Tag Archives: cio

Securing Access to the Cloud with Security as a Service (SECaaS)

What Is Security for Cloud Computing?

“Security controls in cloud computing are, for the most part, no different than security controls in any IT environment. However, because of the cloud service models employed, the operational models, and the technologies used to enable cloud services, cloud computing may present different risks to an organization than traditional IT solutions.

Cloud computing is about gracefully losing control while maintaining accountability even if the operational responsibility falls upon one or more third parties.

One of the attractions of cloud computing is the cost efficiencies afforded by economies of scale, reuse, and standardization. To bring these efficiencies to bear, cloud providers have to provide services that are flexible enough to serve the largest customer base possible, maximizing their addressable market. Unfortunately, integrating security into these solutions is often perceived as making them more rigid.

This rigidity often manifests in the inability to gain parity in security control deployment in cloud environments compared to traditional IT. This stems mostly from the abstraction of infrastructure, and the lack of visibility and capability to integrate many familiar security controls — especially at the network layer”. [extract]

CSA Reference Model

Proofpoint – Security as a Service

CEO Gary Steele discusses how and why Proofpoint uses cloud-based technologies to deliver security and compliance solutions to its customers. Benefits of security-as-a-service solutions are cost, superior threat detection, prevention, and innovation.

Cloud Security Platform –  CloudAccess

Enterprise security delivered from the cloud as a SECaaS (Security-as-a-Service) application. http://www.cloudaccess.com/ – CloudAccess eliminates risk for customers and delivers a cloud-based IT security platform that is easy to use, affordable and manageable.

TELCO Challenge – Cloud Security Services

Almost by definition, telecom operators are becoming cloud service providers, opening up new opportunities to become a trusted extension of corporate IT.

In this video, Jim Reavis, Executive Director of the Cloud Security Alliance, discusses the two-fold requirement for operators to best secure their own networks while leveraging this infrastructure for outsourced IT services.

Nick Kael, Principal Security Strategist at Symantec, discusses the telco challenges of multi-tenant cloud security. Four design principles for cloud security are presented.

So Security as a Service (SECaaS) is the set of security service capabilities that are typically provided by a third party using the SaaS (software as a service) model.

At a hardware level the local / global network providers (Telcos) have deep expertise in all types of security offerings for Traditional IT and Cloud IaaS and PaaS.

The Cloud Security Alliance is a trusted source of research that will enable you to evaluate and procure next generation Security as a Service(s).

You can procure a managed cloud security service but it is important to understand that the Security as a Service broker sits between the Customer and the Cloud Service Provider.  Cloud Security is a shared responsibility but you can’t handover accountability for risk management and information assurance.


Leave a comment

Filed under Business

CISCO has a Cloud CTO; does your organization need one too?

Lew Tucker Cisco Cloud Chief Technology Officer

“As a CTO, I think we’re often asked to look around corners, to peer into the future and to extrapolate from what we see in the marketplace today and technology trends so that we can anticipate what’s coming next.

One of the things I think we find is that the market always responds to a need that’s present in the marketplace by the customers.

So one of those needs was to develop the software that Amazon runs in an open-source environment so that anybody could build their Amazon-style cloud.

And so Cisco saw an opportunity here to influence that and in fact make sure that the idea of a network based service would become an essential part of this new open-source, OpenStack cloud”.

Lew Tucker @ Cloud Connect

You will have to adjust the volume.  Excellent presentation slides supporting the key messages that he conveyed.

Moving to a world of many clouds – “connected Clouds”

As we move forward we will start to see the emergence of industry vertical clouds e.g. Healthcare, e-Gov

06:05 Cloud Focus. It is important that we get the cloud computing model right

Build out your virtual data centre with the trinity of Network, Compute and Data services

07:40 OpenStack high level overview

Description of Quantum Network Service Abstraction

Multi-tenant Virtual Data Centres

Think deeply about what you want in your own Virtual Data Centre in the Cloud

Organizations will typically ask the CIO or the CTO to assimilate responsibility for the design of the Cloud Strategy and implementation of the Cloud Model.

For me the cloud ecosystem is far too dynamic and moving at such a pace that the sole focus of the CTO must be on enabling Business change and delivering cost savings.  The CTO must specify whether Application placement will either be close to the customer [Systems of Engagement] or close to the data. 

Presently key Business stakeholders have no interest in the Data Centre infrastructure and are ambivalent regarding from where Compute services are sourced.  For example iCloud, Dropbox etc. are ubiquitous and always on.

The CTO should be responsible for the Cloud Blueprint.  One design solution increasing in adoption is where Virtual Private Clouds extend the Data Centre into the cloud.  Network service providers deliver Virtual Private Network tunneling and multiple subnets to enable the seamless linkage between the physical data centre and elastic compute services.  

Moreover, the CTO must support the Sourcing and Procurement function manage the commercial relationship with Cloud Service Brokerages who package cloud services for customers.  

For me there is a clear distinction between the CIO, CTO and Cloud CTO roles.

  • The Cloud CTO is on the Sell side and is a role fulfilled by Cloud Independent Software Vendors and providers of Network, Compute and Data Services.
  • On the Buy side sits the CTO who is responsible for designing, sourcing and managing the service to the customer regardless of whether it is comprised of VPCs ,on and off premise, connected clouds or Hyper-hybrid Clouds.

If your organization does not have a CTO then you can reach out to the many advisory firms to help map out your journey into the Cloud.  Safe travels.

Leave a comment

Filed under Business

Forrester’s “Forrsights”

It is important to keep up with the latest research and predictions from the leading analysts.  With this in mind I have selected three contributions from Forrester.

  • There is a growing expectation gap between IT and the consumer
  • Key forces and challenges are driving the need to Transform IT 
  • The need for speed is accelerating – and IT isn’t keeping up

Matt Brown – Vice President serving CIOs

What we are witnessing is a growing expectations gap where consumer technology markets are moving so fast that IT is having a hard time keeping up.

Work is getting separated from place with more and more remote work.

Eveline Oehrlich (Hubbert) – BrightTalk webinar 31 May

+1 617-613-8803  –  eoehrlich@forrester.com  –  Blog: blogs.forrester.com/eveline_oehrlich

 Transform Your IT Organization With Process-Based Service Management

LINK to Webinar.  It is straightforward to register

My thanks to Eveline for sharing her presentation materials with me

There are three sets of forces shaping business demand

  1. Business Ready, Self Service Technologies are on the rise
  2. The number of empowered self-sufficient, tech-savvy workers is rising
  3. The Business Environment will be radically more complex

Key Challenges

  • An increasing IT capability gap
  • Technology tribes
  • Engineer-to-order
  • Lack of control with what processes and tools they work
  • Pace of change/complexity
  • Only 4% said that Business and IT were fused together

 These challenges require a shift to a modern IT (process based)

  1. A “changed” IT organization
  2. An effective understanding of key business services and how IT supports them
  3. Managing the IT supply chain as a service catalyst
  4. Adoption of best practice framework(s) 


  1. Think service from the outside in.  Is your service desk a service catalyst?
  2. Look at how you work with your Development Team – what is the communication, how could that be improved?
  3. Evaluate your change management process end-to-end.  Is there an opportunity for improvement?
  4. Reboot Service Management

 The stand out quote for me was – “ITIL is not a religion, don’t be a religious fan”

Sharyn Leaver – Vice President serving EA Professionals

It is easy to register to Forrsights – here is the LINK

Leave a comment

Filed under Business

If CIOs are not Business Leaders are they Change Agents and Innovators?

In recent posts I have been banging the drum about how COBIT 5 provides Business Executives and Technology Leadership with a common language to drive the Business forward in a joined-up way. 

So the article below, which appeared on CIO.com on Friday 18th May, made me sit up and take notice.


Bernard Golden is CEO of consulting firm HyperStratus, which specializes in virtualization, cloud computing and related issues. He is also the author of “Virtualization for Dummies,” the best-selling book on virtualization to date

CIOs Don’t Need to Be Business Leaders – LINK

“Given the complexity of today’s applications, it’s folly to suggest that the future role of the CIO is less technical and more businesslike, columnist Bernard Golden writes. If anything, it’s the opposite — the business side of the enterprise should embrace technology.”

Notion of CIO as Business Leader Just Plain Wrong

You Can’t Discuss Tech Without Knowing Tech

In Today’s Economy, CIOs Obligated to Know Tech

“Frankly, that issue of talking to the CEO in business language with which he or she is comfortable is a red herring. The fact is, businesses today are technology businesses. Information technology is core to what they do.”

Please find below two real world examples of the CIO as the driving force for Transformational Change and how Innovation is taking Systems of Engagement to another level.

IT transformation drives the business forward

Mike Wolfe – Senior Vice President and CIO @AMD

IT Transformation is a bit of a slippery term

Typically IT spends 70% of the budget on keeping the lights on which is not acceptable as the CEO gets 30 cents back on each dollar of their investment

Blank sheet innovation, doing things radically different is difficult for people to do

03:20 – You have to get to the place where a very complex topic can be stated very simply in a way that it applies to everyone in the company.  For our Business Leaders it has to be about how does this impact the company, they don’t care about the technology frankly.  They just want to know how it is moving the bottom line forward – more sales, more profitability, less cost.

Philip Clarke at Tesco is one of the few CIOs (Group IT Director) who have made it to the top job.  He became CEO in March 2011 and made the following statement at the annual results presentation in April 2012.

“I’m announcing today our 1 billion pounds plan to put the heart and soul back into Tesco,” Chief Executive Phil Clarke told reporters after the group reported a small full-year profit rise that met market expectations.

“The plan isn’t radical, isn’t a radical change of direction, but it’s a radical change of pace,” he said.

From ‘Broccoli Cam’ to electronic shelf edge labels, Chief Information Officer Mike McNamara shows us around the latest technology innovations in store, as well as a short preview of technology currently being worked on in the labs.

This video clip showcases hand scanners to staff badge sized computers.  The convergence of physical and online is best shown when you buy the DVD physical product and the film is available to view online in the customers Blink Box Digital Locker.

Labs are working on bringing to life an Augmented Reality application that enables a smartphone to take a flat image and give it three dimensions, e.g. providing serving suggestions for the customer.   

In my view, any successful CIO has to demystify the Technology and show how transformational change will deliver value to the Business.

I keep repeating the same mantra that any Technology capability only exists to serve the Business.

Its not about the CIO being an expert in either Business or Technology it is about the CIO having a foot in both camps.

Tesco will bounce back because the Company has invested heavily in accelerating change by delivering innovation in-store.  The CEO “gets it” and is sure to provide full support for the CIO.


 Creativity is thinking up new things. Innovation is doing new things.

Theodore Levitt

Leave a comment

Filed under Business

Take the first step on your journey from the Knowledge to Creative Economy

Gary Hamel – Business Thinker

“Don’t miss the innovation boat, turn management assumptions upside down.  Change must be dramatic, deep, and transformational. Gary Hamel explains the need for radical thinking that enables every employee to be a business innovator.”

01:45 We are no longer in the Knowledge economy we are now in the Creative economy and that is going to require huge changes in the way we think

02:55 Dramatically increasing the creative potential and capabilities of your own people.

05:00 Require a radical change in Management

Gary Hamel also mentioned that IBM took a $14bn swing in earnings in the 1990s.  Under Lou Gartner’s leadership IBM transformed from a Product led to a Services company. Gerstner said:

“Services is clearly the largest and fastest-growing portion of the information technology industry, and we continue to extend our leadership position each quarter, … Our software business continues to gain momentum.”

IBM has a heavy focus on innovation and spends >$25bn a year on R&D.  This has had a significant positive impact on the company share price.

Warren Buffet has seen an increase in his $10.7 bn investment in IBM stock to $13.2 bn (Mar 12)

Smarter Business Needs Smarter Thinking

The way we work isn’t working

What if there was a way for CIOs to take the busyness out of Business

Collaboration solutions enable people to connect to co-workers share knowledge and be more creative as a result.

Social Learning Fosters Innovation

Connect, Contribute and Cultivate to create One Global network

By investing in business innovation both Global High Value Consulting and Services companies are thriving whilst the Indian Pure Plays (HCL, INFY, TCS and WIPRO) are struggling to convince the Market that they have the “secret sauce” required to deliver the same CAGR. 

So the thinking around Knowledge Workers has been widely accepted and organisations of any size are at various stages of adoption.

These same organisations are also exploring how new ways of collaboration can unlock the creative potential of people.  

Increasingly an individuals performance is being assessed on their ability to create new content, connect with others to share their ideas and help build value for the organisation. 

To know is nothing at all; to imagine is everything – Albert Einstein


Leave a comment

Filed under Business