D. Justhy's Blog

"Getting to Yes, Now!"

Honey: Will You and Your Enterprise Disappear

Are you in the 40% who will disappear?

According to an IDC report released in October 2017, by the year 2020, 60% of all enterprises will have fully articulated an organisation-wide digital platform strategy, and will be in the process of implementing it.

Considering that we are now in December 2017, we are about two full years away, before the above mentioned enterprises would have articulated a platform strategy.

From what is observable in various business landscapes organisations have different levels of maturity in their digital journeys. Some are advanced and some are not.

What is worse, is if your organisation is making up the 40% who are just not prepared for the transition into the digital age! This is scary, of course only if you care about your enterprise, your career, your pensions and/or stock options.

In my book, The Billion Dollar Byte, I mentioned that four hundred plus companies disappeared from the Fortune 500 list because they were unable to transform. We labelled this as ‘creative disruption’.

And this sounds good to read and talk about, as long as it is not YOUR organisation or your enterprise, or indeed some one’s you care about.

But, what if it is?

What chances do you have to save a company from disappearing?

Our best bet as a society is to trust what each and every enterprise would have. And that is their data and indeed, their own people.

The best chance for any organisation to win in the digital age is their data and their people. These are the most valuable assets, which for some strange reasons do not appear on the balance sheets yet.

The important point for any organisation to consider, especially if you are in the 40% who are not prepared, where do you and your organisation stand in this journey, today? And how do you get to where you must be?

Want to See What the Journey into the Digital Age Looks Like? Check out in this graphic here.

Once you are clear about your road map, the data strategy blueprint will guide you in your journey in to the digital age.

The data strategy blueprint itself has three easy to understand stages which any company, in any sector can adapt to set the right course for the digital age.

Since most of these transformational journeys involve spends to the tune of billions of dollars, ideally the sponsors will be as careful as the shareholders.

Being in control of such spends and outcomes is critical. There is no excuse for not transitioning into the digital age.

Well, if we are honest with ourselves, if your organisation does not transform and transition successfully, there is a high likelihood that your organisation, as you know it today, may not be recognisable in about five years from now.

Please do let me know of your digital age journey.  Just drop me a line or connect with me on linkedin.

Let’s keep this conversation going and let make it well beyond the other end of the transition. May the force be with you, until the last jedi!

Five Steps to Preventing Data Breaches

Data breaches are now practically a daily event. This isn’t just a casual statement; it’s a fact. Recent statistics indicate that there were over 100 million data breaches in the beginning of 2017 alone. Cybercriminals are using innovative and advanced methods to gain unauthorized access and the only way to fight them is to take strong pre-emptive measures.

Data is everything in today’s business world and if your data gets into the wrong hands, you are looking at some serious consequences. So, make sure you’ve got everything covered. Here are 6 key steps to help you out.

  1. Automate your security

To prevent data breaches, whether they’re caused by insiders or hackers, companies must work towards establishing robust IT policies throughout their data protection systems and network. They must carry out a periodic assessment of the technical and procedural controls that have been established.

In fact, automating these checks can go a long way in preventing breaches.

  1. Create awareness among end users

The end user can often end up being the vulnerability. However, companies can avoid this by offering awareness training. The training program must be focused towards altering the entire organization’s mind-set towards being focused on security.

Other than that, the training must also aid the end user in identifying threats.

  1. Protect information wherever it may be

We live in an information era and the perimeter approach to online security isn’t applicable anymore. Information must be protected wherever it is located; this includes storage and the various channels through which the information is shared.

Unified data protection policies must be enforced across the enterprise.

  1. Assess vulnerabilities periodically

Vulnerability assessments must be carried out on a regular basis. Sadly, most organizations do not do this often enough. A weekly vulnerability assessment would be ideal. Also, the assessments must be done for each and every system that’s connected to the network.

  1. Prevent data exfiltration

Even when incursions are successful, it is still possible to prevent the actual breach by using network software. Network software can identify data exfiltration and block it. Outbound transmissions can be prevented by leveraging a combination of security event management and data loss prevention solutions.

Every CEO’s Data Security Checklist

Data security is more important than ever if we are to go by the latest statistics on security breaches and data theft. Equifax is only the latest example; mind you, there are attempts being made to breach organizations as you read this.

Now, cybersecurity is a massive area of interest that requires the involvement of everybody in the organization; right from the top to the bottom. This obviously includes the CEO. CEOs play a critical role in ensuring that everything is in perfect shape security-wise.

After all, we are talking about the company’s reputation here. So, if you’re a CEO who hasn’t paid attention to your company’s cybersecurity situation, it’s high time you went through this checklist.

  1. Meet the IT team

Meeting the IT team on a regular basis keeps you aware of what’s going on with regard to your organization’s security concerns. Maybe, there are new challenges that require solutions at the policy level. Whatever the need might be, it is good for a CEO to stay updated in order for those problems to be solved.

  1. Conduct an inventory of critical assets

Your organization obviously creates a ton of content and data footprint, and this is transmitted through various channels. The content and the data that you create are critical assets and you need to ensure that they are protected well enough.

The last thing you need is for your data and content to be compromised, so don’t compromise on their security. Fortunately, in the digital age these could be digital assets.

  1. Review your data security policies & processes

Data security policies as well as processes need to be reviewed on a periodic basis. The problem with data security is that the requirements keep changing as technology evolves and cybercriminals become more creative. As a result, reviewing and updating policies as well as the processes is a must.

As the CEO, you have to know what’s being done to keep up with the changing security trends as well.

  1. Establish an Incident Response Plan

Even if you’ve got the best security solution possible, things can still go wrong. When this happens, the only people you can depend on are your people – your employees, your partners. But, what happens if they have no clue to what an appropriate response should be?

This is exactly why you need an Incident Response Plan in place to ensure that mission-critical tasks can still continue. The plan must also include identifying the cause of the attack in order to ensure that another one can be prevented.

This certainly is not an exhaustive checklist but it sure is a good start for an enterprise of any size.

Equifax Data Breach: Humbled by a Business Strategy Breach

Google “security breach” and one of the first items of news you’re likely to come across would be about the recent breach at Equifax.

The Equifax hack led to the exposure of personal information that belonged to over a 100 million people. Naturally, the magnitude of the breach has stirred up discussions concerning ethics, legal liabilities, and public relations. Of course, Equifax has found itself in a great dilemma.

Now, we could spend all day debating where Equifax went wrong and what they should or could have done. However, that would be counterproductive. The best thing that other organizations can do right now is to learn from the mistakes made by Equifax. Here are a few key ones that are worth the observation.

Failure to protect data

The first round of reports placed the blame on an ignored bug within the Apache Struts application.

Now, we aren’t going to argue the authenticity of this report. But, it’s safe to assume that there were other vulnerabilities that existed as well. Single vulnerability points are rarely known to lead to breaches of this magnitude.

There are a few key questions that we need to ask. Firstly, why was so much data made available to a web application? Secondly, could there have been protective measures in place to avoid this kind of a compromise? Thirdly, should Equifax have assumed possible vulnerabilities in the web application?Finally, did Equifax do enough to prevent a data leak?

The answers to these questions need to deal with both, what caused the failure and what could have been done to prevent failure. It is necessary to look at the complete architecture in order to make sure that a single vulnerability does not impact the entire system. There must be other components withinthe architecture that can prevent further compromise.

Failure in detecting an intrusion

If protection doesn’t work, there must be robust detection capabilities in place to know that an intrusion is taking place. Equifax made a major mistake by allowing a single system to have access to all the data. Data access is a major area of concern and organizations must have the tools to assess data access at all times.

For example, network analytics is great when it comes to detecting strange or “out of the blue” activities. Similarly, behavioural analytics can be used to detect out of the ordinary access patterns.

It’s certainly NOT an IT only problem, especially in the digital age

 Most businesses which consider themselves to be ‘traditional’ in nature, would argue that these matters are for the back offices. However, the business models suitable for the digital age, would not tolerate that view point but would instead consider a business model that creates value in the digital age, and this would indeed consider the matter of data security well within the business strategy as well as the business model.

A data breach is breach to the business strategy.  Let’s have a business strategy that will minimize, prevent and then eventually eliminate data breaches

Harsh Realities of Digital Age Data Strategy

Businesses face multiple challenges when it comes to shaping their data strategy in the digital age. Choosing the right data, tools and technologies, hiring the right talent, handling analytics, building models that predict outcomes are some of them. Transformation of the business operations based on analytics and insights is the other major challenge facing organisations. What we mean here is ‘the ability to act on data’ as opposed to the ‘inability to act on data.’

Realities of digital age

Data which was historically easy to collect and process is now complex, unstructured and indeed, quite a lot in quantity as well. The huge influx of raw data from smart technologies, social media, videos and multiple other channels contain insights that are actionable. These insights further shape targeted strategies and informed decisions for businesses.

But, the question is whether the organisation is indeed ‘able to act on data?’ Does the culture, the available technology as well as other capabilities permit and enable appropriate action?

Regardless of where an organisation stands in their digital age journey, the first step for any organisation pursuing a digital age data strategy is to acknowledge and accept its position on a scale that measures their ‘ability to act on data’ as well as ‘inability to act on data’.

Once there is an honest introspection and acceptance of this reality, it is then a question of what needs to be done as the ‘next best action.’

Whether you are a CEO, COO, CDO or indeed a member of your company’s board, this honest introspection will certainly create opportunities which were previously not visible. This is sufficient clarity needed to empower the ‘datapreneurs’ of the organisation.

Datapreneurs shape data strategy

Datapreneurs by design pursue ‘enterprise value’.  There is indeed no time for petty politics and energy drains, that most large organisations suffer with. Empowered datapreneurs positively energise the organisations.  This in turn creates a ‘winning’ mindset within the wider organisation.

When this energy collides with data – magic happens!

Decisions are made more often, timing of those decisions would be just right and more importantly the reasons for the decisions would be in pursuit of value that is indeed for the betterment of the business eco-system the organisation operates in  whether this is just seen as the enterprise as a whole or indeed the whole world.

Three visible signs that your data strategy is working

A winning data strategy manifests in many ways.  Here are three obvious ones:

• Commoditising the technology infrastructure – There is evidence that your investments are being utilised in the right manner at scale.

• Industrialising data integration – Efficiencies are pursued ruthlessly, sweating every dollar and every byte of available data.

• Pervading reporting, analytics, and visualisation throughout the organisation – A culture that lives and breathes on data.

This is evidence that the combination of people, processes and technologies are in harmony creating value for the purpose of the enterprise.

With out a sound data strategy – there is a plethora of activities, maddening rush of just doing work for the sake of work and more importantly, there is a gross neglect of creating value for the shareholders, customer and other partners in the eco-system. Would you want your organisation without a sound data strategy?

How Video Marketing Can Be A Powerful Tool for Chief Data Officers

 

As data continues to grow as a major asset, Chief Data Officers (CDO) occupy center stage in the management of data. The huge data volume without appropriate and adequate consumption can cost companies billions of dollars, starting with opportunity costs. Consequently, CDOs are pressured to make their business case almost every time they are expected to invest a dollar, whether it is for regulatory responses or indeed growth and innovation pursuits, such as cloud migrations, for example.

It Hurts To Be A CDO Who Cannot Tell Stories With Data

A recent survey indicates that the volume of data within an enterprise will expand by 33% within thenext one year. Faster and more accurate data analytics will be the major demands from CDOs in the digital era.

Value creation with data is a key pressure point for any CDOs. And then, both the Chief Operating Officers as well as Chief Financial Officers expect and demand. Of course, the rest of the C-Suite also expects the CDO to deliver. In this context, it is imperative that the CDO of the digital age knows how to convince their organisations, C-Suites and indeed the boardroom. Any inability to convince or effectively demonstrate the value of data is a certain disaster. Such failures translate into millions or even billions of dollars of losses which neither the company nor the CDO can afford to accept. This is usually through miss-spending or failed projects or programs. In ability to invest in innovation investments is also very expensive.

Traditionally the Chief Information Officer, the Chief Financial Officer or the Chief Operations Officer handled data management.  Regardless of which ‘x’ in the CxO – It is imperative that the leader know how to manage and create value with data.

CDO, for that matter any leader, needs to have the ability to influence his followers.  More so, is the case of a CDO, who needs to help his or her organisation ‘visualize’ and more importantly create value with it. Story telling is a mandatory skill for a CDO.

Use Of Video Marketing To Create & Sell Stories

In this context, video marketing can be a powerful tool to create data centric stories in a format that appeals to people’s emotions. Value cases for data usage can be created using video marketing effectively.

CDOs can communicate the business value of data better, through video marketing in the following ways:

  • Demonstrate the use of certain actionable analytics to improve the bottom line
  • Creating transparency of the data and technology landscapes through videos
  • Feature personal stories of staff and people involved in creating value with data for the organisation

Video marketing, potentially bridges the gaps between the boardroom, the C-Suites and the entire organisation as it is one of the best forms of communicating in this digital age. If done right, there is no reason, why this cannot become a part of the mainstream organisational process.

The Importance of Having a Simple Data Strategy

The notion of an overarching enterprise data strategy can be quite overwhelming. You can start by having a clear vision of the desired business impact from data. Specifically, on how data will be sourced, how it will be utilised and how organizational transformation(s) will eventually be enabled. All this must be clearly understood. Many more questions could emerge as well. Such as the following:

– How will we identify, combine and manage multiple sources of data? Regardless of (your) industry or size, you can expect datasets to be large and complex.

– Do we have/How can we build the capability needed to utilize tools and/or build methods that optimize enterprise outcomes?

– What kind of leadership initiatives and attitudes can transform the organization so that the tools and methods actually facilitate better, more consistent as well as profitable decisions?

To make data a fabric of day-to-day operations, everyone must be aware of the data strategy being pursued by the enterprise, the value it is expected to deliver, and their role in solving problems and making the most of opportunities. In this scenario, simplicity, transparency and usability can help create a mind-set that is more accepting of data and helps adjust to a data-driven culture.

Why you need a data strategy blueprint

A strategic view of data in particular and technology in general is imperative to realize measurable business value. When framing the strategy, three parameters come to the forefront: commoditizing the data infrastructure, industrializing data integration, and ensuring organization-wide consumption of reporting, analytics and visualization capabilities that are both internal as well as external facing. With this line of thinking, you can bring your complete IT infrastructure together into a single blueprint.

A data strategy blueprint serves your enterprise as a compass to indicate the current location to where it should ideally be in the digital age. There are three steps involved:

  • Data serves the purpose
  • Data as a capability
  • Data as an asset

All three depict data at different stages of its value to the enterprise. In the first stage, data does what it was intended to do, nothing more. In the second, data starts driving results, impacting innovation and being valued across the organization as an integrated and a consistent capability. As an asset, data creates an environment of constant innovation and makes the organizational culture more purpose-oriented, whilst simultaneously creating massive economic value. The latter being the ‘holy grail’ for digital age success.

When operating with a strategic intent, the blueprint also offers the big picture on what must be done with data, describing how best to organize data across the enterprise landscape. The tactics and actions that must be followed through for each of the aforementioned strategic parameters can be more clearly understood with a blueprint. When the strategy is broken down into its constituent parts, it ceases to be complex. A ubiquitous strategy outlining the desired outcomes of collective activity is required to help datapreneurs and the people they lead understand the value of their contributions and empower them to excel, in the digital age.

Why Cloud Migration Needs a Sound Data Strategy

In our previous post, we discussed how the data value chain can be understood using the Fibonacci spiral. The data supply chain is important for planning security as it allows organizations to implement a security zoning model (more on that below) based around the relative importance as well as the data sensitivity of particular data systems. And security is a particularly important concern when planning a cloud migration as organizations need to strike the right balance between securing their data and at the same time, enabling the high value digital business models, which need data to be enabling democratic use, to serve the business eco-system. Creating economic value with data in the digital age, is a non-negotiable need. This is why there is a need to adequately secure and control data in the cloud. This is why, a fundamental step is to choose a cloud host who can ensure the security and reliability of sensitive, revenue-producing data – if at all you want to migrate it.

 

Security zoning model

Fig 1 : Inbound – Data Supply Chain

 

Fig 2 : Outbound – Information Supply Chain

In the images above, data is categorized by zone, which tells you about the data’s value and sensitivity based on its relative importance to the organization. Data that increases in value also becomes increasingly sensitive to a breach, and the closer it is to the center of the spiral. This relative value is demonstrated in the image below. The relative enterprise value of any application or data system can be accurately determined using tools such as the The Data As An Asset (DAAS) Index.

Fig 3 : Value VS Sensitivity to Data Breach

Data in Zone 0 is the most valuable to the organization and most susceptible to data breaches. As this data has the most value, it should be considered carefully during cloud migration. And if you want to make the move to the cloud, you will need to consider the following:

  • What’s critical and what can be migrated and when?
  • Some of your team’s day-to-day security tasks will be taken over by your cloud provider. Clearly defining security responsibilities and ensuring that your team continues adopting a proactive stance towards security becomes necessary. A detailed process flow complemented by a Responsible Accountable Consult Inform (RASCI) are practical tools available to most organizations.
  • To be on the safe side, you could consider migrating non-critical data and applications so that issues don’t have a major impact. For instance, you can start with your data archives first and move some of the more important data when you’re happy with the performance and security of your migration.

With a solid data strategy and a well-managed data value chain, organizations can confidently identify the most valuable and sensitive data. In today’s age of unabated digital disruption, it has become imperative for organizations to understand their data deeply and create a strategy compatible with their business model. As a digital disruptor, cloud migration can be successful only if a thoughtful, effective data strategy is in place. And the big data and business analytics of the organization can be aptly supported by making the most of a scalable, cost-effective cloud infrastructure.

Enjoy your cloud!

The Relevance of Language in the Digital Age

The World Wide Web has transformed the way we communicate; yet it has been detrimental to the learning of languages and enhancement of language capabilities at the individual level. Where before, the spoken and written language required at least some attention to grammar and semantics, today it can be likened to a software code: enough if understood and gets the job done. In the digital age, there is greater emphasis on the pragmatic aspect of language as a driver of communication.

It is not difficult to imagine why. The world has become a smaller place and lives have become busier. Time is at a premium and ironically, the acceleration in work speed courtesy of computers has only increased pressure on humans to work at breakneck speed, trying to get as much done in as little time as possible. In this scenario, language has taken a backseat and the value of quantifiable data – numbers and statistics – has increased. Simultaneously and somewhat unfortunately, respect for the language, English or native, has diminished.

Social media imposes space limitations; text messages were never intended to be long to begin with; and emails too have gone the SMS way, with everyone wanting answers ASAP, seemingly having no time to say sorry and just enough to type SFLR (Sorry for Late Reply), and apparently not caring enough to appreciate another human with a heartfelt line or two, rather a generic YMMD (You Made My Day). You may not use these in your daily lingo but millions of internet users around the world do, and that can be pretty scary or amusing, depending on how you look at it.

Where before speed reading was about getting through the pages of books at a blindingly fast pace, today we ‘power skim’ online, picking up the essence of the story and giving little thought to the manner in which ideas have been expressed. The internet encourages us to read the headings, images, tables, graphs and bullet points in an article; whether or not we want to enjoy the writer’s prose is up to us. A long-form article, though appreciated, is expected to include captioned images, subheads, bulleted lists, statistics and tweetable quotes. And for readers who can spare less than a minute on an article, there’s always tl;dr (Too long; didn’t read).

 Language is still necessary for social interactions and critical for professional authors as well as the continuing existence of the publishing industry. What we’re witnessing is watered-down, filtered and sieved language. This is reflected in the general sentiment that learning ‘some’ English to land a job will do; in the process, we fail to become articulate at English and the approach often comes at the cost of our native language. Ultimately, we struggle to gain command over either language, missing out on its beauty and leading a colorless life on the internet.

What Can the Fibonacci Spiral Teach Us About Data Strategy?

A key component of a data strategy is the creation and efficient management of the data value chain. The data value chain can be understood as the information flow within the organization and series of steps needed to generate value from that information. The value chain can be split into the inbound processing pattern and the outbound processing pattern.

In the former, the data supply chain takes data from acquisition to analytics and consumption. Data is received from a variety of sources, checked for relevancy, enriched, analyzed and put to use to gain useful insights. Inbound processing describes the transformation of inbound data into information. The data supply is a six-step process:

  1. Identify and acquire
  2. Catalog and cleanse
  3. Extract, Transform and Load (ETL)
  4. Prepare for end users
  5. Management information and reporting
  6. Advanced visualization, predictive and prescriptive analytics

This process can be envisioned as a ‘Fibonacci spiral’ funnel that moves inbound data from acquisition through to analytics. Once it comes in, data is assigned measurable values on an index that evaluates its relative importance. The valuable data identified is then moved for consumption.

Figure: Fibonacci Spiral – Data Value Chain

From the image above, the consumption phase is at the center of the spiral; this is where the data is readied for end users, the phase where data achieves its greatest value by getting transformed to value-generating information that improves decision quality. Organizations should focus a majority of their IT dollars and resources here.

A good tactic is to invest in types of consumption that are best at transforming data into usable information such as predictive and prescriptive analytics and visualizations. These tools do an excellent job of providing high-value insights and information because they make data easier to comprehend. They make the processing of the information intuitive by telling stories, illustrating through graphs or charts, and prompting quicker action.

When information is understood easily, it will be leveraged by users to make strategic decisions. When it is a confusing mess, people will likely not bother making sense of it. This is why person-centric analytics is so important to your data strategy. Give users a reason to embrace information and there is no reason why they wouldn’t – after all, they will benefit immensely from it. To enable this, organizations must create an economically optimized infrastructure that allows efficient ETL, and manage data well at every stage.