The Internet of Things is taking over 10
Gaming college sports with data analytics 70
Dan Hushon pioneers transparent innovation 50
Raising a cyberarmy to fight the bad guys 102 Issue 004
LIFE, HACKED Through cutting-edge biotechnology, Mostafa Ronaghi and his team at Illumina are making the world of genetically customized medicine a reality
Everyone is at war. No individual, company, or government is spared from the ceaseless aggression of cyberattacks. Todayâ€™s IT leaders are the ones at the front lines, and often are responsible not only for defending but for equipping the rest of the army too. There may never be an ultimate victor of cyberwar, but smart tech leaders can outmaneuver the enemy through foresight, diligence, and sheer brain power.
Syncâ€™s FOCUS section probes how top IT executives are keeping their organizations and data safe.
Sync / 3
8 Upgrade Your Performance
TransPerfect lowers the global language barrier Interview John McDonald on how the IoT will change the way we live T-Mobile is blowing up the traditional phone carrier model from the tech side
Spotlight on Health Information Exchange 30 The Data Renaissance Man hopes to improve patient care by sharing more than ever
4 / Sync
38 Empower Your Peers
“We might be a silent partner, but we’re the ‘think caps’ of the business, and we have a lot to offer.”
“A CIO who stands still won’t be in that job 23 for very long.”
Harnessing startup power to rebuild an IT team at PBF Energy
Illumina is helping startups utilize the latest advancements in biotech
Shepherding the legal team at tech giant SurveyMonkey
CTO Dan Hushon guides his colleagues, and the market, in bold new directions
Insight How a veteran CIO finds new perspectives every day
Spotlight on Health Care Innovation Lloyd Mangnall envisions medicine functioning more like social media
Insight Clark Golestani on the “three-horizons” model that keeps him focused on the future at Merck
Move Ideas Into the World
A year in the oil and gas life: 75 deconstructing CIO Greg Percival’s transformative journey
“The mentality about security 106 was that you didn’t want to share what you were doing.... But then a handful of industry pioneers decided to get out there and start sharing information.”
JumpForward schools college athletic departments on data analytics and emerging technology
Just what the doctors ordered: Gamma- Dynacare is improving health care on a broad scale
Dr. Colin Banas uses data to give medicine a shot in the arm
Fall in for hacker bootcamp with former naval cryptologic officer Greg Dixon
Damian McDonald knows that in health care, early detection saves lives
Case Study Responding to the Affordable Care Act at Mount Nittany Health
Open and closed: keeping critical info safe but accessible with Iron Mountain
Spotlight on Hybrid IT Seamlessly blending technology with business at consulting firm Long View
Insight Caterpillar transforms “no” into “know” Higher education means higher stakes at Tufts University
92 Interview Oscar Perez on getting strategic, fighting the black hole perception, and rebranding IT Finding the innovation in implementation
Case Study 96 Securing connections for doctors and nurses at UMC Health System
Meet and connect with the influential leaders featured in this issue of Sync
Required Reading The books that inspire today’s top tech execs
Data Acquired Favorite facts and figures we learned in this issue
Sync / 5
Accudata Systems, 56 accudatasystems.com 281.897.5000
KEYW Holding Corporation, 105 keywcorp.com 443.733.1600
Allscripts Healthcare Solutions, LLC, 87 allscripts.com 312.506.1200
Lathrop Engineering, 45 lathropengineering.com 408.260.2111
Arrow Electronics, 87 arrow.com 312.280.5365 Capgemini, 21 capgemini.com 404.806.4200 Carahsoft, 121 carahsoft.com 703.871.8500 Cerner Corporation, 59 cerner.com 816.221.1024 Ciber, 20 ciber.com 303.220.0100 Dell Inc., 56 dell.com 800.289.3355 Deloitte, 22 deloitte.com 206.716.7000 DevSpark, 63 devspark.com 917.258.7500 Encore Health Resources, 93 encorehealthresources.com 877.787.1010 Ernst & Young LLP, 66 ey.com 212.773.3000 Fragomen, Del Rey, Bernsen & Loewy, 49 fragomen.com 312.263.6101 Gamma-Dynacare, 81 gamma-dynacare.com 416.730.9029 GroupM, 17, groupm.com 212.297.7000 Hill-Rom, 97 hill-rom.com 312.491.9505 Jack Nadel International, 28 nadel.com 312.266.4006 JumpForward, 74 jumpforward.com 773.355.9552 J2 Interactive, 84 j2interactive.com 617.241.7266
Long View Systems, 90 longviewsystems.com 866.515.6900 Neathawk Dubuque & Packett, 84 ndp.agency 888.619.8697 NTT DATA Corporation, 19 nttdata.com 312.873.3400 Opportune LLP, 36 opportune.com 713.490.5050 PhishMe, 95 phishme.com 703.652.0717 Red Pill Analytics, 77 redpillanalytics.com 888.944.9529 R2C Group, 33 ww.r2cgroup.com 503.222.0025
Managing Editor Megan Bungeroth
Contributors Melissa Anders Kristen Bahler Zach Baliva Topher Bordeau Evan Cline Joe Dyton Emma Janzen Jessica Montoya Coggins Julie Schaeffer Jeff Silver Kathryn Silverstein Tina Vasquez
Senior Designer Mary K. Delaware
Reprints & Circulation Director Stacy Kraft stacy@guerrerohowe. com
Photo Editor & Staff Photographer Caleb Fox
Client Services Director Cheyenne Eiswald
Sales & Account Management
Senior Client Services Manager Rebekah Pappas
Director Steven Zucker
Veracode, 113 veracode.com 339.674.2500 VMware, 53 vmware.com 877.486.9273 Vormetric, 111 vormetric.com 408.433.6000
Managing Director of Operations Cassie Rose
VP of Production & Creative Director Karin Bolliger
SIS, 15 thinksis.com 859.977.4747
Terranova Training, 117 terranovacorporation.com 514.489.5806
CEO Pedro Guerrero
Managing Director of Marketing Sean Conner
Managing Directors Kyle Evangelista Philip Taylor
Sunquest Information Systems, 25 sunquestinfo.com 520.570.2000
Guerrero Howe, LLC
Associate Editor Christopher James Palafox
Seclore, 29 seclore.com 540.323.6803
Sophos, 107 sophos.com 888.767.4679
Underwrites Director Justin Joseph Content & Advertising Managers Ty Attiek Titus Dawson Daniel Lopez Claire Mahoney Jaclyn Tumberger
Client Services Assistant Katie Richards Recruitment Director Elyse Glab Financial Analyst Mokena Trigueros Receptionist Amanda Paul
Account Managers Diana Chen Scott Hensley Senior Sales Executives Taylor Gerrity Stacy Kraft Brian Wolff Director of Accounts Ashley Watkins National Sales Director Dominique DiVito
Subscriptions + Reprints For a free subscription, please visit sync-magazine.com. Printed in China. Reprinting of articles is prohibited without permission of Guerrero Howe, LLC. For reprint information, contact Stacy Kraft at 312.256.8460 or firstname.lastname@example.org. Sync Magazine速 is a registered trademark of Guerrero Howe, LLC.
6 / Sync
From the editor
When I was a little kid, my sister and I would sometimes tag along with my dad to his job as a programmer at a telecom company.
Cover photo and Megan Bungeroth photo by Caleb Fox
Megan Bungeroth Sync Managing Editor
Ronaghi has devoted twenty-plus years to decoding the human genome.
On Saturdays, the building was quiet, and he could log some overtime while his daughters giggled up and down the empty hallways and peered into the gigantic room that housed the central computer, a hulking, blinking loud monster of an early-nineties machine that spat out data on continuous stationery. When we had exhausted the fun of coloring in the break room, I would poke my head into my dad’s office, adorned with our construction paper artwork and little else, and spot him staring at his terminal, grim expression, fingers steepled, a green cursor blinking on a black screen. “Dad,” I would say with an exasperated flip of my hair, “it doesn’t look like you’re working.” “This is my work,” he would respond, smiling slowly, eyes still on the screen. “I’m thinking.” As a sassy nine-year-old, I didn’t quite understand what he meant, but the concept of work as a time to sit and think and have ideas stuck with me, and now, all grown up, I see that concept thrive in the pages of this magazine. Coming on board with Sync, I’ve been delighted to discover that the people leading the digital revolution are excited about those sitting-in-a-quiet-room moments. The best leaders are the ones who can talk about the mechanics of their company’s cloud migration, yes, but more importantly, about why that particular project is so essential to the future of the business. They understand the importance of the careful thought that comes before the application. In this issue, we’re proud to showcase some of the IT industry’s best thinkers, not least of which is the CTO gracing our cover, Mostafa Ronaghi; he’s led his company in making the science of genome sequencing accessible to thousands of medical professionals and researchers, bringing a world of personalized med-
icine that much closer. John McDonald of CloudOne tells us how appliances are poised to take over our lives—and why that’s a good thing. Lloyd Mangnall of AMC Health dreams of a day when healthcare data works like social media. And in our Focus section on security, Greg Dixon of KEYW Holding trains students to attack his cybersystems—all the better to defend them. Of course, the executives in these pages also know how to manage the steps that happen after an idea is hatched, and they don’t shy away from the difficulties that arise with implementation. Lorna Koppel of Tufts University is tasked with managing the information security for a group of people–college students–not known for its adherence to privacy rules, but she’s fulfilling a lifelong dream to work in higher education and welcomes the challenge. Eleanor Lacey of SurveyMonkey shares the leadership lessons she’s learned by stepping back and listening to her team, even when what she hears might point them in a different direction. As these tech leaders move their ideas into practice, they’re always striving for new ways to improve. The next best idea could come at any moment, in front of a blank screen, blocking out pestering daughters to focus on the most important work of all—thinking.
Megan Bungeroth email@example.com
Sync / 7
8 / Sync
THINK Upgrade Your Performance
Sync / 9
Your Devices Are Talking About You
10 / Sync
Behind Your Back
CloudOne’s CEO John McDonald explains why it’s time to embrace the Internet of Things. Interview with Evan Cline
Sync / 11
The connected future promised by the Internet of Things is almost here. Tech research firm Gartner projects that 4.9 billion connected devices will be in use in 2015. And with people like cloud expert John McDonald already adopting the IoT, the rest of the world’s tech leaders need to catch up. Sync speaks with McDonald on the state of the industry, the importance and possibilities of the IoT, and his approach to getting his partners, suppliers, and contractors to embrace these radical shifts in the status quo.
Has the IoT “arrived”? John McDonald: We are at the beginning of it now. Some devices today are already providing clues to what the future might be like. Right now we can speak to our phones or video game consoles and they respond. Our computers can download patches and upgrades while we’re sleeping. So we are at the beginning, but the reality of having massive quantities of devices with embedded smart software is still yet to come.
Gartner is predicting 26 billion connected devices by 2020—what kinds of devices will these be? McDonald: These new devices will be a generation of electronic equipment with built-in computing power: refrigerators, appliances, medical devices, pumps, generators, and meters. These devices are already electronic, but they lack the “smarts” of computing power. They’ll be used by regular consumers and also by businesses. There’s no border to this concept. Electronic devices capable of being upgraded are nearly universal around the world.
McDonald: The role of computers since the beginning has been to augment humans. Computers support humans and give them clues and help in the tasks that they might be able to do without a computer but can do better with one. IoT is just the next extension of that concept; smart devices will continue to learn how to best assist us. If I’m driving late at night, my vehicle might recognize that I could use a cup of coffee. The car’s computer will be able to look up the nearest Starbucks, place an order for my favorite drink, pay for the purchase, and then direct me via GPS to take the appropriate exit. These are all things that I could do on my own. But the magic is that my car determined the need for me, knew my payment information, knew how to communicate with the cafe’s system, and had the smarts to resolve 12 / Sync
Floorplan by Irina Rogova/Shutterstock.com
How will the IoT change everyday life?
the problem without any interaction from me. We will begin to see our devices anticipating our needs and acting for us without a need to explicitly direct them.
That problem-solving ability sounds essential—what’s the connection between artificial intelligence and the IoT? McDonald: AI is hugely important, as well as the collection of data. We’re now collecting data of every sort imaginable. But all the data in the world has no value unless you can interpret it effectively. So while many people are focusing on the collection of data, it’s really the interpretation of it that holds the value. What does the data tell us? What can we learn? What questions do I need to ask, and then how do I automate those questions?
What else is necessary to foster a robust IoT? McDonald: I would add two more things. The first is network connectivity. The Internet being available everywhere all the time is critical for IoT. The other is cloud computing, but actually a specific type: secure cloud computing. The cloud, throughout much of its history—and certainly in public perception—is not unlike a public utility. It’s extremely available and very public. This is appropriate in a lot of spaces, but there are many sync-magazine.com
John McDonald CloudOne CEO, Chairman, & President
“The Internet of Things, at its heart, is a system through which our devices become even better at freeing us up from drudgery. I love that world. I want to live in that world right now.”
Sync / 13
The Future is Now Three CloudOne projects helping to kick-start our connected world
things we do in business that are not public and cannot be public. Our business at CloudOne is creating extremely secure virtual private clouds that allow companies to isolate and secure the things that must stay private. And even more challenging is dancing the line between what is public and what is private.
What other services do you bring customers in preparation for the IoT?
2. Panasonic Automotive Systems is the world’s largest manufacturer of vehicle infotainment systems. With a host of component subsuppliers, the true innovation of Panasonic’s product is the software operating on its radio system. CloudOne provides a secure cloud environment for Panasonic’s 1,600 worldwide developers to collaborate globally and drive innovation while protecting proprietary information.
3. The Grindery is a nonprofit business incubator in downtown Indianapolis, Indiana, started by CloudOne. The Grindery is easily accessible by public transit and is tailored to serve low-income residents. “If you have a hightech idea, it’s easy to get support,” says McDonald. “But if your idea is to provide babysitting services or do sign language interpretation or to open a barbershop, where do you get help?” The Grindery enables underprivileged urban communities to see their ideas come to fruition through access to computers, the Internet, business coaches, and a variety of other resources.
14 / Sync
On the other hand, what are the hurdles along the path to a universal IoT? McDonald: I’m going to call this the “My Mom” problem. My mom down in Florida has many devices in her house. Some already have some smarts and others will have them very soon. How do we get my mom into a position where she is effectively able to set up and use a variety of in-home devices each with embedded software? Suppose Express Scripts issues her a smart pill container that could track her medicine usage. This would be helpful for her, and provide some peace of mind for me. But unless what she has to do is no more difficult than plugging in a toaster, the chances of her being able to successfully use a smart pill container are nearly zero. And that is a big problem for the IoT. There are a lot of big companies heavily targeting this exact problem that have already had some success. Nest, a smart thermostat company acquired by Google, is doing this for the home, and Visteon is working to do effectively the same thing for the car. Another challenge is for the companies that make the devices themselves. Many of the electrical or meIssue 004
Indianapolis skyline by YurkaImmortal/Shutterstock.com
1. Cummins is the largest independent diesel-engine manufacturer in the marketplace. Today, every Cummins engine can transmit packets of data with information about engine performance. All that data is hosted and analyzed on a CloudOne virtual private cloud. Cummins can assess performance internally and may also sell that information to the companies utilizing its engines.
McDonald: CloudOne weaves together four elements that are necessary for IoT. The first is data and analytics. We provide secure big-data platforms with analytics that allow us to analyze streams of data and act on them. The second is to provide environments where companies can develop their products for the IoT. We also support companies that are producing devices in a factory context. And lastly, we manage the transmission of the data streams from the devices themselves. It’s analytics and big data at the core, but surrounding it is the development process of the software that goes in the device, the factory that makes the device, and the streams of data going to and from the device. We weave those pieces together in secured virtual private clouds, which manage the transition between public and private and provide managed services and software platforms to do all those tasks.
WHERE THE INTERNET OF GREAT THINGS HAPPENS chanical engineers who are creating these devices did not go to school to be software or network people, yet now they’re dealing with what are effectively computers. This is slowing some companies down because they don’t necessarily have the proper staff to build these computing devices.
How exactly will the IoT transform the business landscape? McDonald: Customer support is at the top of the list. The ability to know how customers are using your products and to anticipate their needs will be crucial. The doorbell rings and there’s a man— or drone—with a box. Inside the box is a set of hoses that your clothes washer needs, so it ordered them for you. That has now kept your house from flooding and made you very happy that you chose that particular brand because they anticipated your needs. It builds loyalty.
Your Cloud. Your Way. The Internet of Things requires a robust, secure, 24x7 infrastructure that can churn huge volumes of data through networks onto computers for analysis. Our SIS Managed Solutions Center Cloud enables you to focus on what you will do with this data – and leave the technology to us.
What IoT device or capability are you most excited to see and put to use in your life?
We work with you to make sure your cloud solution is tailored
McDonald: At CloudOne we are consumers of all kinds of products and services, from soda pop in the refrigerator to pens, paper, toner, and computers. Of course, we have to keep all those items stocked. My refrigerator should know who is drinking what and when, and when something is almost empty it should order more soda. I’m excited about outsourcing some of the most mundane tasks that take up the time of the people at CloudOne so they can focus on things of higher value. The Internet of Things, at its heart, is a system through which our devices become even better at freeing us up from drudgery. I love that world. I want to live in that world right now.
infrastructure to backup and recover systems, SIS has the experts
for you and your business. Whether it is hosting your analytics systems in our cloud, managing them on premise or providing the you can rely on.
Go ahead make Great Things happen and leave the Cloud to us. • Cloud Strategy
• Managed Services
• Cloud – Public, Private, Hybrid
• Analytics & Intelligence
• Cloud Backup & Disaster
• Data Lifecycle Management
• Application & Data Security
859.977.4747 info@ThinkSIS.com www.ThinkSIS.com SIS, LLC • 165 Barr Street • Lexington, KY 40507-1321
Sync / 15
Meet the Man Who Wants to
Destroy Your Phone Contract Gary King, executive vice president and CIO of T-Mobile, discusses the company’s quest to blow up traditional models and what that has meant for IT By Melissa Anders
16 / Sync
Gary King T-Mobile USA, Inc. Executive Vice President & CIO
Photo by Michael B. Maine
Two years ago, T-Mobile set out to upend the way people buy and use wireless services—not a small feat, and one that would require a huge investment from the mobile giant’s IT department to make it all come together smoothly. The plan was to get rid of annual service contracts, loosen phone upgrade restrictions, and offer free data for tablets—all moves creating huge implications for the backend of IT. Gary King stepped in as CIO as T-Mobile was in the nascent stages of rolling out its “Un-carrier” campaign, and he dove right into the technology challenges that each of the planned stages presented. Now, with the full implementation in place, the company has made a slew of rapid technical changes, each in line with the corporate strategy and with a focus on developing T-Mobile’s retail side. King attributes his department’s ability to enact these changes to that alignment of vision that pushes IT into the bigger picture. “That’s the trick, that’s the magic—ensuring the culture, the operating systems of your IT organization are in alignment with the corporate strategy, and everybody
Sync / 17
understands that’s the goal and the mission,” King says. That cooperation enabled T-Mobile to deliver more than twenty-five IT projects in 2014, 26 percent more than it had the previous year, while at the same time shrinking its bug defect rate and post-launch fixes by more than 35 percent. King attributes some of that success to abandoning the waterfall methodology for new enhancements in favor of a more agile delivery method. “We would not be able to do this without a very collaborative codevelopment culture,” King says. “We’ve spent a lot of time driving alignment within the organization to this desire to move fast, break the chains of the industry, and rewrite the rules of wireless.”
Here, King traces the Un-carrier process from the IT perspective step by step, taking Sync from the program’s initial reveal through each of its challenges, iterations, and milestones.
King at T-Mobile’s Orlando, Florida Un-wrap event, part of a series held across the country to engage its frontline employees.
T-Mobile launches Un-carrier 1.0 and eliminates annual service contracts. It follows up with eight more mold-breaking moves, each of which will require heavy lifting on the IT side. “What’s interesting is the high degree of collaboration and codevelopment to put that much change into the marketplace,” King says. “Each of those releases represents a high number of enabling changes to the underlying technology and in many cases, the feature that is being released takes a number of changes across time to fully enable.”
July 2013 SYNC TALKS WITH GARY KING How have your past experiences informed your current work? That first foundation of working in the technology industry for a computer company—that gave me a very good grounding on all of the aspects of computer technology and being on the sell-side of the equation. Whether that was hardware, software, or consulting services, I understand from that side what the agenda is of just about anybody that I deal with in the industry. What lessons did you learn at Avon, Barnes and Noble, and Chico’s?
18 / Sync
The company introduces JUMP! with Un-carrier 2.0, allowing customers to upgrade their phones up to twice a year instead of waiting until they renew a two-year contract, which is the common timeline with other carriers. “It’s an example of the two parts of the organization—marketing and IT—working in lockstep to bring that capability to the customer,” King says.
October 2013 Un-carrier 3.0 eliminates international roaming rates for data and texting in more than 120 countries and destinations. King says the service change was easier to pull off because it doesn’t constitute a large portion of T-Mobile’s business. The company also starts offering 200MB in free data each month for tablets.
December 2013 King joins the Bellevue, Washington-based company in December 2013, about nine months after T-Mobile began its journey to become the “Un-carrier” and shun the norms established in the wireless industry. “I like fast-paced, high-degree-of-change environments, and that’s kind of represented what I’ve done in my career,” King says. He was able to dig right into the backend of how IT would shape its upcoming steps.
IN A WORLD OF BIG DATA EVANGELISTS, SCIENTISTS AND SPECIALISTS, WE’RE REALISTS. You’ve seen the numbers. You’ve heard the hype. And when you separate fact from fiction, Big Data comes down to three things. First, you need a hardware platform robust enough to handle the traffic. Next, your analytics software should run seamlessly across the enterprise. Lastly, it’s about people. Genuine, no-nonsense human beings who know how to turn new insights into actionable customer value. For Big Data that drives real business change, visit NTTDATA.com/americas THINK SMART. ACT FAST. FLEX YOUR BUSINESS.
Run. Compete. Ascend. Ciber does more than put technology in place. We put technology to work advancing your business. Find out more at www.ciber.com.
20 / Sync
GARY KING’S GUIDING PRINCIPLES Act as a hub. View IT as the hub of a wheel, serving the spokes of marketing, sales, distribution, manufacturing, and other business departments. “The IT organization at the center not only serves each of those constituents, but has the potential opportunity to correlate between those individual spokes,” King says. Align with the corporate mission. According to King, the trick to leading a successful IT department is ensuring its strategies are tightly aligned with the corporate strategies and making sure everyone understands the goal and mission. Don’t forget who you’re serving. Technology also serves a company’s customers, and it’s important to listen to the customer. Companies need mechanisms to continuously listen to customers and use that feedback to prioritize and determine development road maps. “Communicating clearly the priorities and the alignment is fundamental to being able to move this fast with high quality,” King says.
The international experience with Avon provided a global perspective of doing business and the diversity of cultural aspects of this industry. Being with BN.com in a foundational time period of e-commerce gave me kind of a unique perspective into the formation of this Internet industry. Then I was immersed in pure retail in a dramatic growth period while Chico’s acquired and rolled out White House | Black Market. Working with Soma, for intimate apparel, and the acquisition of Boston Proper gave me a very good perspective into what motivates and drives retail buying
January 2014 T-Mobile begins reimbursing up to $650 for customers’ early termination fees if they switched from AT&T, Sprint, or Verizon and traded in their phones. Droves of customers take the offer during one of the company’s biggest weekends ever. King had to make sure that IT could handle the sudden influx. “Twenty-four by seven capabilities to monitor and respond is the key feature of implementing a big change like that,” King says. “And then just being in the moment and present—a lot of us spent the weekend in the stores, online, making sure that the capabilities were working.” The move requires the development of back-end processing to allow customers to upload information from their previous carrier’s final bill and receive a preloaded credit card with the rest of the early termination fee payment. The company implements a fair amount of financial and accounting control.
June 2014 T-Mobile launches two more programs. One allows customers to test-drive the service by borrowing a preloaded iPhone for seven days. The program lets customers check how the coverage works in their area. “It’s a way of trying before you buy,” King says, and it resonated with people who had previously been frustrated by the inability to do a trial run with the carrier. “In our view, based on all of the listening that we do, that’s a huge customer pain point.” Un-carrier 6.0 introduces Music Freedom, allowing customers to stream songs from several different services, like Spotify and Pandora, without counting against their monthly data allotment. T-Mobile also sets up a mechanism to gather customer input. Issue 004
with your business to achieve customer service excellence Customer service excellence is one of the hallmarks of any successful business. Capgeminiâ€™s Managed Testing and Quality Assurance Services enables clients like T-Mobile USA to accelerate their speed to market and deliver industry-recognized and award-winning customer service solutions.
In partnership with Capgemini, we were able to implement an outcome based Testing Model that allowed us to deliver the UnCarrier initiatives at an aggressive pace while reducing cost and improving quality.â€? Kirthy Chennaian, Sr. Director of Quality Assurance at T-Mobile
“That’s the trick, that’s the magic— ensuring the culture, the operating systems of your IT organization are in alignment with the corporate strategy, and everybody understands that’s the goal and the mission.” behavior and what kind of customer experience was most optimal in a store environment. How have you applied those skills and knowledge at T-Mobile?
Move Move forward. forward. With With confidence. confidence. No No matter matterhow howcomplex complexyour your business questions, business questions,we wehave havethe the capabilities capabilitiesand andexperience experiencetoto deliver to deliverthe theanswers answersyou youneed need move forward. As the to move forward. As world’s the world’s largest largestconsulting consultingfirm, firm,we wecan can help and help you youtake takedecisive decisiveaction action and achieve sustainable achieve sustainable results.results. www.deloitte.com/confidence www.deloitte.com/confidence
Consulting Copyright © Copyright © 2014 2015Deloitte DeloitteDevelopment DevelopmentLLC. LLC. All reserved. All rights rights reserved.
22 / Sync
Being able to bring all of that to bear on the T-Mobile opportunity I think is allowing me to move fast and not hurt too many things at the same time.
September 2014 The iPhone 6 and 6 Plus launch, and T-Mobile is the first carrier to offer Wi-Fi calling on these products, with the ability for customers to transition from Wi-Fi calling to an LTE connection during a call. The feature also is now available on Samsung devices.
December 2014 The company introduces its Data Stash promotion, which allows customers to roll over unused data month to month for up to a year. The IT department set up a system for tracking data allotments, accounting for the rollover, and communicating the balance to the network in real time.
March 2015 Un-carrier 9.0 arrives. T-Mobile introduces the Un-contract, which promises to lock in most rate plan pricing, and offers up to $650 to pay off devices under different carrier contracts or leases. T-Mobile also changes and simplifies its wireless plans for businesses.
NTT DATA and T-Mobile: Transforming Mobile Communication NTT DATA is a leading IT services provider and global innovation partner with 75,000 professionals based in more than 40 countries. We are proud to be a premier partner of T-Mobile, as Gary King’s technology team enables the company to redefine the mobile industry in the US with its Un-carrier services. NTT DATA delivers high-quality service and thought leadership in application development, testing, and support across various technologies including SAP and Oracle, which is critical to T-Mobile as it shifts the industry paradigm to put the customer first. Deloitte is a leading presence in the telecommunication sector, serving companies across sub-sectors including wireless, wireline, and equipment manufacturing. With many of our practitioners coming from the industry, we’ve got an insider’s view of critical business issues. Our professionals stay abreast of industry issues through involvement in trade and regulatory organizations.
Healing Health care tech Compared to other verticals, the health care sector is mired in ideas of the past. Tampa General Hospital CIO Scott Arnold explains how the industry can make up for lost ground. By Emma Janzen
What do the retail and banking industries have that health care doesn’t? An edge in technology. Or so says Tampa General Hospital’s (TGH) senior vice president and CIO Scott Arnold. “Health care is at least ten to fifteen years behind other industries,” he says. “Yet both health and family are the things that we hold most dear. Health care needs to be investing more in technologies that help us stay well.” It’s easy to compare health care’s deficits against advances in technology in other industries, but it’s important to keep the stakes in mind—these technologies aren’t simply helping people order a pizza or a book, they’re changing the ways people live and stay well. That’s exactly what Arnold cites as the primary reason behind the lag in innovation in health-care technology—traditionally, health-care institutions have not functioned in the same profit-centric way as consumer-driven companies like banks, shops, or restaurants. Instead, there’s a disconnect between the patients, providers, and payers; doctors and hospitals are reimbursed for their services regardless of whether or not there is technological innovation, and the money comes from insurance companies—not customers. In other industries, companies provide technologies that ease processes and encourage convenience for users. “Customers can take their business anywhere they want to go if they don’t like the service,” Arnold says. sync-magazine.com
“That’s how other industries have matured technology much more quickly.” In banking, for instance, it’s easy to transfer money from account to account, or even from bank to bank, because the technological systems support this consumer need in order to remain in business. In health care, it’s difficult to share medical records from provider to provider because unrelated systems are rarely designed to communicate with one another, and some processes are still paper-based. Interoperability is way behind the times. “Many software companies that specialize in electronic medical records spend a lot of energy safeguarding their intellectual property, and there’s very little incentive for health-IT software rivals to connect disparate technologies at this point.” Arnold says. The solution? “A greater focus on robust health information exchange.” This focus could bring together the disparate pieces of a patient’s medical history to help all clinicians provide better care. Access and mobile technologies also lag behind. Small conveniences like scheduling appointments online would make access easier for countless patients, but it’s not something every health-care system offers. Improvements are happening in these areas as well, albeit slowly. Technologies like telehealth pair digital information with the Internet, computers, and mobile devices to manage health and wellness via video visits. Doctors can diagnose patients with whom they have Sync / 23
24 / Sync
Arnold admits that while it’s crucial that health care catches up to other industries—and quickly—it’s understandable why the industry has trailed behind for so long, because of the human element of the business. “Other industries manufacture widgets. Health care is human and very personal, so to that extent, I do expect that the change is a bit slower,” he says. “With ad-
Scott Arnold Tampa General Hospital Senior Vice President & CIO
“A CIO who stands still won’t be in that job for very long.” ditional regulation and compliance layered on to it for the purpose of safety, it does give health care a little bit of a disadvantage to move as quickly as other verticals.” That doesn’t mean he’s not doing his part to help push the industry into the future. TGH has a CEO and Issue 004
Photo by Robert Crum Photography
a running history, and medications are dispatched to the pharmacy electronically. “If it’s hard to get to the doctor because you have three kids and they’re all sick, there are new, emerging ways to leverage telehealth from your own home to do that,” Arnold says. Home monitoring systems are taking cues from consumer electronics on how to improve. Many doctors can now issue small, less-expensive devices for patients to wear at all times—similar to the popular fitness wearable FitBit—that track and monitor health patterns remotely. Measuring blood pressure, heart rate, oxygen intake, and other biomedical readings can help keep patients and their physicians informed. “We’re also invoking technologies to reduce human error in health care,” Arnold says. For example, when a patient is prescribed a new medication, computer systems are used to cross-reference for potential interactions. “If your doctor had an old paper file that was missing a page, they may never know about a possible drug interaction leading to a situation that could make a patient very sick.” With a more streamlined system of checks and balances, errors are drastically reduced.
BEYOND THE HOSPITAL
Two projects that exemplify what technology can do for health care outside of a traditional setting Joint venture in community health with FLORIDA HOSPITAL Started: September 2013 Completed: Ongoing Value to the Business: West Florida Health, a nonprofit jointly owned with Florida Hospital, serves the greater Tampa Bay community. It leverages technology to improve efficiency, using an integrated clinical information technology platform to eliminate variations in care and apply evidence-based medical interventions. Technology expansion with the UNIVERSITY OF SOUTH FLORIDA Started: January 2015 Completed: August 2015 Value to the Business: TGH will bring its EPIC medical-records system to the more than 450 physician faculty members of USF. This will give physicians real-time, secure access to patient medical records, increasing interoperability.
Reimagining Integrated Diagnostics Sunquest delivers comprehensive solutions with superior functionality that integrate anatomic pathology, clinical pathology, molecular and genetic testing. This enables healthcare organizations to: • Increase and drive revenue opportunities
governing board that encourage the use of technology to meet its high standards of quality and care. When new automation works, TGH invests deeply and moves fast. According to Arnold, whether it’s new mobile technology or telehealth, every little bit helps. And those efforts are paying off; the hospital was recently awarded the prestigious Stage 7 designation from the Health Information and Management System Society. Stage 7 is the final level of a multitiered process that measures a hospital’s implementation and utilization of IT applications. It represents the most advanced patient record environment, with just fewer than 3 percent of the 5,400 hospitals in the United States honored with this designation. In his role as CIO, Arnold encourages other like-minded health-care technology officers to watch and learn from other industries for ways to innovate and think outside the box for patients’ sakes. Embracing change and keeping a close eye on developments in technology are also crucial. “A CIO who stands still won’t be in that job for very long,” Arnold says. Tech leaders should be constantly learning, and at the very least, surround themsleves with experts who stay upto-date within their fields. “Every fifteen to eighteen months, some tech emerges that disrupts—in a good way—health care and other industries,” he says. “It’s exhausting, but staying contemporary and continuing to move are of the utmost importance.” sync-magazine.com
• Reduce the cost of testing • Provide accurate and timely results In this value-based health system, organizations need an integrated diagnostic solution that streamlines the workflow to quickly diagnose and treat patients. Learn more about Sunquest at www.sunquestinfo.com or call (800) 748-0692
Sync / 25
Global Decoder In the translation industry, Mark Hagerty knows that conducting global business requires conversations across languages, countries, and cultures. Here, the CTO of TransPerfect discusses the increasing importance of companies understandingâ€”and capitalizing uponâ€”the language of technology. By Emma Janzen
26 / Sync
Map illustration by Milles Studio /Shutterstock.com; Mark Hagerty photo by Jeff Mauritzen
Few sporting events bring people together across cultural lines like the World Cup.
Mark Hagerty TransPerfect CTO
Millions flock to support their countrymen as they take to the pitch and confront the world’s best players. And whether you call it football, soccer, or calcio, everybody understands what it means when the ball soars into the opposing team’s net. Yet in today’s plugged-in digital landscape, additional technologies are needed to help people fully engage with each broadcast, stat, and story. This is where companies like TransPerfect—a language service and technology solutions provider—prove invaluable. During the 2006 FIFA World Cup, TransPerfect chief technology officer Mark Hagerty developed a technology platform called GlobalLink to quickly transfer documents from game reporters to preapproved translators stationed all over the world. The documents were processed, translated, and transferred back to the event site hosted by Yahoo, and available for viewing within thirty minutes. Utilizing GlobalLink’s technology eliminated time-consuming manual tasks like project management and file preparation, and it allowed multilingual content to be available almost instantaneously—an enormous value-add for followers of the World Cup. Hagerty’s ability to see beyond what many would have considered simply a translation challenge helped make the event a success from behind the scenes. “It was an effective solution because it completely changed the old-school process where people would just send emails around,” Hagerty says. “You didn’t have the ability to get things done as quickly—particularly when doing high-quality human translation.” And that feat of imaginative engineering wasn’t Hagerty’s first large-scale success at TransPerfect. During his decade-long tenure with the company, he’s established a strong culture of technology-driven innovation, led by the idea that in order to be com-
petitive in the translation industry—or any industry for that matter—it’s imperative to not only develop technologies, but to think more like a tech company. Hagerty applies this philosophy to his role in several ways. First, like many successful tech leaders will tell you, it’s not always the newest tools that will create the best results—it’s the people who work behind the scenes to ensure everything happens. Machines have yet to achieve anywhere close to a perfect level of accuracy in translating between languages, which means that human translators remain at the core of the translation business. At TransPerfect, translators are located throughout numerous time zones, ensuring that assignments can be completed around the clock. The GlobalLink platform makes it more efficient to link with translators and reduces the need for emails and other manual tasks that decrease productivity. This allows for faster turnaround times, improved translation quality, higher productivity, and increased employee satisfaction. “These large-scale global projects fit very well into our model because it’s not about one office or person. That approach simply does not scale,” Hagerty says. “Our GlobalLink platform allows us to have a team approach to things, and that is what’s important. If everyone is working together, you’re going to have success.” Still, technological innovation is key. When Hagerty first joined TransPerfect, technology was not a major priority. But since his arrival, over thirty tools have been developed to improve quality, automate manual tasks, and decrease turnaround times. And it’s not just translation-specific technology—the organization has also branched out with products like Trial Interactive, a platform that can help pharmaceutical companies conduct clinical trials. “Technology companies are always trying to think of ways to be more efficient, to create something new that somebody hasn’t thought of yet,” Hagerty says. “If you think in those terms, there are things you can do that will further your success as a company.” Sync / 27
“It’s not about one office or person.... If everyone is working together, you’re going to have success.“
Revenue in 2014, up from $37M in 2003
PROMOTIONAL PRODUCTS & TECHNOLOGIES that enhance your brand & support your marketing programs
Technology employees and contractors in 2014, up from 1 in 2003
GlobalLink technology customers in 2014
Number of technology products in 2014
Technology revenue growth annually
SERVICES: Product Development Creative Branding Fulfillment/Distribution Corporate Programs Web Stores International Distribution
28 / Sync
And the numbers clearly support that statement; by diversifying and developing multiple technology products, TransPerfect’s revenue has not only increased significantly more than the industry average over the last several years, but customers now select TransPerfect as an enterprise solution provider, not just a translation services vendor. To maintain such growth across all the company’s diversified channels, Hagerty touts the importance of understanding when to outsource versus developing new tools in house. It’s a common downfall for any company to get caught up in the ego-driven mindset of always building its own mousetrap; the smart companies know when to innovate internally and when it makes more sense to maximize focus and partner with external service providers. For example, TransPerfect deals with large amounts of sensitive information for law firms, pharmaceutical companies, and financial organizations on a regular basis. So the company has partnered with information rights management (IRM) company Seclore, to handle all of TransPerfect’s encryption and data-centric governance. “Seclore has already solved the problem of information security—that’s what they do,” Hagerty says. “So we’re not going to build our own IRM, we’re going to partner with the company with expert technology and work closely with them to integrate its services into our product offerings.” Thanks to his strategic mindset and ability to innovate, Hagerty has helped the company evolve into a world-class technology leader. Looking at the course and evolution of his work, he’s most proud of having a hand in creating technology products that have generated revenue and helped the company to become a true industry leader. Today, TransPerfect translates millions of words and brings in hundreds of millions of dollars in revenue each year. Whether it’s making sure soccer fans around the world get their game stats quickly or enabling financial organizations to reach out to their multilingual customers, it’s the company’s focus on innovation and big-picture thinking that keeps TransPerfect at the top of its game. The 2018 World Cup is in Moscow. How do you say “Gooooal!” in Russian? Issue 004
We Protect The Things We Care About
Are you sending sensitive files outside of your organizationâ€™s perimeter unprotected? Seclore ore FileSecure â€“ Next Generation Information Rights Manageme Management will protect your files wherever they go.
Sync / 29
Health Information Exchange
John Norenberg is ushering in health-care data’s Age of Exploration by putting information at the fingertips of employees to improve patient outcomes. By Jeff Silver | Photo by Caleb Fox
30 / Sync
To people who work with him, John Norenberg is known as the “Data Renaissance Man.” As the vice president of corporate information systems at Advocate Health Care System in Chicago, he earned the moniker by championing data’s transformative possibilities in health care. When he joined Advocate in 2004, the concept of health-care data was still new. For five years, he led the team in charge of developing and implementing the company’s hospital electronic medical record (EMR) system. Since then he has moved on to do the same for Advocate’s ambulatory data, which includes the services delivered in physicians’ offices. Throughout all of these steps, Norenberg knew the ultimate trajectory was toward better patient care. “Our focus is on creating an environment that supports clinical excellence and best practices,” Norenberg says. “That’s important because when they are achieved, patients tend to be healthier, clinical outcomes are better, and the cost of care is lower.” Even as Advocate established new systems in Norenberg’s early years, other significant changes were on the horizon. The company was also in the process of becoming an accountable care organization (ACO), which meant sharing risks with payers (i.e., Medicaid, Medicare, private insurers), seeking a more comprehensive perspective of patient care, and becoming more proactive in maintaining patients’ overall health. And all of these initiatives were coming forward just as Advocate was about to expand its roster of providers by more than 300 percent. Issue 004
John Norenberg Advocate Health Care System Vice President Corporate Information Systems, Physician Services
Sync / 31
“We typically provide only half of a patient’s care with no visibility into services provided outside our system. With a universal health information exchange, we could see all treatments, tests, and results drive down costs and improve clinical care.” EMRs have contributed substantially to Advocate’s National Committee for Quality Assurance (NCQA) recognitions
Practice sites that earned NCQA Level 3 PatientCentered Medical Home recognition
Physicians with NCQA Heart/Stroke recognition
Physicians with NCQA Diabetes recognition
Areas with Top Decile Performance by NCQA standards
32 / Sync
Norenberg tackled these challenges by creating Advocate’s internal health information exchange (HIE). The exchange provides clinicians, as well as support and office staff, with a holistic view of all patient care—both acute and wellness—that can be provided anywhere in the Advocate system, whether it is hospital-based or within the ambulatory network. When a physician needs patient information, the system reaches out to compile all data for that patient from hospital and ambulatory EMRs. This creates a real-time longitudinal record of care, including imaging studies and clinical test results. Not only does this provide up-to-the-minute clinical information, but the resulting longitudinal record helps support best practices for wellness care and chronic disease management, both critical factors in successful accountable care management. For example, diabetic patients need regular foot and eye exams and ongoing monitoring of blood sugar levels. When a diabetic patient is scheduled to be seen by a physician, the HIE automatically checks to confirm that those procedures have occurred within a reasonable timeframe and recommends them to the clinician and staff if they have not. The system also provides incentives by analyzing individual physician compliance with these best practices to determine potential financial bonuses. Even with EMRs in place and providing extraordinary new toolsets, Norenberg admits that many physicians have been hesitant to fully embrace the system, because they feel it negatively impacts their productivity.
“To address this, our next big initiative is to analyze how people work with the system and to develop native workflows that are more appropriate for the digital environment,” Norenberg says. “Just automating the old existing processes isn’t sufficient, so we’ll create new strategies to optimize the new features and capabilities and restore productivity.” In the Chicago area, where Advocate is located along with eighty-two other hospitals, sharing patient information globally would help support the success of all institutions operating on an ACO model. For example, if a patient needs an MRI but recently had one at another institution, shared data would eliminate duplicate services. “As an ACO, we own the risk for patient care and share in any profit or loss associated with it,” Norenberg says. “But we typically provide only half of a patient’s care with no visibility into services provided outside our system. With universal HIE, we could see all treatments, tests, and results drive down costs and improve clinical care.” Norenberg understands how disruptive the shift to EMRs and the HIE have been, having experienced similar changes when he worked in manufacturing and finance prior to health care. While Advocate is still in the adaptation and adoption phases, he is confident that the long-term benefits will be worth the bumps along the way. “In health care, the magnitude of data and amount of hardware needed to handle change are staggering,” Norenberg says. “The information is all part of a larger context that has to be taken into account. It’s astounding that physicians are able to make sense of all of it to deliver the quality of care that they do.”
As the CIO for one of the nation’s fastest-growing companies, Richard Loew’s objective is to keep IT in front of the business. Here’s how he built a team to do just that at PBF Energy. By Christopher James Palafox
34 / Sync
It starts with a blank sheet. When CIO Richard Loew joined PBF Energy—two years after its 2008 founding—the organization’s IT department had no people, no processes, and no technology. But as an information technology executive known for his ability to build and transform enterprise infrastructures, Loew was well equipped to fill in the company’s technology blanks. Today, PBF Energy is entrenched in the Fortune 500 and has become one of the nation’s fastest-growing petroleum refiners. In order to help enable that growth, Loew meticulously built his IT team using a startup mentality. But even before building that team, Loew worked to establish a concrete objective to guide the IT function’s purpose and future: to implement functional, cost-effective solutions that are scalable and easily implementable. To build his team rapidly but with purpose, Loew used a staffing approach that optimized IT headcount by leveraging third parties, managed hosting, and outsourcing arrangements. By concentrating on fostering these kinds of relationships, Loew was able to find the expertise he needed, while allowing the company at large to concentrate on its core skill of refining oil. “As a startup, my model was to depend upon third parties entirely for the first year,” Loew says. “Then over the ensuing two to three years, we moved to the optimum staffing model—a mixture of PBF and non-PBF employees.” This process also allowed PBF to build strong relationships and make scaling possible. But ultimately, Loew’s overriding principle is to focus on the business success of the company—concentrating on supporting the safe and profitable operations of PBF’s refineries and supporting assets. To facilitate that, Loew and his team define and implement fit-forpurpose solutions, adapting to the needs of the client, the project, and PBF. Issue 004
Photo by Robert A. Lisak
“IT has a very unique perspective of the organization and the business process around it,” Loew says. “We have to understand upstream and downstream dependencies and the implications and intersections associated with them.” So IT focuses on not only the organization’s daily technology operations but also the technical strategy, which is defined as the identification of helpful technology that might otherwise go unnoticed. For Loew, however, his job is to add value not only through technical innovation and business process knowledge, but also through his soft skills and ability to collaborate. “I focus our sourcing on specific vendor organizations whose business and work cultures harmoniously work with PBF,” Loew says. “I don’t have time for infighting between competing organizations, as we have too much to do in too little time.” Loew treats the entire group as if it were a single PBF team. “Our goal is to work together as a team, learn from each other, provide value to the business functions we support, and if we can have some fun along the way, that’s a good thing.” Running these lean teams allows Loew and PBF to remain agile, while also retaining the sync-magazine.com
Richard Loew PBF Energy CIO
“Success is a variable metric which is situation-specific, but it centers around doing the right thing and managing expectations of the stakeholder community.”
Sync / 35
RICHARD LOEW’S GUIDING PRINCIPLES Make everyone a contributor. Everyone wants to make a contribution. As such, Loew works to make sure every person on a project can look back and say, “I contributed to that.” Listen more. “It is statistically impossible for everyone in the room to be the smartest person in the room,” Loew says. Listen more and talk less. Empathize with antagonism. It’s important to put yourself in another person’s shoes—especially if they’re disagreeable. Work to understand that person’s reasoning and then work to find middle ground. Make mistakes. Nobody’s perfect. “I make mistakes every day,” Loew says. “Learn from mistakes, improve, and don’t make the same mistake again.”
ENERGY INDUSTRY CONSULTING THAT OPENS NEW DOORS • CHEMICAL ENGINEERING • COMPLEX FINANCIAL REPORTING • CORPORATE FINANCE • DISPUTE RESOLUTION • ENTERPRISE RISK • OUTSOURCING • PROCESS & TECHNOLOGY • RESERVE ENGINEERING & GEOSCIENCES • RESTRUCTURING • STRATEGY & ORGANIZATION • TAX
Successfully advising and generating results across business processes and technology www.opportune.com 36 / Sync
ability to build up its people through cross training and knowledge sharing. That people-focused ethos extends to Loew’s physical office. Open his door on any given day and you’ll find people—across teams and departments—collaborating, strategizing, and learning from each other. Two of Loew’s office walls are glass—a gesture meant to imply the organization’s open nature. Those walls also double as whiteboards, further driving home Loew’s commitment to collaboration. “I work with the team to get them thinking outside their silos across IT, and most importantly across the organization regarding interdependencies, points of integration, implications to business process change, and base change management,” Loew says. And while Loew participates in these conversations, he pushes his team to take ownership and lets them know that in the end, they are responsible for their initiatives. Loew credits his and the IT department’s success on placing equal importance on technology management and people management. “Success is a variable metric which is situation-specific,” Loew says. “But it centers around doing the right thing and managing expectations of the stakeholder community.” For instance, Loew fell short of his goal of having a final IT-resourcing model in place after his third year. When an organization is in growth mode, he says, it’s important to be proactive and hit goals, but ultimately the ability to readjust and mitigate risk is what has kept PBF driving forward. “Both the existing PBF functions and the incoming business functions understand the journey,” Loew says. An enabler doesn’t need to hit all the goals that they set. Rather, they work collaboratively and transparently to understand past, current, and future situations. When Loew joined PBF, an internal IT team and process did not exist. Because of Loew’s work, IT has become integral to the PBF organization and has helped mark it for continued success. Issue 004
CONSIDER THIS In a survey on the state of the CIO, 56 percent of respondents said they expected to experience skills shortages in their organizations within the next twelve months. They identified the following ten areas of skill sets that are difficult to find: 1. Big data/business intelligence & analytics 2. Security/risk management 3. Application development/programming 4. Mobile technologies 5. Enterprise architecture
6. Business-IT liaison/business relationship management 7. Project management 8. Cloud services 9. Database administration 10. Smart initiatives/Internet of Things (IoT)
Those gaps are due to a fierce market war among top companies for the best minds in information technology. In the US workforce, a report on global recruiting trends found that the biggest obstacles to landing talent are competition and compensation. Fifty-three percent of recruiting decision makers in the United States identified competition as the main obstacle to attracting the best talent, versus the global average of 46 percent.
ASK YOURSELF Have you identified the IT skill set gaps you expect to see in your organization over the next year? Do you have a plan for how to fill those gaps? What can your organization do to improve recruiting efforts of top IT talent?
Sources: State of the CIO Survey, CIO magazine, January 2015 LinkedIn 4th Annual Report: 2015 Global Recruiting Trends
Sync / 37
38 / Sync
LEAD Empower Your Peers
Sync / 39
Mostafa Ronaghi is
charting the road map
of human genome research
Data and helping like-minded
invest in the future
Human of DNA-based technology.
Genome 40 / Sync
By Zach Baliva Photos by Caleb Fox
Sync / 41
What do you do when you have a headache? Take medicine? Lie down? Use a therapeutic heating pad? Imagine if you knew the precise reason for the pain and how to treat it. While it sounds futuristic, Mostafa Ronaghi believes that goal is within reach. The internationally renowned DNA and sequencing expert says that in a matter of years, patients will interact with medicine in new ways, because they’ll be able to easily determine the underlying genetic triggers. “A headache patient will take a simple home test to determine cause, and then treat the headache with the right drug,” Ronaghi explains. This future will come thanks to genomics—the mapping of the human genome—finally breaking into the mainstream, and Ronaghi has been at the forefront of the evolution for more than two decades. His company, Illumina, manufactures genome-sequencing instruments that allows researchers to study biological systems at new levels, previously out of reach because of the enormous costs. Genome sequencing, or determining the unique order of the three billion DNA bases in a single genome, cost $3 billion the first time scientists achieved it; later that cost went to $200,000. Illumina has brought it down to $1,000. Ronaghi, a serial entrepreneur who built and sold four genomic companies before joining Illumina in 2008, has played an integral role in these developments. Today, as the company’s chief technology officer and senior vice president, he’s working to reduce the cost of genetic sequencing even further, integrate and improve diagnostic products, and provide assistance to new startups. 42 / Sync
Born in Tehran, Iran, Ronaghi set out to become a doctor but quickly discovered a passion for what was then the emerging field of genetics. While completing his graduate studies in Sweden, he had an epiphany. “I wanted a better understanding of biological systems but found that the biggest barrier was sequencing technology,” he says. “I started focusing on that in 1995, and it has turned into a twenty-year mission to understand the human genome.” Ronaghi worked on developing next-generation sequencing technologies. In 1990, tens of thousands of scientists collaborated around the globe to map and sequence the first human genome. Eleven years and $3 billion dollars later, they finished. Now, even with the cost of sequencing genomes drastically reduced, Ronaghi still has his work cut out in reaching his vision for the future: a day when all human beings have their genome sequenced at birth. To realize his goal, Ronaghi will have to increase the efficiency of the process to make it universally accessible and affordable. “As the cost of health care climbs out of control, genome sequencing is one of the most efficient ways to reduce costs and save lives, because we can treat people in more exact ways through personalized medicine,” he says. Cancer care, for example, currently runs between $25,000 and $1 million per patient per year, but even with that enormous expense, the lives of patients are only extended an average of eight weeks. Destructive drugs often kill the noncancerous cells in the body; some patients
Mostafa Ronaghi Illumina Senior Vice President & CTO
Sync / 43
“As the cost of health care climbs out of control, genome sequencing is one of the most efficient ways to reduce costs and save lives, because we can treat people in more exact ways through personalized medicine.”
The cost of sequencing a human genome when it was first achieved in 2001
The current cost of sequencing a human genome using Illumina’s instruments
Years it took to sequence the first human genome
Days it takes Illumina’s HiSeq X to run populationscale whole human genome sequencing
Time Ronaghi spends mentoring biotech startups through the Accelerator program
Number of companies Illumina will accept into the Accelerator program in 2015
44 / Sync
die faster than if they had received no treatment at all. Treatment is not specific to the individual, and its effectiveness varies widely. “The work we do can help us corner one of the most deadly diseases on the planet, and we can see cancer become like the treatment of HIV, where patients can live for several decades,” Ronaghi says. A patient with a genetic map has the handbook to their life. A doctor can examine them as well as study their genetic map, and then, based on genome information, prescribe the most applicable, personalized drug. Working toward that goal has driven Ronaghi’s time at Illumina. When he joined the company in 2008, CEO Jay Flatley asked him to start the research division, which Ronaghi grew from 8 people to 110 in three years. That expanded division is responsible for bringing the cost of sequencing one genome from $200,000 to just $1,000 in six years. Ronaghi and his team achieved that by shrinking a ten-year road mapping process to three years, and creating a blueprint for long-term direction and growth through acquisitions. Ronaghi wanted to establish Illumina’s leadership in the genomics space in order to disrupt the diagnostics industry. He knew that significantly reducing costs would make sequencing more accessible—leading to breakthroughs. That success birthed Ronaghi’s second plan. “We need to develop more integrated devices to make sequencing, sampling, and reporting an easier process that medical professionals can use quickly,” he says, adding that Illumina will offer fully integrated products in the next few years. The need for affordable devices is driving Illumina’s development and acquisitions. In 2011, the company purchased Epicentre Biotechnologies, whose proprietary sample preparation technology simplifies and speeds up the turn-around time for next-generation sequencing. Two years later, Illumina spent $96 million to acquire Advanced Liquid Logic, a scalable fluidic technology that can automate the workflow of next-generation sequencing. Ronaghi says his success comes through his dedicated team, which he has built with an eye to diversity.
“I have brought in people from various backgrounds and educational experiences,” he says, adding that more than thirty nations are represented in his team. Together, they’ve ushered thirty ideas to product development and twenty to market. While Illumina tries to unlock the power of the genome, Ronaghi knows it can’t be done alone. “In 2010, after the economic crisis, the number of industry Series-A [round] startups dropped dramatically,” he says. Since Illumina relies on its ecosystem companies to create new genomic-based applications, Ronaghi created the Illumina Accelerator to help promising startups succeed. Today, he spends about 40 percent of his time mentoring young companies, which each receive up to $100,000 from investors and access to sequencing and Illumina’s resources. Other benefits include a line of credit, free access to Amazon Web Services, access to qualified resources, assistance with pitch presentations to investors and company partners, and help from Illumina technicians and collaborators. In 2014, Illumina selected three companies for its inaugural program; in 2015 the Accelerator will include up to ten companies. And this year, the company announced a $40 million boost to the program from a privately-owned global investment firm, which gives the company the ability to match its raised fund to up to $5 million dollars. Ronaghi knows firsthand how important this kind of support is, as his own work has been supported by a grant from the National Institutes of Health. “The technology is still new, and there is so much that can be done—so much that can be unlocked,” Ronaghi says. “That’s why I’m still doing this after twenty years, and that’s why we have to keep supporting these new companies who will take us where we want to go.”
Lathrop Engineering also celebrates the work and accomplishments of Mostafa Ronaghi and Illumina. It has been a rewarding experience partnering with Mostafa on breakthrough genomic technological systems for Illumina. The Lathrop Team enjoyed the opportunities to work on such challenging projects and looks forward to working on other innovative systems.
Achieve More Lathrop provides excellence in end-to-end medical and life science instrumentation development. We take on the complexity, so you can focus on your core business.
We are here for you www.lathropengineering.com CAPABILITIES:
Taking a Step Back to Lead SurveyMonkey general counsel Eleanor Lacey is more than just an expert on the law. She focuses on the big picture, combining listening skills, technology, and business metrics to align her team with the web giant’s ambitious business goals. By Jeff Silver
As head of the legal department for the world’s leading provider of web-based survey solutions, Eleanor Lacey’s work puts her at the intersection of the law and technology. In a highly competitive and innovative industry, that means ensuring the legal team’s efforts are in sync with SurveyMonkey’s business demands. This convergence of responsibilities and expertise has contributed to her hybrid leadership style that combines the best elements of these highly dynamic environments.
Learning to Lead
Lacey admits that in her first leadership position (prior to SurveyMonkey) she was unprepared and “probably not a good leader at all.” That was because she mistakenly believed the only requirements were to tell her staff what to do and to be smart—common misperceptions among lawyers who are trained to work independently as they gather resources to find solutions. “Ultimately I realized that the people I was supposed to be leading weren’t just working for me. They were working with me. I needed to listen more and spend more time focusing on them,” Lacey says. “I also recognized the importance of getting feedback on my own performance as a manager—and of getting it often and early. That way it’s not too late when you find out you’ve been doing something wrong.” 46 / Sync
Speaking the Same Language
Even as she grapples with evolving technical and legal issues, like digital privacy and how new communication platforms affect legal jurisdiction and attorney-client privilege, Lacey is keenly aware of managing her relationships with teams outside her department. As a result, she focuses on connecting with them in ways that are appropriate to their priorities and SurveyMonkey’s business goals. “It’s easy to get caught up in the language and perspective of your own specialty, but then no one else really understands or cares about the outcome. I try to make sure that the legal department is addressing the issues that are important to other teams and that we provide practical advice and solutions,” she says. This affects how she uses metrics within her own department. For example, tracking legal workflow was of little interest to outside teams or executives. But by analyzing patterns, like correlations between the number of revisions and contract size, hidden costs associated with establishing foreign subsidiaries, or contracts that are delayed because of multi-level approval processes, her department is able to offer direct benefits to its internal business clients. “Because we work with many different groups, legal is in the middle of numerous processes and able to see connections other departments may not,” Lacey says. “So we focus on recognizing clients’ priorities, developing
Year Survey Monkey was founded, in the midst of the dotcom bubble
Fortune 500 companies that have used SurveyMonkey
Surveys deployed every month
50.8M Surveys completed
Reported value of the privately held company
SYNC TALKS WITH ELEANOR LACEY Lacey discovered a love of Chinese culture as an undergraduate. She learned Mandarin and later spent significant time in the Asia Pacific offices of some of her former employers. We spoke to the GC about how that experience has impacted her career. What sparked your interest in Chinese culture? I took a Chinese history class and went to China that summer. I quickly realized that to really understand the country’s history and culture I needed to learn the language. What career lessons did you learn during that time? I’m usually very direct. Chinese culture helped me learn that I don’t always need to be as direct, or I can appear to be too forceful. Asia Pacific veterans all knew that, but I had to learn. Those realizations taught me to negotiate differently and to be more patient. You can win every battle but still lose the war.
Photo by Jeanne dePolo
And did that open up new opportunities to you?
“We focus on recognizing clients’ priorities, developing appropriate metrics, and offering solutions that are related to their specific concerns. It goes beyond giving them legal answers to showing how the law fits into their primary business concerns.” sync-magazine.com
Eleanor Lacey SurveyMonkey Vice President, General Counsel, & Secretary
I worked on antipiracy matters with the sales department and other business processes at Autodesk’s Asia Pacific offices. That connected me to the business sides of a company for the first time. So understanding the language and the culture actually opened doors that led to where I am today.
Sync / 47
ELEANOR LACEY’S GUIDING PRINCIPLES Don’t assume you know everything—or that you need to. If you’re used to handling all responsibilities on your own, pay particular attention to what others can contribute and give them opportunities to take on responsibilities of their own. Be transparent. Everything you do impacts other people and other groups. Being more open helps them trust you more, and mistakes will be identified and remedied earlier. As a result, communication and cooperation will improve and most processes will run more smoothly and efficiently. Model yourself on a variety of other leaders who you admire. Pick and choose the strengths and qualities you admire in their leadership and adapt them to your own style. Be honest in assessing traits they have that you may need to acquire or develop. Identify what measurements and communication styles are valued within your organization and develop appropriate metrics. This will help establish positive business relationships and enable you to demonstrate your group’s value with concrete, meaningful data. As a manager, you can never compliment the people who work for you too much. Unless you tell them, they won’t know what they’re doing well and where they need to improve.
48 / Sync
appropriate metrics and offering solutions that are related to their specific concerns. It goes beyond giving them legal answers to showing how the law fits into their primary business concerns.”
A Personal Approach
When developing her own leadership skill set, Lacey began by asking more experienced managers for additional advice and doing a lot of reading. She instituted a number of unusual strategies and techniques. But because they are closely aligned with her own personality, they are highly effective, both with individuals in her department and with other teams throughout the company. One of these techniques she calls “individual focus.” Lacey devotes her complete attention to individuals until their issues or questions have been fully addressed. That means she sometimes has to rearrange schedules when meetings run longer than anticipated. “Getting together face-to-face is an opportunity to explore and hopefully resolve matters. I don’t do five-minute meetings, which can usually be handled through email,” she says. She also engages in full transparency. In addition to her staff ’s specific tasks and activities, an extraordinary amount of Lacey’s attention is focused on their professional goals. This enables her to keep them engaged and satisfied in their work, and to offer guidance, appropriate challenges and even tips on what will help build their resumes. She’s also very open about her own strengths and weaknesses, which provides opportunities for staff to step in with their special skills and expertise. “People aren’t locked in with me for their entire careers, so I want to figure out what they need to learn to get where they want to go,” Lacey explains. “If they want to lead a mergers and acquisitions team, they need different skills than if they’re aiming to be general counsel. And if they’re not satisfied with what they’re doing, it’s good for both of us to know that we need to find a better fit.” Acknowledging the different strengths and goals of members of her team is just another way Lacey has adapted her management style. As a top executive at one of Silicon Valley’s most recognizable companies, she’s nurturing a new style of leadership—one that encourages spending time guiding based on others’ interests and priorities, and finding everyone’s unique contributions. For a company whose name tags are shaped like bananas, it’s a highly fitting approach. Issue 004
Congratulations to our client and colleague in immigrationâ€”Eleanor Lacey, Vice President, General Counsel and Secretary for SurveyMonkeyâ€”on this well-deserved recognition! A WORLD OF DIFFERENCE IN IMMIGRATION.
visas and work permits, to advisory services and corporate compliance, we work with each client to understand their business and immigration priorities. Ranked an industry leader in immigration, we work with small startups, mid-size local companies and large corporations worldwide. Visit www.fragomen.com.
In Dan Hushon’s collaborative ecosystem,
Everyone is encouraged to embrace their inner pioneer. The CTO of CSC brings his innate curiosity about the future of technology to his team, his partners, and the broader marketplace. By Joe Dyton
Dan Hushon has been looking toward the future of technology since he was a kid. When he was twelve years old, he spent his free time exploring the ARPANET—a very early Internet precursor—on a Wyse 52 terminal with a 150-baud modem. Soon his parents gave him his first computer, which he meticulously took apart to learn how everything worked. He began to “break” simple computer games by recognizing common patterns in their software. That early introduction to computers led Hushon to build a program for security cameras that he sold to nuclear power plants, banks, and pharmacies. Later, as the chief technology officer for Sun Microsystems, he helped build one of the first clouds, called Sun Grid. “At the time we called it utility computing,” says Hushon. “We charged $1/CPU-hour but fully automated the provisioning of each tenant.” When he moved to EMC, he brought big data into the company’s portfolio and had a key focus on cloud computing. Now Hushon employs that same curiosity and desire in his current role as the CTO of CSC, a company that provides next generation IT services and solutions for global clients, including Fortune 1000 commercial businesses, federal and state government and non-US government agencies. “I came to CSC because I recognized that the company could help customers understand this impact of the intersection of cloud computing and big data analytics, putting both in the hands of employees and consumers alike, with remarkable value being produced,” Hushon says. Hushon’s vision to empower both employees and consumers drives his leadership, as he strives to be not just 50 / Sync
a great technologist and strategist, but a great marketer too. One of his marketing efforts was borne out of social media theory. Hushon reasoned that CSC could spread the word of their products to a number of people quickly, but he felt that method was not interactive enough. Potential customers couldn’t get quick answers to their questions. His solution: internal town halls broadcast on Google Hangouts and CrowdChat. “We needed to create a more engaging place where people can ask those questions about our strategy,” Hushon says. “My number one way to create trust is transparency. So if I tell the marketplace where I’m going and why, then I think my team is more likely to believe it and carry the message forward to the marketplace.” Hushon is also responsible for building a solid team structure. He takes a three-prong approach: there are “pioneers” (inventors), “settlers” (the successful inventors who take their work and run with it) and the “city planners” (who industrialize the service, like a utility). When one of these pioneers brings in a successful technology, he or she will lead a new set of settlers to this new world, and these settlers bring a new value to the firm. It’s Hushon’s job to make room for the new value to enter CSC. The “city planners” are the staff members who help the settlements grow together for efficient, operational structures. As Hushon puts it, they’re buiding IT utilities, removing snowflake solutions that only fit discrete situations in favor of common shared services. “This has been a really important part of our thinking about the landscape so we can then architect the right ecosystem of partners around us in the different stages of evolution,” Hushon says. “The two key transitions in this process are really strategic role vectors: pioneers
Dan Hushon CSC CTO
Photo by Mark A. Richards/CSC
PRINCIPLES IN ACTION
Dan Hushon speaks at CSC-TechCom 2014 in Atlanta, Georgia.
Successful technology operation requires agility with efficiency. In order to boost staff productivity and generate new ideas, Hushon has introduced an aggressive DevOps program. Around CSC, it’s known as Automation 2.0; this “robot” can be handed complex instructions and ordered to perform a function, say, 100,000 times. The robot can not only complete more complex tasks than people can, but it can also record its process with a great deal of detail. Now CSC colleagues have an opportunity to optimize their software skills, check code, and program the robot so they can automate the delivery of various enterprise services. Most importantly, these “instructions” are shared across multiple clients, with constant improvement. “This frees up capacity for us to go and automate more and more of the ecosystem,” Hushon says. “By massively automating large segments, what used to be repetitive human tasks become better each release, and our talented people are freed to work on other, more complex tasks.”
“Until all employees, from the board room to the new hire, are digitally literate, I think the CTO continues to be a major sensory organ for the firm.” become settlers and then settlers become city planners. These different roles require different personalities with respect to risk, attention to detail, and of course persuasion throughout.” While Hushon works to strategically build his inhouse team, he also looks to outside partners, like AT&T, EMC, IBM, Microsoft, and VMWare, to attain the benefits of scale that CSC might not achieve on its own, and better serve its customers. “We’re working with our partners and saying, ‘Let us bring your full innovation portfolio to our clients as though you were a CSC employee,’” Hushon says. “We’re on one team, we wear one badge. It’s just very different from the traditional supplier/provider relationship.” 52 / Sync
Hushon sees all of these tasks—building his team, integrating relationships with partners, and leading the path to innovation in the marketplace—as part of the role of the modern-day CTO. And he’s still relying on the same instincts of curiosity and a desire to improve that led him to dissect his first computer as a young boy. He’s not quite certain what the CTO position will look like in the future, but he knows that it holds a lot of value for the organization. “Until all employees, from the board room to the new hire, are digitally literate, I think the CTO continues to be a major sensory organ for the firm,” Hushon says. “The CTO is helping them to decipher what’s happening, understand those patterns and escort those patterns into the business in more understandable ways.” Ultimately, however, Hushon envisions a future of digital literacy that could make the CTO role all but redundant, freeing up technology leaders to forge new paths for the business while the rest of the team takes ownership of their roles, seamlessly incorporating IT into the business. Right now, Hushon says, “the CTO is acting as a proxy for that much broader-based digital leadership.” Until the rest of the industry can catch up to his vision, Hushon plans to keep peering into the mechanisms and finding ways to improve. Issue 004
Copyright © 2015 VMware, Inc.
‘‘TRANSFORM ’’ Finally, a cloud that can
my business without disrupting it.
One CLOUD. Any APPLICATION. Any DEVICE.™ VMware delivers the only unified hybrid cloud platform that seamlessly combines on-premises and public clouds. This means your business can innovate faster with the IT you already have. By combining VMware technology with CSC Hybrid Cloud Services™, you’ll get best-of-breed, integrated, and proven solutions to accelerate your transformation.
IT will revolutionize the health-care world. That realization came to Beata Kasper after twenty-six years in tech. Here, the North Cypress Medical Center CIO shares the steps to succeed in any modern enterprise—health care or otherwise. As told to Emma Janzen
Beata Kasper North Cypress Medical Center CIO
Experts are Everywhere.
Informing Follows Function.
I can’t do it all by myself. I don’t know everything, so I depend on the great team that I have—a team that I can trust and that trusts me. We all depend on each other. It is important to remember to not only form relationships within the IT department, but to facilitate conversation with other units and departments as well. Ask what can we do to improve performance and drive efficiency for them. When faced with challenges, it is important to remember we are most likely not the first ones facing any particular challenge, so reaching out and working with others in the industry keeps us moving forward.
We do a lot of team-building activities and a lot of communication. It is part of my job to make sure everybody on the team knows why we are doing things and what is the value of doing these things. Communication, transparency, and discussing things as a team are extremely important.
Set Your Staff Free. I try not to micromanage. Everybody has a special skill set that makes them relevant. We encourage everybody to nurture that “special something.” I try to be very flexible, reward the team for jobs well done, recognize individual contributions, and one of the most important things is to have fun. We compare our team to a big family. We spend more time with each other than family and friends, so we’ve got to get along and enjoy what we do. The moment you stop enjoying coming to work, you’re with the wrong team or in the wrong line of business.
54 / Sync
Never Stop Learning. Every day is an opportunity and there’s always a chance to learn. If you don’t continue to learn something new every day you’re going to start falling behind. Oftentimes, this means staying ahead of trends, especially when it comes to technology in a constantly changing field like health care. You must be able to see what is out there and to figure out if it really makes sense to bring it to your organization. That’s the bigger picture, but you can’t forget that even inside your own organization, there are always opportunities to learn. Do rounds, talk to people, understand the jobs and workflows of different departments, roles, and trades.
Find Technology that Fits. There’s always going to be something newer and better out there. We don’t have to have the newest and the best, we just need to have what makes sense for our Issue 004
organization. Will it solve the problem? Will it bring value to the business? At some point you have to make a decision and go with it. Nothing is written in stone; we do a lot of rollouts on a trial basis, so we’ll do a pilot program somewhere with a small group of users and then if it makes sense, we deploy it through the rest of the hospital.
Aim for the Top.
“When faced with challenges, it is important to remember we are most likely not the first ones facing any particular challenge, so reaching out and working with others in the industry keeps us moving forward.”
No matter how much you like what you’re doing and how good of a leader you are, if you don’t have support from top management, it’s going to make your job extremely difficult. That can be very hard to earn—and your work does not stop once you establish that credibility and deliver results—but it makes your job much easier. For example, after a rather challenging and turbulent first year with North Cypress, we were able to turn things around, and in the last three years we had zero turnover in my department. We also haven’t had a single unexpected network outage in about two and a half years. It took a lot of back-end work that many may not understand or care about, but what they do care about is the stability and constant availability of the resources we provide. You show what you can deliver, stay consistent and keep delivering.
North Cypress Medical Center (NCMC) is the premier physician-owned general acute care hospital in Houston. As one of the hospital’s core business partners, Accudata Systems has elevated NCMC’s IT capabilities to provide a secure, convenient patient experience. For more than six years, Accudata and NCMC have worked together to drive the hospital’s growth. With security as a key initiative, Accudata has enabled a mobile EMR system, and most recently planned and facilitated a move to a world-class data center colocation facility at CyrusOne.
Sync / 55
Better healthcare starts with better information.
Accudata Systems leads the way in providing custom, high-impact IT solutions and consulting services that drive growth and focused business outcomes. From enterprise data center colocation services with CyrusOne to secure mobile workspaces with Citrix, our consultants build tailored solutions to address your key objectives. To learn about how Accudata can drive growth through focused IT solutions, visit www.accudatasystems.com.
7906 North Sam Houston Parkway West | Suite 300 | Houston, Texas 77064 | 800.246.4908
A common goal, our shared belief. Information is the foundation that will move healthcare forward. At Dell, we are proud to partner with leading healthcare organizations to help create a secure and connected, information-driven healthcare ecosystem. Explore how our integrated solutions securely connect people to the right technologies and processes to accelerate innovation, reduce costs and transform patient care. To learn more visit Dell.com/healthcare.
Houston | Dallas | Austin | San Antonio | Los Angeles 56 / Sync
YEAR ONE Q1 Make plans, break silos
Q2 Change the record books
Q3 Destroy drudgery
Q4 Look to the future
The new CIO for Care New England transformed its technology team in her first year on the job, and she’s just getting started. By Kristen Bahler
It’s been less than a year since Suma Gaddam stepped into the role of CIO at Care New England (CNE), and already she’s turned the once-fledgling IT department into the pulse of the Providence, Rhode Island-based hospital chain. For Gaddam, who has successful tech overhauls at hospitals in Arizona and Kansas under her belt, it’s business as usual. An electronic health record (EHR) expert, and ardent promoter of integrated, research-based technology initiatives, Gaddam believes health-care IT must act as a strategic partner to a hospital’s business operations. “Our team exists to enable health-care professionals to do meaningful things for the community,” she says. “We might be a silent partner, but we’re the ‘think caps’ of the business, and we have a lot to offer.” Today, CNE operates with a revamped IT structure that emphasizes research, reliability, and interoffice unity. Here’ a look at how Gaddam restructured the department in less than four quarters.
Suma Gaddam Care New England CIO
As a newcomer with an inherited team and antiquated infrastructure, Gaddam’s first few weeks were marked by simple observation, she says. Taking the time to understand how her new team worked (and how it didn’t), and observing prevailing technological inefficiencies allowed Gaddam to create an actionable blueprint for the future. After a few weeks, she put together a budget for the overhaul and presented it to CNE’s board. “When I first came in, there was significant underinvestment, and a lot of pent up demand both on the business and the IT sides,” Gaddam says. “Noting those inefficiencies, identifying opportunities with the most value-add to the organization, and getting dollars approved to address them, was a central focus.” After the budget was approved, Gaddam’s next step was to transform CNE’s senior IT personnel. “It wasn’t a team that was working well with each other; it was dysfunctional,” she says. “They were thinking in silos, as opposed to aligning themselves and their teams toward broader, organizational objectives.” Sync / 57
To change this, Gaddam began encouraging cross functional teams to meet frequently to identify and bring forward issues, discuss potential solutions, and make recommendations. Today, senior IT leaders and frontline staff regularly engage with one another and with the business leaders in purposeful dialogue, opening up all venues for collaboration. Gaddam also implemented a “CIO breakfast” series where frontline staff meet and talk through departmental challenges with Gaddam herself. Perhaps most importantly, tech managers are now expected to personally, and regularly, travel to the hospital’s seven divisions and interact with key stakeholders. “An IT team is usually a sizable group of people and is often removed from the hubbub of clinical operations, where it’s easy to lose track of who we serve and, most importantly, how we do it,” Gaddam says. “I tell my teams that we can’t live behind the four walls of IT; we can’t wait for business to knock on IT’s door.”
“We’re trying to move away from the model of everyone trying to provide care and nobody working together. A lot of industries have been paperless for a long time. Health care is finally catching up.”
Across the country, health-care facilities are moving toward electronic record keeping and digital paper charts, or EHRs, to reduce error and increase data gathering efforts. At conglomerate medical centers like CNE, which 58 / Sync
has several health-care facilities under one umbrella, the tighter integration of patient records is more crucial than ever. Utilizing EHR systems can bridge information gaps and integrate patients’ family and social history, enabling patients to be partners in their care through technology. Gaddam’s previous experience overseeing EHR integration in past roles put her in a unique position to help CNE roll out Epic, an EHR system that reformats medical records, billing procedures, and scheduling into entirely paperless procedures. Gaddam stresses that when the data contained in electronic records is leveraged correctly, they can impact quality and cost of health care and lead to better patient outcomes. “We’re trying to move away from the model of everyone trying to provide care and nobody working together,” she says. “A lot of industries have been paperless for a long time. Health care is finally catching up.”
Q3 When Gaddam joined CNE, many of the health center’s computers were outdated —most of the PCs had been at the facility for more than a decade, and about half were nonfunctional in certain facilities. Gaddam set out to change that. “No one wants to come to work and not have a functioning PC,” she says. “They caused a huge amount of dissatisfaction among the physicians and the clinical staff. We had to make a change.” Through a partnership with Dell and VMWare, Gaddam’s team began replacing the computers and revamping the infrastructure that doctors, nurses, and hospital staff use to interface with patients. Today, in many of CNE’s centers, staff use “tap in and tap out” technology, with an application that allows personnel to simply approach a terminal and log in by using a hardware badge. According to Gaddam, by the end of 2016, all patient areas at CNE will use the application. Issue 004
“Building the security it takes to make the application available without any lags and delays took a significant amount of work,” she says. “But now physicians and clinicians can spend more time with patients and less time on logins.”
“It’s not ‘one and done’— technology changes on a daily basis and we have to keep up.”
Q4 As Gaddam enters the final quarter of her first year, she’s working on leveraging the data her team has collected, and the lessons they’ve learned through CNE’s tech transformation, to further bridge the gap between business and IT. “It’s not ‘one and done’—technology changes on a daily basis and we have to keep up,” she says. “All of this has been foundational work for what we want to do in the future. We want to be a leader in our community. That’s really the driver.” Gaddam is pleased her new employer views technology “as an advantage rather than an expense,” she says. But she’s still looking for ways to improve IT. “We have a lot of meaningful work left to do.”
Visit us at cerner.com
Cerner’s health information technologies connect people and systems at more than 18,000 facilities worldwide. Our solutions assist clinicians in making care decisions and managing the health of populations, and support the clinical, financial, and operational needs of organizations of every size. Cerner’s mission is to contribute to the improvement of health care delivery and the health of communities. Visit us at cerner.com.
© 2015 Cerner Corporation
Sync / 59
Health Care Innovation
In Lloyd Mangnall’s data-driven future, patients update their health data alongside their Facebook status. The AMC Health CIO explores the ideas disrupting—and improving— health care. As told to Evan Cline
Lloyd Mangnall AMC Health CIO
60 / Sync
Sync / 61
What if health care worked more like Twitter? That’s a key question I’ve been exploring in my work at AMC Health as we strive for disruptive innovation in real-time patient management. Traditionally, that involved gathering each patient’s biometric readings from monitoring devices, then aggregating, analyzing, and presenting them to a clinician—with anomalies and trends highlighted—who will decide what level of interaction with the patient is appropriate. We want to expand that model to one where more collaborative interaction with the patient occurs—both in real time and asynchronously. In the near future, we may have billions of lowcost, disposable sensors monitoring people’s vital signs while they are in the hospital, at home, and anywhere in between. All those readings are transmitted to their smartphones, which in turn stream the data to the cloud. Millions of patients may be outfitted with these devices and they may transmit data every few seconds or milliseconds. That is a huge amount of information streaming way too fast for humans to consume, creating a need for artificial intelligence to process the information, correlate it, and make relevant decisions about what’s interesting. We’re not concerned about what’s normal. We’re concerned with what’s abnormal, and we want to elevate the abnormal so a clinician can look at it. We’re working on the first phase of this disruptive new health-care platform right now, building out the infrastructure that will gather and transmit much more useful quantitative and qualitative information wirelessly to the clinician. Over the last year we’ve been working with strategic partners, such as our software development partner DevSpark, and Verizon and Qualcomm, to create what is essentially a “patient engagement social network.” Utilizing mobile technology, we’ve started to enable more dynamic interaction with chronically ill patients, similar to what they would receive in a doctor’s office: How do you feel right now? What did you eat today? And more specific questions to secure information related to their disease or condition. We’re continuously enhancing the ability of patients to interact efficiently with their clinical team. As an example, we’ve all grown accustomed to websites that provide the option for live online service through chat sessions. We’re working to provide that same service option for the patients we serve, but connecting 62 / Sync
them quickly with the appropriate support and service—basic tech support for device issues and logistics, clinical support through registered nurses for simple patient health issues, and even direct connection to a physician if necessary. We like to say internally that if you normally go to your doctor every ninety days, we’ve got you covered the other eighty-nine days. Eventually, we plan to create a global health-care platform that looks more like Facebook and LinkedIn. Patients and clinicians would be able to create dynamic circles of health with different perspectives on the same information. Patients may include their clinicians, their family and friends, and possibly even other patients who are dealing with the same condition. Clinicians will include patients of course, but maybe consulting or referring clinicians, and possibly even researchers. Data that is being monitored through those wearable devices or gathered via mobile interaction can be posted and would be available to different groups depending on the patient’s authorization. A son or daughter would be able to keep track of their parent’s heart condition remotely. Taken further, a clinician may be able to look across all of her patients with a specific type of cancer and identify trends, or a family
“Utilizing mobile technology, we’ve started to enable more dynamic interaction with chronically ill patients, similar to what they would receive in a doctor’s office.” could have control over its extended medical history. Modern electronic health records are nothing more than detailed journals of the health-related events that occur across a lifetime. But currently, our health information is stored in many small pieces buried deep within multiple monolithic EHRs. As we liberate that wall and center it on the patient, we’ll start to see that each individual’s data is no longer locked away in the basements and back rooms of every hospital, clinic, and doctor’s office they ever visited, but begins to look like a highly secure version of their Facebook profile. And each individual can bring their Issue 004
MANAGING DEPRESSION, DIGITALLY AMC Health has joined the national conversation on suicide prevention and veteran care through a proposal to the Department of Veteran Affairs. “We want to provide access to the patient in real time through daily assessments on a mobile device,” Mangnall says. The proposal gives family and friends the ability to supply assessments that provide additional data points for depression screening. “The idea is that we can constantly manage the risk level of a person who may be struggling with thoughts of suicide or self-harm,” Mangnall says. While face-to-face interaction will always be an important part of managing depression, AMC Health believes the department could increase access to services and effectively interact with patients at varying levels of risk by engaging with remote analysis.
information with them to any new health-care setting simply by inviting new friends into their dynamic circle of health. Every great company must innovate to fundamentally differentiate themselves in the marketplace, and innovation by its very definition requires invention. We’re working hard to disrupt the status quo in health care and invent something truly transformative. At the heart of our work is the ability to build upon what others have done before. We’re learning from the models developed by Twitter and Facebook and Amazon. They have already solved many similar problems in a different context, so we’re adapting their approaches to the health-care space. The methods that we’re applying are applicable across the entire IT landscape. We’re not trying to invent or reinvent everything, which means wherever we can, we leverage off-theshelf components to satisfy commodity concerns. Unfortunately, I believe many technology leaders today are overly reliant on commercial off-the-shelf technology. I’ve learned never to accept what the vendors are pitching me outright. Everyone can buy the same commercial technology, so by default that makes everyone the same; focusing only on a specific vendor solution means doing only what everyone else is doing and omitting the critical differentiation that separates you from the pack and ultimately gains market share. We’re utilizing the rich knowledge that’s already part of the open source domain and finding common patterns that we can use in a new way. When we see an opportunity to differentiate, we invent. Everyone on our team has the desire to create from what has come before, adding to the overall body of knowledge. As a result, innovation today is much easier and occurs much faster. In less than a year, we’ve been able to assemble a completely new platform from open source components, frameworks, and platforms. Health care is undergoing rapid and sweeping change and we can’t predict what’s beyond the next bend. Our ability to plugand-play with major pieces in a matter of days allows us to pivot in response to a rapidly evolving industry. sync-magazine.com
Let us help you build smarter.
DevSpark is an agile software development company based in the United States and South America. We collaborate with our clients, such as AMC, to design, develop and maintain exceptional software products at scale. We specialize in: • Agile Software Development • Product Management & Design • Staff Augmentation & Resourcing • DevOps & Support
firstname.lastname@example.org (917) 258-7799 www.devspark.com
Sync / 63
At Merck, where he’s been leading IT for twenty-one years, Clark Golestani operates under a unique “threehorizons” model that ensures IT is focused on both short- and long-term innovation. Here, he highlights the principles that guide his ability to lead his team and the organization. As told to Julie Schaeffer
Business leader first, technologist second Prior to working at Merck, I was fortunate to work at Oracle. There, I not only came to understand technology at all depths, I also learned the importance of building strong client relationships based on business knowledge. So many people want to compartmentalize IT, but to really get an IT organization operating well, you need to think more broadly. I encourage people to think through that entire spectrum, from how you operate IT all the way to how you create innovation to drive the business forward. And think about the model under which you do that. Sometimes you want to operate IT in a consolidated model, but the business structure doesn’t lend itself to that. The key is to understand the business, then ensure the IT model that’s implemented aligns to and flexes with the business model. If not, you end up with an IT model that’s an inhibitor rather than an enabler.
Adopt a three-pronged model. To help drive real value for the company, you have to adopt a model that allows you and the organization to focus on both operations and innovation with a degree of energy and clarity. At Merck, that involved an adaptation of the McKinsey business model we call the three-horizons model. Part of IT focuses on optimization over the next eighteen months—that is, taking costs out and driving performance up. Another part of IT focuses on how we partner with our business colleagues to implement programs that are either driving products or creating increased go-to-market capability, and thereby increasing reve64 / Sync
nue. A third part of IT focuses mostly on how we get disrupted. IT needs to play a role in that, ensuring it has an eye toward the future—knowing where disruption may come from and either avoiding it if it’s negative or capitalizing on it if it’s positive.
Clark Golestani Merck & Co. Executive Vice President & CIO
Become leading edge experts. Early in my career at Merck, I was afforded the opportunity to understand the business architecture of product research and development, which is really the lifeblood of a pharmaceutical company. I spent a number of years learning the science and the processes that drive product realization, and that knowledge has served me well in this industry. I’ve relied upon it time and time again. Any CIO today has to have a depth of understanding of security in order to protect a company’s assets; given all the data breaches that are occurring, cybersecurity is an important topic for every company board. I was also given the opportunity to understand information protection from a technical perspective. This was in the early days, pre-web browsers, when encryption was just beginning. Because the technology was cutting edge, I was forced to understand its mechanisms. We implemented our own public key infrastructure—one of the first ever implemented by a corporation. Having run a security program for the corporation for a couple years really indoctrinated me with a level of technical knowledge around cybersecurity that I’ve relied on extensively. It gave us such a depth of expertise we otherwise wouldn’t have had.
Communicate change. When looking at information security for the compaIssue 004
“Remember the ‘I’ in ‘IT.’ Information is becoming the new currency for business, and IT can play a huge role in that.” ny, I did so very broadly, not just from a technology perspective, but in the way we manage and secure information. One aspect was how you train employees to classify all information. Explaining what it means to mark information confidential, proprietary, or sensitive—that’s a broad communications program. There are a lot of techniques. It gave me a real appreciation for what it meant to drive behavioral change across an organization. We implemented broad education programs about how one manages information that’s confidential. At the time, we were 40,000 employees across the globe, and overseeing such an endeavor gave me a sense of what it means to do change management in an organization. sync-magazine.com
Recognize the power of analytics. It is also important to remember the ‘I’ in ‘IT.’ Information is becoming the new currency for business, and IT can play a huge role in that. At Merck, I believe IT plays a role at three levels. The first is to create a data lake for the company’s master data. The second is to deliver the technology and models to help our colleagues use that data effectively. And the last is to catalyze the business to drive us to ask bigger questions that lead to powerful insights. Every new insight we have is a chance to help save and improve more lives around the world.
EY, a global leader in assurance, tax, transaction and advisory services, is helping Merck build a leading analytics capability that drives rapid business value. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who partner to deliver on our promises to all of our stakeholders. In doing so, we play a critical role in building a better working world for our people, for our clients and for our communities. —Gaurav Gupta, Principal, Ernst & Young LLP The views expressed herein are those of the author and do not necessarily reflect the views of Ernst & Young LLP.
Sync / 65
ÂŠ2015 EYGM Limited. All Rights Reserved.
Is the next evolution of big data, big judgement? Find out how EY is helping companies transform the way decisions are made. ey.com/analytics
CONSIDER THIS By 2018, nearly a third of the workforce in the United States will be composed of millennials. Members of this generation place a premium on developing leadership skills and want employers to provide training on the path to becoming leaders themselves. Millennials also have established fluency in technology, so they look to supervisors and IT executives not to teach basic skills but to develop the team and coach employees. The ability to collaborate is also a priority for them. This shift means that tomorrowâ€™s tech leaders need to be excellent coaches, mentors, collaborators, and motivators, in addition to mastering the hard skills required of strong IT leadership. What Millennials Want Percentage of millennials who identified the following areas employers can invest in to show commitment to developing leadership
Millennial Leaders-in-Training Percentage of millennials who aspire to become leaders in business and the workplace within the next five years
Training and development
Clear career path
Ongoing coaching and feedback
Meritbased cash bonus
Sources: US Bureau of Labor Statistics; The Hartfordâ€™s 2014 Millennial Leadership Survey
lead Sync / 67
68 / Sync
EXPAND Move Ideas Into the World
Sync / 69
GAME CHANGER JumpForward founder Adam McCombs is using technology and data analytics to hack the fundamentals of how college athletic departments are run. Interview with Jessica Montoya Coggins | Photos by Caleb Fox 70 / Sync
As a kid, Adam McCombs loved playing soccer. Now, as the founder and chief data officer of JumpForward, McCombs gets to channel his passion for sports into a company that relies on technology to revolutionize the world of college athletics. College athletic departments face particular challenges in managing budgets and priorities between coaches, compliance professionals, CFOs, athletic directors, and recruiters. JumpForward uses data analytics technology to provide a platform for department personnel to connect with one another, communicate with student athletes, or recruit prospective students athletes, via web, mobile, or tablet. McCombs founded the company after leaving his position as senior product manager at Cisco in 2008. Today, more than 150 colleges around the country are using JumpForward’s products to streamline processes throughout an entire athletic department. Here, McCombs speaks to Sync about how he built his company and the effect it’s having on the world of college sports.
Tell us about your background in sports. Adam McCombs: I played both club and high school soccer and was recruited by various colleges. But during that time, I was also frustrated with the recruiting process itself, how inefficient it was overall. When did you realize that technology could play an integral role in recruitment? McCombs: At Cisco Systems, I was a part of a product management team that helped shape the next generation of unified communication and collaborative, Internet-based technologies. It was powerful to see how these technology architectures and solutions can be transformative and disruptive to entire industries. These experiences convinced me that my background and exposure with these technology solutions could be truly transformative for college athletic departments in how they recruit, collaborate, and protect college coaching staffs from costly NCAA violations. Was it a challenge delivering that vision? McCombs: Working at Cisco, you’re dealing with Fortune 500 companies, which employ a lot of specialized people working with technology day in and day out. On the flip side, athletic departments are really focused on delivering a superior student athlete experience, and sometimes at the expense of that, technology takes a back burner. It’s not on purpose; their focus is rightly on the student athletes. But initially, it was hard to sell our vision because of that. We were confident, though, that our long-term vision would catch on. How did you work through that initial skepticism? McCombs: It was really all about educating an industry on the value of technology and technology platforms, and showing how consolidating various solutions onto one platform can help them achieve the goals stated in their strategic plans. During this educational phase, we received a lot of great feedback on our vision. But it was our deep understanding of the market, coupled with our technology background, that made us confident our platform strategy would win out at the end of the day. As chief data officer, vision seems to be essential for you.
Adams McCombs JumpForward Founder & Chief Data Officer 72 / Sync
McCombs: My background at Cisco gave me a strong foundation to connect the dots and look ahead of the technology curve. We were able to see how collapsing legacy disparate solutions onto a common architecture and platform would be beneficial for college athletic Issue 004
Sync / 73
jumpforward.pdf 1 4/23/2015 11:47:05 AM
departments. As you share your vision, you incorporate feedback that will enhance and broaden this vision. What specifically did you do with that feedback? McCombs: As customers got close to us and grew confident in our vision, we created the JumpForward Development Council, which has been invaluable. We receive constant, intimate feedback from fourteen to fifteen of our largest customers, and they are driving the development of our technology roadmap. Our team is making sure we’re listening to them and that customers are holding us accountable for that vision.
Could you describe your process in creating a roadmap for the company?
McCombs: I think there are three to four key components of a roadmap. First you want to have a roadmap for projects one to three years out; you see things that are coming on the horizon that are going to impact your industry. From there, you start to establish the foundational pieces that will allow you to achieve that long-term vision by focusing a year out. You generally map out about twelve months, and then work backward to map out three to six months, which is really what you can control and then execute. Execution is what matters at the end of the day.
So what sets JumpForward’s solution apart? McCombs: What makes JumpForward unique is that our employees truly listen to our customers and are always striving to solve really challenging problems for college athletic departments. Through this feedback, we noticed a trend three to four years ago that a unified platform was needed. We have 74 / Sync
taken an industry that had seven to eight different vendors and consolidated these loosely coupled solutions onto one integrated and seamless platform. We positioned our product to take advantage of that movement and trend, and this is what we delivered to the market. We also noticed from an operational standpoint that data-informed and data-driven decisions are paramount, and we are helping college athletic departments develop custom analytical dashboards. At the same time, colleges are facing enormous challenges around big data, and JumpForward is helping these college athletic departments develop transformative data architectures and analytical, data-driven solutions. What trends do you see developing for professional sports? McCombs: The NBA is by far the most advanced league in using analytics on a couple of fronts, first for in-game analysis. Another trend on the horizon is ticket analytics. When you look at professional sports organizations, they have a product and they deliver that product on a nightly or weekly basis. For example, tickets to a Cavaliers/ Warriors game, that is a hot product right now. Rather than an NBA sports team setting a flat price at the beginning of the season, which is what has been done traditionally, why not leverage internal data and other third-party data sources to determine the most efficient price for that product? I believe you’re going to see the NBA and other leagues leverage data to maximize their pricing. What’s really going to be exciting is to leverage these different data sources to produce predictive models and forecast potential revenue streams and opportunities in a way that hasn’t been done before. That would be truly transformative for any sports business model. Issue 004
YEAR ONE Q2 Move beyond buy-in
Q1 Align with the business
Q4 Expand the department
Q3 Tend to the foundation
How the new vice president and CIO for Carrizo Oil & Gas has guided its technology function during a year of rapid growth By Zach Baliva
Photo by Drew Donovan
Greg Percival Carrizo Oil & Gas Vice President & CIO
Once, IT was all about connecting the dots between systems and technologies, but today’s IT leaders are interacting with all departments to leverage data-driven technology and improve the bottom line. While Carrizo Oil & Gas has been in business for two decades, the company first thought of IT as a necessity but not an asset. As the company responds to low oil prices, Carrizo is looking at business analytics to find competitive advantages. CIO Greg Percival joined the team in February 2014 to align business with IT. •
“In the last year, the oil and gas industry has seen a tremendous change with the downturn of commodity prices, and we have to be in front of users and business partners to help them harness technology in this environment,” Percival says. His first step was to do an assessment and analyze how the IT department ran. The best way to do that? “Follow the money.”
Percival looked at the previous two years’ spending to help him prioritize. Then, he united
separate infrastructure and applications teams to create one cohesive unit. “This move really set us up to reengage with the business and support the company.” •
Carrizo was embarking on a significant business intelligence initiative, but what had been a big investment became an IT project in a vacuum—destined for failure if left unchecked. Percival took the time to review the whole initiative and shift to a more business-centric approach by encouraging interaction, input, and feedback.
As his first months on the job drew to a close, Percival created business and executive steering committees to review what IT had achieved and set new business intelligence objectives.
“We can’t define the work. The business can. We’re here to help guide them where they want to go.”
Sync / 75
As the year progressed, Percival realized that he was on the right track. “We had buy-in on creating the committees, but the mechanics of actually doing it had to be developed,” he says. Instead of talking about working together, business and IT would have to become true partners. •
The second quarter of the year was all about shoring up data systems, onboarding new employees, and scoring early wins to build confidence.
While Percival wanted to move forward, he also knew his department needed to take a step back and do some quality data management. He turned to the business analytics committee to identify systems of records to review and map the data that was coming in. “Without doing this, you’ll have multiple versions of the truth, and your data won’t be effective or helpful,” he says. The move helped IT ensure that data from various functions matched.
Prior to the current, low commodity prices environment of a cyclical industry, Carrizo was on a growth track, hiring employees as quickly as possible. “New people here get busy before we can even get to them,” Percival says. “The company was moving so fast that it’s hard to get their attention. We do that by focusing on profitable areas now to make progress and show our value.”
“We had to enter an area of temporarily taking the emphasis off of strategic initiatives and instead turning to the nuts and bolts to improve the whole infrastructure.”
76 / Sync
When workers remodel a house, any imperfections in the foundation become visible for the first time—and that’s what Percival experienced at Carrizo in the summer of 2014. Core infrastructure issues were impacting the ability of his teams to make significant progress. •
“We had to enter an area of temporarily taking the emphasis off of strategic initiatives and instead turning to the nuts and bolts to improve the whole infrastructure,” Percival says. As IT started to redesign systems, networks, and processes, department leaders were finding it difficult to roll out data enhancements.
Percival kept the steering and executive committees running and added a third group focused on Carrizo’s accounting system to keep the momentum on improving data quality.
In the oil and gas industry, company geologists require high-level computing and storage in order to operate efficiently. Fast and accurate work becomes critical as Carrizo drills for oil. Percival opened a dialogue, improved performance issues, and launched a proof of concept to open up the technology and “get IT out of the way of the geologists doing their jobs.”
Percival dedicated himself to business continuity and disaster recovery. While Carrizo hosts its own data center, IT spent the third quarter putting the steps in place to move to a colocation facility that will reduce the risk of outages and help Carrizo monitor and manage its wells. The colocation project involves leasing the core infrastructure equipment for its expected useful life and gives Carrizo’s IT infrastructure more flexibility to adapt to changing business needs.
After several months of hard work, Percival and his team began to see the fruits of their labor in the last months of 2014. That’s when IT started delivering projects live and operating as planned. •
Early in the quarter, Percival moved from a single business intelligence consulting company model to a select group of consulting companies in order to keep the company more agile and responsive. The change helps IT deliver solutions much faster than ever before.
As business leaders see the benefits of going through the IT process, they’re becoming more willing to collaborate, and Percival is getting more backend projects approved. The last part of 2014 saw the initial implementation of a supervisory control and data acquisition system that collects and pools massive amounts of data from different sources to mine more value.
“We can’t define the work,” Percival says. “The business can. We’re here to help guide them where they want to go.” IT is now helping Carrizo improve its competitive advantage.
YEAR TWO As Carrizo moves deeper into 2015 and beyond, Percival will keep IT aligned with the business, which he says comes easier now that he’s changed historic models. Although strides have been made, refining the process as the company and IT evolve remains a top priority. By harnessing the value of IT now, the business will continue to build momentum as commodity prices rebound. The publicly traded company has revenues of more than $800 million and is still growing through a targeted drilling program, and a solid tech strategy will continue to enable that growth.
Sync / 77
78 / Sync
Tech Rx Daniela Crivianu-Gaita sees the potential for improving health care on a broad scale through the use of IT-driven data initiatives. By Julie Schaeffer
Health-care systems across the world require transformation. That axiom guides Daniela Crivianu-Gaita as the CIO of Gamma-Dynacare, an organization that operates laboratories and health-service centers throughout Canada. She’s on a quest to shift how health care operates, and from cloud and mobile computing to health-care analytics, numerous technologies are available to kick-start that change. “It’s just a matter of understanding the priorities,” Crivianu-Gaita says. “Where do you start with the digital transformation, and how do you best go about it?”
Daniela CrivianuGaita Gamma-Dynacare CIO sync-magazine.com
Crivianu-Gaita has been continually asking those questions throughout her career in healthcare IT. In 1998, after immigrating to Canada with her husband and son from Romania, she knew exactly where her passion lay and applied only for health informatics roles. She began working for the Hospital for Sick Children in Toronto (SickKids) and implemented the hospital’s diagnostic-imaging information systems; she gradually became involved in more enterprise-wide projects. By 2008 she was CIO and vice president of information management and technology.
The hospital, an academic facility focusing not just on delivering the best care to children but also on advancing research related to child health, opened a new facility to support its 2,000 researchers in 2013. The provisioning of technology solutions to support research activities and the huge amount of data captured became keys to the success of that facility and illustrated to Crivianu-Gaita exactly how technology can change health care. Now, when she talks to students about career options in the IT industry, Crivianu-Gaita encourages them to think outside the banking or Silicon Valley boxes, using her own work in health-care IT as an example of how they can make a real impact in a data-driven field. “The amount and type of data being produced in health care, and the resulting impact you can make, motivates me each and every day to work very hard, because I know that even though I’m not interacting with patients, I am contributing in a different way to their well-being,” she says. When Crivianu-Gaita moved to Gamma-Dynacare in 2014, one Sync / 79
“At the end of the day, it’s not only about the technology—that’s only one dimension. It’s about people and processes.” DANIELA CRIVIANU-GAITA’S GUIDING PRINCIPLES Find your passion. Students often ask Crivianu-Gaita how they can plot a successful career. “Trying to decide when you’re twenty what your career will look like when you’re forty—it doesn’t work like that,” she says. “It’s nice to think about the future, but you can only find your path by finding your passion, and that requires trying different things.” Have a deep desire to understand the field. “I fell in love with health informatics, but it was a lot of work to understand the field because the health-care industry is so complicated,” Crivianu-Gaita says. Even the same types of players, like physicians, can have different perspectives depending on where they practice and the type of patients they see. “Understanding those perspectives allowed me to work with my teams to develop the best solutions to respond to business needs.” Focus on patients. “Although I don’t interact directly with patients, it’s about the patient,” Crivianu-Gaita says. “You have to ask questions. Whether you’re deploying a technology solution or implementing a process, ask what the benefit will be to the patient and when. That drives a mindset, a conversation, that puts you on the best possible path to achieve your goals.”
80 / Sync
project illustrated the way relatively uncomplicated technology can make a big impact in health care. With more than 200 collection centers, Gamma-Dynacare analyzes every type of biological sample and was focused on improving the customer experience at these service centers by lessening wait times. To do so, the organization needed to understand why customers and staff were reporting such varied times for testing. “We didn’t have any metrics,” Crivianu-Gaita says. “So we had to develop a solution to capture the wait times.” They found an answer in a simple application that uses a barcode scanner to determine when patients arrive at a center and when service is complete. “We didn’t overthink the technology solution,” she says. “It was simple from a technology perspective—all we needed to acquire were some barcode scanners and deploy them—but now we have information that we can use to make business decisions, in terms of patient centers, to reduce wait times. That is already having a significant impact on the customer experience.” Understanding the specific needs of health-care IT has been Crivianu-Gaita’s biggest hurdle, and she’s surmounted it by approaching each obstacle with data-driven solutions. And facing the challenges of emigrating and working her way through the male-dominated IT field has never slowed her down. “I like to look at challenges as opportunities and figure out how I can seize them,” she says. In 2014, Crivianu-Gaita was honored as one of the Top 25 Women of Influence in Canada, for her work at SickKids. The hospital’s CEO and president Mary Jo Haddad said that when Crivianu-Gaita first came to Canada, she had to tackle an initial difficulty with English as her second language, and a new culture, but she leaned on her excellent tech skills and learned quickly how to implement new products that helped SickKids improve data analysis and patient care. For Crivianu-Gaita, the health-care industry holds multiple layers, especially when considering the ways health care is delivered across the world. “Understanding those aspects is important, as is understanding how clinicians practice, why workflows are the way they are,” she says. “Because at the end of the day, it’s not only about the technology—that’s only one dimension. It’s about people and processes. For me, that took a lot of effort, and will continue to take a lot of effort, if I want to do a good job.”
THE VOICE OF THE MODERN EXECUTIVE APRIL/MAY/JUNE 2015
PLATED DELIVERS DINNER TO YOUR DOORSTEP ASTON MARTIN BRINGS LUXURY ACROSS THE POND GE LIGHTING INNOVATES FOR THE NEXT CENTURY OF LIGHTING CONSUMER’S ENERGY EXCEEDS RENEWABLE ENERGY REQUIREMENTS GARDEN CITY GROUP SHARES SETTLEMENT SUCCESS STORIES
A NEW WAY
CULTURE REPOR T HOW TO ENGAG E YOUR WORK FORCE
FORWARD JULY/AUG/SEPT 2015
HOW ADNAN DURRANI IS DISRUPTING THE FROZEN-FOOD AISLE AND CHANGING THE WAY AMERICA EATS
Audrey Boone Tillman, Aflac
The ten exemplary lawyers featured in this issue bring
GENERAL COUNSEL more than a general understanding of the spirit and the letter of the law.
We’re more than a lab. We are…
Their wise counsel redefines the standards of today’s workplace ethics and integrity.
In this issue we introduce you to the legal minds behind:
A&E Networks • Aflac • AGCO • Albemarle • Comcast • Computer Sciences Corporation McGraw Hill Financial • Monster Worldwide • Norwegian Cruise Line • Schneider Electric
A Health Solutions Company
PRINT & DIGITAL EDITIONS FIND US IN THE APP STORE OR AT PROFILEMAGAZINE.COM
6/5/15 11:38 AM
Sync / 81
Injecting Data Into Medicine Dr. Colin Banas is the ultimate multitasker—a developer who is also a practicing doctor. At VCU Medical Center, his dual-function role has helped him create applications that improve health-care and information systems. By Kathryn Silverstein
Mobile technology applications have changed information sharing and allowed health-care providers to use patient data in ways that were unimaginable fifteen years ago. Dr. Colin Banas, chief medical information officer at Virginia Commonwealth University (VCU) Medical Center, has been on the ground floor of the technological transformation in health care for the past ten years. As CMIO, his responsibilities include providing communication systems, mobile applications, diagnostic tools, patient portals, and electronic medical records (EMR)—everything touching the patient and clinician experience as it relates to technology. “Early on, the role felt more like lead physician representative for the EMR, but as technology becomes more important, the position is ever expanding,” Banas says. As a practicing physician, Banas spends 25 percent of his time working with resident physicians, students, and patients at VCU. His role as a hospitalist—a doctor who specializes in hospital care—gives him insight into the challenges physicians face when dealing with new technology and also into the areas where innovation has the greatest potential to improve patient outcomes. “It’s an important part of my identity to practice inter82 / Sync
nal medicine,” he says. “I can also help fellow providers adopt new applications because I’m a user, too.” Banas’s journey to become a CMIO followed his affinity for technological solutions. After completing his residency, Banas earned a master’s degree in health administration that led him to a role as director of care coordination, where he worked closely with the chief medical officer. “When my mentor was deciding to build up the office of clinical transformation, he saw I had passion for technology and technical aptitude,” Banas says. “So I was tapped to be one of the first physician informaticists for the medical center.” During his tenure, Banas has spearheaded a number of initiatives that have improved patient outcomes, including an easily accessible safety dashboard that coalesces a patient’s data during a hospital stay in one place. Everything from the patient’s dietary restrictions to their overdue medications is available in a quick snapshot. The application uses intuitive icons, allowing a provider to pull up an entire unit and see the group’s data filtered in a graph. The dashboard has been especially helpful in preventing sepsis, a dangerous condition commonly caused by bacterial infections in hospitalized patients. Issue 004
HEALTH CARE’S DIGITAL DEMANDS
Banas explains the challenges of complying with ICD-10 The ICD-9 is a code doctors and insurance companies have used for years to record disease states—specifically when creating charges for billing purposes. A government mandate to move to ICD-10, a much more complex and detailed system, is forcing physicians and hospitals to make major changes in how they record patient data. ICD-10 requires a new, longer code that includes letters and decimals. Prior ICD-9 codes were three to five characters in length with a total of 13,000 codes. New ICD-10 codes are three to seven characters in length with a total close to 70,000. In response to that increase, developers are implementing a computer-assisted coding software that reads doctors’ notes digitally using natural-language processing to produce the correct code for verification. Physicians will have to include new details when creating a record. Training software will walk doctors through a decision pathway to choose the most accurate code. Doctors need to be trained on an entirely new system. At the core of a successful transition, Banas is ensuring doctors document properly. “We can’t get the right code without the right documentation,” he says of a training plan to improve doctors’ medical recording.
“It’s an important part of my identity to practice internal medicine. I can also help fellow providers adopt new applications because I’m a user, too.”
Dr. Colin Banas Virginia Commonwealth University Medical Center Chief Medical Information Officer
Another major project is an early warning system application that allows doctors to see key attributes of illness for a given group of patients in one screen. Patients’ vitals are tracked in real time and an algorithm then calculates a score from one to fifteen. When the number surpasses a certain threshold, doctors are notified that the patient is approaching a danger zone. “We try to see their absolute score and see how they’re trending,” Banas says. Since implementation of the system, the hospital has seen a 30 percent reduction in code blues—the code designating a patient needing immediate assistance—out of the ICU. Banas has also overseen the use of mobile technology to help doctors communicate more effectively. VCU physicians now have a mirror of core EMRs available on their mobile devices. They can also use an app on their mobile device to follow up with lab results or notes. As technology improves, the next big leap in data sharing is to offer interoperability. That means that a patient’s accumulated data would be available to them at any time, and information could flow freely, but securely, between caregivers. “There are a lot of safety and cost-saving outcomes that could be achieved by being able to communicate effectively to the next caregiver so there aren’t any repeated, unnecessary tests,” Banas says. “Maybe by 2020, we’ll have nailed it, or at least taken a big bite out of the interoperability concept. We’re close to the tipping point and gaining momentum fast.” Sync / 83
IF EXCELLENCE IS ACHIEVED WHILE STRIVING FOR PERFECTION, THE JOURNEY IS WELL WORTH THE EFFORT. For our team of more than 10,000, perfection is an unending quest to create the highest quality, safest and most efficient health care environment we can provide. It’s an obsession we’ll keep striving for, every moment of every day.
VCU Medical Center has been awarded the 2014 American Hospital Association-McKesson Quest for Quality Prize.
Innovative providers such as Mount Nittany Health are shaping the next generation of healthcare delivery. They rely on J2 to make it possible. ■ Technology Strategy ■ Systems Integration ■ Health Information
■ Healthcare Analytics
j2interactive.com 84 / Sync
Technology is driving the shift in health care as hospitals respond to the Affordable Care Act and Meaningful Use requirements. Wayne Thompson profiles four projects that are enabling Mount Nittany Health to not only meet patient needs but enhance the capabilities of a modern health-care organization. By Zach Baliva
Electronic Health Record Implementation THE CHALLENGE Thompson became Mount Nittany Health’s CIO in 2012 after the organization purchased its physician group of 130 providers; no integration existed between those providers and the existing 260-bed medical center and related facilities. “We had to get comprehensive clinical information about our patients to the point-of-care,” says Thompson. “It was a systemwide need, so it meant getting appropriate acute care summary info to the ambulatory facilities and vice versa.”
Wayne Thompson Mount Nittany Health Executive Vice President & CIO
THE SOLUTION First, Thompson’s team analyzed two clinical systems to settle an ongoing debate. While the physician group used Allscripts, the hospital system used Meditech. After reaffirming the use of both, Thompson led efforts to automate and implement both EHRs ahead of Meaningful Use, with the help of J2 Interactive on the systems integration front. Step two involved a simple level of access for all providers through a single login to both systems universally. THE RESULTS Implementation began in 2012 and reached a key milestone a year later when computerized physician order entry went live. It was followed by an electronic data exchange. Although most of the work is complete, Thompson considers it a continuing journey that he is always refining.
Months to complete project
Physicians who can access clinical information in any setting Sync / 85
Technology Strategy Plan
“We found an agnostic set of products and solutions that accept information from more than one backend EHR and seamlessly stitch the data to give each patient a single view.”
Patient Portal Integration THE CHALLENGE In the era of the Affordable Care Act, health-care providers are seeking deeper and more significant interactions with patients, communities, and populations. In the law’s early years, Mount Nittany needed to meet Meaningful Use requirements—but perhaps more importantly, the health system needed to provide a unified virtual front door to its patients. THE SOLUTION “We found an agnostic set of products and solutions that accept information from more than one backend EHR and seamlessly stitch the data to give each patient a single view,” Thompson says. His teams used several components that process patient information from multiple sources and present that data in a clear and concise way. THE RESULTS The patient portal meets Meaningful Use requirements for all ambulatory and acute care facilities. Patients log on to a single portal to see a combined view of information taken from any health-system provider.
Of patients with portal access at Mount Nittany—Meaningful Use requires only 50 percent
Patients can access the portal all day and orders will be fulfilled the same or next day
86 / Sync
THE CHALLENGE With so many changes occurring at once, Mount Nittany needed a robust technology plan to guide its governance structure and a new strategy for the future. “We wanted to guide key decisions to help systems migration, evolution, and standards,” Thompson says. THE SOLUTION Thompson met with stakeholders and held two retreats to develop a plan that takes Mount Nittany through 2018. In doing so, he relied on existing committees, but layered on top of those a steering committee comprised of various Mount Nittany department heads and leaders. The plan focuses on interoperability of various systems and required organizational restructuring through which IT reclaimed some outsourced functions. Thompson’s strategic plan won board approval in February 2015. THE RESULTS Built-in metrics will measure training hours, customer satisfaction scores, uptimes, and other factors.
PARTNER SPOTLIGHT A little outside help can often be critical to the successful implementation of a CIO’s strategy. Mount Nittany partnered with J2 Interactive to consolidate medical records and coordinate patient care across its medical center and physician group EHRs. “We needed a partner that understood our business drivers, worked well with our software vendors, and had the experience to execute our vision,” Thompson says. “J2 Interactive has certainly filled each of these requirements.”
Technology Infrastructure Redundancy THE CHALLENGE Like many organizations, Mount Nittany had a network with several potential single points of failure. An interruption to storage or a server sent reverberations across the entire system. THE SOLUTION Since Mount Nittany lacked a failover environment or other alternative, the strategy turned to mitigating risk. After looking at many solutions, Thompson partnered with VCE to develop a solution around their Vblock technology. Now, the infrastructure group is customizing a fully redundant environment split between Mount Nittany’s main data center and another facility thirty miles away with separate power and ISP grids. “It will allow us to take key clinical systems and run them from either location,” Thompson says. THE RESULTS Thompson predicts Mount Nittany’s uptime to approach 100 percent and says upgrades and tests should proceed without interrupting clinical services.
Copyright © 2015 Allscripts Healthcare Solutions, Inc.
THE RIGHT CLOUD.
A Healthy Population Starts at the Core Organizations like Mount Nittany Health rely on Allscripts as the healthy core to build the right foundation for success in value-based care. Empowering caregivers to make better decisions and deliver better care for healthier populations.
Just as all Clouds aren’t created equal, neither are the technology partners you can chose to help deliver Cloud Services. Arrow, a proven partner, helping you to recognize revenue from the Cloud. Arrow – we make the Cloud clear
The Power to Connect People, Places and Insights. That’s the Power of Allscripts. www.allscripts.com
Sync / 87
Hybrid IT Kevin Crowe helps IT consulting firm Long View serve customers by blending technology with the business through strong partnerships and a focus on analytics. By Jessica Montoya Coggins
88 / Sync
In the past few years, companies across industries have embraced the idea of hybrid IT. But nowhere is this nearly ubiquitous buzzword more meaningful than at Alberta, Canada-based Long View Systems. As one of the leading IT solutions and services companies in North America, Long View works to achieve results for its clients by seamlessly fusing business and technology; the hybrid approach is baked into the organization and informs the way it approaches all of its client interactions and services. Long View defines hybrid IT as the ability to drive desired business outcomes through the optimal combination of technology solutions, services, processes, and consumption models. To ensure that it can fit the unique needs of every customer, Long View also maintains strong partnerships with other technology companies like Microsoft and Hewlett-Packard. Kevin Crowe, vice president of procurement at Long View, is an expert in providing the best value for customers through this new hybrid business model. Crowe joined Long View in 2000 as one of the company’s first employees, overseeing managed services. In 2010, he instigated the development of Long View’s cloud division, forever altering market strategy for the company. His strong sense of emerging technologies is what led him to the procurement division and his current role. Crowe views Long View’s success as a direct result of the way it approaches the business. “We’re very focused on a culture of integrity and looking over our clients,” he says. Crowe and his team are tasked with both procuring technology and ensuring that clients have the tools and resources to understand any new capacities. Issue 004
For Crowe and his colleagues, meeting the demands of the client is essentially a full-service job. He stresses that the need to consume technology will change from client to client. For him, it’s critical to determine a company’s business strategy. “We really see ourselves in a trusted advisor role,” he says. Because of its hybrid IT approach, Crowe and his team can tailor an array of resources for companies depending on their needs. Where one company might require an on-demand cloud service, another might need internal software restructuring. Long View strongly resists ready-made models, and instead focuses on the intrinsic needs of the companies for which it is hired to provide solutions. Crowe cites the company’s creativity and entrepreneurship as qualities that drive its success. “Hybrid by nature is disrupting,” says Crowe. He notes that change is difficult for certain people and businesses, and as a result, solution-based companies will make the common mistake of maintaining the same technology models to avoid rocking the boat. “That can be sync-magazine.com
Kevin Crowe Long View Systems Vice President of Procurement
“Hybrid by nature is disrupting.”
Sync / 89
Beyond a standard consumption model is hybrid cloud.
USING TECH FOR THE GREATER GOOD After losing a dear friend to brain cancer in 2010, Crowe began volunteering at a hospice once a week. When he realized that many patients were missing loved ones who couldn’t afford flights to come visit them, he was inspired to help. Crowe discovered that many people don’t use their accumulated frequent flyer miles and engineered a simple way for people to donate them. He founded the nonprofit organization Give A Mile, which allows people to visit terminally ill loved ones through crowdfunded flights and the donation of travel miles or points on a simple, easy-to-use website. The organization has provided almost one hundred flights so far. “It just makes your heart grow three sizes when you get to do that,” Crowe says.
At Long View there is one truth we never lose sight of, each one of the businesses we work for is unique. Your organization is no exception. It has its own business strategies, workload requirements and growth plans. That’s why we don’t offer a standard approach to cloud solutions, instead we combine solutions and deliver a hybrid cloud approach based on your organization's needs. Schedule an assessment with a cloud expert at longviewsystems.com/hybridcloud/vmware.
Long View Cloud Powered by:
90 / Sync
really detrimental in the long run, especially when you are working in technology, because things are changing so fast,” he says. Data analytics plays a major role in how Crowe and his team operate. They are very proactive when it comes to showing the best value models for clients, which is also an investment in their future. “On the procurement side, we’re using a lot more data analytics for our clients to educate them on how they consume and purchase technology,” says Crowe. Equipped with data, companies that utilize Long View can find insight into their patterns and behavior. These consumption models are helpful for Crowe’s team when they are acting as an aggregator on behalf of clients. Crowe is adamant that while procurement can advance a new business excellence for companies, it’s also critical for Long View to remain committed to integrity. “When you’re working in these consumption models, one of the most important things for our clients is that it’s well-governed,” he says. That transparency is key in developing client and partner relationships. Issue 004
American Healthcare Leader Turning powerful ideas into practice
Issue 1 arriving January 2016
American Healthcare Leader is a Guerrero Howe publication
Oscar Perez answers
How can we rebrand IT as more than a cost center? Interview with Tina Vasquez
For as long as he can remember, Oscar Perez has been interested in technology. Whether it was programming or troubleshooting, he didn’t just want to engage with it, he wanted to figure out how it all worked. As vice president of IT for Memorial Healthcare System of South Florida, Perez is thrilled to be in the perfect field—knowing his work has a positive impact on patient care. Here, Perez speaks to Sync about his role and his mission to change the perception of IT. What do you enjoy most about the work that you do? Oscar Perez: A lot of tech people in health care will tell you they don’t see how their work directly impacts patient care, but it does. I get to see that impact in action every day; it’s remarkable and humbling. I also enjoy bringing the latest technology to health care, technology that helps automate and improve operational efficiencies, improve physician and clinician workflows, and improve patient experience. Is battling a negative perception of IT something you’ve encountered? Perez: Our reputation isn’t bad; IT is just often misunderstood. That is kind of a pet peeve of mine and it’s my lifelong mission to change that perception. The perception is that IT is overstaffed, utility-like, and a 92 / Sync
large cost center that is a necessary evil to the organization, which misrepresents what IT does and the value that it adds. Part of it comes from not understanding technology and fearing it. Part of my job as an IT leader is to educate. Why is that perception particularly upsetting to you? Perez: It really doesn’t paint a complete picture and this perception often means IT isn’t used to its fullest capabilities, which means missed opportunities for the organization. Health care is our business, but I see health IT, if used correctly, as being strategically positioned to help the organization reach all of its goals and maintain a competitive advantage. I’m passionate about this because I see the work my team does day-in and day-out. I know we bring more value than what is perceived.
Oscar Perez Memorial Healthcare System of South Florida Vice President of IT
How is the IT department seen differently at Memorial Healthcare System of South Florida? Perez: Memorial is a world-class organization and I had the privilege to join an all-star team. It’s a progressive organization that invests in technology, and although we are an expensive department, the organization understands. It understands that expense is really a reflection of the organization’s needs and demands, Issue 004
which are met with technology. With the support of leadership and using every opportunity to educate, a new narrative is being developed.
“Health care is our business, but I see health IT, if used correctly, as being strategically positioned to help the organization reach all of its goals and maintain a competitive advantage.”
What are the challenges of communicating that message? Perez: Change is hard. Changing people’s perception is difficult. It’s almost like rebranding a marketing effort for IT. The challenge is getting the message out to the masses. What is the benefit to the organization when other departments see IT as more than “a black hole”? Perez: We get involved in the strategic conversations, which is key. They get us involved earlier when it comes to making important decisions that impact our business and its needs. This can drastically help reduce costs and really position our organization ahead of the competition. The reality is that IT touches every aspect of the organization, from patient care and medical records to biomedical equipment and hand-held communication devices for nurses. Because we have this 360-degree view of the organization, the organization should leverage that expertise and use it to the max. Moving forward, what are your goals? Perez: One of the things I love about IT and technology in general is that it’s always changing, and because of that, we as IT professionals need to be agile and nimble enough to embrace the change. Every year you need to tweak and realign to ensure you are ready to deal with all the regulatory, financial, clinical, and technological changes. I look forward to continuing to see health IT have a huge impact on patient care. sync-magazine.com
Encore is privileged to work with some of the most innovative and forward-thinking Healthcare Executives in the industry – Healthcare Executives like Oscar Perez – who are making a difference in healthcare and improving the care of patients nationwide.
Encore, A Quintiles Company – Healthcare IT Consulting · Planning & Assessment · EHR Implementation · Health Analytics · Performance Improvement
Visit us online: www.EncoreHealthResources.com
Sync / 93
Randy Egger bet that good solutions wouldn’t be good enough for his clients. He was right. How Project Partners taps the potential in existing technology to transform implementation into superior innovation. By Zach Baliva
Randy Egger Project Partners, LLC President & Founder
94 / Sync
Almost twenty years ago, Randy Egger worked day and night to launch a company from his home office. As a one-man shop, he ran the business, acted as a global consultant, configured his database, and managed every other aspect—all without taking a salary for the first year. It was a risky move—Egger left his job at Oracle Corporation, where he had created an important suite of applications and developed unmatched expertise. But he was determined to succeed on his own, and knew he could leverage his intimate knowledge of Oracle and other applications to solve problems for companies in a new, better way. The gamble paid off. Today, Egger’s company, Project Partners, LLC, is regarded as a leading source for project solutions. His collaborative team of former Oracle leaders has developed integrated products that extend the functionality of Oracle Projects, Oracle Primavera and NetSuite services resource planning applications. Together, they provide IT systems and business solutions for project-driven organizations, helping clients evolve their business by leveraging existing technologies. Typically, Project Partners works with customers in project-centric industries like construction, energy, government, IT management, engineering, telecommunications, transportation, and professional services. Across all sectors, Egger has noticed many companies making the same mistake. “Most firms want the sys-
tems to fit the way they currently do business,” he says. “Cost of ownership with any enterprise system is high, but customizations make it much more expensive. And the more customizations that you’ve made to the software, the greater the hurdle when upgrading to newer releases or making other changes to help your business evolve to meet market changes.” Instead, users should analyze if it would be smarter to use managed services and outsource as much as possible through cloud solutions and other models. Then, operations can adopt the best practices built into the software. These changes can be difficult for company leaders to accept, but Egger knows there’s a lot at stake for companies that remain slow to migrate to the cloud, reduce costs, and make systems easily accessible. “If a company doesn’t start on this road, they will find themselves out of business. The long-term cost savings of the cloud are going to make agile firms more cost-effective and cost-competitive, and therefore more successful,” Egger says. Project Partners urges every client to approach each business or tech problem in a new way, then steps in to help them evolve through applications and their own underlying technology. Instead of recreating the wheel with new and custom technology, companies can harness the potential of integrated systems and processes to make information flow between all pillars of their business. Project managers who have grown Issue 004
accustomed to using just one specific project management tool, for example, stand to benefit from accessing information about schedules, accounts, vendors, and budgets. “Most managers are making a lot of guesses when they could actually have the exact information they need to make better decisions, do their job faster, waste less time and money, and avoid mistakes,” Egger says. When working with a client, a team at Project Partners analyzes that client’s behavior before suggesting a solution. Then, its tech leaders build rapid proto-
“Most managers are making a lot of guesses when they could actually have the exact information they need to make better decisions, do their job faster, waste less time and money, and avoid mistakes.”
types, solicit feedback, and build an integrated enterprise-wide solution. Speed is critical. “Companies need to be able to change rapidly to adapt to market changes, which means the technology needs to be able to change easily too,” Egger says. “You can’t have a five-year technology plan, because everything that you started with is going to be out of date and no longer a fit at the end of the five years if you follow the traditional on-premises approach.” Project Partners’s flexible approach keeps companies responsive. Salespeople can rely on updated, accurate information from other departments, and project managers can create exact schedules and costs long before they’re awarded a new job. That’s why Egger left Oracle all those years ago–he wanted to be more than a technologist; he wanted to be a complete solution provider. Now he’s focusing less on products and more on solutions, which impresses his customers, and probably would impress his younger self, too, toiling away in a little home office. sync-magazine.com
Customers per year
Drive change in your users’ security behavior
The highest single project value
Companies Project Partners has helped adopt Enterprise Project Portfolio Management
Reduction in invoicing labor at KCI Technologies because of Project Partners
Reduction in reporting times at Colonial Pipeline because of Project Partners
Reduction in pipeline production report time at Iberdrola Renewables because of Project Partners
If phishing is a top security concern for your organization, try the PhishMe method to lower your users’ susceptibility to the most prominent threat vector - email.
Sync / 95
Chris Akeroyd is strengthening UMC Health System with connectivity and security. The director of IT infrastructure highlights four projects that are protecting the hospital’s data and assisting the work of nurses and doctors. By Jeff Silver
Chris Akeroyd UMC Health System Director of IT Infrastructure
THE CHALLENGE Protecting confidential business and patient information is more than just best practice. Breaches at health-care organizations open them to the risk of financial penalties imposed by the federal government, lawsuits, and immeasurable damage to reputations, including being listed on the Department of Health and Human Services’s public list for organizations with breaches exceeding 500 records.
THE CHALLENGE Sharing information via SMS text messaging is convenient, but unsecure. Because it has become the default mode of communication for many people, UMC needed to find a way to provide a text platform that still met security requirements. To be effective, it would also need to have the same look, feel, and ease-of-use that users have come to expect from personal text applications.
THE SOLUTION In addition to multi-layered firewalls, intrusion prevention systems, and web filters, UMC implemented extensive staff training. Instruction revolves around real-world events and home cybersecurity. “We created a culture of awareness that makes security relevant and personal,” Akeroyd says. “It encourages staff to use good practices at home and work. You can implement the perfect security technology, but if staff isn’t taking steps to mitigate risk, it’s useless.”
THE SOLUTION An application that encrypts communications and tracks and monitors the delivery process was identified. As with UMC’s cybersecurity initiative, launch of the application emphasized staff education. Training focused on making physicians and nurses aware of the importance of communicating exclusively through the secure channel as well as their own accountability in maintaining its integrity.
THE RESULTS To assess the effectiveness of the training, the IT department sent a series of four phishing emails to UMC staff with enticements to click on various links. As the trial progressed, fewer and fewer of the links were accessed and more and more recipients reported the suspicious emails.
Recipients clicked links in UMC’s first phishing email
Recipients clicked links on the organization’s fourth phishing email
96 / Sync
THE RESULTS The transition to the encrypted application was slow at first, but internal unit coordinators, who administer information and coordinate patient care between clinicians, became early adopters. “Once the coordinators started initiating conversations using the application, that got the ball rolling,” Akeroyd says. “They even started redirecting ‘inappropriate’ communications to the secure channel.”
Secure system coverage at Texas Tech, for which UMC is the teaching hospital
Current registered users Issue 004
Virtual Desktop Deployment THE CHALLENGE After deploying a new electronic health record (EHR) system, University Medical Center Health System (UMC), in Lubbock, Texas, needed to create a virtual computing environment to extract value from the new records system and, therefore, qualify for associated Medicare and Medicaid incentive funds. The virtualized environment needed to preserve digital security, integrate mobile devices, and provide nearly instantaneous access and rock-solid reliability. THE SOLUTION Because no single application can provide all the required capabilities and features UMC needed, numerous components were layered together to handle administration, authentication and other critical system functions using an on-premises cloud. This system provides access while putting security in the hands of an IT administrator. It also integrates with a separate program for managing radiological imaging. THE RESULTS When clinicians log in, they see a virtual re-creation of their desktops and can access real-time status updates of EHRs within ten seconds. EHRs can also be viewed through remote access portals, enabling instant status updates anytime and anywhere with an Internet connection. Akeroyd predicts user volume will double by the summer of 2016.
Virtual desktop availability for UMC’s thirty remote clinics
Virtual desktop availability from in-patient beds
Concurrent users per day
Clinical Workflow Solutions Automating the clinical environment to help ease the delivery of care, enhance the patient experience, and drive performance excellence.
Unique users per day
Months needed for 90 percent of the hospital facility to be covered by virtual deployment
Nurse Call System THE CHALLENGE In 2013, UMC was using four different nurse call systems. The system allowed patients to request assistance and alerted medical and security staff to emergency situations. But the four systems were inefficient and unable to support the latest innovations in clinical care. THE SOLUTION Akeroyd’s team redesigned the existing architecture to provide a single, standardized call system. This allows for more streamlined maintenance and ensures that all areas of the hospital have access to the same clinical features and capabilities. THE RESULTS The new system is able to locate nursing staff in any unit in the hospital through radio frequency identification, and can also integrate with EHRs, automatically tracking real-time patient status. For example, if a patient presents a risk of falling, the system can monitor the position of bed rails or alert staff if the patient has left the bed. “We can now get real-time information and respond much faster to any adverse situation that impacts patient care,” Akeroyd says.
UMC’s patient satisfaction rate in 2014, which is expected to rise because of this system sync-magazine.com
Learn more by visiting hill-rom.com/clinical workflowsolutions
©2015 Hill-Rom Services, Inc. ALL RIGHTS RESERVED. 191432 rev 1
ENG – US
Sync / 97
uniting powerful leaders in more ways than one F THE CMO STRY AND THE EVOLUTION O S A SPOTLIGHT ON THE INDU T E D I TO R C A R LO S C ATA T U R N THE MARKETING ISSUE: GUES J U LY/AU G 2015 VO L 08 N O 34
Join the conversation!
facebook.com/HispanicExecutive twitter.com/HispanicExecMag instagram.com/HispanicExecMag
NE T GAIN S FOR B R O O K LY N THE NETS’ MARKETING G U R U, E L I S A PA D I L L A ,
ENJOYS ROARING SUCCESS A S B A R C L AYS C E N T E R RISES TO THE TOP
READY FOR LYFT-OFF
Veronica Juarez opens roads across the nation for the exploding ride-sharing service
LA EXPLORADORA Nickelodeon turns to Lourdes n Arocho for big global expansio on products for little ones
PRINT + TABLET EDITIONS FIND US IN THE APP STORE OR AT HISPANICEXECUTIVE.COM
With high costs to implement systems and no wellestablished strategies, itâ€™s no surprise that many organizations have been content to wait for 3-D printing to become enterprise-ready. Meanwhile, in the next five years, Siemens predicts that 3-D printing will become 50 percent cheaper and 400 percent faster. By 2023, it will be an $8.3 billion global market.
ASK YOURSELF Accumulating hands-on experience while the technology is evolving will keep your business prepared, so why wait? Is your workforce ready to take advantage of the next 3-D-printing breakthrough beyond prototyping? How can you encourage innovation in this high-risk environment?
Sync / 99
100 / Sync
Sync / 101
C Y BE R WA R 102 / Sync
Greg Dixon, former naval cryptologic officer and current SVP of advanced cyber operations for KEYW, is preparing the people and creating the tools necessary to fight todayâ€™s cyberwars. By Zach Baliva
R IOR S sync-magazine.com
Sync / 103
A student peers intently at two wide-screen monitors, lines of computer code reflected in his glasses. His eyes scan the text. He clicks the mouse, giving direction to one of two high-end computers. The computer on the left is a research station. On the right, an attack station. The attack station is connected to a network that forms a self-contained virtual Internet with artificial banking, email, and e-commerce sites. The student isn’t a hacker—he’s one of the good guys. The scene is part of Parrot Labs, a new training delivery model from the cybersecurity experts at KEYW Holding Corporation, a global cyberspace, geospace, and counterterrorism company with leading hardware, software, and tech solutions. Cyberterrorists focus on penetrating weaknesses in corporations and governments; Parrot Labs’s hands-on training in cyberoffense, cyberdefense, forensics, network exploitation, and programming skills is designed to help professionals discover, understand, and diminish threats and attacks. With Parrot Labs and other endeavors, KEYW is helping government agencies defend their most valued assets while ensuring the nation builds the cyberworkforce it needs. The man behind it all is Greg Dixon, senior vice president of advanced cyber operations. As a former naval cryptologic officer, he’s developed a unique skill set that drives his current work. Dixon started his naval career in submarine ballistic missiles, and later became a commissioned officer working on sensitive technical projects in support of national and tactical security objectives. In postgraduate school, he studied advanced networking and computer architecture design, providing an understanding of how networks and hosts are built from the ground up. This research led to Dixon’s thesis on vulnerability research in asynchronous transfer mode communication—the former backbone of how data was routed around the Internet. In 2005, he retired from the Navy and started working as a contractor; he joined KEYW in 2008. This unique background helps Dixon understand complex aspects of advanced networks and how “bad actors” may seek to attack governments and corporations in the digital age. The threats are real, ongoing, and increasing. Experts suggest that all companies on the Fortune 500 have been compromised, with attacks coming from nation states, terrorists, and individuals. In February of 2015, New York’s Department of Financial Services warned of an “Armageddon-type” incident targeting Wall Street. In this new reality, Dixon says, corporate and public sector leaders must be diligent and realistic. 104 / Sync
Greg Dixon KEYW Holding Corporation Senior Vice President, Advanced Cyber Operations
“The threats become more sophisticated every day. Most companies should assume that bad actors are already in their network. They can be anywhere, doing anything,” he says. Dixon believes that every company should immediately review and implement relevant items from the twenty critical controls listed by the SANS Institute’s website (see p. 129 for a complete list), with an ultimate goal of migrating to an automated and active cyberdefense solution. Those twenty controls, however, still aren’t enough. That’s why Dixon and his IT pros monitor industry trends, academia, the marketplace, and government reports in an attempt to stay one step ahead. Employees at KEYW and instructors at Parrot Labs are practitioners who also obsessively focus on research and malware analysis to stay current on the state of malware, allowing them to refresh and update Parrot Labs courses, scenarios, and case studies. The key is critical thinking with a deep understanding of networking and computer theory. “Malware, or malicious software, is simply software designed to disrupt otherwise normal computer operations,” says Dixon. “By understanding how software code runs on hardware, you can appreciate the stealth and persistence techniques the bad guys are employing, because you understand the basic underpinnings of the technology.” With this operational knowledge, students can start to understand and mitigate threats. By offering courses like Offensive Methodology & Analysis and Tactical Digital Forensics, Parrot Labs is preparing a workforce capable of defending against digital attacks that could otherwise cripple entire industries and communities. KEYW’s automated cybertraining framework increases the number of students that actually get through the pipeline and into the Issue 004
SOLVING TODAY’S toughest challenges in Cyberspace + Geospace. marketplace. While standard training courses operate at a single pace for the entire class, KEYW offers a flexible system that guides each student at his or her own pace and offers feedback in near real time. Industry and government leaders alike are recognizing the imminent threat of cybercrimes. In late 2014, FBI director James Comey called cyberterrorism one of our nation’s top threats, saying, “People who harm children, fraudsters, spies come through the Internet. Nation-state actors, terrorists—cyber isn’t a thing; it’s a way.” During his tenure, former US deputy secretary of defense William Lynn said, “The Pentagon has formally recognized cyberspace as a new domain of warfare. Although cyberspace is a manmade domain, it has become just as critical to military operations as land, sea, air, and space. As such, the military must be able to defend and operate within it.” Heads of state, CEOs, and leaders like Dixon are concerned about threats from China, Iran, ISIS, and elsewhere. “We need to grow our cyberworkforce to combat these issues, and we’re doing what we can to train people to meet these challenges,” Dixon says. Cyberterrorists and others who engage in malicious cyberactivity don’t operate under the rule of law or respect the privacy of citizens. Dixon knows that winning the war will take a new set of skills and tools, and he’s working to help modern tech professionals equip themselves for battle.
TAKEAWAY With digital attacks increasing in frequency and scope, companies must arm themselves with talented and specialized tech experts who understand advanced network strategies and can stay one step ahead of the unseen online enemy. sync-magazine.com
KEYW creates solutions by combining our services and expertise with hardware, software, and proprietary technology to meet our customers’ requirements.
For more information visit www.keywcorp.com
Sync / 105
ViJay Viswanathan knows the newest breed of CISO needs not only awareness of the latest techniques but the ability to teach them to the next generation of professionals. Here, the CISO of HD Supply describes how he’s developing a rich network of security practitioners. As told to Julie Schaeffer
Craft tailor-made solutions.
Recognize pattern disruptions.
I view information security as more of a business function than just a technology function, primarily because there’s no one-size-fits-all security solution. While the number of security solution providers has grown exponentially, the solution themes and approaches tend to remain the same. Each industry has its own set of challenges and regulatory requirements, but more importantly, you need to understand your specific business model to design a security program that mitigates threats uniquely impacting your organization. This unique business-specific security program development requires a complex skill set spanning information technology, risk management, legal, audit, business function operations, and a real-time understanding of the threat landscape in the market; that’s why the CISO role is one of the most complicated in a company.
We had developed a security incident and events management platform yielding our first generation of actionable intelligence, but we still had all of these log events sitting untapped in this massive database. So, we sought to figure out how best to use this information while carefully filtering noise to stay focused. The business does it—for example, with pricing: you run contextual queries against market, looking at consumption models, what products are in demand. I decided to take this approach with our security analytics and build the foundations for big data security analytics. I said, “What if we start looking at all these logs and create a pattern baseline of the network? Then, if there’s a deviation from that pattern, we know there’s something interesting in the network.” It’s a simple thought process, but to develop it we had to build a custom security-analytics data model. We then pumped processed information from all our log sources into it, and layered contextual business knowledge on top of it, creating a custom signature for the organization. So, on any given day, the idea is to predict the indicators of attack based on how the business consumes information. You know the expected traffic patterns, and if you see something anomalous, you zero in on it.
Keep an eye out for blind spots. The focus on cybersecurity has increased over the past couple of years, with a burst of sophisticated, targeted attacks against companies of all sizes. The most common problem organizations face, in spite of having a structured security program, is the lack of visibility and consistency in actionable security intelligence. In other words, you can only protect what you see and manage well. Hackers exploit the gap between what you see and what you don’t in a systematic manner.
106 / Sync
ViJay Viswanathan HD Supply Vice President & CISO
There’s no “I” in Army. Security is not just about the CISO; it’s about the CISO’s tactical team. It’s taken me a long time to build Issue 004
“Security is not just about the CISO—it’s about the CISO’s tactical team.” a well-balanced group of security professionals within the organization, but I now have a robust and versatile staff, ranging from fresh college gradates, to veterans, to professionals with decades of industry experience.
It’s not all Fun and WarGames. You have to give security professionals a controlled environment in which they feel comfortable exploring. I’ve been fortunate enough to recruit some bright candidates who already established themselves by winning regional and national hacking competitions even before they graduated. But most security practitioners just out of school don’t have the opportunity to try out some of the cooler aspects of the job. I’m trying to create a platform on which they can do that. I bring them in and give them the opportunity to be a part of what I call my Red Team. The Red Team is the offense team; they try to hack into our own security controls and break our solutions. In doing so, they come to understand how the technology works. Working against them is the Blue Team, which is the defense. They keep strengthening our controls based on the Red Team’s exploits.
If you see something, share something. Sharing information has required a big shift in thinking. A few years ago, the mentality about security was that you didn’t want to share what you were doing. That’s a good point; you don’t want bad guys to know your security model. But then a handful of industry pioneers decided to get out there and start sharing information. It became clear, with a steady increase in cyberattacks and data breaches, that sharing best practices should evolve. Back in 2007, I started reaching out to my industry peers to create an intelligence network. Initially it was informal, but it grew, and now operates as a powerful peer roundtable sharing timely and invaluable intelligence. This collaboration extends to both government and private sectors. When one of my industry peers experiences a security incident, technical intelligence helps others implement preventive controls. It’s security crowdsourcing in action. Sophos SafeGuard Encryption introduces the most complete data protection solution on the market, protecting data on multiple devices and operating systems. Whether your data resides on a laptop, mobile device, or the cloud, SafeGuard Encryption is built to match organizational workflows and processes without slowing down productivity. Sophos.com/Encryption
TAKEAWAY Cyberthreats are changing how companies operate. Organizations now need an army of internal security practitioners, as well as a connection to those outside the business. Sync / 107
At Becton Dickinson, CISO Damian McDonald’s cybersecurity team makes it easy to adopt critical solutions that keep the medical-tech company safe. By Zach Baliva
108 / Sync
Advanced cyberthreats are creeping into the world of health care, and industry players face ever-increasing challenges in keeping them at bay. Today’s hackers don’t just cause mischief; they levy targeted thefts against intellectual property or personal information, and health care is a prime target. “There’s a big need for medical technology in many countries, and hackers are also realizing the value of a patient’s health record,” says Damian McDonald of Becton, Dickinson and Company (BD). With just one medical record, thieves can steal an identity, conduct health-care or insurance fraud, or engage in extortion. Health-care organizations lack robust fraud detection capabilities like those built over time by big credit card companies, which is why security executives like McDonald are building security infrastructures for health care from the ground up. A global Fortune 500 company, BD develops, produces, and sells medical devices, laboratory equipment, and diagnostic products in more than fifty countries worldwide, serving clinics, labs, health-care institutions, and the general public. With trade secrets, intellectual property, and patient privacy on the line, a well-armed tech team must navigate acute security needs and attacks in the complex and nuanced health-care environment. As BD’s vice president of global information security—the organization’s CISO role—McDonald has readied a team of proactive IT diplomats who stand on the front lines, putting a face to the department and confronting digital threats. After working in infrastructure, networking, and systems engineering, McDonald came to BD in 2004, when the role was still brand new. “The threat landscape was changing, and I saw the potential of taking security to the next level,” he says. “Previous teams had built a foundation focused on policy, and I wanted to move into strategy and technology while educating the organization on IT security and direction.” Issue 004
Photo by Frank Famularo
“Seatbelts don’t work unless they’re used.”
Damian McDonald Becton, Dickinson and Company Vice President of Global Information Security
Sync / 109
Since both health care and technology move quickly, responsive teams are critical. McDonald has built his team accordingly. “BD is a learning company, and we underscore the importance of leaders as teachers,” he explains. Since his arrival, BD’s tech team has grown in scope and number to go beyond basic policy and compliance and become more active. The team has implemented security awareness, developed training programs, and crafted an overall strategy for the company that emphasizes everyone’s responsibility for information security. The key, McDonald says, is taking issues out of the theoretical and grounding them in reality. He’s led the unification of widely distributed security management and operational security processes. He’s also built security analytics and security-operations teams from the ground up. The move has shifted security professionals from the sidelines to the playing field. “Security can’t come at the end,” McDonald says. “We’re now embedded into the operational processes. Corrections after the fact are expensive and can shatter customer expectations, so security has to be more than an afterthought.”
“Security can’t come at the end. We’re now embedded into the operational processes. Corrections after the fact are expensive and can shatter customer expectations, so security has to be more than an afterthought.”
As threats increase, hacking is inevitable. “There are just too many ways for hackers to get in,” says McDonald. “We work with a premise that we will be hacked, and focus on how quickly we can detect hacks to prevent the bad guys from achieving their objective.” Although perimeter security remains important, BD’s tech pros augment those measures with security analytics and threat modeling. Knowing what bad actors might do with medical information—like creating bio-specific drugs or weapons to target specific individuals—changes McDonald’s approach.
McDonald reviews threat intelligence dashboards with Jeffrey Mead, BD’s IT leadership development program associate.
110 / Sync
DAMIAN MCDONALD’S GUIDING PRINCIPLES Ensure everyone understands their role in security. All members of a team should know that they are responsible for information security. At BD, McDonald created a security awareness program called “I Am Information Security.” It starts with the CEO and applies to all levels. Everybody has a role in protecting information. Make security personal. All employees must grasp and internalize the risks. Security needs to become second nature at home and work. BD accomplishes this through constant communication and education that has value in and out of the office. Understand the customer impact. It’s easy to put security controls in place and dictate their use, but that will only get you so far; protections must be usable. “I’d rather have a less effective control that’s widely adopted than a complex control that nobody uses,” McDonald says. Keep people engaged. Promote continuous learning to keep the conversation going. “We have excellent leadership engagement and are now focusing on stepping up engagement with middle management and people at all levels,” McDonald says. “Advocates at any level can give you an important entry point to get your message across.”
In many cases, security is a business enabler, and part of a CISO’s role is to put the protections in place that will limit losses and enable his or her company to operate safely and effectively. A CISO is also responsible for forecasting trends. “We all saw mobility coming but didn’t respond quickly enough,” McDonald says. “As an industry, we saw some wireless networks melt down from the influx of mobile devices.” At BD, McDonald works to stay in front of developments and lead conversations with business leaders, customers, and vendors. When he selects a vendor, he partners with the company, digs deep on security and privacy issues, and returns to educate customers and business leaders. With the stakes higher, security is involved at the RFP level, and each potential vendor receives clear security expectations up front. McDonald has standardized practices and requirements for data encryption and other security controls. The upshot of neutralizing constant threats is that it keeps McDonald and BD’s associates on their toes. “Walk into a hospital today and see just how connected everything is,” he says. “Our products are a huge part of that. It’s a different world.” The only way a team like his can protect its company and its customers is to start at the very beginning and work fast. “Our security measures have to make sense, and they have to be easy to adopt. We have to partner with IT to put the right technology in place to drive the right behavior,” McDonald says. “Seatbelts don’t work unless they’re used.” TAKEAWAY As hackers target valuable information in health records, security comes from early and advanced involvement at all stages and levels. sync-magazine.com
Sync / 111
The Gatekeeper CISO Mark Olson guards the information of Iron Mountain, as well as that of its myriad global clients. Here, Olson outlines the keys to keeping information accessible in an increasingly security-conscious world. By Emma Janzen
Mark Olson Iron Mountain Vice President & CISO
112 / Sync
In today’s technology-driven landscape, information security isn’t just about preventing hackers from breaking into a company’s systems and stealing information. The heart of information security is in promising information availability and integrity to clients. “Our job is making sure the data our customers rely on is going to be there every day, the way it was yesterday,” Iron Mountain’s vice president and chief information security officer Mark Olson says. “It will be secure and not altered, and they can depend on that fact.” Olson is in charge of ensuring applications are written securely for the information-management services company, handling Internet responses, managing global directors, and high-level security responsibilities. In order to juggle it all, he’s created elaborate and detailed systems to establish security for both Iron Mountain and its array of global clients. Iron Mountain sets up systems of automated controls that allow data to flow where it should and stop when needed. It also has an extensive information assurance program—a set of standardized policies and procedures that ensure that data is protected across all areas of the business. Within this structure, commercial products are employed for encrypting correspondences and a detailed checks-and-balances scheme is in place to ensure only the appropriate people have access to certain levels of information.
“In the security space you need a separation of duty,” Olson says. “That separation happens in a number of areas, particularly the security controls and devices.” For example, log entries are generated when people operate devices and run applications. Administrators do not have access to the log repositories, ensuring the integrity of the records. Only read-only access is available to the host so administrators and security personnel can monitor activity to seek out abnormalities and make sure everything remains functional. “Audit log integrity is ensured in that way,” Olson explains. “It’s something some customers directly ask for, and it’s also a method of showing customers and reassuring them that we are protecting their data in the best way possible.” These measures are part of the security practices that are repeatedly tested and audited by customers and government regulators. Physical security controls are also regularly assessed to ensure proper care before and after delivery. After putting internal structural practices into place, Iron Mountain also hires outside companies to validate each security system via manual penetration tests. “We essentially hire somebody to attack and compromise our websites and applications,” Olson says. That third party then reports back on whether it was able to penetrate Iron Mountain’s systems, how it was able to, and how it would fix the vulnerabilities. Issue 004
IT EATS APPLICATION THREATS FOR BREAKFAST. AND IT EATS BREAKFAST 24/7.
PUT A MONSTER IN YOUR CORNER. Speeding your software applications to market—without sacrificing security— requires a powerful ally. Especially since applications are now the #1 attack vector for breaches. Veracode’s automated cloud-based service enables organizations to rapidly identify and remediate application-layer threats—across web, mobile and third-party applications—before cyberattackers can exploit them.
Visit veracode.com to learn more.
The Most Powerful Application Security Platform on the Planet
BIG IDEAS IN TECHNOLOGY LEADERSHIP
CASE STUDY GLOBAL INTERNET PARAMETER The Problem Different vendors handled security controls for each global client, meaning each area had to be identified for risk uniquely, requiring a lot of time and labor. The Solution A complex global Internet parameter for international clients with a standard set of controls via a single vendor that spans the globe with the same consistent connectivity. The Results Now Iron Mountain doesn’t need to keep multiple versions of compliance reports from various regions, saving time on its end and also delivering a more consistent, streamlined system that requires less interpretation for clients. Olson and his teams can now accurately measure risk and understand their positions around the world in the most efficient way possible.
156K Organizations being serviced
Countries where information is stored, protected and managed
of Fortune 1000 companies are assisted by Iron Mountain
DIGITAL EDITIONS AVAILABLE IN THE APP STORE OR AT SYNC-MAGAZINE.COM
114 / Sync
Every application is tested before being made available for customer use. Olson believes that the most successful approach to cybersecurity is a blend of both proactive initiatives and reactive solutions, with a renewed focus on detection. Right now, he hasn’t found any one product on the market that adequately detects breaches, so one of his current initiatives is to look at everything they have inhouse and determine whether or not they can build a unique detection capability that will be best suited for Iron Mountain. Other plans for the future include pushing appropriate security controls, analysis, and responsibility toward those who are closest to the controls and have the most intimate knowledge of operations. “There’s a principle in software engineering that says the sooner you fix a bug, the cheaper it is,” Olson says. “So fix it during the development process when you first write it, where you start testing before it goes to production.” The further in the development cycle, the more expensive the fix. If those responsibilities shift from an analyst to the staff closest to the operations, the security team is free to look at the most complex matters, and the operations staff can identify issues much sooner in the process. “It’s the same principle,” Olson says. “Detect the security variation and correct it closest to where the problem occurred.” By tackling problems at their source, Olson and his team add another crucial component to Iron Mountain’s defenses.
TAKEAWAY Preventing cyberattacks is only a small part of the collection of tools and techniques needed to ensure information stays secure in today’s rapidly changing digital landscape.
It’s time for information security departments to stop playing catch up and prepare for the future. Tim Williams of Caterpillar explains how business leaders can prepare for the rising security risks of today’s threat landscape. As told to Zach Baliva
Just Say “Know.” I’ve heard many people describe how IT security has evolved, and I think the best way to say it is that the field has shifted from “no” to “know.” The threats facing major businesses have increased substantially in velocity and sophistication. We simply have to know—we have to understand not only the tech landscape but also the business pressures that are out there. By gaining this knowledge, an IT leader can stop being an enforcer and start acting as an influencer. IT leaders influence business by understanding the risks and the role they play in mitigating those risks. It takes a lot of dialogue, and it requires trust that comes through a good relationship.
Photo by Jeffery Noble
Balancing Tact Caterpillar, like most businesses, is a relationship business, and it’s important to develop that trust. I’ve been in the field for thirty-five years and came to this company in 2006. I’ve learned along the way that whenever you’re spending money and resources, you have to have a good business case. That’s certainly true today for tech leaders when it comes to security. We make formal presentations to the board, the executive management teams, and at the general manager level. It takes relationships at all levels of the business—getting out to manufacturing facilities, for example, to better understand the realities they face and what we’re asking them to do. You have to balance security, business, and operations. sync-magazine.com
Tim Williams Caterpillar Inc. Chief Security Officer & Director of Enterprise Security Risk Management
Sync / 115
Security is a Team Sport. We stress to Caterpillar employees that we’re all in this together. Anyone who uses the Internet, like we all do, faces risks at home and at work. We’ve built a unique team that liaises with public relations and communications, and that team is focused purely on security. We do security testing, and we’ve brought in outside experts to help teach employees how to protect themselves at home. That gets a great response, because as employees learn steps that keep their families safe, they tend to transfer that behavior to the work environment. It will always be about people. We want to have the right tech strategy, but you have to bring that forward in conjunction with right employee behavior. You can have the best technology and best security in the world, but if someone clicks a link and gives away credentials, then all your work is lost.
“We want to have the right tech strategy, but you have to bring that forward in conjunction with right employee behavior. You can have the best technology and best security in the world, but if someone clicks a link and gives away credentials, then all your work is lost.”
We have great support from our executive leadership team, because they understand how critical this is to the overall success of Caterpillar. Guarding against unauthorized attempts to get into our networks is important to protect Caterpillar’s confidential information. Consider this: the average Internet-connected computer is attacked dozens of times per day—and we have thousands of Internet-connected computers. It underscores the importance of managing risk.
Understand the business. As these threats shift, security leadership roles are shifting, too. The emphasis now is on business acu116 / Sync
PARTNER IN SECURITY AWARENESS Caterpillar works with information security awareness specialist Terranova on multimedia campaigns to raise awareness among the company’s 125,000 employees. One of the methods involves a unique self-phishing program. Through the program, the IT security team phishes around 10,000 employees every month. Users that click links in the targeted emails receive an automated message that explains that they’ve failed a test and highlights clues they missed. The same population receives a different disguised message a month later, and the IT team compares click rates. The approach is working. Information security officers around the world localize content (provided in eight languages) to meet the unique needs of their specific facility, country, or business unit.
men. You have to really understand the world your company lives in, and you have to be able to explain complex technology and behavior in simple terms. A masters degree in computer science and an MBA are both becoming more necessary than in the past. Completing an MBA program was a turning point in my career because I found I could better emphasize and articulate the risks along with required programs and expenditures.
Stop Looking to the Past. We have to keep moving forward as an industry. Everyone wants to chase the shiny, new technology that will protect us all from everything out there. Instead, we need to examine where the threats will be five years from now and start thinking about what we need to do to prepare. The industry has been looking in the rearview mirror for far too long, and we need to get more predictive. Part of that lies in collaboration. Caterpillar has had very good interactions with leading government authorities, locally and abroad. We’re finding that liaising with government is an indispensible part of understanding future attacks and learning what other companies experience; the business community needs this extra set of eyes and ears, as this has become an issue of national security.
TAKEAWAY Information security leaders need to embrace and include all departments of a company in their strategic plans in order to protect digital assets effectively.
BUILD STRONG LINKS TO PROTECT YOUR INFORMATION AND REPUTATION. Increase Security Awareness > Build Strong Links > Reduce Security Risks > Protect Your Organization
Train your employees using Terranova's complete information security awareness suite, which includes online training, LMS, videos, games, communication and reinforcement tools, phishing simulation, professional and managed services. empl By ensuring that employees understand the cyber threats they face every day, organizations can greatly reduce user-related incidents, thus freeing resources to tackle external attacks.
Request your free trial today terranovacorporation.com 1-866-889-5806
118 / Sync
Higher education is built on the open exchange of information. Information security has never been more vital.
How do you create a cybersecurity strategy for todayâ€™s universities? Lorna Koppel, director of IT at Tufts University, shares her vision.
Interview with Topher Bordeau | Photos by Matthew Healey
Sync / 119
Lorna Koppel wrote the book on information securityâ€”literally. Sheâ€™s the coauthor of Information Protection Playbook and a former information security expert at Iron Mountain and Kohler. But she has always wanted to apply her talents to higher education, and was looking for opportunities in that realm. At the same time, as Tufts University embraces a global approach to elite education, it needed someone to pioneer ways to secure previously unimagined styles of collaboration and innovation. The university found that person in Koppel, and her expertise is guiding the way Tufts secures its expansive future.
Lorna Koppel Tufts University Director of IT
Tell us the story of how you arrived at Tufts. What made you leave a security position at Iron Mountain to take on the world of higher education? Lorna Koppel: I have dreamt about a career in higher education and the sciences since I was in high school. I loved the thought of being involved with the energy and passion for continued learning and research. I discovered that I could bring my years of security and operational process experience to a top-notch university.
What is uniquely challenging in the higher education environment? Koppel: You have a number of challenges that are the extreme of what some corporations face. The main challenge is the sheer breadth of different personal devices that people bring into the environment. You also have very high throughput needs and extensive collaboration with a wide range of external organizations and individuals. There are a lot of things that you have to enable and still try to figure out how to protect, without having as much dictatorial control over the environment as a corporation would. Corporations tend to lock everything down, minimize what their employees can do, and only allow the use of the things they need for business. Universities historically start from a fundamentally 120 / Sync
If you want better security, think like a bad guy. different philosophy: they seek to enable everything. Now, with the rise of security threats, they have to creatively scale back what people can do, in order to eliminate risk.
What are the keys to protecting and enabling the university from an information perspective? Koppel: The students want to do their schoolwork and research with no impediments, pursue their hobbies, and do the things that help them relax. Those things can be vastly different—especially at a university with students from all over the world. The faculty needs access to their tools to teach courses, and they want to have a lot of flexibility in presenting their materials. More and more, they may need IT technologies that traditionally haven’t been in the classroom. We also have to consider the diverse types of research that requires everything from high-computing needs to highly reliable communications to the collection and analysis of sensitive data with no room for data corruption or leakage. In a diverse environment such as Tufts, everyone has focused on their own areas and they don’t necessarily know the other departments and resources they can leverage. The key to working at a university is making sure there’s good communication that builds trust and information sharing, so we will hear about initiatives in time for us to help enable everyone to do their jobs safely.
How does your corporate experience inform your approach to what you’re doing at Tufts? Koppel: The great part of my corporate experience is the ability it has given me to bring hope, through suggesting ideas of how to deal with sync-magazine.com
It’s only a matter of time. Bad guys will get into any network sooner or later. They may already be inside. HP Enterprise Security Products has the cybersecurity technologies your agency needs to prevent, detect and stop adversaries before any damage is done. Our continuous monitoring enterprise security products give you real time response, a full range of capabilities, and are easy to deploy and maintain. HP’s integrated platform documents all events, continually refining and improving protection. Your vital agency systems stay protected while delivering services safely and efficiently. Better security. See how it strengthens your mission. Visit hp.com/go/pubsecsecurity
Follow us on Twitter @HPGovSec
Gold Partner with Carahsoft 888-55-HPGOV | www.governmentITplaybook.com © 2015 Hewlett-Packard Development Company, L.P.
Sync / 121
MEET THE TUFTS IT TEAM Koppel utilizes a team of specialized technology experts to keep Tufts’s security architecture robust and effective. She describes what each of them brings to the table in her department.
Paul Nash Senior Information Risk Consultant Designs solutions and manages risk mitigation efforts for new university initiatives to meet evolving threats and compliance needs
Dan Modini Information Security Operations Analyst Brings experience in detecting and responding to security concerns and provides excellent customer service
Jess Frisch IS Application Risk Consultant Develops tools for use by diverse people across the university, including the security team, to understand data trends and to help respond to and manage efforts to reduce risk
Pat Cain Owner of Cooper-Cain Group Integral part of the team who uses his vast global security threat experience in designing detection and monitoring solutions
122 / Sync
seemingly unmovable roadblocks, to people beyond security.
Are there examples you could share of how you advise up front to reduce risk? Koppel: It’s always easier and cheaper to reduce your risk before something gets put in place than having to go back and fix it later. It’s not always possible, but it’s easier. Two processes are important to that. The first is vetting your vendors. In recent large breaches covered in the news, the breach usually started at the third-party vendor and its access to the victim’s network. It’s important to vet your vendors before you use them. Their weakest link can become your weakest link. Understanding their security stance is hard, but it’s an important thing to do. Downstream from that, doing reviews of projects before they get too far into their lifecycle is important. There may be some needed tweaks where stuff gets installed in the network and in how the data is handled and accessed. You can also scan for vulnerabilities in the applications so you can fix them before you plug them into the network. Every IT project needs to have some sort of security analysis done at the beginning, so we can guide where the process is going to go and bake in security along the way. Finally, it is important to then do another review prior to going live.
“Corporations tend to lock everything down. Universities historically start from a fundamentally different philosophy: they seek to enable everything.”
What are some ways that Tufts is upgrading its detection and response abilities?
have a monitor on the horse so that we can see where he’s going before he’s gotten too far down the road! That requires a ton of data. You need to gather data on all different kinds of activities from multiple sources on the network. No human can look at that data on a 24/7/365 basis and analyze it. So you need the tools to bring that all together. You need good computers, good programs, and the heuristics to analyze that data. You need to reduce all of the noise in the data so that you can pick up the anomalies and respond to them. The other thing that’s going on is the Trojan horse concept—attacks masquerading as legitimate traffic or websites. You need tools that are able to be closer to the data before it gets encrypted to see if it’s being handled in ways that it shouldn’t, or you need methods that are able to keep people from getting tricked into going to malicious websites. You need tools that are designed to look at the content of the traffic and what is being done with the data. Overall, being able to take a forensic approach to looking at traffic and usage activities is really important.
Koppel: One of the big trends that higher education has to focus more on is the need to be able to detect and respond to potential threats much faster. Historically, we have intentionally let the horse out of the barn as learning environments are more open, but now we need to
TAKEAWAY Information security in higher education is all about determining what sensitive data is most important, how to use it to enable the business, and what we need to protect it from.
CONSIDER THIS Security in the digital space is more crucial to the business than ever. According to research conducted by CompTIA, companies cite malware and hacking as the threats that cause the most concern. In an article for Forbes.com, cybersecurity expert Joseph Steinberg posits that there are four areas in which organizations are underspending, in budget and resources, on information security. 1. Defenses to counteract breaches, which will inevitably happen. “The terrible truth […] is that if competent, well-funded hackers want to penetrate a specific organization, they will succeed at doing so,” Steinberg writes. 2. Defenses against human issues, like employees inadvertently leaking information through social media, or falling for phishing scams. Organizations need to prepare employees to help fight the cyberwars alongside IT. 3. Defenses against mobile risks. As mobility becomes increasingly important, IT should treat each mobile device as it would any other company computer, Steinberg says, with its own security software, encryption, and remote wipe capabilities. 4. Defense against Denial-of-Service attacks. Especially for organizations that rely on their websites to do business, preventing and defending against DoS attacks can be just as vital as preventing internal hacking.
ASK YOURSELF Does your IT department view breaches as hopefully rare but inevitable? Are you prepared to defend against attacks that come through numerous channels? How can you engage your staff to develop a holistic awareness of cyberthreats?
Sync / 123
The tech leader’s
REQUIRED READING True leaders are always learning. Sync asked the technology executives featured in this issue to share the books that have influenced their careers and leadership styles.
WHAT THEY DON’T TEACH YOU AT HARVARD BUSINESS SCHOOL By Mark H. McCormack
“The book taught me how important emotional intelligence is to be successful and how to develop and practice it in the (real) business world. In addition to good conceptual and critical thinking abilities, emotional intelligence is a critical factor in balancing strategic, tactical and positive political skills to be successful.” —TIM WILLIAMS, Caterpillar
GOOD TO GREAT By Jim Collins
“The book really resonated with me because it shows that regardless of varying leaderships styles, focusing on people is the main priority. Having the right people and building a strong culture are the keys to success.” —OSCAR PEREZ, Memorial Healthcare System
PYRAMID OF SUCCESS By John Wooden
THE REAL-LIFE MBA By Jack and Suzy Welch
“This book does a great job of addressing challenges we all face in business today. The authors present many relevant stories, as well as solutions on how to approach the problems we all struggle with.” —CHRIS AKEROYD, UMC Health System
THE FIVE DYSFUNCTIONS OF A TEAM By Patrick Lencioni
“John Wooden was probably the greatest coach in sports history, but more importantly, he was a leader who always highlighted the importance of integrity and caring deeply for members of his team. This book is a great outline of the important elements for building and leading a team to the ultimate level of its performance and doing it in a way that creates a life of deep fulfillment.” —KEVIN CROWE, Long View Systems
MINDSET: THE NEW PSYCHOLOGY OF SUCCESS By Carol Dweck
“The author describes how teams fail and what they must do to succeed. Rather than a cut-and-dry nonfiction version, Lencioni writes in third-person narrative, fictionalizing the people and organization in order to drive his points home.” —MOSTAFA RONAGHi, Illumina
“The author, a Stanford University psychologist, outlines how the way we approach challenges affects their outcomes. This is required reading for all new members of my team.” —LLOYD MANGNALL, AMC Health
INFORMATION ECOLOGY By Thomas H. Davenport
“As a book from 1997, some of the examples are a little dated, but the concept is perhaps even more relevant today. It puts people and information flow at the center of the challenge, and places computer information systems in an enabling (or if done poorly, a disabling) role.” —WAYNE THOMPSON, Mount Nittany Medical Center 124 / Sync
MULTIPLIERS: HOW THE BEST LEADERS MAKE EVERYONE SMARTER By Liz Wiseman
“The book identifies behaviors that help people grow (multiplier behaviors) and behaviors that may do the opposite (diminishing behaviors). It also acknowledges that we all are likely to have some multiplier and some diminisher behaviors, and reading this book helped me see into what categories my behaviors fall. I reread parts every once in a while to refresh my memory about specific traits I hope to have as a leader.” —ELEANOR LACEY, SurveyMonkey
THE NEW IT: HOW TECHNOLOGY LEADERS ARE ENABLING BUSINESS STRATEGY IN THE DIGITAL AGE By Jill Dyché
“This books taps directly into the current CIO mindset, regardless of industry. In a landscape of rapidly changing technologies and calls for greater innovation, Dyché concisely articulates the IT organization imperative to closely collaborate with business counterparts to succeed. She provides clear templates, examples and advice to start the important conversations and lay the groundwork for wholesale success, not mere incremental change.” —GARY KING, T-Mobile
THE CHECKLIST MANIFESTO By Atul Gawande
“Dr. Gawande’s book confirmed my own behaviors of using a simple approach to handle complex and seemingly impossible things. The concepts articulated in his book can be applied to our daily lives (both personal and professional).” —SCOTT ARNOLD, Tampa General Hospital
ATLAS SHRUGGED By Ayn Rand
“I know that’s a classic that many have read, and even more have an opinion about, but at its core, it points the way for entrepreneurs to drive ahead without worrying about what people think, and to not let those who destroy instead of create drag you down.” —JOHN MCDONALD, CloudOne
WINNING WITH ACCOUNTABILITY: THE SECRET LANGUAGE OF HIGHPERFORMING ORGANIZATIONS By Henry J. Evans
“This book, easily read in one sitting, lays out many great tips on how to tweak communications to support getting great results. One part I remember to this day is to look at your calendar, and compare how where you spend your time matches your important priorities.” —LORNA KOPPEL, Tufts University
HIDDEN ORDER: HOW ADAPTATION BUILDS COMPLEXITY By John Henry Holland
“As we embark on trying to understand complex relationships, and try to move from ‘something happened’ to why it happened, or why it will, the understanding of complex adaptive systems becomes critical to the understanding of emergent behavior. Throughout my big data and big data systems background, I find that some of a basic understanding of adaptive agents and emergence remain foundational to understanding the emergence of systems and appropriate simplifications as well as necessary complexity.” —DAN HUSHON, CSC
Sync / 125
INNER CIRCLE Meet the seasoned executives, intrepid entrepreneurs, and bold thinkers whose ideas shape this issue and address the promise of technology in the enterprise.
CHRIS AKEROYD, P. 96 UMC Health System Director of IT Infrastructure Chris Akeroyd provides a wide range of management and technology expertise that includes network architecture, systems engineering and security, and data center operations—all essential infrastructure components for today’s modern healthcare environment.
SCOTT ARNOLD, P. 23 Tampa General Hospital Senior Vice President & CIO Scott Arnold’s background in aerospace technology gives him a unique perspective on the healthcare industry. He uses that vantage point at Tampa General Hospital, where he’s been effecting change for four years, with the last two of those as CIO.
DR. COLIN BANAS, P. 82 Virginia Commonwealth University Medical Center Chief Medical Information Officer @colinbanas_VCU Dr. Colin Banas is a practicing hospitalist and expert in medical technology who recently testified before the Senate and the Office of the National Coordinator about healthcare legislation and the impact of technology in health informatics.
DANIELA CRIVIANU-GAITA, P. 78 Gamma-Dynacare CIO
126 / Sync
An award-winning leader in Canadian healthcare informatics, Daniela Crivianu-Gaita believes technology is the cure. That passion manifested three years after her college graduation, when the consulting firm she worked for sent her on an IT engagement at a major hospital in her native Romania. That was the first time she was exposed to health informatics. “I fell in love with it,” she says.
KEVIN CROWE, P. 88 Long View Systems Vice President of Procurement Kevin Crowe arrived at Long View Systems in 2000, and in his current role is tasked with providing the best tools and analytics for clients to seamlessly blend business and technology. Crowe also founded the non-profit Give A Mile, which allows people to visit terminally ill loved ones by crowdfunding spare travel miles and points.
GREG DIXON, P. 102 KEYW Holding Corporation Senior Vice President, Advanced Cyber Operations Greg Dixon spent more than twenty-one years in the United States Navy where he trained in nuclear strategic weapon
systems and cryptology while serving as a submarine ballistic missile technician and information warfare officer. He joined KEYW in 2008. Dixon graduated from the University of Memphis with a BS in electrical engineering technology and completed an MS in electrical engineering at the Navy Postgraduate School in 2000.
data systems, including at the University of Kansas Hospital and Arizona Hospital. At CNE, Gaddam helped to reboot the hospital’s infrastructure and IT team in her shortest turnaround time ever.
CLARK GOLESTANI, P. 64 Merck & Co. Executive Vice President & CIO
RANDY EGGER, P. 94 Project Partners, LLC President & Founder Randy Egger started in business applications thirty-five years ago when he began coding in Assembly language and building expertise in relational-database technology. He spent twelve years at Oracle Corporation and led the Oracle E-Business Suite Projects team before leaving to start Project Partners in 1997, out of his home office.
SUMA GADDAM, P. 57 Care New England CIO Suma Gaddam, Care New England’s new CIO, leads a 160-person technology team. Prior to joining CNE, she helmed the transformation of several hospital
“At the end of the day, it’s not only about the technology; that’s only one dimension. It’s about people and processes.”—DANIELA CRIVIANU-GAITA
Clark Golestani has been with Merck for twenty-one years, handling IT functions for every division of the healthcare giant. Golestani is also on the board of directors of global integration and data management company Liaison Technologies, which created the industry’s first dataplatform-as-a-service.
MARK HAGERTY, P. 26 TransPerfect CTO With 20 years of software development experience under his belt, Mark Hagerty was the Director of Software Development at eTranslate and a senior software engineer and manager at Adobe Systems, Inc. prior to joining TransPerfect.
DAN HUSHON, P. 50 CSC CTO @danhushon Dan Hushon previously served as chief technologist at Sun Microsystems and EMC Corporation, where he made major developments in cloud technology
and big data applications. He graduated from Carnegie Mellon with a biology degree, originally planning to become a physician, before he found his true calling in IT. He runs a blog at www.vdatacloud.com.
a leading healthcare CIO at North Cypress Medical Center, where’s she’s been for just over four years.
LORNA KOPPEL, P. 118 Tufts University Director of IT GARY KING, P. 16 T-Mobile USA, Inc. Executive Vice President & CIO @garyaking Gary King has more than three decades of IT experience. He spent six years overseas establishing new markets for cosmetics retailer Avon and was part of the team that launched BarnesandNoble.
The coauthor of Information Protection Playbook Lorna Koppel came to Tufts with an impressive pedigree—coming off of stints at Iron Mountain and Kohler. Koppel, a lover of continued learning and research, fulfilled a lifelong dream when she joined Tufts in 2014.
“If I tell the marketplace where I’m going and why, then I think my team is more likely to believe it and carry the message forward to the marketplace.”—DAN HUSHON com. Prior to joining T-Mobile, King served as executive vice president and CIO of Chico’s FAS.
ELEANOR LACEY, P. 46 SurveyMonkey VP, General Counsel, & Secretary
BEATA KASPER, P. 54 North Cypress Medical Center CIO
Experience at other prominent technology companies prepared Eleanor Lacey to lead SurveyMonkey’s legal department. She also pulls from her experience in foreign markets and speaks fluent Mandarin.
Beata Kasper has more than twenty-six years of experience in the technology industry. She’s now
RICHARD LOEW, P. 34 PBF Energy CIO Richard Loew believes in making mistakes every day—it’s proof that you’re not content with the status quo. Loew joined PBF in 2010, having come from a consulting background, where he’s built an IT team from nothing to seventy individuals with that same boundary-pushing ethos.
LLOYD MANGNALL, P. 60 AMC Health CIO @lloydmangnall Lloyd Mangnall studied neuroscience before entering the technology sector in the early ‘90s. Following more than ten years of ERP implementation, he returned to healthcare with a desire to fundamentally disrupt the industry. Mangnall worked with Vanguard Health Systems and VHA, Inc. before joining AMC Health in 2014.
ADAM MCCOMBS, P. 70 JumpForward Founder & Chief Data Officer @JumpForward Adama McCombs worked at Cisco for eight years before leaving to start JumpForward. He appeared on the ABC show “Shark Tank” in its first season, in 2009, to secure a round of venture capital funding for the then-fledgling company. McCombs holds several degrees and industry certifications and is currently pursuing a Master of Science degree in Predictive Analytics at Northwestern University.
DAMIAN MCDONALD, P. 108 Becton, Dickinson and Company CISO Damian McDonald joined BD in 2004 to lead the company’s enterprise infrastructure teams before stepping into his current role in 2007. Prior to his time at BD, he spent many years with companies like Time Inc. and Primedia Inc., where he developed IT architecture and implemented full tech strategies.
JOHN MCDONALD, P. 10 CloudOne CEO, Chairman, & President For over 20 years, John McDonald served in various roles in IBM’s software group before founding CloudOne in 2010 to securely deliver IBM software to a range of high-profile customers. He is one of the founding members of the Cloud Customer Standards Council and sits on its steering committee. McDonald has strong ties to Indiana; he received both his undergraduate and masters degrees from Purdue University and has published two nonfiction works about events in the state’s capital: Lost Indianapolis and Flameout: The Rise and Fall of Burger Chef.
JOHN NORENBERG, P. 30 Advocate Health Care System Vice President Corporate Information Systems, Physician Services In addition to guiding Advocate’s healthcare data management, John Norenberg is chairman of the Metropolitan Chicago Health Information Exchange.
Sync / 127
MARK OLSON, P. 112 Iron Mountain Vice President & CISO
MOSTAFA RONAGHI , P. 40 Illumina Senior Vice President & CTO
Mark Olson is a manager who prefers collaborating with leadership, trusting his team to stay sharp, and learning from mistakes. He’s been at Iron Mountain since 2013, and was promoted to CISO in late 2014.
Mostafa Ronaghi earned his PhD from the Royal Institute of Technology in Sweden. He holds more than thirty (pending and issued) patents and has written more than seventy peer-reviewed publications in journals and books.
“The work we do can help us corner one of the most deadly diseases on the planet, and we can see cancer become like the treatment of HIV, where patients can live for several decades.”
professional. Viswanathan is a proponent of sharing in the security sector, frequently engaging with students and also developing a rich network of likeminded security practitioners.
TIM WILLIAMS, P. 115 Caterpillar Inc. Chief Security Officer & Director of Enterprise Security Risk Management Tim Williams earned a BS from the University of Cincinnati and an MBA from the University of Toronto and previously held security roles at Boise Cascade Corporation and Procter & Gamble. He was Nortel’s CSO from 1987 to 1997. He came to Caterpillar in 2006 as the company’s CSO and has published many articles on fraud and ethics.
GREG PERCIVAL, P. 75 Carrizo Oil & Gas Vice President & CIO Greg Percival has spent the last two decades building expertise in IT, having held positions with Netforce, Dell, and ClearSource. In his four years at Kraton Polymers, he took Shell Oil’s global network to an independent environment and managed multimillion dollar outsourcing contracts. From 2006 to 2014, Percival lead IT for W&T Offshore. He joined Carrizo in 2014.
OSCAR PEREZ, P. 92 Memorial Healthcare System of South Florida Vice President of IT @oscareperez Oscar Perez has been in healthcare IT for over twenty-one years and has made it his lifelong mission to evolve his role and change its perception.
128 / Sync
He’s participated in four startups and has started and sold numerous companies. WAYNE THOMPSON, P. 85 Mount Nittany Health Executive Vice President & CIO After earning a Master’s-level computer science degree, Wayne Thompson was automating backend processes when he joined a firm that developed software for managed healthcare providers. That started a long career in the industry that has taken Thompson through positions in academic medicine at some of the nation’s largest medical centers. He joined Mount Nittany in 2012.
VIJAY VISWANATHAN, P. 106 HD Supply Vice President & CISO @VJCISO
Connect with Sync on Twitter @SyncTech Leaders
With eight years of experience at HD Supply, Viswanathan is the company’s most senior security
inside the issue
DATA ACQUIRED Facts and figures we learned from the tech leaders in this issue
Since founding nonprofit Give A Mile, Long View’s Kevin Crowe has helped give flight to 107 visits of support after collecting
crowd-sourced travel loyalty points.
of Fortune 500 companies have used SurveyMonkey. P. 46
Commentary, stats and scores for the World Cup must be translated, at lightning speed, into
9 official languages Chinese, English, French, German, Italian, Japanese, Korean, Portuguese, and Spanish.
JumpForward founders Adam McCombs and Brian Duggan appeared on season one, episode ten of ABC’s Shark Tank seeking a
investment. Eventually, the pair came away with
Greg Dixon of KEYW Holding recommends that information security professionals adhere to the SANS Institute’s list of Critical Security Controls to formulate an effective cybersecurity plan. Here are the most current twenty items on that list: 1. Inventory of Authorized and Unauthorized Devices
4. Continuous Vulnerability Assessment and Remediation
2. Inventory of Authorized and Unauthorized Software
5. Malware Defenses 6. Application Software Security
dozens of times a day. P. 115
3. Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
The average Internet-connected computer is attacked by malicious software or programs
7. Wireless Access Control 8. Data Recovery Capability
There will be a projected
devices connected through the Internet of Things by the end of 2015, according to tech research firm Gartner. P. 10
9. Security Skills Assessment and Appropriate Training to Fill Gaps
15. Controlled Access Based on the Need to Know
10. Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
16. Account Monitoring and Control 17. Data Protection
11. Limitation and Control of Network Ports, Protocols, and Services 12. Controlled Use of Administrative Privileges 13. Boundary Defense 14. Maintenance, Monitoring, and Analysis of Audit Logs
18. Incident Response and Management 19. Secure Network Engineering 20. Penetration Tests and Red Team Exercises
Sync / 129
“Every fifteen to eighteen months, some tech emerges that disrupts–in a good way–health care and other industries. It’s exhausting, but staying contemporary and continuing to move are of the upmost importance.”
“It’s easy to get caught up in the language and perspective of your own specialty, but then no one else really understands or cares about the outcome.”
“You can’t have a fiveyear technology plan, because everything that you started with is going to be out of date and no longer a fit at the end of five years if you follow a traditional approach.”
“You can have the best technology and best security in the world, but if someone clicks a link and gives away credentials, then all your work is lost.”
COMING IN ISSUE 005 The future of retail e-commerce Using data to move fleets Digital will transform the world of recruiting From server to couch—the next evolution in streaming video 130 / Sync
Whatâ€™s the world making today?