Successful CIO Healthcare Summit!
May 14, 2010
The team returned to Honolulu this week from a successful CIO Healthcare Summit in Scottsdale, Arizona, and we’d like to extend a special thank you to all of the delegates and sponsors who participated in the event!
Pictures of the event can be found on our Flickr page: http://www.flickr.com/photos/cdmmediaevents/
Highlights of this year’s agenda included:
- Dr. Charles Kennedy’s, VP Health IT, Wellpoint, National Health IT Policy Committee, keynote on the HITECH Act
- The CIO Executive Visions Panels on improving patient care, moderated by Jack Santos, CIO Executive Strategist, Burton Group
- Steve Aylward’s, GM, Health & Life Sciences, Microsoft, presentation on solutions and technologies that enable better care and outcomes
The CIO Executive Think-tank sessions, which were new to this year’s summit agenda, allowed executives to have candid conversations in a roundtable, sponsor-free environment. With no pre-determined discussion topics, executives were able to guide the conversation around the issues that were most important to them and their organizations.
The next CIO Healthcare Summit will be held December 12-15, 2010. If you’re interested in participating in the event, please contact Nick Backhouse, Event Director, CIO Healthcare Summit at 808-694-3600 or nick.backhouse@cdmmedia.com.
Allow me to introduce the CIO Content Development Committee!
February 18, 2010
For this year’s CIO Finance Summit, CDM Media pulled together some of the most engaging and innovative CIOs and IT executives from the finance industry to form the CIO Content Development Committee. This year’s committee members include:
- Harvey Koeppel, Executive Director, Center for CIO Leadership, CIO Finance Summit Master of Ceremonies and CIO Content Development Committee Chairman
- Duane Good, EVP, Head of Risk Systems Infrastructure, HSBC North America
- Sudhir Nair, SVP, Business Technology, Bank of America
- Rob McIsaac, CIO and Group VP, First Citizens Bank
- H.P. Bunaes, SVP, Director, Risk Management Information and Technology, Sun Trust Bank
- Angelo Valletta, CIO and SVP, Sun National Bank
- Paul Jameson, Global Director for Financial Industry, Cisco Systems
The CIO Content Development Committee plays a critical role in determining the topics that are discussed at the CIO Finance Summit. An end-user driven agenda ensures that all CIO and technology executive attendees will get critical information from the event’s panel discussions, workshops, and case studies.
So, a big welcome and thank you to all of this year’s CIO Finance Summit Content Development Committee members. We’re looking forward to a great event!
For more information about the technology event, go to the CIO Finance Summit site.
For more information about the committee, check out the CIO Content Development Committee flyer or the latest press release.
C-level Executives Participating in More Industry Events
February 5, 2010
According to a recent Weber Shandwick study, “CEO participation at top-tier events nearly doubled since 2007.” Participation by CIOs and other C-level executives increased 40 percent since the same year.
The study looked at the number of CEO and C-suite participants from the top 50 most admired companies, as named by Fortune, at 22 conferences.
While this increase was mainly attributed to CEOs from the financial sector, it is still telling that, even during an economic downturn, executives are making a point to distribute content, give presentations and network with their peers. In other words, they are working to keep their company visible among their colleagues.
In addition, executives are also becoming more visible to the public via social networking sites. According to a recent NFI Research study, executives are embracing LinkedIn, blogs and Facebook for business purposes. In fact, 86 percent of surveyed executives from large companies were utilizing LinkedIn.
As we enter into 2010, one can only assume that this trend towards increased visibility will continue as markets are tighter and more competitive, and there is less money to go around.
What events will you be participating in during 2010?
CDM Media’s 2010 Event Schedule
January 21, 2010
Clear your calendars…announcing CDM Media’s 2010 event schedule:
CIO Utilities Summit—April 18-21
CIO Healthcare Summit—May 9-12
CIO Government Summit—May 23-26
CIO Finance Summit—August 29-September 1
CTO Telecom Summit—October 3-6
CIO Insurance Summit—October 17-20
CIO Education Summit—November 7-10
Information on becoming a summit delegate can be found on each event’s site.
If you’re interested in sponsoring a CDM Media event, check out the CIO Summits site for more information.
And a big thank you to all of the delegates and sponsors who made CDM Media’s 2009 events a huge success! We look forward to working with you in 2010.
Interview with @spf13, Steve Francia
November 30, 2009
Steve Francia, CIO at Portero.com
My time on Twitter (@CDMmedia) recently brought me to Steve Francia (@spf13), CIO at Portero.com, an online retail site that sells pre-owned, luxury goods. Steve’s blog, spf13.com, as well as his Twitter feed focus on technology and social media. His IT expertise includes development, technology turnaround, strategy, organizational planning, restructuring, cost reduction, funding, productivity, and the translation of business needs into technical implementation and delivery. My questions below focus on IT security. Enjoy!
What is your security plan for Portero.com in 2010 and how has your strategy changed from the previous year?
My approach to security has consistently been to provide access to the smallest possible group. I joined Portero in late 2007 and stepped into a position where the prior policy had been one of convenience. We decided as a company that one of our primary concerns in 2008 would be security. We established critical policies and held many security focused training meetings. We found this combination provided us excellent compliance with the policies. In 2009 we built on the successful foundation laid by taking a more proactive approach to security.
Success in security is largely conditional on the users following the policies. Through training and effective policies we have brought security to the forefront of our employees thoughts. Having laid a solid foundation the prior two years enables us to really utilize 2010. One area we will be focusing on is furthering our disaster recovery plan and abilities. We will continue with the practice of holding user training and education sessions. We will continue to hold self audits.
There have been plenty of stories in the news lately of customer’s information being stolen, what strategies do you use to ensure that Portero’s customer information is safe?
Portero prides itself on trust and authenticity. Naturally, I’d love to say we have this insanely intelligent and complex system and strategy to protect customer or other sensitive data, but in all honesty, this is a romantic, but unrealistic notion. In each story I’m familiar with, each failed to adhere to even the most basic of best security practices. In reality, adhering to the best practices will take you farther than an overly complex system.
Largely, we make sure that all our bases are covered, strictly enforcing best practices including: using secure pass phrases instead of passwords, forbidding customer and other sensitive data from leaving secured servers, restricting all information and access on an absolute need to have basis with fine-grained ACL, all data transfer over secured encrypted tunnels, storing encrypted archives in a secured location, restricting physical access to all server rooms, and keeping all systems patched and up-to-date. Lastly, we hold training sessions to ensure that policies are understood and followed. I could provide a long list, but the point is to cover all your bases, especially the ones that are not enforceable through technology which are all too often forgotten.
You have a blog and are an active Twitter user, what precautions do you take in order to protect your personal information while using these social media sites?
In this, the information age, privacy is rapidly eroding. Generation Y is growing up in this public environment and seem unable to even recognize the loss. We live in an era where so much of our personal information is either public or in the hands of enterprises, to think one could be truly “off the grid” seems unrealistic. So the question becomes, how does one apply the right safeguards to protect their personal life and family?
I realized a few years ago that every professional is a celebrity in their own right in that each has a public brand to maintain. Name/Brand recognition is critically important, and obtainable through social media in a way the world hasn’t seen before.
Personally, I maintain two separate online presences. A professional one via my blog (http://spf13.com) and sites like LinkedIn and Twitter. I rarely tweet anything about my family or my personal life. On the personal side, I maintain a separate “invite only” family blog. Truly sensitive information is only posted on the blog, which is really only intended for close friends and family.
In your opinion, what is the biggest security concern with regards to cloud computing?
I see two major concerns:
1. Cloud?
What is a cloud? In the past couple years, it has become a heavily overused marketing term. Since each “cloud” is built on completely different technologies and concepts, speaking of security as it pertains to “cloud computing” is a dangerous proposition because of how vague the question is. Since each implementation possesses it’s own unique set of technologies and problems, it’s difficult to have a meaningful discussion on security.
2. We don’t know what we don’t know yet
It’s obvious why there is all the hype surrounding “cloud computing.” CFOs love it because there is no upfront cost, no depreciation, and a pay for what you use model. But, cloud computing is relatively young and I’d be concerned about putting any mission critical or ultra sensitive information in the cloud. I think people typically think of a cloud as being engineered from the ground up, but in reality, each is composed of piecing together many different pieces, some very mature, some very immature.
We typically understand the points of attack (or vulnerability) in a traditional hosting environment. The cloud with its multi-tenant nature presents all sort of new potential concerns. The vendor is now providing their (largely) home built separation layers between customer data and access.
I remember a few years ago people were saying that they didn’t need an SLA from Amazon because their infrastructure was so redundant and reliable and AWS hadn’t had any meaningful outages. Many built businesses on this mentality. Here we are years later and with more mature technology and a handful of major outages have occurred this year alone including ones on Amazon and Google. Use common sense. Just because we haven’t yet experienced a widespread security breach in the cloud doesn’t mean that we won’t.
No provider currently has a PCI compliant cloud. Does PCI compliance ensure something is safe, or that something that isn’t PCI compliant isn’t? No. But this does speak to the immaturity of cloud computing that not a single provider has a cloud secure enough to store credit card data.
I believe that the cloud is a fantastic resource and has great potential. I was an early adopter of the AWS cloud when I was at Takkle.com. We built a transcoding farm on EC2 to process a huge volume of user uploaded video. Without EC2 we would have had substantially higher hosting costs, which would have prevented us from incorporating this feature. However we never transmitted any data to EC2 that wasn’t already public, nor did we put any mission critical services on it. We used common sense, mitigated risk and benefited largely as a result.
What security trends and issues do you foresee for 2010?
As budgets have been trimmed industry-wide, my biggest concern is that enterprises shortchange security, gambling with their (or their customers) data. I don’t believe that anyone intentionally would weaken security, but as staff is thinned out, essential processes become forgotten. Proper training may be elusive. Seemingly small removals here or there could quickly add up to disaster.
As social media and mobile computing converge and continue to penetrate into more aspects of business, privacy will become increasingly challenging to enforce. The smart phones on the market are capable of recording or capturing data of any kind, via camera, audio recording or by acting as a network, Bluetooth, or USB drives. They also have the ability of transmitting and/or broadcasting any of this data instantly and bring their own unmonitored network. Today’s smart phone is the ultimate spy device, even James Bond would be jealous.
Social media is very powerful. Used correctly it can be a fantastic tool. Used incorrectly it can have catastrophic results. People don’t realize that once they hit that send button the tweet, post, message, email, etc. is instantly and irrevocably being broadcast to the entire world. Yes there may be a delete button, but once it’s public, it is broadcast, copied and cached and that can never been undone.
I think proper education and instruction is the answer here. Proper instruction enables an organization to embrace all the good that social media provides, but even a perfect execution would only minimize the risk. While some groups (e.g. NBA) may be able to control usage of social media, doing so will prove extremely challenging for most businesses.
Interview with @CIO_Coach, Kim Batson
November 12, 2009
I recently reached out to Kim Batson (@CIO_Coach) via Twitter and she generously agreed to be interviewed for the CDM Media Blog. Kim is a Career Management Coach and Executive Brand Strategist for technology executives. Her Twitter page is full of advice on everything from personal branding to interviewing, and her blog expands upon her tweets.
So, without further ado…
How has the job market changed for CIOs since the recession?
After a period of lower demand in terms of companies creating or back-filling CIO positions, we are beginning to see more opportunities on the market, especially in higher growth industries such as healthcare, biotech, energy, environmental, technology, and the government. Some companies in other industries have reassessed or redefined the CIO role, restructured, outsourced, drastically scaled back, shut down operations, or have been bought out by other companies or equity firms. All of which can affect the number of CIO opportunities available.
In more stable corporate environments and in those companies with the cash flow to ride out this recession, many CIOs have opted to stay where they are rather than vacate their position for another at this tumultuous time, so the number of openings due to this kind of churn has been affected. However, some of these executives are preparing now for possible future moves when the economy turns around.
CEOs have been demanding more during these tough times, such as quicker project delivery and ROI, lowered costs, and innovations that generate revenues and/or enable company growth, and some CIOs have lost their jobs when they haven’t produced the results, creating openings in their wake.
It is important to note, though, that some CIO job loss has occurred due to recessionary circumstances and not lack of achievement, putting some excellent talent on the market.
The number of applicants per position has been much higher and, according to executive recruiters, the openings have been filled at a much faster rate due to the pool of talent available.
With competition fiercer than ever, executives need a strong personal brand, an exceptional value proposition, stellar career documents, and a solid self-marketing strategy to stand out from the crowd and out compete in this marketplace.
How does building a personal brand help CIOs stay competitive?
A personal brand enables a CIO to articulate his or her unique value to the organization. Being able to do this concisely and effectively is crucial for today’s executive careers. In addition, a personal brand enables a CIO to be top-of-mind to companies, hiring executives and recruiters so that they are ‘first’ to be thought of when a new opportunity arises.
How can executives start to build a personal brand?
Several years ago I created a structure and a process, which I have continued to refine, for technology executives to build their own personal brand. Some of the areas an executive should consider are: their innate strengths, skills, style, values, areas of specialization and expertise, vision, passion, motivations, external perceptions, achievements, themes and patterns, and, of course, their target audience. These are all filtered together and then brainstorming begins to produce a concise and powerful executive brand.
When applying for a new position, what is a common mistake that executives make on their resumes and how can they fix it?
The most common mistake is to substitute responsibilities for achievements. The second most common mistake is not quantifying achievements to show business impact.
To correct these mistakes, an executive should look the challenges they’ve faced, the action they took, and the result(s) of those actions. They should ask the “So what?” question. “So, I did this? So what?” “What did it do for the company, organization, management, staff, peers, customers, shareholders, the industry, others?” “What did it do for the business?”
Then, once the result is established, quantify it with metrics to show business impact. In other words, if an action taken significantly raised customer satisfaction, ask “by how much?” Tie each result to a metric as proof of performance and a stronger business statement.
How can CIOs show their current employers that they are a valuable asset to the company?
CIOs should continually speak the language of the business and tie everything they do to business drivers. In addition, they should show high adaptability and flexibility in such fast-changing times.
If you could give CIOs one piece of advice, what would it be?
Communicate and collaborate across the lines of business. To use a phrase my colleague Deb Dib, The CEO Coach, coined several years ago: you want to be visible, viable and valuable.
Interview with Srini Koushik, SVP and CTO, Nationwide Insurance
October 16, 2009
Earlier this week, Glenn Willis, Editor-in-Chief of ITO America and CEO of CDM Media, interviewed Srini Koushik, SVP and CTO of Nationwide Insurance. Srini discussed the Nationwide Development Center, an innovative project that will eliminate the company’s need to outsource application development, while improving the IT experience for associates and customers. Below is the transcribed interview. To listen to the podcast, click here.
This interview was part of ITO America’s Thought-leadership Series, an ongoing project that features one-on-one interviews with innovative thinkers from top companies in North America. If you would like to be considered as a participant, please leave a comment with your contact information.
What exactly is the Nationwide Development Center?
The Nationwide Development Center is a pretty unique concept. Nationwide spends roughly $200 million on application development and maintenance every year. These applications are undergoing significant modifications. The traditional way of looking at application development with the skill shortage we’ve got in the United States has been to go out and do massive outsourcing. A lot of my peers have done that and they’ve had different levels of success with it. What we decided to do is to take a different approach to it. We wanted to set this up, given the fact that we are going to have this level of demand coming at us. The problem we were trying to solve was, can we actually get to be very good at this? In order to do that we had to make sure that we put the right tools and processes and technologies in place for us to be able to both improve the productivity of our associates and increase the recruitment rate. And one of the things you get out of it is a very high level of quality. So our eventual objective with the Nationwide Development Center is to actually prove that we can deliver the same if not better proposition then taking all of this stuff and outsourcing it to India, China or any other place.
What was the catalyst behind the creation of the Development Center and what issues did the company face that the Development Center will address?
You talked about Nationwide’s growth in your introduction. With that growth comes increased expectations. Increased expectations of being able to not just be a follower on technology and IT, but actually be a leader in that space. So the demands for our business partners became tougher and tougher. They wanted things better, faster, cheaper. You know that cycle never ends. It’s a continuous cycle of trying to get better and if you get there, hoping I do that faster and at a price that is economical. So the external pressure that we were getting not only to keep pace with the industry, but also to stay ahead of it, was one of the driving factors behind the Development Center. What I’ve just outlined for you is not different than a CIO in any growing company is going to face. But, as I pointed out earlier, the standard approach that a lot of IT leaders use is to find the skills where you can. That’s led to increased outsourcing of work and that’s actually a very viable alternative. The challenge becomes the increased management overhead that you get managing 24/7 development in a foreign country. What many people find out when they get into that model is that even though they are able to meet the demands of the customers, the business case and the factors that the business case was built upon don’t typically hold together. We looked at that model. We spent some time talking to some of our peers in the industry and said we’ve got to solve this differently. Is there a different way for us to solve this without just throwing more and more armies of people at it? And, as we looked at it, one of the things that’s evolved at a very high pace in the past few years is the application development environments and the tools and techniques that are available today to make application development more efficient. So, all of these things were coming together. I’m lucky to work at a company where IT is actually viewed as a competitive of advantage. We’re not viewed as a cost center. The company recognizes that in order to be successful out there, we have to be good at IT. And in order to do that, they look to IT to come up with new ways to solve it. So when you put all of these things together, we had to come up with a different way to solve this problem and we started the Development Center as a pilot in 2008. We started to build upon it and, in a six-month time frame, we were able to prove out the value proposition so where we are is the build out of it. We are in phase two, growing the development center and taking on the $200 million in application development.
So it’s a fairly large plan across the board. How much did it cost you to create the Development Center and what ROI are you expecting?
I’m going to give you very high numbers. We have a pretty detailed business case. If you think about today, we run about $40 million of application development through the Development Center. We’ve taken a look at how we executed these projects over the last few years and it was very clear that about 15 percent of that was spent on what we would call waste. So one of the underlying tenants of the Development Center is lean management. The Toyota production system and applying lean management and lean software techniques to application development. Lean management is built on eliminating waste. Whether it’s identifying the different types of waste in software development, but also focusing on what waste is necessary waste. Necessary waste being what you have to do to be able to continue to deliver value to the customer and the unnecessary waste which is the wait times, the increased number of defects, those types of things. So 15 to 20 percent of the application development budget was going into these areas that we would consider waste. So that was one problem. Second, since most of our employees were working on supporting existing systems, a lot of these new development projects that we we’re doing–and we’re working in some very cutting edge technologies and we’re proud of that fact–in order to get it done, the way we used to do it was to work with some of our partners. The very cynical associate would look at this and say, “Well, you’re spending all of that money to train your contractors and suppliers so the knowledge leaves once the project is done.” And there’s a certain element of truth to that. There was enough waste built into our application development process. From 2008 to the end of this year, we will have put in roughly about $3.5 million into the Development Center and we’ve got more planned for next year. So if you think through that, I gave you some very high numbers earlier–$200 million–15 to 20 percent was what we were hoping to save. $3.5 million is paid back very, very quickly. And that was the business proposition. The key was to convince the executive management and the business partners that this was a good use because these are funds that are taken away from some other project. And to make that happen, a big component was that the business was comfortable with IT and how we were delivering that. We have a very solid business partnership at Nationwide and all the way up to our CEO have been involved and very supportive of the Development Center. So that’s made it easier for us to go down this path.
How do you expect the company to benefit from the Development Center in the future?
We’re not different from any other company out there. Our ideas are far greater than our ability to execute. We have some really good ideas to penetrate the marketplace and gain market share. But if the engine that delivers these ideas, IT, is not efficient or not productive enough things have to wait. I think the longer-term benefit is that when you get this thing cranking and moving at the right type of pace for the entire portfolio, we’ll be able to get to some of these ideas way sooner than what’s planned today and that means a lot. People tend to focus on IT innovation in this space. If we go out and create a new mobile application for the iPhone, which we’ve done, you get an advantage, you get the buzz from the marketing and you get maybe two or three months in the marketplace and then there’s some of our competitors that are going to do you one up and then it becomes a race of trying to catch up. The point being is that IT innovation or specific IT related improvements are short lived. Some of the ideas on the backlog are business model innovations that if we are able to get done and put in place, we get a year or two year type of advantage in this marketplace and that’s big for our business. I’m looking forward to the day when we get the Development Center cranking and working and we are able to T up a lot of these ideas. And not everyone of these ideas are going to work, but if we can actually provide the capability to do the fast trial and deliver things with a very high level of quality in a predictable way, that will benefit the business big time. We’re not there yet, but that’s our goal.
What benefits are the customers going to experience?
First of all, when you think about financial services today the amount of features and functions that are now considered to be the bare minimum keeps going up all of the time. Three years ago getting an electronic bill was considered unique. Today it’s almost cost of entry. So as expectations from our customers keep going up, when we don’t deliver to those expectations, we don’t show up in their consideration set. I think one of the things customers get out of it is that the company that they are working with, Nationwide in this case, is able to constantly provide them with best of breed capabilities. So that’s one big thing that they do get. The second is that every software development organization has a certain level of defeats that make it into production. It doesn’t matter if it’s Microsoft or Oracle or any of the big guys. We as an IT organization have defeats that could make its way into the process and that could affect customer experience. The fact that we can deliver better quality code coming out of this is going to be something that a customer can directly see. The third one ends up being that, at the end of the day, cost and prices is very important and as we improve efficiency and productivity the cost of building out this incremental feature-function capability is going to go down and that literally has to get passed on to the customer these days. Again, in the insurance business, it is price competitive. This is a way for us to be able to stay there and keep providing better prices for our customers.
What is your advice to a CIO or CTO that is perhaps thinking about opening a Development Center and how do they get started?
I think if you’re a mid-size insurance company, a lot of the concepts that I’ve talked about still apply. I do understand that the ability to invest at this level may not be there, but there are ways in which you could take advantage of this. One of the things that the state of the economy provides us is that there are large software development companies that are opening up onshore centers. One of the things they could do is to partner with one of these companies to be able to both share in the investment, but at the same time try to leverage some of the advantages that I’ve been talking about. I think that’s one thing that they can definitely do. They can start working with some of these guys who are establishing local presence. And I keep insisting on that local presence because the knowledge transfer component of this thing is really important. Any financial services company will eventually come to the realization that technology and IT are at the core of their business. Unlike a manufacturing company, say an auto manufacturer, they make cars and IT tends to be a support function. In the financial services, what you sell is information. You sell data. You sell a promise. So any insurance company in this marketplace really has to have IT as a core capability and if you get to that point than you are committed to building a big chunk of that capability—maybe not 100 percent—within your organization. As you commit to do that, you have opportunities to work with individual teams. The other thing about the Development Center is that almost half of the projects that go through the Development Center are very small, quick turnaround—two to three month—projects. These are not massive multi-year projects. So, if you think about it from a mid-size insurance company perspective, they tend to see the same type of projects in their portfolio. A lot of the techniques of applying lean management to software development, all of those still apply to any of those companies. I think that there’s a lot to be leveraged from what we’ve done. The challenge will be, what’s the best way for them to sell this concept to their business partners? CIOs and their teams really have to go back and figure out what’s going to work for them.
The CDM Media Blog 