“New Ways of Working (NWoW) is our term. Of course, New Ways of Working requires quite a few catalysts in the form of culture and technology. "Culture: Retool your leadership in new ways of leading before you demand your organization be agile. Agile teams are empowered, cross-functional, and have the ability to move quickly and test and learn. The role of the leader is not to tell teams what to do but to create a fertile environment to innovate. The role of the leader is to create the outcomes and eliminate barriers. Train your leaders in these new ways of leading before you send your teams off to be agile. "Technology: Focus on agile infrastructure and data before you demand an agile work environment. Creating agile teams that are cross-functional and empowered is a good step. But this only works if you have embarked on your technical transformation and created the highways to safely and continuously deploy software. The combination of culture, technology, and agility is creating NWoW." -John Marcante, Retired CIO, Vanguard
Software development/design teams are simultaneously understanding problems while solving them. The team makes dozens of choices every day, ideally informed by business objectives and user testing and applied architecture and data cleanliness. ... Likewise, UX design frameworks are usually interpreted by team-level designers to fit the problem at hand. We’re constantly trading off consistent look and feel across the application suite against what will help users at this step. So in the software business, we’re usually solving and designing and implementing and fixing all at the same time. The hard part isn’t the typing, it’s the thinking. ... So hiring junior developers or offshoring to lower the average engineering rate misses what’s most important. Crafting better software should get us more customers and make us more money. Small teams of empowered developers/designers/product managers with deep understanding of real customer problems will out-earn large teams doing contextless color-by-number implementation of specs. The intrinsic quality of the work matters, which is lost in a command-and-control organization.
It’s up to executives to treat DEIB as a central business function, instituting and scaling their efforts. Degreed CEO Dan Levin, for example, describes it as a strategic imperative to integrate DEIB into all aspects of how we operate as a business, including at board level. ... Managers need to take big picture initiatives from the C-suite and use them to allocate work and opportunities in new ways. Those adept at these skills help their staff resolve conflicts and open their minds to new ideas. ... Two skills are especially important for both senior leaders and managers, study authors Stacia Garr and Priyanka Mehrotra write in the report. Respondents at higher-ranked companies for DEIB were more likely to say that people in both positions should excel at challenging the status quo and persuasion. I’ve seen leaders and managers faced with the task of convincing those under them to reconsider how their behaviors or words might make someone else feel excluded. Those who excel at these types of challenges have the skills to do so.
Google said all the right things. Then over time — after like the first six months — it became like the Tinder Swindler. I was like, “What happened? Where is all this great stuff you said we were going to have?” It went out the window. Over time we were just one toy in the toy box. When you are bought for $3.2 billion, you would think people would actually respect and invest in the team as a new area of Google’s business. That is not how it worked. Apple is a whole different story, at least when Steve [Jobs] was there. It was respected when you did stuff. People took note and tried to make successes. It was my mistake. I did not realize that Google had gone through many of those billion-dollar acquisitions and just let them flail. They just said, “Oh, that was a fun ride. Moving on.” There was no existential crisis because you always had the ad money tree from search. Then it was just a matter of cutting their losses, as opposed to seeing that these are real people with families, trying to do right on the mission to build this thing. They just saw it more as dollars, at least from the finance side.
When you look at networking and security, that really hasn’t kept up with the pace of the application transitions to the cloud. And if you look at what happens today, is many of these networks — and network and security elements in those networks — they are do-it-yourself. And the idea that the organizations are migrating, [that] we would be migrating from this do-it-yourself approach to as-a-service approach really allows the organizations to unleash the agility and the simplification that their organizations and enterprises are looking for. Now we have a lot of examples. Even in very recent times where these do-it-yourself approaches have failed to address the needs of the organizations, and one of the most prominent examples in the recent past is a variety of ransomware attacks. We all know that these ransomware attacks have been in the headlines in the recent news. Think about the reasons for these ransomware attacks. There could be many reasons. But one reason that I can think about is that the organizations that are hit by these ransomware attacks, and again, it’s not always black and white
A data governance system should restore control of data to the consumers and businesses generating it, according to this BIS Paper. Technological developments over the last two decades have led to an explosion in the availability of data and their processing. Consumers often do not know the benefits of the data they generate, and find it difficult to assert their rights regarding the collection, processing and sharing of their data. We propose a data governance system that restores control to the parties generating the data, by requiring consent prior to their use by service providers. The system should be open, with consent that is revocable, granular, auditable, and with notice in a secure environment. Conditions also include purpose and use limitation, data minimisation, and retention restriction. Trust in the system and widespread adoption are enhanced by mandating specialised data fiduciaries. The experience with India's Data Empowerment Protection Architecture (DEPA) suggests that such a system can operate at scale with low transaction costs.
We did realize that if we didn't get the culture embedded that we would not be successful. So building that capability and building the culture was number one on the list. It was five years ago. It feels like a very long time ago to me. But we started that process and through the cloud guild we trained 7,000 people in cloud and 2,700 of those today are industry certified and working in our teams. So we've made really good progress. We've actually moved a lot of the original teams that were a bit hesitant, a bit concerned about having to move to this whole new way of working. And remember that our original teams didn't have a lot of tech skills, so to tell them that they were going to have to take on all of this technical accountability, an operational task that had previously been handed to our outsourcers, was daunting. And the only way we were going to overcome that was to build confidence. And we built confidence through education, through a lot of cultural work, a lot of explaining the strategy, a lot of explaining to people what good looked like in 2020, and how we were going to get to that place.
Blockchain technology digitizes and distributes record-keeping across a network, so transaction verification processes no longer rely on a single central institution. Blockchains are always distributed but vary widely in permissions, sizes, roles, transparency, types of participants and how transactions are processed. A decentralized structure offers inherent security benefits because it eliminates the single point of failure. Blockchains are also composed of several built-in security qualities, such as cryptography, public and private keys, software-mediated consensus, contracts and identity controls. These built-in qualities offer data protection and integrity by verifying access, authenticating transaction records, proving traceability and maintaining privacy. These configurations enhance blockchain's position in the confidentiality, integrity and availability triad by offering improved resilience, transparency and encryption. Blockchains, however, are designed and built by people, which means they're subject to human error, bias or exposure based on use case, subversion and malicious attacks.
Any partnership is a two-way street, so as well as knowing what they are looking for themselves, it’s also important for CISOs to understand what a security vendor needs from them in return. “To build a strong relationship and deliver the best experience possible, we need our customers to be open and honest with us,” Rech says. “This honesty should extend to being clear on which other vendors are in the mix as they’re increasingly relying on flexible, cloud-native, open solutions.” The reality is that no one vendor can guarantee protection against every threat, Rech adds, but vendors are uniquely positioned to adapt to a business’s needs when they have full clarity of what those needs are. For example, constantly sharing information on threat groups, attack techniques or sector-specific threat trends can be overwhelming for some CISOs. “When we know more about their business and their priorities, we can direct the most relevant, need-to-know information to them.” Hellickson thinks vendors also benefit from reasonable, respectful feedback during a sales process that can become somewhat frustrating for CISOs.
“Cybersecurity [spend] has always been growing, but it has transformed from perimeter security that we’ve been used to for 40 years to more and more securing cloud and remote work and remote employees,” says John Lovelock, research vice president and distinguished analyst at Garner. “Companies that used to be able to put the virtual brick walls around the building and say they’re secure on the inside now have too many openings — to the cloud, partners, customers, employees — for that strategy to be viable.” ... Other big business needs driving IT spending increases — such as boosting efficiency, customer experience, employee productivity, and profitability — also say something about where organizations are in 2022, experts say. “You have an enhanced discipline about cost management now and being smart about where you spend your tech dollars,” Priest says, adding that “it’s one of the best places to invest, especially in inflationary periods.” He says organizations are looking to automate, streamline operations, and reduce costs to help deal with an unsettled labor market, worker shortages, inflation, and geopolitical uncertainty.
Quote for the day:
"When we lead from the heart, we don't need to work on being authentic we just are!" -- Gordon Tredgold