CIO June 15, 2015 by Sreekanth Sastry

CULTIVATING RURAL EFFICIENCY

Fullerton arms rural India with financial efficiency. 11

www.cio.in

REACHING OUT TO THE UNBANKED

Canara Bank's GM on how tech can help the unbanked. 16 4 TYPES OF GEEKS YOU NEED

Experts share advice on how to atrract these geeks. 27 THE DATA-DRIVEN CFO

B U S I N E SS T EC H N O LO G Y L E A D E R S H I P

Lupin's CFO on managing the information supply chain. 31

Fear of cyberattacks has corporate directors on edge. CIOs must steer the conversation toward managing business risk. 22

June 15, 2015

`100.00

Boards on Cyber Alert PLUS

Not Competing with LogisticsStartups Rubal Jain, MD, Safexpress, on why it isnt in competition with logistics startups. 15

VOLUME 10, NO. 8

June 15, 2015

Start

From the Editor in Chief 2 Trending 3 Numbers You Need 4 Quick Fix 6 Career Path 8 World View 10

Grow I N N OVAT I O N & B U S I N E S S VA LU E

Fullerton’s rural funding arm increases field force efficiency 11 Now supercomputers will better your crops 12 How to be a passionate leader 14 Safexpress MD isn’t competing with startups 15 How Canara Bank is reaching out to the unbanked 16

Boards on Cyber Alert

Fear of cyberattacks has corporate directors on edge. CIOs must steer the conversation toward managing business risk. BY S T E P H A N I E O V E R BY

Run L E A D E R S H I P & O P E R AT I O N A L E XC E L L E N C E

How Kotak Mahindra revived dormant bank accounts 17 All you need to know about using virtual reality 18 AI deployed to teach customer serrvice 19 Ham Radio leads rescue mission in Nepal 19 Unconscious bias is the new tech enemy 20 Why Twitter will never be Facebook 21

Connect P E E R A DV I C E

4 types of geek you’ll need 27 Don’t leave these security holes unaddressed 29 How do you measure your own success?30 Lupin’s CFO works in tandem with his CIO 31

Finish

Google’s Project Jaquard is no ordinary cloth, but the controls to your smart home. 32

www.cio.in

JUNE 15, 2015

PUBLISHER, PRESIDENT & CEO

FROM THE EDITOR-IN-CHIEF

EDITORIAL EDITOR-IN-CHIEF CONSULTING EDITORS EXECUTIVE EDITOR DEPUTY EDITOR FEATURES EDITOR CONSULTING ASSISTANT EDITOR ASSISTANT EDITORS PRINCIPAL CORRESPONDENTS VIDEO EDITORS LEAD DESIGNERS SENIOR DESIGNERS TRAINEE JOURNALISTS

start

Solution to What? 2

Is technologically enabling business growth about internally selling a ‘solution’ or is it about helping people to go about their work in peace? Akio Morita, the founder of Sony, put it simply: “No matter how hard you have worked to produce a product, and no matter how satisfied the engineers or management may be, if the customer doesn’t see for himself that the product has value, the whole exercise is for nothing.” In the 20 years that I have covered the business of technology I’ve rarely come across catastrophic technology failure in enterprises. At the same time, I’ve seen that the single largest reason for technology projects to ‘fail’ has been end-user rejection. Sony, especially when Morita was at the helm, is a good study in understanding customer-focus. He was totally clued in to what customers needed and wanted. Of course, he took risks and led with his instincts. Over a 30-year period, between 1950 and 1982, the Japanese firm successfully built twelve innovative and different product lines ranging from pocket radios to portable TVs and VCRs to the Walkman and 3.5-inch floppy disk drives. Surprisingly, Sony did not go in for market research to back these product launches (Morita apparently hated market research). The decision to launch all these products was made by Morita and a small group of associates, who looked for ways that miniaturized electronics could help people easily perform tasks that till then were difficult. To this success recipe, that called for a lot of innovation apart from intuition they added a spot of creativity. Creativity in technology, in product planning and in marketing. That is as true of a washing machine as it is of CRM or of even this magazine. If it doesn’t help you do your job better or more efficiently or with extra insight, the purpose is lost. It’s that simple. So the next time you’re trying to hawk a ‘solution’ to a colleague, pause. End your sales pitch. And, ask them more about what their problems are.

Louis D’Mello

Vijay Ramachandran Sudhir Narasimhan, T. M. Arun Kumar Yogesh Gupta Sunil Shah Shardha Subramanian Balaji Narasimhan Radhika Nallayam, Shantheri Mallaya Aritra Sarkhel, Shubhra Rishi Kshitish B.S., Vasu N. Arjun Suresh Nair, Vikas Kapoor Unnikrishnan A.V., Laaljith C.K. Ishan Bhattacharya, Madhav Mohan, Sejuti Das, Vaishnavi J. Desai

SALES & MARKETING PRESIDENT SALES & MARKETING VICE PRESIDENT SALES GM MARKETING GENERAL MANAGER SALES MANAGER KEY ACCOUNTS MANAGER SALES SUPPORT SR. MARKETING ASSOCIATES

Sudhir Kamath Sudhir Argula Siddharth Singh Jaideep M. Sakshee Bagri Nadira Hyder Arjun Punchappady, Benjamin Jeevanraj, Cleanne Serrao, Margaret DCosta MARKETING ASSOCIATE Varsh Shetty LEAD DESIGNER Jithesh C.C. MANAGEMENT TRAINEES Aditya Sawant, Brijesh Saxena, Chitiz Gupta, Deepali Patel,

OPERATIONS VICE PRESIDENT HR & OPERATIONS FINANCIAL CONTROLLER CIO SR. MANAGER OPERATIONS SR. MANAGER ACCOUNTS SR. MANAGER PRODUCTION MANAGER OPERATIONS EA TO THE CEO MANAGER CREDIT CONTROL ASSISTANT MGR. ACCOUNTS

Rupesh Sreedharan Sivaramakrishnan T.P. Pavan Mehra Ajay Adhikari, Pooja Chhabra Sasi Kumar V. T.K. Karunakaran Dinesh P. Tharuna Paul Prachi Gupta Poornima

ADVERTISER INDEX Accenture Services Pvt. Ltd

Bharti Airtel Ltd

Kyocera Document Solutions Pvt Ltd

IBC

Samsung India Electronics Pvt. Ltd.

IFC

SAP India Pvt. Ltd SAS Institute (India) Pvt Ltd VMware Software India Pvt Ltd

9 5 13

All rights reserved. No part of this publication may be reproduced by any means without prior written permission from the publisher. Address requests for customized reprints to IDG Media Private Limited, Geetha Building, 49, 3rd Cross, Mission Road, Bangalore - 560 027, India. IDG Media Private Limited is an IDG (International Data Group) company.

Vijay Ramachandran, Editor-in-Chief vijay_r@cio.in Printed and Published by Louis D’Mello on behalf of IDG Media Private Limited, Geetha Building, 49, 3rd Cross, Mission Road, Bangalore - 560 027. Editor: Louis D’Mello Printed at Manipal Press Ltd., Press Corner, Tile Factory Road, Manipal, Udupi, Karnataka - 576 104.

JUNE 15, 2015

www.cio.in

without rints to

start TRENDING

Augmented Battlefield to Train Marines

3D Printing for Interstellar Needs There’s a major supply chain issue in space. It costs $10,000 per kilo-

gram to blast something into orbit; a liter of water in space costs $10,000. In fact, only 2 percent of what NASA sends into space on its rockets is actually used by astronauts for experiments. The rest of the weight is made up by the space vehicle itself and its fuel. NASA and partner Made In Space Inc. are planning to solve part of this problem by installing a 3D printing station on the International Space Station (ISS). The 3D printer station will be able to receive .stl (stereolithography) files with CAD designs transmitted from earth to print a variety of tools astronauts may need, according to Jason Dunn, CTO of Made in Space. The new printing station will be made available to astronauts regardless of their nation status. Dunn, who spoke at the RAPID Conference, said that the company’s first fused filament fabrication (FFF) 3D printer was sent up last year via a SpaceX Dragon cargo craft. The small desktop 3D printer was used to print 20 objects preloaded on an SD card; a 21st object was printed based on an .stl file transmitted to the printer from Made In Space. The object, a wrench head made from ABS thermoplastic, took about two hours to print, and when it was finished, American astronaut Barry Wilmore removed it from the machine and commented that he wished he had “his ratchet.” Seven days later, after Made In Space designed the printable ratchet and had NASA run it through their qualifications, the file was transmitted to the surprised astronaut, who then put the new ratchet and head to work. –By Lucas Mearian

Thanks to augmented glasses, the US Marines were able to turn a golf course in Virginia into a simulated battlefield, complete with tanks, mortar fire and smoke. The simulation was a major step in the Marines’ efforts to enable soldiers to regularly use augmented reality wearables to enhance their battlefield training. “The glasses are leading-edge and are really pushing the technology of optical see-throughs forward,” said Peter Squire, a program officer with the Office of Naval Research. “But the glasses are just one component of the system. [We are] enabling warfighters to turn any environment into a training ground.” The augmented glasses the Marines used were made by SA Photonics, a Los Gatos, California-based company that focuses on vision systems, laser communications and satellite sensors. The augmented reality glasses superimpose images of a battlefield situation onto the live environment. That allows soldiers and their leaders to practice working in a battle situation in a safe and local area. It also saves the military the expense of setting up a fake battlefield with buildings, tanks and enemy fighters. This is a great idea for not only the military but for search-and-rescue organizations, the military and first responders, said Ezra Gottheil, an analyst with Technology Business Research. “This makes sense, integrating the real and the virtual,” he added. “You could use it in all kinds of training situations.” Augmented reality technology has hit its stride and we’re about to see its use in a lot of industries, said Zeus Kerravala, an analyst with ZK Research. —By Sharon Gaudin

ed,

oad,

www.cio.in

JUNE 15, 2015

I M A G E S O U R C E : T H I N K S TO C K . C O M

Kumar

Technology

Indian CEOs Get Tech Serious start

Almost three out of four Indian CEOs feel that banking on mobile technology is essential for the growth of the organization. BY N OA H D ’ M E L LO

Technology is becoming a key player in determining the success of an enterprise. But do Indian CEOs give digital technology the due importance for the effective growth of their business? Yes, they do. This decade has seen a revolution in the way Indians use mobile phones and smartphones. In 201314, India had approximately 910 million mobile users; this means there are approximately 78 mobile phones for 100 Indians. Moreover, the number of smartphone users is expected to increase to 382 million in 2016; this number was a modest 29 million in 2012. Anticipating this growth, 78 percent of Indian CEOs feel that mobile technologies are strategically important for their organization’s growth, according to the 18th Annual Global CEO Survey by PwC. On the other hand, 81 percent of the global CEOs deem mobile technology as important. Analytics, cyber security and the Internet of Things are some other aspects in digital technology that Indian CEOs are investing in for the growth of the enterprise.

The report shows that Indian CEOs are more or less prepared for the current technological upheaval. Fifty-six percent of Indian CEOs are concerned about the speed of technological change, much lower than their Chinese counterparts (88 percent). Moreover, only 41 percent of the Indian CEOs feel that changes in core technologies of production and services may be disruptive for their company in the next five years. Indian CEOs feel that business is flourishing through customer experience and operational efficiency, thanks to the investments made by them in technology. Eighty-five percent of the CEOs feel that it is important to have a clear vision of how technology will help achieve the enterprise goals so that the returns of the investments can be achieved. If you still haven’t given technology a serious thought, this would have changed your mind.

Noah D’Mello is a trainee journalist. Send feedback to Noah_dmello@idgindia.com.

All Spotlight on Tech Here are the number of Indian CIOs and technologies they believe are worthy of investment. Mobile technologies for customer engagement 78% Cyber security 75%

Data mining and analysis 73% S O U R C E : G a r t n e r ’s 2 0 1 5 C I O A g e n d a S u r vey

JUNE 15, 2015

www.cio.in

quiFIX ck Aping the Brain

start

Scientists are working on a circuit that mimics the human brain in an effort to dramatically boost artificial intelligence.

cientists are working on a circuit that mimics the human brain in an effort to dramatically boost artificial intelligence and machine learning.

Researchers at the University of California at Santa Barbara said they have created a circuit running about 100 artificial synapses that was able to perform a simple image classification. The university is hoping the circuit could one day be expanded to approach the scale of the human brain, which has 10 15—or one quadrillion—synaptic connections. “When a machine can truly see and recognize objects, it’s a short step to allowing them to make decisions and take actions based on what they see,” said Dan Olds, an analyst with The Gabriel Consulting Group.

—Sharon Gaudin

For more articles, see: www.cio.in/article

WORTH READING BOOK

The Off Switch

By Mark Cropley In this unique book, Professor Mark Cropley, blends engaging real-life case studies, clinical expertise and evidence-based techniques to provide a complete guide for how to switch off better–get more enjoyment from your free time, and still get more done. Amazon.in Rs 449.

3 Ways to Spot a Bad Boss DO SOME EARLY DETECTIVE WORK. Your first step should be researching the company online-but go beyond the obvious corporate Web site and Facebook profile, says Craig Bryant, founder and product manager for Kin HR, which provides human resources software solutions for small businesses. “Before you even start the interview process, research the company online. Go to Glassdoor and other feedback sites to see what current and former employees have to say about the company,” Bryant says. LOOK TO YOUR FUTURE. Even more important than the immediate impact of starting a new job is the future potential, both for the company and for the employee, says Bryant. Starting as early as the interview process, candidates should focus on how the company will contribute to their professional growth and development and make sure that aligns with their career goals. “During the interview process, candidates should probe for details on how the company will contribute to their professional growth,” says Bryant. If you’re going to pour your passion and devote most of your waking hours to a company what will you get in return? he says. ‘AT-WILL’ EMPLOYMENT GOES BOTH WAYS. If you do end up in a situation with a bad boss or a poor working environment, it can be helpful to know if your state supports the idea of “at will” employment, says Bryant. While “at will” statutes empower employers to hire and fire as they see fit, employees can also benefit, especially in a booming tech industry market where employment’s plentiful, he says. Sharon Florentine covers IT careers and data center topics

JUNE 15, 2015

www.cio.in

careerPATH

IT Career Risks Worth Taking start

In the tech career, knowing when to take risks can mean the difference between success and failure. BY S H A R O N F LO R E N T I N E

Nate Good knows a thing or two about risk. The 30-year-old passed up the more traditional IT career path and, instead, took a series of calculated risks that propelled him to the rank of CTO of ShowClix, a full-service ticketing and event management company based in Pittsburgh, Pennsylvania, at an age when many of his peers are still struggling to find their place in the corporate world.

Don’t be afraid to take a lower salary in exchange for stock options or a piece of the action. - RICK GILLIS, AN AUTHOR, CAREER CONSULTANT AND SPEAKER

Whether you’re just starting out in your career or have been established for some time, there are risks you can take that better the odds of your landing that dream job, getting a coveted promotion or just gaining some new insight into your IT career. Here, our experts share their thoughts on when and how to push the envelope.

Look beyond the IT ‘Meccas’ Silicon Valley and Silicon Alley (in New York City) are just two of the many vibrant IT career hotspots that have sprung up around the country and around the world. Don’t be afraid to avoid these areas

JUNE 15, 2015

www.cio.in

and look for an IT career a little closer to-or farther from-home, says Good. Good himself passed up a chance to move to Silicon Valley from Pittsburgh, and doesn’t regret that decision for an instant, he says. “There’s real value in being a bigger fish in a smaller pond. Maybe you live in a lesserknown city, or a small town, but there’s technology everywhere and those skills are essential no matter what the geographic location,” Good says.

Focus on Workplace Culture You’ll be spending a significant

portion of your life at work, so make sure the job and the workplace you choose aligns with your core values, and that you feel comfortable there. “Even if your skills and experience are a match, you might not be cut out to do IT work at a large, corporate bank or a freewheeling, creative advertising agency. Sometimes you have to dig deeper and look beyond what the surface trappings are signaling,” says Good.

Work for a Small Company or a Start-Up Once upon a time, Apple was a tiny start-up. Hewlett-Packard’s origin story began in a founders’ garage. If you truly believe in a smaller company’s ideas and ability to succeed in the market with their product or service, take the chance, because it might pay off in a big way. Start-ups are also great places to hone your independent thinking, creative skills and your ability to work as a team. “And don’t be afraid to take a lower salary in exchange for stock options or a piece of the action—because that could be a major windfall if the company succeeds,” says Rick Gillis, an author, career consultant and speaker.

Send feedback to editor@cio.in.

LEADERSHIPCONVERSATIONS

BUSINESS TRANSFORMATION

THROUGH REAL TIME TECH Vipin Gandhi, Head-IT, Welspun Group, defines the goals and objectives for Welspun’s IT growth.

Vipin Gandhi, Head-IT, Welspun Group

What has been the IT journey of Welspun over the years? How has IT adoption been in the organization? The Welspun management was quick to realize that IT had the power to reshape and revolutionize the way business was being carried out. Welspun has always been ahead of the curve in the adoption of IT. Welspun was perhaps the first company in the manufacturing space to implement SAP in the year 2000. We were also the first company in this space in the country to completely outsource our IT facilities. IT has been the keystone for the designing of our internal processes. This focus on IT has resulted in thought processes like automation, new and latest production technology, new IT applications becoming so ingrained in the mindset of the Welspunites that they are constantly on the lookout for these and are very keen to implement and absorb new technology which in the current context is changing faster than ever. Welspun’s IT journey is strongly linked to SAP. How have you worked with them and what are the significant technology and business transformation points that this association has brought? Welspun and SAP have been in a partnership for the past 15 years. SAP has been at the core

By Shantheri Mallaya

of the IT journey of Welspun and has been used not merely as a mechanism to prepare the account books but is also being used as a tool for assimilating, analyzing and tracking the entire manufacturing processes whether it is the pipe manufacturing process or the textiles processes. With SAP’s real-time platform HANA, we are now embarking on a transformational journey by not only super-charging our existing transaction systems but also by enabling real-

"With SAP’s real-time platform HANA, we are now embarking on a transformational journey by not only super-charging our existing transaction systems but also by enabling realtime reporting through HANA Live." time reporting through HANA Live. How and why did Welspun set the path forward with SAP’s real-time platform? What were the planned benefits? As mentioned earlier, HANA offers speed and real time analytics. This will result in

better control on the production processes and therefore, reduced quality issues, better planning of the manufacturing resources and better tracking of the product across the manufacturing lifecycle amongst other benefits. Just in time (JIT) delivery by vendors is another big advantage that Welspun in planning to achieve with HANA, as the real time data will give vendors the ability to better forecast the demand at the productions lines and therefore be able to deliver JIT. Finally, with SAP’s Simple Finance as a part of the new S/4 HANA Suite, we are also planning to re-imagine some of our core financial processes. What are the other transformations that Welspun has planned for in the different business functions of HR, supply chain, procurement, manufacturing and sales and distribution? What were the inherent challenges? Welspun is keen to explore transforming each of the line of business that you have mentioned. We are already in advanced discussions to explore a leading cloud-based HR platform, for managing our talent which is core to any successful business. Supply chain as well as sales distribution is a critical requirement in a complex manufacturing industry like textiles and we are evaluating solutions across these processes.

This interview is brought to you by IDG Services in association with SAP

world Fresh Ideas from Around the Globe

vıew

start

Social Media’s Role in Sierra Leone Political Crackdown

S I E R R A L E O N E Social media has played a crucial part in calling worldwide attention to Sierra Leone political unrest, with Amnesty International joining appeals to the government of President Ernest Koroma to stop using Ebola emergency measures to curb freedom of speech and assembly. Videos and reports of a series of protests in the US and UK against repressive actions taken by the Koroma government have been posted on YouTube and Facebook, mainly by Sierra Leoneans abroad. The demonstrations seek to draw global attention to President Koroma’s alleged unconstitutional removal of his vice president, Samuel Sam-Sumana, claims of misappropriation by government officials of funds meant for the eradication of Ebola, and reprisals against protesters. IDG News Service

Beware Unwelcome Drones

TOKYO Tokyo-based Sohgo Security Services, also known

as Alsok, plans to introduce a system that can detect incoming drones by listening for the signature hum of their rotors. The service could be aimed at government entities, corporations and key facilities such as nuclear power plants as a terrorism countermeasure. Other potential users are people or groups in the public eye who want to ward off the prying eyes of unmanned aerial vehicles. Alsok’s move follows an incident when a quadcopter with trace amounts of radiation was found on the roof of the Japanese prime minister’s office, apparently a protest of the government’s nuclear energy policy. IDG News Service

Uber Taxis Seized

DELHI Delhi police said 120 ride-hailing taxis linked to Uber Technologies and two Indian operators have been impounded, as the companies did not have licenses to operate. The drive against these companies using Webbased technologies was the result of their continuing operations, despite a prohibition on their services in the city until they obtained a license from the Delhi Transport Department, police said. IDG News Service

BBC and EE Trial 4G Broadcast Tech at FA Cup Final

LONDON EE trialed a new 4G broadcast service at the FA Cup Final, partnering with the BBC to give fans control over how they view the match through mobile devices. The 4G Broadcast EE app test allowed a small number of supporters within the stadium to switch between a choice of multiple live action camera angles to watch the game, as well as a selection of replays. EE said the trial was enabled by the use of its 4G Broadcast technology, which reduces the strain on bandwidth which occurs when live television is streamed by many people within a crowded area-such as Wembley Stadium. Techworld.com

–Compiled by IDG News Service from CIO magazine affiliates worldwide

JUNE 15, 2015

www.cio.in

grow innovation and business value

Cultivating Rural Efficiency Fullerton’s rural funding arm improved the efficiency of their field force while dealing with rural customers. By Shubhra Rishi You would think that a small village such as Dabok in Rajasthan, families there have no access to

financial systems or an ability to participate in the economy. But it isn’t so. The villagers in Dabok can avail loans for rural livelihood advancement, rural housing finance, and financing for various rural micro finances—all thanks to the rural funding arm of Fullerton India. Since the company’s rural business inception in 2007, it has invested immensely on technology to improve the efficiency of its field force. For instance, Fullerton’s rural model has a number of group lending concepts and required the field officers to be available at a particular time to meet the customers and collect their weekly installments. “We were keen to deploy and use automation tools to empower our field staff,” says Samir Khare, CIO, Fullerton India Credit Company. For instance, Fullerton has centers where its rural customers gather to meet the field officer to submit their weekly installments and authenticate biometric fingerprints using point-of-interaction devices once in a week. The field officer had to make a

••••••••••••• 51% of Indian CIOs say consolidating disparate systems is their organization’s top pain point with regard to the datacenter. SOTC 2015 •••••••••••••

www.cio.in

JUNE 15, 2015

crunch

Joys of Outsourcing

grow

Outsourcing has become the new norm in

visit to five centers in a day. Without these the IT industry this year. Here are the top devices, it would take the field officer about five drivers for outsourcing or managed an hour to meet all customers and complete services: the tasks at each center. Access to best practices 60% However, the company improvised Access to new technologies or services 54% on their existing automation process by Free up internal resources for other purposes deploying android-based tablets and 47% mobile devices for the field staff. The mobile Reduce and control operating costs 45% app deployed on the devices made the biometric fingerprint authentication much Improve company focus 41% easier. “Although a lot of people have initiated biometric authentication on devices S O U R C E : S OTC 2 0 1 5 however, our systems have additionally proven interoperability across biometric hardware and device operating systems from the time we commenced automating the field force operations,” says Khare. The company has deployed over 1500 tablets for the field officers across India and “Today, we another 1000 are being rolled Scientists are using a supercomputer to out. Since the deployment, on have the identify the nanostructure of cellulose an average, the field officer ability to do to potentially pave the way for more disefficiency in terms of number ease-resistant crop varieties and increase much more as of centers visited in a day has the sustainability of the pulp, paper and doubled. The field officer is compared to fiber industry. able to track the attendance the previous Researchers from the University of of the number of customers Melbourne, the University of Queensland, and IBM Research have tapped the comattending the weekly meetings device ,” puting power of the IBM Blue Gene/Q while the device automatically —Samir Khare, CIO, Fullerton supercomputer at the Victorian Life Scigenerates the payment receipts. India Credit Company ences Computational Initiative (VLSCI) to Additionally, it has also enabled the field officers to wrap up model the structure and dynamics of celmeetings in 30 minutes instead of the earlier 60 minutes. lulose at the molecular level. Once all the visits to the centers is over, the field officer Cellulose, one of the most abundant goes to the branch catchment area and the tablet synchroorganic compounds on earth, is the basic nizes the data and pushes it to the central system, and the structural component of plant cell walls. customer’s loan account in a matter of five minutes. This Scientists used the supercomputer— process brings in a lot more control and error-free transacdubbed Avoca—to complete the quadrillions of calculations required to model tion. Today, we have the ability to do much more as compared the motions of cellulose atoms. to the previous device which was only a transaction device,” says Khare. —Byron Connolly Technology has truly empowered Dabok, and many such rural villages to avail the benefits of microfinance hassle-free.

Supercomputer Betters Crops

Send feedback to Shubhra_rishi@idgindia.com.

•••••••••••• 78% of Indian CIOs say, in 2015, they expect to spend most of their time designing and optimizing business processes. SOTC 2015•••••••••••••

JUNE 15, 2015

www.cio.in

CIO-The IT Hero

Rupinder Goel,

Global CIO at Tata Communications

This feature is brought to you by IDG Services in association with VMware

Headed into Automation Rupinder Goel, Global CIO at Tata Communications, believes automation is at the core of business transformation.

Interview by Shantheri Mallaya What has been your role and contribution to the IT journey at Tata Communications? Tata Communications is a global telecommunications company. This sector operates on large infrastructure and generates huge Internet traffic, the complexity requiring automation at advanced levels. So, we have converted our IT journey into a sustainable digitization strategy. On priority, we launched a next gen portal—a case for hybrid cloud—built on the principles of Infrastructure-as-a-Service (IaaS). This is a digital currency for us, a one stop shop interaction for customers. The IT journey primarily surrounded five different tracks. First, to streamline our vast infrastructure and datacenters around the globe we implemented our own private cloud, which was a controlled, regulated environment that allowed any app, any solution for our internal IT to be executed. This has reduced the lead time and cost to operate. Second, we evaluated our BYOD mechanisms and framed a policy that has now devolved into a device free model. Third, we strengthened the security piece not merely at the device but also at the network level, thus macro fortifying our infrastructure. We also looked at analytics and data, using Hadoop. We envision an organization that will be tied to analytics. And we are treading slowly with social, while keenly looking at customer-facing channels. Tata Communications has adopted cloud infrastructure in a big

Virtualization gives immense flexibility to move things forward as needed. Vendors like VMware have propelled us from virtualization to cloud. Rupinder Goel, Global CIO

way for the datacenter. What has been the vision for this? Initially, the virtual components were small, which we realized were not enough to achieve our digital strategy. So, we adopted virtualization as a critical stepping stone to the cloud, and worked a policy in the organization for our internal teams. Effectively, almost 90 percent of all the new functionalities and deployments is being virtualized. We have an optimal TCO with an appreciable RoI with this technology. The cost on the skills required to support infrastructure has reduced. Virtualization and cloud gives immense flexibility to move things forward as needed. Vendors like VMware have us propel our datacenter strategy from virtualization to cloud, which will continue into 2015-16. Tata Communications shares a significant IT relationship with VMware. What are the major touch points? Tata Communications’ IT journey with VMware has progressively evolved. The tech solutions strategy that VMware implemented has helped us build reference points. Tata Communications has been able to steadily move from virtualization to the cloud, where VMware has provided and managed services on various cloud environments–a move that has given us tremendous confidence. We have charted all our new virtualization initiatives with VMware. With VMware, we would be keen to discuss and explore the idea of building best-in-class infrastructure and networks defined by software that will help us move to the next level in digitization and agility. n

IT STRATEGY

IT Lessons from Sun Tzu grow

The ideal company to invest in, work for or buy from should be run by a product passionate CEO. BY R O B E N D E R L E

recently attended an event celebrating the 50th picked by Jobs, but he was an administrator not a product Anniversary of Moore’s law and was entranced by guy. Ironically, Scully was convinced to join Apple using some of the old stories from Intel’s founding. Part the passion argument. “Do you want to sell sugar water for of what I found fascinating was the virtual passing the rest of your life or do you want to come with me and of the torch from the passionate founder Gordon change the world?” Moore to Intel’s current CEO Brian Krzanich. It was the same with Steve Ballmer after Gates in Krzanich clearly loves hardware and regards to losing the passion for the technology, and his passion, like Moore’s, product. Even though Ballmer clearly Passion is has Intel doing interesting things. This knew Microsoft, his lack of product pascontagious and return to passion can also be seen at sion came back and bit him several times, tends to spread Microsoft with Satya Nadella and prodmost notably with Zune. throughout a firm ucts like HoloLens. Suddenly Microsoft All of which showcases how pertinent getting everyone innovation isn’t an oxymoron, and people Sun Tzu is, as noted by this quote: “Thus who work at both firms are looking at excited about doing the highest form of generalship is to balk them differently and far more positively the enemy’s plans, the next best is to prethe best they can. as a result. vent the junction of the enemy’s forces, the next in order is to attack the enemy’s army in the field, and the worst policy of all is to besiege Sun Tzu to Andreesen/Horwitz walled cities.” Then apply it to Zune (the iPod clearly being Often I’m amazed at how much of what I see with regard a walled city), and you’ll see Tzu predicted Ballmer’s failure to leadership best practices is what Chinese general, phiwith the Zune. A better strategy (balk the enemy’s plans), losopher and author Sun Tzu saw as well only hundreds, one that Ballmer’s Microsoft discarded, was to break the wait no, thousands of years earlier. For instance it appears lock in between iTunes and Apple users. A strategy Google “The Art of War” author was talking about the right kind of executed with Android and apps against the iPhone. passion when he said: “The general who advances without Passion focuses people on creating products they think coveting fame and retreats without fearing disgrace, whose are amazing, that they would use. It is contagious and tends only thought is to protect his country and do good service to spread throughout a firm getting everyone excited about for his sovereign, is the jewel of the kingdom.” doing the best they can to build, market and launch the Andreessen/Horwitz, one of the most influential and offering. In motivates them to work extra hours and into power VC firms in Silicon Valley seems to have built this the weekend voluntarily, and it helps create the foundapassion and the related need for subject matter expertise tion for the pride that results when the effort is successful. into their investment selection process. Though it is interIn the end the ideal company to invest in, work for or esting to note that Marc Andreesen was instrumental in buy from should be run by a product-passionate CEO picking both Leo Apotheker and Meg Whitman, neither who’s employees, in turn, would follow them anywhere. I of which seemed to have either of these attributes, making think in all cases you’ll be happier with the result, I know you wonder if he has actually read his firm’s written policy. I was when I followed this advice.

Leading with Passion

We saw this in spades with Steve Jobs and Apple. John Scully was certainly a qualified CEO and he was hand-

JUNE 15, 2015

www.cio.in

Send feedback to editor@cio.in.

VIEW from the TOP

Not Competing with Logistics Start-ups Rubal Jain, MD, Safexpress, on why it isnt in competition with logistics start-ups.

Why do you need a separate B2C set-up? Surely, your current B2B set up can deliver packages safely, securely and reliably.

The requirements of delivering an e-commerce consignment are very different from the needs of traditional B2B deliveries. B2B deliveries are made to a city’s commercial Have logistics start-ups like Ecom Express beaten older hubs, whereas B2C deliveries are made to players like Safexpress to the e-commerce opportunity? residential areas. Residential complexes To answer that question, I’ll have to go back in history. That way, you’ll won’t allow trucks (which B2B operations realize that what we’re offering is different from what they are--and use) as easily as they would allow smaller why we aren’t in competition because we aren’t even playing the same delivery vehicles. Also lanes are narrower sport. and parking is an issue in residential areas. In the first few years of e-commerce, most transactions were small And odd-time delivery is an altogether difpackages like books. Most of this was moved by air, and was declared ferent ball game in itself. as courier packages of non-commercial value. A laptop Additionally, execubeing shipped from Mumbai to Delhi was put in a big bag We aren’t in tives who make B2C delivwith other courier documents, declared as a document eries have different skills and shipped. The legality of this way wasn’t very clear. competition from those making B2B Safexpress always wanted to get in this business with with deliveries. Their demeanor, thorough legal clarity. We also wanted to do a good job. e-commerce outlook, and the way they We wanted to ensure that we carried a parcel from end to end on our fleet. This ensures that parcels aren’t handed logistics start- present themselves are far more refined. over to unknown third-parties, so they are not vulnerable ups. We aren’t to security issues, or inclement weather. even playing Then two things happened. First, state governments How much revenue warmed up to e-commerce, making legalities less of an the same sport. does Safexpress make issue. Then, customers started 8-seater dining tables, from its B2C business? 50-inch TVs, and so on. The new players could no longer Presently, our focus is on throw these into a bag and ship them. strengthening our fundamentals and We ordered 1,000 Maruti Eecos for delivery services. We launched aligning ourselves completely with the Safexpress B2C 2013. Today, all B2C deliveries are executed on our very dynamic e-commerce market, rather own branded fleet of four-wheelers. than concentrating too much on revenue. While e-commerce logistics start-ups may have done alright so That said, we strongly believe that Saffar, the fact is they will not be able to deliver, say, a 40-inch TV safely, express B2C business can potentially securely, and on their own fleet. On the other hand, Safexpress is far become as large as our B2B business. We ahead in the game due to its innovative four-wheeler delivery model are creating capacity for 1 million packages and can deliver all kinds of products. We even use customized deliva month. We will reach there very soon. ery vehicles for any-size shipments like furniture. This will become This year, that’s 2015-2016, we are tarincreasingly relevant in the times to come when the market will geting a business turnover of Rs 100 crore. hugely evolve towards shipments of all kinds of shapes and sizes. To that extent, Safexpress is future-ready for e-commerce. Send feedback to sunil_shah@idgindia.com. BY S U N I L S H A H

grow

Rubal Jain, MD, Safexpress

[Q+A]

Helping the Unbanked grow

M.A Nayagam, GM, Canara Bank, speaks about the technology capabilities banks must have to reach out to the millions of unbanked people. B Y M A D H AV M O H A N

How can technology help in the financial inclusion of millions of unbanked people? With the help of technology, implementation of financial inclusion can be done in many areas as millions of people live outside cities. Technology is going to be used by business correspondents who are the front end-guides, to help consumers avail money. The business correspondents guide the consumers on how to operate the system. To create faith

We have covered 15,000 villages and employed 3,500 business correspondents. in the financial system, the banks need to have devices which are userfriendly. Without technology, it is impossible to take the idea of financial inclusion forward. What kind of technological innovative approach has Canara Bank implemented to meet the requirements of people in the unbanked sector?

In 2006, we implemented the concept of financial inclusion in a village at Devanahalli, Karnataka. Canara Bank made a study with the rural people to see how much faith they have in financial inclusion. Based on their feedback, we appointed a local person as a business

JUNE 15, 2015

www.cio.in

correspondent. We trained him with the procedures and started to develop on technology. We found a handheld device, where application can be loaded and devised a smartcard to store the fingerprint of the person.These finger prints were stored in the datacenter which was later used to validate the identity of the customer. To make sure the person understands the operation, we introduced voice into the system and made a library of words and figures. Once the matching is done, the system gives an option to withdraw or deposit amount. The business correspondent, then punches the amount and authenticates the voice. Till now, we have covered 15,000 villages and employed

3,500 business correspondents. With so many financial inclusion initiatives taken by the government, Canara Bankâ&#x20AC;&#x2122;s target is to cover one crore villages across the country. What are the challenges you faced while implementing this solution and how did you overcome them?

Mobility was a big problem because business correspondents were on the move and had to change villages every two hours. We provided a vehicle, so that they can easily move around. Charging the battery for the device used for thumb impressions and smart cards was becoming difficult. Subsequently, we created a battery bank and installed it in the vehicle. But tracking 3,500 correspondents manually, proved to be cumbersome. Though mobile connectivity in villages was a problem, GSM connections have been the solution. What are the technology capabilities banks must have to ensure financial Inclusion?

At the moment, Canara bank has six crore accounts and with Pradhan Mantri Jan Dan Yojana, we have opened another 60 lakh accounts. As business correspondents are outside the core banking system the data collected by them should have the capability to seamlessly integrate with the core banking solution of the banks. Banks need to lay paramount focus on protecting the data and ensure interoperability.

leadership and operational excellence

run

Reviving Dormant Accounts Kotak Mahindra Bank had accumulated four lakh dormant. Here’s how it used analytics to revive them. B Y S U N I L S H A H

India is home to over 40 percent of all the dormant bank accounts—accounts that haven’t seen

a transaction for a specific amount of time—in the world. In April 2014, Kotak Mahindra Bank had about 0.4 million dormant accounts. It was a fair amount of dead weight to carry and the bank decided to figure a way to revive them. “Roughly, the cost of going out and getting a new customer is 7x of reviving an existing account,” says Puneet Kapoor, Sr. EVP, Kotak Mahindra Bank, who is also in charge of the bank’s analytics wing. The bank decided to revive the accounts—but not all of them. It wanted to choose which accounts would be worth following up on—and that’s where analytics came in. “Obviously, if I have to make an effort to reach out to a customer and revive that account, I need some

Puneet Kapoor, Senior EVP, Kotak Mahindra Bank, says, “Before reviving an account, we needed insight on who to target.”

www.cio.in

JUNE 15, 2015

run 18

insight on which people we should target and what we should say to them,” says Kapoor. The analytics department divided the four lakh dormant accounts into three buckets: Business accounts, salary accounts, and general saving accounts. “We then started applying intelligence on these, in term of who we should reach out to,” says Kapoor. The analytics team first looked through general saving account customers, which constituted 2.6 lakh of the total four lakh dormant accounts. These were divided these into high variant and low variant accounts. Low variant accounts are those which required monthly minimum balances of Rs 10,000; high variant ones required either Rs 20,000 or Rs 50,000. Then the team used analytics to figure out which of the high variant accounts--when they were active-ever had an average monthly balance of over Rs 1 lakh, and had managed that for any five months. A second bucket of customers was created, but set the threshold at between Rs 50,000 and Rs 1 lakh. Further, a third group was also made, and set that filter at between Rs 25,000 to Rs 50,000. “These filters are interesting because they give you an insight into the wallet-size of the customer. Often customers bite off more than they can chew. When they open accounts they opt for products with a higher cut-off, and are then unable to service the account,” says Kapoor. Using analytics, the bank honed their target list further using other clues including the pin code of the account holders’ home, or whether that person had taken a loan for an expensive car. That revealed that the customer could be offered an account with a higher monthly balance. The group applied the same intelligence on low variant accounts as well. Out of the four lakh dormant accounts the group started with, their analysis revealed that 90,000 accounts were worth pursuing. These names were given to the bank’s channel to follow up with. At the time of this story, the channel had reached out to 36,000 customers and had revived thousands of accounts. Soon money started flowing back into those accounts and the bank managed to call back upwards of Rs 10 crore of stable float. What this means is that with these accounts are turning active, the accounts are seeing funds movement upward of Rs 10 crore – the float, part of which the bank in turn gets to use for onward lending. Send feedback to sunil_shah@idgindia.com

JUNE 15, 2015

www.cio.in

Things You Need to Know ABOUT HYBRID CLOUDS

TRAINING. Trainers, according to Jeff Kagan, an independent industry analyst, will use virtual reality extensively. “Whether training soldiers on a combat field or sales reps at the customer location, virtual reality provides the ability to enter the world to train and get better, without ever leaving your office,” he said. “This would let every company be able to train every person, more often than ever. This would make every company more competitive.”

PULLING IN REMOTE WORKERS. Virtual reality also should make for better relationships between employees working remotely and their managers or working groups. “Think about employees being able to work from home but, at the same time, working from virtual offices, surrounded by their virtual peers,” said Rob Enderle, an analyst with the Enderle Group. “This could make the worker feel more like a part of the meeting or a part of the team,” leading to possible productivity boosts.

LESS BUSINESS TRAVEL. A virtual reality meeting could make it seem like a manager is in an actual face-to-face meeting when he or she is actually alone in the office. What companies will notice is a reduction in travel costs and in the administrative work it takes to make the travel arrangements and deal with the expenses. It also will reduce the amount of time workers are outside the office and unavailable.

SALES. SALES. SALES. If someone is interested in comparing two different types of smartphones before buying one, testing them both out via virtual reality would be the perfect solution. The same would go with someone looking to buy a new car, a new boat or even a house. Salespeople could help their potential customers to virtually try before they buy. Customers could feel like they’re sitting in a car. They’d see how it would steer and feel on the road and how the interior looks up close. They could see how roomy it is—all before taking the time to drive to a dealer to see it in person.

ORDER UP! Kagan said one of the first uses of virtual reality may be at restaurants to allow customers to make their to-go food orders instead of calling in or using the Web. “Let’s have some fun and imagine this,” he said. “Instead of making a phone call, you can talk virtually face-to-face with a waitress at the pizza place.”

— Sharon Gaudin

POPULAR SCIENCE

AI Teaches Customer Service

The research project will use machine learning to mimic furious customers and run through millions of scenarios to figure out how customers react

ompanies often frustrate their cus-

tomers—or make them downright irate— because of product problems, shipping snafus or rude people on customer service lines. The problem for companies, though, is to figure out exactly why their customers are angry before they ditch them for a competitor. To help enterprises discover the root causes of customers’ anger, researchers at a New Zealandbased company are using artificial intelligence (AI) and machine learning to mimic furious callers and run through millions of scenarios to figure out how customers react in different situations. “These are often the seeds of opportunities where a business can differentiate itself in the market by consistently delighting customers in ways not easily visible to competitors,” said Frank van der Velden, CEO of Touchpoint Group, a software company focused on the New Zealand and Australian markets. “One of our key objectives is to automatically detect

Ham Radio Leads Rescue Mission Amateur radio has stepped in to fill communication gaps in Nepal, which is struggling with power outages and a flaky Internet after a devastating earthquake killed over 5,000 people. The hobbyist radio operators, also known as ham radio operators or hams, worked round-the-clock to help people get in touch with relatives, pass on information and alert about developing crises ever since the 7.8 magnitude earthquake hit about 80 kilometers from Nepal’s capital city of Kathmandu. Ham radio sent voice or morse

these situations, and to allow both risks and customer opportunities to be quickly acted on.” The research project will run what-if scenarios to see if a given situation is likely to enrage or please a customer, according to van der Velden. According to Touchpoint, it will test millions of these scenarios each week. “Do customers become more angry over products delivered late or products that don’t work as advertised? Acquiring a customer is expensive, and businesses need to do everything they can to keep a customer buying from them for a long time,” said Dan Olds, an analyst with The Gabriel Consulting Group. “I think the combination of enterprise IT and machine learning is just barely entering its infancy. In the future, I expect that most enterprises of any size will have some sort of functions that make use of these deep learning concepts.”

Send feedback to editor@cio.in.

code messages across radio frequencies and has often helped in emergencies. It can work off solar power or low-voltage batteries, which means that the radios can continue to work even after smartphones and laptops are discharged, said Jayu Bhide, National Coordinator for Disaster Communication at the Amateur Radio Society of India. Ham operators in Nepal and India are working in shifts to keep communications going between them and hams in other parts of the world like Turkey, Australia and New Zealand, Bhide said. The hams have been getting frequent requests from abroad to trace relatives and friends in the earthquake zone. The operators in Nepal then try to get information on the missing persons and transmit it back.

Many of Nepal’s large Internet service providers, including Nepal Telecom, were able to maintain the country’s connectivity to the Internet despite the earthquake, but the ability of the average person in Nepal to connect to the Internet depends on conditions affecting last-mile connectivity, said Internet performance monitoring company Dyn. “With downed mobile towers, severed overhead fiber cables and spotty electricity, connecting to the outside world will be challenging for weeks to come as the nation recovers from the devastation,” wrote Doug Madory, Dyn’s director of Internet analysis.

—John Ribeiro

www.cio.in

JUNE 15, 2015

HIRING MANAGER

Beware of the Unconscious Bias

run

Unconscious biases have a detrimental effect on recruiting and hiring. And it’s harder to identify and change. BY S H A R O N F LO R E N T I N E

aking recruiting and hiring decisions and salaries. And many managers are ill-prepared to handle based on a candidate’s height sounds diversity issues,” says Stokes. ludicrous, right? And yet, according to No one wants to think of themselves as biased, says Stokes, research from Timothy A. Judge and and most workers truly believe that they’re not racist, sexist, Daniel M. Cable, published in the June age-ist or any of the other “-ists” that can be used to label a 2004 issue of Journal of Applied Psychology, there’s a person as intolerant and prejudiced. But the fact is, humans perception that height correlates with success. While only are biologically wired to be biased, and to quickly categorize the 15 percent of American men are taller than six feet, more world—and other people in it—based on pre-conceived notions. than 60 percent of corporate CEOs are over six feet tall. Where issues arise is when these biases are used to assign As Howard Ross, co-founder and chief learning value to certain characteristics or traits and to base decision officer of consulting firm Cook Ross asserts in this brief making on these biases we might not even be aware of. “The on diversity and inclusion, “It seems not only unfair, problem is that many businesses and managers will say, ‘We but patently absurd to choose a CEO because of height, don’t even need to talk about diversity because we’re only just like it is unfair and absurd to give employees lower interested in hiring the best talent,’ and then they’re ignoring performance evaluations solely because unconscious bias. What they assume is Make apostles of they are overweight. Or to prescribe that there’s a level playing field for women, medical procedures to people more for people of color, for economically and your people and often because of their race. Or to treat socially oppressed groups—and that means you’ll reap the the same people different ways because those groups aren’t going to be given a fair benefit of those of their clothing. Or even to call on boys shake,” she says. good hires for more often than girls when they raise years to come. their hands in school. And yet, all of They’re Called ‘Unconscious’ these things continuously happen, and for a Reason they are but a small sampling of the “Nobody wants to think they’re biased, or hundreds of ways we make decisions every day in favor that they’re doing an injustice to anyone, so they aren’t willing to of one group, and to the detriment of others, without even examine that—you can’t get to these issues through introspection. realizing we’re doing it.” That’s why they’re unconscious biases!” Stokes says.

The Challenges of Unconscious Biases

Making a Start to Address Unconscious Bias

These all are examples of unconscious bias, says Valeria Stokes, chief human resources officer and staff diversity officer for the American Bar Association. Speaking at TLNT and ERE Media’s High Performance Workforce Summit in Atlanta, Stokes explained that while businesses have made great strides toward eliminating overt discrimination and bias, there are still challenges when it comes to unconscious biases. “There’s still a paucity of racial, gender and sexual orientation demographics in leadership or in decisionmaking roles. We still see inequality in hiring, promotions

Addressing unconscious bias starts with acknowledging and accepting that every single person holds them, without placing blame or shaming individuals. Then, it’s important to increase awareness of how these biases affect talent management practices, and to look at business-based outcomes of diversity practices—how diverse companies are more competitive, how they’re better equipped to serve their customers and are increasingly seen as an employer of choice for job seekers.

JUNE 15, 2015

www.cio.in

Sharon Florentine covers IT careers and data center topics. Send feedback to editor@cio.in.

Why Twitter will Never be Facebook

Facebook is the clear king of social, and it’s unlikely that Twitter will ever seriously infringe on its throne. B Y M A T T K A P K O

witter lost about

27 percent of its market value. Critics are beating the drums of war, of course, but Twitter has been tested before and has proven its ability to endure. The company faced investor backlash last year, and its stock hit an all-time low. High-level executive turnover is one of the company’s hallmarks. It has struggled to tell a clear story about what exactly Twitter is and why people should use it. And yet, despite the problems, more than 302 million people use Twitter at least once a month, according to the company’s latest earnings report. This user base alone is enough to secure the company’s status in the uppermost echelon of social media, but that prominence comes with some significant challenges. For example, Twitter is one of the biggest platforms in social media, so it will always be compared to Facebook, a much larger competitor. However, barring any unforeseen circumstances, Twitter will never overtake Facebook and dominate the social media landscape. Facebook brings in almost 10 times the annual advertising revenue of Twitter, and its monthly user base is nearly five times larger. In both of these cases, the difference is one of millions and billions. Facebook is in a league of its own, and the burden on Twitter could be somewhat lessened if the two weren’t consistently compared.

Twitter’s ‘Weirdness’ is a Social Media Differentiator Twitter and Facebook are clearly different, but they’re still often seen as equals. So does Twitter have to become even more of a social media powerhouse, like Facebook, to thrive? It might be good for Twitter in the long run if it required slightly less explanation for new users, and changes in this regard could lead to

people who have trouble nailing down a clear value statement; the majority of Twitter users would undoubtedly describe the platform in different terms and measures. “Twitter has always had that challenge of requiring a little bit of extra explaining,” Berkowitz says. “It’s not just for one thing, there’s a whole language around Twitter that people need to learn.”

Twitter is always going to be a little weird. If it stops being weird, it’s going to be just like everything else. greater luck with grandparents (and investors), but mainstream adoption has never been Twitter’s ultimate goal and never will be. “Twitter is always going to be a little weird,” says David Berkowitz, CMO at creative tech agency, MRY. “If it stops being weird, it’s going to be just like everything else.” During the past four years, Twitter CEO Dick Costolo described the company in five notable ways: As “three geometrically eccentric circles;” a “global town square;” a public and real-time communication platform; “indispensable companion to life in the moment;” and the “world’s largest information network.”

Twitter’s Ambiguous Value Proposition Twitter’s leaders aren’t the only

Twitter has Obvious Strengths and Weaknesses Twitter has celebrities, personalities and other persons of interest, making it a valuable tool for people who want to learn more about their favorite authors, chefs, school mascots or anyone else who draws their attention. Twitter has also proven to an invaluable tool for the media, which frequently uses Twitter to break news and engage audiences. However, Twitter’s ability to target ads based on demographics is woefully lacking compared to Facebook, (again, there’s that comparison) but that doesn’t concern Berkowitz, who says reaching scale at the right moment is equally important to marketers. Send feedback to editor@cio.in.

www.cio.in

JUNE 15, 2015

BOARDS ON CYBER

A!ert Fear of cyberattacks has corporate directors on edge. CIOs must steer the conversation toward managing business risk. BY STEPHANIE OVERBY

hen Anthem revealed in early February that hackers had breached a database containing the personal information of 80 million of its customers and employees, the news hit a little too close to home for Gary Scholten, executive vice president and CIO of Principal Financial Group. His first order of business that day was to gather all the information he could to reassure his board of directors that the financial services provider did not have similar vulnerabilities. He contacted the industry’s Financial Services Information Sharing and Analysis Center to get detailed intelligence on the exact nature of what Anthem publicly called a “very sophisticated external cyber attack” and was able to assure his board members that Principal’s customer and employee data was not at risk from the type of attack launched against Anthem. Anthem is one of the nation’s largest health insurers. Because of the size of its breach, the industry in which it occurred and the media attention it received, Scholten wanted to get ahead of the questions that Principal’s directors might ask. “Cybersecurity is a huge priority for them because the service we provide is so reputation-based,” says Scholten. “It’s a top-of-mind board issue.” Scott Angelo, CIO of K&L Gates, was in Miami for the annual meeting of the law firm’s management committee (a private company’s version of a board) when the Anthem news hit. “They wake up, and the first thing they want to know about

JUNE 15, 2015

www.cio.in

is Anthem,” says Gates, who was hired three years ago specifically to strengthen the firm’s cybersecurity stance. “They’re inundated with all this information that’s out there.” The Anthem breach was just the latest in a string of cybersecurity incidents that have occurred over the past couple of years (you know the litany of contretemps: Target, Home Depot, Sony Pictures, JPMorgan Chase and so on). And corporate boards are on high alert. Cybersecurity is “in the press every day,” says Peter Gleason, president of the National Association of Corporate Directors (NACD). “It’s the foremost issue on directors’ minds right now because it’s tied into the risk structure of the organization.” Cybersecurity oversight is the second most important topic for boards in 2015—just behind strategic planning—according to law firm Akin Gump Strauss Hauer & Feld. “It’s not just financial services firms or regulated companies—everyone is interested now,” says Kimberly Peretti, partner and co-chair of the security incident management and response team at law firm Alston & Bird. In 2014, 42.8 million security incidents were detected, a 48 percent increase over the previous year, according to PricewaterhouseCoopers. The average size of the financial hits attributed to those incidents was $2.7 million, and the number of organizations reporting incident-related losses of more than $20 million increased 92 percent last year, PwC reports. But the true cost may never be known. As many as 71 percent of com-

COVER STORY :: Security Management

promise victims did not detect the breach themselves, according to a 2014 report by cybersecurity firm Trustwave. Yet board members complain that they’re not getting the right information. More than one-third of them are dissatisfied with the quality of information they get regarding cybersecurity risk, and more than half are unhappy with the quantity of information provided, according to a NACD survey of 1,013 public companies. There’s a positive correlation between how much the board is engaged with cybersecurity issues and the strength of IT security profiles, according to a study by business risk consultancy Protiviti. That’s why CIOs like Scholten and Angelo are focused on effective communication with their boards. By providing corporate directors with meaningful intelligence on a regular basis, savvy CIOs and CISOs not only educate their boards about the issues they should focus on as they oversee security-related initiatives; they also garner high-level support for building robust security systems and adopting processes and policies necessary to protect corporate data.

Defining the Threat Keith Turpin joined Universal Weather and Aviation as CISO last summer to revamp the security program. Historically, cybersecurity had not been a strategic priority for the board of the international flight planning and support services provider. “My job was to come in and build a strategy to take to the board and get the support that would allow the program to be successful,” says Turpin. Explaining IT security to a nontechnical audience was going to be a challenge. “I’ve seen people go into board meetings with a network diagram,” says Turpin. “You might as well be showing them a crop circle.” So Turpin turned to his background in physical security. He built a small door and fitted it with several seemingly secure locks. He asked the directors in the room if they thought the door was protected. “They looked at me like I was crazy,” Turpin recalls. But he explained to them, as he exploited the critical flaw in each of the locking mechanisms in less than a minute that while the door looked well protected, it was vulnerable. Cybersecurity, he said, was about having the right controls in place to protect the company’s data should an IT vulnerability-of which there are thousands—be exploited. He then presented the board with a risk assessment forecast and a security strategy. “[But] the thing they still remember was that door,” he says. “You can’t go in there and tell them about the ISO 27000 standard. That’s not an effective message,” Turpin says. “You

Gary Scholten, CIO of Principal Financial Group, says cybersecurity is a top-of-mind issue for the company’s board of directors “because the service we provide is so reputation-based.”

have to boil it down to the core business risks for your company: What could have the most significant impact on our revenue stream?” Once the board understands the fundamentals, it’s easier to update them on the impact of security investments and address issues as they arise, he explains. After that first meeting, the board quickly approved Turpin’s proposed IT security budget; the COO even asked if he needed more money. “Boards need education first and foremost to get them up to speed on the critical issues: What lexicon they should use, where they need to spend money, when they need to buy insurance,” says Gleason of the NACD. “They need fulsome reporting to get their hands around it because it’s not something they manage every day.” In 2011, K&L Gates chairman and managing partner Peter Kalis worried that the law firm--which has access to the corporate secrets of thousands of companies—could be the weakest link in his clients’ cybersecurity frameworks. “He came to the conclusion that we were as big a target as anyone else,” says Angelo, whom Kalis hired for his IT security skills. The first time he stood before the management committee,

Educating the Board Tips for doing your homework and then teaching the board of directors about the latest security threats: 1. Conduct an enterprise risk analysis and create a baseline cybersecurity profile. Focus on what the company’s crown jewels are and the steps you are taking to protect them. 2. Enlist reputable third parties to provide the board with an outside assessment of your company’s IT risk profile. 3. Make sure that board members understand IT’s incident response plan and their role in it. 4. Use standard frameworks to bolster IT’s credibility with the board. 5. Involve other executives—particularly the CEO—in your efforts to discuss cybersecurity with the board. 6. Keep abreast of emerging best practices, regulatory expectations and standards. 7. Offer ongoing education and training for board members and executives on key issues and new threats. 8. Ask board members if they think they’re getting the kind of information they need to oversee cybersecurity investments. Make adjustments based on their input. — Stephanie Overby

Source: 2015 Careers Survey

JUNE 15, 2015

www.cio.in

Angelo delivered his high-level definition of risk: In order to have a risk, you need to have not only a vulnerability but also a threat that corresponds to that vulnerability. “As an organization, you’re going to be managing thousands of vulnerabilities every day. But they’re passive,” says Angelo. “A vulnerability is like a piece of dynamite. You can kick it around. You can throw it. But without a wick and someone to light it, it’s not going to go off. I wanted them to focus on what the true threats are.” That’s where Angelo’s background in intelligence came in. He started thinking about the types of people who might be interested in the data the law firm had access to, how they might try to get it, and how best to protect against their attempted breakins. “That’s an easier pitch. Then you know where to spend your money,” says Angelo. “That there is the secret sauce.” To stay on top of potential threats, Angelo digests a steady stream of third-party research on the changing security landscape. “It used to be difficult to get that kind of information, but it’s becoming much more readily available,” he says.

The Business of Risk “Cybersecurity is not an IT issue. It’s a business issue,” says Lloyd Boyd, CIO of Shale-Inland Holdings, an industrial supplier of pipe, valves and fittings. “In our business, we’re not dealing with consumer data or health information, but we know that an attack has the potential to impact business operations. And my board wants to know what that risk is and how we’re managing it,” he says. But while the board has become aware of the importance of cybersecurity in recent years, directors don’t deal with it every day like Boyd does. “They don’t know what they need to know,” says Boyd. “It’s important for us as CIOs to effectively communicate these issues in practical terms. We’re going to be a victim at some point, and we need to be prepared.” Lloyd Boyd, CIO of Shale-InlandRobert SealeLloyd Boyd, CIO of Shale-Inland, says CIOs must communicate with the board about security in practical terms. “We’re going to be a victim at some point, and we need to be prepared.” To garner board support for making the necessary preparations, Boyd applies the “human action model” developed by Austrian economist and philosopher Ludwig von Mises for instigating change: Create uneasiness with the current situation, deliver a clear vision of a better way, and create a safe path forward. “To get the board interested, you have to make it clear why they should be interested,” he says. “Security should be about protecting your current ability to earn and retain revenue, and reducing the risk for new business in the future,” says Turpin. “A lot of times, it’s seen as a subset of IT, but in reality it’s about business risk management.” Gleasonagrees.Cybersecurity,hesays,“hastobeseenbytheboard as part of the enterprise risk structure the company must address.” At Principal Financial Group, the board knows that incidents are going to happen. “The bottom line is that they want a sense of whether we’re taking prudent steps to manage that risk,” says Scholten. Is the defense-in-depth approach working? Has monitoring proved effective? Is the company capable of responding to incidents? Scholten doesn’t just provide IT’s own assessment of Principal’s cybersecurity posture; he also brings in third parties to evaluate the state of security.

COVER STORY :: Security Management

Getting Real About Cybersecurity Chances are most board members have heard the attentiongetting cliche that there are two types of companies: those that have been breached and those that don’t yet know they’ve been breached. “It scares the pants off of them,” says Gleason. “But then they’re scratching their heads thinking, ‘So, all right... we’re somewhat protected? What does that mean?’” Scare tactics get old fast. “I don’t talk that way to board members. It’s a little too Chicken Little,” says Boyd of Shale-Inland. “Yes threats are pervasive, and the likelihood of any one company being breached is very high. But there may be things that you flat out don’t care about protecting. What’s more important is understanding the risk profile of the company. Where are the most critical assets and what are we doing to protect them?” At Universal Weather and Aviation, Turpin had to break it to his board that it would take awhile to get the company’s cybersecurity house in order. “They were like, ‘What would it take to do it in half the time?’” he says. Short of fairy dust, he told them, it couldn’t be done. “Even if we threw a lot of money at it, there were changes we had to make to the infrastructure and business processes and significant staff training that needed to be done, some of which was very challenging and would take time,” he says. “I told them that as we proceeded, I would let them know if there were opportunities to move more quickly. When I walked out of the meeting, I had their full support.”

Turpin scoured various reports of security incidents and unearthed an attack outside his industry that illustrated an issue that Universal Weather and Aviation was facing internally. “I found an example that clearly showed something that could happen to us and what the impact would be if it happened,” he says. “It was the best example of a worst-case scenario. It was clear to [the board] how devastating it would be to the business.” When major vulnerabilities are exposed—a Shellshock vulnerability or a Heartbleed bug—Turpin sends out a companywide message to let everyone know that his office is aware of the issue and has plans in place to handle it.

Keeping the Board On Board If giant banks and government agencies can get hacked, how can the average business protect itself? That’s a question Jerry Irvine, CIO of IT services firm Prescient Solutions and a member of the National Cyber Security Partnership, gets a lot. “Everyone would like to get that magic cape to throw over their systems to protect them from the rest of the world,” he says. Irvine doesn’t have a magic cape, but he suggests something better. “Give [the board] something to touch and read and understand that shows you are making progress and getting things done,” he says. “What the board wants are metrics to keep on top of what’s happening.” Some key metrics include an inventory of known and authenticated devices and software, vulnerabil-

There are no rules about how often to communicate with the board about IT risk. You don’t want to over alert. But, then again, you don’t want to paint too rosy a picture. Going Beyond the Headlines While extensive media coverage of high-profile breaches has spurred board members to care more about IT risk than ever before, a daily diet of such headlines can sow panic. “You would think it would help, but it also hinders,” says Boyd. “It can even desensitize the board because they know that the press can sometimes overhype things. They need a fair and balanced perspective of what is real.” Some news has value. “When [a breach] occurs in your industry or meets some threshold that allows you to reinforce the message that what you’re doing is good or enables you to make a request that hasn’t been approved yet, it might be a good use of the news of the day,” says Cal Slemp, managing director and head of the IT security and privacy practice at Protiviti. “But we don’t recommend a steady stream of [such news].” Angelo also worries about overplaying the scary headlines. “If you’re going to talk about Anthem or Home Depot or Target, you’d better make sure it’s relevant,” he says. “I keep that stuff out of my presentations. Everyone can read it on their own, and that’s what got us before the board in the first place.”

ity scans, and the business continuity measures “that would be necessary in case of a security breach or incident,” Irvine says. CIOs and CISOs can partner with board members to figure out what information would be most useful. “What we see work most effectively as boards are pushing into this area is working collaboratively with executives in the organization to work through what’s important and settle on series of communications and metrics on governance for cybersecurity,” Irvine says. There are no rules about how often to communicate with the board about IT risk. “You don’t want to over alert. But, then again, you don’t want to paint too rosy a picture,” says Peretti at Alston & Bird. “The goals should be to create meaningful and consistent reporting that establishes credibility and paints an honest and accurate picture.” Boards don’t need daily—or even weekly—updates, but they do need to see the big picture. “The board should be focusing on managing risks, not detailed operations,” Turpin says. “They need to be informed enough to support strategy.” Most CIOs and CISOs talk directly to the board about cybersecurity every quarter.

www.cio.in

JUNE 15, 2015

COVER STORY :: Security Management

“It has to be frequent communication. It can’t be once a year. That’s not going to give a sense of what’s occurring and how well positioned we are,” says Scholten. He meets with this board five times a year and also provides a cybersecurity report at each monthly executive team meeting. “Things change so much, it has to be frequent,” he explains. “From that report, we can choose what should go on to the board.” Scholten also has ongoing interactions with Principal’s audit committee, with whom he conducts a “deep dive” into IT risk every year. Just as important as Scholten’s board updates are the active education and awareness programs he conducts. “We’re really aggressive with respect to training and keeping people abreast of new trends. Questions from the board become better as result.” Ideally, you should institutionalize a process for providing updates on threats and corporate risk assessments, whether to the audit committee specifically or the board as a whole, says Boyd. Such updates could be presented via risk scorecards, heat maps, IT security dashboards or some other format, says Glea-

Lloyd Boyd, CIO of Shale-Inland, says CIOs must communicate with the board about security in practical terms. “We’re going to be a victim at some point, and we need to be prepared.”

son. “There are a variety of ways to present it, but the goal is to communicate what the risk looks like holistically, and how it’s changed since the last update,” he explains.

Building Trust Amid Uncertainty Since Angelo gave his first cybersecurity presentation to the board in 2011, his interactions with directors have evolved. There were two zero-day exploits in the press in those early days. “It generated a ton of questions. My email would light up,” he recalls. He found himself having to schedule meetings with board members and executives to discuss the incidents. “But that was fine,” he explains. “Once I was able to explain that it had no impact on our architecture, the issue went away.” Fast-forward to this February’s management committee meeting and the huge Anthem breach, and the difference is clear: He no longer gets sidelined by the latest headlines that ultimately have little to do with the state of security risk at K&L Gates. Committee members were certainly aware of the big breach, but they trusted that Angelo was on top of it and didn’t interrupt his regular cybersecurity update at the meeting with questions or concerns. “A year ago, it would have dominated the discussion,” Angelo says. But this time, he says, “I was able to stick to the facts.” Still, CIOs must have a realistic message because of the ever-evolving threats. “One thing I always close with--and they’re probably tired of hearing me say this--is ‘Things can change overnight.’ You can go to bed feeling secure and wake up to an exploit that we’re vulnerable to,” Angelo says. “The bad guy only has to be right [once]. We have to be right all the time.” The committee understands that, but members are confident in the company’s security posture because of the transparent way he discusses security strategy with them. “There is a growing persistent threat. Whether it’s from state-sponsored attacks or organized crime, there are so many easy ways to monetize data to make it a profitable venture,” says Boyd. “At the same time, the sky is not falling. We don’t have major issues every day. The threat is more sophisticated, but so are our protection mechanisms.” Boyd says his regular communication with the Shale-Inland board makes that clear. “It works very well. And it’s a mature way to present the issues and enable the board to become a partner in guiding what we want to do,” he says. “Every IT person would like to say, ‘Just trust me to put in place what we need.’ We can’t do it all, and we can’t do it fast enough. We don’t want to create a false sense of security.” Send feedback to editor@cio.in.

JUNE 15, 2015

www.cio.in

connect Up, close, and personal with all things IT

4 Types of Geeks You’ll Need Experts from consultancy and IT advisory firm Wisegate share advice on how to attract geeks. By Sharon Florentine

While recruiting and hiring focus on matching individuals’ unique qualities and

I L LU S T R AT I O N B Y T H I N K S TO C K

qualifications with the needs of an open job, when it comes to hard-core tech recruiting, these ‘geek” candidates tend to fall into one of four specific types, according to insight from Wisegate, an IT advisory firm and consultancy. And while sweeping generalizations are typically frowned upon, it’s helpful to understand that each type of technology professional shares some common characteristics, similar motivations and thus, specific recruiting strategies that can be used when bringing them on board, according to Elden Nelson, editor in chief, Wisegate. “We had an industry roundtable with a number of our C-level clients and we asked them about their recruiting challenges, industry trends and best practices for recruiting. What we found is they tend to group their hard-core IT candidates into four different categories: Entry-level geek; geek-in-the-basement; wellrounded geek and groomed-for-growth geek,” says Nelson. Of course Wisegate means “geek” in the only the best light—those highly trained, motivated and skilled technology workers every company in the digital world needs to succeed. So, who are they, and how can you recruit them?

www.cio.in

JUNE 15, 2015

TAKE

Note

Entry-level Geek

connect

The entry-level geek is a candidate who’s recently graduated college or from a bootcamp, says Nelson. They’ve had limited on-the-job experience, perhaps held an internship or two, but are young, fresh and eager, and possess more theoretical skills than practical ones. Believe it or not, these candidates tend to pose the largest challenges for hiring companies, according to the roundtable attendees, says CEO and founder of Wisegate, Sara Wise.

Geek-in-the-basement The geek-in-the-basement type is that rock star programmer your IT department cannot live without, but who strikes some as a bit odd, says Nelson. They’re the straight-up technical pragmatist whose code is lean, mean and clean, even if their social skills could use a little polishing. “These folks definitely need to be recruited, but they don’t pose as much of a challenge as some of the other types. Their expertise is very focused, and they can be content at one company for long stretches of time if they’re working on great technology and if their needs are accommodated,” Nelson says. What are those needs? Mainly, says Nelson, they are flexibility, freedom and tolerance. “One of the best recruiting strategies here is to poach from other organizations—look for passive candidates with the skillsets your department needs, and offer higher pay and flexible schedules and remote work arrangements,” he says.

Well-rounded Geek These candidates are often the geek-in-the-basement types who feel they’re not quite fulfilled in their role as a hard-core techie, says Nelson. They’re the ones who believe they’re doing much more than just a job, they’re looking to make a career and continue to grow and evolve over time. When recruiting these folks, it’s important to offer resources for continuing education, mentoring, a clear career advancement path and the chance to pursue projects that may lie outside their area of expertise, he says. These candidates are often best recruited through current employee referrals, or through passive candidate searches, Nelson says.

Groomed-for-growth Geek These are the folks who’ll be running your company one day, and their leadership potential is plainly evident, says Nelson, though that “certain something” could show up in their business savvy or soft skills or their ability both to innovate technically or lead tech teams, he says. Either way, these are the folks you must retain at all costs. “One strategy here is to poach candidates with incredible leadership potential from other areas of the business and train them on the tech skills they lack. An area our clients have had particular success with is moving people from customer service or sales into tech,” says Nelson. While these aren’t hard-and-fast rules and certainly don’t begin to encompass all the personalities that can and do exist within IT, Nelson says Wisegate’s clients are seeing success using many of these strategies to fill roles in their organizations.

JUNE 15, 2015

www.cio.in

Technology Refines Education

WATCH Just think of the many benefits many aspiring students will receive if education gets technology’s touch. This CEO is doing exactly that. Vaitheeswaran, MD and CEO, Manipal Global Education Services talks about how Manipal is leveraging technology enabled solution to empower students with quality education, innovative learning methodologies, unique and dynamic features of Edunxt, the technological challenges, expansion plans, strategies and his vision.

http://www.cio.in/cio-tv/ technology-has-refined-education-manipal-vaitheeswaran-s-manipal-global-education

Risky Road to Digitization ANALYZE The economic landscape is changing in businesses with an increase in the Indian IT budget. The CIOs are all set to run the digital race in their enterprises. Digitization has moved to the center stage for CIOs in India. But the rapid rise of digital opportunities also brings with it an unprecedented increase in risk to the enterprise. And the bad news is that the CIOs aren’t prepared for the risks yet.

http://www.cio.in/by-the-numbers/ risky-road-digitization-0

Social Media Strategies READ Indian enterprises are pouring a lot of money into social media. Not all of those investments will get the same amount of RoI. That’s because not every company’s social media strategy is as comprehensive as best-in-class companies. Click the link below to read some of the more popular social media strategy flaws.

http://www.cio.in/feature/4%28okay-5%29-social-media-marketing-fixes-for-indian-enterprises

SECURITY

Don’t Fly Past These Flaws

Companies make excuses for not addressing security holes. The problem is that they often do get exploited. Just ask United. BY E VA N S C H U M A N

ome things are just so predictable. A Then? “He would use a Cat6 Ethernet cable with a retailer is told about a mobile security hole modified connector to connect his laptop computer to and dismisses it, saying it could never happen the IFE system while in flight,” the filing said. Roberts in real life—and then it happens. A manu“overrode code on the airplane’s Thrust Management facturer of passenger jets ridicules the risk Computer while aboard a flight. He stated that he posed by a wireless security hole in its aircraft, saying successfully commanded the system he had accessed defensive mechanisms wouldn’t let it happen—and then to issue the CLB, or climb, command. He stated that he it happens. thereby caused one of the airplane engines to climb, An example of that second thing came to light, resulting in a lateral or sideways movement of the and it illustrates the folly of ignoring security holes plane during one of these flights.” How did he log in? because they seem to have a very low It’s embarrassing: He used the system’s probability of ever being a real-world Even if the fraud default IDs and passwords. problem. Our ability to measure the The only way to prevent real bad is small, coverage likelihood of security holes being guys—actual terrorists—from doing exploited just isn’t that good. You can in the news media this is for Roberts to do it himself. Why ask United Air Lines. do companies refuse to take security and social media A security researcher tweeted from holes seriously? a United plane that security controls will leave a far With security, the questions were so lax that he could hack into the greater number of include: Realistically, how much system and make the oxygen masks fraud—in terms of dollars—is likely people worried. fall. At the time, Airbus, the maker of to result from this issue near term? the plane in question, said there wasn’t How many hours of IT work will it any real security issue. take to fix? Would it surprise you to learn that, during an earlier The problem with using those kinds of questions to flight, the security researcher actually did seize control arrive at a project ROI is that it doesn’t consider other of the aircraft and caused it to briefly fly sideways, factors. Let’s say, theoretically, that a security hole was according to an FBI search warrant application? projected to result in $100,000 worth of fraud while The researcher, Chris Roberts of One World Labs, had costing $200,000 worth of IT time to fix. The missing a decidedly simple attack procedure. The trick is to be on factor is the media. Even if the fraud is small, coverage in an aircraft with an in-flight entertainment system (IFE). the news media and social media will leave a far greater Roberts told the FBI, according to the federal filing, that number of people worried. he had taken over IFE systems “approximately 15-20 If an engine can be taken over, Airbus and Boeing times” from 2011 through 2014. Note that this was long have some explaining to do. The explaining is not about before Boeing and Airbus said that it couldn’t be done. how this hole was allowed to exist. It’s why it wasn’t dealt Was any large or unwieldy equipment needed to with the instant this security guy screamed about it. access the inner workings? Not quite. “He would get physical access to the IFE system through the Seat Electronic Box (SEB) installed under the passenger seat on airplanes. He said he was able to remove the cover” by “wiggling and squeezing the box.” Send feedback to editor@cio.in.

www.cio.in

JUNE 15, 2015

LEADINGEDGE

Measures of Success connect

The question—“How do you measure your own success?”—is deceptively simple, but it seems to rattle most managers. BY PAU L G L E N

In my years as an IT management consultant, I’ve had the opportunity to ask one simple question of a wide variety of managers at large organizations and small; in the private sector, government and educational settings; and in numerous countries around the world. And the answers have been remarkably consistent, with rare exceptions. The question is, “How do you measure your own success?” Though deceptively simple, it seems to rattle most managers. They haven’t given it much conscious thought, and because of that, their answers are unpolished and unrehearsed, revealing a great deal about how they think about their role as a member of an organizational community. After fumbling around a bit, most answer a different, but related, question. They tell me about how they measure the success of the group that they manage, discussing hard numbers like: l Project metrics like schedule, budget and scope (strangely, quality rarely gets mentioned) l Operational metrics like uptime percentages l Support metrics like Incident resolution speed Occasionally a few softer (or more speculative) measures come up: l Money saved l Revenue increased l Customer satisfaction l Staff satisfaction Then, I push a bit more, asking them not how they measure their group’s success, but their personal success. Essentially, I ask them, “How do you know if you’re a good manager?” Taken aback, most struggle to separate their own success from that of their group. They tentatively say, “I don’t see the difference. I am successful if my group is successful,” and look at me as if I had just grown a horn from the side of my head. The worldview that these conversations reveal is both-

JUNE 15, 2015

www.cio.in

noble and limiting. “I am my group. We rise or fall together.” “I am part of a team.” So what’s wrong with that? Nothing, as far as it goes. But it represents a very circumscribed view of the role of a manager. It’s the worldview of a manager who focuses on managing stuff rather than on the people who do stuff or on the organizations composed of the people who do stuff. Of course, successful organizations need to deliver on their goals and satisfy their customers. But there’s much more to building a truly successful group than delivering on shortterm goals. Real success is building an organization that continues to deliver over time, one that renews itself, grows new leaders, recruits people who drive it forward, corrects its own mistakes and adapts to new circumstances. If you want to really measure your success, rather than that of your team, consider things that indicate the health of the group over time, not just in the short term. Consider things like: l Can I go on vacation for two weeks without harming productivity? l How many people have I grown into successful managers? l How many people have I helped to take senior technical roles? l Do people feel that they have influence over their own success? When you think carefully about what you want to achieve, rather than what you want your group to achieve, you can begin the work of building something enduring. And you can feel the satisfaction of seeing how your work, your managerial work, makes a difference for the people in your group and for your organization. Send feedback to editor@cio.in.

[CXO AGENDA]

The Data-driven CFO

The CFO of Lupin, Ramesh Swaminathan, works in tandem with the CIO to manage the company’s information supply chain and drive business decisions. BY SHUBHRA RISHI What are some of the factors responsible for this transformation in the CFO’s role?

In such a volatile, ambiguous, uncertain, and complex world, it is extremely important that our company’s decisions are data-driven. You might take strategic calls based on hunches, but it is still important to be data-driven. Therefore, the

dividing line between strategy and risks. For instance, if you foray into China or Turkey, there are risks associated with it. You might think of entering a new market at its periphery to be a strategic move but it could also be a risky one. Therefore, you need to calibrate these risks and the returns associated with it based on data.

“The CFO is very much responsible for the information supply chain.” touch points for a finance guy are the highest across the company– sometimes even higher than the CEO. It involves making qualitative assumptions that he collects from the environment, from the past, and turn them into quantifiable outcomes. Is it true that a part of what you decide hedging strategies, looking at overall portfolio strategically and deciding which businesses you want to keep in or outsource. How much of risk is associated with it?

There are two kinds of risks associated with it. One is the operational risk, and the second is the strategic risk. And clearly, there is a thin,

In your approach to acquisitions, what kinds of things do you do differently from other companies? Our approach to acquisitions is classified into four buckets. The first is focusing on organic growth through leveraging existing portfolio. The second is looking at newer territories. The third is paying attention to the higher geographic spread of companies and finally, finding technology and platforms that you can use for building newer products. Encompassing all of this, we then look at branded markets or branded IP driven products.

for the information supply chain as he’s accountable for liquidity. The CFO’s role is not about transaction processing or keeping the books, but it’s more about processing information in such a way that we can retrieve it for making good decisions. These business decisions are driven by big data, and therefore, sieving different types of data and making sense of various trends is an important part of the CIOCFO partnership. Therefore, at Lupin, the CIO plays an extremely important role in managing the information supply chain along with the CFO. What are the lessons from other Indian generic drug makers in the industry, and where are you on the roadmap to become one of the top two global generic firms from India?

We want to become the world major in generic drugs. In order to do that, we want to scale up on the specialty front and build deeper pipelines across therapy areas, respiratory, and dermatology space. We also want to concentrate on building a superior salesforce. At Lupin, we are also constantly analyzing products from other parts of the world in order to make our product portfolio a lot more stable and profitable.

How do you see IT helping you tread this growth path at Lupin?

Send feedback to Shubhra_rishi@idgin-

The CFO is as much responsible

dia.com.

www.cio.in

JUNE 15, 2015

finish

leadership and operational excellence

Controls on a Cloth Google’s I/O conference had a large table covered with a blue cloth. But this is no ordinary cloth. It’s developed by Google’s advanced technology group that could one day control your smartphone or the lights in your home. Called Project Jaquard, it’s an experiment that involves weaving electronics into fabric to create the equivalent of a touch screen inside the material. The surface feels like a patch of corduroy, but stroking your fingers up and down or sideways controls nearby electronics. One patch allowed you to manipulate a 3D image on a nearby display, while another changed the song on a phone, and yet another controlled the lights overhead. —Zach Miners

JUNE 15, 2015