Skip navigation
Twitter   Follow us  •   Share   Share    Become a member
Home Business Technology Strategy Business Technology Execution Professional Development Live Exchanges Smart Archive Smart Enterprise Magazine

Editor's Notes

4 Posts tagged with the risk tag
Paula Klein
0

 

Innovation. Everyone wants it; few achieve it — or at least not easily. That’s a fact I was considering recently when I interviewed Faye Sahai, Executive Director of Innovation and Advanced Technology at Kaiser Permanente, on the topic of “Seeding Innovation.”

 

Fostering innovation-- a topic we have discussed previously in a blog and another here -- is gaining new urgency. Scan the news these days and you’ll see summer camps, professional organizations, governments, and of course businesses in every industry and country, offering awards, incentives, contests and funds for new ideas. They all seem to know that without innovative approaches and fresh ideas, the economy will stagnate and progress will stall. Why, then, is it still so tough to really execute on these goals?

 

One reason, alluded to by Google’s CEO Larry Page last week, is that you have take risks. In response to questions about the company’s innovation model, he was quoted as saying: “When we started doing search, people thought we were crazy.” Clearly, that risk has paid off.

 

Another big innovation inhibitor is funding. Even Google’s Page and other executives — never mind those lower down in the organization — have to defend some seemingly “crazy” investments to nervous boards and investors who don’t see innovation for its own sake as a good business model.

 

Additionally, many experts say that in order to succeed, you have to expect some failures along the way — and that’s not always easy to accept. In fact, at many organizations, corporate culture can become a barrier that restrains innovation. Unless everyone is in sync — and makes innovation part of the way the enterprise operates — it will be tough to pull off.

 

These are all points that Sahai addressed during our interview. Kaiser — one of the nation’s largest not-for-profit health plans with $424.2 billion in 2010 revenue and more than 8.6 million members — seems to have conquered these innovation obstacles, and a long list of awards and accolades demonstrates that it’s on the right track.

 

It certainly helps that Chairman and CEO George Halvorson is on board, as is the CIO, Phil Fasano. But even with buy-in, innovation could get stalled in the discussion phase without someone like Sahai and her team driving it forward every day.

 

As she told me, “Innovation is in the company’s DNA; it’s part of our root and core.” To some, Sahai may have a dream job, with access to internal and external partners and the weight of Kaiser’s Garfield Innovation Center at her disposal. But her own diverse background in both IT and business has helped her to champion ideas and inspire others while aligning with the business every step of the way.

 

With healthcare reform and competitive pressures, she knows that there’s a lot riding on leapfrogging others with new robotics, e-health and predictive analytics, as well as fast delivery of member services. At the same time, she needs the support of the doctors, nurses and providers who are often more concerned about high touch than high tech.

 

Her tactics are to collaborate closely with IT to “operationalize” innovation rather than keeping it in silos. For instance, she uses an internal social media platform to share ideas and expertise among employees “so it bubbles up” through the organization. Additionally, HR rewards idea-generation as part of employee performance reviews. It takes “technology, people and funding,” to put ideas into action, she says.

 

Sahai makes it seem easy to seed innovation — and maybe it is. Her advice? Open the environment to employees and partners; identify a leader and a strategy and fund the efforts, and encourage sharing of both successes and failures.

 

Hey, it’s worth a try …

 

You can find more data on IT innovation in this article on Smart Enterprise Exchange. For more details on Kaiser’s efforts, read the current issue of Smart Enterprise magazine. Also, listen to the full podcast with Faye Sahai and let me know your thoughts.

 

 

 

Paula Klein

 

Editor and Community Manager

 

Smart Enterprise Exchange

819 Views 0 Comments Permalink Tags: innovation, podcast, faye_sahai, kaiser, kaiser_permanante, healthcare, robotics, e-healthcare, california, collaboration, phil_fasano, smart_enterprise_magazine, risk, funding
Paula Klein
2

 

Based on several new reports, as well as conversations I’ve had with CIOs recently, the cloud is either a “haven for cybercriminals” as one news service claimed, or cloud security is no different from other networking platforms and fears are overblown. Two extremely opposite views, I’d say. So which is accurate?

 

I hope I will find some answers at our upcoming Smart Enterprise Exchange event on the topic of cloud security. It will be a great opportunity to meet some of our New York-area members and to hear our expert panelists. But also, I admit that the topic itself is becoming more enigmatic to me.

 

 

In many circles, the main knock against public cloud services — that they are too risky for sensitive corporate data — seems to be losing steam. For instance, Joseph Puglisi, a veteran CIO and a co-founder of the Cloud Computing Consortium at Stevens Institute in New Jersey, suggests that large service providers can offer as much — or probably better — security than most businesses can.[Joe also spoke at our conference, read more here.]

 

 

Industry publications go even further and claim IT execs can quit worrying, and reputable blogs, like one by Irwin Lazar, VP at Nemertes Research, are practically proclaiming that the issue is resolved. Lazar writes: “By leveraging the positioning of security services outside of your network, you can identify and stop DoS attacks before you feel the impact.”

 

 

Can it be that simple?

 

 

It seems like only yesterday that IT executives were wringing their hands about the risks cloud models — along with mobile devices and social media — pose for their businesses. Just this week, the NASDAQ stock exchange reported that hackers had tampered with its systems.

 

 

Beyond that, risk analysis experts, such as Drew Bartkiewicz, Founder and CEO of CyberRiskPartners, warn that SLAs alone can’t prevent every possible occurrence. “Reliance on the premise that clouds are better at security than their customers does not equate to evaporated financial risk,” he writes in a current article posted on Cloudbook.net.

 

 

Meanwhile, industrywide standards and government regulations continue to unfold, including a new U.S. federal standard known as the Federal Risk and Authorization Management Program. FedRAMP was released to supplement the widely used Federal Information Security Management Act (FISMA) requirement for vendors doing business with government agencies. Many experts, including Gartner in this report, have outlined steps to protect data in the cloud.

 

 

As usual, I suspect that the cloud security issue is not as black-or-white as some may suggest. I have blogged previously about the complications of IT security, and on this Smart Enterprise Exchange community site last year, experts, such as Nils Puhlmann, co-founder of the Cloud Security Alliance, said thatsome of the worries are unfounded.” Yahoo CIO Michael Kirwan also claimed that the biggest risk for his company would be not adopting the cloud at all. And our webcast panel in November debated the topic, as I noted in this blog.

 

 

On balance, this assessment seems sound: “Cloud computing has weaknesses, but it also offers the opportunity to aggregate and automate cyberdefense,” according to the Center for Strategic and International Studies. The report, "Cybersecurity Two Years Later," is a follow-up to "Securing Cyberspace for the 44th Presidency," which the group issued in 2008.

 

 

Amid all of these conflicting reports, CIOs face a dilemma: They need to act quickly to cut costs, increase agility and provide on-demand services to business users. Therefore, they would like the security “bugaboo” to disappear. “We must push the envelope,” James Williams, CIO at NASA’s Ames Research Center, was quoted as saying recently. His group is developing an Infrastructure-as-a-Service offering for the entire agency. “It’s not so much about making the cloud secure, but about using the cloud to leverage best practices in security across an enterprise,” he said.

 

 

Enough said. Maybe it is time to put the debate on hold and let the cloud rollouts begin. Then, each business can decide where to beef up security and where it is “good enough.” Do you agree? Where do you draw the line on cloud security risks? I will report back after our March 1 event, meanwhile, please share your thoughts …

 

Take the poll here and compare your thinking with your peers.

1137 Views 2 Comments Permalink Tags: cloud, cloud_computing, cloud_security, security, nasa_ames, nasa, yahoo, michael_kirwan, nils_puhlmann, cybersecurity, gartner, fisma, fedramp, standards, joseph_puglisi, cloud_computing_consortium, stevens_institute, breaches, nasdaq, risk, drew_bartkiewicz, slas
Paula Klein
1

 


“Blocking social media is old school,” according to one speaker I heard recently at Interop. And what technology leader wants to lag behind the times? The same speaker claimed that information security cannot be assured; only managed. And another session that day touted the benefits of hosting your entire security operations in the cloud. Will security-in-a-box become ‘new school’ and avant garde very soon?

 

 

It’s no surprise that security was a popular topic at the Interop conference in New York a few weeks ago. Yet, the more I learn about IT security risks and solutions, the more of an enigma the issue presents for me. To borrow a recent movie title: It’s Complicated.

 

 

Experts speak as though security is the only nagging concern holding back cloud computing, mobile technologies and social media from simple, ubiquitous implementation. Without those worries, the logic goes, these technologies would be firmly established business platforms by now and unstressed IT executives could spend more time on holiday!

 

 

In fact, breaches are rampant, and how to fast-track risky, emerging technology is the biggest challenge IT faces today. Marcio Salles, a member of Smart Enterprise Exchange, in his blog cites a recent report predicting that U.S. mobile data traffic will exceed 1exabyte by the end of this year! How will you begin to manage and secure that data?

 

Appearing fashionable isn’t enough reason to jeopardize customer trust and intellectual property — even if it reflects “old-school” thinking. Neither can CIOs and security officers be impediments to technology deployments. They are well aware that internal and external customers can move ahead without IT’s blessings as they use Facebook for e-mail, Skype for phone service and Google to host their apps.

 

 

So what is a viable strategy? One speaker recommended that guidelines be put in place to define acceptable risks versus business rewards for each application. Another said that traditional firewalls only work at the perimeter of the business; new efforts have to focus on the broader environment. These generalities sound pretty basic to me and light on specifics.

 

 

How are you approaching the dilemma? Can you be cautious and proactive at the same time? Our recent three-part audiocast with security and privacy officers from Nationwide Insurance, Equifax and Royal Ahold addressed some of the ways they approach risk. Our recent interview with Akamai Technologies' Andy Ellis, sheds light on the topic as well.

 

I also invite Smart Enterprise Exchange members to start a discussion and an interest group around this topic to offer best practices and real-world solutions. Please add your insights and comments here.

 

 

Paula Klein

Editor and Community Manager

Smart Enterprise Exchange

740 Views 1 Comments 0 References Permalink Tags: security, interop, social_media, web_2.0, facebook, andy_ellis, audiocast, firewalls, risk
Paula Klein
2

Entrepreneurs go against the grain to passionately achieve business goals. They take risks and hope to win big. At least that’s the stereotype: Think dot-coms, venture-capital investment firms and garage start-ups.

 

How, then, is it possible to be entrepreneurial as a CIO — particularly at a major, global enterprise? It’s a question we’re considering here at Smart Enterprise Exchange. My view is that you can be entrepreneurial in any organization, but you’ll be spinning your wheels unless you have a supportive corporate culture and executive backing.

 

In a January report entitled, “The Business Impact of the Entrepreneurial CIO,” Gartner claimed that the distinctive feature of the entrepreneurial CIO is “the proactive willingness and courage to take the high-level risks also undertaken by the business, to provide new or breakaway competitive advantages that translate directly into revenue, financial results and market share.”

 

Not very realistic in the current economy, is it? And how does that differ from all of the innovations and business alignment CIOs have focused on for the past decade?


I prefer the more balanced view put forth by Clark G. Gilbert and Matthew J. Eyring in a May Harvard Business Review article, “Beating the Odds When You Launch a New Venture.” To summarize, Gilbert, who is President and CEO of Deseret Digital Media, and Eyring, President of Innosight, a consulting and investment company, say that “despite the popular image of entrepreneurs as risk-loving cowboys, the reality is that great entrepreneurs don't take risks -- they manage them.” These leaders decide which risks to tackle first and which ones to set aside.


We think that Clif Triplett, who became Baker Hughes’ first CIO 18 months ago, is on the right track as an entrepreneurial CIO. Surely, he’s not as free as a solo venture capitalist to follow his dreams and invest in long-shot ideas; he works within business objectives and funding. At the same time, as he explains in our Professional Development article this month, he does have latitude to choose projects, establish partnerships and collaborate inside and outside the firm’s global borders — all with corporate buy-in. In return, he’s accountable to those same corporate executives to demonstrate ROI and generate business revenue.

 

We’d like to hear about other examples of entrepreneurship by CIOs. Do you operate IT as a business-within-the business — with your own P&L, staff and agenda? What are the risks if your ideas don’t deliver as expected? Is your corporate culture one that accepts failure as the price of innovation? Let us know here or begin a discussion with your peers.

 


Paula Klein
Editor and Community Manager
Smart Enterprise Exchange

865 Views 2 Comments 0 References Permalink Tags: gartner, entrepreneur, baker_hughes, triplett, risk, clif_


Paula Klein

Paula Klein

 Member since: May 14, 2009

Get the latest news from Editor, Paula Klein.

View Paula Klein's profile

Incoming Links

We encourage your feedback. Reach out via the "Contact the Editor" and "Contact the Concierge" services for any needs, questions or comments. We look forward to serving you!

Paula Klein, Smart Enterprise Exchange Editor
e-mail

Ellen Lalier, Smart Enterprise Exchange Concierge
e-mail
phone 516-562-5727; fax 516-562-5466