Project management 2018 by Lyonsdown

BUSINESSES OF THE FUTR Finding out the latest trends at the FUTR summit

UNDER THE HOOD How advances mean the car industry is widening its scope

WHY ORGANISED CRIME IS HURTING YOUR BUSINESS How criminals could be infiltrating your supply chain – and how to insulate yourself from them

Page 3

Page 5

Page 7

AWARD-WINNING BUSINESS JOURNALISM • APRIL 2018

Earth: the final frontier SPECIAL REPORT PROJECT MANAGEMENT Astronaut and engineer Mike Massimino on how the rigours of working in space help us fine-tune our approach to projects back on Earth INSIDE: Inspector Dogberry inspects plans for a new arrivals terminal at Stansted Airport DISTRIBUTED WITHIN THE SUNDAY TELEGRAPH, PRODUCED AND PUBLISHED BY LYONSDOWN WHICH TAKES SOLE RESPONSIBILITY FOR THE CONTENTS

BUSINESS-REPORTER.CO.UK

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

business-reporter.co.uk

Business Reporter UK

@biznessreporter

How do project managers define – and manage – the cyber-security solutions they need? OPENING SHOTS DAVID CRAIK

OST BUSINESSES will have some level of cybersecurity in place even if it is basic anti-virus software. With the rate of cyber-attacks on businesses rising, and increased media coverage of them, many are looking to improve what protection they have. But before spending the time and resources on adding new systems, a risk management process needs to be carried out. This will look to identify the threats and vulnerabilities an organisation has in areas such as hardware, software, systems, laptops and intellectual property. What data does the business hold and in what locations? Is it just the one office or multiple sites? Does it hold information on the cloud? An assessment would also look at the range and type of threats in the cyber space, and the likelihood of attacks on the individual business. The bespoke nature of a risk assessment is crucial. If you are an SME, it is probable that the

assessment will be carried out by a third party. You don’t want a blanket approach – you need that third party to take a close look at your assets and determine what security solution will be most pertinent for you. You don’t want to waste time and resources on buying a solution only to find out a few months on that it is inadequate, and the process has to be undertaken again. What a business should do again however is to constantly monitor and review its cyber-risk environment. New threats are emerging all the time and businesses need to up to speed with these. But how do you project manage the introduction of a new solution? After identifying the needs of their operation and their cyber-security risks, businesses then have to undertake the implementation of new systems. It is a project in and of itself, and should be aligned to the same metrics of cost, time and quality. It needs to be within budget and on time.

“Implementing a new solution is a project in and of itself, and should be aligned to the same metrics of cost, time and quality”

Businesses need to determine how much they are going to spend on a new or improved cyber-security system. A risk assessment will have given them a good indication of what are the most important areas of their business to cover. They then need to go out to market to find the most suitable vendor at the right price. Once a system has been found then it must be integrated into your existing infrastructure. A project strategy needs to be drawn up determining end goals, costs, timelines and potential implementation risks. It may be best advised if a number of systems are being put in place to break the overall programme into individual smaller projects. All departments need to be on board and informed of the changes to minimise disruption. Perhaps ironically, what project managers and their teams need to be aware of is maintaining cybersecurity during implementation. Systems may become vulnerable

at this point, as they are updated or removed. But any new solution is only as good as its user. It is essential that all employees are given prior training in what the new system offers, how it can help and how each and every employee can play their part in maintaining security. It is also vital that, after the project, businesses continue to review the systems and stay aware of future threats.

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

facebook.com/biznessreporter

info@lyonsdown.co.uk

London reaffirms status as project management and infrastructure hub

Booking.com’s Pepijn Rijvers at this year’s FUTR M2020 summit

Businesses of the FUTR Business Reporter went to the FUTR M2020 summit to find out how companies are responding to changing customer demand

RANDS HAVE long been chasing cutting-edge technologies to meet the evolving demands in customer behaviour and improve efficiencies. But what will things look like in the future? Business Reporter went to the FUTR M2020 summit, which looks at future industry trends, to find out. The ongoing refinement of voice-recognition software was a central issue to a number of speakers. “The whole voicetechnology piece is coming strong,” said keynote speaker John Zealley, senior managing director at Accenture. “We can all say there are indeed certain things that we really like doing with voice. But they may be fairly transactional at this stage. “It is early days. We are certainly seeing it as a way of fulfilling executional tasks. You combine voice with automated light bulbs. You can turn the light on and off without losing your seat. The question is how far is it going to go?” Companies have already started using AI and machine learning to help improve the customer experience. “It opens up a lot of doors for innovation, to give people a better experience when they are looking for complex things or they want to get complex things done,” said Pepijn Rijvers, chief marketing officer for Booking.com. The e-commerce travel site has been experimenting with AI and machine learning, and has introduced chatbots to help improve services to customers.

“Scalable technology means we can deliver a service at a cheaper cost, which can be translated to customers in the long term” – Pepijn Rijvers, Booking.com

“Service bots allows us to make delivering services way more scalable,” continued Rijvers. “Scalable means we also need fewer people to deliver that service. We can deliver that service at a cheaper cost, which in turn can be translated into benefits for customers in the longer term.” But this doesn’t mean the end of humans in customer service departments just yet. Presently, complex queries, such as someone wanting several different topics at once, or a person in need of urgent assistance, are hard for the technology to execute. “An example could be, you arrive at the property and the property is closed, or it burned down last night,” he said. “That needs immediate help from us. In those cases, we would immediately do that with our customer service people.” Similar views were held in the insurance sector. Another speaker, Dr Huma Lodhi, principal data scientist of artificial intelligence and machine learning at Direct Line, also thought the advent of AI will eventually create new jobs in different areas. Much has been said in the press about such technological advancements costing jobs. “Jobs are going to be lost, but there will be new jobs,” she pointed out. “There will be jobs where humans are not required and ideally humans should not be doing those jobs, whereas there will be more jobs for skilled humans.” The process will be an evolutionary one that we have seen before, she said. “Once

there were no cars, but then there were cars. There were no trains, but as progress has been made, we now have trains and cars,” she explained. “Similarly, now in insurance there will be a change of roles.” According to Scott Allen, CMO of Microsoft, such advancements are a necessity for companies to ensure their very survival. “Digital transformation use to be something that you consider,” he said. “Now it is something you absolutely have to do if you want to stay competitive and serve your customers in the right way.” But he warned that organisations needed to adapt their culture to fit such advancements. “You can’t bring about technology change without also the culture coming along on that journey as well,” he added. The next big disruption will be is in voice technologies for both the B2B market as well as consumers, according to Allen. “You are going to see a lot of individuals adopt that,” he says. “Technology is just going to become more and more immersed, [using] voice and voice assistants built into different platforms.” He pointed out that voice assistants were already in homes across the country. “If you think about things like Cortana and Alexa, there are voice assistants that will become more and more part of everyday life. You can use different voice platforms in different ways – that will become a key part of interacting with the virtual world alongside your human world.”

APRIL 2018 Publisher Bradley Scheffer | Editor Joanne Frearson | Production editor Dan Geary | Client manager Maida Goodman | Project manager Paul Aitken Contact us: info@lyonsdown.co.uk

ESEARCH BY the City of London Corporation has reaffirmed London’s position as a major hub for infrastructure finance and project management even after the UK leaves the EU. Launched by Lord Mayor of London, Charles Bowman at a Commonwealth Business Forum, the report found that London was poised to play a bigger role in infrastructure financing as governments around the world face significant budgetary constraints and look to the private sector for financing solutions. The number of institutional investors in infrastructure has increased by more than 116 per cent in the past five years and the City plans to fill the $1trillion global investment gap in this area. Investors are looking to put money in stable, long-term index-linked revenues such as infrastructure. London has been a key global centre for raising capital, with more than $10trillion being raised on the London Stock Exchange over the past decade, and more than 13,000 debt instruments such as bonds being listed on the LSE. Said Bowman: “The financing of projects around the world through London is the logical step for many companies because of our unprecedented cluster of professional services – underpinned by our rigorous focus on the rule of law – that makes the City a one-stopshop for global businesses.

Video campaigns from May 2018

In this month’s issue of Business Reporter Online… • How SMEs can fight their way through Brexit • Luring the big investors of Silicon Valley • Protecting yourself from a cyber-attack • How CEOs need to reinvent themselves (like Madonna)…

Read and watch more at ezine.business-reporter.co.uk

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

business-reporter.co.uk

Business Reporter UK

@biznessreporter

Project performance in the UK is improving – but more progress is needed

S ORGANISATIONS worldwide face increasingly complex challenges resulting from the demands of a rapidly changing business environment, staying competitive calls for the effective management of projects and programmes. With this, we continue to advocate for organisations to embrace project management as a strategic competency for success. Our latest research demonstrates that while many organisations in the UK are listening, there is still more work to be done. The results from Project Management Institute’s 2018 Pulse of the Profession®: Success in Disruptive Times: Expanding the Value Delivery Landscape to Address the High Cost of Low Performance showed organisations worldwide are wasting a significant amount of money due to poor project performance. On a global basis, the 2018 study showed that, on average, organisations waste 9.9 per cent of every pound because of poor project performance — that’s £99million for every £1billion invested, up from the £97million reported last year. The 2018 survey, released in February, specifically revealed that roughly £700,000 is wasted every 20 seconds collectively by organisations around the globe due to the ineffective implementation of business strategy through poor project management practices. This equates to roughly £1.4billion wasted a year. The data in the UK reports an interesting story. From our Pulse survey, UK-based organisations reported they waste 10.8 per cent for every dollar or £108million per £1billion invested on projects.

“On a global basis, organisations waste 9.9 per cent of every pound because of poor project performance”

This is a considerable improvement from last year’s figure as UK organisations reported wasting 12.8 per cent for every dollar, or £128million per £1billion, in 2017. Insights from the data suggest that UK organisations are starting to pay attention to their project management frameworks – and are beginning to implement project management approaches that allow for the success of a project. While the numbers are promising and show improvement, UK organisations are still wasting more money than the global average. Projects that fail result in wasted money, resources and time. This is clearly not a sustainable business practice, and it’s up to other UK organisational leaders to focus on what matters for positive business outcomes. The survey results demonstrate that there are still a number of UK organisations that must take another look at project management as the strategic competency that drives success. Based on our previous research, it’s becoming clear that three strategies, in particular, are continuing to help organisations save money on their projects:

1. Investing in actively engaged executive sponsors The top driver of projects meeting their original business goals, actively engaged executive sponsors help organisations bridge the communications gap between influencers and implementers to significantly increase collaboration and support, boost project success rates and reduce risk. “We know that great project leaders deliver great projects,” Tony Meggs, chief executive for the UK’s Infrastructure and Projects Authority, said. “Part of being a

great project leader is being an actively engaged sponsor as it helps ensure stakeholders are aligned and the vision is communicated effectively. In government we recognise this and support our sponsors through our world-class Major Projects Leadership Academy (MPLA), developed in partnership with Oxford Saïd Business School.” From this year’s Pulse, 62 per cent of projects reported having active sponsors, while in the UK 57 per cent of projects had actively engaged sponsors.

2. Avoiding scope creep or uncontrolled changes to a project’s scope Scope creep causes money to be wasted, decreases satisfaction and delays project benefits. Essentially, more work is added to the project than originally planned – and this work cannot be absorbed without the project missing one or more objectives. Globally, 52 per cent of the projects completed in the past 12 months experienced scope creep or uncontrolled changes to the project’s scope, which is a significant increase from 43 per cent reported five years ago. Projects in the UK are on a par with the global trend, with 54 per cent of projects experiencing scope creep.

3. Maturing value delivery capabilities Value delivery capabilities are the full spectrum of competencies that enable organisations to deliver projects and programmes. Maturing these capabilities allows for quick adaptation to changing market conditions by balancing efficiency and creativity and promoting continuous

improvement. This enables organisations to minimise risk, control cost, increase value and use the project management approach that best fits the need of a project and organisation. We’ve seen that many organisations need to improve this capability as fewer than one in 10 organisations report having very high maturity in this area. There is a clear link between effective project management and organisational performance. “Champion” organisations — with 80 per cent or more of projects being completed on time, on budget, meeting business intent, and having high benefitsrealisation maturity — have recognised the critical importance of project management and realise that the right project, programme and portfolio management practices give them a competitive edge. These organisations were found to waste 21 times less money than underperforming companies, with 60 per cent or fewer projects being completed on time, on budget, meeting business intent, and having low benefitsrealisation maturity. Today’s competitive business climate challenges organisations daily as they look to stay ahead of their competition and remain relevant to their key stakeholders. In order to be on a level playing field, organisations throughout the UK must increasingly leverage sound project management practices to complete projects that achieve success and deliver on intended benefits. INDUSTRY VIEW

Mark A Langley (left) is president and CEO, PMI www.pmi.org.uk

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

facebook.com/biznessreporter

info@lyonsdown.co.uk

How the auto industry is moving slowly through the gears

E’VE BEEN hearing for years about how everyone will soon be driving out of their garage in an electric car, or even being driven by one that drives itself. But the auto industry is starting to wake up to the fact that changing the habits of a lifetime is more wideranging than simply producing a car that runs off a different type of fuel. “There is a fundamental change in our industry at the moment,” Francisco Carranza Sierra, managing director of Energy Services at Renault Nissan told Business Reporter at the FU TR M2020 Summit. “Traditionally, car companies essentially focused on the product, which is the car – building great cars and distributing them through dealers. Now we realise that for 100 per cent electric mobility to become real, we need to face challenges which are beyond the car.” The automotive industry was a spotlight at the FUTR M2020 Summit, which focuses on shifting trends across industries. Car manufacturers have been slowly attempting to steer the huge industry towards electric vehicles for some years now to meet carbon emission objectives and adapt to changes in demand, but it hasn’t been easy. Carranza Sierra believes this is largely down to manufacturers continuing to focus, as they always have, on what they see as the singular product – the car itself – without giving enough thought to the surrounding infrastructure that also needs to change. “To build the future of our company on electrification, we have to go beyond the car and prepare the entire system around the car for that future we want to have,” he explains. For electric vehicles to be able to run efficiently, for example, there needs to be a dedicated electrical grid system that the cars can connect to and charge from. To get to this level requires a period of change, Carranza Sierra believes, “a period of timing in which we need to progress together with the energy companies”, as he describes it. Stakeholders will also need to be reassured about the the

safety and reliability of the system if it is to get off the ground. Another problem, points out Carranza Sierra, is that because each country has its own regulatory frameworks, products and services must be tailored to each. “It is not like we do a local certification in the car industry and you can sell in other countries all over Europe,” he says. “Here even in Europe, we have to go country by country, do the certification and validate the product and the services for the specific country. It requires much more energy and effort to launch.” Such wholesale change is never easy, of course – particularly in such a large sector long used to doing things in a particular way. “We are part of a very large organisation,” Carranza Sierra says. “It is very traditional in the way it operates. There is a bit of change management in what we do. “Every step is complex because we need to put together people who have been working in the car industry for many years and get them involved now in solar panels, batteries for homes, applications for the customers to see the energy flows and so on. “There are many different things pushing the organisation out of the zone of comfort. The great thing is everybody in the company understands that we have to go there. This is the future for our customers and for us.” But Carranza Sierra thinks these hurdles will eventually be overcome, and that by 2030

Below: Renault Nissan’s Francisco Carranza Sierra says that the motor industry needs to think outside its traditional boundaries to move forward

there will be “a world where 100 per cent mobility is electric – a world in which electricity is coming from renewable resources, everything is connected, everything is digital, everything is under a sharing economy structure. “We are heading to a world in which everything needs to be sustainable, everything needs to be fast and everything needs to be customer focused. This is what the world is going to be by 2030.” The trigger that will bring everything to fruition, says Carranza Sierra, is the internet of things. “We are connecting all of these small systems to a larger vehicle system,” he says. “We think that the energy system of the future is going to be entirely virtual – it is going to be composed of many generation systems. It is not just a big power plant. It is solar systems and wind systems that are going to be distributed all over the country. “There will be millions and millions of them. All of them need to be synchronised in some way. The entire country needs to be run in a smarter way. Everything has to be part of a larger system. “We are going to have more mobility services, more digital content, more connected vehicles and more data that is coming from the car to provide new services to the people and more automation.” Closely following on the heels of the electric revolution

will be, despite recent hiccups, autonomous vehicles. Renault Nissan is working on its own driverless car. “We have a very clear ambition on that,” says Carranza Sierra. “Our objective for the Renault Nissan Group is to start demonstrating the feasibility of what we call the Robot Taxi. “On the technology side it is feasible, but there are many challenges on the customer acceptance and regulatory framework. We believe that in three, four, or five years we are going to be able to solve most of them.” He also sees big investment by automobile manufacturers in car-sharing companies, as younger generations have less interest in owning cars early on in life. “They prefer to spend money doing something else,” he says. “We need to adjust to what the customer is asking for. When you are young, you don’t have a lot of money, so probably instead of buying a car you are going to use more and more car-sharing services.” Carranza Sierra is keen to point out that, despite the march of progress, cars – and car ownership – as we know them aren’t going away any time soon. “At some point in time you might get married, get two children, a dog, have a house in the countryside,” he says. “You need a car of your own at some time in your life, [so] owning a car will remain at a central point for mobility for quite a long time.”

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

business-reporter.co.uk

Business Reporter UK

@biznessreporter

Helping project managers respond to real-world demands “We are after best practices, which are used and recognised globally. What we are trying to do in the update is have the end-user at heart” – Cameron Stewart, AXELOS

76% Percentage of people agreeing that the business environment has become more competitive in the past year

Source: PPM Benchmark Study 2017

ROJECT MANAGERS have been using PRINCE2 project management method to guide them in managing decisions for more than 20 years. The guidance and certification gives managers a method on how to run projects of all sizes and complexities, from start to finish, dividing them into manageable and controllable stages. “PRINCE2 is a project management bestpractice method,” says Cameron Stewart, head of product development at AXELOS. “It has seven core principles, seven themes and seven processes. It is generic in nature and has been developed by numerous applications and refined as a method. It enables project managers to effectively communicate to stakeholders, manage risk and ensure a quality product is delivered.” The certification, owned by AXELOS, has been achieved by more than one million practitioners in more than 150 countries. AXELOS monitors its global community of project managers and receives feedback on how people and organisations use PRINCE2 – and as workplace practices and demands in the real world change, methods are constantly updated in order to give students the best techniques to manage projects. Gathering valuable customer feedback to ensure they’re getting the best and most up-to-date guidance and training is a big priority for AXELOS. “We also have product change forms where people can actually submit request for change,” says Stewart. “If they see something wrong in the book

[they can] point it out to us. There is always going to be room for improvement, and we always welcome that – if it helps the customer solve their problems it helps us, because it helps us augment the intellectual content which we are developing.” AXELOS uses this feedback to update its best practices and develop new content or guidance, and by 2015 the demand for project managers to be more versatile and flexible had become increasingly obvious. “Some feedback told us that we needed to provide additional detailed guidance on how practitioners could apply PRINCE2 in an agile context,” Stewart explains. “PRINCE2 didn’t explain in detail how to tailor the method in an agile way.” So PRINCE2 Agile was born. “When we launched in 2015, in essence it was an extension module for the organisation and individuals ready to benefit from PRINCE2,” says Stewart. “If you have traditional methods and wanted to use agile, then you could use PRINCE2 Agile. “PRINCE2 Agile is the world’s most complete agile project management method. It combines agile ways of working with the governance structure of the PRINCE2 management method. When we were building the PRINCE2 Agile guide, it was very important to have that migration of information from top to bottom and bottom to top.” PRINCE2 Agile effectively blends the control and governance of PRINCE2 with the flexibility of agile ways of working. It provides disciplined flexibility. According to

Stewart, the PRINCE2 Agile approach “reduces risk because the customer isn’t waiting 18 months to see something that they might not want. The world is moving very quickly and companies move very quickly – the requirements might be signed off by one set of C-suite personnel but they might also be replaced as the world moves on. “If you can maintain a constant resource and team then the productivity and the operational efficiency of the organisation increase as well,” says Stewart. Risk is further mitigated by PRINCE2 being under continuous review. It is designed to teach project managers how to work collaboratively in teams, as well as to empower people to work independently to fix issues. To help support PRINCE2 Agile the PRINCE2 course was updated in 2017, the first such update since 2009. The main focus of this update was on tailoring PRINCE2 to the environment you are managing the project within – for example, if you are working with external suppliers, the project is part of a programme or if it is being run in an agile context. Stewart says: “We are after best practices, which are used and recognised globally. What we are trying to do in the update is have the end-user at heart. When you are managing projects and organisations that involve change it can be a very scary, lonely place. PRINCE2 is one tool in a PM’s toolbox – very useful, but not necessarily used in isolation.

“When we update our best practice core guidance, it must be right. There must be no ambiguity. It must be right because if the end-user misreads or is not sure about some part of the guidance, they can make a decision that could result in a project going completely wrong.” Indeed, every PRINCE update is designed from the perspective of the project manager, with a view about whether that update is helping them to do their job more efficiently. Says Stewart: “Have we crossed the t’s and dotted the i’s? That is the ultimate question. Can you use it in a real work project? If the answer is no then it is back to the drawing board with certain amendments. If the answer is yes, it’s job done.” There is now another PRINCE2 product on the horizon, the PRINCE2 Agile Foundation, which launches mid-2018. The course is intended for those involved in, or leading agile projects who do not have prior knowledge of PRINCE2, but would like to learn about the benefits of agile deliveries. The course is only in its pilot stage and like the other courses will be developed based on the feedback of its community members. The modern workplace is one with everchanging demands – and by striving to keep up to date, AXELOS is giving managers the best tools to deliver projects to their organisations. INDUYSTRY VIEW

@AXELOS_Cameron cameron.stewart@axelos.com

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

facebook.com/biznessreporter

info@lyonsdown.co.uk

Why organised crime could be hanging your business out to dry Business Reporter travels to EDHEC Business School in France to find out how the underworld could have a foothold in your firm

Below: Bertrand Monnet, of the EDHEC Business School, is an expert in how criminality infects legitimate businesses

PICTURE OF men holding AK-47s assault rifles flicks up on the screen, their faces twisted with scorn. It’s not the sort of image you’d expect to see at a business school – Powerpoint slides of supply and demand curves perhaps being more likely. But Bertrand Monnet, who is the chair of criminal risk management at EDHEC Business School in France, is showing me these pictures in a lecture room on the school’s Lille campus. Monnet’s research concerns the potential risks companies face from criminal organisations and has taken him face-to-face with just these sorts of armed organisations. His work is not for the faint-hearted, and his journeys into the underworld have seen him kidnapped and threatened with death. But Monnet’s insight into these gangs has given him an inside knowledge of the dangers such criminals pose to people managing projects and running businesses around the world. Monnet cautions that such threats are unlikely to take the usual route of mafia-style gangs demanding protection money – and that the risks from crime to business can come in many shapes and sizes. “There are so many,” he says. “It is very difficult to rank the risks. It would be really dangerous, in fact, to rank them. Cyber-crime is clearly an issue. Terrorism is an issue, because a company can be targeted or can become a victim, like the 9/11 attacks. But they are not the only ones [that need] to be addressed. What about fraud? What about organised crime? What about money laundering?” Once a criminal has started making money through unlawful practices, says Monnet, more problems arise. The dirty money needs to be laundered through investment in legitimate concerns, and many lawful businesses can become unwitting victims. “Maybe you will face a competitor, maybe you will be a target for M&A [from a company] owned by a criminal organisation where the rules are not the same,” says Monnet. “This is the way that money laundering works.” A big problem area for companies has always been supply chains, and Monnet points out there is a lot of dirty money going through them, often in the form of counterfeit goods such as cigarettes – which are often made and shipped by the same people

“If a company wants to be protected from [for example] counterfeiting, why do they have production in countries associated with it? They risk being counterfeited by their own suppliers” – Bertrand Monnet, EDHEC EXCLUSIVE JOANNE FREARSON

who produce the real deal. “Most of the fakes that target your business are produced and transported by your own partners, your suppliers and your sub-contractors,” he says. “[For example], in Europe about 10 per cent of cigarettes are illicit. The tobacco industry tries to tackle it, but it is not possible because you have to review all of your supply chains first.” Supply chains are a perfect vehicle for criminals to hide illicit proceeds as they are so complex and difficult to monitor, Monnet explains. “What about the thousands of people working with the companies? Can

you do a permanent internal audit of all your suppliers in order to make sure that these people in the procurement department are not corrupted? It is very difficult. “At first we have to detect and then make a decision. Do I externalise or delocalise our production or do I support additional costs of transport to address this?” It is difficult to completely eliminate all risks for a company, but there are some red flags Monnet believes firms can look out for. These vary depending on the risk. “A red flag for a counterfeiting operation would be non-explainable loss of sales on this market,” he says. “There is no new entrant, you don’t have any new competitors, but your sales dropped.” Monnet says these kinds of risks need to be embedded into current business teaching today if the CEOs of the future are to have any chance of combating the effects of crime.

But presently how a firm reacts to these scenarios will come down to the ethics – or lack of – of senior management… “Maybe there are corrupt executives, corrupt technicians and corrupt workers,” Monnet says. “If a company wants to be protected from counterfeiting, why do they have production in certain countries associated with it? They risk being counterfeited by my own suppliers.” This is exactly the same for terrorism, he points out, where oil and gas companies operate in areas where Al Qaida has a presence because that is where the money is. As a consequence, Monnet explains, staff have been taken hostage and killed. If a company puts profits over the safety of people and the standards of products, it raises all sorts of ethical questions about the person calling the shots. According to Monnet, decisions on whether to take such risks too often depend on how it will impact the bottom line of a company. “Do you decide to accept the risk or not?” he asks. “At the end of the day it depends on the ethics of the CEO. Once they have identified risk, what is their behaviour?” He shows me a photo of some pirates in Somalia. “Right now, the attacks are really low, but two years ago the most important shipping company in the world, Maersk, decided not to travel through the Suez Canal,” he explains. “They decided to adopt a new route – which is in fact an old one – which created major international costs for fuel because it took two weeks longer. But what about the other companies who decided to maintain this route?” It is imperative, Monnet says, that business leaders understand how economic crime is closely related to the ethics of a company, and the EDHEC is introducing a new business ethics class next year. According to the United Nations Office on Drugs and Crime, the estimated amount of money laundered globally in one year represents 2 to 5 per cent of global GDP – or $800billion to $2trillion. For individual companies hit by criminal activity, the cost is difficult to estimate, says Monnet. He cites recent examples of firms suffering the consequences, such as Volkswagen, which was caught cheating in emission tests and fined billions of dollars, or Enron, where widespread institutionalised accounting fraud led to the eventual collapse of the energy giant. Although companies can’t completely insulate themselves from risk, Monnet suggests that by putting clear processes in place and developing a culture that knows your customer, as well as internal and external audits, it can be mitigated.

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

business-reporter.co.uk

Business Reporter UK

@biznessreporter

Earth: the final frontier In space, there is no air, gravity or easy way to get home if something goes wrong. Joanne Frearson talks to astronaut and engineer Mike Massimino about how this isolated, extreme environment gives us the chance to improve the way we live life back on Earth

VER SINCE he was a little boy, Mike Massimino dreamed of going into space after watching Neil Armstrong take mankind’s first steps on the Moon in 1969. Eighteen years later, in 1996, his dream became a reality after he was selected for NASA’s astronaut programme after stints working as an engineer for IBM and NASA. He undertook two space missions during his time as an astronaut – in 2002 and 2009 – to upgrade and service the Hubble Space Telescope. But Earth is never very far from an astronaut’s mind – or, indeed, view – during a close-oribit mission. Massimino tells Business Reporter that his favourite part of the trip was over Australia. “It is a very interesting, beautiful place to fly over,” he says. “You can see the colours in the water of the Great Barrier Reef and the deserts, and where people are living in the big cities.” But working and living in space is no easy feat – a hostile environment for which astronauts must undergo extensive training to be able to effectively manage projects, and indeed, survive, on the International Space Station. “Just outside the spaceship is death,” Massimino points out. “There is no air. There is no easy way to get home. There is radiation as well – you have to protect yourself from the radiation that is out there.” To ensure the safety of the astronauts and the station, meticulous checklisted routines devised by NASA have to be followed. “You follow procedures,” says Massimino. “You work with the ground control a lot for all your tasks – you have a map of what you are going to do that day, so your plan is layered out for you. You can follow it on the computer – as time marches on a little line marches across your schedule and tells you what to do next. “That is what your day is like. You follow that plan as best you can – for exercise periods, when you are going to eat, when you are going to do experiments, when it is time to go to bed and so on. There is flexibility, but it is also a plan to try and get us much as you can into a day.” Being an astronaut means always having to be on alert, Massimino explains.

Right: Mike Massimino working on the Hubble Telescope during a spacewalk in 2009

“The big problems are things like fire or depressurisation,” he says. “Fire is obviously very bad almost anywhere, but in a contained environment [like the ISS] it could be really bad. Also, you are concerned about a depressurisation, which could happen from a micrometeorite impact. “You are not waiting for it, but you have to be ready just in case something like that happens. You always want to know your emergency procedures really well. You study those, you are tested on them before you get a chance to fly.” Before going into orbit, Massimino undertook survival training on land and water, and learned how to escape from an aircraft, move in zero gravity and control objects in space. Training also heavily emphasised softer skills and working together as a team to solve problems. The astronauts’ training focused on how to work with the people you are with, says Massimino – “not only with each other, but also with your mission control centre”. “You are always refreshing these skills – whether it is space-walking or learning the systems, flying in the airplane or working the robot arm. You are always training, training, training, trying to keep your skills as good as they were and hopefully improving as time goes on until you get assigned to a flight. Then you focus on what you are going to do for that flight.”

In such a harsh environment, not just the staff but also the equipment needs to reach exacting standards, and is specially designed for astronauts to operate effectively in zero gravity. And as a result, the often ingenious solutions to the unique problems of working in space have frequent practical benefits for us back on Earth. “Some of the problems we are solving in space are similar to problems we have on earth in some of the remote areas of the world,” says Massimino, who – when he isn’t working for NASA in orbit – is a professor of engineering at Columbia University and adviser for space programmes at New York’s Intrepid Sea, Air & Space Museum. “For example, providing healthcare throughout the world in places where there may not be adequate hospitals is a similar situation in space. We don’t really have a hospital on board the space station, and we won’t when we travel beyond where we are now – back to the Moon, or onwards to Mars. “Things like being able to monitor your health with small devices – taking a blood test on an iPhone or an iPad and have it analysed with a piece of equipment or an app – those [situations] have applications for remote environments.” Technologies developed for space are also being adapted to help people who don’t have access to necessities such as clean water. “Water and air are rare commodities in space,” Massimino says. “We

do a lot of recycling of water on the space station. That has spin-off technologies for places where they do not have enough clean water.” Massimino explains that what drives Earthly technological innovation doesn’t necessarily translate in space, largely thanks to the sheer expense, which means things aren’t just upgraded for the sake of it if they still work. “New technologies in space depend on where it is going to help you,” he says “You want to be careful because you have lives at stake. You have lives at stake with a lot of technology here on Earth too, but we’re very concious of that in space, so if something works we tend to say, well, it is good enough, let’s not necessarily fix it in space – it’s very expensive to get things flight-qualified. It’s a lot cheaper [than it used to be] though – with the Space Shuttle, the computing power was [from the] 1970s. It was too expensive to upgrade, but it was good enough. But on the Space Station now, the computers are laptops, which can be exchanged much more easily.” Space also gives astronauts the opportunity to undertake projects to see how various types of materials act in an environment with different gravitational and atmospheric conditions. “The characteristics of new materials, new vaccines, and the understanding of how things like combustion works – we can do that in a different environment in space and kind of augment the research that is going on on the ground.” Massimino also points to advances in medical understanding that are a result of efforts to overcome the effects of weightlessness – which include bone and muscle loss and vision defects – on the human body. “Understanding those [problems] can help us with similar ones we experience on Earth,” Massimino says, “whether it has to do with vision, the

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

facebook.com/biznessreporter

info@lyonsdown.co.uk

“Some of the problems we are solving in space are similar to problems we have in some of the more remote areas of the world. For example, providing healthcare in places where there may not be adequate hospitals is a similar situation as that in space. We don’t have a hospital on board the space station, and we won’t when we travel beyond where we are now – back to the Moon, or onwards to Mars” – Mike Massimino

The International Space Station in numbers…

32,300ft3

muscular or skeletal system, or the way the vestibular system works for hand-eye co-ordination and so on.” Space is also a great general vantage point – a wide lens through which to observe the Earth as it turns. “It is a great perch to have the ability to observe changes, whether they be environmental or natural disasters or whatever is happening on our planet,” says Massimino. “Having that viewpoint from space is very helpful.” Indeed, what strikes him most is just how vulnerable Earth is. “The only thing

that is keeping us alive on planet Earth is Earth itself – our atmosphere, our environment,” he says. “It keeps us healthy and provides this beautiful place to live. “Just a few hundred miles up you can’t do that. You need a space suit. The next spot where we could go – we don’t know where that is yet. I looked around and I didn’t see anything close by. Our next option is a long way, a way both in distance and in time. I don’t know when we are going to find another Earth, if ever. We need to take care of this planet.”

The ISS weighs almost 454 tonnes – or as much as 320 automobiles

357ft

100+ phone boxes

The International Space Station measures 357 feet end to end – roughly the same length as a football pitch

SOURCE: NASA

320 cars

The internal pressurised volume of the International Space Station is 32,300 cubic feet, which is equal to that of a Boeing 747

More than 100 telephonebooth sized rack facilities can be in the ISS for operating the spacecraft systems and research experiments

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

business-reporter.co.uk

Protecting your email from the criminals We are all well used to receiving phishing emails – but implementing a simple technology called DMARC would go a long way to solving the problem, writes Jeremy Swinfen-Green

T THE UK launch of Verizon’s 2018 Data Breach Investigations Report (DBIR), we learned that phishing attacks delivered by email continue to be a major problem for organisations. According to the report: “Phishing and pretexting represent 98 per cent of social incidents and 93 per cent of breaches. Email continues to be the most common vector (96 per cent).” Phishing emails are obviously still getting through in large numbers. And, sadly, around 4 per cent of email recipients will still click on a link in a fraudulent email. So what is to be done? One answer is Domain-based Authentication, Reporting and Conformance (DMARC). And at the launch event of Verizon’s DBIR, in London’s Mansion House, Philip Reitinger, CEO of the Global Cyber Alliance, made a plea for the increased use of this relatively simple way of protecting email from the scammers.

Cyber-security for email Simply put, DMARC is a method of filtering out suspicious emails. One of the problems with email is that it is very easy to “spoof” email addresses. That email you get that appears to be from Fred@MegaCorp.com may in fact be from a fraudster who has simply used a MegaCorp.com email address as the “from” address on the email you have received. So you don’t know who the email is really from even if you check the sender address.

“Phishing emails are still getting through in large numbers. And, sadly, around 4 per cent of email recepients will still click on a link in a fraudulent email”

However, if you have DMARC set up correctly, your email system will match the “sender” email with the actual address it is coming from. If something looks dodgy, then the email can be rejected or quarantined, depending on your settings. DMARC builds on two other commonly used email protection systems: Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).DMARC enables your email system to indicate that your emails are protected by SPF and/or DKIM, and tells the email system of the recipient what to do if the email does not pass either SPF or DKIM authentication (for example, reject it). This means that your reputation is protected from incidents such as a customer receiving an email which appears to be from you, but contains some malware in an attachment.

I already use SPF – why should I bother with DMARC? Many organisations use SPF to protect their emails. But rather fewer use DMARC. The Global Cyber Alliance explains the problem this way: “The main reason is that SPF and DKIM on their own contain various weaknesses. However, when both are combined with DMARC, both protocols are enhanced and more secure.”

And one important way that security is enhanced is through DMARC’s generation of reports, which SPF doesn’t do. Those reports are key to plugging holes in security.

Is your email cyber-safe? Using DMARC won’t protect you from all cybersecurity risks. It won’t even protect you from all email-borne risks. But it will make a big difference to your overall security profile. Is your organisation using this protection? It’s easy to find out. Go to https://dmarcguide. globalcyberalliance.org/ and type in an email address used by your organisation. If it turns out that your organisation isn’t using DMARC then a conversation with people in your IT department will be in order. Remember though: you need to protect all your email addresses from the fraudsters. It isn’t sufficient simply to protect the top-level domain (name@mycompany.com), or the one you use most frequently. Any email address using subdomains (name@info.mycompany. com) or additional domains, whether or not they are actively used for email (name@mycompany-uk.com), needs protection. Jeremy Swinfen-Green is head of consulting at TEISS. For more information on how you can improve your cyber-security, see TEISS.co.uk.

Business Reporter UK

@biznessreporter

Can the UK police tackle cyber-crime? ANNA DELANEY

MID THE finery of the Mansion House interiors in April, Lord Mayor of London Charles Bowman welcomed an audience to hear UK police and cyber-security experts discuss how UK law enforcement is addressing the growing threat of cyber-crime to UK businesses and cr itical national infrastructure. At the launch of Verizon’s 2018 Data Breach Investigations Report, Ian Dyson QPM, commissioner, City of London Police, shared his thoughts on how the police are handling the ever-expanding scale of cyber-attacks. He pointed out that 70 per cent of fraud is now cyber-enabled, with cryptomining and jacking among the top cyber-crime trends. Social engineering was also a big concern, said Dyson, describing how young people in particular have chosen convenience over security when it comes to the data they share in order to use certain apps – which, while it might make life easier and more interesting, essentially means users are giving away their data, and are unaware of how it could be being used. Dyson gave the example of people posting screenshots of their newly acquired driving licences on Facebook – the risks are obvious. Despite such fears, though, Dyson said the UK’s cyber-security is in a better state than we might think, and is currently ranked as the fourth most effective in Europe. However, he did point out that the City of London Police has a national

Commissioner Ian Dyson of the City of London Police

responsibility for cybercrime protection. He raised the need to create a security blanket to help businesses see that they’re protected, for which he proposed a plan that’s already working elsewhere in UK law enforcement. This idea is based upon Project Griffin, which was originally established by the City of London Police in 2004 to combat the rising levels of terrorism in a post9/11 world. Its main goal was to foster security awareness across the capital’s busi ne ss com mu n it y through effective and timely information-sharing with law enforcement. The commissioner said that a lot can be learnt from Project Griffin, and that there was a need to take those principles to cyber-space. The UK Police needs to act fast, said Dyson, highligting the fact that if your house is burgled, you would call the police. However, in a cyber-attack you would more likely approach an IT team in the first instance. Commissioner Dyson said it is crucial that UK law enforcement agencies rethink their approach to online crime, otherwise t hey r isk becoming irrelevant.

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

facebook.com/biznessreporter

Inspector The Inspector loves flying to exotic locations on holiday, but his favourite part is the airport experience, whether it’s looking at the shops, sampling the myriad eating opportunities, or just watching the planes take off and land. So – being a Londonbased hound – he was especially excited to discover Stansted Airport is about to undergo a redevelopment. The project involves the development and delivery of a new 34,000m2 arrivals terminal. The existing building will be redesigned to be a departure-only terminal. This will include the expansion of check-in, security and retail areas, along with a new airside coaching facility, aircraft stands, taxiway infrastructure and car parking facilities. Mott MacDonald and Ramboll have been appointed design engineers, while Pascall+Watson will be the architect. Mott MacDonald is also appointed project manager. Gary Howard, Mott MacDonald’s aviation projects director, says: “The redevelopment will support anticipated passenger growth and give users the high-quality facilities that they expect from an international airport.” There are 510 tall buildings in the pipeline for construction in London, up from 455 in 2016, according to the New London Architecture survey.

info@lyonsdown.co.uk

Dogberry forward, improving the industry’s long-term health.”

Stansted Airport is getting a new arrivals terminal…

The figures for 2017 also showed a record number of 115 schemes under construction, compared with 91 in 2016. The analysis suggested living in tall buildings was becoming more accepted as part of London’s housing mix. More than 90 per cent (458) of the tall buildings coming forward were residential, with the potential to deliver 106,000 new homes. But the survey also found that delivering towers was becoming more challenging, with only 18 tall buildings completed in 2017, representing a 30 per cent drop from 2016 when 26 were completed. The unexpected collapse of Carillion has left thousands of suppliers unpaid and countless employees without work. Data from Creditsafe showed failures across the construction industry

increased by 73.7 per cent in the first quarter of 2018. Figures also revealed suppliers’ bad debt (money owed by the construction sector to suppliers) increased by two thirds (66 per cent), while companies’ bad debt (money owed to the construction sector) increased by one third (33.5 per cent). The good news was that the number of new companies in the industry rose by 18.9 per cent in the past three months. Rachel Mainwaring, COO at Creditsafe, says: “Figures in today’s Creditsafe Watchdog Report represent a turbulent quarter for the construction industry. However, the breakup of larger companies such as Carillion does present an opportunity for the growing number of SMEs to take a larger market share of the construction industry going

The Mayor of London, Sadiq Khan, is calling on London boroughs to work with pension fund managers to recognise the risk of climate change to their investments and invest in clean projects rather than fossil fuels. A number of London’s boroughs, including Waltham Forest, Southwark, Hackney and Hammersmith & Fulham, have already made commitments to work with their pension funds on divestment and investments in clean projects. Khan says: “Over the last two years my team has been working closely with the London Pension Fund Authority to deliver on this pledge, and the policy they have put in place is a strong and sophisticated one that recognises the risks to pension funds if no action is taken. “By working together, we will have a louder voice to convince polluting firms to change their ways to tackle climate change.”

Project Management Tips pmtips.net

This blog offers project managers tips to handle the everyday problems they face. Posts give advice on what to avoid on becoming a successful project manager, as well as leadership techniques to keep a team connected and how to handle remote projects efficiently.

PM Basics

pmbasics101.com/blog

PM Basics focuses on software development project management. It looks at the technical skills involved in being a software development

project manager and how to create reusable management techniques. It also gives managers secret tips on how to deliver the task on time and within budget.

The Tao of Project Management

thetaoofpm.blogspot.co.uk

Created by retired project management consultant John Carroll, these blog posts are about the field in relation to Taoist philosophy. Choice quote: “By staying in the present and being aware of what is happening, the wise project manager can do less yet still achieve more.”

Project Manager

www.projectmanager.com/blog

Workamajig (iOS, Android) An app designed

for the creative industry, helping in-house teams manage their scheduling, communication, accounting and CRM systems in one place.

Monday (iOS, Android) Monday’s mission is to empower people to be more productive at work. It enables teams to be able to manage time and plan ahead visually.

This blog provides the project manager with advice, tips and strategy from experts in the industry. It’s written by Jason Westland, author of the bestselling The Project Management Life Cycle, and also includes training videos about the various roles and challenges managers face.

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

Business Zone

Four pages of analysis and expert comment

business-reporter.co.uk

Business Reporter UK

@biznessreporter

Creating Generation Agile

HE NATURE of how we educate is changing. The workplace is very different now to how it was even five years ago, and the things we need to know are changing daily. Many people are moving into careers that did not even exist half a decade ago, making it difficult to predict the knowledge they may need. Millennials, now the largest age group in the workplace, reflect this fast-changing culture. They look for flexibility in how they work, and the freedom to act with transparency and authenticity. A different approach is clearly needed. Agile techniques are becoming increasingly valued in education. You don’t have to look far to find experiential learning that reflects an Agile approach and Agile values. Education is no longer simply about sharing knowledge. It is the specific skills that differentiate us from robots that will be needed by the workforce of the next generation. These include effective communication and collaboration, the ability to inspire and motivate, and, importantly, retaining a calm head when overwhelmed by change. Organisations now need to be adaptive, responsive, and more Agile to keep pace in a world that is in a state of flux.

Current and future generations of workers will need a different skill set, and to be able to use creative and flexible thinking effectively in an ever-changing environment. Traditionally, chief executives have been expected to have more knowledge than their teams. They were expected to predict what the future would bring. Now artificial intelligence is disrupting whole industries. Gallup figures show remote working up from 39 per cent to 43 per cent in just four years, and streamed

data and real-time analytics are pushing ever-faster decision making. Referring decisions up the hierarchy takes too long, so employees need to be competent and empowered to make the right choices within given boundaries. As a result, the culture of organisations is changing, with leaders being responsible for setting the direction and then supporting their people to make the strategy a reality. This involves a greater emphasis on collaboration, with iterative working and constructive feedback

loops becoming a part of day-to-day process. Many organisations are now adopting these Agile approaches, to empower and develop their employees, improve productivity and create organisations that can respond quickly to changing market conditions. The Agile Business Conference, which takes place on September 26 and 27, draws together thought leaders from a wide span of industries and business functions to explore the title theme “Creating Generation Agile”. Experts will lead discussions across three tracks: people, strategy and delivery. We will dive deep

into the latest developments in Agile thinking to find out how we can best prepare for the challenges of our current and future workplace. Organised by the not-forprofit Agile Business Consortium, this is the longest-running Agile conference in the world. Join us at the Agile Business Conference 2018 to hear from the people that are leading the way for Generation Agile. INDUSTRY VIEW

Mary Henson (left) is CEO, Agile Business Consortium Visit agileconference.org to see the latest speaker lineup and to book your place

Ensuring the UK’s pipeline infrastructure is watertight

IPELINE INFRASTRUCTURE is invariably complex, detailed and requires continual upgrade. But while it is quite literally out of sight, it is most definitely not out of mind to those whose role it is to ensure its smooth and continual operation. However, it also has the potential to fracture and burst, with no prior warning. For example, the severe weather in the South of England this winter saw the fracturing of main pipes, and with it the loss of water supply to thousands of homes and businesses. At UTS Engineering we have a national reach that supports our clients in the utilities and other related industrial sectors, where the

guarantee of pipeline flow is vital to the running of the business. Operating from 200,000 square feet of manufacturing space in South Wales and North East England, our technicians and design engineers are, on a daily basis, providing advice and support to clients at water treatment works, service reservoirs, construction sites and traffic-sensitive and rural areas throughout the UK. Often working in highly pressurised and challenging environments, they are at the front line providing integrated solutions that include design, manufacture, delivery and installation of bespoke pipeline solutions.

What makes us stand out? We offer a 24/7 emergency service, 365 days a year, anywhere in the UK. Much of our work takes place around regular maintenance schedules, where we provide clients with solutions offering huge cost savings

while guaranteeing quality and safety. On other occasions we deploy our emergency 24/7 response team, providing instant support to clients in need. It is not unusual for us to be placed on alert, design the product, transport and fit it within 24 hours. We have a range of field teams supporting clients where there is a requirement for under-pressure drilling, cold cutting, flow stopping, in-line valve insertion, pipe freezing, pipe wrapping, pipe inspection camera systems, bespoke fabrications and pipe fittings. INDUSTRY VIEW

For further information please contact Shaun W Sadler on 0191 428 4003

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

facebook.com/biznessreporter

info@lyonsdown.co.uk

Big data in the workplace and GDPR: a SWOT analysis In a technology-driven workplace, big data can have a significant role in driving projects forward. But pending GDPR regulations have blurred the picture for many. In 2018, what are the opportunities and threats for project managers – and can they fuel the former while avoiding the latter?

LOT HAS happened since the first industrial revolution transformed agrarian and rural societies into industrial and urban centres. In the age of the fourth industrial revolution, we are fusing the physical and digital worlds with a profound impact across all disciplines, economies and industries. We are plugging technology into every aspect of our lives. Leveraging it in the workplace is therefore inevitable. It is not a matter of if but, rather, when your competitors will take that step, and gain an edge by doing so. Change remains a constant, and its pace is only likely to accelerate. As workers just as individuals, we must take a positive attitude towards change and be open to adopting new mechanisms, resources and tools that can enable our success.

Defining the concept of a modern workplace The modern workplace starts with embracing mobility. Any device can be used to do work, including personal devices. Company data remains secure and the measures put in place by IT “stay with the files” preventing users from, for example, adding business files to their personal cloud storage service. Security and productivity are not limited by outdated tools. Every worker has access to exactly what they need. Technology becomes normality. It unlocks creativity and empowers everyone to make magnificent work. Everyone relies on a common platform, the baseline that makes technology predictable and intuitive. This leads to a highly engaged workforce that is permanently connected and able to deliver teamwork. Businesses must be able to establish a good balance between keeping security and compliance in check while unlocking the potential for creativity and teamwork among the workforce. We live in a world of two or more devices, tens of apps, and thousands of files. In the old days of on-premises environments, deploying a firewall was the primary means of keeping users safe. Today, as all the elements of these environments move to a strongly protected cloud, the security paradigm has changed. Identity is now the primary element for access management and security. A modern workplace requires digital transformation. This goes far beyond technology, but solutions such as Microsoft 365 help greatly with this journey. To keep up with the times while staying compliant and productive visit http://aka.ms/microsoft365.

The modern workplace is dripping with data

“Big data is rich in business potential, but you need to be aware of regulations such as GDPR” – André Pereira da Silva, Microsoft

The scale of the data phenomenon is such that it is hard to grasp its full scope. The types of data created expand rapidly across a wide range of industries – energy, IoT, healthcare, automotive, space explorations, cyber-security, social media, telecomms, consumer electronics, manufacturing, gaming and entertainment, to name a few. The challenges of consuming that immense amount of data keep growing. During 2017, we reached a point in which more data was created in one year than in the previous 5,000 combined. Yet we leverage only a very small fraction of this data to make strategic and tactical decisions. A lot of this data is generated by or from individuals like you and me. This means there is an inherent value to the digital footprint we leave behind as we connect more bits and pieces of us and our lives to the internet.

An urgent need for regulation and compliance This is where regulation comes in. To protect your data, and your rights! The value of this data and your privacy are the driving forces behind the growing need for regulating how data is stored and used, particularly by businesses. The EU has taken a major step in the direction of data privacy with the announcement of the General Data Protection Regulation (GDPR), which comes into force on May 25. This applies to any businesses established in the EU, or businesses selling goods and services in/to the EU, or businesses processing data or employing individuals from the EU. The vast number of commercial ties between the EU and the rest of the world make this regulation relevant for many organisations globally.

control over all the projects and initiatives that are ongoing and on the pipeline of a given organisation. As children, we are taught that there is a specific way to get things done right. The common example often pointed out to me was that you don’t build a house from the roof down. Having the right tools is essential, but so is having a direction and action plan for the job. Technology and success in the modern workplace follow a similar logic. I have put the modern workplace into context and shared my insights and knowledge on world-class technology that can help your business adapt and thrive in that environment. You must be equipped with the right tools to build solid foundations for success. Big data is a phenomenon that is rich in business potential. Be aware of regulations such as GDPR and respect user data privacy rights. Identifying the solution is no longer the challenging part of addressing most problems. We live in an age when the answers are often just one quick search away. Google it, or Bing it if you will – the answer is out there, waiting for you to find it. The hard part remains effectively adopting the solution identified, especially considering that resources are limited and there is always so much else going on.

“Businesses and users are going to embrace technology only if they can trust it.” – Satya Nadella In short, GDPR means: • Enhanced personal privacy rights for users • Increased responsibility for businesses to protect the data of their users • Mandatory breach reporting • Significant penalties for non-compliance

Before setting out on a quest to address all priorities at once, businesses should review the way in which they prioritise, manage and execute their initiatives, campaigns or investments. Most of what we call digital transformation occurs through projects. GDPR compliance is a succession of projects with dependencies between each other and a clear deadline to respect.

It is important to have a clear roadmap. Guidance is readily available online – however, the detail of all the actions to be undertaken will be unique to each organisation. To find out more information visit GDPR at the Microsoft Trust Centre, or review the #ManageGDPR resources.

A successful delivery: project management All of this results in some complexity. Most importantly, the world doesn’t stop while businesses do what is necessary to become GDPR-compliant, or digitally transformed. Normal business operations must go on as well as all the other equally important transformative initiatives that are ongoing. But are they really a priority? Considering all the facts outlined in this article, shouldn’t we base that decision on data? Driving decisions from data requires having visibility and

INDUSTRY VIEW

André Pereira da Silva (left) is senior area product marketing manager (UK), Microsoft Get in touch to know more about how project management can help you with the challenges of the modern workplace and GDPR compliance #ManageGDPR manageGDPR@microsoft.com

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

business-reporter.co.uk

Business Reporter UK

Meeting the data security challenges of today’s businesses

I John Grimm is senior director of security strategy, Thales eSecurity

N TODAY’S world, data is the lifeblood of a successful business, but the balance of using it effectively and protecting it properly is pushing enterprises to the brink. With more organisations using multiple cloud providers to store and process their data, while at the same time needing to demonstrate compliance with increasingly stringent regulations, it’s essential to have a data protection strategy that is up to the task. No core technologies are more fundamental to data protection than encryption and key management. The recently released Ponemon 2018 Global Encryption Trends Study once again shows positive growth in the use of encryption across a wide variety of use cases. For example: • 43 per cent of respondents report that their organisation has an encryption strategy applied consistently across their enterprise • 39 per cent encrypt extensively in public cloud services, a number that has grown significantly in the past year Interestingly, encryption drivers have shifted towards protecting specific sensitive information, not just checking the compliance box. Compliance remains a significant driver for performing encryption – however, it has been surpassed for the first time by protecting enterprises’ intellectual property and customers’ personal

information. The trend towards identifying and protecting high-risk, high-value information is clear, and the continuing drumbeat of data breaches and associated brand damage keeps encryption at the top of the mind. We’ve seen a multi-year trend of increasing cloud adoption, with organisations looking to use the flexibility and scalability of services offered by Amazon Web Services, Microsoft Azure, Google Cloud and others. However, what differentiated this year’s results was the clear increase in the use of multiple public cloud providers. According to the report, 61 per cent of respondents are using more than one public cloud provider, and 71 per cent plan to in the next two years. By storing data in several different places, it’s harder for organisations to find and keep track of their data, which is important in the face of today’s more stringent compliance regulations. Additionally, the use of multiple cloud providers can take users down the road of using multiple native cloud encryption tools, which in turn makes it difficult to instantiate a consistent encryption and key-management policy using those different tools. Multiple tools can also increase the likelihood of mistakes such as configuration errors, which are already cited as the most significant threat to sensitive data or confidential data by 47 per cent of respondents. Organisations can benefit from taking a single-pane-of-glass approach to managing keys and

Multi-cloud encryption

61%

39%

…of respondents are using more than one public cloud provider

Encryption in public cloud services grew from 28 to 39 per cent

SOURCE: THALES

84% …of respondents use the cloud for sensitive or non-sensitive applications and data, or will do in the next 12-24 months

bringing their own encryption (BYOE) to the cloud, simplifying the administrative aspects of encryption and key management. It’s always interesting to see the changes in encryption trends from year to year. Cloud encryption was nascent five years ago, but adoption has accelerated greatly. Internet of things (IoT) encryption is where cloud encryption was back then – small and preliminary, but poised for growth. Forty-nine per cent of respondents are at least partially encrypting data on IoT devices or platforms. The current IoT security focus on authenticating devices will soon grow to include encryption and data protection. The volumes of IoT data that will be generated will soon become staggering and enterprises will be forced to create a multi-tier strategy for data protection at the edge, in the fog, and in the cloud.

And of course, we can’t forget about GDPR and the looming May deadline. We see substantial evidence in this year’s study of its effect – one example is the increase in data discovery challenges, particularly in countries such as the UK, Germany, the US and France. No matter what happens over the next year, encryption will continue to be a crucial part of any security and data protection strategy. When all else fails, data-centric methods such as encryption – with best-practice based key management – wrap a protective layer around data to thwart those that seek unauthorised access to it. Scalable, cloud-friendly encryption isn’t a luxury or insurance policy. It’s a necessity to protect the data which is the life-blood of the business.

@biznessreporter

Keeping your head in the cloud

ROJECT MANAGEMENT is a demanding vocation whose success depends on many variables, so bringing the most up-to-date technology to bear on its problems can only be a good thing. Cloud-based project management drastically simplifies complicated processes and procedures, and makes them accessible from one secure location, giving managers the ability to view live status and timeline updates, and manage tasks and clients – all from the same place. A client dashboard lets businesses share project information and updates with clients as well as the team. As project management techniques are applied, tested and refined across industries and sectors, the need for good project management becomes ever more apparent, and demand for skilled project managers increases. This is especially true of experienced project managers with a record of finishing projects on time and to budget. But the profession itself has moved with the times, and today’s project managers – and the projects they manage – require a familiarity with cloud-based tools and techniques if they are not to be left behind. Many web-based and downloadable tools exist, designed to help you provide competent communication and skilful time management. For example, softwareadvice. com provides you with a list of the top-rated cloud-based project management software available by type and price. Succeeding in this demanding profession demands focus on two critical areas: effective communication and efficient time management. And a cloud-based approach can take on much of the heavy lifting, giving the project management specialist some vital breathing space to concentrate on the work at hand. INDUSTRY VIEW

INDUSTRY VIEW

@thalesesecurity www.thalesesecurity.com

Shaz Memon is creative director at Digimax www.digimax.dental

April 2018

AN INDEPENDENT REPORT FROM LYONSDOWN, DISTRIBUTED WITH THE SUNDAY TELEGRAPH

facebook.com/biznessreporter

info@lyonsdown.co.uk

What needs to change in the UK for projects to run more efficiently? Cameron Stewart

Andrew Craddock

André Pereira da Silva

Head of product development, AXELOS

Emma-Ruth Arnaz Pemberton

Director & chair of the product board, Agile Business Consortium

Senior area product marketing manager, Microsoft

Director of consulting services, Wellingtone

E LIVE in a VUCA world – volatile, uncertain, complex and ambiguous. We can no longer base our projects on predictions of the future and our experience of the past, as too much is changing, too quickly. UK organisations need to change traditional ways of working to meet the challenges of this new world. Commandand-control hierarchies need to give way to empowered project teams that can be responsive and adaptive, meeting opportunities as they arise and delivering value when it is most needed. To achieve this, organisations need to develop safe cultures, where challenging assertions and testing hypotheses in the spirit of true collaboration ensures the effective delivery of value. By delivering projects iteratively and incrementally, improvements can be made throughout the process, allowing what is being delivered to flex according to an evolving context and marketplace.

THIRD OF organisations never or only sometimes complete projects on time or to budget. Organisations cite poorly trained project managers as their main challenge, with poorly trained project sponsors ranking fifth, according to The State of Project Management Report 2018. You wouldn’t allow someone to drive a forklift truck without the proper training, so why do we hand important projects to enthusiastic experts without giving them a fighting chance? Best practice exists and is supported by a wide range of national and international certifications, including those from the chartered body of our UK profession, the APM. At Wellingtone we pride ourselves in offering specialist APM-accredited qualifications. Training isn’t the full solution, but it is part of this journey and an easy step to take, and each organisation must recognise the path they need to walk to improved PPM maturity. Embrace best practice and get qualified!

INDUSTRY VIEW

@AXELOS_Cameron cameron.stewart@axelos.com

#ManageGDPR manageGDPR@microsoft.com

+44 (0)1233 611162 www.agilebusiness.org

01753 621200 www.wellingtone.co.uk

HIS ISN’T just a question for the UK, but a global one. We need to understand that projects don’t just deliver products, they enable change, and this means benefits and value must be considered throughout the project lifecycle and beyond. Business leaders must recognise the importance of integrating project and service management into a true value-driven lifecycle for products and services. This is how organisations will optimise change and therefore value from project work. In short, PRINCE2 project managers must understand ITIL service management – and the reverse is also true. Add to this the rise of agile approaches including PRINCE2 Agile in global organisations, and multimodal delivery strategies for change enablers, and we will experience not only a broadening of the knowledge required of project managers, but also a significant increase in the complexity of the role. Challenging, and exciting, times ahead for all involved in our profession!

IGITAL TRANSFORMATION. Businesses of all sizes and types in the UK must evolve their tools and processes to keep up with the challenges and benefits of modern times. It will be increasingly difficult for any country, organisation and even individual to stay competitive and be successful without taking into consideration the digital world. Accomplishing this is hard work, and despite the name the scope of this transformation goes far beyond technology. Each of us should do his or her part in propelling our organisations and countries forward. The same curiosity and resourcefulness that help us learn all about the new gadget we invested in for our living room can also be used to learn about the ways in which technology could be beneficial in our workplace. It is down to each of us to challenge our leaders about the ways in which technology is currently used to support operational and decision-making processes but also day-to-day work and collaboration.

We could be so much better at project management “It’s worth taking an honest look at how projects are selected, planned, managed and closed to see if you can make a step-change in your PPM maturity”

CCORDING TO Wellingtone’s The State Of Project Management 2018 report, 50 per cent of project management practitioners are somewhat or very dissatisfied with the level of PPM maturity in their organisation. If you feel the same, then at least you’re not alone. Disappointing, though, isn’t it? Not only that, but 25 per cent of organisations apply a project and portfolio management (PPM) methodology to projects “sometimes or never”, with similar numbers taking the same relatively lax approach to writing a scoping document or undertaking risk management (28 and 22 per cent respectively).

Organisational strategy can only be delivered through change – change means projects, and projects need to succeed. The same survey tells us around a third of organisations “sometimes” deliver projects on time or within budget. The chartered body for our profession, the Association for Project Management, retains an ambitious vision, inspiring everyone to create “a world in which all projects succeed with project management as a life skill for all”. Getting all projects to succeed is certainly a noble ambition. To increase the chances of this means looking to make a step-change in our PPM maturity. This should be one of the key strategic aims of every organisation. If you want effective, timely change, you need “good” PPM. At Wellingtone we spend much of our time enabling our clients to do just that. Step-change in PPM maturity is a journey and every organisation should plot the path it needs to walk. We often suggest clients focus on four key drivers: PPM methodology (including governance), training (including mentoring and support), PMO and PPM tools. Making conscious co-ordinated improvements on

The key to good PPM WHAT MIGHT “good” PPM look like? Here is a list of simple practical characteristics. It’s not exhaustive, but see how many boxes you can tick for your department or organisation… Defined project approval process Project oversight structure (governance) A defined project life cycle Consistent use of project management documents and tools  Agreed and signed off scope of work  Clarity of and focus on benefits    

these fronts enables significant PPM maturity change, and therefore greater project success. It’s worth taking an honest look at how projects are selected, planned, managed and closed to see if you can make a step-change in your PPM maturity. Don’t go all sophisticated – start simply. A sophisticated PPM methodology leads to complexity. Complexity leads to lack of buy-in. Lack of buy-in leads to people working around the defined process, and we are back to poor PPM maturity.

Clarity of project roles and responsibilities A planning phase before work starts A progress cycle when works starts Consistent status reporting Honesty with RAG KPIs and help when reds or ambers are shown  Lessons learned fed into future projects  A PMO function to drive best practice (and so much more)  Training, mentoring and support for those given the challenge to run or sponsor projects     

Take the list of characteristics in the box above to your organisation this week. What improvements can you make to methods, training, PMO and tools? Agree a set of practical changes and start walking the journey to improved PPM maturity. Take everyone with you through – you won’t reach your destination alone. INDUSTRY VIEW

Vince Hines is managing director of Wellingtone 01753 621200 www.wellingtone.co.uk