Ratings agencies are a fact of life for the financial community and as cyber security rises in importance, so too must the security of an organisation be rated. Security rating platforms is a rapidly growing area of the security technology market.“Ratings give you the ability to tell a story that is not just about firewalls. There has been an evolution of the way that we present to the CEO and the board,”
“A security rating is a measurement of the cyber security performance carried out by an independent agency,” says Jake Olcott, VP of BitSight a security ratings provider. Adding that they are used for third party analysis of suppliers as well as first party - internal performance management.
“We are rating organisations by their performance using externally collected data and then we place them on a measurement scale of 250 to 900; 250 being poor and 900 outstanding,” Olcott says. BitSight was founded in 2011 and has been adopted by a number of Fortune 500 businesses in the USA and is incerasing its UK and European presence.
Olcott says adoption is being driven by organisations keen to gain a better understanding of their security against rivals or the wider business community. Rising levels of transparency are part of this adoption. Investors and insurance companies are looking to get a better understanding of how the businesses they insure or invest in are performing.
Olcott says CIO customers use the ratings to improve their management and relationships with third party suppliers and also demonstrate to the organisation where there are gaps in the organisational security.
“Ratings give you the ability to tell a story that is not just about firewalls. There has been an evolution of the way that we present to the CEO and the board,” Olcott tells the Horizon CIO Podcast.
“The major use case is for third party monitoring, as there has been a dramatic increase in attacks on vendors, contractors and the supply chain,” Olcott adds of how CIOs and CTOs are using security ratings.
To learn more, listen in.
More episodes from "Horizon CIO Podcast"
CIO Podcast: The important role sponsors play in business change
38:06The role of the sponsor in a major business transformation is vital and as this episode of the Horizon CIO Podcast reveals, not always well understood or specified by the business. To get some insight into the role of the sponsor HR transformation specialists Joe Ales and Jason West of Underscore Group described how they help organisations get the most from sponsorship. “Sponsors are the most critical role in a business transformation, they define what the transformation is going to achieve and what the end state will look like,” says Ales on the podcast for business technology leaders. Challenged on whether a sponsor should be from the technology leadership team if there is an IT element to the transformation, Ales says: “They have to be close to the activity that the programme impacts and a leader that can articulate what the future will be.” West agrees: “Being the sponsor is a critical role because the vision comes from the sponsor and they have to know what the future state looks like, but they cannot be dogmatic as the vision will change,” he says in regards to change that may be outside of the control of the business, such as technology developments or new regulations. The duo have delivered a number of business transformations in a wide range of vertical markets and tell the CIO Podcast that it is vital that the requirements of the sponsors role are clearly defined by the business, especially if the sponsor is not from IT, but the change programme has a large technology element to it. “No one describes what the role of sponsor actually is in a lot of cases, yet there is a level of risk associated with it both for the sponsor and the organisation,” West says. He adds it is important for the sponsor to be a good user of data to understand where the business is and the reasons for the change programme. In both West and Ales’ experience sponsors need to be able to make quick decisions. ++++Download your copy of the Underscore Transformation Scoping Checklist here: https://www.underscore-group.com/insights/white-papers/This white paper is the first of a series, looking at the four phases of a successful transformation programme: Scoping, Build, Transition, and Sustain. In the Scoping Checklist, we explore the 10 critical success factors to scoping a successful transformation programme, covering everything from requirements gathering, through to how to write an effective business case.
Horizon CIO Podcast: Understanding Security Ratings
30:12Ratings agencies are a fact of life for the financial community and as cyber security rises in importance, so too must the security of an organisation be rated. Security rating platforms is a rapidly growing area of the security technology market. “Ratings give you the ability to tell a story that is not just about firewalls. There has been an evolution of the way that we present to the CEO and the board,”“A security rating is a measurement of the cyber security performance carried out by an independent agency,” says Jake Olcott, VP of BitSight a security ratings provider. Adding that they are used for third party analysis of suppliers as well as first party - internal performance management. “We are rating organisations by their performance using externally collected data and then we place them on a measurement scale of 250 to 900; 250 being poor and 900 outstanding,” Olcott says. BitSight was founded in 2011 and has been adopted by a number of Fortune 500 businesses in the USA and is incerasing its UK and European presence. Olcott says adoption is being driven by organisations keen to gain a better understanding of their security against rivals or the wider business community. Rising levels of transparency are part of this adoption. Investors and insurance companies are looking to get a better understanding of how the businesses they insure or invest in are performing. Olcott says CIO customers use the ratings to improve their management and relationships with third party suppliers and also demonstrate to the organisation where there are gaps in the organisational security. “Ratings give you the ability to tell a story that is not just about firewalls. There has been an evolution of the way that we present to the CEO and the board,” Olcott tells the Horizon CIO Podcast. “The major use case is for third party monitoring, as there has been a dramatic increase in attacks on vendors, contractors and the supply chain,” Olcott adds of how CIOs and CTOs are using security ratings. To learn more, listen in.
CIO Podcast: Wellcome Trust CTO James Thomas
35:10Wellcome Trust chief technology officer (CTO) James Thomas told a Horizon CIO Network roundtable how his organisation has built a new operation with data and change at its heart. Talking to CIO and CTO peers from FTSE 100 organisations Thomas gives a frank insight into how to deliver change and reveals how he created a new culture and set of measurements to benefit the organisation and its technologists. The Wellcome Trust is headquartered in central London, but owes its philanthropic heritage to an American, Sir Henry Welcome who moved to the UK in 1880 to set up a pharmacy business, one which thrived and went on to become one of the most important global makers of treatments, for example inventing the tablet. As well as building a pharmaceutical giant, Sir Henry Wellcome was passionate and curious about medicine and travelled the word collecting artefacts and history about the treatment of illness and its cures, all of which is today housed in the Wellcome Collection in London, just a stone’s throw from the St Pancras Eurostar terminal.Over the last three years Thomas has been operating on getting the technology and technologists of the Wellcome Trust fit for the changing landscape any organisation faces. “We created a new target operating model (TOM) which set out how to get us away from old ways of working. For example, we delivered projects to parts of the Wellcome Trust to a timeline they set,” Thomas adds that this had the potential to create issues with the technology operations. As CIO of the UCLH hospital in London, Thomas pioneered the use of customer journeys for patients visiting a hospital for a treatment and the CTO brought that same level of experience to the Wellcome Trust. For scientists seeking Wellcome Trust funding to research a cure or treatment the route to funding, Thomas found, was complicated and did not serve the Wellcome Trust or the scientist well.Tune in to hear more. https://wellcome.ac.uk/
CIO Podcast: AI, the law and ethics
21:54The first Horizon CIO Network roundtable event of 2019 focused on how organisations can implement artificial intelligence (AI). CIOs from major financial services, medical, retail, education, manufacturing and housing joined the debate.Keynote for the event was Alistair Maughan, who has been a partner with leading law firm Morison Foerster LLP since 2004 and at the forefront of technology law throughout his career. Maughan told a room full of CIOs about ethical and legal implications of AI.“For almost 30 years now I've seen successive waves of technology evolution breaking on the shore from, offshoring and cloud and robotic process automation,” Maughan said of his career in technology law.Maughan told the CIOs that AI differs from previous iterations of technology implementation as the relationship between the CIO’s organisation as a user and the supplier of the AI technology is far more “collaborative”. The lawyer goes on to describe how the relationships are complicated as the data belongs to the CIO’s organisation, and arguably the customer, but the AI technology of course belongs to the supplier.“Lawyers tend not to like things that are joined as it does not work well, from a legal perspective, it sets my teeth on edge, a joint obligation means I can't really enforce it. Joint ownership of intellectual property doesn't work very well. It's just much more complicated.”Scare storiesMaughan has worked on a number of legal cases involving AI and reassured the CIO community that this technology is not the worrisome replacement for workers that it is portrayed as:“You know, the scare stories out there in the Daily Mail on The Daily Express are all about AI and robots replacing humans. But the business cases that I've seen are almost exclusively around making humans more efficient.,” he said.In Maughan’s experience organisations are experimenting with AI to find an efficiency or to solve problems. Maughan said he hears organisations state their AI ambition is: “We've got 15 steps between identifying the problem and selling something to the consumer, if we can make step number one 3% more efficient, step number two 5% more efficient,” then their business just might remain sustainable.“The common theme is around the business case, it's not necessarily about saving money and reducing headcount, it's about what can we do more effectively as a business in order to improve the business going forward?”But Maughan says the CIO community must be ready to act and consider the ethical impact of AI on their organisation.The technology will improve the way organisation “engage with their customers”, “But be prepared to say, this isn’t meeting our ethical or our technical standards, as meeting your business case is more important.”Maughan warned CIOs to be keeping abreast of the changing nature of business as a result of AI.“There are certainly some issues around who owns the intellectual property in something that's been created by a machine. And there are lots of legal arguments, there was a famous case of a photograph that was taken by a monkey that a photographer set up well, that legal cases is still running as to whether that wasn't created by a human, so who owns the IP in that?“We certainly have not yet got down to the position of being able to work out who owns the property in something created by a machine.”Maughan concludes that the legal sector is, as ever, lagging behind the technology industry. “The law and regulation is miles behind what you guys in the technology field is doing and it's been that way, ever since I've been a technology lawyer. The lawyers have barely got to grips with cloud and offshoring, they are certainly nowhere near getting to grips with a legalregime to deal with AI and machine learning.”
Media CIOs personalise the message
34:02The media industry has been highly disrupted by the internet and the move by consumers to digital media. This has led to major changes in the business models of media organisations. For the March Horizon CIO Podcast, three leading media business technology leaders came together to debate the impact, but more importantly the opportunity, for technology to change the shape of the media.CIOs from three unique media types joined CIO Community Editor Mark Chillingworth to describe how their sector is changing in shape. Chris Fosberry represented the subscription critical business data sector as CTO of Argus Media, which is a publisher of commodities market data, prices and analysis. Sean Harley CIO of Ascential is also from business-to-business, but this former magazine publisher is now a leading provider of events. Whilst Richard Walsh us Group Technology Director at The Telegraph Media Group, best known for its broadsheet newspaper.“The media is always reinventing itself,” CTO Chris Fosberry says of the sector and why it is a fascinating place to be a CIO. But as Walsh says: “The media has been one of the first areas to be disrupted over a sustained period of time,” and challenges to the sector continue, whether from social media, citizen journalists or startups.Throughout the podcast these senior CIOs describe how being a technology leader in the media shares many of the same challenges as sectors being disrupted. Of major interest is how the sector is having to reshape its operating model and adopt multi-function teams models, something that the sector has never been good at. Throughout its history the media has been led by sales directors who have relied upon a divisive “management style” to ensure sales and editorial do not work together. However the three CIOs describe how, as a result of technology, this is changing to a collaborative ethos.“The pace that we are moving at and the reliance on the digital economy and the data is becoming more and more important and that leads to innovation in structure, the business, your global reach and in the customer sets,” says Ascential CIO Sean Harley.Tune into listen tor how these three CIOs are dealing with:Data scienceRecruiting data scientistsBusiness AnalyticsAgile practicesBoard level operationsArtificial intelligenceOrganisational structureArgus MediaAscentialThe Telegraph GroupAudienceConsumer behaviourEmbed yourself into business teamsUnderstanding user disciplines in tools usageTargeted premium servicesQualitative dataQuantitative dataDigital deliveryListening to the customerMaintaining a business advantageAIEditorial qualityCustomer journeysMarketingCompelling contentReal-time dataAdding valueAutomationUnstructured dataNatural Language ProcessingAdvertising revenueMarket volatilityScaling up the teamBest in class productsPrint mediaJournalismConsumer choice
CIO Podcast, Editor’s review of the CIO & CTO job moves of 2018
5:40A quarter of major business technology leadership hires in 2018 were for a CTO role. 2018 saw a small decrease in role changes amongst the UK’s CIOs and CTOs.Speaking to major search providers, they too are seeing an increase in demand for CTOs and at both ends of the country.Financial services was one of the most active sectors throughout 2018, perhaps indicative of the rising awareness that technology led challengers are fast encroaching on their business models. Early in the year Duncan Gray moved from automotive auctioneers BCA to Premium Credit, a provider of specialist loans and James Holmes joined North P&I to continue the transformation begun by Mark Aikman.The insurance arm of the financial services sector saw Paul Carris return to the CIO fold at Collinson Group, owners of the Columbus brand. Mark Collins remains within insurance moving from Vitality to the UK business of Belgium’s Ageas. Also staying with insurance is former HMRC technology leader Mark Hall, moving to Legal and General from Aviva as Group IT Director.Challenger banks were amongst those driving up the trend for hiring CTOs with both the popular Monzo and Civilised Bank recruiting CTOs, as Meri Williams and Simon Bateman joined their senior leadership teams respectively. Similarly specialist financial services provider CDC hired Gavin Stubbs from Close Brothers.In the building society market Nationwide recruited CIO Patrick Eltridge to be its COO, again a reflection of the impact technology has on all aspects of financial services.Retail, like financial services is well aware of technology changing its business model. Health food chain Holland & Barrett made probably the largest hire in retail for 2018 with former J Sainsbury’s George Goley joining as CTO, alongside Goley’s recruitment, the Russian owned business also recruited transformation director Doug Nesbitt, the duo will work alongside Mark Fabes, who remains as CIO. Adrian Thompson joined Specsavers from vacuum cleaner makers Dyson, Mark Phillips returned to the CIO role at estate agents chain Countrywide from consulting.Serving the world of retail is data and logistics. Former Trainline CIO David Jack moved from logistics tracking services provider Metapack to become CTPO of Dunhumby the data firm famed for its role in the development of the Tesco Clubcard. At Metapack former Collinson Group CDO and Daily Mail CIO Steve Homan took up the leadership chair, while former Drax Group CIO James Robbins is leading technology at delivery firm ArrowsXL.Engineering had a busier year than normal, sector veteran Steven Capper moved to Royal BAM from AECOM. In specialist engineering for the oil and energy sector Darren Martin became CIO of Wood Group, the organisation stated its hire of a CTO was to ensure it was able to be competitive in the move to connected internet of things services. Also in the energy engineering sector, Allan Cockriel moved from GE to Petrofac and just as with Wood Group, Petrofac said the hiring of a CIO was to be at the forefront of the technology change coming into the market. Leaving the world of engineering for plates and saucers was former McLaren Technology Group CIO Craig Charlton who joined Compass Group as Group CIO.The biggest move of the year was the news that Mayank Prakash, the CDIO of the Department for Work and Pensions (DWP) since 2014 announced in late 2018 he was leaving DWP to join energy and utilities firm Centrica. Prakash told the Horizon CIO Podcast and .Next conference how DWP has become data and customer oriented over the last four years.In the media Trevor Attridge moved across to be CIO of Young & Rubicam in the advertising sector. The Economist Intelligence Unit hired Sharon Cooper from the British Medical Journal as its CDO and consumer magazines publisher Ti Media hired former CIO and Gartner analyst Lisa Gannon (pictured). Whilst former News UK architect and director of engineering Adam Griffiths became the CTO of electronics firm RS Components.The need for academia to be utilising technology to deliver an improved experience for its students is increasing by the year and former Science Museum Group CIO Jason Oliver moved from Kensington to Sussex to become the CIO for the University of Sussex.Although slightly quieter than 2017, the roles that CIOs and CTOs took demonstrates that despite the challenges of the UK economy at present, there remains strong demand for good technology leadership and that those business technology leaders with imagination, a good track record and an ability to work with all members of the organisation, are highly sought after.
CIO Podcast: Alan Hill CIDO, University of Exeter
22:35The Horizon CIO Podcast is brought to you in partnership with Future Processing: To discover what to include in your RFI, download How to write an RFI for outsourced IT Projects from Future Processing at: www.startnearshoring.com/rfi “It’s hot on the exoplanet Wasp 107 Bravo, 500 degrees celsius and that is very important. A team of experts from the University of Exeter has detected helium in the atmosphere of this exoplanet, they used the Hubble space telescope to analyse light passing through it and they have discovered helium by looking at the data and analysing it,” says Alan Hill, Chief Information and Digital Officer for the University of Exeter. Hill, speaking at a Horizon CIO Network roundtable recently, has been leading technology at the Devon university since January 2016 when he joined the institute from the British Army. The move into academia wasn’t an effort to avoid being shot at, the former Army CIO was attracted by the opportunity to completely change the way a university operates. Universities are under going significant change. The move to tuition fees in the UK has been headline news since it was introduced by the Labour government, as a result academic institutions now compete for students, because students means revenues. The tuition fees for UK resident students are set by the government, but for international students the institutions set their own fee rates. “An annual fee is around £9000 a year, for international students that can be double, so recruitment of those is a highly competitive market, so the offer you give has to be compelling. You need to respond to their application quickly and get them signed up,” Hill says of enrolment pressure Exeter faces, “that sounds like retail,” he adds. Research too drives revenue, both in terms of grants to carry out research, but it also attracts students. “Focusing on research and changing the IT operating model without dropping the ball is a risky business,” Hill tells the CIO Podcast. “Research is vital for the university as part of Russell Group – the research intense universities. Because research drives big money, creating the capability to support research means buying high performance computing.” New role for IT “We find ourselves as an IT organisation pushing our people up, forward and getting close and personal to the staff driving those research opportunities,” Hill explains of how research into exoplanets, dementia or energy require bespoke technology and analysis. “We are having to transform from an old style IT organisation providing infrastructure and applications to be right down in the business colleges, a central shared service, business driving activity. “The skills of the IT staff make the difference, they are the people who do the specialist programming to support the research into the atmosphere of exoplanets light years away. So we have really had to focus on digital services,” Hill says. “We are pushing IT staff up into the marketing and admissions teams, designing CRMs that are about closing the deal and driving income. We need to move ownership of the IT and digital services up and out of IT. We need to get people who understand education to own the digital services, not me as an IT expert. What do I know about how to educate or research?” Hill adds that his team has been changing the governance “so they own it, they describe what they want. To do that we needed to pick up the whole operating model and turn it upside down. We need an IT operating model that is fit for the modern environment. So its design led, service centric and absolutely customer focussed. “And that empowers the IT staff in a way you haven’t seen before and during that process, we kept an important aspect of delegation to the point of discomfort,” Hill says of his leadership style. “I am not the controlling authority on all things, I have to delegate to ensure the delivery is at pace, so delegation to the point of discomfort is a really important part of what we are trying to achieve. That is not my idea, that is something that comes from the Royal Military Academy at Sandhurst. “Customer is not an easy word in higher education, but student journey is entirely applicable. Can you recreate an Amazon online shopping experience for students who are submitting their work for marking? Can we design so work goes through the plagiarism checker, it goes through online marking, the comments by the academics are in short videos or text and it arrives back in the students inbox at the right time and the grades are instantly put in the analytics database and it arrives on their smartphone in an App? That is the kind of customer journey we are talking about,” Hill says of how a university has to have a technology ecosystem akin to retail. “This means creating immersive digital services that create an environment around the student, they get everything they need in one click in the format that is highly personalised to that student. So if you learn in pictures, if you understand and conceptualise things in that way, that is how stuff is pushed to you, or if you want things in pure text that is how you get it,” Hill says of taking lessons from personalised offerings in financial services for example and placing them in academia. “In research we have management systems that pick up an academic’s slightly hair brained idea and take it all the way through bids, grants, analysis, delivery and the impact, which is what research is all about,” Hill says of creating new workflows. “It is all about being data and insight driven.” Secure university “While we are doing all of that change, we have to talk about security. My experience in the Ministry of Defence is extensive in security, the game there is to understand where people were landing in your enterprise, in your network. Can you pick out three or four needles in the haystack and put them together and understand why they are there before you take any action?” Hill says of security management during his career in the Army that saw him rise to the rank of Brigadier. “In a university, where is the data? Who has their hands on it? What is valuable? The University of Exeter is big into bio science and energy. Who is interested in our energy research? There is probably quite a few state actors that would be quite interested in our battery research. “I moved from a military environment where we have some quite clear threat actors to an environment where university and IPR (intellectual property rights ) has to move forward. We are dealing with academics who are very single minded, they are completely dedicated to their cause, they do not trust many of the systems, but they trust to keep it themselves. How do I put more security around them? Because I know they are acting as a honey pot,” Hill says of the security challenge. Business continuity “We have worked really hard to get the university to understand what are you going to do when the website goes down? We run a lot of services through the website, the recruitment, confirmation and clearing activity it is really important. “We did two exercise at our silver level command we worked up a scenario, working with the police of having our website hijacked. Basically ransomeware and we had to move to an alternative. “How long can we last without our website? Hang on, we are right in the middle of a major recruitment campaign. If you are off the air they will sign up to other universities as there is an offer available. The next scenario was the website was off and another site pops up and all the student financial details are captured. “We did that at gold level then, the directors, we run the same scenario, are you going to pay the ransom, big debate between the CFO and others who say we need to get back up and running, so we are working on alternative plans. We are trying to work out where we are in the battle rhythm of the university to understand what it is, what we need to do and we have a really productive discussion about how we will respond. Because we know this will happen, it is about how you respond that matters.” We asked Hill if there were military and education parallels. “With the customer, it is a mix of demanding age ranges all determined to succeed that is true of both,” Hill responded. “Special services are required by some, they might be very demanding academics or generals. Data is more important than ever before to these people.” The Horizon CIO Podcast is brought to you in partnership with Future Processing: To discover what to include in your RFI, download How to write an RFI for outsourced IT Projects from Future Processing at: www.startnearshoring.com/rfi
CIO Podcast: customer centred mobile Apps
26:02As bank TSB knows all too well, how people perceive your brand is based on their technology experience. In the highly competitive world of online book retailing this is especially the case because of the dominant position of Amazon, which of course has transformed not only the retail of novels, but every shopping story you can name. Despite the scale and success of Amazon, here in the UK a technology driven service, developed by a UK development house demonstrates that a good technology consumer experience allows organisations to flourish alongside a US giant like Amazon. World of Books was founded in 2000 by three Sussex entrepreneurs who had started out selling books at car boot sales and is now a primary partner to retail giant Amazon, but also the charity sector. “We sell books across 30 different marketplaces, essentially these books were going to landfill,” says Head of IT for World of Books Ben Edwards. “Charities receive so many of these book and they struggle to sell them. Just because you have a book about thermodynamics that is sitting on a high street in Middlesbrough in a charity shop, you have to rely on the right person walking in, finding it and buying it. Whereas if you sell online across all these different marketplaces at the right price, the likelihood is someone will be able to buy it at the right price.” In 2013 World of Books saw an opportunity to capitalise on the mobility wave and build a direct to the consumer service and developed Ziffit, a mobile service for selling books, games, DVDs and CDs. Mobility allows organisations to build services that become unique businesses in themselves. “For us, the question was, how can we get more books and how can we leverage the technology to get more goods in to be recycled and sold?” Edwards adds: “The obvious solutions was a B2C direct to the consumer App. Ziffit is a site where you turn your mobile phone into a barcode scanner and you get an instant price for the item.” “Ziffit has grown massively in the last couple of years and now trades over seven million items a year,” Edwards says of how the four year old business has grown. “For us mobile was a key part of the strategy.” World of Books set out to ensure that Ziffit and its App were not “an extension of the website,” and worked with mobile technology development agency to ensure it developed a mobile first customer centric service. “It is so much more convenient than typing in your barcodes manually you can upload them with the camera App,” the IT Head says. Right, Josh O’Riordan of Brightec with left CIO Francesco de Marchis at the Horizon CIO Summit Customer centered mobile Apps “Respecting the voice of our customers is critical to us. One of the things that Brightec helped us organise is the user testing, where we would sit in a room and watch users interact with the App and that really brings everything to life. “You can often get really bogged down in Google Analytics with bounce rates and conversion rates, which are not very real. Whereas when you see a user hitting something in the flow of the App that doesn’t work properly, it brings those figures to life and how you can influence them,” Edwards says of not being overly data focused. Brightec, a Brighton based development agency has been a partner to World of Books from the outset with the development of Ziffit. Brightec specialises mobile App development and has delivered technologies for financial services providers Willis Towers Watson, retailers Morrisons and automotive firm Jaguar Land Rover. “It was interesting doing the user testing, it wasn’t just the learning that we could take from the user experience, it felt like we were learning a lot about the actual brand as well; and how people perceive the brand through interacting on the website and App. I think a lot of that was taken back to the marketing and internal teams,” says Andy Ferrett, managing director of Brightec. “A lot of the fixes were not IT fixes. The CMO sat in and it was useful to him and a lot was actually the messaging and what we say to the customer,” Edwards says of how user involvement shapes the experience for all members of the organisation and its C-level. “One of the biggest conversations is the context and when someone is interacting with your product,” says Joshua O’Riordan, Creative Director of Brightec says. “On most desktop systems you are making the assumption that they are at home or in an office, relatively fixed moments when they are interacting with your product. When it comes to mobile testing, you have to really take into account when someone is interacting with your account, but also how quickly, how long they take to get your core message and value proposition, are they using it outside in the sun? If so don’t create a black app? “For these guys it was about where is someone going to be. We were trying to gauge with customers, whether it is living rooms, grandparents houses or loft spaces. So making sure we have high contrast rates and many of the big learning points were about how we optimise this app for the customer.” “It gave everyone a direct insight into communicating the charitable and recycling benefits came from this room here,” Ferrett of Brightec adds. Context, content and technology Not only is there are high number of front end customer demands on developing a mobile App, but the customer expects a technology experience as rich as they would receive on a desktop device. That means a strong focus on using Application Programming Interface (API) and context centric networking. “We provide Brightec with an API that hooks back into our systems and algorithms to provide the buying rules and selling engines,” Edwards of World of Books says of how the Ziffit App connects to the Amazon and eBay platforms where the Sussex retailer sells the bulk of its inventory. But Edwards says CIOs and organisations don’t always have to rely on heavyweight technologies to deliver a great customer service. “It is not always as complex as APIs, somethings work on SFTP file drops, so it varies by company,” he says. “One thing I would say is that not all APIs are equal and not all API documentation is equal. So a key consideration is, what is the level of work is required to interrogate this API and work with it,” Edwards says. “The biggest challenge is again context, when people are on 4G and 3G connections, especially 3G there is a whole lot of stuff to deal with, especially around how efficient and optimised a connection is and to make sure that people can load data quickly, so there is a lot of design around that,” Brightec’s O’Riordan says. “On a desktop you can get away with giving away more data that then gets parsed and you can rely on a powerful machine that can process that data. On a mobile, if you lose a connection halfway through how do you go back and get that data again. There is also a bunch of considerations on how often an App is opened, it could be once a month, a year, 18 times a day, so there are a host of considerations about stale data and cache and how you update, and how you hit the API for the next data. There are considerations around assets and imagery and mobiles have a whole range of screen densities,” the creative director says of the myriad considerations in App development. Developing new businesses requires a strong partnership between clients and the technology service provider and Edwards of World of Books believes this was crucial in the development of Ziffit. “We couldn’t really have got the success without this long term relationship. Our business is quite complex and in terms of time saving and I think we have access to fantastic talent in all areas of this business,” he says of the relationship with Brightec. “To serve anyone well you have got to know them well and know what their needs are. For us as a service provider, it does take time and partly it is psychological, you get involved and for us it’s years and all of our team are massively invested in it,” O’Riordan of Brightec says. Horizon Innovation Partner: Brightec – customer centred App developers
CIO podcast: David Germain, CIO of RSA Group
24:24For the second year in a row insurance business RSA Group has announced good results. During 2017 RSA Group, which in the UK is better known for its More Than general insurance (GI) brand, recorded profits of £322 million after tax, up from £20 million in 2016. The good results of 2016 prompted CEO Stephen Hester to state that the international insurance business was out of recovery. In late 2016 David Germain joined RSA Group as CTO working alongside stalwart RSA business leader Darren Price and a year later became Group Chief Information & Technology Officer. Germain invited the Horizon CIO Podcast to the RSA Group headquarters in the Walkie Talkie building in central London to discuss the turn-around story of RSA, his career, diversity and how technology is reshaping general insurance. “We have around 13,000 employees and we deal with what we call core GI products, so anything like home, pet, business and on the commercial side, developments, property, schools and hospitals,” Germain says of the RSA Group business that also operates in Canada, Scandinavia and the Middle East. Written by Mark Chillingworth Photographed by Matt Gore “Our profitability in 2017 and our operating profit was £660 million and our net written premiums was £6.7 billion and our combined operating ratio was around 94%. We have come to the end of the recovery and we have made it clear to the markets. We have three strategic pillars to focus on; one is our service to customers, second is our underlying service results and the third is the cost efficiency across the organisation. Those pillars have kept us honest as we have gone through the recovery,” Germain says. “I think technology was, has and will continue to be integral to how we look at our cost ratios,” Germain adds of how technology played a key role in the turn-around of the business. Since RSA Group found itself in difficulties in 2014 the business has been reshaping its operations and as Germain reveals, modernising and rationalising the technology estate. Germain reveals claims platforms have been centralised, data platforms have been unified in an effort to provide better insights to the business and the latest wave of technologies are being adopted. “We need to continuously industrialise what we do, everywhere and continuously educate and learn with our people about how these technologies work and figure out where these technologies can take us,” Germain says. But despite two years of reporting good results, competition is fierce in the insurance sector and challenges to the economy have a major impact to the sector. “We have to continue to focus on our cost base and we have to continuously have to prioritise. And one of the key areas for me as we look at our cost base is robotics. What can we do with processing and automation, AI and where can we take that in our contact centres and how can we create the more ecocentric environment? At the same time, ensuring we are not degrading the customer experience, we are improving the customer experience,” Germain says. CTO to CITO Germain is one of a growing number of business technology leaders to have a job title that has a remit of both information and technology. “It is three hats, the first one as a CTO was the transformation programme with multi-million pound projects happening in every region, replatforming and consolidation and new data platforms, new web based platforms and designing the digital experience, that was my CTO hat, alongside a very technically competent organisation and trying to get them to work out the right road maps. “The second element is being the CIO and that is like going home for me, I had the opportunity to look at the operating environment, and again and what the senior execs asked was to get a good understanding of the operating environment, where we spend money, how we spend money and what are the benefits and outcomes we get for it,” he says. Germain adds that as CIO he is also looking at ensuring where RSA Group outsources IT and business processes it understands what skills it must keen in-house. “So the CIO and the CTO hat have been tightly coupled. The further strand is about innovation. We all talk about AI (artificial intelligence) and cognitive intelligence, we all talk about connected insurance, and the key thing for me is use cases. Where can we see real use cases. We are never going to be bleeding edge as an organisation, it is not something we prescribe to, but what we are looking at, is being fast followers and we are working with great insuretech partners,” he says. Germain says RSA Group is actively looking at startups that “will that plug into our business processes”. During his career Germain has also held COO roles and in the process oriented world of financial services Germain believes that experience has been vital. “My historical COO hat has stood me well and it is another string to my bow and working with teams and meeting different cultures and getting close to the application end user state is part of the way forward.” Like many of his peers in a variety of sectors, Germain is working on cultural change across the organisation, including the adoption of Agile, which he says is flourishing in Scandinavia. “I am very keen to learn to how we can leverage that across the organisation.” Germain says the adoption of a new culture using the latest working methods is crucial as the expectations of customers changes. General insurance businesses have to have a omnichannel approach he says with communications to the customer across a variety of platforms. That approach is not only about the internal culture, Germain says that partners to RSA Group are now being tasked to “change and adapt” he says. “We have 630 technologists across the group and an additional 170 are contractors and we have a number of SI providers, and we ask them to help us to learn and as we build out our centres of excellence to enable us to grow.” Connected diversity “Our business development leaders are highly focused on connected insurance. We are looking at Bot, sensory and IoT technologies. Connected insurance is in our pipeline, we will be fast followers we have to create an architecture that allows us to create API solutions with third party providers,” Germain says of how major insurance firms have to be ready to react to challengers such as Neos in the UK and Lemonade in the USA, just two of the challenger brands to enter the market. “We are aware that connected insurance is a disruptor, and there is a very real awareness that customers will expect solutions and services to be added to our products and service. We are constantly having a healthy tension and debate around our digital agenda and our digital operating models and our customer experience and constantly bring hypothesis to the table and what our customers will want,” he says. As a black CIO leading a FTSE 100 financial services business, Germain is passionate about increasing diversity in technology, financial services and the top table of the FTSE 100. “I am very privileged and honoured to be in this position. I would say to anyone, to focus on a few core things: focus on your strengths, make sure that the organisation can see them and what you are adding in terms of value. Focus on your development and ask for feedback, broaden your network.” Most importantly, Germain advises those from diverse backgrounds: “don’t be scared to speak up, that is why those organisations have hired you”. Germain says good mentors are crucial to help gauge speaking up. “Find ways of working with people who can help you and your career, but the starting point is always going to be your performance.” Asked if he had mentors who shared his background Germain laughs: “There wasn’t, that didn’t come until a decade into my career,” but the CIO has a confident outlook and believes business technologists from diverse backgrounds have a broader set of champions to model themselves on than he did. “I think the world has changed and there are a few more David Germains around the FTSE 100 and globally, so there are different relationships around diversity that is more than just a gender or a colour.”
CIO Podcast: Is SAP restricting CIO’s ability to be agile?
40:42In the spring of 2018 enterprise resource planning (ERP) software giant SAP announced that from 2025 its ERP software will be built to operate with just one database platform, its own SAP HANA database. Between now and 2025 SAP will continue to support ERPs using Oracle, SQL, IBM or a myriad of other database formats, but beyond 2025 it will no longer support ERP applications not using the HANA database. Discussion on CIO forums that the Horizon CIO Podcast is a member of displayed a fear amongst business technology leaders that SAP is imposing a restriction on agility and technology spend on CIOs. This restriction comes at a time when CIOs must display an increased focus on the needs of the customer and business agility. CIO Mark Lockton-Goddard and Bryan Oak, COO of Searchlight Consulting agree with this sentiment and debate the issue on the Horizon CIO Podcast. “HANA is still a very nascent product, it is increasing in adoption and the product set is maturing, but at the same time we have a lot of existing SAP customers who have invested a lot of their time and are struggling to see the business case for moving from their existing platforms to HANA,” Oak says analysing the current database market. Analyst houses believe there are over 36,000 instances of the SAP ERP platform in place globally and although 2025 may sound some way off, it is less than seven years away. “Often in our businesses we have customised them and that may not be a good thing, but it is often right for our business. That doesn’t really leave a lot of time, as a complex implementation means there is not a lot time,” Fidessa financial services business CIO Lockton-Goddard says. “Upgrading therefore is often an expensive process and it is time consuming and the business benefits may not be seen. “So to have a conversation with the board about doing an upgrade that will cost a bunch of money, and you are not going to get the business benefits is not a great conversation to have right now.” Oak agrees with the CIO, but believes the industry must not look at SAP’s plans as an “upgrade”. “The architecture is such that for most people it is a re-implementation. The customisations you have will have to be considered. If it is a reimplementation and a significant investment, you don’t want to start those conversations with ‘we have got to do this because the database technology is forcing us to do it’. That is the tail wagging the dog. It should be a conversation about what are the business drivers and what are the capabilities we want,” Oak says. “Having already a lot of investment on the balance sheet around SAP, you cannot just wipe that off and say let’s start again,” Lockton-Goddard adds. “By 2025 normal support for the existing versions of SAP running on other database platforms will be reduced,” he says, though Oak believes it is highly likely that SAP will offer an extension. SAP in danger “It is a challenging conversation for SAP. If you are saying the right thing is to revisit our business plans and processes, I am not sure how many businesses would say SAP is the answer,” CIO Lockton-Goddard says of how organisations are constantly revisiting their strategies and business processes and as a result drop application suites as part of this review. The CIO adds that organisations are beginning to question the reasons for having an ERP platform. “Maybe an ERP solution is not a great answer for a dynamic, customer focused very agile business, so it is very risky for SAP to force people down a route where SAP will not be the answer. “The nearer you are to the customer, the more you need to be agile, the more likely you are to be digital and therefore the more that will impact the systems on a regular basis. So these large complicated systems don’t have the agility that we need. So again we end up pulling the ERP back into itself and it becomes a system of record and you deploy more agile tools around that,” Lockton-Goddard says. Oak (left) agrees and Searchlight Consulting see an increasing number of organisations assessing a component view of the applications they need and selecting applications depending on their “business landscape..and the capabilities needed”. “Some of this is also a bit old school, we talk of a replacement journey of three to five years, I can’t operate in three to five year cycles, I am lucky if I can operate in three to five months. So the concept of something that is complicated and deploying in that old waterfall style of way is just a non-starter. I don’t think it works for a lot of businesses now, we need to be pacy, agile and able to flip systems based on what is going on in the market right now. It feels like SAP are being product focused and not customer focused,” Lockton-Goddard says. Oak adds that this old school thinking, as CIO Lockton-Goddard dubs it, suggest SAP do not understand the needs of their CIO customers. “You still have got to have a core set of transactions that are stable, and you don’t want to be told that if you want to open a new channel or a new supply to market, you have got to go and rip out all the finance, supply chain and HR.” Another threat to SAP is the rising adoption by CIOs and organisations of SaaS tools such as Salesforce and Workday, to name just two. Both tool sets are expanding beyond their traditional sales management and HR into business processes such as procurement and payroll. “When you integrate all of these systems together and a transaction takes place in a third party application, which accesses the SAP business logic, that is an indirect user,” Oak says of the increasingly common application landscape CIOs operate. But it is this complex architecture which led to the court case back in February 2017 ruled in favour of SAP against FTSE listed beverages firm Diageo and others for infringement of the software licence. “They settled for huge amounts of money where they are deemed to be outside of their licence agreements,” Oak says. “You are in an environment with other products and that is where the existing SAP customers will be well aware of the well documented legal cases of indirect access. “SAP has tried to remedy that and they have got some bad press about how they were using that case as a stick for the way they worked with clients. They remedied that a bit with talk of outcome based license payments,” Oak says. “That is going to be really confusing for the CIOs and how do we factor that in so that we have predictable costs. With user based pricing it is fairly easy to factor. When you look a business transaction volumes it becomes a very difficult business to model.” “Pricing is not overly simple now. These organisation are not known for having clear and simple pricing now,” Lockton-Goddard adds. “I think the desire to get more revenue from existing clients was a period of time where the licence audit was being used as a bit of a stick. It shows you must understand your license agreements and the chances are you don’t have one agreement, and understanding the lay of the land and getting good legal council is essential,” Oak adds. Does the database matter? “To some extent it should be irrelevant and it should be based on outcomes. I don’t want to give that decision away, because I know that data, how we look at data and use it, that is increasingly a strategic question for us,” CIO Lockton-Goddard (left) says. “I worry when a service provider starts to regiment and restrict what you can do as a business.” Oaks argues: “As long as you can get to the data, and it performs and this is where SAP is going with the HANA cloud offering.” He and Searchlight believe the real concern for CIOs is “whether all of these software providers are geared up to be a support partner. The management, support, responsiveness and the service levels that the users are used to,” the COO says. Lockton-Goddard says: “I totally understand why SAP want to go down this route, what is concerning is the cost of the upgrade is so high for a lot of people that it might have a negative effect on their business”.