What sets apart the CIOs who don't fit this pattern? Langer described 23 characteristics in his recent webinar, Strategic IT: The Transition Taking Place in the CIO Role. The material was based on research and interviews that he and his colleague Lyle Yorks conducted for their similarly named book. What the authors discovered is that the most successful CIOs have developedstrategy advocacy, or "a process through which technology leaders in organizations build on functional expertise." In other words, success in the CIO position has less to do with building their technology prowess and more to do with the ability to master other areas of expertise important to running a business.
"... a real-time system is one that behaves deterministically, responding predictably to inputs or changes in the environment. Typically these are cyber-physical systems, used to manage a physical process. "Observers often confuse real-time computing with high-speed computing, such as financial trading or sports betting," adds Barnett. "The difference between high-speed computing and real-time computing is that with high-speed computing you are talking about averages -- you can say on average an operation takes a millisecond. But one time in a thousand it takes much longer. With real-time computing you are confident the operation took place within the deadline, or you know it didn't happen."
Most of us have heard about Conway’s law. It claims relatedness of organizational structure (with its related processes) and produced system architecture - they go hand in hand. And that’s of course not a surprise. Consider a company with highly strict functional departments and lack of interdepartmental collaboration. Which kind of system would it produce? It would likely end up designing a set of isolated components, each exposing a unique and complicated interface. That’s an example of a causal connection between organizational structure and system architecture. What is actually interesting here is that this connection can be reversed! Meaning: you can influence changes in the organizational structures by reshaping your system architecture.
There has also been an evolution of the CISO, cyber gurus, and security management teams who feel they only need to understand the basic-fundamentals of what cybersecurity is, leaving the day-to-day interpretation for operational security to those lesser mortals who at times do their level best in the absence of any training, or real time investment. In fact, don’t take my word for it; look at some of those respectable organizations who have hit the press post some very successful compromises. Moreover, there are those who have suffered unauthorized incursions with the devil’s-luck of not being discovered, or suffering name and shame. On that subject, I have been unfortunate enough to follow some renowned CISOs in the industry into their departed organizations, only to find to my surprise fragile fabric of a security structure
The sensitivity analysis is an important step to evaluate the stability and hence the quality of our optimal solution. It also provides guidance on which area we need to invest effort to make the estimation more accurate. Mathematical Programming allows you to specify your optimization problem in a very declarative manner and also output an optimal solution if it exist. It should be the first-to-go solution. The downside of Mathematical programming is that it requires linear constraints and linear (or quadratic) objectives. And it also has limits in terms of number of decision variables and constraints that it can store (and this limitation varies among different implementations). Although there are non-linear solvers, the number of variables it can take is even smaller.
“There’s potential but the practical applications are still a little immature,” says Jon Oltsik, senior principal analyst at Enterprise Strategy Group. “You can tune something to look for an attack that you know about, but what’s hard is to tune it to something you don’t know about. I can look at access patterns on repositories and how much people download and whether they save documents locally. But there’s always creative ways to work around that. A really dedicated, sophisticated adversary will quickly decipher where you’re not looking – and that’s the problem.” Or they will carry out a “low-and-slow” theft by regularly moving data to a repository over time, he adds.
"When you put applications in more than one place, you have to synchronize data," said Phil Shelley, president of Newton Park Partners, a Chicago-area consulting firm. Getting that synchronization right isn't easy, he said. And the closer it gets to happening in real time, the more complex the challenge can become. The challenges of a hybrid environment arise around several key areas: data, timing and networking needs, as well as resource provisioning -- that is, getting the time, money and personnel needed to do the integration work. ... "It is a more complicated world when you start moving components of your IT stack outside. There are obviously benefits to that, but it is a more complicated world. It gets harder when one side isn't in your company," Doug Shoupp said. Sometimes, an API may be all that's needed, Shoupp said, but that is rare.
Lack of trust destroys your team. That we all know, but Wayde shares how that phenomenon affected one team he worked with, and some antidotes to that process. In this episode we also mention a book dedicated to highly functioning teams: Patrick Lencioni’s The Advantage, and share 2 games you can play with your team to grow trust. Wayde is an Agile coach with TeamFirstDevelopment.com. He is interested in helping teams improve using the same techniques that Improv theater teams use to develop Great Team Players.
Clearly, businesses need to step up their assessments of third parties and supply chain partners. It is also essential that they stipulate the right to assess a supply chain partner’s security capabilities in contracts. Experience shows that organizations that do not legally plan for due diligence when executing contracts may not be allowed to perform adequate assessments when necessary. Also consider that as much as 20 percent of security spending is estimated to occur outside of the information technology (IT) function on services like cloud computing. Contracts executed outside of IT may not allow for due diligence and, in fact, they may require important information security and privacy safeguards.
It also means cyber professionals are hopping from one job to another, leaving gaps in how their systems are protected, also increasing the likelihood of attacks. Finally, businesses are forced to train or hire unqualified employees to fulfill their cybersecurity needs. It’s no wonder 86 percent of organizations believe there’s a shortage of skilled cybersecurity professionals and just 38 percent believe their organization is prepared for a cyberattack, according to a January survey from ISACA, an international professional association focused on IT governance. The fear crosses over to government agencies as well, as we’ve seen with several high-level cyberattacks. For this reason, President Obama has been quietly recruiting top tech talent from companies such as Google and Facebook to increase the number of qualified cyber talent in Washington.
Quote for the day: “Never follow anybody who hasn't asked "why" -- Aniekee Tochukwu