Saturday, March 8, 2014

Target CIO ... Goodbye


Certainly everyone in a lead IT position has been through the process of identifying the staff and costs to keep the wheels turning, whether that be network infrastructure, support services, application development and support, etc., and without a doubt there has been consideration of security enhancements that are logical...or those challenges where you thing "when I have time and resources we need to address this...it might be a problem." The "budget review" meetings invariably result in the questions "where can you cut?", "has that been a problem?", "can't Joe or Mary pick that up?" or "we need to hold firm on the budget." Despite the fact that the Target CIO was very light on IT per se, we have to assume that there were people aware of the exposure. Whether she was unable to sell the costs or did not know the threat or whether other c-level people were focused on their own areas (ignoring a notion of management reciprocity) it's obviously a disaster for Target and certainly there will be more casualties in the staff ranks.

On the upside this gives us all the opportunity to move security and governance of corporate electronic knowledge and resources higher up on the priority list. Other c-level stakeholders and the money gatekeepers will probably listen this year. Few projects are built with a credit card but clearly company interoperability of systems and the chaotic and uncontrolled consumerization of IT are creating many thin ice situations. It goes without saying that assuming ubiquitous cloud solutions and "there's an app for that" is naive; it's coming but we're going to have corporate hardware for a while.

One of my favorite quotes is from Andy Grove, the former CEO of Intel, who said "...every company is an IT company...they just don't know it yet..." If each and every functional manager outside of IT is not asking hard IT questions and supporting solutions and investment they are being remiss in their corporate responsibility.

The Target CIO position paid $3.5 million per year (unverified) if you want to apply. That's about $300,000/month which would be just fine.

Everyman at CIO-Innovation

Oracle can be a real challenge but it is an amazingly comprehensive collection of integrated solutions. I am immensely satisfied with my past commitment to their solutions.

OracleVoice: Larry Ellison Doesn't Get the Cloud: The Dumbest Idea of... forbes.com

Oracle CEO Larry Ellison (Wikipedia) I don’t know if you’ve heard, but the talk among the chattering classes at Oracle OpenWorld last week was that neither Oracle nor company founder and CEO Larry Ellison gets the cloud. Yes, I know, that seems...

Reflection at Day 102

Everyman at CIO-Innovation
It's now been about 100 days since I left my 27-year gig during which I took no extended time off. The last 3+ months have been remarkably refreshing and reinforces my position that sabbaticals are mission critical for key people (especially IT). Removing oneself from the legacy systems, fiscal constraints, fiscal versus operational decision-making, cubical/office environment gives time to think about your craft and the value points with that practice. IT is, of course, all about process improvement and IT leadership is remarkably well-positioned to understand he breadth of organizational opportunities for innovative IT application, much more than the iFolks with the ever-hollow "there's an app for that." I neglected to mention that the time away gives very clear insights into the politics of IT in the AEC industry.

Inside Scoop on Target Data Fraud

Everyman at CIO-Innovation
http://krebsonsecurity.com/
Bottom line is that it was discovered by the banks and card companies whose fraud departments routinely buy hundreds of stolen credit cards ($20-100 each) and analyze the patterns to find the source of the problem.

This will have an interesting play as we move aggressively forward on software defined networks which will offer even more exposure than the cloud vendors.

Krebs on Security krebsonsecurity.com

Other — 68 comments 22 Dec 13 An underground service that is selling credit and debit card accounts stolen in a recent data breach at retail giant Target has stocked its virtual shelves with a new product: Hundreds of thousands of cards issued by...

ROI: Return On Investment ...or...Restriction On Innovation?

‘Innovation’ is a big word this year for ‘business.’     The bookstores and ‘e-book’ world is filled with publications describing the process to start  an innovation program.  I like that.   I like change and I like innovation.   Bring a structure together, prioritize initiatives, allocate funds, reward idea-creation (‘ideation’ if you are really innovation-hip) and make money from these new ideas.  Harness the creative staff, ‘capture’ their ideas, prioritize them and fund the initiatives.  The 2013 innovation goal appears to be  a structured program for innovation.  The warning in that previous sentence is ‘structured.’   If there are enough checks and balances, committees, prioritization meetings and limited funds we’ve done a good job of creating an innovation bureaucracy.  That’s to be avoided.
A few years ago I initiated a ‘lean process improvement’ program in a $1B company.  We approached this pretty simply doing a five day Kaizen to create a framework of priorities within the overall business process of the organization.  Following that we embarked on a a series of Kaizens at an ever more macro level.  Each facilitated event was teamed with stakeholders, topical experts and disinterested parties who were just good at ‘doing Kaizens.’  The pre-work included goals, objectives, metrics and an event budget.  It was important to leave management out of the events to the extent possible.  Everyone in the event had an equal voice.  At the end of each Kaizen there was a rollout of improvements and a system of measurement to ensure that the changes stayed in place and to monitor bottom line impact.  It was simple, leveraged everyone’s skills and experience and it worked.  Continuous improvement in the ‘lean’ context equates to ‘incremental’ innovation.   ‘Breakthrough’ results from a Kaizen look a lot like ‘disruptive’ innovation.
The Kaizen events resulted in change because the teams were given the freedom to act, to change processes that week and they had money.  It was not a scenario where team members finished an event and then had to get approval to spend; that was part of the pre-work.  Lean deployments result in continuous incremental change.  Every event, regardless of length results in rapid innovation deployment.
The forklift operator  knows when it’s time to replace a forklift.  They deal with performance, function, maintenance and safety every day.  The cost accountant looks at acquisition cost, depreciated cost, maintenance cost, and operating cost.  One of those people is going to focus on return on investment (ROI); the other knows how to get the job done.  Put the operator in a Kaizen and make him/her aware of forklift options and you’ll get to a the better solution whether it be equipment performance, features or even racking system  or loading dock modifications.  Facilitate the innovation opportunities of people doing the real work.  Focus on return on innovation (ROI).
Traditional ROI analysis is required to get past the bean counter numbers.  A lot of innovation dies at the feet of those gatekeepers.  Traditional ROI is rarely tracked after the purchase.  Deployments and implementations start changing parameters on day 2.  I’d suggest that innovators have a seat at the table.  Ensure that return on investment (ROI) does not become a restriction of innovation (ROI).

Looking Forward...Looking Back

Being in the middle of a life ‘re-set’ gives one the opportunity to look forward, to attempt to look around the next corner before you get there.  That’s exciting.  That’s the challenge.
To navigate the next corner you have to know where you’ve been, you have to know what you need to take with you, what you should leave behind and how aggressively to go into the corner.  In a recent blog post, Seth Godin spoke of the value of being forward-looking but also the danger of being too far ahead of the curve.  As I’ve been getting rid of baggage that I’m not taking forward,  I came upon the following conceptual map I designed for my organization’s web presence, circa 1999.  To put 1999 in a web perspective, that was the year I added DSL at my home, it was a time that few people were making purchases on the internet and organization email was the exception.
This was one of those personal archeological finds that reminded me of that danger.  Leverage your perspectives on the future but work on the organizational context; if you cannot bring people along at your pace you may need a new venue, somewhere around the next corner, somewhere all the fast riders want to be.