Up to 9x the memory bandwidth of previous generation Support for up to 16 memory slots per processor socket.

CTO FORUM thectoforum.com

21 DECEMBER 2009

A QUESTION OF ANSWERS

J E R E MY CO O PE R

Cloud Computing: Jeremy Cooper, Vice President, Marketing, Asia Pacific & Japan, Salesforce.com talks about the paradigm shift in modern era computing practices.

CTO FORUM 21 DECEMBER 2009

thectoforum.com

J E R E MY CO O PE R

A QUESTION OF ANSWERS

JEREMY COOPER | SALESFORCE.COM

â&#x20AC;&#x153;In terms of cloud adoption, even the

developed markets are at adolescent stageâ&#x20AC;? In an exclusive conversation with Gyana Ranjan Swain, Salesforce.com's Regional Marketing VP (APJ) Jeremy Cooper talks about the technological advancements and market potential of cloud computing. Excerpts: How do you see the cloud computing as a trend? How is the market shaping here? Cloud computing is an emerging trend, and the picture here is very satisfying. We are finding that many Indian companies are taking a lot of interest in this model. It is enabling a new class of entrepreneurs since one doesn't need to build offices, distribution centres, data centres or really infrastructure of any kind - every-

thing is managed in the cloud. Also, the current economic downturn has compelled many an enterprises to think about cloud. As you say that necessity is the mother of invention, the necessity of reducing Capex as well Opex has forced enterprises to think beyond conventional means. The potential in India is huge. There are more than eight million SMBs. And if I refer to a Springboard report, then the mar-

ket size could touch $260 million by 2011 that is in just two years. Still, I would say, that is just the beginning. Can you tell us about some important global trends? Compared to India, trends and adoption practices are more matured in the developed markets like the US and the EU. But still, I would say, seeing the potential of cloud computing, even the developed markets

CTO FORUM thectoforum.com

21 DECEMBER 2009

A QUESTION OF ANSWERS

J E R E MY CO O PE R

â&#x20AC;&#x153;Though the response of Government agencies in India is not very satisfying as of now, but they have started thinking about cloud seriouslyâ&#x20AC;?

are at an adolescent stage, if not at infancy. However, the adoption rate in APAC is very encouraging. Some markets are moving faster than the developed countries. In India, which industry verticals are more proactive in cloud adoption and why? Cloud computing is a different kind of solution, and it is really very difficult to say which verticals are more pro-cloud. Because whichever industry intends to lower its expenditure, without compromising with quality would go for cloud. In India, we have seen tech cautious companies embracing cloud with open arms. However, in general, manufacturing, pharma, healthcare and education sectors are adopting cloud faster than other verticals. What are the services that your customers mainly select? We have more than 1,35,000 customised applications for various requirements and all applications have their own demand, but the most selling product has been our CRM application. More than 50,000 enterprises and 1.5 million subscribers are using Salesforce CRM. That is the most on-demand application across industry verticals.

the software and data are stored on our servers. The Force.com PaaS provides the necessary building blocks to make cloud computing real time for enterprises.

What are some of the new developments at this front? Cloud computing is a general concept that includes many things. In the case of Salesforce.com, we see cloud computing encompassing both Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS), through Internet. The PaaS ecosystem is growing faster than others except SaaS. Our Force.com provides a platform from where developers can build and deliver any application, all without buying or maintaining any infrastructure. These applications are accessed from a web browser, while

How do you see government look at the cloud computing? What could the potential bottlenecks? Though the response of Government agencies in India is not very satisfying until now, but they have started thinking about cloud seriously. And any government has justified reasons to be apprehensive about a new technology as they have to think about the whole nation before taking a decision. Awareness level about cloud in government departments are comparatively low which is another factor of slow adoption.

CTO FORUM 21 DECEMBER 2009

thectoforum.com

THINGS I BELIEVE IN Trust The next two years would see surge in cloud adoption. Target To incorporate government stakeholders in the value chain. Achievement More than 135,000 customised applications on cloud are available with Salesforce.com.

Any example where government agencies took up your solutions? About India? Many government agencies in the US, more prominently in San Francisco, Singapore and Australia are using cloud computing and other cloud solutions for the last few years. Here, we are actively in discussions with the government agencies, creating awareness, showing them various case studies of governmental deployments elsewhere for requirements that matches India. Though, the discussions are at various level, I would say, it has been very satisfying till date.

CTO FORUM 21 DECEMBER 2009

thectoforum.com

TECHCRAP SHUBHENDU PARTH shubhendu.parth@9dot9.in

THE AUTHOR IS the Executive Director and Founder Editor of iGovernment.in, Editor of IT Next and Consulting Editor of CTO Forum. You can reach him at Shubhendu.parth@9dot9.in

Are you ESN ready? If not, get back to the

drawing board and chalk out an enterprise wide strategy to reap the benefits of the fast growing social media. I AM OFTEN intrigued by the way everybody today is talking about how social media tools should be used by those other than for whom the likes of LinkedIn, Facebook and Twitter had originally been created for. However, I have never been able to fathom how these could change the business paradigm, the way majority of the analysts and experts have been projecting. According to Forrester, enterprise spending on Web 2.0 technologies is going to increase dramatically over the next five years. This increase will include more spending on social networking tools, mashups, and RSS, with the end result being a global enterprise market of $4.6 billion by the year 2013. So where would this revenue come from? Do these social networking sites have enough enterprise-grade social software to drive a large scale adoption? Are enterprises ready for this cultural-cum-generational shift in human-to-human communication without compromising their security? While the answer to these questions might be yes, most of the CIOs and CXOs whom I have spoken to on the benefits of using Enterprise Social Networking (ESN) tools, have not been able to quite justify, leave alone quan-

tify the benefits. Most of them were, however, unanimous in their belief that these tools for interaction, collaboration and content sharing can be a powerful way to disseminate information and connect with all stakeholders. But ask them about the return on investment (RoI), and you hit a wall! I quite agree with the argument made by Stephen Baker in his article "Beware Social Media Snake Oil" in Business Week that the hype around social networks—Wikis, and blogs for business—neglects the potential risks and time wasted. Baker also raises an important question that all proponents of ‘social media for enterprise’ need to answer: What's the business value of using ESN? Baker warns of the ensuing risks. Employees encouraged to tap social networking sites can fritter away hours, or worse, spill company secrets or harm corporate relationships by denigrating partners, irrespective of the fact that whether its intentional or incidental. Morten Hansenin in his Harvard Business Review blog raises another bigger issue—managers and organisations are often not aware about the challenges that they are trying to address using the social media tools.

Before evaluating enterprisegrade social software, CIOs need to list down specific goals and objectives that their organisations aspire to achieve using these tools

The answer, I firmly believe, lies in the ability of the CIOs to list specific goals and objectives that their organisations can achieve using these tools. Equally important is the fact that an organisation should have a matrix to measure these achievements. In fact, while evaluating various enterprise-grade social software CIOs need to make sure that the social media tools should improve organisation's productivity. It is also imperative to have in place solutions that can help an enterprise monitor public conversations, its sentiment and tonality. Having proper measurement tools also means that the organisation is able to identify and analyse events and their outcomes. Further, CIOs should look at integrating the data with the enterprise wide Business Intelligence and Business Analytics software to capitalise on the information better. However, all this requires a clear organisation wide strategy or a social media optimisation (SMO) roadmap. Experts suggest that like SEO, the SMO should also be in sync with processes and best practices of the organisation. The SMO should also be part of the CIOs’ 2010 resolution, particularly if ESN is one of the big bang things planned for the year ahead..

CTO FORUM thectoforum.com

21 DECEMBER 2009

BEST OF

Ken Oestreich is VP of Product Marketking with Egenera.

PHOTO BY PHOTOS.COM

BREED

ABOUT AUTHOR

Emergence of % Fabric Computing

DATA BRIEFING

2.9

WILL BE THE GLOBAL RISE IN SERVER SALES IN 2011 AS OPPOSED TO THE SLUGGISH GROWTH IN 2010

Fabric computing might just be the next big thing after operating system (OS) virtualisation.

ast week I attended Gartner's annual Data Centre Conference in Las Vegas. It was a four-days affair packed with presentations on cloud computing, IT operations, virtualisation and more. Surprisingly, a number of sessions directly were centred on fabric computing -- including "The Future of

CTO FORUM 21 DECEMBER 2009

BY KEN OESTREICH

thectoforum.com

Server Platforms" by Andy Butler, "Blade Servers and Fabrics" by Jeff Hewitt, and "Integrated Infrastructure Strengths and Challenges" by Raymond Paquet, Philip Dawson, Cameron Haight and Stanley Zaffos. All of these presentations were substantive analyses of what fabric computing was, but very little information was presented on why they were impor-

FA B R I C C O M P U T I N G

ENTER: FABRIC AS AN ENABLER

Virtualised I/O & Converged "Fabric"

Technology Software defined I/O Converged transport

Unified Computing

Unified Management (IaaS)

Virtual Networking

Technology Virtual switching Virtual load balancing

Source: Ken Oestreich

Technology Technology Full system provisioning Infrastructure mgmt (High Availability synched w/software Environment provisioning & VM management (Dissaster Recovery)

The next step is to define in software the converged network, its switching and

network devices such as load balancers. The result is a wire-once physical network topology, but with an infinitely reconfigurable logical topology. This permits physically flatter networks. tant. In fact, fabric computing might just be the next big thing after operating system (OS) virtualisation. Think of it this way: fabric computing is the creating components and abstraction of infrastructure such as CPU, memory, network and storage. These components can then be logically re-configured as needed. Fabric computing is similar to how OS virtualisation creates components and abstracts OS and application software stacks. However, the focus of most fabric related vendors is still centred on the most fundamental level of fabric computing, which is simply virtualising I/O and using a converged network. This is the same initial level of sophistication where the industry believed that OS visualisation was only about a hypervisor. Rather, we need to take a long-term view of fabric computing and bring about value by manipulating the infrastructure in the same way we manipulate virtual machines (VM). A number of heady

thinkers supporting the concept of Infrastructure 2.0 are already beginning to crack some of these revolutionary issues.

Enter: Fabric as an enabler If we think of fabric computing as abstraction and orchestration of IT components, then there is a logical progression of what gets abstracted, and what services can be constructed: Virtualising I/O and converging the transport This is just the first step, not the destination. Virtualising I/O means no more Network Interface Card (NIC) and Host Bus Adapters (HBA) on the server; rather, the I/O presents itself any number of configurable devices or ports. Transport can be Ethernet, Fibre Channel over Ethernet (FCoE), Infiniband, or others. In this manner, the network connectivity of the physical server can be simplified and changed instantaneously.

BEST OF BREED

Virtual networking The next step is to define in software the converged network, its switching and network devices such as load balancers. The result is a wire-once physical network topology, but with an infinitely reconfigurable logical topology. This permits physically flatter networks. Provisioning of the network, VLANs and IP load balancing can be simplified and accomplished via software as well. Unified (or Converged) Computing Now that we can manipulate the server's I/O state and its network connections, we can create software-based profiles of complete server configurations -- literally defining the server, its I/O, networking, storage connections, and even what software boots on it. (Software being either a virtual host, or a traditional native OS). Having defined the entire server profile in software, we can even define the entire environment's profile. Defining servers and environments in software allows us to provide: 1) high availability - With a hardware failure, we can simply re-provision a server configuration to another server in seconds. 2) disaster recovery - we can re-constitute an environment of server profiles, including all of their networking, ports, addresses, even if that environment hosts VMs and native OSs. Unified Management To achieve the ultimate in an agile IT environment, there's one remaining step: to orchestrate the management of infrastructure with the management of workloads. I think of this as an ideal Infrastructure-asa-Service â&#x20AC;&#x201C; a physical infrastructure that adapts to the needs of workloads, scaling up or out as conditions warrant, and providing workload-agnostic HA and DR. From an IT agility perspective, we would now be able to abstract nearly all components of a modern datacentre, and logically combine them onthe-fly as business demands require. Getting back to the Gartner conference, I now realise one very big missing link. While Gartner has been promoting their RealTime Infrastructure (RTI) model for some time, they have yet to link it to the coming revolution that will be enabled by fabric computing. Maybe we'll see some clue emerging on this next year. â&#x20AC;&#x201D;koestreich@egenera.com

CTO FORUM thectoforum.com

21 DECEMBER 2009

COVE R S TO RY

XXXXXXXXXX

lobal g d n a ities CIOs s r n e a i v d d the a umber of In CIES y b d e n nt IEN e u C g a I r d F a l n F U ions, a NTERNAL E ovations. s n e h appre REATING I e inn l b a k r are C some rema and

CTO FORUM 21 DECEMBER 2009

thectoforum.com

S TAT E O F T H E I N D I A NXC X IXOX XS X UX RX VX EX Y

COVE R S TO RY

IF YOU

happen to represent a company or an enterprise then there are high chances that you might have come across a certain 'breed' called CIO. What does he do? How do you define his role? Does he just lead the 'IT' shop? Or, does he do anything else too? Yes, he is involved not just in laying out the IT infrastructure or its various aspects in the organisation, he is also actively involved in outlining business strategies and planning, administration and operations, procurement, finance and even human resource activities. The stature of the mighty CIO is growing day by day, and so is his responsibilities and remunerations. Now he reports directly to the CEO, and is being inducted into the core management team. He is being taken seriously not only in businesses related to IT, but also in the overall business process of the company. To get a clear picture, recently, we did a survey involving the CIOs or the IT heads of various companies. Nearly 200 CIOs were asked 15 pertinent questions. The response was mesmerising. The old joke in the IT circles that CIO stands for 'Career Is Over' is passé. Rather, the CIO today stands tall among the company's executive management team. As high as 78 percent CIOs are now a part of the core team, and they do not think that their career is over as 57 percent of the respondents have already spent more than four years in their role and happily continuing. What does it suggest? The induction of the CIOs in the decision making body which makes them feel more important than what they were portrayed earlier, has helped not just the individuals involved but also the business involved. Making the CIOs a part of the core team boosted their morale who in turn started actively involving themselves in other activities of the company. The next pages give you more details about the growing stature of the mighty CIO.

By Gyana Ranjan Swain & Sana Khan

SURVEY METHODOLOGY CTO Forum’s first annual “State of the Indian CIO” survey was administered from 7 Dec ’09 through 17 Dec ’09. We selected only CIOs and IT decision-makers from our database and invited them to take the survey. The survey consisted of 15 questions. We did not select the respondents on the basis of company revenue, locations or the size of the IT organisation. We got nearly 200 responses during the aforesaid period. The survey results were tabulated on the basis of responses from the CIOs and the same is graphically represented here. In some cases the percentages may not add to 100 due to rounding.

CTO FORUM thectoforum.com

21 DECEMBER 2009

COVE R S TO RY

S TAT E O F T H E I N D I A N C I O S U R V E Y

FROM BACKROOM TO

BOARDROOM From the days when CIOs were considered as mere keepers of MIS, they have come a long way. Today a majority of them are not only reporting in to the CEOs but also are part of the company’s executive management team.

Out of 200 respondents, 38% SAY THEY BEAR A ‘CIO’ DESIGNATION FOLLOWED by 27% as VP/Sr. VP IT. A small number, 17%, are still called as Head-IT.

REPORTING STRUCTURE

Who do you report to? 27%

41%

16% 16%

Chief Executive Officer Chief Financial Officer Chief Operating Officer Others

A growing number of CIOs, i.e. 41%, are reporting to their respective CEOs.

CTO FORUM 21 DECEMBER 2009

thectoforum.com

“BEING PART OF THE TOP MANAGEMENT GIVES A HOLISTIC VIEW OF THE ORGANISATION and as CIO you can align IT with business as you tend to get a better perspective of the organisation’s needs and priorities.” VIJAY SETHI

CIO, Hero Honda Motors

78%

respondents say they are part of their company’s Executive Management team.

S TAT E O F T H E I N D I A N C I O S U R V E Y

COVE R S TO RY

IT INVESTMENT –

37%

of IT decision makers are now involved in setting technology investment priorities, strategic planning and investment goals.

BUSINESS’S CALL

Gone are the days when IT investment decisions were made in silos and the CIO had to fight for required budgets with the CFO. Today the IT investment decisions are the responsibility of either a top level executive committee comprising the company’s top management (including CIO) or there is a cross-functional IT steering committee within the company to take the call.

58% CIOs SAY THERE IS A TOP LEVEL EXECUTIVE COMMITTEE which reviews/governs IT investment decisions in their companies.

“Having no high-level committee to review IT investments makes the CIO’s office the single point of accountability. THE FLIP SIDE TO IT IS THAT THE CIO BEARS THE BRUNT IN CASE OF A WRONG DECISION” ARUN GUPTA

Group CIO K Raheja Corp.

Is there a high-level group in your organisation that reviews/governs IT investment decisions? 58%

Top level executive committee

19%

A cross-functional IT steering committee

An ad hoc group No

21%

21% of survey respondents reveal there is still no top level team governing IT decisions. CTO FORUM thectoforum.com

21 DECEMBER 2009

COVE R S TO RY

SX TAT X X XEXO XX F XT X HXE I N D I A N C I O S U R V E Y

COST CENTRE SYNDROME

“Old habits die hard.” Even after reaping extraordinary benefits from IT deployment across organisations and automating the processes, most enterprises think IT is still a cost centre. Although the mindset seems to be fast changing, a majority of CIOs say their organisations are not ready to change the stance as of now.

Slightly less than half, 42%, OF THE RESPONDENTS SAY IT IS CONSIDERED as a cost centre in their organisation.

Is IT still considered a cost centre in your company? 21%

May be

42% Yes

37% No

Since IT is a cost centre, a large portion of CIOs, 32%, are still busy configuring and managing systems in the production environments.

CTO FORUM 21 DECEMBER 2009

thectoforum.com

“In the near future, IT WILL BE A KEY ELEMENT WHICH WILL GIVE ORGANISATIONS THE REQUIRED PRODUCT DIFFERENTIATION and competitive edge. Hence IT should be viewed as an investment and not as a cost centre” SATISH PENDSE

CIO, Hindustan Construction Company

21%

respondents do not really know whether IT is a cost centre in their organisation or not.

COVE R S TO RY

S TAT E O F T H E I N D I A NXC X IXOX XS X UX RX VX EX Y

BARRIERS TO CIO’s OFFICE’S

UPSIDE

Only

CIOs say they have a disconnect with other C-level peers in the company

EFFECTIVENESS Even if the office of the CIO has earned dignity and due respect, it is still not free from hassles. Some of these problems come as natural constraints while others as organisational pressures. Amidst all this a CIO has to give his 100 percent or probably more. In their quest to become effective leaders, CIOs have to roll up their sleeves and overcome the operational constraints, if not the natural ones.

26% CIOs THINK THAT INADEQUATE IT BUDGETS and proving the value of IT internally are the biggest barriers to the effectiveness of the CIO’s office.

What else makes it to the list? “Vendors make tall promises on support, but these are seldom met after the implementation is completed. POOR VENDOR SUPPORT PUTS CIOS IN A TIGHT SPOT as they have already marketed the product internally with high expectations.” CHANDAN SINHA

CIO, GHCL

Aligning IT with business goals Ineffective communication with users/unrealistic user demands Shortage of time for strategic thinking and planning Lack of required skills among the staffers Pace of technology change/refresh Poor vendor support and diminishing service levels Disconnect with the top level executives in the company CTO FORUM thectoforum.com

21 DECEMBER 2009

COVE R S TO RY

SX TAT X X XEXO XX F XT X HXE I N D I A N C I O S U R V E Y

CUSTOMER SATISFACTION

THE TOPMOST KRA Measuring customer satisfaction – both internal and external – is an area which often remains neglected while measuring success or failure of IT in enterprise organisations. Our survey reveals that even today more CIOs are focused on measuring customer satisfaction internally. However, there is a growing proportion of CIOs who are now focusing on both external and internal customers of IT.

31% CIOs SAY THEY REGULARLY MEASURE CUSTOMER SATISFACTION with both internal and external customers. Does your IT organisation regularly measure customer satisfaction with IT services? 12% 31%

56%

1% 22

CTO FORUM 21 DECEMBER 2009

thectoforum.com

Yes, internally – internal employees Yes, externally – customers and partners Yes, both internally and externally No

“MEASURING CUSTOMER SATISFACTION WITH IT SERVICES IS AN INTEGRAL PART OF THE CIO’S ROLE. I have personally tried to do it, but have not succeeded so far. The reason is that standard methods available are not satisfactory” S N ROY

VP-IT, Murugappa Group

12%

CIOs say they have no way of measuring customer satisfaction with IT services.

S TAT E O F T H E I N D I A NXC X IXOX XS X UX RX VX EX Y

COVE R S TO RY

BUDGET BLUES

FIGHTING FOR THE RIGHT

25%

of survey respondents say they had a lower IT budget in the year 2009-10.

How long have you been in your current job? 3% 15% 57%

25%

During the past few years, IT budgets have been the most talked about aspect of a CIOâ&#x20AC;&#x2122;s life. The economic catastrophe has not only made every CIO spend money prudently but also has made it tough to get fresh sanctions. As things look up, a huge number of CIOs say they are expecting the budgets to increase as against a moderate number who saw increase in IT budgets for the year 2009.

A whopping 69% CIOs SAY THEY EXPECT THE IT BUDGETS to go up in the year 2010, which means the economy is looking up and businesses are ready to spend more on IT. Compared to FY 2009-10, FY 201011 will see a sharp rise in enterprise IT budgets, say the survey respondents 69% 2010-11 2009-10

51%

25% Less than 1 year 1-2 years 2-4 years 4 years and more

25% 24%

15% of CIOs say that they take part in formulating company's business strategies.

6% Increase

Decrease

Remain the same

CTO FORUM thectoforum.com

21 DECEMBER 2009

COVE R S TO RY

SX TAT X X XEXO XX F XT X HXE I N D I A N C I O S U R V E Y

TOP IT/BUSINESS

PRIORITIES A few years ago supply chain, knowledge management and project management and staff development were some of the key words surrounding CIOs. Today CIOs have started putting more emphasis on strategic planning, IT-business alignment, and innovation. It not only shows the maturity in their role but also underlines the fact that a CIO is a strategic leader than just an IT head.

19% CIOs SAY THAT STRATEGIC PLANNING AND ALIGNING IT with organisational goals will be their top priority in 2010. CIOs' other top priorities for 2010 in order of maximum preference

“OURCOMPANY IS NOT FULLY OUT OF RECESSION, hence bringing down costs is still high on the agenda. At the same time it is essential to ensure that marketing campaigns strike the right chord with the customers for which robust business analytics is important” MANI MULKI

Executive VP, Corporate IT, Godrej Industries Limited

Integrating systems and processes Implementing new technologies and innovation Implementing security and privacy measures Lowering costs External customer relationship management Knowledge management Optimising IT Supply Chain Project management improvements Staff development and retention 24

CTO FORUM 21 DECEMBER 2009

thectoforum.com

UPSIDE:

‘Information security and privacy measures’ is going to be one of the top four priorities of CIOs going forward.

S TAT E O F T H E I N D I A NXC X IXOX XS X UX RX VX EX Y

COVE R S TO RY

WHAT GETS CIOs

21%

CIOs say that IT staff and team building takes most of their time.

MAXIMUM TIME?

A few years ago, CIOs spent most of their time fire fighting with vendors and service providers and did not get much time to know the aspirations of the business executives. They also did not have time for the team members and their grooming. Today the scenario has changed. CIOs are looked upon as visionaries. They able to devote more time with business executives and staffers.

Close to half (47%) CIOs SAY THAT DEALING WITH BUSINESS EXECUTIVES takes most of their time. “Spending quality time with business executives at all levels across the organisation helps in appreciation of mutual ideas, CONCERNS AND LIMITATIONS AND ALSO SERVES AS A FEEDBACK MECHANISM for assessment of quality of service” ANAND PUNDLIK

Director, Information Services, Wyeth Limited

In your current role as CIO, which activity takes most of your time? 9% 23%

47%

Dealing with business executives IT staff & team building Dealing with partners & vendors External partner & customers

21% CTO FORUM thectoforum.com

21 DECEMBER 2009

COVE R S TO RY

S TAT E O F T H E I N D I A N C I O S U R V E Y

SO, YOU WANT TO BE

A SALESMAN?

In order to bring the business value through IT, it is important for a CIO to build alliances with his peers and key stakeholders BY AJAY DHIR, GROUP CIO, JSW LIMITED

THERE HAS

been a lot of debate in recent times about the role of the CIO in an organisation, especially in today’s turbulent and challenging times. Ranging from the ‘I’ in CIO, whether it signifies ‘Innovation’, ‘Information’ or ‘Irritation’, to the ‘Board Readiness’ of the CIO, or whether the relationship between the CEO, CFO and CIO is one of ‘conflict’ or ‘partnership’ ? If you see over the last 30 years or so, many of the early entrants in the IT industry were either from engineering or science background, and were responsible for their in-house IT systems. Most of the work used to be manual and over a period of time, these systems were ‘computerised’ or simply automated to reduce manual work. Consequently, the systems administrator was a person, who was more of a technocrat than a business manager, and very often this role was reporting to the finance or operations head, depending on the structure of the organisation and the way computerisation was being perceived by the management. Very often, this resulted in a skew whereas the automation efforts were focused on the commercial functions. This has done so much damage that today, many CEOs and senior management look at IT with a skeptical eye. Today’s CIO is expected to be a business savvy leader, coupled with his expertise in technology and excellent people management skills. Just being part of the ‘C’ suite does not get him acceptability in the organisation. He is expected to understand business, know the language of business and speak the same with his peers. The CIO of today must understand technology, but more importantly, understand how this technology has to be aligned with the business needs of the organisation. Speaking of IT-business alignment, what does management expect from the CIO? In today’s challenging times, mere automation or integration does not endear the CIO to the stakeholders or the board. Most importantly, he is expected to deliver value to the business by deploying technology in a strategic manner. The value cannot be mere cost reduction, it has to extend across the entire value chain of the organisation, viz streamlining internal processes, restructuring oper-

CTO FORUM 21 DECEMBER 2009

thectoforum.com

COVE R S TO RY

S TAT E O F T H E I N D I A N C I O S U R V E Y

“The CIO can play an exemplary role in delivering value to the business BY FOCUSING ON THE ‘CIA’ TRIAD, ‘CONFIDENTIALITY, INTEGRITY AND AVAILABILITY” Application of these thoughts and concepts in JSL : The steel industry has seen tremendous pressure since the last couple of years, and we have seen a lot of contraction in the eco system. As an organisation, we have always been circumspect in our investments and spending pattern, and have a robust framework for corporate and IT governance in place. Some of the very interesting examples where IT has delivered significant value to the organisation are :

Partner ecosystem

We have a well defined partner ecosystem which operates on integrity, trust and mutual respect. A very close alignment of the partners with our organisational vision and IT roadmap ensures a healthy and equitable relationship for both. Our cost conservation efforts resulted in almost 28 percent reduction in operational expenditure over the last two years.

Innovation

We used open source tools for our network monitoring system across the entire organisation. Since last four years, we had been on the lookout but the tools available were proprietary and expensive to own and sustain. This acted as a great motivator for the team and they were gainfully occupied during this tough time. In addition to that, we save money for the organisation as the investment was miniscule, compared to the gains. Another interesting deployment was on the front of security, where we moved our

pattern update to the cloud. The savings in time and effort was around 80 percent.

Transformation

By actively investing in HMI (Human Machine Interface), we have brought a competitive edge to our organisation. Our efforts in implementation of bar coding at the shop floor, use of RF/ biometric systems for attendance recording, interface of SCADA with SAP in our manufacturing, etc., have all given a technology push to the organisation.

Collaboration and knowledge management

We have facilitated collaboration and knowledge management in JSL by deploying our corporate Intranet ‘JConnect’, which has been developed in house and is maintained by the team from IT and HR. We have our e-library called our knowledge centre, which is linked with this portal and information stored and available online is a real treasure.

Security and governance

We have defined our IT vision and roadmap for a three-year period and have published it across the organisation. In addition to this, our internal team has created the IT Policy for JSL and its group entities and this is being deployed in a systematic manner to create a risk assured landscape. Thus, it is clearly visible how the CIO and his team can be a value creator for the organisation, and the role goes much more beyond mere cost cutting and technology deployment.

CTO FORUM thectoforum.com

21 DECEMBER 2009

PHOTOS BY JITEN GANDHI IMAGING BY ANIL T

ations, innovative ideas to make the business more agile and responsive, integration of the partner ecosystem such as suppliers, customers, service providers etc. with the IT systems of the organisation, permeation of systems across all layers, integration of manufacturing systems with ERP etc are all examples of innovation and how the CIO can bring value to the organisation. A point not to be missed is the aspect of information security and managing risk and compliance. These are two very important areas where organisations are facing challenges due to regulatory pressure and minimising risk to the business due to IT. The CIO can play an exemplary role in delivering value to the business by focusing on the ‘C I A’ triad, i.e., ‘confidentiality, integrity and availability, and creating a risk assured IT landscape for the organisation. As we have seen till now, the role of the CIO has now transformed to a value creator and an innovator, rather than being a mere ‘techie’ in the organisation. The message for CIOs is to be as innovative as they can, and if that is a challenge, then at least create and foster an environment that supports innovation, collaboration and direct alignment to the business. How CIOs should think about business value - Creating Value for the Enterprise : Many organisations cannot get a true fix on the value that IT adds to the businesses it serves – defining, measuring and maximising that value remains elusive. Needless to say, CIOs who are successful in this endeavor, broaden their scope of action beyond the technical sphere and traditional IT levers. If we have to look at IT generated Value, the core business priorities for an organisation will be – Operational excellence Security and risk assurance Investment protection Operational Planning Innovation Transformation The business value from IT is of an economic and strategic nature, it has different facets depending on business priorities. The metrics of measuring IT value vary in accordance with business context, prime driver being that business units own the IT projects and the value created.

COVE R S TO RY

S TAT E O F T H E I N D I A N C I O S U R V E Y

THINK

BUSINESS IT WILL FOLLOW CIOs IN INDIA can

be identified by the way they speak about their key objectives or KRAs. If I hear a CIO talking about per head IT cost reduction, I know he has an operational approach and spends time in keeping the works on at lowest possible cost. There are others who are customer-focused, for example, an airlines CIO whose main job is to reach out to his customers through Internet or any other means. Then there is another kind who is more involved in synergising business process and IT. These three types are not necessarily an evolutionary path, it is just how their business works and expects of IT, which drives the CIO behaviour. Most of my time is spent on operational IT services to deliver services efficiently. I spend about 40 percent of my time on operations, 20 percent working with non-IT colleagues, 15 percent working on M&A strate-

We need to spend more time with business leaders; move beyond operations BY TAMAL CHAKRAVORTY, CIO, ERICSSON INDIA

CIO gies , 10 percent on Business unit Advisory new initiatives and owner about 15 percent in Demand redefining business processes. Ideally, CIOs need to allocate 15 percent of their time on operations and over 50 percent for business interactions and business process refinement. So, is there a structure to deliver IT without CIO intervention? I have used concepts of sales and supply chain management to implement a seamless IT delivery organisation through a model I would call consultative IT. To make IT delivery seamless, building a ‘demand to delivery’ structure with a business wrapper, is key. There is a need to build an advisory function whose job is to sit in

“I have used CONCEPTS OF SALES AND SUPPLY CHAIN MANAGEMENT to implement a seamless IT delivery organisation”

CTO FORUM 21 DECEMBER 2009

thectoforum.com

Build

Deliver

Monitor/ Acct Mgt.

Business Process owner Delivery

IT the specific business units, who can act as the first hand conduit to the business units for their IT requirements. The advisory can then pass on requirements around new applications, changes or infrastructure to the build-up team, who then build the solution and pass it to service management. The advisor is a smart alec with good negotiation skills. The build-up guy executes as per plan and gets a toll-gate decision to move to production once the business user accepts the solution. These people can be brought closer to the business units at HQ, and by nature they are technical freaks and architects. The job of the delivery or service management person is to ensure what worked yesterday works today. My service management team has system managers whose job is to look at the whole system (application + infrastructure) on a higher level aided by system performance managers (SPM) whose job is to review agreed performance matrix to actual performance, monthly. The skill sets of these two guys are vastly different as one of them is customer facing, while the other is vendor facing. The last link to the business process team is the account manager, an IT person who works closely with the markets where actual deliveries and usage is happening closer to the market. Example could be an R&D IT responsible. If I look at this entire spectrum of people and their skill sets there is a little chance that there will be an overflow to my desk, and if it is, it will be to the tune of 10-15 percent and not more.

S TAT E O F T H E I N D I A N C I O S U R V E Y

ECONOMY

CLASS

The processes that have been put during the downturn to increase business productivity and efficiency will stay in the future as well BY LAXMAN K BADIGA, CORPORATE VICE PRESIDENT AND CIO, WIPRO TECHNOLOGIES

CIO AND COST

cutting in the current downturn: I do not think that a CIO in the current downturn should justify his role as a relentless cost cutter. According to me, a CIO should be an enabler and efficiency generator. They should bring in more efficiency in every aspect of the business. This may at times lead to cost cutting. For enabling and creating efficiency, the CIO must have a sound knowledge of the business. This will help to get a buy-in for initiatives from the other business units in the company. Focus on all business aspects: The other key factor for a CIO is the need to become data oriented. For example, a CIO can go to a business head of other function within the company and discuss certain issues that are detrimental to business and how they can be resolved. This will help the business head to understand the CIO in a better way rather than looking at him as someone who wants to cut costs etc. The CIO also has to ensure that new solution offered makes life easy for the users than before. Will cost-cutting continue post downturn? Whatever efficiencies or processes that have been put during the downturn to make business become more productive will not go away. We have been reading that despite growth posted by many companies, the numbers of jobs being added

are lesser. This is due to the efficiency built in the systems. For example, let's say that we create a mechanism for self service. Previously, we had a lot of manpower to support various functions. Now, with a site or portal being created, employees can get their queries answered or resolved by using the self service mechanism. This reduces the number of people by at least 50 percent. Companies have done this as a part of cost control and efficiency. Now, when the growth returns, would anyone go back to hiring more people and discard the self service portal? The answer is no because the efficiency created can never go out.

COVE R S TO RY

a virtual environment,we can get the same kind of efficiency in maximum one to two hours. So we have saved costs and also addressed the demands of the end user. The second example is on transportation. We have used new software to optimise people utilisation that has helped us reduce our transport costs by 40 percent. Third is more in terms of energy savings and the green initiatives. We deployed a back-end utility tool that scans computers when not in use and puts them in hibernated mode and reduces power consumption. All these initiatives were aimed at cost cutting, but now will stay as a regular process. Look at innovative technologies to create efficiency: Collaboration, video conferencing and tele-presence are essential technologies to save costs and increase employee efficiency and productivity. We want to continue using these tools and make it more flexible and adaptable to our end-user. The other area is the creation of private clouds to increase the efficiency of the various business applications and enable business.

My contribution over the past couple of years to increase efficiency and curtail costs: Earlier when buying servers, we used to carry requisition of the servers, do the procurement and finally get them after six long weeks. Today, by provisioning and consolidating in

â&#x20AC;&#x153;COLLABORATION, AND TELEPRESENCE are essential technologies to save costs and increase employee efficiency and productivityâ&#x20AC;? CTO FORUM thectoforum.com

21 DECEMBER 2009

COVE R S TO RY

S TAT E O F T H E I N D I A N C I O S U R V E Y

VALUE BEYOND PRICE THE ROLE

of the erstwhile MIS manager has today expanded and transitioned into that of the CIO or Chief Information Manager. The CIO is entrusted with managing the information assets of the company and not IT assets alone. This enhanced role entails that the CIO is responsible not only for keeping technology ticking, but also proactively charting out and implementing IT strategies through which IT can be used to differentiate the company in the marketplace. Hence, alignment of IT with business strategy will become key to driving business growth. The CIO needs to not only be adept at managing IT operations and delivering IT solutions, but also focus and direct his attention towards enabling growth, and innovate using business transforming information technology solutions. To achieve this, the CIO needs to work very closely with business users to chalk out a business process transformation roadmap and integrate IT into the business operations. In line with this strategy, many progressive CIOs are partnering with business and taking accountability to realise ROI benefits from the IT investments. So how can a CIO transition to be a value creator in today’s environment? In most of the organisations, CIOs would have already put in place a robust base foundation IT platform comprising of –

IT infrastructure : Enterprise-wide VPNs to connect operating locations, strong IT security policies, secure enterprise mail messaging, network and security monitoring, high-availability centralised servers and data centres (either own or third- party) will enable business users to tap into IT services on demand.

CTO FORUM 21 DECEMBER 2009

thectoforum.com

A value creator CIO while concentrating on deriving value for IT investments should not lose focus on optimising IT costs BY VVR BABU, GROUP CIO, ITC INFOTECH

Enterprise IT solutions : Best businessfit transaction processing backbones such as SAP ERP, Oracle Financials, etc. to integrate, streamline and standardise business processes across the organisation. As a next step, the CIO’s priority should be to move into a harvesting phase, where the base IT platform could be leveraged to implement innovative and business transforming IT solutions. These include 1.Extension of ERPs to integrate with shop floor, sales force automation and customer relationship management tools 2.Enable effective decision making of ERP data through data warehouse and business intelligence solutions

Help businesses attain strategic competitive advantages by implementing solutions for predictive analysis, lead indicator analysis, etc.

Implement optimisation and planning systems for various business functions like Demand Planning, Supply Network Planning, Financial Planning, etc.

“Many progressive CIOs are PARTNERING WITH BUSINESS AND TAKING ACCOUNTABILITY to realise ROI benefits from the IT investments”

Risk management : With businesses today being critically dependent on IT systems and solutions, the CIO should ensure that processes and tools exist to identify, monitor, manage, mitigate and eliminate risks to the IT assets that are commensurate with the importance of the asset to the organisation.

Extend BPO model for master data management, accounts payable, payroll processing, loyalty management, etc.

Free up business managers time by creating business analyst teams that operate on a KPO model to analyse specific business scenarios and generate reports that are pushed to the business managers on a need basis.

IT for sustainability : Going beyond implementing Green IT technologies like blade servers and virtualisation there are other IT solutions that help identify, improve, measure and manage energy and resource efficiency across business processes and departments, thereby saving costs and earning carbon credits. To measure the business impact of IT investments, CIOs can implement standardised IT portfolio management tools/ frameworks like IT scorecard. These frameworks can assist the CIO accurately map the business benefits and ROI of IT systems. It is estimated that the total cost of ownership of any IT system is approximately 10 times its cost of procurement. A value creator CIO while concentrating on deriving value for IT investments should not lose focus on optimising IT costs and continuously benchmarking the IT systems in the organisation with the business benefits they bring in.

S TAT E O F T H E I N D I A N C I O S U R V E Y

PART TIME FREIGHTER FULL TIME CIO

A firsthand account from the CIO who steered a mammoth logistic function BY RAJESH UPPAL, CHIEF GENERAL MANAGER-IT, MARUTI-SUZUKI INDIA

FOUR YEARS ago,

when the outbound logistics of Maruti-Suzuki was not in good shape, our managing director Jagdish Khattar asked me if I can handle that challenge and streamline the process. The challenge was daunting but exciting enough to give him my assent. As a result, in April 2006, I took the additional charge of company’s logistics function. The first six months were really tough. The only advantage

I had was the knowledge of processes created by the IT department. But when you handle these things as a process executive, a lot of soft issues and other unheard elements crop up. As a process owner, you are required to know these tiny business issues. When I took up the responsibility, I started by streamlining the logistics process, followed by creating adequate capacity to increase dispatches. However, the most important decision that I took up as logistics head was to get this whole transportation function within the legal ambit. The transportation of cars in the large, oversized carriers illegal because that size was not allowed to run on the Indian roads by the Ministry of Surface Transport. But if you transport the cars in smaller carriers, the whole economy goes for a toss. I personally created a committee within the ministry and chaired the same to do advocacy on behalf of the entire industry. Based on the initial suggestions of the committee, the government allowed the movement of those

“It can be FATAL IF CIOs CREATE COMFORT ZONES FOR THEMSELVES. There is a possibility of getting redundant in your own organisation”

COVE R S TO RY

oversized carriers. They were considered as legal till such time government came up with the recommendations. As a result, the process of getting stopped at the interstate borders and check-posts just vanished. From technology point of view, I recommended the implementation of GPS (Global Positioning System) on our entire fleet of carriers. This enabled us to not only track the vehicles. but also monitor the accidents caused due to high speeds and the negligence of the drivers.

Non-conventional thinking As a visionary CIO – a proactive thinker outside the comfort zone - you can do wonders to streamline other parts of the business. Your expertise as a technology process owner should not merely confine to technology implementation. Those can also be used in areas such as logistics, supply-chain etc., which are purely technology-driven. There is no better person than a CIO to make it successful all along. A CIO++ role puts you to rigorous, unforeseen tests. It also helps you in exploring more avenues of work outside IT. Understanding the processes of user area is something that every CIO does but unless you feel the heat of the process, you will never be able to understand the criticality. As the owner of a process you learn how to run it as a profitable business unit. By doing so, you can be as indispensable asset to your organisation.

Learning curve realities Having stabilised the required systems and setting up the right processes, my learning curve was already peaking the top. And if you are the top custodian of IT, you will see to it that with your reduced involvement, the innovation in IT suffers some setbacks. I felt the same in my organisation. Though the IT projects didn’t derail, yet there was a visible lack of progress. As a CIO, IT always remains your core function and you can’t neglect this fact. It can be fatal if CIOs create comfort zones for themselves. There is a possibility of getting redundant in your own organisation.Having talked about my return to IT, my CIO ++ role hasn’t come to an end. There are chances that I take up yet another additional business role or a totally different role than IT within the organisation soon.

CTO FORUM thectoforum.com

21 DECEMBER 2009

COVE R S TO RY

S TAT E O F T H E I N D I A N C I O S U R V E Y

OUTCOME ORIENTED CUSTOMER SERVICE

Dr Jai Menon, Group CIO, Bharti Enterprises, spoke to Rahul Neel Mani on how the approach of the company has changed from effortoriented to outcome-oriented customer service. QThe role of customer service in any business is essential to its growth and survival. How have you managed this role at Bharti Airtel? At Airtel, I play the role of a custodian of customer service in addition to the classic CIO role. Before we look at customer service, I would like to first throw an overview on how we look at our internal and external customers. Customer service calls for the understanding of three critical questions. The first question that arises is who are these customers? The second question is what services are we offering them and finally how are these services been offered to them. We have two large segments of customers that fall in the B2C and B2B category. In the B2C segment, we look at the consumer segment that comprises urban and rural areas. We provide our services in 5,000 cities in the country and 4,00,000 villages. The consumer segment also includes homes where we offer mobile and other services like broadband and television. On the B2B front, we have large corporate customers as well as small and medium businesses (SMBs). Now what we offer to these customers is four screens. These four screens are mobile, computer, television and silver screen. For the mobile screen, we offers a bouquet of communication, content and commercial services. For the computer, we offer broadband services, while on the television platform we have Direct to home (DTH) and IPTV. For the silver screen, we are now working on digital cinema distribution etc. Besides the four screens, there is also four Cs: communication, content, commerce and computing. Communication is our base class of service that includes voice and

Dr Jai Menon Director- Technology and Customer Service, Airtel and Group CIO, Bharti Enterprises

CTO FORUM 21 DECEMBER 2009

thectoforum.com

S TAT E O F T H E I N D I A N C I O S U R V E Y

SMS; content is what we offer on Airtel Live through mediums such as mobile, broadband and television portal. Commerce is brought in through mobile commerce, while computing is tendered through Software-as-a-Service (SaaS) and other cloudbased services. The process by which we serve these customers by employing the four screens and four Cs is what we call as the beach model where our customers are our ocean and our partners form the beach that touches all our customers. These partners include all of the frontline touch points that interact with our customers. These touch points include our retail showrooms, retailers, call centre agents, collection agencies etc. We have a customer base of around 110 million, and there are 130 to 140 million people who support us as partners. The way we look at customer service is to ensure that there is a tight business engagement to accelerate customer happiness. In fact BEACH is an acronym for Business Engagement to Accelerate Customer Happiness. This means that the beach house (company) has to work in sync with the beach (partners) so that the DNA of the brand from the beach house goes through the beach and is shared with the ocean (customers). How has the ‘beach’ model helped in empowering the customer? Could you cite some examples? The ‘beach’ model has worked well as we built a business engagement model between our set of partners. This business engagement model was built from our learnings based out of our IT model. In the IT model, we built an outcome oriented model, where the IT costs were linked directly to revenues. This is nothing but percentage of revenue and within that percentage it includes capital expenditure, operating expenditure and end projects costs etc. As an example, using this strategy we changed the model of our BPO partners by moving them away from effort orientation and focusing on outcome orientation. We have in place a measurement ratio that we call as the outcome to effort ratio. Effort, for example, is simply picking up the phone and answering a call. Now has the call resolved the customer query and ensured customer satisfaction? Has it

reduced churn and increased our overall satisfaction scores? So we now look at a host of such outcome parameters. We have bought together technology to empower our customers. We have been doing multi-channel empowerment to solve their needs. Multi-channel implies using services like the Web, Interactive Voice Response (IVR), interactive SMS and Unstructured Supplementary Services Data (USSD) where all of these are shared in a simple manner. These services are independent of the channel and are transmitted to back-end IT systems. For example, our * 121# application answers all the queries of customers. This has been a hit with users, and since this service is USSD-based, it can run on any mobile device. This is also integrated realtime into our backend CRM billing and provisioning systems. There is another service called as My Airtel My Offer (MAMO) that has a recommendation engine to look at previous usage trends and recommend best

“We have brought together technology to empower our customers. We have been doing MULTI-CHANNEL EMPOWERMENT to solve their problems”

COVE R S TO RY

tariff plans that users can choose. So customers can get access to any information from any channel they choose with the same customer experience. We have more than 100 million transactions a month on these combined channels. Since customer service is closely knit with the CIO responsibility, we have realised that various platforms and processes need to efficiently converge in order to help the end customer. What according to you are the challenges that many enterprise CIOs face when it comes to customer service and how can they overcome these? Traditional CIO roles worldwide have evolved from the technical community of engineering, training etc. At the end of the day, a CIO is more of a consumer of technology than a creator of new technology. So when they consume technology, they need to do it keeping the business needs and processes in mind. In this process of consuming technology, there is more time and effort spent on getting just that piece right. Therefore, every element that a CIO has to do from business process all the way to design and implementation, operations etc. is typically been done by the CIOs own shop. Given the changes in the outsourcing scenario, CIOs can divide their responsibilities so that they focus more on the business while the outsourcing partner can focus on the technology aspect of the business. This will help release a lot of time of the CIO, and who can now focus more on business. Also, if you were to do a CIO scan across the globe, you will find that most of them have reached the position through a unilateral path. Their career experience has only gone up the technology chain. As the nextgeneration CIOs get created, it is desirable that they actually go through other business experiences. Would coming closer to customer call in for more and newer technology deployments? Understanding the customer is a dimension that does not require a lot of technology. I feel that technology is just an add-on to cater to the customer needs that provides value in a smart way.

CTO FORUM thectoforum.com

21 DECEMBER 2009

HORIZONS

FEATURES INSIDE

Myths About Cloud Computing Demystifying cloud. Pg 38 Walk The Talk A CIO needs to be a top level communicator. Pg 39

IT in the New Normal Recession or no recession, corporate

and IT leaders continue to see a key role for IT, especially to capture efficiencies across the enterprise. 34

CTO FORUM 21 DECEMBER 2009

thectoforum.com

he economic tumult of the past 18 months has affected every facet of corporate operations, and it has not spared IT. In McKinsey’s fourth annual survey on information technology strategy and spending, we asked chief information officers (CIOs), chief technology officers (CTOs), other executives in the IT function, and additional C-level executives about their companies’ business technology agendas, the impact of the recession on their IT organizations, and their approaches to developing and executing IT strategies. The results affirm the continuing importance of IT to strategic success, despite the recession. CIOs have felt strong pressure to deliver ever greater levels of efficiency in the downturn, but overall satisfaction with IT organizations remains high. In addition, most respondents foresee an increase in IT investment, perhaps because companies are applying IT to solve problems across the business. Meanwhile, as technology-related disruptions continue to affect businesses, executives persist in pushing for closer integration between business units and IT.

IT’s response to the recession The value executives (both inside and out-

T E C H AG E N D A

side the IT function) perceive IT as offering their companies have held up well since our previous survey, in October 2008. Respondents indicate that IT has become more important to improving business efficiency and reducing costs across the enterprise than it was last year. Notably, a smaller share of respondents indicate that their primary focus is to achieve the lowest IT cost (Exhibit 1). This suggests that executives are realizing better results from applying IT to solving problems across the business. However, running a tight IT organization remains important. We asked IT executives about the actions they have taken in the past year, as well as those they plan to take in the next 12 to 18 months in response to the crisis (Exhibit 2). Respondents indicated a strong preference for structural cost reductions: three of the top four actions discussed focus on reducing structural costs through efficiency improvements, including applications development, infrastructure consolidation, and contract renegotiation. Looking ahead, two-thirds of the respondents report they plan to undertake structural cost reductions in the next 12 to 18 months. Green IT programs, such as those that increase energy efficiency in data centers, have fared well despite the slowdown. At companies with a green IT agenda (almost half of those surveyed), more than 25 percent of respondents indicate they are accelerating their plans, and about half say their plans will be unaffected by spending reductions. Cost savings and reputation enhancement are likely behind this strong push to protect green investments.

Spending in the right place Looking forward to 2010, projections for operating budgets follow trends seen in last year’s survey. More than 60 percent of respondents expect IT operating expenses to decline or hold steady (Exhibit 3), reflecting a continued focus on “resetting” operating costs for an uncertain future. Expectations for new investments, however, paint a different picture. More than 45 percent of respondents expect to increase investments, while about 20 percent see them holding steady. When there is a payback, it seems businesses are willing to invest; many of these investments are geared toward improving business opera-

NEXT HORIZONS

% of respondents who ranked given IT capability no. 1

Exhibit 1

The role of IT How well each capability currently furthers company goals Delivers services at lowest possible cost Improves business efficiency

2009, n = 444 2008, n = 548

Supports our company’s growth ambitions by delivering services or products that set us apart from competitors

27 33 39 31

19 20

Plays a leading role in transforming our business

16 15

Exhibit 2

Responding to the crisis % of respondents who ranked given action no. 1,1 n = 270

Possible actions taken by an IT function in response to the global economic turmoil

Structural-cost reduction

Changes to delivery model

Planned for next 12–18 months

Taken in past year

Focused on efficiency improvements in application development and maintenance (eg, lean IT, process streamlining)

Reduction in shortterm demand

Reduced demand by canceling or deferring projects/activities

Increased infrastructure consolidation or virtualization

Renegotiated existing vendor contracts

Changed scope of projects to reduce costs

Rationalized or eliminated services or offerings (including reduced service levels)

Increased outsourcing and offshoring

11 16 14 12 8 11

1Base does not include respondents who answered “none of the above” or “don’t know.”

tions, both to lower costs and improve effectiveness, echoing respondents views on where IT is offering value to the business. Digging deeper into the data, financialservices firms lead all sectors with their spending and investing plans, a finding that may reflect improving business conditions in that industry. 33 percent of financialservices respondents expect to increase operating expenses in 2010 (up from the 15 percent who expected increases last year),

and 61 percent are considering an increase in new investments (up from 40 percent last year). Another notable finding is that spending plans for public and private companies diverge sharply. Only 31 percent of respondents at public companies expect to maintain or increase their current IT spending in 2010, while 62 percent of respondents at private companies say the same. For new investments, the pattern is similar: 60 percent of

CTO FORUM thectoforum.com

21 DECEMBER 2009

NEXT HORIZONS

T E C H AG E N D A

public-company respondents expect to maintain or increase new investments, compared with 73 percent at private companies.

Exhibit 3

IT’s effectiveness

% of respondents1, n = 444

The view from respondents who aren’t IT executives suggests that, by and large, they believe their IT functions are responding effectively to the crisis and adjusting well to their businesses’ changing needs and priorities. Among non-IT executives, 55 percent say current performance in providing basic IT services is very or extremely effective—an increase from last year’s 50 percent level. For higher-value activities, such as on-time/ on-budget project delivery and proactive engagement from IT, the share of executives who say IT is very or extremely effective hovers in the 30s, with roughly another third of respondents indicating that IT’s performance is somewhat effective. Significantly, these figures are largely unchanged from last year, despite all the economic turmoil. IT executives’ own view of their performance is less sanguine (Exhibit 4). Just under half of the IT executives surveyed say their management of IT infrastructure is extremely or very effective. Only 30 percent say their IT governance is extremely or very effective, and only 21 percent are happy with their ability to target places in their organizations where IT can add value (compared with 30 percent of non-IT executives who say IT is very or extremely or very effective on a corresponding measure). Measured against last year, IT executives’ satisfaction with their performance is down across the board, including several categories that show double-digit declines. It seems likely that this drop is driven by a continued sense of frustration among IT staff, who are being asked both to reduce their own costs and, at the same time, to help business units do more to improve their operations.

Shared vision for IT strategy At the highest level, all executives remain concerned about information- and technology-based disruptions—albeit with some key differences from last year. These worries include competitors embedding IT in their products, executing strategies based on better analytics and information, and using IT to improve the effectiveness of their busi-

CTO FORUM 21 DECEMBER 2009

thectoforum.com

Spending more on new investments No change

Increase

By how much, if at all, do you expect your organization’s IT budget for operating expenses and new investments will change in 2010?

Decrease

Don’t know

13 27 21 40

46 19

1Figures

may not sum to 100%, because of rounding.

2Includes

operating and capital expenditures.

New investments2

Operating expenses

Exhibit 4

Lower satisfaction % of respondents,1 n = 232

Currently, how effective is your IT organization in each of the following areas? Extremely/ very

Somewhat

Managing IT infrastructure

Implementing a strategic approach to sourcing

Governing IT performance

Introducing new technologies faster/more effectively than competitors

Driving technology enablement or innovation in business processes, operations

Targeting places in organization where IT can add the most value

1Figures

Percentage-point change from 2008

Slightly/ not at all

Extremely/ very

Don’t know

Slightly/ not at all

-13

-5

-8

-1

-13

-10

may not sum to 100%, because of rounding; all respondents are IT executives.

ness processes. The degree of concern has eased,however: in this year’s survey, 50 percent of respondents say their companies are very or extremely at risk given the potential effects of information- or technology-based disruptions on their companies, down from 65 percent in 2008. At the same time, the share of respondents rating their companies as somewhat at risk has increased to 30 per-

cent, from 19 percent last year. Seen in the light of the overall survey, this finding indicates that while core concerns about disruptions remain in the short term, recessionrelated preoccupations have become more acute. Nonetheless, companies remain exposed to the key unknowns they cited in 2008: shifts in customer expectations and bargaining power as a result of access to

NEXT HORIZONS

T E C H AG E N D A

better information, and significant changes in the cost to deliver existing products or services (Exhibit 5). While the recession has shifted some short-term priorities for IT, the longer-term vision for IT remains consistent with views expressed by respondents in prior surveys. Non-IT executives continue to say they want to forge a closer partnership with IT in order to improve performance and better manage the risks and disruptions that lie ahead. While only 16 percent of respondents say they have put into place tightly coupled business and IT strategies (Exhibit 6), two-thirds of respondents indicate that this configuration would be their ideal. Significantly, the level of strategy integration is strongly correlated to the perceived effectiveness of IT: for both business and IT executives, effectiveness materially increases as the strategies become more tightly linked.

Looking ahead • IT executives’ dissatisfaction with their job performance could eventually lead to deeper problems in morale and performance. Clear and effective communication by both IT and business executives will be critical to ensure that the IT organisation continues to understand how integral its efforts are to the success of the enterprise. • Respondents say they are willing to increase IT investments that drive real returns to their companies. Delivering on this promise requires business and IT to partner in building a comprehensive view of

How we crunched the numbers THE ONLINE SURVEY was in the field from October 13, 2009, to October 26, 2009, and received responses from 444 executives representing the full range of industries, regions, and company sizes. “IT’s unmet potential: McKinsey Global Survey Results,” mckinseyquarterly.com, December 2008. See James M. Kaplan, Roger P. Roberts, and Johnson Sikes, “Managing IT in a downturn: Beyond cost cutting,” mckinseyquarterly.com, September 2008.

Exhibit 5

Top disruptions % of respondents who say that their companies are ‘extremely,’ ‘very,’ or ‘somewhat’ at risk from informationand technology-based disruptions and ranked given disruption no. 1,1 n = 342

To which of the following disruptions, if any, is your company most exposed?

Rank in 2008

Shifts in customer expectations (eg, to better or differentiated service for existing offerings)

Changes in costs to deliver current products or services (eg, others deliver for significantly less)

1 2

Increased customer bargaining power from increased information about existing product offerings and alternatives

Significantly improved products or services (including substitutes) emerging at current or higher prices

Development of new offerings outside ‘traditional’ scope (eg, bank branches offering insurance a few years ago) Increased use of third-party resources/infrastructure, such as OEMs or outsourcing

Emergence of new channels or points of purchase 1Respondents

who answered “other” are not shown.

Exhibit 6

More effective, with tighter integration % of respondents, n = 444

How tightly coupled, if at all, are your company’s business and IT strategies currently? Total

Business leaders

Business and IT strategy are tightly integrated and influence each other

Business strategy is developed with some input from IT

Business strategy is developed first and used to guide IT strategy Business and IT strategy are not linked

% of respondents in selected category who say IT is effective1 IT leaders

28 47

27 8

27 16

1Composite

metric representing the percentage of respondents who rated three or more activities as "extremely" or "very effective."

the necessary process and system changes, as well as defining a clear, measurable, and achievable set of returns. • Despite the economic crisis, leaders need to continue improving the integration of their business and technology strategies. IT can help underwrite growth when the recov-

ery comes, but only if executives begin laying the groundwork during lean times. Contributors to the development and analysis of this survey include Roger Roberts, a principal in McKinsey’s Silicon Valley office; and Johnson Sikes, a consultant in the New York office.

CTO FORUM thectoforum.com

21 DECEMBER 2009

NEXT HORIZONS

C LO U D C O M P U T I N G

Myths About Cloud Computing

While experts say that cloud computing is the in thing, in reality, it'll take at least a year for companies to adopt it as a norm for their operations.

PHOTO: PHOTOS.COM

BY RICHARD GOUGH

branch, said, “Being big in the future of cloud may not be a benefit.” Take, for example, Amazon.com’s S3 cloud experienced an outage for about three hours, in 2008 leaving companies worldwide without access to their stored data. Likewise, Google Gmail and its application service platform were badly disrupted globally in February 2009. However, Gmail didn't collapse completely, while web access to email was shut down, IMAP accounts, the sort that you might use on an iPhone, were operating normally which should be seen as a plus for a always on 24/7 cloud platform. The point here is to carefully consider your options and do your homework before signing on the dotted line. When your life blood is your data then carrying out a full risk assessment is crucial to your success wherever you decide to host your computing systems.

loud computing is largely misunderstood, both as a concept as well as a delivery platform. In fact, the cloud is as big as the e-commerce revolution witnessed in the beginning of this millennium. Like e-commerce, cloud computing will take some time to sort out. Today, every technology supplier and vendor use the term cloud in marketing material to make sure they appear relevant. In reality, it will take at least one more year for organisations to adopt cloud computing as a norm for their operations. In fact, this is a good time to look at some of the myths that have build up around cloud computing. MYTH

The bigger the vendor, the better Reality: The presence of industry titans such as Amazon.com, Salesforce.com, Microsoft Azure and Google is certainly enhancing the profile of cloud computing especially among large enterprises like the Telegraph Media Group. But size and brand name amount to very little if a vendor can’t deliver quality of service. Thomas Bittman, chief of research for Gartner’s infrastructure and operations

CTO FORUM 21 DECEMBER 2009

thectoforum.com

MYTH

Cloud computing heralds a revolution Reality: Vendors’ public relations people would have you believe that cloud computing is a revolutionary new technology. But the truth of the matter is companies have been heading in the direction of this pay-per-service model for some time now with products like Salesforce.com for Customer Relationship Management and web site hosting by datacentre providers. Cloud computing is a natural evolution of infrastructure and application technologies. SaaS (Software-as-a-Service), for example, is a type of cloud computing that delivers a single application through a web-based browser to thousands of end users. The well-known concept of utility computing also falls under the umbrella of cloud computing, as do managed services that often entail fully outsourced network-management arrangements. MYTH

Only small businesses need apply Reality: According to a recent Forrester Research report on Cloud

C O N V E R S AT I O N E T H I C S

Computing, The main consumers of cloud computing are small companies that don’t have a legacy of IT investments to manage. But while cloud computing’s cost-effective model appeals to small businesses, large enterprises with well-crafted SLAs (Service Level Agreements) and mature IT teams also stand to benefit. Challenges, however, remain for mid-size organisations, as there are a significant middle market that without some planning will have a tough time using cloud computing technology. MYTH

Everything should be in the cloud Reality: Trying out cloud computing doesn’t

necessarily entail handing over your entire database to a third-party provider. Rather, companies can choose to farm out just bits and pieces in the same way many HR teams outsource recruiting but keep payroll processing in-house. A perfect example: The New York Times used Amazon EC2 and S3 to generate PDFs of 11 million articles in the newspaper’s archives, but kept production of the newspaper in-house. MYTH

Cloud computing is a cure-all Reality: As much as marketers would have you believe that cloud computing can solve all your server and storage headaches; there

NEXT HORIZONS

are still plenty of system design challenges to work out. For example, not all applications are ideal candidates for cloud computing based on their sensitivity, especially when it comes to handing over financial applications governed by strict compliance regulations. What’s more, as outlined in the Forrester report, “most cloud vendors today still do not do not provide availability assurances. Service-level agreements are mostly nonexistent.” In other words, cloud computing can potentially come with its fair share of downtime so make sure your prepared for this. On the plus side, we are already seeing companies like Google work hard to address this.

Walk the Talk

How should a CIO smooth talk his way to the boardroom. BY THOMAS STRUAN

he modern CIO doesn't often get the luxury of being misunderstood. Their peer group requires coherent language that is high on detail and at the same time low on technical jargon. Those of you who have experienced conversations between technocrats and lay business people know of what I speak. Such conversations go something like this. The technocrat starts off and the lay businessman listens intently for two minutes hoping to become wiser and attuned with technology. Soon, the blank stares appear followed by a confused (if not angered) look on their faces. The techie has not only lost his audience, but also his opportunity to gain buy-in for their idea or proposal.

Enter the CIO This is where the modern CIOs earn their money. Conceptually, a CIO is hired to manage the best use of technology for the company. For many years, there was a hidden reason behind the CIOs vital role. They were treated as a bridge between the hard core techie and the management. That role is no longer a secret. CIO job descriptions routinely include explicit language about their role as a top-

level communicator. In fact, a few larger corporations hire CIOs less for their technology skills and more for their ability to communicate, influence, sell, and manage others. Such a non-technical CTO can be dangerous also. The lack of technology background has led to some very costly business decisions. There are other cases where the CTO lacked the technical background to understand the finer points involved in delivering on plans sold to a naive peer group.

It's the audience, stupid! Having made a back door entry into technology, I learned the value of communication at all levels. One of the precepts to excellent communication is knowing your audience. Always make the assumption, when you are communicating with others (unless you can guarantee otherwise), that your audience knows less about the topic than you do, and that your audience is less technically conversant than you are. Not to make your peers seem like morons because they aren't, but you have to dumb down the techie a little bit. Ease them into it; define your terms along the way into easily digestible bites. Remember, if you were in a room of actuaries, you would probably come away feeling as ignorant of their lingo than they would be of yours.

CTO FORUM thectoforum.com

21 DECEMBER 2009

NEXT HORIZONS

D ATA M A N AG E M E N T

Play it again Sam Another key communication tool is to repeat what you just said. I actually refer to this as a reiterative tool. You don't need to become redundant in your conversation, but after you make several key points it is a good idea to put forward a quick summary of what you just said. In many presentations, I actually paint high value targets three times so that at the end of my communication everyone at least knows the main points. Another reiterative tool is the follow up. If I am trying to get a plan or initiative put forward I find ways of tying it into other communications. Having stressed my points before, I subtly drop them into future emails, presentations, proposals and discussions. Remember, subtlety is key!

Killing the messenger If you have not heard this expression, then you need to be aware that there are times that you will be communicating with hostile audiences. In ancient times, when kings were sent messages that included unpleasant news they would often kill the

11mn

messenger out of rage, thus the that I mean, when you have a diareference of ‘don't kill the meslogue your effectiveness is based senger’ emerged. Such situations on whether you have a history are unavoidable at times and you of delivering on what you have ARTICLES WERE need to prepare for them. discussed and whether or not you Now - there are shades of gray appear knowledgeable in your ADDED TO ITS here. In some cases, the people prior communications history. ARCHIEVE BY THE People will remember the most in your audience are just simply NEW YORK TIMES amazing things - many of which not interested in what you have to say. In such cases, you have to USING AMAZON are not what you wanted them to lighten the conversation, make remember. So, keep in mind that EC2 AND S3 it personal for them, and give everything you say will, at some PLATFORM them a sense of fellowship in point, come back to you. your cause. An example of this Once you are known as a would be going in front of your person that paints a tainted board of directors with a proposal picture you lose credibility. In requiring a bunch of treasure to expand your this game, we call life credibility is really infrastructure. The way you bring them to one of the few things we have to offer. So, your point of view is to actually know that prepare yourself. You will require informaextra bit: what are their key priorities for the tion from individuals and there are times company? what are the key initiatives they you will have to trust that information, but are discussing? how can your proposal help due diligence is never to be abandoned for to accomplish them? the sake of a quick response. It is better to delay what you want to say than to rush something into production that has a quesFollow through tionable amount of truth to it. Your communication is built on history. By

CMS: Plenty to Go

With growing use of social media, managing extraneous data is a challenge. BY DYLAN PERSAUD

aving started social media interaction, having acquired many third party applications that interface to your ERP system, how can you manage all this extraneous data? The problem that this causes for an organisation is the unstructured data that this produces. There are several implications for unstructured data being storage, indexing, tagging, ability to reuse and access data with email are problems an organisation will continue to face. Organisations have always had a difficult time capturing the unstructured data. Often valuable information is shared with no real way to leverage this goldmine. This problem extends throughout the organisation stemming from product design all the way to the entire supply chain. The lack of internal data capture extends to outside the enterprise when social media is invoked. Systems that capture data such as PLM systems have started to evolve as the backbone to organisational storage. The link of stor-

CTO FORUM 21 DECEMBER 2009

thectoforum.com

ing data and the ability to reuse it has caused some PLM vendors to incorporate content management and PLM functionality. This provides a basis for metadata tagging, indexing, storage, ability to leverage existing intellectual property and reusing company data that should be reusable. Enter one evolution of content management system. These systems can not only store data effectively but store it as usable chunks that can be indexed and readily accessible for many purposes. These CMSs can be thought of as another weapon to harness business performance. As these applications spread and start to merge with other applications we are seeing a new evolution of PLM and CMS to start to include social media. By including this functionality here it may alleviate some concerns about capturing data, customer feedback etc. It is pretty easy to see as more of these applications evolve and include greater features and functions they are encroaching on the ERP itself. — Dylan Persaud, Managing Director Eval-Source

CTO FORUM 21 DECEMBER 2009

thectoforum.com

THINKINGBEYOND CHRIS CURRAN | chris.curran@diamondconsultants.com

CHRIS CURRAN is Diamond Management & Technology Consultants’ chief technology officer and managing partner of the firm’s technology practice. He writes the CIO Dashboard blog at www.ciodashboard.com

The Fine Art of Persuasion

If the IT department wants its annual budget to pass muster, it needs to eliminate the unnecessary steps in IT planning. THINK BACK a few months. It’s August and you are starting to marshal the troops for the annual combat called the annual IT budget. You arm each of the IT leaders with a template, spreadsheet, and other tools with which they will collect the requests from the various business areas – customer segments, product businesses and corporate functions. Depending on your organisation, you may also start collecting some sizing data for each initiative – costs and benefits. Once each of the field operatives are done collecting, then the real fun starts. Each of the lists are then consolidated into a big list and additional details are added with the goal of prioritising them against some kind of framework (that may or may not already be agreed to). If the business value data hasn’t been collected, some basic sizing data is added. Then this list often gets massaged several times in IT leadership meetings. Just about the time that the CIO and his team is getting a feeling for the size and shape of the businessdriven list, the CFO starts sharing the

available budget and the CIO gets to go back to the group to report that the company can’t fund all of the projects that have been requested. In fact, it can probably only do about one-third of them. The remaining planning time, maybe into January, is then applied to further prioritising, sorting, iterating and finally telling users that their requests didn’t make it. Yes, this is an extreme case, and not all organisations work this way. But, many companies I have worked with had long, reactive and wasteful planning processes. In fact, in Diamond’s 2009 Digital IQ survey, companies reported that they spent 240 man months performing IT planning. I’m certain that this time is not all productive – we can do better. Agile IT Planning, Then Agile Business: Addressing this problem is a two-step process. First, we need to eliminate the unnecessary steps in IT’s approach to planning. The key to this is to begin with the end in mind, as follows: Develop a draft of the plan before asking for additional inputs. It’s okay to have gap, but it’s critical to

Drafting a plan should be the primary job of a CIO before going out and solicit business input.

set the boundaries up front. This draft should be developed by the CIO and his leadership team – 5-10 people max. Agree upon scope and other planning assumptions, including how much time will be spent in each phase, who will participate and how much money will be available, even if the definitive budgets aren’t set yet by the CFO. Communicate the draft plan, planning process and expectations to business and IT stakeholders so they know what you expect from them. Typically, I see some forms of #2-3 but very few organisations draft a plan before going out and soliciting business input. I think this is one of the primary jobs of the CIO that is often skipped in the name of business-IT collaboration. Once the gathering, analysis and prioritisation work (and time) is eliminated for the initiatives that would never make it anyway, you can focus on adding some time back into planning, but focus it on more productive things, which I will cover in my next post.

CTO FORUM thectoforum.com

21 DECEMBER 2009

N E T WORK SE CURI T Y

PHOTO BY PHOTOS.COM

NETWORK OF THE FUTURE

THE RELEVANCE OF

Network Monitoring Modern day network monitoring technologies can help in managing a fast changing IT environment in economic crisis BY TEAM CTOF

As we focus our minds

towards network security, one key thing that takes centrestage is network monitoring. Rallying about network security without placing a concrete plan of action cannot be called a smart move. What is smarter is to have a monitoring system that is able to notify the administrator about all happenings within your network.

CTO FORUM 21 DECEMBER 2009

thectoforum.com

Network monitoring therefore refers to a system that supervises all activities within a computer network. This system keeps a check on all aspects of the network - from the power situation to an expected crash or a LAN malfunction. This network diagnostic tool monitors LAN and WAN networks to eventually provide a graphical report of network statistics gathered by its different tools. This information available to network administrators can be used for dayto-day troubleshooting tasks such as managing downtime or handling any sort of security breach. The systems are particularly useful with large corporate networks or a populated university universe.

Most technology and security managers ensure that at least one of their permanent systems is deployed for the function of network monitoring

N E T WORK SE CURI T Y

A network monitoring system continually takes snapshots of the internal systems and creates a report as soon as it detects a problem. It then informs the network administrator of any suspension of operation. A subset of the different tasks carried out under network management, network monitoring works as an effective tool towards security. It takes care of any failures that might arise from within the network such as information overload or flailing network connections. They can also sound an alarm against virus infections or lost network connections. The monitoring system sends messages in the form of emails, pagers or even phone calls. These are also called watchdog messages. There are a range of network monitoring tools available in the market today. These include ping tools, network sniffers, web log analysers and such other. Ping tools such as free ping and servers alive are mature monitoring devices that are employed by technology managers for effective network monitoring. These tools are usually easy to configure and come with multiple alerting utilities. Network sniffers include real-time traffic monitors and network protocol analysers. These are useful to monitor network traffic on peer to peer applications and instant messaging networks. Log analysers can study data such as number of visitors and they can be used to generate monthly or weekly reports. Log analysers can also report real time information that can be produced on spreadsheets or HTML files. These files are also called capture files. They can be accessed the network administrators in real time or at a later point in time. A network monitor collects all the information required by the system by a process called capturing. As a rule, a network monitoring system collects information on all the frames it detects on the network. This data is collected onto what is called a capture buffer. A capture buffer is a reserved

area that has been defined in the storage memory of a system so that the information is readily available. In case the network administrator requires information only on a set of frames, they can use a capture filter. Once the required information has been captured, the network administrator can further create a display filter that will predefine how much of the captured information will eventually be displayed in the systemâ&#x20AC;&#x2122;s frame viewer window. Most technology and security managers ensure that at least one of their permanent systems is deployed for the function of network monitoring. Therefore, there are a number of network monitoring software available in the market today. DotcomMonitor is one such that has applied remote agents on three continents that work like internet browsers. They can monitor particular URLs for clients to undertake network monitoring services. Their network monitors check the client network to ensure that it is accessible and yet secure. Functions such as these help managers to reduce down time due to a break down or security hack. Products such as Lithium work as a suite of network, server and storage monitoring applications. They use SNMP and proprietary monitoring protocols such as those used by Appleâ&#x20AC;&#x2122;s Xserve, Xsan and Xserve RAID devices. Network monitoring solutions work for clients who would like to measure what is travelling through their networks or to gauge the reasons for a network slowdown. The network monitoring tool that works to check network slowdown is a network probe. It is also a protocol analyser that can track network traffic and therefore determine the cause for a slowdown in a matter of seconds. Network monitoring utilities comprise tools that can monitor the performance of routers and switches. These include tools such as bandwidth monitors, network monitors, wake-on LANs and port

NETWORK OF THE FUTURE

Advantages of network monitoring Prevent issues of bandwidth Solve bottlenecks that hurt server performance Makes the network a proactive entity that allows users to perform better Makes oneâ&#x20AC;&#x2122;s IT infrastructure more cost effective One is able to purchase bandwidth and hardware based on actual traffic numbers Makes network troubleshooting easy

What information can network monitors provide? According to a Microsoft case study, a network monitor can display the following types of information:

1 Source address of the computer that sent a frame onto the network. This address is a unique base-16 number that defines a computer on the network. 2 Destination address of the computer that received the frame. 3 Protocols used to send the frame. 4 The data, or a portion of the message being sent.

scanners. With the use of such tools, network monitoring is also able to check bandwidth bottlenecks of a network. They can be used to study the response time of multiple devices and send alerts in case a problem is detected. Wake-on LAN can be used to switch on a PC from a remote centre, while a port scanner can check the traffic in a TCP port. Most network monitoring packages today are able to simplify complex networks to manage it without facing any legacy problems. This makes the tools easily scalable and easy to afford. Users can pick from a range of network tools for their LAN and WAN networks. Network monitoring tools can also be used to study long term trends in a network.

CTO FORUM thectoforum.com

21 DECEMBER 2009

Event

CSOSummit The second CSO Summit discussed information security challenges and their possible solutions. BY VINITA GUPTA

CSO's role to provide sponsorship and program management and also control the security policy of the company and for this they should update themselves with latest technology implementations.

Pinkesh Shah, VP, Product Management, Policy Compliance & Risk Management, McAfee Inc. delivering the first keynote.

Keynote 2: Trends in information security in 2010

he second annual CSO Summit 2009 witnessed a gathering of more than 50 Chief Security Officers (CSOs) from various verticals to help them gain greater insights about their role. The two-day Summit was organised by The CTO Forum and took place on the 11th and 12th December 2009 at The Westin Sohna Resort in Gurgaon. DAY 1 SESSIONS

Keynote 1: Evolving role of the CSO Vishal Salvi, CISO, HDFC Bank gave the first keynote where he spoke about the strategic role of the CSO within the enterprise. He stated that security becomes intangible

CTO FORUM 21 DECEMBER 2009

thectoforum.com

The second keynote of the summit was delivered by Pinkesh Shah, VP, Product Management, Policy Compliance and Risk Management at McAfee who briefed the participants about today's evolving threats, top security trends and ways that can help organiVishal Salvi, CISO, sations manage information HDFC Bank making a point at the 2nd security. CSO Summit. Shah revealed that host of new threats like malware, phishing attacks etc. are being targeted towards organisations and in every 30 seconds a new malicious website is detected. Ninety percent of these threats are financially motivated as compared to 40 percent in 2005. He said that it is important for enterprises to understand the root cause behind such threats and also look until it is delivered and that today many at the various reasons for their existence people are making their career as security like misused functionality, malicious intent, officers as this role is now more independesign flaws and poor common sense. dent than just a part of IT. According to Shah, the three key trends in Salvi stressed on the CSO's role that Information Security for 2010 would be: should focus to make business more accountable for cost and risks. â&#x20AC;&#x153;Instead of Extinction of standalone signature based the CSO asking the management for investanti-virus ment, they should explain the risks that the Patch panic will no longer be an issue as company can face and how technology can 96 percent of attacks are patched help them mitigate such risks,â&#x20AC;? he said. Data centric security would be more He added that it would always be the important than just network security

CSO SUMMIT

Panel Discussion: UTM- The new rules of ensuring security The first day witnessed a panel discussion on emerging trends and technologies in the Unified Threat Management (UTM) landscape. The panel was moderated by Rahul Neel Mani, Editor, The CTO Forum that included Pramod Reddy, AVP and CISO, Applabs and Sachin Jain, CIO and CISO, Evalueserve. Jain said that having a UTM in a distributed network will not make sense, but for small companies it would be useful. According to Reddy, small offices only need Internet connectivity, and hence UTM is the best solution . He cited an example of how Applabs has been using UTM for firewall and IPS from the last four years and not for spam and anti-virus, and it is taking the load without facing any threats. The discussion was quite engaging with many audience members throwing up questions one after the other to the expert panel.

hosted and on-premise security and managing costs of audits. The panel was moderated by Sameer Shelke, COO and Co-founder, Aujas Networks and the panel included Ganapathi Subramaniam, GAP Resilience-Information Security Lead, Global Asset Protection, Accenture; Sabyasachi Chakrabarty, Regional Security Manager, APAC, British Telecom and Amit Raj Singh, Practice Manager, Managed Services, Wipro.

EVENT REPORT

Amit Raj Singh, Practice Manager, Managed Services at Wipro: “Information security policies should match the organisation's goals as the CSO needs to answers different stakeholders. Also while rolling out security the CSO should make sure whether the SLA is required or not, if it is it should be properly signed. Hosted model is cost effective and hence should be preferred.” K.S. Narayanan, Head-Information Risk Management- ING Vysya Bank: “Consider

From Left: Rahul Neel Mani, Editor The CTO Forum, Sachin Jain, CISO, Evalueserve and Pramod Reddy, CISO and AVP IT App Labs discussing Unified Threat Management and its future adoption in enterprises.

Observations from the summit participants: Vipin Kumar, Chief General Manager, Head-Information Services, Agri Machinery Group at Escorts: “UTM will not be replaced by desktop agent as it is security in one box; standalone products are very complex. We have been using UTM since the last three years and have never faced any problem.” K.S. Narayanan, Head-Information Risk Management, ING Vysya Bank: “UTM gives an organisation all the functionality in one box, but I think the market is not yet matured for this solution.” Pinkesh Shah, VP, Product Management, Policy Compliance and Risk Management at McAfee: “UTM is consolidation of different security solutions into one and vulnerability of application is not UTM's job and hence whether it is less or more important for a particular organisation (enterprise or SMBs) is not an issue but is about their requirement.”

Panel Discussion: Economics of security Enterprises are challenged to optimise budgets, resources and time, particularly the IT organisations and hence this discussion addressed topics like consolidation, point products, juggling the cost of prevention against the cost of risk and remediation, building a hybrid architecture of virtual,

K S Narayanan (right), CISO, ING Vysya Bank expressed opinions around the emerging threats and possible safeguards in the current scenario.

Gan Subramaniam, GAP Resilience-Information Security Lead, Global Asset Protection, Accenture India making his point during the discussion on Economics of Security.

Some of the important comments from the participants: Sameer Shelke, COO and Co-founder, Aujas Networks: “We as a CSO need to fix security issues in a preventive control manner. Almost 60 percent of the risks that is found in the first audit are repeated and hence we need to focus on risk management.” Ganapathi Subramaniam, GAP Resilience-Information Security Lead, Global Asset Protection, Accenture: “Security is more in terms of peace of mind, and hence measurement of security is not achievable and achievement of security is not measurable.”

security as a business risk and then IT risk. With this consideration ROI can be easily achievable.”

Session: Application and role of information security G Kiran Raju, Senior Consultant, Applications and Database Security at Wipro in this session mentioned that the new threat landscape is moving from information based security to web application and database security that involves securing the custom code, libraries, back-end systems, web application and database servers and monitoring databases.

CTO FORUM thectoforum.com

21 DECEMBER 2009

EVENT REPORT

CSO SUMMIT

Raju said that applications are easily available on the Internet to hack into a network. For example if a bank’s website is not secure then it will lead to hacking of the customer's data. This happens because network security mostly ignores the contents of HTTP traffic. He recommended some threat mitigation steps like: Performing application and database scanning for vulnerability Implementing Web application firewall Building a better and more secure SDLC Patching the application and the databases.

more on data security by identifying data and it gets leaked.” Vishal Salvi, CISO, HDFC Bank: “ CSOs are maturing on risk management but they should also focus on engaging in the business by acting as enabler.” Captain Raghu Raman, CEO, National Intelligence Grid: “CISOs should start assessing themselves; they should start explaining the management the reasons why things went wrong. Also while negotiating the budget with the management the CSO should be straight forward in discussing the pros and cons of not deploying a security solution.” Kaushal Kumar Chaudhary, GM-CISO:

security- A public-private partnership model to threat avoidance The three key stakeholders in the information security space today are government, industry and end-users. The panel discussion, with participation from all the stakeholders discussed about the possible ways to deal with threats like identity thefts, cyber crime, warfare and corporate espionage. The panel was moderated by Anuradha Das Mathur, Co-founder and Director at 9.9 Media and the panel included Captain Raghu Raman, CEO, National Intelligence Grid; Felix Mohan, CISO, Bharti-Airtel and Summet Singh, Senior Consultant, Wipro Consulting Services.

Comments from the participants: Sameer Shelke, Co-founder and COO , Aujas Networks sharing his thoughts on 'Leading the security and risk management through turbulent times'.

G Kiran Raju, Senior Consultant, Applications and Database Security, Wipro speaking on how to protect the applications and databases from attacks.

Burgess Cooper, CISO, Vodafone India took an open house session during the 2nd CSO Summit to set the Information Security agenda for the year 2010.

Open House: Setting the agenda for 2010-11 This session was led by Rahul Neel Mani and Burgess Cooper, General Manager (CISO), Information Security at Vodafone. Priorities related to technology, business and leadership of CISO/CSOs for the year 2010 were discussed.

Comments from the participants: Murli Nambiar, CIO-Security officer, Reliance Capital: “ CSOs should concentrate

CTO FORUM 21 DECEMBER 2009

thectoforum.com

“Most of the CISO are biased towards IT; we need to lift ourselves from IT towards business and try to handle both.” Nadeem Quraishi, CISO, Tata Motors: “We should try to reduce costs and this can be done through outsourcing. At the same time, we should also factor the risks associated with it.” DAY 2 SESSIONS

Keynote Session: Information warfare, cyber terrorism and end user

Captain Raghu Raman, CEO, National Intelligence Grid: “Security needs public-private partnership. The big difference between government and private sector firms is that private sector is profit oriented. In government sector each crime is dealt by different government segments and hence there should be complete synchronisation.” Summet Singh, Senior Consultant, Wipro Consulting Services: “The public-private partnership should not be an option but should be made mandatory. Government also plays a crucial role by forming laws and systems to tackle threats.” Felix Mohan, CISO, Bharti-Airtel: “The public-private partnership is of two types viz. regulatory and collaboration driven. Regulatory mandates are there in all countries but what we as corporate entities should not counter it but should stand in a unified form.”

Panel Discussion: Transforming business through governance, risk and compliance (GRC) This track discussed the best practices including how to leverage risk metrics and the need of a unified control framework to reduce the total cost of ownership of compliance. The panel concluded that GRC is more than software as it involves IT, risk, finance etc. and hence a comprehensive GRC will be handy. In addition, a unified approach to adopt the framework was also necessary. The panel included Vishal Salvi, CISO, HDFC Bank; Burgess Cooper, General Manager Information Security at Vodafone;

CSO SUMMIT

EVENT REPORT

Murli Nambiar, CIO-Security officer, Reliance Capital and B M Rangan, CSO, Quattro BPO. The session was moderated by Rahul Neel Mani. Security means business: Participants and panelists engaged in serious debates on enterprise information security during the sessions.

Views of the summit participants on growing concerns around GRC: B M Rangan, CSO, Quattro BPO: “The GRC initiative connects directly to the management and there is a need to look at all possible shareholders.” Vishal Salvi, CISO, HDFC Bank: “ Today I cannot think of any organisation that has adopted an automated GRC but in future they will be.” Murli Nambiar, CISO, Reliance Capital: “There is a need to have a unified GRC instead of having them in silos as there could be overlaps when they function in silos.”

Panel Discussion: Leading the security and risk management teams through turbulent times This track discussed leading information security or risk management function as a special responsibility requiring a mix of technical, political and social skills. The panel included Sameer Shelke, COO and Co-founder, Aujas Networks; Rishi Bhargava, Director, Product Management, Risk and Compliance Business, McAfee; Sunil Gujral, CTO, Quattro BPO and Siddharth Vishwanath, Associate Director, Performance Improvement, PWC India.

Observations from the summit participants: Rishi Bhargava, Director, Product Management, Risk and Compliance Business, McAfee: “There is a need to go cross functional. The cost of reporting that a customer’s credit card is stolen is high and hence it’s crucial to articulate the cost of non-compliance.” Siddharth Vishwanath, Associate Director, Performance Improvement, PWC India: “Specific measures related to a particular initiative should be looked upon and then depending on the initiative clear metrics should be defined.” Sameer Shelke, COO and Co-founder, Aujas Networks: “The most difficult task is to manage our own team. Also creating awareness among the user is not helpful, we need to educate them.” Sunil Gujral, CTO, Quattro BPO: “Security

Captain Felix Mohan, CISO Bharti-Airtel shared insightful information on cyber crime and security risks in the cloud computing.

Rajeev Seoni, CIO, Ernst & Young and Pramod Reddy, CISO & AVP IT App Labs shared their valuable thoughts on security in cloud environments.

Burgess Cooper, CISO, Vodafone India making a point during the discussion on Governance, Risck and Compliance while other panelists look on.

should be looked as a facilitator. Organisations should focus on innovation and skill sets.”

Panel Discussion: Security in virtual and cloud environment Cloud computing is picking up traction with businesses, and thus this session discussed the unique security risks it entails. The panelist of this last session included Pramod Reddy, AVP and CISO, Applabs; Rajeev Seoni, CIO, Ernst and Young and Felix Mohan, CISO, Bharti Airtel.

Important comments from the panel members: Felix Mohan, CISO, Bharti Airtel: “Cloud computing risks are related to data, people, organisation, provider and supply chain, governance and compliance etc.” Rajeev Seoni, CIO, Ernst and Young: “Every vendor has different definition for cloud computing, we need to have a common platform. There are vendors that are pushing cloud but it depends on the need of the organisation. Security in the cloud is a critical aspect as the data resides in an unknown place and hence it is not safe. Private clouds are more secure.”

Pramod Reddy, AVP and CISO, Applabs: “Security in the cloud is business driven. The organisation should first consider what type of data they want to move on the cloud, if the data is not critical than security is not a major concern. Cloud is evolving and the issues related to it would be discussed and resolved in the coming years.” Vishal Salvi, CISO, HDFC Bank: “In terms of convenience there is lots of scalability that a virtual environment can provide but cost and compliance are major challenges. Questions linked to some legal aspects of the cloud are still not defined.”

CTO FORUM thectoforum.com

21 DECEMBER 2009

D I G I TA L AG E

The Decade of Digital Decadence A decade since the human race overcame the fear of Y2K, technology has made inroads into our DNA.

BY RICHARD GOUGH

t the end of the 20th century technology entered into the next millennium - the focus of the world’s media. The big question was would the world melt down at midnight on the 31 December 1999 as the world’s computers fell foul to the Year 2000 (Y2K) bug. This bug was caused by the practice of abbreviating a four-digit year to two digits in many of the early computer systems that the world now relied on. Some programs could not distinguish between the year 2000 and the

CTO FORUM 21 DECEMBER 2009

thectoforum.com

year 1900 and it was feared that this practise by IT professionals to save precious computer memory could bring a much feared melt down of computers around the world. However, clocks ticked, parties were held, and for a moment we all held our breath at the thought of what the next millennium and decade would bring. More importantly, would our technology survive the transition into the 21st century? Ten years on we not only have witnessed the survival of our technology but possibly witnessed the first decade of digital decadence - a decade where our self-indulgence with technology has changed our cultural and working landscape beyond all recognition for us and future generations to come. The first decade of the 21st century

has turned the use of technology on its head. Like the Dandies of the 19th century decadence era, for whom looks were everything, today society seems to be driven by an unending appetite for digital decadence. This is a landscape where a mobile phone is no longer for speaking but is the centre of the social media world. In this 24/7 ‘always connected world’, products like the iPhone and Blackberry are king providing the digital hub that drives societies passion for technology. But at what cost does this digital decadence bring with it?

D I G I TA L AG E

In the UK, a new term “e-rage” has been identified in a survey by the Internet service provider Eclipse Internet. This survey looked at the effects of email downtime on staff in a selection of businesses types, and demonstrated that “the frustration of not having access to email can see them resort to extreme measures in an attempt to fix the problem”. This extreme behaviour extends to both agitated “mouse-clicking”, kicking computers and verbally abusing IT staff. There is also the human aspect of being connoted on a 24/7 basis. In 2001, the technology author Gil Gordon coined the phrase “defensive overworking”, which suggested that people now worked longer hours because of technology and a fear of unemployment. Gordon suggested that this “may be why some people who in the mid-1980’s would never have dreamed of interpreting their holiday to contact the office now carry a Blackberry and check their voicemail and email regardless of the fact they are enjoying a break. Technology has changed everything in the last ten years including how we listen to music, take photographs, watch movies, communicate, socialise, shop and even meet people for sexual encounters, love and marriage. We have a generation of children that have grown up digital, that have no idea what is like to not to have the Internet or a mobile phone at the centre of their social world. This has, in turn, brought problems with it as the darker side of society found that lurking in digital meeting places was another way of accessing the vulnerable and naive. For every new digital product realised there is a new digital challenge for IT pro-

fessionals to ensure data is protected and a company's intellectual property is not stolen. However, a number of other key technology events have helped highlight the importance of technology and in particular the use of consumer technology in this digital age. When President Barack Obama took office as the first black American President on 20 January 2009 history was made. By embracing technology, and in particular social networking and instant messaging, he has helped on his journey to the White House. The use of www.barackobama.com changed the way politics is played on the Internet, and on the ground. Obama connected to a new generation of voters across America by allowing his cam-

24/7 ACCESS TO INFORMATION IS A NECESSITY for our digital decadence generation, not only to survive but also to prosper.

the fine line between what is work and what is home life due to the now ubiquitous nature of email and access to work systems. But in a digital age society adapts as we have done before with previous new technology. It is thanks to technology that water can reach our homes. Food can be processed and preserved helping make it easier for us [the human race] to satisfy our basic needs. It could be said that many people in many countries can lead a luxurious life, thanks to technology. As knowledge becomes the new basic need we now see a new generation of workforce and consumer seize upon its access [to connect online] at every opportunity. Like clean water and sanitation was a must to our forefathers, 24/7 access to information is a necessity for our digital decadence generation, not only to survive but also to prosper Here's to the next decade of digital decadence and all the innovation it may bring!

—Richard Gough is Charted IT Professional, Fellow BCS, Chartered Institute for IT and Member of Institute of Leadership and Management. You can follow him on www.richardgough.com

paign and message to become viral through sites like Facebook, You Tube and the short message blog service Twitter. The main devices these messages were viewed on were consumer mobile phones and laptops of this new generation of voters who went on to spread the Obama message to their physical and virtual friends. The impact of digital decadence does present a challenge to IT professionals and the workforce who rely on it. It impacts on

CTO FORUM thectoforum.com

21 DECEMBER 2009

VIEWPOINT ROD KING | rodkuhnking@sbcglobal.net

Decisionmaking web. How to make smarter, faster decisions everywhere

ACCORDING to James Surowiecki in his book, “The Wisdom of Crowds,” the answer may lie in harnessing collective wisdom or the wisdom of crowds. Well, what if we could access online the Wisdom of the World (WoW) for decisions involving businesses, products, services, places, and even personalities? Wouldn’t smarter and faster decisions on everything be just a click away? For example, if we are thinking of buying a product, using a service, visiting a place, or even dealing with a workplace or personality, we would be able to know the painful and delightful experiences of members in our social network as well as the ‘world’ regarding the product, service, place, or personality. If such a web of information were instantly available, wouldn’t we all be making smarter and faster decisions? In such a world, we would be making decisions that really maximise our delight while minimising our pain. Google dominates the world of Internet search. The Red Ocean of Internet search is littered with corpses

that have tried to unseat Google from its top position. Do people still remember Cuil, Wikia Search, or Powerset? ‘Once positioned as a Google killer’ may be the epitaph shared by these search engines that haven’t quite taken off. Nevertheless, the relentless attack on Google Search continues. Bing is Microsoft’s latest attack on Google Search. Positioned as a “decision engine” that helps people to “make smarter decisions,” Bing currently has about 10 percent of Internet market share in the US. In contrast, Google Search has over 60 percent. So, how can a business best compete with Google Search? Should businesses in future engage in head-to-head competitions with Google in the Red Ocean of Internet search? Effectively competing against Google Search requires that a business redefines the perception and meaning of Internet Search. One approach is to develop a Blue Ocean tool that creates an uncontested market space while making traditional Internet search largely irrelevant. Social networking such as in Facebook is one category of

CTO FORUM 21 DECEMBER 2009

thectoforum.com

ABOUT ROD KING: Dr. Rod King is a thought leader, consultant, and trainer on TradeOff Mapping & Customer Experience Innovation as well as Blue Ocean Project Management. The goal of these approaches is to facilitate visual analysis, innovation, and decisionmaking for 'hit' products, services, and business models.

such tools. Another tool is the Decision-making Web. After all, many people deeply and often want to make smarter and faster decisions. What if one could access the world’s wisdom in just one click? At its core, a search engine is an instantly searchable repository of website addresses, a modern “Yellow Pages” of the Internet. Yellow Pages are often used to find where businesses are located in an area or a region. A Yellow Pages book contains a listing of physical addresses. In contrast, Internet search engines provide web addresses or links that are most relevant to a query. But what if there was a decision-making engine that went beyond providing web addresses? What if there is a social network that allows people to easily document their painful and delightful experiences regarding products, services, businesses, and places? Wouldn’t such information on customer experience be valuable to us when making our decisions? That’s what we are piloting in the Wisdomsourcing group on Ning. It’s an exciting collaborative project.