- +
Ticked Off at Tick the Box Mentality 04 February, 2008 13:01:15
Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients? - +
Doing Your Sums on . . . Build, Buy or Rent 05 November, 2007 13:32:30
You’re trying to build a world-class IT team, but everyone’s going after the same talent pool. What mix works best? Should you grow your own, draft your players or barter your way to the line-up you want to field?CIOs should never forget that while new technologies have a maturity cycle, the maturity cycle for human beings in IT is even longer - +
Strategies for Dealing With IT Complexity 24 December, 2007 10:30:47
Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business. - +
9 Paths to Higher Performance 10 December, 2007 14:09:23
When an organization brings together talented people in a creative, collaborative environment it fosters a culture of high performance, which in turn leads to superior business resultsLike high-achieving individuals, some organizations seem to have the Midas touch. Virtually every initiative they touch earns them gold and even those that fail never seem to cost them much of anything at all - +
IT's New Maths 05 November, 2007 13:59:11
CIOs are always faced with pressure to justify their IT expenditures. Now, new research can help correlate those IT dollars spent with business value accruedFor many CIOs, the go-go, profligate nineties were followed by the parsimonious naughties. Now IT budgets are beginning to grow again . . . but under an intense level of scrutiny by executive management that wants proof that all those IT dollars actually redound to the bottom line
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Newsletter Subscription
The chief security officer is a fairly new position. We first saw it emerge in larger corporations in the late 1990s; these days, it's standard in most organizations. The CSO's role varies, but typically it combines risk management, policy development and investment in security technologies.
So what is a CSO, really? And to whom should he or she report?
Fundamentally the CSO is responsible for evaluating the risk of different business choices, and then directing the mitigation strategy. In other words, the CSO is tantamount to a strategic-information risk manager.
Every business has to balance risk and reward continuously, to find a way to achieve the best returns and the least risk. For security professionals, this is the hardest part of the job: objectively analyzing risk in the context of business goals and possible ROI. It may seem counterintuitive, but the goal for the business as a whole is not to minimize risk - shutting down would be the best way to achieve that. Rather, that goal is to maximize the business's risk to just below an acceptable level (its risk tolerance).
This means the CSO is not looking at ROI but at return on risk (ROR). In a way, the CSO is the counterpart of the CIO on the risk side. If the CIO is looking to maximize ROI, the CSO is looking to maximize ROR. The board of directors or CEO then is responsible for finding the right balance between ROI and ROR.
That brings us to an interesting conundrum: the potential for the CIO and CSO to have conflicting interests. In many organizations the CSO reports to the CIO, which is like having the fox guarding the henhouse. The CIO's job is to maximize ROI - in other words, to invest in technologies that deliver the maximum bang for the buck. The CSO's job is to minimize risk - in other words, to say no to practices (including, but not limited to, technology investments) that increase risk beyond an acceptable level. If the CIO can override the CSO's decisions, the CSO's ability to mitigate risk is compromised.
Ideally, the CSO should report to the CEO or board of directors. If that is not possible, the CSO should report to the head of auditing or risk management. That way, the CSO's goals at least are directly in line with his boss.
If that is not possible, then the best solution is to have the CSO report to the head of audit or risk management. At least that way, the CSO's goals are directly in line with those of the person he reports to. Otherwise, as noted, CIO is the fox guarding the henhouse - except that overriding a valid risk concern does not lead to a good meal for the fox. It leads to indigestion for the firm.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00
Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00
Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05
Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
- +
Corporate security and the climate crisis 03 October, 2008 11:21:00
How to adapt security and risk management policies - including IT security - to deal with climate change.US military strategists, CIA analysts, international agency officials and Nobel Prize winning economists concur with the consensus of the world's scientific community: the Climate Crisis is a planetary security issue, as well as a national security issue for each of the one hundred ninety two countries that belong to the United Nations. But the Climate Crisis is also, by extension, a corporate security issue, as well as, yes, a cyber security issue. - +
Companies own up to virtual security blind spot 02 October, 2008 11:05:00
VMWorld attendees reveal vast majority of companies have little or no security in place for their virtual systems.The vast majority of companies have little or no security in place for their virtual systems. That is a scary statistic revealed in a survey of attendees at the recent VMWorld 2008 conference in Las Vegas. - +
How to minimize the impact of a data breach 01 October, 2008 08:54:00
ID Experts' Rick Kam describes a customer-centric action planThirty-one percent of customers--nearly one-third of a company's client base and revenue source--are terminating their relationship with organizations following a data breach, according to a recent study by the Ponemon Institute. - +
Five mistakes security pros would make again 30 September, 2008 10:18:00
Whether it's getting fired for standing up for what's right or making a network configuration mistake that leads to better security, there are some mistakes worth making. Five security pros offer personal examples.Ten years ago, Michael Riva was network administrator for a top-five American consultancy. Employees were downloading graphic pictures and videos onto the network. Riva told his boss a proxy server with content filtering might be in order; his boss laughed and suggested they put in a bigger file server instead. - +
What does the financial meltdown mean for security? 29 September, 2008 10:25:00
Bill Brenner wonders if it's irrational or appropriate to make connections between the current financial crisis and the state of securityAt first, this was going to be a column about the PR machine's hyperbolic efforts to connect the state of IT and security with the current financial crisis. Indeed, some have shamelessly sent me story pitches that try to get some bang out of the Wall Street meltdown.
Multimedia Technology & EVERKI sign exclusive distribution agreement. 06 October, 2008 14:34:00
ONCE A YEAR OPPORTUNITY TO SPEAK TO THE VENDORS! 06 October, 2008 13:48:00
New IBM Cognos Analytic Application Enables Quick, Actionable Insights Into Financial Performance 03 October, 2008 14:41:00
Verizon Business Data-Breach Report Examines Industry-Specific Challenges 03 October, 2008 12:24:00
IBM Launches Cognos 8 v4 - New Business-Driven Performance Management Software 02 October, 2008 12:02:00
|
||
|
||
|
|
||
|
CRM your salespeople will love
Winning over the sales department and obtaining buy-in at all levels is crucial to the success of any CRM initiative. Discover how you can let salespeople work how they want to and reduce their administrative burden with the latest CRM technology.
Subscribe to CIO
