Digital Bulletin - Issue 21 - October 2020 by NODE

DIGITAL BULLETIN Issue 21 | Oct ’20

AGILE AT 80

TELEFÓNICA

Tom Gilb at his outspoken best

An automation success story

TRANSFORMATION

IN MOTION Deutsche Telekom’s IT organisation calls its ongoing transformation a ‘movement’. We speak to four of its senior IT leaders to take us through an extraordinary journey

JAMES HENDERSON Content Director

ransformation in the telecoms arena is very much the name of the game in this month’s Digital Bulletin. We begin with Deutsche Telekom where, three years ago, the company’s CIO Peter Leukert found an IT function that was struggling with a number of technological and legacy issues. In short, things were taking too long to do, with the company’s 10,000-strong team of technologists finding their progress hindered by rigid silos and inflexible processes. And so IT@Motion was born, an initiative that has drastically reduced the time it takes for Deutsche Telekom to go to market with new products. In one of the most fascinating case studies we’ve ever produced, Digital Bulletin speaks to four of the main protagonists to get the story behind a work programme to deliver a culture of technical and cultural agility to Europe’s largest telecommunications provider. In our second telecoms deep dive, we take a close look at Telefónica Spain’s ambitious project to augment its workforce with automation.

Javier Magdalena Pinilla, Director of Simplification and Robotisation, spoke to us about the company’s groundbreaking initiative. “Automation is a key driver, to have scalability, to have robustness in our operation, and to have resilience,” Magdalena tells Digital Bulletin. “This is a must for us and a must for the sector, because if we need to have much more activity with the same level of resources, the only way to achieve it is automation.” Elsewhere, we speak with Tom Gilb, the man widely considered to be the creator of agile work processes. Over the course of an hour-long, no-holds-barred interview, Gilb speaks frankly about the failures of modern-day agile methods and his annoyance with a lack of accountability in IT and much more besides. It’s a conversation you won’t want to miss. Our 21st issue is also our biggest to date, but it matches quantity with quality. We think there’s something for everyone this month, so dive in and enjoy.

PUBLISHED BY BULLETIN MEDIA LTD, Norwich, UK Company No: 11454926 TALK TO US editorial@digitalbulletin.com business@digitalbulletin.com

CONTENTS

MONTH IN REVIEW NEWS, VIEWS AND ANALYSIS

34 PEOPLE

SAP Brian Duffy on the company’s groundbreaking Autism at Work programme

20 CASE STUDY

DEUTSCHE TELEKOM An IT transformation in motion

42 CASE STUDY

TELEFÓNICA SPAIN The power of automation in action

68 62 IT SERVICES

PREMIUM THOUGHT LEADERSHIP

GLASSWALL How CDR is delivering file safety

278

DATA INTELLIGENCE

TESSELLA Using AI at scale and data governance

TOM GILB The creator of agile has his say

86 SECURITY

DEBATE Pivoting to a DevSecOps future

96 FUTURE

CQC Supercharging the UKâ&#x20AC;&#x2122;s quantum ambitions

104 6 A LIFE IN TECH

CEO and co-founder of Anonos, Gary LeFever, on three decades in tech

112

CLOSING BULLETIN

An exclusive column from Nuxeoâ&#x20AC;&#x2122;s Alain Escaffre

108 EVENTS

The best digital technology events for your diary

MONTH IN REVIEW

NEWS UPDATE Digital Bulletin rounds up the news that shaped the enterprise technology space over the last month

NEWS 8

DIGITAL BULLETIN

NEWS UPDATE

MERGERS AND ACQUISITIONS

t was a big month for mergers and acquisitions, but the blockbuster deal came in the form of NVIDIA’s cash and stocks package worth $40 billion to buy Arm Limited from SBG and the SoftBank Vision Fund, making it one of the biggest tech deals of 2020. The combination brings together NVIDIA’s AI computing platform with Arm’s vast computing ecosystem. NVIDIA will continue Arm’s open-licensing model and customer neutrality and expand Arm’s IP licensing portfolio with NVIDIA tech. Verizon entered into an agreement with America Movil to acquire Tracfone, the leading prepaid and value mobile provider in the U.S. The deal is worth $6.25 billion, to be split evenly between cash and stock. Tracfone is the largest reseller of wireless services in the US, serving approximately 21 million subscribers through a network of over 90,000 retail locations across the U.S. French telecoms outfit Iliad announced a takeover deal for the Polish mobile operator Play in a cash and shares deal worth $4.1 billion. Play is the leading mobile operator in Poland and also has a presence in its television

market. Having been approved by Play’s board of directors, the deal will now need to be rubber-stamped by the European Commission. Baring Private Equity Asia (BPEA) agreed a deal to buy global IT services provider Virtusa for $2 billion. BPEA is one of the largest independent private equity firms in Asia with approximately $20 billion of assets under management. The transaction, which is expected to close in the first half of 2021, is subject to the approval of Virtusa’s shareholders, customary regulatory requirements. Ericsson strengthened its enterprise 5G offering with the $1.1 billion acquisition of Cradlepoint. The deal is expected to fully close by the end of 2020. Cradlepoint offers Wireless Edge WAN solutions for both 4G and 5G. The acquisition is Ericsson’s biggest in ten years. Its CEO said it “is key to our strategy of helping

ISSUE 21

MONTH IN REVIEW

customers grow the value of their 5G network investments”. HPE completed the acquisition of SD-WAN business Silver Peak for $925 million. Silver Peak will become a part of Aruba, a Hewlett Packard Enterprise company. It will strengthen Aruba Edge Services Platform, helping to advance enterprise cloud transformation with an edge-to-cloud networking solution covering all aspects of wired, wireless local area networking and wide area networking. Ivanti made a double acquisition to bolster its position in the unified endpoint management space. It has paid $872 million for Mobileiron, experts in mobile security, and an undisclosed amount for secure access specialist Pulse Secure. Ivanti CEO Jim Schaper will continue to lead the organisation. He described the acquisitions as “transformation transactions”. Storage giant Pure Storage agreed a deal worth $370 million to acquire Kubernetes data services platform Portworx. This deal represents Pure’s largest acquisition to date and the company’s deeper expansion into the fast-growing market for multi-cloud data services to support Kubernetes and containers. Portworx’s clients include Carrefour, Comcast, GE Digital, Kroger, Lufthansa, and T-Mobile. 10

DIGITAL BULLETIN

FUNDING The payments and commerce platform Klarna raised $650 million in a funding round, taking its valuation to $10.65 billion. It means Klarna is the highest-valued private fintech in Europe and now the fourth highest worldwide. The funding round was led by Silver Lake alongside GIC - Singapore’s sovereign wealth fund - as well as funds and accounts managed by BlackRock and HMI Capital. Developer security outfit Snyk raised $200 million in a funding round, just nine months after raising $150 million, taking total funding to more

NEWS UPDATE

than $450 million. The latest raise takes Synk’s current valuation to more than $2.6 billion, and was led by Addition, a firm focused on supporting entrepreneurs. The company plans to add 100 employees over the next year. Subscription commerce platform AppDirect closed a funding round worth $185 million, taking its total funding to date to $465 million. Global institutional investor Caisse de dépôt et placement du Québec and existing investors participated in the round. The company said new funding will support accelerated organic expansion, strategic acquisitions and additional hiring. Airtable, whose no-code database platform has grown in popularity during COVID-19, has raised $185 million. The Series D round was led by Thrive Capital, though CEO Howie Liu claims his company “didn’t need the money”. He went on to add that Airtable wanted to “seize the opportunity” and secure itself against future economic uncertainties. Its platform is used by the likes of Netflix and IBM. Online money laundering prevention specialist EverCompliant has been backed to the tune of $35 million. The cash comes from a Series B funding round led by Red Dot Capital Partners. EverCompliant uses AI and machine learning to assess and drive insights

from hundreds of millions of domains. The company has also announced that it is rebranding to be called EverC. Virtual healthcare platform MDLive has secured $50 million in new investment. Its services have grown in popularity during the COVID-19 pandemic. MDLive has raised the cash through a crossover equity investment from Sixth Street Growth. The platform offers urgent care, dermatology, therapy and psychiatry services. It now plans to expand its offerings following this money injection. Ouster scooped $42 million from a Series B funding round. The company has developed digital lidar sensors primarily for autonomous cars, but which can also be used for robotics, industrial automation and smart infrastructure. It is now expected to go head-to-head with the likes of Luminar and Velodyne after experiencing a 62% growth in revenues over the past 12 months. Legion attracted $22 million in investment for its workplace management platform. The tool uses AI to automate certain decisions around managing workforces. It leverages more than 50 different AI models. Legion’s target market is medium and large enterprises, and its biggest customer has deployed the platform to over 1,000 employees. Stripes led the Series B funding round. ISSUE 21

MONTH IN REVIEW

MOVERS AND SHAKERS Steve Fieler is leaving his role as HP’s Chief Financial Officer (CFO) after two years in the position. Fieler is leaving the organisation “a role outside the company,” said HP, without going into specifics. HP’s Chief Transformation Officer, executive Marie Myers, will temporarily take on the role of CFO while the company undertakes a “comprehensive search” to find a permanent replacement. Amazon confirmed the appointment of Peter Marquez as head of space policy at AWS, a role that is a company-first. Marquez has a rich pedigree having served as director of space policy for the U.S.’s National Security Council under the George Bush and Barack Obama administrations. AWS 12

DIGITAL BULLETIN

has beefed up its space capabilities with the creation of the AWS Aerospace and Satellite Solutions division. Domino’s Pizza announced Kelly Garcia as its new Chief Technology Officer. Garcia replaces Executive Vice President – Chief Information Officer Kevin Vasconi, who has announced his retirement from Domino’s, effective Oct. 2. Garcia and his team have overseen the launch of Domino’s GPS technology and Domino’s Carside Delivery applications in recent months. Morgan Beller, the co-founder of Facebook’s cryptocurrency project Libra, has left the organisation to return to the venture capital world with NFX. Having spent the last three years working on

NEWS UPDATE

the Libra initiative, she will take up the title of general partner with the VC company. Beller has previously worked at Medium and before that as a partner at Andreessen Horowitz. Heading into Libra is the former European head of HSBC, James Emmett, to head up its crypto development. Emmett will join the Libra Association’s operating subsidiary, Libra Networks LLC, as managing director from the beginning of October. Libra has made a number of key appointments recently, including HSBC’s former chief legal officer Stuart Levey. The University of Oxford announced the appointment of John Tasioulas, previously a philosophy professor at

King’s College London, as the first-ever director of its Institute for Ethics in AI. The Institute is funded by a £150m donation by Stephen Schwarzman, and studies the “major ethical challenges posed by AI and the ongoing discourse about how AI will impact employment on a global scale”. SiFive has hired former Qualcomm executive Patrick Little as its new CEO. SiFive is focused on the design of customised RISC-V processors. Little’s challenge will be to establish SiFive’s processors as an alternative to Arm in the wake of its acquisition by NVIDIA. “The world is moving away from generic processors to workload-focused and optimised solutions,” Little told VentureBeat. Cyber and deep tech investor, Paladin Capital Group has appointed Ciaran Martin as a Managing Director. He joins Paladin from the UK Government’s National Cyber Security Centre, which he established as its first CEO in 2016. Michael Steed, Founder stated: “Ciaran Martin is an exceptional talent in the cyber sphere and we’re profoundly pleased to have him join the Paladin team.”

Stay right up to date with the latest news shaping the enterprise technology sector with The Bulletin, available at digitalbulletin.com

ISSUE 21

MONTH IN REVIEW

Cloud wars AWS has come out swinging after its latest appeal to overturn the Pentagonâ&#x20AC;&#x2122;s decision to award Microsoft the $10 billion JEDI cloud contract was rejected. Where next for this story that has captivated the technology world?

AUTHOR: James Henderson

DIGITAL BULLETIN

NEWS ANALYSIS

riting about enterprise technology can often feel like something of a niche endeavour, your audience being a highly valuable but limited group of industry enthusiasts. I’m not ashamed to say that I’ve reported on companies being sold for deals worth billions of dollars that I had barely heard of just the day before. Coverage of these deals pales into insignificance when compared to the sale of sports teams for just a fraction of the price, for example. But sometimes a story breaks through into wider public consciousness, driven by an intoxicating mix of big business and government. The Pentagon’s awarding of a $10 billion contract - known as JEDI

(Joint Enterprise Defense Infrastructure) - which pitched cloud computing’s biggest rivals head-to-head and stoked old tensions between President Donlad Trump and perhaps the most polarising man in technology, Jeff Bezos, has struck that lightning in a bottle. The most recent chapter of this ongoing saga is perhaps the most shocking, with AWS coming out swinging after its appeal for the U.S. government to row back on its decision to award Microsoft the contract was unequivocally rejected. Such was the strength of its response to the decision, I checked and then double-checked that it had come from an official source before posting a summary online.

ISSUE 21

MONTH IN REVIEW

“When the Department of Defense (DoD) announced its plans for corrective action in March, we objected because it was clear this was nothing more than a “do-over” for Microsoft to fix its non-compliant proposal,” AWS said in a blog post. “Given the DoD did not agree to meaningfully review the many evaluation flaws outlined in our protest, we said the corrective action was likely to result in another contract award based on politics and improper influence and not based on the relative strengths of the two offerings. That is exactly where we find ourselves today, with the DoD’s re-evaluation nothing more than an attempt to validate a flawed, biased, and politically corrupted decision.” 16

DIGITAL BULLETIN

From the beginning, AWS has been insistent that its expertise in government cloud - it provides services to more than 6,500 government agencies - made it the obvious choice to bag the contract, and contests that its tender came in “several tens of millions of dollars”, which is noteworthy given the DoD’s guidance that cost would be a big factor. Speaking to Digital Bulletin, Nick McQuire Senior Vice President and Head of Enterprise Research at CCS, says that AWS’s anger is understandable given the facts on offer. “AWS will feel that the beef that it has with the Trump administration is legitimate, and from what has been said it does appear that they’re going to

NEWS ANALYSIS

continue to keep their foot on the pedal. What is very difficult to assess is the way in which the Trump administration conducts these reviews, it is not the most transparent decision-making process. “AWS claims that its bid is the most cost effective for the U.S. taxpayer and has a much greater level of security and scrutiny when it comes to government cloud business. There could well be some validity to that, AWS was one of the early movers with its GovCloud back in 2011 in the U.S., which has led to Microsoft investing billions of its own dollars in security. It makes it very difficult to balance it out apart from to say that AWS is correct in that it hasn’t been given enough transparency in the process of the appeal.” There appears to be little appetite to give up the fight, despite the appetite from both the DoD and Microsoft to get the project underway, with AWS sending out the following warning shot:

“Although these are not easy decisions to make, and we do not take them lightly, we will not back down in the face of targeted political cronyism or illusory corrective actions, and we will continue pursuing a fair, objective, and impartial review.” McQuire comments: “One thing that is clear is that this is going to drag out, and it is difficult to predict how the Trump administration might respond to this. The real bottom line is that the process for the DoD is getting pushed further and further back, which is a real worry for all parties. “AWS will continue to bang the drum on this, I thought it was interesting that they called out Trump for his distraction methods. Whether banging that drum and continuing on will actually materialise into anything meaningful is difficult to say. “But one thing is for sure, if AWS continues to make a noise and get more

ISSUE 21

MONTH IN REVIEW

press coverage then it will have a better chance of forcing a U-turn if their claims of being tens of millions of dollars cheaper are proven to be correct. The question of how they lost the bid will be asked?” The loss of such a high-profile contract to its closest rival will also act as a motivation to fight the decision to the very end. AWS is unquestionably the leading player in the space, but Microsoft has long-term ambitions to challenge for the top spot and has been quick to scale-up its multi and hybrid cloud capabilities in response to the changing needs of enterprise. For its part, Microsoft has been happy to take a backseat since the awarding of the contract and the subsequent appeals 18

DIGITAL BULLETIN

by Amazon. In recent years it has beefed up its private sector offering with the release of Azure Stack for Azure Government, which offers cloud services usually found in the public cloud but within private data centres. “The cloud wars have been turned up a notch between the major hyperscalers, and Microsoft has gained a significant amount of ground since the beginning of the pandemic. There is an argument that this whole episode would not have been quite as heated two years ago,” comments McQuire. “We’re very much in a multi-cloud universe, half of businesses we look at across the U.S. and Europe have some

NEWS ANALYSIS

formalised multi-cloud approach to their public cloud strategy. Microsoft and Google Cloud are very much embracing the multi-cloud space, but AWS is not yet in that multi-cloud environment, so there are other pieces of the jigsaw to win as opposed to just standalone public clouds. That has presented opportunities to Microsoft which it has stepped into.” While Microsoft appears to be the victor in this story, the two main protagonists are Jeff Bezos and President Trump. The feud between the two goes back to before Trump’s election in 2016, with Bezos saying he would “send Donald to space” using the Amazon founder’s spaceflight company, Blue

Origin. Since then, Trump has called out Bezos over the tax his corporation pays and encouraged employees of The Washington Post - owned by Bezos - to go on strike. The JEDI contract has brought this simmering spat to a head, with a book released last year about James Mattis’ tenure as secretary of Defense claiming President Trump told Mattis to “screw Amazon” out of the contract. With the worlds of technology and government connected like never before, we can expect public spats between the two to become more common, says McQuire. “We are in a very difficult period where technology is heavily intertwined with geopolitics, which we are seeing with the TikTok and Oracle deal and the context of the trade war in China and the different technology interests that are at play in China. Given the current geopolitical climate, I think that’s something that is only going to continue. “What is interesting is that AWS is an American company, so it means there is more attention on the decision that is being made seemingly in not a fully transparent way, which suggests there is a political motive. From what I can see, it is difficult to say there aren’t any political elements in terms of that decision making.” ISSUE 21

CASE STUDY

Transformation in motion at Deutsche Telekom Four senior leaders of Deutsche Telekom’s worldclass IT organisation reveal the three-year journey undertaken to deliver a new era of technical and cultural agility to Europe’s largest telecoms company

PROJECT DIRECTOR: Richard Durrant AUTHOR: Romily Broad VIDEOGRAPHY: Jack Purling & Martin Eke

DIGITAL BULLETIN

DEUTSCHE TELEKOM

ISSUE 21

CASE STUDY

At the beginning of 2017, Deutsche Telekom’s new corporate CIO, Peter Leukert, arrived and found an IT organisation bedevilled by inertia. Years of technological, cultural and procedural baggage was slowing it down. The company was – and is - hugely successful: A $100 billion company, Europe’s largest telco, second-placed in the US (with not-unrealistic aspirations to soon be first), providing fixed lines, mobile, internet, IPTV and a suite of products and services to hundreds of millions of people and businesses in more than 50 countries. It’s also one of the world’s leading IT services providers. Deutsche Telekom’s IT organisation sits under the Technology and Innovation remit at board level and is, by any measure, at 22

DIGITAL BULLETIN

the vanguard of the world’s transition to an anywhere-anytime gigabit society. And yet just two years ago it was taking 18 months or more to go to market with new IT products. And the people tasked with doing it – 10,000 elite-level technologists in Germany and across Europe, India, Russia and Brasil - felt disempowered; they were straightjacketed by technical legacy, longstanding and inflexible processes, rigid silos, and a towering hierarchy. It was in those same people, however, that Leukert knew the solution lay. He began a rigorous process of honest reflection, led by a cross-sectional cohort of the company’s existing subject experts and leaders. The task was to identify all areas of a mission to entirely transform the IT organisation and put pace, agility and collaboration at its heart.

DEUTSCHE TELEKOM

It would involve a root-and-branch examination of architecture, management structures and toolsets but, most critically, be underpinned by systematically nurturing a new culture of free and open communication, trust, and individual empowerment. A project of impressive ambition on both a technical and very human level, it involved input from across the entire organisation and was codenamed IT@Motion. LEADERSHIP IN MOTION For more than a decade, Deutsche Telekom has strived as a matter of policy to encourage diversity within its workforce. It has become a standard bearer in Germany and around the world for its conscientious effort to remove barriers to

women’s access to technology careers, especially in terms of management roles. Technology and innovation at the group board level is overseen by former McKinsey technology chief and theoretical physicist Claudia Nemat, while half of the company’s Supervisory Board is now comprised of women. Four members of Deutsche Telekom IT’s own management board are women, and Leukert himself increased diversity as a key to unlocking successful culture change in times of transformation. Deutsche Telekom’s remarkable transformation story is a tale ultimately written by all 10,000 members of its team. Its central plotline is their energetic willingness to embrace change, collaborate and learn. But it is four senior female leaders who

ISSUE 21

CASE STUDY

help us lift the lid on the strategies and techniques that have made it all possible. One of those is Katja Drechsler, who sits at the very epicentre of change as SVP IT Strategy and Transformation, CIO-Office. She took on the position in 2017 after a varied 17-year journey at the company that saw her start in a T-Mobile call centre before ascending to oversee customer service functions, information management, and outsourcing management. Her role now is to shape and communicate the transformation vision and foster continuous engagement with it. “Deutsche Telekom is no longer only competing with other network providers. We’re also competitive with Amazon, Google and co for customer attention. New technology companies are dramatically shifting the benchmark in terms of

ANGELA MARAGOPOULOU

development speed, customer experience and quality. That’s the reason we needed to move,” she explains. She takes us back to the beginning – to the very first off-site meeting, in which systemic thinking was deployed to begin analysing all facets of their organisation’s character and to start charting the journey ahead. “The hypotheses were on the wall and it was a silent walk around, in 30 or 45 minutes. And it was like going through a museum… you could feel the pain and the fear,” she recalls. “In all dimensions we needed a quantum leap.” Those original hypotheses – 28 of them to be exact – helped compartmentalise the problems that needed to be solved and formed the outline of a conceptual architecture for transformation.

Angela is great. She has a talent for systemic working, because she irritates! I like how she irritates. She brings a new perspective, and her humour. She’s a physicist - we have a lot of physicists, but she is different. She has a passion for cloudification and artificial intelligence and she’s really, really smart on those topics” Katja Drechsler

DIGITAL BULLETIN

DEUTSCHE TELEKOM

But in identifying the ballast that was weighing the organisation down - technical, procedural or human – it was clear that one factor was more fundamental than any other: Culture. Hundreds of staff interviews followed, confirming that what needed to be tackled was an embedded culture of over-cautiousness and fear. Along with a lot of technical debt, the cultural malaise had led to organisational silos, a lack of accountability and free collaboration, and a swollen, bureaucratic hierarchy of decision making. Leukert says the “big idea” at Deutsche Telekom IT is to create a culture where “the big ideas come from great minds all over the organisation and not necessarily only from the top”. Mindset change, then, was to be the wellspring from which broader structural change would grow. Without it, transformation would simply not succeed.

DIMENSIONS OF CHANGE Drechsler explains that the transformation strategy was refined around five key pillars, the first being culture, along with architecture, operations, organisation, and delivery. “First of all it’s culture. We want to be fearless and transparent. Inside this culture is a relentless self-improvement and servant leadership behaviour,” she says. “The second is architecture; it should be decoupled and flexible. The third is of course delivery, so based on a new way of working, from Tayloristic to agile. Then we have the fourth dimension around organisation: skill based… from a line organisation to responsible teams. And the fifth is of course operations - we want high quality stability for our customers and business partners.” In ‘servant leadership’, Drechsler highlights a particularly important cornerstone ISSUE 21

CASE STUDY

DIMENSIONS OF CHANGE IT@MOTION CULTURE

• Relentless self-improvement • International cooperation • Servant leadership

DELIVERY

• Increase speed and flexibility • Deliver key priorities (Magenta Haus, Gigabit) • Scale digital and service hubs

OPERATIONS

• Improve Devops and automation • Increase operational stability • Cloudification

ORGANISATION

• Academies • Establish skill-based organisation • Foster continuous learning

ARCHITECTURE • Selective greenfield • Modernise • Decoupling • Legacy retirement

DIGITAL BULLETIN

of the Deutsche Telekom IT transformation strategy. Managers are actively coached and supported to systematically upend hierarchical management practices, instead working relentlessly to empower the people in their teams. The culture shift was to be achieved simultaneously with the rollout of lighthouse projects. Here, new teams would be brought together from across the organisation – including in particular from non-IT parts of the business – to work together with an agile methodology largely new to the people involved. They would be supported structurally by the whole management team and a steering group known as the Plexus, a team drawn from across the organisation tasked with mirroring reality on the ground and catalysing continuous feedback. Meanwhile, a network of internal academies would foster continuous learning. Sabine Abecker led the very first of what would ultimately become many distinct multifunctional teams assembled around specific projects, called Digital Hubs. Abecker has been building software and systems at Deutsche Telekom for more than 20 years and recognises more than most the seismic shift that has occurred within its walls over the last three. “For me, it was in the beginning really a movement,” she says. “Talking to the people without hierarchy, talking direct to them. In the beginning they

DEUTSCHE TELEKOM

KATJA DRECHSLER

Katja looks at everything from a very different perspective, and she helps the whole organisation to think about themselves. She has a very good perspective on where we could be doing things differently, where we can simplify things, and how we can communicate better. She just helps everyone to step out of the old-fashioned way of thinking. She’s really, really good at that.” Regine Schickentanz

were really astonished when management asked ‘normal’ experts for their opinion. They didn’t believe that their opinion was really asked for!” Abecker led the formation of a team around a new product, at the time known as Magenta Haus. It was the first of many “greenfield” projects, defined as such because it was largely unencumbered by legacy technology and, indeed, expectations. The team scrummed within the Scaled Agile Framework (SAFe) and embraced from day one its critical tenets of pan-business engagement and continuous education. “We completely changed our collaboration with the people from the business side. Before, it was completely different, there was always a burden between the

business side and IT, and here it’s all cross functional. We changed the technical architecture, we changed the business architecture, and we built a completely new customer care system,” she says. “So in the end we changed nearly everything.” Abecker now oversees 15 self-organising scrum teams leveraging at pace hitherto unfamiliar tools such as Kubernetes, MongoDB and a full adoption of cloud. COBOL, a programming language dating back to the 1950s, still exists at Deutsche Telekom – most large companies would actually admit to the same – but Abecker is leading the charge into the future. Conventional management hierarchies have collapsed as part of that process ISSUE 21

CASE STUDY

and Abecker, like Drechsler and managers throughout the company, have learned the power of servant leadership in helping it to happen. Abecker’s self-sufficient agile teams no longer wait for cascading commands, but rather take guidance. She doesn’t prescribe actions, but rather describes outcomes focused on how she can help the individuals in her teams deliver them. “I really have to fight against my own patterns. Not doing task lists, not doing command and control. But in Magenta Haus, they always give very quick feedback. ‘No, Sabine! You have not to tell us how to do this! So they also gave me the possibility to develop myself further.” 28

DIGITAL BULLETIN

ARCHITECTING PACE Self-reliant scrum teams, servant leaders, academies and holocratic management philosophies are all very well, but they’re nought without a technical architecture capable of moving at the same speed. Chief Architect Regine Schickentanz has also spent 20 years at Deutsche Telekom, beginning as an R&D engineer before going on to manage a wide variety of major initiatives. She is now leading her teams of highly skilled technicians out of their traditional space, and out of their comfort zone. “So we were very efficient, but in this journey of becoming more efficient and really getting stuck to all the very formal

DEUTSCHE TELEKOM

It is much easier to come to a good and common solution if you talk to each other” Regine Schickentanz

processes in that long waterfall, we forgot to be flexible for the business side. It is much easier to come to a good solution if you talk to each other,” she says. The biggest change for Schickentanz’s architects has been remoulding their day-to-day efforts as part of much broader teams. Projects are now managed in sprints including input from team members across the business – from sales and marketing through to network services, operations and top-level management. “You can only change architecture if you do cross-functional collaboration,” she adds. “It’s a very mixed team we are working with, and I think this is one of the

very important key factors that helps us to do the transformation. And this is also one of the big changes for most of the architects, to do this cross-functional interworking.” Schickentanz is responsible for a foundational element of Deutsche Telekom IT’s overall transformation strategy – she is not only changing the way architects do their work, but in doing so is enabling the rest of the organisation to do the same. “This is one of the really big cultural changes. You have to think of making smaller pieces; thinking in minimal viable products and not thinking I have to have a fully-fledged solution specified at the ISSUE 21

CASE STUDY

beginning of the process. Architecture was one of the topics that we had to think about because our classical IT chains were so tightly coupled that it is simply not possible to only go with smaller parts. Whenever you change a small part you have to have the whole chain retested,” she says. Architecture at Deutsche Telekom IT is transforming along four dimensions: Modernisation, Decoupling, Retirement and Selective Greenfield. Each dimension is communicated internally with its own unique colour coding, expressed in every document, presentation and working group. Thus, the inherent complexity of the architecture arena is broken down into Schickentanz’s ‘smaller pieces’ and becomes digestible by a greater variety of collaborating team members. 30

DIGITAL BULLETIN

Where projects can be undertaken afresh without triggering a blast radius of technical consequences, it’s ring-fenced as ‘Greenfield’. Abecker’s trailblazing Magenta Haus was an early example, along with Deutsche Telekom’s enormous ongoing fibre roll-out, which has been built with an entirely new microservices-based IT architecture. Every document, application or microservice in those areas is coloured green. Where forward progress is hindered by a legacy of IT dependencies, the need for decoupling actions are coloured yellow. Modernising IT infrastructure as a whole and retiring legacy systems are flavours of blue. Schickentanz cites the example of work undertaken to overhaul management of the company’s customer data, where huge, complex and critical applications

DEUTSCHE TELEKOM

have been replaced piece-by-piece, sprintby-sprint with common APIs feeding much leaner applications. And all the while, Schickentanz has learnt to support her teams not as a taskmaster, but as a servant leader active in the work itself, while operating as an evangelist throughout the organisation for the ‘big ideas’ her cross-functional teams produce. MOVING AHEAD Angela Maragopoulou has just celebrated her first year as SVP of Business Solutions in Deutsche Telekom’s B2B division. She joined to lead software delivery and operations in service of the company’s business customers and did so at the sharp end of the pan-organisational effort to redefine the role and culture of IT itself.

SABINE ABECKER

But Maragopoulou is no stranger to challenge and change – she studied both astrophysics and electronics before commencing her telecoms career “working with 174 men” as a field engineer. She’s since worked across a vast array of disciplines, from IoT to sales and marketing, and has relished the opportunity to link into an inspiring ongoing transformation journey at Deutsche Telekom. “It’s looking very good. From the lighthouse perspective I have been very impressed with the outcomes,” she says. “I have not enjoyed this much trust in a corporate environment before. The trust levels of these teams are unique and I’m really happy I’m working with them.” It’s that trust, built up over more than three years of reflection, education and

Sabine is the most explorative person in our team. She’s really very open to trying out new things - she’s the coolest person I know at this. She’s just the epitome of it, and that’s very, very empowering for the rest of us. I wouldn’t be able to try so much if it wasn’t for Sabine having this approach.” Angela Maragopoulou

ISSUE 21

CASE STUDY

collaboration, led by the likes of Drechsler, Abecker, Schickentanz and many others, that has allowed Deutsche Telekom to conquer its primary objective: The laborious 18-month time to market has now been reduced to as little as three. And it’s trust that is enabling the company to continue to deliver on its transformation objectives, even during the colossal disruption of a global pandemic. The journey is far from complete, as Maragopoulou is quick to point out. In her own organisation, she is overseeing the work of Digital Hubs delivering software to the marketing, sales and service management areas of the business, while also sponsoring the company’s data strategy and a hub dedicated to AI. But the methodical, iterative process to incorporate

REGINE SCHICKENTANZ

DIGITAL BULLETIN

areas of the business yet to be converted to the new ways is an ongoing process. “It’s a continuous thing. The transformation does not have a beginning and a stop - it doesn’t have dates. It goes on and we change again, and then through that process you have a continuous communication effort,” she says. A culture of confident teamwork has been ignited within Deutsche Telekom IT, enabling it to move faster and far more collaboratively with the rest of the business. That culture is one that also helps the organisation to navigate the inevitable headwinds of change as it counsels, coaches and upskills team members through altered circumstances. While they work to serve their own teams, Dreschler,

I’ve known Regine for many years and I think she is far ahead in terms of servant leadership. She listens carefully to what her experts say and she’s patient enough not to take decisions too early. She is brave enough to put conflicts on the table again and again until they are really resolved. That is something I really love from Regine - it’s outstanding.” Sabine Abecker

DEUTSCHE TELEKOM

Maragopoulou, Abecker and Schickentanz have also coordinated management discussion groups to ensure they themselves continually learn and improve. “We are not finished I have to admit. There are still big areas where we have to do this change,” says Abecker. “Our people are high skilled, and they are able and want to learn their whole life. They will never stop learning - they will always want to learn.” “You always have room for improvement,” agrees Schickentanz. “And it’s very important that you can’t do this on your own. This only works if you closely collaborate with the business side. We’ve never moved forward so well in changing the architecture and working together with the business side.” Drechsler puts Deutsche Telekom IT’s continuing transformation success down

to the willingness of the entire organisation to embrace change and act with a sense of fearlessness.“IT@Motion is a movement and not a programme in a classical way. Culture is the key, it makes the difference. Trust is grown and it turns more and more into a learning culture,” she concludes. “Bringing people together is for me such a joy, they learn how to use their potential together and to see that, it’s amazing.

TRANSFORMATION IN THE TIME OF COVID-19 How Deutsche Telekom maintained transformation momentum during a global lockdown

ISSUE 21

PEOPLE

DIGITAL BULLETIN

SAP

A CULTURE OF BELONGING Since launching in 2013, SAP’s Autism at Work programme has broken new ground on the path to more workplace neurodiversity. Brian Duffy, President for EMEA North, shares his insights and discusses SAP’s determined drive for greater diversity and inclusion

AUTHOR: Ben Mouncer

e have a problem. Adults on the autism spectrum aren’t getting work. Even though individuals who identify on the spectrum possess valuable and often unique talents, the United Nations has concluded that around 80% don’t have a permanent job. Even more pressing is the fact that this figure hasn’t much improved over the past decade or so. This points to years of inertia on the issue from those with the power to instigate change. In the United Kingdom, only last year did the government vow to actively monitor the autism employment gap. Last

November, Autism-Europe lobbied the European Parliament to do more during a presentation in Brussels. This is a subject that has for too long been avoided. So when SAP first conceived the idea of a specific programme to hire more people with autism into its own workforce, it felt like a “roll of the dice” according to Brian Duffy, the software giant’s President for EMEA North. Given the programme’s subsequent success, it’s safe to say it scored a double six. Autism at Work has now been running for seven years, and SAP CEO Christian ISSUE 21

PEOPLE

Klein has said his teams that include individuals with autism have reported a rise in patent applications, product innovation and an improvement in management skills and empathy. The programme has been a trailblazer in industry, with the likes of Microsoft, EY and HPE now operating similar initiatives. “I think the approach that SAP has taken is that there are certain things that just need to be done and let’s focus on doing the right thing - our Autism at Work programme was really one of those,” explains Duffy, “We just decided to say ‘ok, this is important, let’s allocate headcount to it, and let’s start to really focus on hiring individuals who are on the spectrum’.

We just decided to say ‘ok, this is important, let’s allocate headcount to it, and let’s start to really focus on hiring individuals who are on the spectrum’” 36

DIGITAL BULLETIN

“The benefits that we’ve seen from it have been incredible for the individuals, for the teams that they’ve joined, for our customers and ultimately for the business as well.” Autism at Work has a 90% retention rate, and many recruits have made a significant positive impression on the company, including one individual who created a tool that reduces processing times for complex cross-company invoices from three days to just 20 minutes. But Duffy is keen to stress the programme’s broader impact. He reveals that applicants on the autism spectrum have also been successfully placed into roles in other

SAP

business functions such as human resources, finance and operations, and not just in technology. “I think people may think that because we’re SAP and because we’re in the tech field, that’s where people who are on the spectrum naturally fit. But that’s a misconception because, yes, we’ve hired some people in development, but others are working in a myriad of different jobs.” Duffy says only in the week of our interview did an SAP employee approach him and thank him for the company’s efforts with the Autism at Work programme. Because of the increased awareness around autism,

this individual believed they may have been on the spectrum, so went through the process of testing and had a confirmed diagnosis. “It’s just a huge relief for them because they have an answer. We never thought there would be benefits like that.” Duffy is something of a flagbearer for diversity and inclusion at SAP. He is the main sponsor for D&I in the company’s Customer Success board area, which employs 37,000 workers worldwide. His responsibilities involve ensuring that colleagues are engaged in regular dialogue around D&I, while helping to deliver programmes like Autism at Work. ISSUE 21

PEOPLE

He does this alongside the day job - as President for EMEA North, Duffy leads growth efforts for the SAP platform, applications and business networks in key markets like the United Kingdom, France and the Netherlands. He joined SAP as a lawyer in 2005 and quickly rose through the organisation, becoming its youngest-ever regional president in 2017. So what motivates him to go above and beyond his executive remit? Duffy believes it’s a combination of his own passion for D&I, and the progressive line of action SAP itself is taking on this issue.

DIGITAL BULLETIN

The organisation aims to achieve the same promotion ratio for men and women, for example, and it runs “Project Propel”, a hiring partnership with historically black colleges and universities in the United States. Among other recognitions, SAP was last year accredited as a Stonewall Top Global Employer for the second year in a row for LGBT inclusion. It also organises more than 80 employee network groups to bring together people with common backgrounds. “The right culture isn’t something that we can just pick off the shelf,” Duffy says.

SAP

Everything we do; the innovation, the great transformations that we run for customers, all the technology, it’s great, but guess what? None of it happens without great people” “The culture is something that we drive at all levels of the organisation, if you’re a leader, a manager or an individual contributor. That culture is something that we create. What we’re trying to do is raise more awareness of the D&I topic and create that culture to a point where, you know, we have truly a culture of belonging, ultimately.” Part of that process is updating and making more comprehensive SAP’s official policies on D&I, a project with which Duffy is currently heavily involved. But how tough is culture change at a multinational behemoth of the technology world, which counts more than 100,000 people in its employ? For Duffy, not as tough as you might think - it all comes down to leadership.

“Anything can seem like a big challenge at the macro level, right?” he says. “But ultimately, the more awareness that we raise for leaders and for managers, then it goes back to employees. I don’t think it’s that difficult. “If I’ve learned anything - and it directly relates to this topic - it is that everything we do; the innovation, the great transformations that we run for customers, all the technology, it’s great, but guess what? None of it happens without great people. And if we can just keep our eye on the ball in terms of our people, then we can do great things.” Duffy’s energy for D&I partly stems from his own nomadic journey. Born in Ireland, he lived in the United States for 20 years and also held the assistant general counsel role for SAP in both Japan and China. Travelling the world and absorbing different cultures has certainly given Duffy a broader perspective than most, as he explains. “First of all, the U.S. is certainly a cultural melting pot. I really enjoyed seeing that and being a part of that. In the U.S. there’s also the sense of the all-American dream, where everything is possible. This for me is very inspirational. “I’ve done business in every region around the world, and you get to see how different people are. It means that you fine-tune your skills to not make any ISSUE 21

PEOPLE

The individuals who are joining the workforce today, they want to be able to see diversity and inclusion in action”

assumptions about people, but to just recognise that there are differences. “I remember when I was in Japan, people asked me what it was like there. And the only thing I could say was that it was just ‘really Japanese’ because it’s so completely different to what I was used to. It was a cultural shock, but at the end of the day, immersing yourself in an environment and culture like that, I think it allows you to develop your own skills and have more of an understanding of different cultures.” Duffy repeatedly talks of SAP’s “culture 40

DIGITAL BULLETIN

of belonging”. He says the efforts he leads around D&I are all about not forcing somebody to fit in, but for SAP to fit around them. There’s a fundamental belief that companies get the best out of their people when they are encouraged to be themselves and bring their own “specialness” to the table. A recent global, cross-industry study from PwC revealed that 76% of organisations are now viewing D&I as a value or priority, not only to drive higher engagement but to also enhance financial performance and enable innovation.

SAP

This tallies with Duffy’s view that the business world is waking up to the need to address a lack of employee diversity. “The individuals who are joining the workforce today, they want to be able to see it in action,” he says. “That’s why we need to make sure that we’re doing all the right things. We’re on a journey and I’m sure it’s going to change and evolve. But the good thing is that many companies including SAP are on this journey and are committed to doing the right thing.” SAP has certainly led the way with its groundbreaking Autism at Work

programme, and Duffy continues to take inspiration from the very personal stories that emerge from within this corporate giant of the tech world. “I remember speaking to one of the parents who said ‘my child doesn’t have a disability, society is disabling my child’. That really shone a light on in terms of the challenges that these individuals can face,” he concludes. “For me, what’s great is that we’ve put them on a path where you can see these individuals just growing and growing and growing.” ISSUE 21

CASE STUDY

SCALING NEW HEIGHTS Over the past two years, Telefรณnica Spain has been on a bold journey to augment its workforce with automation. The programme has been sizeable, challenging and groundbreaking. Javier Magdalena Pinilla, Director of Simplification and Robotisation, talks us through a technological and cultural transformation

PROJECT DIRECTOR: Richard Durrant AUTHOR: Ben Mouncer VIDEOGRAPHY: Fraser Harrop

DIGITAL BULLETIN

TELEFÃ&#x201C;NICA SPAIN

ISSUE 21

CASE STUDY

n June this year, José María ÁlvarezPallete, the CEO of Telefónica, made a key address in the wake of the COVID-19 crisis. In a powerful message, Álvarez-Pallete spoke of how COVID-19 had “deeply affected the societies in which we operate”. Telefónica runs high-revenue divisions in Latin America, the UK and Germany, yet it is synonymous with Spain. In 2024, it will mark a century in Spanish telecommunications; recent figures demonstrate significant market share in fibre (72%) and mobile (30%) networks, as well as leadership in enterprise IT services. During lockdown, Telefónica Spain faced an increase in bandwidth demand of almost 40%, and a 50% growth in mobile traffic. Citizens and businesses grew more reliant 44

DIGITAL BULLETIN

on the solidity of its networks, and its goal to “make our world more human by connecting people’s lives” was put through a severe test. By all accounts, Telefónica passed. In his statement, Álvarez-Pallete went on to write how COVID-19 is “going to irreversibly accelerate the digitalisation of society” and that Telefónica “will play a key role as a catalyst” for that digitalisation. And make no mistake, there was an assuredness that shone through in his words. After all, Álvarez-Pallete knew that for Telefónica Spain, the work that enabled continuity through COVID-19 began some time before most of us had even heard of a coronavirus. ––– Javier Magdalena Pinilla is sitting at a desk in Telefónica Spain’s Madrid headquarters.

TELEFÓNICA SPAIN

He is alone. The company’s workforce is operating fully remotely, so there is almost no chance of our interview being disturbed. “It is more likely that somebody interrupts at home,” he tells Digital Bulletin with a smile. Magdalena is a familiar face at Telefónica. He has been employed by the company for nearly 20 years and has served across multiple business units and geographies. Today, he is Telefónica Spain’s Director of Simplification and Robotisation, and the purpose of our conversation is to learn about how and why Telefónica Spain uses automation. But first, the subject everybody is talking about. “No doubt, there has been a lot of pressure during this COVID-19 pandemic on the company,” he says. “Just to understand, the traffic in our networks has increased by 50%, so this [has been] an enormous challenge for us. But Telefónica has maintained its services, we have improved our quality, and we have opened more digital channels with our customers.” Ensuring reliable and secure connectivity to its users has been Telefónica Spain’s main priority during the crisis. Aligned with the strategic vision of Telefónica, since late 2018 Magdalena has been steering a significant digital transformation initiative centred around automation, and integrating human and digital workers at scale. “I think that the pandemic has shown us that automation is a must,” he stresses.

We have a very clear standard for quality, and we are very focused on the quality of our customer relationships. Our priorities are reducing time, reducing errors and having that quality. So this is why we put a lot of effort into customer care” Javier Magdalena Pinilla

ISSUE 21

CASE STUDY

The ambitious programme aims to touch almost every part of Telefónica Spain’s business. While deployments have been made in automation-friendly areas such as finance, commercial, back-offices and operations, Magdalena believes the most innovative work has been undertaken around customer care, specifically in Telefónica Spain’s B2B and B2C divisions. “We need to put complexity out of the relationship with our customers. This is the main driver,” he explains. “We have a very clear standard for quality, and we are very focused on the quality of our customer relationships. Our priorities are reducing time, reducing errors and having that

DIGITAL BULLETIN

quality. So this is why we put a lot of effort into customer care.” Simplifying customer engagement has been essential during COVID-19. Telefónica Spain has a huge customer base; in the B2B arena, for example, it works with over 1,000 large enterprises and tens of thousands of SMEs, delivering communications and IT services. This requires a dedicated team of more than 1,000 specialists on its own. In B2C, you can multiply that workforce by six - 6,000 professionals, fielding in excess of 100,000 enquiries every day from consumers about their mobile, broadband and multimedia services. It’s easy to see the lure of automation when

TELEFร NICA SPAIN

RPA pioneer Blue Prism has delivered the attended automation components for Telefรณnica Spain

ISSUE 21

TRANSFORMING TELCO CONTACT CENTERS WITH INTELLIGENT AUTOMATION “Customer care is our obsession. Quality is our obsession. Human workers working obse hand in hand with digital workers is the way we’ve transformed our customer care areas. Our people feel their work is better with digital workers and the results are incredible.” JAVIER MAGDALENA, DIRECTOR OF AUTOMATION AND PROCESS SIMPLIFICATION, TELEFÓNICA

Blue Prism is the global leader in intelligent automation for the enterprise, transforming the way work is done. At Blue Prism, we have users in over 170 countries in more than 1,800 businesses, including Fortune 500 and public sector organizations, that are creating value with new ways of working, unlocking eﬃciencies, and returning millions of hours of work back into their businesses. Our intelligent digital workforce is se smart, secure, scalable and accessible to all; freeing up humans to re-imagine work.

www.blueprism.com

CASE STUDY

Robotics, automation and all these kinds of concepts sound great, but not everybody thinks this is the way to do things. So we have to make sure that our people feel this is good for themâ&#x20AC;?

DIGITAL BULLETIN

TELEFÓNICA SPAIN

you’re dealing with such a large-scale operation, even outside of a pandemic. “Automation is a key driver, to have scalability, to have robustness in our operation, and to have resilience,” says Magdalena. “This is a must for us and a must for the sector, because if we need to have much more activity with the same level of resources, the only way to achieve it is automation.” The B2B programme kicked off early in 2019, and was fully up and running within just seven months. Magdalena’s emphasis was to take away manual tasks from the highly-qualified staff in this area, affording them the time and space to engage at a meaningful level with some of Telefónica Spain’s most important clients. Not only has this part of the initiative reduced operational costs, it has also improved employee engagement. “We needed to let our people help our customers, to talk with them, and assure the quality of our services,” says Magdalena. “We automated around 70% of the tasks that these people were doing on a day-by-day basis, and the result of that is that we reduced the time taken by between 30 and 50%. “The people that are working with these tools have told us that their work is better than before, so we are very happy with the programme.”

The B2C implementation is the team’s flagship project for 2020. Just over half has been completed to date, and the main test on this side has been achieving volume, real-time and concurrency, rather than navigating complexity. This has presented a tough technological challenge to Telefónica Spain, in providing contact centre agents with the tools they need to streamline processes when dealing with customers. It set itself the goal of reducing handling time by around 20%, and simultaneously making the experience for its agents far more fulfilling. Part of that meant focussing efforts on real-time, which Magdalena believes is really critical for the project. “We need a platform working in real-time, the user experience has to be in real-time because we have the customer on the other side and every second is critical to offer the best level of service. Our customer has to work online with us, so having the feeling that our employees are working online is necessary,” he says. “The capabilities of the project are live and we are using these capabilities now, but with the volume of the project, and the different tasks we are going to automate, I think that we are around 50% done. We have the platform running, we have our people working with this platform, but now we have to put many more capabilities into the platform.” ISSUE 21

CASE STUDY

It’s very important to understand that Telefónica is using these tools to have much more scalability, to have much more robustness in our platform. And this mix between human and digital workers is key for us” Telefónica Spain has relied on the support of a number of strategic partners throughout this formidable programme, and it has forged particularly strong relationships with Blue Prism and EY. Blue Prism is the pioneer of robotic process automation software, or RPA. RPA is the technological backbone of this digital transformation, and Blue Prism and Telefónica Spain have worked very closely since the programme’s inception in 2018. In collaboration with its technology alliance partner TrustPortal, Blue Prism delivers the attended automation components for Telefónica Spain and has integrated them with more than 30 technologies. Telefónica Spain now utilises over 1,000 “digital workers” - believed by Blue Prism to be one of the biggest digital workforces in the world - and was recently awarded Blue Prism’s 2020 Pinnacle Award for its “groundbreaking achievements”. 52

DIGITAL BULLETIN

“We selected Blue Prism because we feel it has a very good product; it is flexible, it wants to evolve, and it is introducing several kinds of capabilities into the product that are very good for us,” says Magdalena. “But we are not just talking about a transactional relationship with Blue Prism, we are talking about a partnership. “Blue Prism is not a product provider. Instead it is here with us and it is evolving the product with us. It is working with us on a daily basis and it feels the challenges that we have. And with this evolution of the project, we also feel that we are part of their roadmap.” Telefónica Spain enjoys a similar dynamic with EY, which has been side-byside with Magdalena’s team throughout the programme as one of its vital systems integrators. EY has a rich expertise in technology consultancy, and offers deep insights into automation deployments augmented with the likes of artificial

TELEFร NICA SPAIN

EY has provided Telefรณnica Spain with a critical external vision for its intelligent automation programme

ISSUE 21

Are you automating intelligently? At EY, we work closely with clients like Telefรณnica to accelerate their digital transformation journeys and confront the challenges of today. We believe intelligent automation can help improve efficiency, open new growth opportunities and deliver a better customer experience. Discover how EY can help you.

CASE STUDY

intelligence (AI) and advanced analytics, or “intelligent automation”. For Telefónica Spain, EY provides the external vision so essential to a programme of this magnitude. It has been involved heavily in many aspects of the “greenfield” project, from identifying opportunities to the redesign of Telefónica Spain’s processes and the appraisal of the solutions put in place. Magdalena believes they are working as one. “We feel the capabilities EY has and the capabilities Telefonica has fit very well,”

DIGITAL BULLETIN

he explains. “EY understands the process and the capabilities, and I think that is very necessary to have that external vision. “They adapt for us, and we adapt for them. So we are really a team, and we are putting the capabilities of the two companies together for a common challenge. EY also has a clear bet in automation, so it has developed very good teams on the technological side, with very good people.” The results have been impressive. On top of the significant improvements Telefónica Spain has seen in its B2B division, Magdalena believes it has so far reduced time-of-operations in its B2C segment by around 10%. Across 6,000 agents, he says this represents major yields in volume and concurrency. Then

TELEFÓNICA SPAIN

there is the high level of service this has supported during COVID-19. But success is judged on a myriad of factors, not just by cold data. And Magdalena doesn’t shirk from the fact that there have been difficult days, trying periods. “Maybe today I am very happy with the programme, but I have to say to you that not every day in this journey has been so good. We have had bad days, and we have had bad results several times.” In order to keep perspective and to capture the overarching goals of the programme, Magdalena is guided by three principles that begin with sponsorship from those at the very top of the organisation. “This is a transformational programme in our company, so we need the support of our executive committee,” he says. “We

need dedicated resources, but it’s not only resources; we need leadership and an end-to-end vision of the process. “The next one is cultural change. Robotics, automation and all these kinds of concepts sound great, but not everybody thinks this is the way to do things. So we have to make sure that our people feel this is good for them. This is not only good for the results of the company, this is not just a financial programme - this is a programme that needs to enable a cultural change in our people.

ISSUE 21

CASE STUDY

“The third one is to make our people understand that this is a journey. This is a continuous improvement programme; we don’t feel that we are at the end of the programme, we feel that this is a continuous way to simplify things for Telefónica Spain.” As with any automation project, Magdalena’s second point regarding cultural transformation is especially relevant. His team has worked extensively with Telefónica Spain’s human resources and communications divisions to ensure a smooth integration between the new tools and the company’s workers. Things have and are changing, but Magdalena believes for the better. 58

DIGITAL BULLETIN

He stresses that humans still represent the lifeblood of the organisation, and that only by freeing its people up to do high value-add tasks is Telefónica Spain able to achieve its objectives. “It’s very important to understand that Telefónica is using these tools to have much more scalability, to have much more robustness in our platform. And this mix between human and digital workers is key for us,” Magdalena states. “The satisfaction of the employees is better than a couple of years ago. And that’s because they want to do the high value-add tasks. They don’t want to spend their time fighting with the systems. They now feel that they have a lot of

TELEFÓNICA SPAIN

capability to help the customers.” The step Magdalena plans to take next is to expand these capabilities across Telefónica Spain’s workforce, “reskilling” its employees to reach even greater heights. Ultimately he wants each part of the company to include staff who can work effectively with the technologies. “One of the main advantages of RPA and several technologies is flexibility. We don’t want to be in just the core IT area of Telefónica, we need to maximise the volume of the programme and put the knowledge in every area. There is a balance between expanding knowledge and controlling the impact, and we need to be flexible to understand

the needs of the business areas, but for us it’s critical.” ––– If you look back at José María ÁlvarezPallete’s words from June, there is a repeated focus on society. Spain’s society - its spirit, its economy, its infrastructure - has been stretched to the limit during the coronavirus pandemic. Telefónica is a huge part of, and plays a major role in, this society, so it has felt the full force of the virus in many ways. Looking forward, Magdalena is excited to see out Telefónica Spain’s B2C automation programme, to explore new areas for deployment - “the next big ones are in operations and in managing our field force” - and to discover more use cases for ISSUE 21

CASE STUDY

The customer is always at the centre of everything that we have done, and this customer obsession is critical for us. I’m very proud of that”

DIGITAL BULLETIN

TELEFÓNICA SPAIN

other solutions, such as virtual agents and advanced tools that tap AI and machine learning. He is also anticipating even closer collaborations with Blue Prism and EY as they take their highly-innovative work to a broader market. Yet all of this in the end feeds into one collective focus, which is supporting Spain’s society. The relationship between Telefónica Spain and its people has undoubtedly been challenged during COVID-19, but maybe the bond is now tighter than ever. Certainly from the company’s viewpoint, never has its dedication to customer service been greater. “Everybody in Telefónica works to connect the people, and to put the best services on the side of the customer. I feel that automation is a must to achieve this goal, and I think that the COVID-19 pandemic has shown us that.” He concludes: “In Telefónica, I have worked in a lot of areas and in a lot of geographies, so I think that I have a good understanding of the company. And I’m proud to work in a company like Telefonica because, for us, the main priority is the society in which we work. “The customer is always at the centre of everything that we have done, and this customer obsession is critical for us. I’m very proud of that.”

ISSUE 21

GLASSWALL

Breaking Bad: How CDR and ‘known good’ are delivering on the promise of file safety Premium thought leadership AUTHOR: Luke Robbertse, Head of Technology Operations, Glasswall

DIGITAL BULLETIN

LUKE ROBBERTSE

he way we open, share and collaborate on documents has changed forever and continues to evolve. Traditionally, email was the common platform for smaller files and FTP for larger. We now use an array of cloud sharing options like Dropbox, WeTransfer, Google Drive, OneDrive, and cloud object stores such as S3 or Blob. And that doesn’t even cover other collaboration tools like Slack or Microsoft Teams. Documents are more and more being transferred across networks and domains outside the email infrastructure. With the increased reliance on remote working, the need to safely transfer files from a public network to a more private network similarly increases. There has always been a need to evolve methods of defence against cyber threats, but as the amount of digital documents being transferred online for B2B, B2C and between individuals explodes, how should we now adapt to properly protect ourselves in the cloud? Simply layering one mousetrap onto another will deliver diminishing returns, so deploying complementary but contrasting technologies is the key. This is where CDR, an emerging

segment in the cyber security landscape, now offers a truly effective solution. For those who haven’t yet come across it, here’s a summary of what CDR - or Content Disarm & Reconstruction - does and how it meets the challenge. To start, let’s define the threat. Malicious software, or malware, is typically hidden within the content of a file. But not all content is malware. Without elaborating too much, there are four kinds of content: passive, safe active, unsafe active and exploitive. The first two are safe, the second two are forms of malware and are dangerous. Layered onto the structure of the threat is the speed at which new malware is created, morphes and evolves. Verizon estimates that new, unknown malware is created every 4.2 seconds. This is inherently problematic when the foundation upon which your defence is grounded relies on knowing, or more often guessing, whether content is malicious. To illustrate this point, let’s look at the well-known and established defence of antivirus (AV) and sandboxes. AV looks for patterns of data that have characteristics of known, unsafe, active or exploitive content. AV engines essentially look for ‘known bad’.

ISSUE 21

GLASSWALL

Detonation chambers, or sandboxes, attempt to detect malware by monitoring the behaviour of content when a file is opened or executed. They look for behaviours of malicious software, in other words ‘unknown bad’. CDR is the exact inverse of this methodology. Rather than trying to detect and block ‘known bad’, CDR focuses on reconstructing files to a safe state of ‘known good’ by creating a new and benign file. The leading CDR vendors do this in three ways: 64

DIGITAL BULLETIN

Deep-File Inspection: Reading the file into memory then inspecting the three distinct layers: Visual Content Layer – What users actually see when viewing or editing the file. The text and images on the page. Active Content Layer – Additional functionality in a file or program, such as Macros, JavaScript, embedded files or data connections. File Structure Layer – The framework within which the visual and active content is stored and managed.

LUKE ROBBERTSE

Rather than trying to detect and block ‘known bad’, CDR focuses on reconstructing files to a safe state of ‘known good’ by creating a new and benign file” Remediation: Remediation repairs a document’s structure, ensuring complete compliance with the specification set by the developer of that file type. For example, Adobe has an ISO 32000 specification that details all valid binary structures for PDF. Microsoft has its own specification for all legacy and binary Office file formats. Sanitisation: The removal of active content, mitigating the risk posed by unnecessary functional features in files. Controlled by policy, sanitisation allows users to get the document features they need and strips out the functions they don’t.

Further benefits of this approach are lighting fast reconstruction times, leading to seamless safety with no interruption to productivity. As file formats only change every few years, CDR also requires no patching or updates. And as files are regenerated rather than blocked, CDR doesn’t suffer from issues of false positives, the bane of every security professional’s life. CDR also has profound implications on the need for expensive, time-consuming and often ineffective security training. While security training in some form will always be an important part of an organisation’s strategy, by regenerating files to a safe standard, CDR greatly reduces the reliance on employees as the last line of defence. CDR allows them to focus on their jobs, without having to worry that the file they want to open is malicious. It’s time to stop making users the victims or culprits. After all, links are meant to be clicked, PDFs are meant to be opened and executables are meant to be run. CDR is not a displacement of training or traditional technologies as each has their own place and purpose, but it’s a completely different methodology, delivering true defence-in-depth. Everyone in an organisation has the same aim, from the board through ISSUE 21

GLASSWALL

In Gartner’s June 2020 Hype Report, CDR was highlighted as “an important layer in any organisation’s defencein-depth and content protection strategies”

the CISO and security teams, right down to the users: maximum security with minimum impact on productivity. More than any other technology, CDR delivers against this objective. At Glasswall, we know that CDR has a major role to play in protecting organisations from the threat of malicious files and documents. But we’re not alone. While governments and the intelligence community in particular have long touted CDR as a required security standard, in Gartner’s June 2020 Hype Report, 66

DIGITAL BULLETIN

CDR was highlighted as “an important layer in any organisation’s defencein-depth and content protection strategies”. Gartner also says “CDR can eliminate one of the most common infection vectors that is hard to deal with in other ways” and that it expects “CDR will ultimately be considered a best practice”. High praise indeed. ––– While validation and endorsement of CDR by organisations such as Gartner are important, the community of CDR vendors as a whole are also working

LUKE ROBBERTSE

together to raise awareness, educate the industry and build the market. At the 2020 Open Security Summit, there was a session titled â&#x20AC;&#x2DC;CDR: How to Collaborate and Increase Adoptionâ&#x20AC;&#x2122; where representatives from Glasswall, OPSWAT and ReSec discussed collaboration initiatives and promotion of CDR as a concept. The session can be watched here. Where can you get a feel for CDR and better understand how it can be implemented or integrated? Glasswall offers a variety of ways to test its technology:

- For individuals files, there is a free website where visitors can drop in a file and Glasswall returns the clean version with a report on how it was made safe. - As a developer, try out Rebuild API, which offers a test with the first 50 file requests free. - For larger organisations, consider the full range of solutions to help protect users and the business. This content was created in partnership with Glasswall. ISSUE 21

IT SERVICES

IN CONVERSATION WITH AGILE’S FOUNDING FATHER Tom Gilb has been making waves in technology for more than 60 years. Here, in a frank and fascinating interview, he talks to Digital Bulletin about creating agile working methods, the virtues of working for yourself and trying to stop World War Three

INTERVIEW: James Henderson

here can be few people who have influenced the world of technology for as many years as Tom Gilb. After talking his way into a job at IBM in the late 1950s as a freshfaced teenager, Gilb quickly rose to prominence, eschewing the comfort of a position at a technology powerhouse to go out on his own before he turned 20. Over the years, he has worked with some of the world’s leading companies, governments and charities to help them work more efficiently and effectively. He is probably best known for developing the Evo concept or the “evolutionary systems delivery”, as it is often known. It is widely considered to be the 68

DIGITAL BULLETIN

precursor to agile working methods, one of many topics that Gilb writes about vociferously today (he tells us that he has penned five books between our interview and time of publishing). He is not, it is fair to say, shy about making his opinions about how he feels agile has been misunderstood and misused. When Digital Bulletin learned that we might be able to speak to the man himself, we jumped at the chance. Over the course of an hour, Gilb held court from the porch of his water-front cabin in Norway, on agile, the golden age of technology, being appreciated in his own time and everything else besides. Enjoy...

TOM GILB

ISSUE 21

IT SERVICES

IBM really appealed to my altruistic instincts; its slogan at the time was “World Peace Through World Trade” and at the time after the Second World War that was something that attracted me” Tom Gilb You joined IBM in 1958 before you turned 18 – how does that happen? I just walked up to them because I knew they had fun little things called computers to play with. And I said, ‘Here I am, you lucky guys.’ And they said, ‘You look like a smart young man. You can start at the lowest rung of the ladder.’ And I had a job the next day with IBM. What was it that made you want to work with computers? We lived in Santa Monica, California until I was 15 and a half, and my 70

DIGITAL BULLETIN

parents had friends who messed with computers and I was also interested in amateur radio and building my own transmitters, which is what all the nerds did back then. My father was also an engineer with 100 patents in the United States, so it was always going to be the tech route for me. IBM really appealed to my altruistic instincts; its slogan at the time was “World Peace Through World Trade” and at the time after the Second World War that was something that attracted me, an altruistic company which had neat stuff to play with. What does a 17-year-old learn by working at IBM? Most of the youngest people who got jobs there were graduates, so they were still quite a few years older than me. I was literally put at the lowest rung, which meant I got to take out the carbon copy trash and count all of the board plugs into the warehouse. But I was floating around and what I discovered was that if I saw a group of people around one of the machines, they’re trying to solve a problem, I could walk up and listen for a while and I could volunteer to solve the problem, which was pretty cheeky since I didn’t even know what the problem was. I discovered that I could solve problems by

TOM GILB

using reasoning, logic and observation. I quickly got a reputation as the go-to man to solve problems, which took me one rung up the ladder.

about what I got up to for the rest of the week. They allowed me to teach myself about all of the machines and programming language.

It sounds like you were given a lot of freedom at IBM? I did, I had managers that gave me the freedom to do almost anything I wanted to do, and that was noticed by others who would ask why I was allowed to just play around and have fun. I was told that the answer was that I was so productive one day that they didnâ&#x20AC;&#x2122;t care

Is that something that as an industry is probably lost today? I canâ&#x20AC;&#x2122;t imagine many people are allowed to take up a position in the big tech companies and be given the creative freedom to tinker and learn from their mistakes Anybody can do it, but sometimes you have to do it on this side and do it at home. I think people have more freedom ISSUE 21

IT SERVICES

to learn what they want and do what they want and feel more constrained than they really are. There is a fear of losing a job, but it’s not one that I ever had. Many people in your position would have stayed with IBM for life, but you wanted to go out on your own, why? By 1960, I was suddenly running my own little consultancy. I went back to IBM for three more years later on in my career. But aside from those, the five years at IBM, I’ve been my own boss for all the last 60 years, or whatever it is, which has given me enormous freedom. Too many people sit in jobs they hate.

DIGITAL BULLETIN

That early period of consultancy was where you came up with the Evo concept? Yes, it was as early as that. I’d taken a job to set up a computer system with an IBM client, which I delivered in 20 steps, which was more automated and which worked and delivered to the customer - that’s my description of agile. Step-bystep, deliver value, lock it in and move to the next. I didn’t have a name for it, I didn’t learn it. My intuition said all this technology is very complex, even IBM - delivering the machines - has no experience and doesn’t know what they’re doing. There’s nobody to teach you.

TOM GILB

From day one of the agile manifesto, it’s been a corrupted version. I have always been clear that it’s the delivery of value at each step which counts. But that part about delivery of value has fallen by the wayside, it’s not even mentioned” It’s like walking in the dark, you’ve got to tread very cautiously and make sure you’re taking everything step-bystep. I did that and it was successful and that immediately taught me that agile is successful. All agile from that point on was always step-by-step. I could always compare myself to other projects where they did ‘big bang waterfall’ and fell flat on their faces and failed in many, many cases. I said, ‘Okay, you want to avoid failure? Do it step-by-step’. Agile is a method that is still around today and is going through something of a boom currently, how do you reflect on that? From day one of the agile manifesto, it’s been a corrupted version. I have always been clear that it’s the delivery of value at each step which counts. But that part about delivery of value

has fallen by the wayside, it’s not even mentioned. Now it’s about delivering working code, which in their mind is value, but you can deliver code without delivering value to stakeholders and you can also deliver value without delivering code, which has been completely forgotten. I call it agile, the coding version. And then I have my agile, as it should be, which is focusing on delivering value to stakeholders - verbal value. And I’m still fighting that business. And I’m still a minority weird person who irritates people, talking about engineering a system rather than programming a system. Is that an argument you believe you can win? I have turned around very large organisations, the likes of Boeing, Hewlett Packard, Intel, Ericsson, and a lot more besides. I’m talking about 20,000 engiISSUE 21

IT SERVICES

neers at Intel, so I’ve already done my conversions with those who were ready to be converted. And you notice all of those were engineering cultures. They were not IT cultures. It’s an easy win, I give them a better way of engineering their software and they’re ready for it. We have a culture in IT where people are looking for the latest fashion but they don’t take any responsibility for the success or failure of their projects – it’s unethical and immoral and it should be illegal. We have a whole culture that doesn’t care very much and therefore 74

DIGITAL BULLETIN

they’re not going to jump in and adopt my ideas. But I have a thing, if you look at history, a lot of people have laid down ideas a long time ago. Let’s go back to the Greek philosophers, they’re famous today for their ideas and people use them and teach them. So, I’m sort of hoping that I’ve probably done what I can do in the receptive world, the engineering world, but these IT people probably won’t sort them out in my lifetime, there’s no hope of that happening in the next 50 years.

TOM GILB

maybe in 100 years. Some people won’t accept it today, but it’s there for future generations. I don’t have the money and the glory today but I like to think I’ve done my bit.

But that’s why I write five books every summer about knowledge, education and engineering. You started writing books 50 years ago and have been prolific since. What is your motivation for doing so? My father loved to publish patents and my mother was a playwright and actress, so I think I probably got some of that. I love to sit down and write because when you do that well you know that it can be shared with a million people, maybe not this year or next, but

You have seen the world pivot from the pre-internet age to one where everything is interconnected. How have you found what has been a huge transition? It’s been amazing and means the poorest person can get access to knowledge. I think what it does is accelerate the speed at which we change. There will be some bad because bad people will use good ideas to fight against you and you can’t stop that without just turning off all the knowledge. It means things like I can publish five books that I wrote last summer and give them away for free. And I just hope they get in the hands of just one good person who will spread it even better than I can, because they can popularise it better than I can or something like that. I’m not somebody who is going to care if someone steals my ideas or sue them, I’m going to clap them. It is important that ideas are free and freely available. When something is digitalised, it is very difficult to kill off, it’s in someone’s computer or a library. And then people will ultimately choose ideas that work well for them. And I’m hoping my ideas ISSUE 21

IT SERVICES

My father on his tombstone has his name and ‘Inventor’, that’s how he wanted to be remembered. So, something similar for me, maybe I’d go for ‘Creatively Helpful’”

DIGITAL BULLETIN

TOM GILB

are in that class. There’s an awful lot of stuff out there that is at least in agile, which frankly doesn’t work, won’t work, can’t work, has no hope, but people insist on mucking with it. As a one-man band, what are some of the lessons you’ve learnt along the way? I’ve never bid on a project, I’ve always been invited. When you’re invited to work on a project it means there is a need and a hope that your ideas can be adopted. If you knock on a door then the chances are that they’re not ready. Also, being a loner has allowed me to build up my reputation and opened doors to opportunities. I like to do volunteer work for charities but I’ve also given my time to Ministries of Defence in three countries, which might seem strange from a conscientious objector. But I do so because I hate the thought of a third World War happening because of poor planning. And by doing that work for free it means that they don’t have to go through all of the bureaucracy of signing me up as a contractor. Are we living through a golden age of technology or is that recency bias? If you look over the last 100 years, we’ve had enormous technological leaps, even

before computers were widespread. Whether it is recency bias, who cares? What we are living through is really exciting. At 80, I’m hoping to live to 100 or 110 just so I can see what is going to happen. It is going to be fun. Is it possible for you to switch off from technology? My wife would say that I never do, and that I’m always on the computer. When I’m in London I like to go to a concert, ballet or play every night of the week, so that is how I get away from it. I also read about 35 books a year, half fiction and half non-fiction. I also consume a huge amount of history television, from aliens to the Second World War and science, it is amazing what is on public television. I also have many children and grandchildren so I have a rich family life, which is another way of enjoying life. My cabin in Norway also helps, if I’m pondering a page of a book I can look up and see a sailing ship go by. So, I have a large number of ways to relax and I use them all. How would you like to be remembered? My father on his tombstone has his name and ‘Inventor’, that’s how he wanted to be remembered. So, something similar for me, maybe I’d go for ‘Creatively Helpful’. ISSUE 21

DATA INTELLIGENCE

DRIVEN BY HUMANS Is artificial intelligence the future or our present? Matt Jones, Data Science Strategist at Tessella, speaks to Digital Bulletin about data bias and governance, the challenge of using AI at scale and its role as a digital accelerator

AUTHOR: Beatriz Valero de Urquia

lthough artificial intelligence (AI) might seem like the future frontier; it’s a present reality. For many organisations, it’s already a reliable source of income. According to Gartner’s 2019 CIO Agenda survey, the proportion of companies that deployed AI between 2018 and 2019, grew from 4% to 14%. However, AI opens as many opportunities as it creates challenges. With the growing use of AI and machine learning (ML) technologies by enterprises, there is also growing concern regarding data bias, providence and regulations. 78

DIGITAL BULLETIN

Moreover, COVID-19 has created a huge demand for AI tools, accelerating the need for solutions for these issues. Tessella is one of the companies providing answers, utilising its 40 years of data science expertise for this purpose. An international data science consulting services company based in Oxfordshire, it was acquired by Altran in 2013 and is now part of Capgemini. Some of its most famous projects include the European Space Agency’s Solar Orbiter and the University of Oxford’s real-time Ebola tracking map.

TESSELLA

ISSUE 21

DATA INTELLIGENCE

When the machine gets it wrong, people are very quick to point the finger at the AI” Matt Jones

DIGITAL BULLETIN

Matt Jones, Data Science Strategist at Tessella, tells Digital Bulletin what attracted him to join this company from GSK in 2014: “I was actually a client and I was constantly impressed by the people there. I also recognised at that time how important data science, AI and analytics was becoming to us at GSK, but also the general marketplace, and I wanted to be a part of that.” As a Data Science Strategist, Jones helps Tessella’s clients undergo digital transformations using AI and data analytics. “What Tessella is all about is building expert systems for engineers and scientists to use, and a lot of this is acquiring value for data,” Jones says. Data is incredibly valuable and holds immense power. However, part of Jones’ role is also to make sure that this data is being used responsibly and keep AI tools from inheriting human biases. “I do note, particularly when I’m reading the press that, when the machine gets it wrong, people are very quick to point the finger at the AI,” Jones reflects. The American COMPAS (Correctional Offender Management Profiling for Alternative Sanctions) system and Amazon’s CV screening tool are two recent examples of this. COMPAS was criticised because of its tendency to label Black people as being more likely to commit a second criminal offence,

TESSELLA

while Amazon’s CV screening tool often recommended male CVs for technical roles over similar female ones. “In all these cases, the machine did exactly what is designed and trained to do,” Jones says. “The machine doesn’t know what racism is. It inherited its bias from the humans that built it.” To avoid data bias, it is necessary to make sure that the data used to train AI reflects the real world. Moreover, the data has to be obtained from reliable sources to be accurate and representative. “If the data doesn’t come from a secure and proven source, then it shouldn’t be used,” Jones states. This is where data providence comes into play. Data providence refers to the historical record of data, and it’s used to verify

its origin and use. Some of the most common ways of keeping track of data providence are blockchain, workflow capture and auditing. “I thoroughly believe you need to understand where your data is coming from,” Jones says. “And you have to have confidence that it’s been collected, it’s been sourced, it’s been manipulated responsibly.” Unfortunately, this is not always the case. One recent example would be Clearview AI. This facial recognition AI was trained from a database of more than three billion images taken from the internet. After a security breach, the company’s database and list of clients were exposed, revealing that the AI had been used by retailers, police forces, and even individuals. ISSUE 21

DATA INTELLIGENCE

Avoiding situations like this one is the aim of governance models. Although most countries don’t yet have specific laws and regulations to the use of AI, the need for them has been a constant topic of discussion in international organisations such as the EU and the UN. In Jones’ view, the implementation of AI governance has little to no cons. “I don’t understand why you would not have IT governance,” he says. “If you don’t have a governance model, then the introduction of any new technology, particularly 82

DIGITAL BULLETIN

something like AI, can be chaotic and potentially undermine any benefits.” The need for AI governance is more pressing now than ever, as COVID-19 has drastically accelerated the use of this technology. “We’re making years of progress in months, and AI is at the centre of that”, Jones states. However, Jones warns that AI “don’t add any value unless it’s being used”. And, more often than not, designing a model is much easier than implementing it, particularly when scaling it.

TESSELLA

If you don’t have a governance model, then the introduction of any new technology, particularly something like AI, can be chaotic and potentially undermine any benefits”

Over recent years, Tessella has worked with many clients which have struggled precisely with this step. They have built internal data science capabilities and teams that have developed promising proofs of concept. However, they still fail to see any respectable ROI out of it. Jones is familiar with this scenario and likes to call it “being trapped in a proof of concept purgatory.” There are several roads that lead to this “purgatory”, including a lack of communication between software engineers and

data scientists, or companies’ tendency to get lost in the possibilities that AI provides, instead of solving specific business’ problems. “For any AI model to be useful, it has to be wrapped in useful software,” Jones explains. “When I talk to clients, I ask them to avoid scenarios where we want to see what we can do with the data. That’s a great academic exercise. But what I would want them to do is identify the business’ needs first, the challenges the business has first, and ISSUE 21

DATA INTELLIGENCE

then get the data, look at the data and understand what they can do with it to prove value, and then build a proof of concept and move it forward.” Another way out of this “purgatory” is to include people in these AI teams that understand both the data and the business needs and can mediate between both teams. Jones calls them “translators”. By doing these two things, prioritising business needs and ensuring accurate communication between teams, companies can utilise the full potential of AI as a digital acceleration and leader in digital R&D. “Modern AI is now taking the lead in designing and delivering new products and services into markets,” Jones says. “From product research and develop-

ment to manufacturing, but also sales, delivery, logistics, and supporting these products once out there.” For example, in the manufacturing sector, AI drastically reduces costs by creating models in clay that can be easily tested, and even make suggestions of candidate products or formulations. RPA (robotic process automation) is also growing bigger by the minute. RPA allows for the automation of many manual tasks which are tedious and ‘data-centric’ such as insurance claims, through the use of image analysis. However, in current times one of the most demanded uses of AI is in the healthcare industry, to which Tessella is no stranger. In 2015, the company participated in a project alongside the University of Oxford that used data analytics to

Data analytics was used to track the spread of Ebola in 2015 84

DIGITAL BULLETIN

TESSELLA

It’s a technology that has a future, of course, but it’s very very now” predict the spread of Ebola. The resulting AI could analyse social media data to generate maps that showed real-time maps of the disease spread. The most fascinating aspect of this project was, however, the trust aspect. “If the AI didn’t know then it wouldn’t present a guess as an answer,” Jones explains. “Epidemiologists were confident that it was never going to present misinformation, and that increased their level of trust in the AI.” Although AI has incredible potential, it is not always the perfect solution. A key to successfully utilise AI is to know how to combine it with traditional tools. “The ESA’s Solar Orbiter is a perfect example of choosing the right tools for the right job in hand,” James says. The most interesting tool that Tessella developed for the ESA’s Solar Orbiter was the Altitude and Orbital Control Systems (ACOS). This tool was used to automatically calculate the distance between the aircraft and the Sun, which could not deviate more than six degrees - any more would

mean the spacecraft was destroyed. To do so, Tessella combined AI with classical physics and statistics. Although AI might not be the solution for everything, its rise to prominence has been rapid, meaning Jones refuses to consider it a ‘future’ technology. “AI is fairly ubiquitous in everything that we do,” he says. “If it’s got a screen on it, then it’s got AI, most likely. It’s a technology that has a future, of course, but it’s very very now”. If AI’s present is exciting, its future is even more promising. Jones believes that, in the next five years, AI will become central to our daily lives, from personal assistance to healthcare, as well as in city and resource-management. However, although AI is an incredibly powerful tool, it’s also just that. It’s power lies in its correct use and application. AI will be a tremendous digital accelerator, but there needs to be governance that regulates it and ensures its accuracy. “It’s like a hammer,” Jones says. “It’s all driven by humans.” ISSUE 21

SECURITY

HOW TO BUILD EFFECTIVE DEVSECOPS Each month, Digital Bulletin picks the brains of experts in a particular sector of the technology world. In this issue, we ask: What steps must companies take to successfully transition from a DevOps mentality to a DevSecOps mindset?

DIGITAL BULLETIN

DEBATE

“ Championing security is hugely important” Derek Weeks, VP and DevOps Advocate, Sonatype

If an organisation already has a mature DevOps practice in place, they probably have a lot of the “Sec” element of DevSecOps built in. The two shouldn’t be considered separate development practices. DevSecOps is simply DevOps with security introduced into the software development lifecycle earlier and maintained throughout to enable faster feedback loops. Security should be invisible and already a part of what every developer does on a daily basis. The most important thing is building more secure software by introducing security information sooner to developers, and also enabling operations teams to respond rapidly to newly discovered vulnerabilities. Avoid rookie mistakes. This all begins by ensuring that development and security are talking to each other. Too often, organisations that want to practice DevSecOps focus solely on what tools should be adopted and the practitioners themselves do not usually make even those decisions. There is no conversation about culture and technique, which are the critical components to any

DevSecOps practice. A better approach is to champion changes with multiple stakeholders - from all levels of the organisational chart. This gives all participants the ability to share their goals, and provide important insight into the varying expertise necessary to produce quality. Currently, most organisations have a 100:10:1 problem. For every 100 developers there are 10 in operations, and just one person in security. This creates a massive resourcing issue for any organisation, large or small. Without sufficient security resources working with teams practicing DevSecOps, security organisations may be seen in a negative light - this issue needs to be addressed from day one. Name a security champion. Security professionals need to be integrated into the process from the beginning. Especially when it comes to communicating change. DevSecOps is ultimately about people. People define the technique and tools that enable execution. Include everyone in your transformation because that’s the only way to knock down yesterday’s silos and introduce a collaborative future. Create a security champion role - or use a more inclusive term like “DevSecOps Champion”. This person should be involved in the day-to-day development of new product features, ideally someone ISSUE 21

SECURITY

in the trenches with an interest in security and good communication skills. This person should be given instructor-led or computer-based training to hone their skills on secure development practices, such as understanding of the OWASP Top 10 (and how to demonstrate exploitation). They should be able to assist as a security thought leader and bring understanding to the security issues the team will encounter as they develop software. This person ultimately becomes an on-the-ground security leader on the team. If any security questions such as vulnerability scan results, or the validity of false positives arise, they’ll be in the trenches with the information to help out. Starting small yields better results. Even though a development team that is already practicing DevOps has a leg up on those that aren’t, it’s still important to start small. Introducing too many new concepts may create friction. This is why a champion is important. They help guide the process. Start by automating your builds and introducing security controls which don’t create delays in the flow of your application, from ideation to distribution. Think of the first month as an observation phase - when integrating any security controls so teams can see the effect it has on the software development lifecycle, and work together and iterate to remove waste. 88

DIGITAL BULLETIN

“ Spread the security load” Dror Davidoff, Co-Founder and CEO of Aqua Security

The potential for cloud native development and deployment models to revolutionise security is vast. However, these technologies will only reach their potential if they are properly implemented. The main priority for CISOs should be to develop and implement both a culture and a strategy to proactively address security requirements throughout DevOps, in other words to create a DevSecOps mindset.

DEBATE

There is â&#x20AC;&#x2DC;no one size fits allâ&#x20AC;&#x2122; approach and each organisation will handle this process differently. The most important transition is to create a shared mindset. The cloud provider or the security team can no longer be left to manage security alone, the responsibility cannot be solely theirs. Instead, CISOs should focus on creating a culture and strategy to address security requirements throughout DevOps. The old DevOps approach whereby security was an add-on or afterthought slowed processes down and created barriers that delayed applications from moving from development to live. This process was in place because that is how development teams had grown over time and security was considered

The old DevOps approach whereby security was an add-on or afterthought slowed processes down and created barriers that delayed applications from moving from development to liveâ&#x20AC;? as a separate team. When there is no culture of shared responsibility, each team simply works to meet their own goals. However, repositioning these responsibilities into one unified workflow, a DevSecOps process, will revolutionise these processes. An important step in creating this unified team is for leaders to take some time to retrain their teams and inform and educate them on these new processes. It can be tempting to just implement changes without taking the time to involve your employees along the way because it saves time. However, it is much more effective if employees are given the time to understand the changes and ask questions along the way. ISSUE 21

SECURITY

Indeed, taking the time to educate developers about cybersecurity can help to avoid situations whereby malicious code is being deployed. The result of this is that IT teams can pass on some of the responsibility to the developers, giving them more time to deal with other problems. This also gives the development team some control over their own deadlines and workflows by being able to analyse the cybersecurity risks themselves. 90

DIGITAL BULLETIN

Successful transitioning from a DevOps mentality to a DevSecOps mindset relies on the ability of the CISO to engage and educate the teams so that they are all truly on board with the new approach. Doing this will create a unified environment where a DevSecOps mindset will be able to support and implement cloud native development and deployment models to the highest standard.

DEBATE

“ Security is an enabler” Matias Madou, Co-founder and CTO, Secure Code Warrior

Security is repeatedly overlooked at the beginning of the software development lifecycle, and it’s no wonder - security experts are rare, and are, on average, outnumbered by developers at a ratio of 100 to one. It is often the case that security and development are misaligned, with security highlighting vulnerable code, but offering solutions that don’t fit within the developer’s IT stack. As a consequence of not being equipped with the knowledge and practical solutions required to remediate vulnerable code, developers are likely to repeat similar mistakes in the future, and the ongoing creation of compromised code continues indefinitely. To resolve this, we need to rethink the methodologies we use to create software, and recognise that DevOps doesn’t move the needle far enough. Security should be at the forefront, and developers are key to its success. This is where DevSecOps comes in. DevSecOps can only be successful when

you adopt a start-left mindset, whereby the approach to security is consistent and proactive, influencing every single line of code the engineers write from the start of the development process, rather than later in the delivery pipeline at increased risk and cost to the business. It is not always easy to encourage developers to start prioritising security, especially with the assumption that doing so will take them away from the task they love most: building features. However, there are many reasons to empower developers to put security first when writing code. One is that coding securely will get faster over time, and reduce rework, as there will be fewer security bugs requiring remediation. Another is that when a developer takes the necessary steps to become security-aware, they stand out as a more efficient member of the team. They can ultimately write a higher standard of code that is free of common security bugs, taking the pressure off stretched AppSec specialists who are bogged down with highlighting these recurring vulnerabilities. Additionally, they become instrumental in protecting their employer from cyberattacks and data breaches, and in a wider sense, become a more sought-after developer, opening themselves up for more prestigious and lucrative job opportunities. ISSUE 21

SECURITY

DevSecOps can only be successful when you adopt a start-left mindset, whereby the approach to security is consistent and proactive, influencing every single line of code the engineers write from the start of the development processâ&#x20AC;? However, you are not likely to change a developerâ&#x20AC;&#x2122;s mindset with traditional teaching methods like classroom-based training, or hours of videos irrelevant to their day jobs. In order to captivate their attention, and demonstrate how security can seamlessly fit into their current coding practises, they must be given the opportunity to get hands-on, learn by doing, and receive dynamic exercises that mimic the code they would actually see. One successful way of doing this is through hyper-relevant gamified learning platforms that are integrated with day-to-day tasks. If the developer is actively led through how coding and security can be combined into the same offering, without taking them away from their job, they are more likely to continue best practise in the future. Finally, when running automated security tests on code, efficiency should be key. If a suite of tests takes longer than five minutes, they should be 92

DIGITAL BULLETIN

parallelised, and only the most important elements should be completed. If there are simply too many to run in five minutes, even parallelised, then run the less critical tests overnight. Developer time is limited and it is important that when integrating security into their processes, you are not eating into their time. Take the time to find out how developers work, and incorporate security offerings such as training and automated processes into their schedule. Ultimately, security should be an enabler, not a blocker. Developers need to be encouraged to integrate security into their own work, and stand tall as an important component of a successful DevSecOps process. It is only through strategically introducing security through engaging, hyper-relevant learning tools and demonstrating the value it has for both the business and a developerâ&#x20AC;&#x2122;s own progression that you can change traditional coding methods for the better.

DEBATE

“ Working in silos no longer effective” Jon Thomas, Senior Director, Product Management, BMC

As businesses have increased their digital transformation initiatives, DevOps adoption has accelerated across industries while existing attack surfaces have grown from local code to pipeline code. Security requirements have expanded right along with them, making it more important than ever to create a comprehensive security presence - one that automatically senses, detects, reacts, and responds to access requests, authentication needs, and outside and inside threats, and meets regulatory requirements. An adaptive cybersecurity stance that incorporates a DevSecOps approach can help. Adaptive cybersecurity is one of the tenets of the autonomous digital enterprise, a future state of business that empowers companies to evolve their operations to survive and thrive in the midst of persistent disruption. To meet that persistent disruption head on, maintain security requirements, and handle the rapid acceleration of DevOps, it’s no longer sufficient to have

DevOps and security teams working in silos. Instead, security practices should be integrated directly within the DevOps process to create a united DevSecOps. DevOps enhances and streamlines software development, allowing apps to be developed and deployed at a much quicker rate. It therefore makes sense to bring security into that development process up front with a DevSecOps ISSUE 21

SECURITY

Adaptive cybersecurity is one of the tenets of the autonomous digital enterprise, a future state of business that empowers companies”

functionality that runs security tests on applications before deployment and production. This will support not just security teams, but IT operations (ITOps) teams as well. This is especially relevant in an increasingly agile culture as it expands on the idea of cross-discipline teams, integrating everyone involved in key security policies into business processes so 94

DIGITAL BULLETIN

more secure software can be deployed from day one. To successfully transition towards a DevSecOps mindset, businesses should: – Start to view security “as code.” – Build and segregate an AppSec team from core development while fostering best-practice secure coding principles and constant collaboration between them and InfoSec teams.

DEBATE

– Enable objective audits. – Include secure code, build, integration, and delivery in every DevOps step. –P romote secure design patterns and principles and continuous code inspection from inception to product among developers. – I nclude extensive automated testing as part of the DevOps pipeline. By embedding application security

into DevOps functions to create a new DevSecOps functionality, businesses can improve security measures, find and resolve vulnerabilities early in the development cycle, and automate the review of code. The new, secure, integrated processes will boost agility and speed for all teams involved and enhance collaboration and communication across the business. ISSUE 21

FUTURE

FLYING THE UK’S QUANTUM FLAG Tucked away in the UK’s ‘Silicon Fen’, Cambridge Quantum Computing is playing a leading role in helping spearhead a second industrial revolution. Its founder and CEO, Ilyas Khan speaks exclusively to Digital Bulletin about quantum’s trajectory and competing with technology’s biggest companies

AUTHOR: James Henderson

he English county of Cambridgeshire is best known for its worldclass university, a true global centre of learning with a lineage that dates back hundreds of years. But over the last decade, Cambridge and its surrounding areas has morphed into one of Europe’s most important technology centres attracting high and future tech businesses, particularly in the areas of software, electronics and biotechnology. This evolution has led to the area being dubbed the ‘Silicon Fen’ and is home to Cambridge Quantum Computing (CQC) - a small company making 96

DIGITAL BULLETIN

a huge impact in the world of quantum computing, rubbing shoulders with some of the biggest names in technology. The business develops architecture-agnostic, enterprise quantum solutions to tackle some of industry’s most intriguing challenges in quantum chemistry, quantum machine learning, quantum cybersecurity and quantum software. It is a business led by Ilyas Khan, a man who knows the area well, having

CAMBRIDGE QUANTUM COMPUTING

ISSUE 21

FUTURE

been instrumental in the Accelerate Cambridge programme of investment in early stage Cambridge-based technology sector companies. At the same time, he was the founding Chairman of The Stephen Hawking Foundation. It was this role that he credits with capturing his attention to the vast potential of quantum computing. Khan was weighing up his options, including semi-retirement, when Hawking said quantum computing was “the real deal”. As endorsements go, it doesn’t get much better than that. After careful consideration, CQC was born. Much has been written in recent years about quantum computing and its promise to change the world for the better, but without working in the epicentre of the 98

DIGITAL BULLETIN

sector it can be difficult to get a real feel for how realistic those promises are or when they might happen. Khan draws comparisons with two technologies we now take for granted when explaining where quantum commuting is in its journey. “If you think of classical computing, quantum computing is in a similar situation to when the original operating systems were beginning to be developed,” he tells Digital Bulletin. “Prior to operating systems, you had cadres of people who had to go into machines and work on bespoke programmes. But then came generic operating systems that allowed you to build applications on top. We are in those early stages of those generic operating systems coming through.

CAMBRIDGE QUANTUM COMPUTING

“I also liken where we are with quantum computing to mobile phones in the 1980s. The day the mobile phone arrived wasn’t the first day that sector existed; people had been working for years on networks, chipsets, handsets and programmes so that the first time someone pressed a button on a phone it could make a call.” CQC sees itself as being integral to that burgeoning quantum computing ecosystem that Khan believes will be responsible for some of society’s next major leaps in science, healthcare and industry. Pondering the potential timeframes for some of quantum computing’s major breakthroughs, he says: “Late last year, Google did an experiment in what it describes as quantum supremacy, and the reason it was excited was because it had potentially found a way to extract maximum randomness from a quantum computer. That maximal randomness is a widely anticipated use case that I think will happen in the short term in a number of use cases such as encryption and Monte Carlo simulations.” Computational chemistry has, to all intents and purposes, remained unchanged for a number of years, frustrating academics and researchers in a number of areas, perhaps most importantly healthcare where traditional computational methods have frustrated

If you think of classical computing, quantum computing is in a similar situation to when the original operating systems were beginning to be developed” Ilyas Khan

ISSUE 21

FUTURE

efforts for drug development and treatments. But Khan believes that there is evidence we could see a significant sea change in the near future. “A computer runs out of computational power when you get to any structure with more than a few electrons in the atomic structure,” he says. “There are many reasons for that and it has been known for decades, the idea of a quantum computer came about when people

started realising that if you had a quantum computer you could simulate these systems and know what the properties are of a particular new material.” “Today, we stand on the cusp of having machines that can do that. Over the last few months - and this has nothing to do with COVID - we are seeing large corporations that know more than you or I beginning to migrate to using quantum computers for research into these areas.

A STARTUP STAR In July, CQC became the startup-based hub in the IBM Q Network. As a hub, CQC will expand membership of the network with cloud-based access to the IBM Quantum Computation Center, which now includes 20 of the most-advanced quantum computers commercially available to explore practical applications for business and science, including eight systems with a Quantum Volume of 32, and a 53-qubit system – the largest available for clients in the industry. It is a further strengthening of the ties between the two companies; CQC was part of the founding group of startups in the IBM Q Network’s startup programme, announced in 2018. IBM invested in CQC in January of 2020, and 100

DIGITAL BULLETIN

now have further deepened the relationship by becoming the first startup hub. “There aren’t many companies with more expertise in quantum computing than IBM,” says Ilyas Khan. “For IBM to decide to invest in CQC is a validation that we really value a great deal, perhaps even more than the money itself, because it means somebody who knows about computational computers was willing to back that judgment with an investment. “It’s something we’re hugely proud of to have shareholders like IBM, Honeywell and [Japanese multinational] JSR. They’re not companies that will choose to align and work with any business or because they see an element of potential. It is a real validation of what we’re doing.”

CAMBRIDGE QUANTUM COMPUTING

Previously they were interested but there was no proof that this could be useful to them. These are big companies that have to justify costs and for the first time ever they are interested in quantum computers for simulating quantum systems. “How many years are we from a realworld breakthrough? People are cautious about being quoted in the public because they don’t want to look silly, which is why there are overly conservative estimates. But actually, we’re at the cusp where we’re no longer decades away. If you have a one year old, before he or she

sits her 11+, and maybe earlier, quantum computers will have supplanted all classical computational chemistry. That’s not just revolutionary, this changes mankind for the better.” CQC’s company’s expertise can be broadly separated into two areas - security and software. Its software headline act is ‘t|ket⟩’, an architecture agnostic quantum software stack and compiler, which translates machine independent algorithms into executable circuits, optimising for physical qubit layout whilst reducing the number of required operations. ISSUE 21

101

FUTURE

In terms of quantum languages, CQC is competing with the likes of Qiskit, developed by IBM Research; Circ, developed by Google AI Quantum Team; and Q#, developed by Arthur Whitney and commercialised by Kx Systems. “We looked at the machines and recognised how important it is to maximise the value from one machine, and you do that by allowing the machine to process instructions in a manner which maximises the shot you get,” says Khan. “Every time you look at a quantum computer instruction, how likely is it that the machine itself has a chance of getting to the end of its compute time and getting you a result? So, it is about optimising the existing hardware. “The second thing at the other end of the scale is that if you are a company - and the most obvious users of these machines are large global companies they’re not going to have many people that are qualified in quantum computing, because it is a really small set. You want to make it easier for them and help them access a computer using existing languages that are in use today - Python is a good example. “Between those two extremes, how do you get the best out of the machine and allow a potential user to access quantum without them fainting or giving up because they think it is just gobbledygook, because quantum is wholly different 102

DIGITAL BULLETIN

from classical? It was that problem we solved with t|ket⟩ by getting something into the market earlier by solving those two problems.” CQC has also built a photonic quantum device – IronBridge – to provide unhackable security that is certified by the laws of quantum mechanics. CQC says it is the only encryption device that ensures device independence and source certifiability to be used for post-quantum encryption algorithms, cached entropy generation for IoT devices, key generation for certificates, quantum watermarking and many other use cases. Khan believes that CQC’s ability to punch above its weight is down to its

CAMBRIDGE QUANTUM COMPUTING

The UK has an objective and ambition to be the leader or one of the leaders in quantum computing and we really feel as if we are flying the flag”

lazer focus on science. “We’ve got as good a team in numbers and in the quality of anybody out there that is operating in the same area as us,” he says. “I’m not going to compete with the hardware guys, they are different and have dozens of engineers. But our strength is on the 80 scientists we have in the business, 50 of whom have PhDs - that is a huge statement of intent.” As our conversation draws to a close, Khan is keen to stress how important he considers the company’s UK base; it is clear that he sees CQC’s position as a successful UK startup in the quantum computing space as part of the company’s fabric.

“The UK has an objective and ambition to be the leader or one of the leaders in quantum computing and we really feel as if we are flying the flag,” Khan concludes. “It’s a real opportunity to compete with the United States, Germany and China, all of which have committed to a quantum future. Germany has stated that the next industrial revolution for the country and its economic wellbeing is linked to its success in quantum. “The UK was fortunate enough to be at the forefront of the first industrial revolution and the impact that had on people’s lives. With quantum computing, I really believe the country has a chance to do that again and be a leader.” ISSUE 21

103

A LIFE IN TECH

This monthâ&#x20AC;&#x2122;s helping of tech wisdom comes from Gary LaFever, Co-Founder, CEO and General Counsel at Anonos. LaFever has a proven computer science and legal background having previously been a partner at the international law firm of Hogan Lovells and former Management Information Consultant at Accenture. He has over 30 yearsâ&#x20AC;&#x2122; of technical and legal policy expertise that enables him to approach data privacy and security issues from both perspectives

104

DIGITAL BULLETIN

GARY LAFEVER

would describe myself as a technical lawyer desiring positive change.

Technology literally can change people’s lives - for the better or for the worse. The first is clearly preferred over the second, however, they are both better than just “talking about change. My first role with Accenture taught me how powerfully software can automate manual processes making things more efficient. My training as a technology lawyer after leaving Accenture taught me that this efficiency must be balanced against equity, since the most efficient way to solve problems is not necessarily the best way when other considerations are taken into account.

over time and most technologists don’t understand the law and most lawyers don’t understand technology and it would be a good idea to have people that can “speak both languages.” Big data is defined to mean increasing volume, variety and velocity of data. In my experience, volume and velocity simply mean “faster data.” It is the increasing variety of data that enables you to see situations (e.g., financial opportunities and threats) from multiple perspectives to better anticipate, understand, embrace and/or avoid the likely results. Technology left unchecked will almost always do more harm than good. So yes, there is a moral obligation to evaluate the good and the bad that technology can enable.

My freshman computer science teacher in college was a real influence. I reached out to him after graduating from college and working with Accenture for several years about the “wisdom” of leaving the workforce to go back to school to get a law degree.

Almost always, the same, or close to the same, result can be achieved in more than one way so the evaluation of both the positive and negative impacts of different approaches should be part of the decision-making process which way to proceed.

He said that he thought it was a fantastic idea because legal issues related to technology would only grow

AI will be the most important challenge to the ethical use of data over the next several decades. It must be viewed as ISSUE 21

105

A LIFE IN TECH

a means to an end - never as an end itself - and always managed so that it does not take over the projects and directions for which it was introduced to advance. Starting Anonos with the hope that it would be possible to reconcile what most had considered irreconcilable simultaneously protecting privacy and maximising utility - and proving that it could be done is what I consider to be the greatest achievement of my career. 106

DIGITAL BULLETIN

Iâ&#x20AC;&#x2122;ve been asked if I have mixed feelings about selling a business I co-founded to NASDAQ and the answer is all positive feelings. NASDAQ provided the platform to share the technology we developed in over a hundred markets around the globe, enabling greater real-time control over systemic risk to financial markets. For a business to be an attractive proposition to would-be acquirers, it must be profitable and enable the

GARY LAFEVER

challenged personal and professional assumptions and accelerated trends like digitisation, working from home, etc, which are healthy. As a result, I view the “natural” impact of the pandemic as more balanced than senseless “man-made” things like wars, prejudice and injustice. In a world dominated by tech, I am very fortunate to live on 35 acres in Colorado, so I just walk out the door and “drink it in.”

acquirer to achieve both their monetary and non-monetary goals. The one piece of advice I would give to aspiring technologists is not to get too enamored with what can be done with technology - why is the more relevant question. The global loss of life, physical suffering and dislocation from the pandemic is horrific. However, it has

Anonos is going to change the world for the better by reconciling the supposed conflict between data privacy and data value so that organisations can pursue their objectives in a way that is not at the expense of individuals and individuals can benefit from the efforts of organisations without having to make sacrifices. I believe we should all try to live more in accordance with “Aristotle’s Golden Mean” which provides that moral behaviour is the mean between two extremes - at the one end is excess, at the other end is deficiency. By finding a moderate position between two extremes, you can act morally. This is the correct approach to use with data as well. ISSUE 21

107

EVENTS

DIGITAL

EVENTS In-person industry conferences and exhibitions are off the table for now, but there are still many digital events worth making time in your diary for...

TC SESSIONS: MOBILITY 2020 OCTOBER 06â&#x20AC;&#x201C;07, 2020 TC Sessions: Mobility will present two days of programming online with the best founders, investors and technologists who are hell-bent on inventing a future Henry Ford could have never imagined. TechCrunchâ&#x20AC;&#x2122;s editors will break through the hype to help attendees understand the current state of the mobility revolution and try to see which technologies and players will own the future of transportation. Top founders, technologists and investors 108

DIGITAL BULLETIN

in areas like autonomy, micro-mobility, AI-based mobility applications have all confirmed their participation, with attendees able to interact in Q&A sessions, with lots of opportunity for engagement and deeper conversational dives.

THINK DIGITAL SUMMIT UK & IRELAND OCTOBER 07, 2020 The world and the way we work has transformed, giving us all a mandate for change. At Think Digital Summit UK & Ireland is bringing together the best and brightest

OCTOBER

technology leaders to help you beat the odds and brave the storm. Look beyond the uncertainty by joining Think Digital Summit UK & Ireland to shape your future with technology at the heart and emerge smarter, together. For organisations that are in need of transformation, automation or a guiding light, what better time to take stock, share what weâ&#x20AC;&#x2122;ve learned about how to not just adapt or recover, but thrive, and to emerge smarter.

WORLD SUMMIT AI OCTOBER 14, 2020 The worldâ&#x20AC;&#x2122;s leading and largest AI summit gathers the global AI ecosystem of Enterprise, BigTech, Startups, Investors and Science, the brightest brains in AI as speakers every year to tackle head-on the most burning AI issues and set the global AI agenda. From CEOs to CTOs, FTSE 500 corporates to heads of AI, scientists, technologists, academics, startups and investors from every corner of the globe, you will be in great company. The event is brimming with opportunities for partnerships and engaging conversations. Attendees will find a networking area to connect, featuring an automated 1-2-1 chat roulette, matchmaking with like-minded professionals and live video meetings to facilitate connections between all attendees. ISSUE 21

109

EVENTS

AMPLIFY 2020 OCTOBER 14–16, 2020 Amplify by Amplitude is a conference for the product and growth leaders building next-generation digital experiences. Come learn how the world’s most iconic brands use product intelligence to break through limits, beat their rivals, and keep customers coming back. Product teams, data scientists, marketers, analysts, and designers all come to Amplify to learn how to build products for growth. You’ll hear how companies and brands like AB InBev, Imperfect Foods, IBM, and others take a product-led approach to beat the odds and win.

GARTNER IT SYMPOSIUM/XPO OCTOBER 19–22, 2020 Recent global events have reset the CIO’s relationship with the enterprise and executive team. Now is the time to embrace new approaches to leadership and strategic decision making to lead in a dynamic world. Join Gartner virtually this October at its flagship conference, Gartner IT Symposium/Xpo. Explore how to shape technology to respond to adversity and discover digital business 110

DIGITAL BULLETIN

strategic planning tools and techniques to achieve business continuity. Connect with trusted Gartner experts, accomplished IT leaders and top technology vendors to hone your leadership skills, refine your strategies and walk away with the insights, advice and tools needed for now and the future.

EMTECH MIT 19–22 OCTOBER, 2020 Reimagined for the virtual environment, this year’s EmTech MIT presents an in-depth, multi-session online program bringing together leaders, researchers, and innovators from across the globe for four days of inspiration, insight, and connection. EmTech MIT brings bold thinking and innovative ideas to life as we examine the technologies and forces influencing our digital world today – AI, Biomedicine, Cybersecurity, Diversity, Equality, Global-Scale technology, and more – and explores how to make sense of these innovations and trends in light of the events of 2020.

OCTOBER

API:WORLD OCTOBER 27â&#x20AC;&#x201C;29, 2020 API technologies empower developers & engineers to build upon the backbone of the multi-trillion-dollar market for API-driven products and services. Todayâ&#x20AC;&#x2122;s cloud-based software and hardware increasingly runs on an open ecosystem of API-centric architecture, leading to the explosion of growth in the API Economy. API World

puts the API Product Lifecycle on centre stage. We cover topics across the industry, including: API Design/ Architecture, API Strategy/Enterprise Modernisation, API Scalability/Management, Service Mesh, Containers, Kubernetes, Microservices Design/ Architecture, API Testing/Usability, API Security IoT APIs, Marketing APIs, APIs and IaaS, Data and Machine Learning, Blockchain APIs, OpenAPI, Swagger, GraphQL, REST, and many more. ISSUE 21

111

THE CLOSING BULLETIN

Writing exclusively for Digital Bulletin, Nuxeo’s Alain Escaffre outlines why low code development is increasingly the key to unlocking business agility

eing agile and responsive in business has never been more important than it is in 2020. Customers have long expected their demands and requirements to be met quickly, and are more than happy to take their custom elsewhere if they are not. Digital experience – especially for a younger demographic – is everything. Recent Nuxeo research indicated that 54% of shoppers would change from a favoured brand or retailer to a competitor if the overall digital experience did not meet their expectations. But the need for agility and to meet customer requirements speedily 112

DIGITAL BULLETIN

has only been enhanced during the events of 2020. With very different market conditions brought about by the Covid-19 lockdown and gradual easing, businesses have needed to launch new services that met changing requirements and could not spend months doing so. It is in this context that ‘low code’ development has risen the business agenda, with CIOs all over the world becoming increasingly aware of how low code can help enterprises become more agile and responsive. The content digitisation challenge A realisation of the need to be ready

ALAIN ESCAFFRE

for anything had dawned long before COVID-19, but lockdown really reinforced this. If an organisationâ&#x20AC;&#x2122;s employees, supply-chain partners and customers found it difficult to engage fluidly with content and processes beforehand, this was certainly the case once office premises closed and usual courses of action could not be taken. Previously, companies looked at the content digitisation challenge as a means of continuous business differentiation. How could they pivot activities to respond to new opportunities and keep ahead of competitors with new and exciting propositions? During lockdown, manoeuvrability became a matter of survival. If different parties could not access the information or digital assets they needed on-demand to accomplish routine or new tasks, companiesâ&#x20AC;&#x2122; business continuity was directly under threat. By contrast, those companies that were empowered by smart and flexible content access were able to progress ably under even the most extreme conditions. The most notable point of difference for the businesses that continued to thrive was that 100% of their critical processes were digital - supported by on-demand, anywhere access to whatever information or content people needed.

Low code is about giving companies the ability to create and roll out new user experiences without having to engage in long development projects, making it highly attractive for CIOs and the broader businessâ&#x20AC;? The rise of low code development This has all helped accelerate the rise of low code development, especially in the context of content access, management and re-use. Low code is about giving companies the ability to create and roll out new user experiences without having to engage in long development projects, making it highly attractive for CIOs and the broader business. The idea is to make developers more efficient, by allowing them to re-use existing components and templates to speed up application delivery, drawing on vast libraries of proven constituent software assets. Rather than doing away with the need for developers, low code allows IT teams to make ISSUE 21

113

THE CLOSING BULLETIN

This ability to sprint from idea to execution is transformational, for both innovation and development teams, and puts businesses in a very powerful position relative to their competitors”

smarter and more efficient use of their time and skills, accelerating the delivery of new functionality. The realisation that this low-code development approach can be applied specifically to content-based applications is particularly exciting for organisations as we emerge from lockdown. It paves the way for companies to create new content-based services at high speed. Whereas it might have taken up to 12 months to create a new customer or supply-chain experience the traditional way, development teams with access to a low-code development platform for delivering new contentbased services and experiences, can do so within just a few weeks. 114

DIGITAL BULLETIN

Sprinting from idea to execution This ability to sprint from idea to execution is transformational, for both innovation and development teams, and puts businesses in a very powerful position relative to their competitors. It is no coincidence that ‘Big Tech’ companies like Amazon and Google work in this way, to bring out new early versions of new products or user experiences at speed - to get them into users’ hands quickly, so that they can test out the potential in a quick, low-risk way. Using an iterative, low-code approach to development, they are able to combine already-proven functions and features to create some-

ALAIN ESCAFFRE

thing new, which they can then test with customers in a live environment - giving them something to refine and build on in subsequent releases. Crucially, shortening the gap between idea and launch gives these companies critical market advantage. Then they can go about evolving the application or service to deliver the best possible customer experience â&#x20AC;&#x201C; one which they can keep tweaking and embellishing over time. Agility is perhaps the most highly prized quality in any business in 2020, so it is not practical to try to conceive and build the perfect application right from scratch. A low-code development approach

is much more viable, allowing for the unforeseeable and providing businesses with the agility to create new content-based services at high speed and to improve them on an on-going basis, according to changing market requirements. About the author Alain Escaffre is VP Product Management at Nuxeo, a provider of content services and digital asset management solutions for large firms all over the world, helping them build smart content applications that enhance customer experiences, improve decision making, and accelerate products to market. ISSUE 21

115

BUSINESS@DIGITALBULLETIN.COM BUSINESS@DIGITALBULLET.IN

EDITORIAL ENQUIRIES

EDITORIAL@DIGITALBULLETIN.COM EDITORIAL@DIGITALBULLET.IN