The answer, not surprisingly, is data and anaytics, according to this survey of 100 insurance CIOs by Novarica, a research firm. That makes sense: insurance is really nothing more than data and what company wouldn't want to mine the secrets held therein? Indeed, that's how 31% of the group said they spend the fictional bucks.
Cybersecurity has become a subject so passionately discussed it runs the risk of becoming a very narrow focal point, especially as the debate can turn technical very quickly. However, the facts remain that cybersecurity can be achieved only as the result of optimized Corporate and IT Governance. Good IT Security Governance is at the confluence of the two.
I really like the way this question is framed because it implies that BYOD, Shadow IT or whatever you want to call it is everyone's opportunity - and problem. Education will smooth the way torward a coherent policy and manageable execution of BYOD, BYO Cloud etc. It can't be done with IT acting like the enforcer like in the old days (last year-:). It's all about educating users how Shadow IT can harm the enterprise if security aspects are not factored into every BYO implementation.
Good point about how to focus on Relience in managing security discipline, I think it also need strategically integrate security into component of GRC, especially Risk Intelligence effort, it's not just about controlling, more about balance, of the business effectiveness and efficiency, the growth and speed adjustment, then agility and resilience, security is also not just IT department's responsibility, it's one of top priorities in board agenda. thanks.
Indeed, those outages made headlines here. There's nary a company that would not be affected, but ones whose entire existence is on the web (Amazon along w many of its Web Services customers) would be non-operational, i.e. revenue would stop.
SSAE No. 16 officially replaced SAS70 this summer as the audit standard for service companies. CIO’s must understand how to use the SSAE 16 standard with their IT service providers. That would include understanding the important differences of the SSAE 16 vs. SAS70.
Efficiency and effectiveness are the lexicons of improvement. Combined with productivity the three terms are used perhaps more than any others in setting targets in strategic plans, defining metrics for dashboards and balanced scorecards, and setting boundaries for acceptable operational performance.
Developing an IT strategic plan is a one of the principal duties of a CIO, yet paradoxically it is the one activity that creates the most trouble for them. The real shame of it is creating an IT strategic plan can be a very straightforward and simple thing to do. Simple in that it is not a complex activity. Since I prefer to keep things both simple and easy what follows is a very straightforward, linear, strategic planning process.
Regardless of the virtual desktop solution you are using VMware VDI, Citrix VDI, or Ubuntu VDI, or even if you decided to just use a VDI in a box solution, helping your users update their business continuity plans (BCP) for VDI is an absolute must for every CIO. Just to be clear, I am not talking about the IT department creating a VDI disaster recovery plan or adding VDI to an existing DR program. No, this post is aimed at ensuring the users depending on VDI have a contingency plan in place to continue their operations when VDI fails – and it will.
Achieving a work life balance has growing popularity for several years now. It is widely viewed as being one of the critical strategies for organizations looking to attract and retain top talent. That strategy includes flexible working hours and a commitment to supporting employee participation in activities that improve their quality of life and overall balance in life. The ultimate goal of course is to increase the work life balance as part of increasing job satisfaction for men and for women.