Volume 02 | Issue 02

“Co

st-E

ff

EC

tiv

En

Es

s D

riv

ing

MP

s M

ar

kE

t” | s

EC

ur

ity

an

aly

tiC

s: H

yP

E o

r H

ug

E?

A 9.9 Media Publication

Volume 02

Issue 02

February 2013150

BEst of BrEED

Unlocking Big Data in Social Technologies Pg 16

tECH for govErnanCE Privacy Breaches and

High School Physics Pg 46

viEwPoint

Private Parts Pg 48

cio

& l

ea

de

r.c

om

02Tr ac k Te c h n o lo gy B u i ld B u s i n e s s s hap e s e lf

A banker, a business leader and a CIO. Sandeep Phanasgaonkar has what it takes to be a true leader. Page 20

ThinkingBusinessValue

A special section on leadership designed keeping in mind the evolving information needs of CIOsPage 26A to 36

1February 2013

editorialyashvendra singh | yashvendra.singh@9dot9.in

Business Leader or Technologist?

Instead of saying that CIOs are not business savvy, we should say that CEOs are

not technology savvy

does it make money, and the cost of a rupee per share in earnings.

A strong grip on technology and an understanding of these key aspects of business, a CIO will do justice to his position.

In this issue’s cover story, we focus on one such CIO who has done justice to his position — Sandeep Phanasgoankar, who recently quit from his position as the President & CTO, Reliance Capital — has what it takes to be a true leader.

On the issue of whether CIOs need to be business leaders or technologists, I feel it is time we gave the argument a differ-ent spin. Instead of saying that CIOs are not business savvy, we should say that CEOs are not technology savvy.

A senior CIO once quoted his boss as saying, “There are

only two types of projects: busi-ness successes and IT failures.” For an enterprise technology decision maker, the irony could not be starker. A CIO has to shoulder complete accountabil-ity in the absence of complete authority. While his several suc-cessful projects escape praise, the few failed ones attract criti-cism. No CIO would want to be in such a sticky situation.

To avoid getting between a rock and hard place, a CIO should possess strong IT man-agement skill set. So, those who

CEO trust his marketing to someone who has no clue about these tools and technologies?

Similarly, IT too has increased in complexity. Today, a corpo-rate’s website delivers far more than just static content. It has evolved into a collaboration and transaction application support-ing far greater workloads. Man-aging its performance would require fine-tuning of several elements. Can someone without an in-depth technology know-how manage this dynamic and complex environment?

Someone who stopped his quest for technology knowledge back in 1990 would find the shoes of the head of enterprise IT too big for himself.

However, this argument in no way entails that a CIO can afford to be completely oblivious to his company’s business. He needs to ensure that everybody in the IT department understands three basic things — the enter-prise’s value proposition, how

have been crying hoarse over the urgency of a CIO to talk the language of business instead of technology, need to weigh their words. Lots of people are con-vinced that by becoming a busi-ness leader, a CIO can get a seat at the high table. They could not be more wrong.

The reliance of businesses on technology has increased more than ever before. IT has become core to what they do. Consider marketing, for instance. Today, marketing for an enterprise is all about click patterns, big data analytics and split testing. Against this backdrop, can a

editors pick20

Thinking Business ValueA banker, a business leader and a CIO. Sandeep Phanasgaonkar has what it takes to be a true leader.

2 February 2013

february 2013

Cover Story

20 | Thinking Business ValueWhile CIOs often struggle to find their place in the board, Sandeep Phanasgaonkar always saw himself as a business leader, a trait that helped him head various businesses

COPyrIght, All rights reserved: reproduction in whole or in part without written permission from Nine Dot Nine Interactive Pvt Ltd. is prohibited. Printed and published by Anuradha Das Mathur for Nine Dot Nine Interactive Pvt Ltd, Bungalow No. 725, Sector - 1, Shirvane, Nerul, Navi Mumbai - 400706. Printed at tara Art Printers Pvt ltd. A-46-47, Sector-5, NOIDA (U.P.) 201301

Please Recycle This Magazine And Remove Inserts Before Recycling

regularS01 | Editorial06 | EntErprisE

roundup48 | viEwpoint

Cover design by: shokeen saifi imaging by: Peterson PJphotos by: Jiten Gandhi

Volume 02 | Issue 02

“Co

st-E

ff

EC

tiv

En

Es

s D

riv

ing

MP

s M

ar

kE

t” | s

EC

ur

ity

an

aly

tiC

s: H

yP

E o

r H

ug

E?

A 9.9 Media Publication

Volume 02

Issue 02

February 2013150

BEst of BrEED

Unlocking Big Data in Social Technologies Pg 16

tECH for govErnanCE Privacy Breaches and

High School Physics Pg 46

viEwPoint

Private Parts Pg 48

S p i n e

cio

& l

ea

de

r.c

om

02Tr ac k Te c h n o lo gy B u i ld B u S i n e S S S hap e S e lf

A banker, a business leader and a CIO. Sandeep Phanasgaonkar has what it takes to be a true leader. Page 20

ThinkingBusinessValue

A special section on leadership designed keeping in mind the evolving information needs of CIOsPage 26A to 36

20

3February 2013

xx

me & my mentee31 | grooming the team for Leadership Jayanta Prabhu, CIO, Essar group and Keyur Desai, AVP, It Infra, Aegis Ltd shares their professional bonding

SpeCial leaderShip SeCtion page 26a to 36

27 | top down preparing future leaderS, Ashok Cherain, CIO, JK Cement, feels that the best way to learn is by taking up responsibilities

34| opinion what happened at Copenhagen?Future negotiations for climate change need to take place swiftly, and probably best done by having a ‘side’ deal of binding commitments signed between the nations

28 | leading edgethe firSt 100 dayS of a new Cio It’s critical to get a good start when stepping into the CIO role. Consider several measures when you share your course

36 | Shelf life the buSineSS of t20 The book reveals how the author guided a T20 cricket team to championship glory. His success mantra: Cricket in not a team game

4 February 2013

Managing Director: Dr Pramath Raj SinhaPrinter & Publisher: Anuradha Das Mathur

EditorialExecutive Editor: Yashvendra SinghConsulting Editor: Atanu Kumar Das

Assistant Editor: Varun Aggarwal & Akhilesh Shukla

dEsignSr. Creative Director: Jayan K Narayanan

Sr. Art Director: Anil VKAssociate Art Directors: Atul Deshmukh & Anil TSr. Visualisers: Manav Sachdev & Shokeen Saifi

Visualiser: NV BaijuSr. Designers: Raj Kishore Verma, Shigil Narayanan

& Haridas BalanDesigners: Charu Dwivedi, Peterson PJ & Midhun Mohan

MARCOMDesigner: Rahul Babu

STUDIOChief Photographer: Subhojit Paul

Sr. Photographer: Jiten Gandhi

advisory PanElAnil Garg, CIO, Dabur

David Briskman, CIO, RanbaxyMani Mulki, VP-IT, ICICI Bank

Manish Gupta, Director, Enterprise Solutions AMEA, PepsiCo India Foods & Beverages, PepsiCo

Raghu Raman, CEO, National Intelligence Grid, Govt. of IndiaS R Mallela, Former CTO, AFL

Santrupt Misra, Director, Aditya Birla GroupSushil Prakash, Sr Consultant, NMEICT (National Mission on

Education through Information and Communication Technology)Vijay Sethi, CIO, Hero MotoCorpVishal Salvi, CISO, HDFC Bank

Deepak B Phatak, Subharao M Nilekani Chair Professor and Head, KReSIT, IIT - Bombay

nEXt100 advisory PanElManish Pal, Deputy Vice President, Information Security Group

(ISG), HDFC Bank Shiju George, Sr Manager (IT Infrastructure), Shoppers Stop Farhan Khan, Associate Vice President – IT, Radico Khaitan

Berjes Eric Shroff, Senior Manager – IT, Tata ServicesSharat M Airani, Chief – IT (Systems & Security), Forbes Marshall

Ashish Khanna, Corporate Manager, IT Infrastructure, The Oberoi Group

salEs & MarkEtingNational Manager – Events and Special Projects:

Mahantesh Godi (+91 98804 36623)National Sales Manager: Vinodh K (+91 97407 14817)

Assistant General Manager Sales (South):Ashish Kumar Singh (+91 97407 61921)

Senior Sales Manager (North): Aveek Bhose (+91 98998 86986)Product Manager - CSO Forum and Strategic Sales:

Seema Menon (+91 97403 94000)Brand Manager: Jigyasa Kishore (+91 98107 70298)

Production & logisticsSr. GM. Operations: Shivshankar M Hiremath

Manager Operations: Rakesh Upadhyay Asst. Manager - Logistics: Vijay Menon Executive Logistics: Nilesh Shiravadekar

Production Executive: Vilas Mhatre Logistics: MP Singh & Mohd. Ansari

oFFicE addrEssPublished, Printed and Owned by Nine Dot Nine Interactive Pvt

Ltd. Published and printed on their behalf by Anuradha Das Mathur. Published at Bungalow No. 725, Sector - 1, Shirvane,

Nerul, Navi Mumbai - 400706. Printed at Tara Art Printers Pvt Ltd.A-46-47, Sector-5, NOIDA (U.P.) 201301

For any customer queries and assistance please contact help@9dot9.in

This issue of CIO&Leader includes 12 pages of CSO Forum free with the magazine

www.cioandleader.com

advertisers’ index

IBM IFCRiverbed IBCFalcon (Expo 2020 Dubai) BC

This index is provided as an additional service.The publisher does not assume any liabilities for errors or omissions.

12

a QueStion of anSwerS12 | Creating a Flexible, Secure It Architecture Minhaj Zia, Director, Cisco India and SAArC shares his views on UC

18 | BEst of BrEEd: defining the qualities of cyber warfare Accusations about cyber attacks are increasing, with Iran ranking high on the danger list

46 | tEch for govErnancE: privacy breaches and high school physics A look at the damage caused by patient privacy breaches

40 | nExt horizons: security analytics: hype or huge? Big data is here to stay and security analytics just needs to figure out the best way to use it

ANNOUNCING THE MUMBAI CHAPTER OF

THINK TANK

Date: March 15, 2013

Time: 10 am to 5 pm

Venue: Hyatt Regency, Mumbai

Organised by Knowledge PartnersPresenting Partner

Join a select group of 25 - 30 CSOs and find answers to: Network Security Risk in 2013: Emerging Trends, Threats and Mitigation.

Developing an Application Security Center of Excellence.

Is your security plan board-ready?

Establishing a Data Breach Response Process.

Managing Identity and Access in the Hybrid World.

Register Now ! http://tinyurl.com/apwtnoc

FOR ANY QUERIES, PLEASE CONTACT: Astha Nagrath Khanna , astha.nagrath@9dot9.in

CSO_Think tank_Ad.indd 40 2/22/2013 4:07:17 PM

6 February 2013

story InsIde

Cloud, Analytics to Drive Data

Centre Growth Pg 08

SMARTPHONES’ GROWTH IN INDIASource: IDC

Scams to Watch Out for this Season symantec has observed an increase in phishing attacksThe year has started with a bumper crop of online frauds, cons, ID thefts, and check stealing this year. Some of them can steal your returns, others cost you your life savings or money you have not even begun to earn.

Valentine’s Day Spam - Valentine's Day represents one of the big shopping periods of the year. Online shoppers will be seen expressing their love this week as both online retailers and spammers continue to take steps to attract and convert shoppers. This year, Symantec has observed that Valentine’s Day spam messages offer unbelievable discounts on jewellery,

dinning opportunities, and expensive gifts to shop-pers. (See alongside image about the volume of spam during Valentine’s Day) The top word combinations used in spam messages includes: Find-Your-Valen-tine; eCards-for-Valentine; Valentine’s-Day-Flowers. The e-card spam message arrives with a malicious attachment called ValentineCard4you.zip. After open-ing the attachment, malware is downloaded on to the user's computer. Symantec detects the attachment as Backdoor.Trojan whose primary functionality is to enable a remote attacker to have access to or send commands to a compromised computer.

294.9%data BrIefIng

ENTERPRISEROuND-uP

ima

ge

by

ph

ot

os

.co

m

E n t E r p r i s E r o u n d - u p

7February 2013

Although crashes are as old as computers, some UK researchers may be taking the first steps toward sending blue screens to the same graveyard where 5.25-inch floppy disks are buried.

QUICK Byte on CoMPUtIng

Cloud Adds Complexity to DR in India Virtualisation led 71 percent to re-evaluate dr plans in 2010SymanTec has announced the India findings of its sixth annual Symantec Disas-ter Recovery Study. The study demonstrates the growing challenge of managing disparate virtual, physical and cloud resources because of added complexity for organisations protecting and recovering mission critical applications and data. In addition, the study shows that virtual systems are not properly protected.

As Indian enterprises increasingly adopt virtualisation, it is having a big impact on their disaster recovery plans. The study highlights that in India nearly 50 per-cent of data on virtual systems is not regularly backed up and only 10 percent of the data and mission-critical applications in virtual environments is protected by rep-lication. The data also highlights that 70 percent of those surveyed were concerned about data loss as an impact of a disaster. The study indicated that virtualisation led 71 percent to re-evaluate DR plans in 2010; this is up from the 61 percent reported by respondents in 2009. “While Indian enterprises are adopting new technologies such as virtualisation and the cloud to reduce costs, they are currently adding more complexity to their environments and leaving mission critical applications and data unprotected,” said Anand Naik, director, Systems Engineering, Symantec.

Asked during a question and answer session at the Unilever office, in Mumbai, if he thought governments were doing enough to boost the green economy, Cameron said green technologies such as wind turbines should be promoted in the face of opposition.

“All over the world governments are not doing enough. We are not on track to deal with climate change and make sure our policies are sustainable.”

They SAID IT

DAvID CAmeRon

—David Cameron

British Prime Minister

ima

ge

by

ph

ot

os

.co

mil

lu

st

ra

tio

n b

y p

ho

to

s.c

om

E n t E r p r i s E r o u n d - u p

8 February 2013

Cloud, Analytics to Drive Data Centre Growth aPaC will account for 25% of the global data center investmentDaTa cenTer transformation is one of the three key trends driving IT growth in 2012, according to analyst firm Canalys (the others being consumerisation of IT and enterprise mobility). Its latest forecasts reveal that the market for data centre IT infrastructure globally, including servers, storage, network-ing, security and virtualisation, will reach $128 billion this year, up six percent from $120 billion last year. Total investment will

grow five percent on average per annum to reach $152 billion in 2016. Large data centers will lead this expansion, posting an average annual increase of eight percent over the same period. Much of this infra-structure will be used to form the backbone of cloud services for both consumer and commercial customers. ‘On the consumer side, everything from social networking platforms to online

Google Sites led the US explicit core search market in January with 67 percent market share, followed by Microsoft Sites with 16.5 percent

banking services will require resilient infrastructure on which to run,’ said Alex Smith, Senior Analyst at Canalys. ‘This is particularly evident in the Asia Pacific region, where businesses in China and India are investing heavily in infrastructure to provide online services to their custom-ers. The size of the populations in these markets presents a huge potential demand for data center infrastructure.’

Cloud computing has been a hot topic in the enterprise space in recent years and will continue to disrupt established patterns of IT purchasing behaviour. The manage-ment of hardware and software traditionally conducted in-house will increasingly be transferred to third-party providers, with resources charged for on an on-demand, metered basis. This transition is already well underway in many public sector orga-nizations, particularly in Europe where gov-ernment spending is being re-shaped by the ongoing economic challenges. These trends are helping to concentrate investment into fewer, but larger, data centers, as opposed to being distributed across many smaller facili-ties. Analytics is another driver of large data center investment. ‘Different organisations, with different interests spanning com-merce, the environment and a spectrum of scientific disciplines will require large data warehouses and the ability to analyse vast quantities of information,’ Smith added. ‘The need to routinely process exabytes of data will become common.’

Canalys predicts Asia Pacific will be the fastest growing region over the next five years and will account for a quarter of worldwide data center infrastructure spend by 2016. ‘IT infrastructure expansion is critical to support the high-growth econo-mies and rising online populations in this region,’ said Matthew Ball, Canalys Direc-tor of Enterprise Services. ‘The leading US vendors must focus resources on expanding their channel coverage in key Asia Pacific markets in order to capitalise on these growth opportunities. And they should not underestimate the challenge presented by local vendors, such as Fujitsu, Hitachi, Hua-wei and NEC.’ Canalys forecasts that North America will remain the biggest data centre infrastructure market, though its share of total worldwide investment will fall from 43 percent in 2011 to 41 percent in 2016.

gloBal traCKer

Search Market

so

ur

ce

: c

om

sc

or

e

ill

us

tr

at

ion

by

ph

ot

os

.co

m

9February 201310 October 2012

Worldwide IT Spending to Surpass $3.6 Trillion in 2012 Three percent increase from 2011

SuPERCOMPuTER

the recent installation of

india’s fastest supercom-

puter at c-Dac, pune was

implemented by netweb tech-

nologies, a company implement-

ing supercomputers in india for

almost a decade. starting in

2003, when netweb deployed

a supercomputer at imsc chen-

nai, which was then the number

one supercomputing system in

india.

the current supercomputer that

was inaugurated on the 8th Feb-

ruary 2013, at centre for Devel-

opment of advanced computing

(c-Dac), pune is the next-gen-

eration param system, which

is an upgrade of the existing

param yuva system. this sys-

tem consists of 224 intel based

tyrone servers having intel’s lat-

est Xeon sandy bridge proces-

sors & Xeon phi co-processors,

with over 30000 processing

cores including coprocessors

and total 14 tb of memory.

the next-gen param super-

computer is india’s largest

supercomputer built with hybrid

technology and has a peak

computing capacity of more

than 500 teraflops. netweb

technologies has tested and

efficiently achieved a sustained

performance of 370 teraflops

over linpacK benchmark. the

linpaK benchmark is the mea-

sure of a system’s computing

power and is used for ranking

the supercomputers worldwide.

WorlDWiDe iT spending is on

pace to reach $3.6 trillion in 2012,

a 3 percent increase from 2011

spending of $3.5 trillion, according

to the latest outlook by gartner,

inc. gartner's 2012 it spending

outlook has been revised up slightly

from the 2.5 percent projection last

quarter. gartner's global it spend-

ing forecast is relied upon by more

mahinDra SaTyam, a leading global consulting and IT services provider, today announced the acquisition of a majority stake in Complex IT, one-of-the largest SAP consulting providers, in Brazil.

This acquisition will focus on developing solu-tions for the rapidly expanding Enterprise Solu-tions market within Brazil.

Mahindra Satyam and Complex IT will be going to market with proprietary solutions for large manufacturing, financial and consumer services

mahindra Satyam Acquires Complex attractive cost structures create tough competition for India

faCt tICKer

than 75 percent of the global 500

companies in their key technology

decisions. the market segments

are analyzed by more than 200

gartner business and technology

analysts who are located in all

regions of the world.

“While the challenges facing global

economic growth persist — the

eurozone crisis, weaker us recov-

ery, a slowdown in china — the

outlook has at least stabilised,”

said richard gordon, research

vice president at gartner. there

has been little change in either

business confidence or consumer

sentiment in the past quarter, so the

short-term outlook is for continued

caution in it spending. however,

there are some bright spots for it

providers. in contrast to the rather

lackluster growth outlook for overall

it spending, gartner expects

enterprise spending on public cloud

to grow from $91 billion worldwide

in 2011 to $109 billion in 2012.

companies in the market. This initiative marks another important milestone in offering Mahindra Satyam’s customers a global delivery capability in Latin America.

“This combination of Complex and Mahindra Satyam strengthens our commitment to the Bra-zilian market, which is one of the fastest growing Enterprise solutions markets. We look forward to expanding our market presence and offer global delivery capabilities to our customers” said Arvind Malhotra, Global Head, Latin America & Strategic Accounts, Mahindra Satyam.

“The BRICS countries have the potential to achieve a leadership position in the global economy and we believe that Mahindra Satyam and Complex will contribute significantly to this strategic vision.”

“The relationship with Mahindra Satyam will mean enhanced career opportunities for our team, and increased quality of services to our customers and partners.” said Antonio Rossi, Chairman and CEO, Complex IT.

Brazil is the second fastest growing geography globally for SAP AG. Software revenues for SAP AG grew 20 percent in the last year.

The current spend on IT by companies in Brazil is approximately US$70B, with US$36B being spent on services and software.

As Brazil gears up to host FIFA 2014 and the Olympics in 2016, it would only provide an increased impetus to an already rapidly growing IT services market.

Together, Complex IT and Mahindra Satyam would be well positioned to combine local exper-tise with ability to deliver large and complex proj-ects, in a period of sustained profitable growth for both partners.

ill

us

tr

at

ion

by

ph

ot

os

.co

m

C I O & L E A D E R C u s t O m s E R I E s | H E w L E t t - P A C k A R D ( H P )

10 February 2013

Q What should a CIO keep in mind in order to achieve the results expected from a

converged cloud environment?Ans: A converged cloud environment would essentially include all infrastructure seam-lessly integrated between servers, storage, networks, software and environmental con-trols. It is key that the converged environment is secure, performing, elastic and 24x7x365 available. This requires thorough planning, execution, control and effective governance across internal and external stakeholders. Essentially, end-to-end business transactions cannot suffer and hence comprehensive SLAs are warranted.

The journey to a converged cloud environ-ment begins with standardisation and moves through optimisation, service-enablement, differentiated service-sourcing, and finally ready as a cloud service provider. The critical part of this journey is that each of these will cut across the organisation imperatives viz, technical infrastructure and architecture, service management framework, gover-nance, finance, security, culture and staff, best-practice processes, and service portfolio management.

The results expected are reduction in time and risk which helps in improved market responsiveness and agility.

Q Please throw more light on the holistic approach adopted by HP through its

Datacenter Care initiative.Ans: The CIO today is supporting business more than ever by leading company-wide strategic projects impacting business. It is imperative that the CIO need to shift his priorities from maintaining existing systems (running the systems) to contributing more to the bottom line (changing the system). New enabling technologies like cloud, mobility and analytics has its own challenges in security and implementations. Today, the CIO has to ensure that the organisation is adapting to these quickly for competitive advantage.

From IT perspective, the Data Center is the critical backbone here. HP’s Datacenter

CIOs Need to Contribute to BottomlineHP is positioned to understand the needs and challenges associated with today’s multivendor, industry-standard IT infrastructures

H e w l e t t - P a c k a r d ( H P ) | c I O & l e a d e r c u s t O m s e r I e s

11February 2013

Care Service offers comprehensive end-to-end support to provide environment-wide entitlement and enhanced call handling as in mission critical requirements. These are fully customisable support solutions for HP and multi-vendor systems. The value for the cus-tomer comprises the following being the most holistic offering in the industry today- Most flexible - high touch and highly customised

Simplified support management End-to-end Datacenter support including multi-vendor technologies

Q How does HP help CIOs in gaining more structure, accountability, and ongoing

support that their business needs?Ans: Increasingly, CIOs want to consolidate the number of vendors supporting their Data-centers. A primary service vendor can provide overall service management expertise and ensure that the service management vision is executed. The primary service vendor should be capable of implementing a broad span of control and oversee the big picture.

The fundamental premise here is that the service provider must have a SPOC who is able to operate in all parts of the system, with a thorough knowledge of hardware and firm-ware, as well as an understanding of products from key independent software vendors (ISVs). Ideally, the SPOC is someone who will own the problem and is able to act as the arbiter for any finger-pointing.

HP is perfectly positioned to understand the needs and challenges associated with today’s multivendor, industry-standard IT infrastruc-tures. The company has broad and deep tech-nical expertise that spans many hardware and software platforms, as well as strong part-nerships with leading ISVs and a worldwide network of authorised support partners. HP brings all of these attributes to bear in Data-center Care, the industry’s premier support service offering.

Q CIOs have to confront with performance issues that arise from complex interac-

tions among multiple physical and virtual systems — especially as they start support-ing multi-vendor and public clouds. How can they overcome this challenge?Ans: A key element used by HP to reduce complexity is support automation, a unique

integrated, automated management and support experience that delivers seamless management and HP know-how across the server lifecycle—from server deployment to ongoing support to continual improvement. Support automation is found in most HP sup-port offerings; some example of automation tools are as below-

HP Support Center – A comprehensive support portal where you can manage con-tracts and warranties online, submit sup-port cases, and chat with HP experts.

HP Insight Remote Support – A remote monitoring and support platform based on innovative onboard management capabili-ties. Besides providing secure 24x7 moni-toring, troubleshooting, and fast problem resolution, Insight Remote Support reduces complexity and saves time with rapid setup and configuration for server features such as onboard phone-home support.

HP Insight Online – Secure, one-stop access to the information you need to sup-port your IT environment from anywhere, anytime. Through the HP Support Center portal, Insight Online provides the ability to track service events and support cases, view device configurations, and proactively monitor your HP contracts and warranties.HP Datacenter Services are especially

effective at reducing the complexity of design-ing, implementing, and supporting cloud, multivendor, and virtualised solutions.

Q How is HP enabling enterprise technol-ogy decision makers in driving perfor-

mance levels up and costs down?Ans: Proactive services, environment wide entitlement, enhanced call handling and rela-

tionship management are the basic building blocks for Datacenter Care (DCC) Services from HP. HP Datacenter Care can be custom-configured to meet the support service needs of any company whose business viability and success depends on a smooth functioning and always-on IT engine. The key service fea-tures include: Improve IT availability and reduce downtime Collaborative approach to continual improvement, thereby optimising invest-ment and driving efficiencyIn summary, Datacenter Care is designed

to be HP’s most flexible support offering, customisable to fit any specific requirements a customer may have. These range from sup-port of a discrete IT solution to an entire data center containing many thousands of devices including multivendor non HP equipment. The base service provides the customer with an assigned account team to manage their overall support experience plus access to HP’s best call handling experience with fast access to technical staff who knows the cus-tomers environment. The new service offering replaces Mission Critical Partnership, add-ing increased flexibility and new capabilities around service entitlement making it a better fit for Service Providers or any customer with a need for flexible end to end support.

BROUGHT TO YOU BY

“New enabling technologies like cloud, mobility and analytics has its own challenges. Today, the CIO has to ensure that the organisation is adapting to these quickly for competitive advantage”— Tirthankar Banerjee, Director – Technology Support Services, HP India

Key technologies: Mobility, collaboration, and cloud computing are top priorities for CIOs today

Minhaj Zia | Director, cisco inDia & saarc

Minhaj Zia, Director, Cisco India and SAARC talks to Yashvendra Singh about various aspects of UC and shares his views on the key challenges confronting CIOs

How can CIOs address busi-ness complexities and have a

comprehensive and effective col-laboration in place?The reality is that the consumerisa-tion of IT is very real and it’s here to stay. Today’s workers demand mobile devices, software-as-a-service (SaaS), and online collaboration tools in order to be more productive. CIOs need to address this without compromising productivity in operations and busi-ness resilience. A host of new collabo-ration technologies, combined with the expanding capabilities of the net-work, make the possibilities endless for innovation on a global scale. Three strategic levers provide the framework for CIOs to address business com-plexities and enable innovation today -

Lead with—don’t resist—new col-laboration tools and processes that promote innovation within the company and with trusted part-ners.

Create a flexible, secure, and scal-able IT architecture that continu-ously improves “time to capability” for the business.

Position IT to provide measurable value (beyond efficiency) at all levels: productivity, experience, and growth.

What are the benefits of Uni-fied Communication (UC)?

How strong is the business case in support of UC?The nature of work is changing rapidly. Multiple trends like dis-

persed workforces, explosion in content and devices, proliferation of video, social networking are causing a profound transition in the way that people interact and do business. I believe that the next breakthrough levels of innovation are unlikely to come from adding more traditional IT systems, but rather from embrac-ing these new trends, actively engag-ing employees, partners and custom-ers to work more closely together, anytime, anywhere, in a more natu-ral and integrated way which UC enables. A lot of organisations, both large and small now under-stand this and are looking at UC to streamline their business processes and boost productivity, reliability, and competitiveness.

Creating a flexible, secure IT architecture

M i n h a j Z i a | a Q u e s t i o n o f a n s w e r s

13February 2013

What are some of the chal-lenges that CIOs encounter

while deploying a UC solution? How can they overcome these challenges?Mobility, collaboration, and cloud computing are top priorities for CIOs today. All three can work together to create a whole that is greater than the sum of its parts. However, in bringing together mobile, collaboration, and cloud computing, CIOs face some unique challenges. First, all of these technologies create more data, which can create storage and data-management challenges. Fur-thermore, it creates an integration challenge, because just as colleagues need to share information, so too do applications.

What are the top 2-3 emerg-ing trends in the UC space?

How can CIOs make the most of these trends?Numerous trends affect today’s business strategies and decisions; some affect specific functional areas of a business, while others represent broader social, technologi-cal, or competitive areas. Examined as a whole, they align around three integral areas – Empowered user: Individuals are using new technologies to innovate within their workplaces and com-munities. They are rapidly adopt-ing video, web 2.0 technologies, such as social networking, peer-to-peer collaboration, blogs, wikis, and multimedia content for mobile devices. Enterprises are challenged to deliver new tools and capabilities that meet the expectations of their empowered users, while simulta-neously coping with the growing technology complexity, support, security, and compliance issues associated with them.

Real-Time Information; All busi-nesses recognise the importance of using real-time information to increase their companies’ agility and competitiveness. However,

to shape the new collaboration expe-rience. Our collaboration portfolio is influenced by rapid changes in the consumer market and no other firm empowers collaboration style as well as Cisco.

What are some of the best practices that a CIO has to

keep in mind when implementing a UC solution?Given that these new consumer-inspired technologies cannot be divorced from the current IT infra-structure, CIOs need to address them effectively. They must consider how these new technologies affect data security and performance of the network and applications, as well as how they fit into the overall enterprise architecture strategy. In addition to increasing employee efficiency and improving the overall efficiency of the business, CIOs must also ensure that their IT staff main-tains its productivity.

“increasing business velocity” requires more than simply speed-ing up existing data processing systems — it demands a different kind of IT and business architec-ture than has traditionally been required and CIO need to address this to stay competitive.

The Borderless Enterprise: Since work can now be performed almost any time and in any location, new business models are emerging that benefit from global, mobile capa-bilities. To address this, CIOs today are exploring ways that can openly and securely enable collaboration beyond borders.

What is Cisco’s UC strategy?As mentioned earlier, the

next breakthrough levels of innova-tion and productivity will come from the ability to embrace new workplace trends — Cisco is con-verging social, mobile, video, and virtual communications capabilities

“Our portfolio is influenced by rapid changes in the consumer market”

The next

breakthrough

levels of

innovation will

come from the

ability to embrace

new workplace

trends

individuals are using new

technologies to

innovate within

their workplaces

and communities

Position IT

to provide

measurable value

thIngs I BelIeve In

A Q u e s t i o n o f A n s w e r s | M i n h A j Z i A

14 February 2013

Best ofBreed

Unlocking Big Data in Social Technologies Pg 18

FeaTUreS InSIDe

Defining the Qualities of Cyber Warfare

accusations about cyber attacks are increasing, with Iran ranking high on the danger list By Jarno Limnéll

Cyber warfare is one of the hottest topics currently trending in newsfeeds and, although many are quick to use the term, not everyone fully understands the concept. Cyber war-fare is a reality, but the reality of the situation may be far different than many believe.It’s notable that we’re already living in an era of state-led cyber warfare activities, even if most of us aren’t fully aware of it.

ill

us

tr

at

ion

by

ph

ot

os

..c

om

16 February 2013

The Reality“We are at the beginning of a new and dan-gerous era of cyber warfare,” according to the CEO of Kaspersky Lab Eugene Kasper-sky, and F-Secure chief research officer Mikko Hypponen. An article in the UK’s TheGuardiansummarised their presentation at the DLD13 conference in Munich, and the summary was not pretty.

The reality is not pretty either. Govern-ments are taking potential threats seriously, with at least 12 of the world’s 15 largest mili-tary powers building cyber warfare programs that assess tactics and capabilities that will be critical in any future war. Intelligence sources additionally told ISSSource that the number of intrusions and attacks has increased dramatically over recent years.

Accusations about cyber attacks are also on the increase worldwide, with Iran rank-ing high on the accusation and danger list, according to allthingsd.com. Iran has become “a force to be reckoned with,” US Air Force’s Space Command leader General William Shelton said in a January speech in Washington, DC Allthingsd.com reports that Iran has been fortifying its own cyber attack capabilities following the Stuxnet malware attacks believed to have resulted in the explo-sion of several Iranian nuclear centrifuges.

The Changes in WarfareThe world is moving towards a greater strategic use of cyber weapons to persuade adversaries to change their behavior. At the same time it is essential to understand that cyber operations, such as cyber espionage and cyber attacks, are now a recognised part of strategic influence and combat.

Past conflicts required soldiers that were physically and mentally tough enough to succeed in battle, but strength is no longer the only requirement for fighting wars. Physical strength need not be an issue at all for the new breed of soldiers that instead must possess a sophisticated knowledge of computer security and code.

“Hackers now are either criminals out to make money, activists out to protest or governments engaged in targeting their own citizens or attacking other governments, whether for espionage or cyber warfare,” says The Guardian. Not every malicious attack, however, falls into the cyber warfare category, which is largely where unwar-

and control without physical destruction. A country impoverished by erased banking records, for example, could very well be a victim of cyber warfare although no physical damage has been done. An attack that qualifies of cyber warfare must, however, occur in the political and strategic context of warfare.

“War is thus an act of force to compel our enemy to do our will,” says the famous for-mulation of Prussian military strategist Carl von Clausewitz. Chinese military general Sun Tzu’s ideal of warfare was “to subdue the enemy without fighting.”

Neither case necessarily involves physi-cal destruction, although both function as a means to achieve a political aim. The same holds true with cyber warfare. The cyber instrument may have its own grammar, but its logic is that of war as a whole.

The ongoing and sophisticated online con-flict in Syria reported by DefenseNews.com serves as a prime example of cyber warfare. While the efforts on both the side of Syrian government and the side of its opponents are meant to “sabotage, disrupt and destroy,” not all involve physical destruction.

One of the cyber weapons was a destruc-tive Trojan known as “DarkComet.” The digital-rights group Electronic Frontier Foundation described it as: “a remote administration tool that allows an attacker to capture webcam activity, disable the notification setting for certain antivirus programmes, record key strokes, steal pass-words and more — and sends that informa-tion to an address in Syrian IP space.”

War vs. PeaceWhile it is painfully clear Syria is the midst of an ongoing civil war, many other nations are instead in a grey area that is neither a state of war – nor a state of peace. Cyber

A country impoverished by erased banking records could very well be a victim of cyber warfare although no physical damage has been done

ranted paranoia and misuse, and misconcep-tions of the term, arise.

The MisconceptionsWhat counts as “cyber warfare” remains an open question, but it does have certain stipulations. A major misconception is that cyber war takes place in a different domain, i.e. the fifth domain, that is totally separate and disconnected from all other forms of warfare, be it land, sea, air or space. Rather than being disconnected from all other types of warfare, the cyber “world of bytes” is an integral part of all other domains.

Warfare taking place on land, at sea, in the air or in space has its own cyber com-ponents, and the “world of bytes” is every-where. It penetrates all the levels and dimen-sions of warfare, with cyber components prevalent in weaponry, communications, equipment and other war-related matters.

Any future crisis, even one not deemed a cyber war per se, is likely to have a cyber component to it. It would be tough to avoid it, particularly in major wars between devel-oped countries. Cyber is the only dimen-sion that allows you to have an impact on all other dimensions. Cyber components may alter submarine and shipping steering, impede flight control functions and air-drop accuracy, interfere with satellites, cut off the distribution of electricity, affect the performance of smartphones, automobiles, prisons, and engage in a laundry list of addi-tional maneuvers that shut down, deter or otherwise work to destroy your enemy.

The DefinitionWhile Kaspersky limits his definition of cyber war to activity that uses cyber weapons to cause physical damage, only Stuxnet fits that definition to date. Cyber weapons can also indeed be deployed to disrupt command

17February 2013

C y B e r w a r f a r e | B e s t o f B r e e d

reality further blurs the boundaries between war and peace, adding a dangerous new dimension of instability. Instead of being an obvious form of war, future conflicts involv-ing cyber warfare may instead become vague with no clear beginning or end. It is also important to observe that the concept of war might be blurred intentionally referring to different “cyber actions.”

The cyber (warfare) victims may not even be conscious of being in conflict with some-one, just acutely aware that unpleasant, tan-gible things “just happen.” Those unpleas-ant events may be a regular occurrence or they may crop up at random and infrequent intervals. Although such events may seem to have neither rhyme nor reason, they could in fact be part of a larger strategy in the cyber

warfare game.Cyber warfare is definitely out

there, but it should not be the catchall phrase for any mali-cious computer-related activity. Distributed denial-of-service attacks that have no physical impact should not automatically be considered cyber warfare, nor should activities such as spying. If cyber warfare were used to classify every single malicious attack or unpleasant event, we would be a war-torn world indeed.

Additionally, there would be no term remaining to describe a severely devastating and debilitating cyber war when it did occur in the open between nations. Truely defining

what qualifies as war and what does not is challenging in the cyber realm. To qualify as offi-cial “warfare,” the term needs to be put into the right context as a part of the strategic and political decision making process. We can also take one more cue from Clausewitz who said that war is “the continuation of politics by other means.” To qualify as cyber war, the means may be vir-

tual – but the impact should be real.

— This article is printed with prior permission from infosecisland.com. For more features and opinions on information security and risk man-agement, please refer to Infosec Island.

Unlocking Big Data in Social TechnologiesOracle’s exadata database and its exalytics in-memory analytics appliance were used to analyse nearly five billion Twitter posts

the quote was being bandied about to promote an ambitious global project called “The Human Face of Big Data,” an effort commissioned by EMC, and sponsored by the likes of Cisco Systems and VMware, that aims to use crowdsourcing to get a handle on humanity’s increasing need to generate and

crunch data. For example, a widely distributed smartphone applica-tion collected data, between Sept. 25 and Oct. 2, that indicated that the reason people can’t find a cab when it rains in Singapore is that drivers looking to avoid having their pay withheld for accidents sim-ply pull over to wait out rainstorms. They don’t pick up new fares.

While such findings may not hold much value for the average IT executive, the implications of big data certainly do. And although the news from OpenWorld centered on Oracle’s slew of new cloud ser-vices and a new platform that socially enables all of the company's applications, big data was clearly the dominant theme.

Oracle CEO Larry Ellison’s anticipated keynote address, which was entitled “The Oracle Cloud: Where Social is Built In,” focused instead

9%inrease in Business intelligenCe market in malaysia in 2013

on how the company’s venerable database and analytics technologies can crunch the big data inherent in social network streams.

Ellison began his keynote touting Oracle’s cloud — which now features new services such as planning and budgeting, financial reporting, and data and insight — as having the broadest set of applications in the industry. He then quickly introduced Oracle’s new social platform, which he characterised as being far preferable to stand-alone social applications. But what he clearly wanted to demonstrate was the kind of insight that can be gleaned from social data when the right analytical tools are used. Specifically, he showed the packed hall how two products — Oracle’s Exadata database and its Exalytics in-memory analytics appliance — were used to analyse nearly five billion Twitter posts to determine what celebrity would be the best spokesperson to promote a new Lexus sedan.

Ellison made it clear that Twitter data, in particular, consists of much more than the posts themselves — it includes timestamps, geotags, device types, and more, and the data is of both the struc-

18 February 2013

B e s t o f B r e e d | B i g d a t a

tured and unstructured variety. In the end, Oracle ended up analysing 27 billion relationships, nearly a billion retweets and hashtags, 2.8 billion mentions and another 1.3 billion replies. And as Ellison pointed out, the conclusion itself — that gold-medal Olympic gymnast Gabby Douglas was the best fit to promote the new Lexus — wasn’t nearly as significant as the process by which that conclusion was reached, which included drilling down into the data to find out whose posts most frequently men-tioned cars, for instance. “This was a very simple question that required an enormous amount of data processing to get the data,” Ellison said. “This is something we would have had to guess at before.” Now that sophisticated data crunching tools from Oracle, EMC and the like are making it possible to extract the value of big data, companies have no choice but to try and use that data to change their business. “Other-wise,” said EMC CEO Joe Tucci during a morning OpenWorld keynote “they’ll be out of business.”

— This article was first published in CIO Insight. For more stories please visit www.cioin-sight.com.

Twitter data, in particular, consists of much more than the posts themselves — it includes timestamps, geotags, device types, and more

ima

ge

by

ph

ot

os

.co

mB i g d a t a | B e s t o f B r e e d

Thinking

ValueBusiness

20 February 2013

C O V E R S T O R Y | T h i n k i n g B u S i n E S S V a l u E

According to an axiom, what doesn't kill you makes you stronger. This holds true for Sandeep Phanasgaonkar too who moved up the ladder of business and technology leadership by sailing through tough times and coming out stronger from every situation. He not only proved his leadership through technology innovation but also through his business acumen. In a journey that started as a banker, he went on to becoming the President & CTO for Reliance Capital before turning an entrepreneur. He is now looking at creating products that can bridge the expectation and delivery gaps in IT consulting BY VaRun aggaRwalDesign by: ShOkEEn Saifi imaging by: pETERSOn pj photos by: jiTEn ganDhi

The TrueBusinessleader

ascience student, who always had a keen interest in both IT and busines, Sandeep Phanasgaonkar took up Mathematics and Physica

as specialisation while pursuing his BSc Degree from the University of Mumbai. A sharp student, Phanasga-onkar also enrolled into courses such as Diploma in Operations Research, and Diploma in Advanced Comput-ing from National Institute for Train-ing in Industrial Engineering.

He also did his MBA in Finance from Jamnalal Bajaj Institute of Man-agement Studies. Phanasgaonkar started his career as a banker with the State Bank of India (SBI) in 1984.

While CIOs often struggle to find their place in the board, Sandeep Phanasgaonkar always saw himself as a business leader, a trait that helped him head various businesses while being a technology leader at the same time By Varun aggarwal

"This was a time when computer revolution was just taking off in India. I started working at the bank as a probationary officer," Phanasga-onkar recalls.

At SBI, Phanasgaonkar gained extensive domain knowledge of the various processes in banking. After completing the probation period of three years, Phanasgaonkar moved to the branch office and headed the office automation project at SBI. He was involved in software deployment, training of staff and gathering speci-fications for the IT projects.

He was later shifted to the head office and started looking at MIS. This was where he started software

coding. From 1986 to 1990, Phanas-gaonkar was involved in extensive programming for key head office functions, software testing and deployment for the branch automa-tion project.

By 1990, the IT industry started to boom in the country and lured Pha-nasgaonkar. He, therefore, decided to enter the industry and joined Tata Unisys, a collaboration between Tata and Unisys, which was into main-frame systems.

His role at Tata Unisys was to drive the country’s first offshore develop-ment centre for a European client named Banque Indosuez. Here, Phanasgaonkar leveraged his bank-

C O V E R S T O R Y | T h i n k i n g b u S i n E S S V a l u E

22 February 2013

ing and IT experience to help clients from the banking industry in the areas of SWIFT payment interface, FX and MM dealing and total bank-ing solutions. He also worked for an insurance client based in the US.

Taking initiative, Phanasgaonkar went beyond the role of IT and got himself involved in the development of products on trade finance for the company. He even got into the mar-keting and support of the products.

The biggest challenge that Pha-nasgaonkar faced at Tata Unisys was that the people working on program-ming assignments on international projects were valued more. Since the products team was small and new and it was a green field initiative, it wasn’t given its due credit.

In 1993, he joined iFlex, which was then called Citicorp Infotech. The company was working on many banking and finance software prod-ucts. Phanasgaonkar was a domain expert in banking with a good IT experience. According to Phanasga-onkar, this was one of the best learn-ing experiences in his career. He was given the opportunity to work on large software development projects at multiple sites and varied require-ments. He was made the incharge of testing and later headed an imple-mentation in Philippines.

This was the time he also got exposed to sales in East Africa, South Africa, Egypt and Middle East. He was involved in product development, pre sales and imple-mentation. The experience at iFlex helped Phanasgaonkar get a clear understanding of customer expecta-tions from banking ERP systems and products.

By 1999, Phanasgaonkar developed an interest in the position of a CIO as it seemed to be an influential role from an IT vendor and business benefit perspective. Seizing the oppo-tunity, he joined Deutsche Bank as the Regional Technology Head-India, Pakistan, Sri Lanka.

He was hired at the time of the Y2K, an issue that made the CIO role

very important. As a CIO, he had to ensure that every software at the company was validated for Y2K. Pha-nasgaonkar also implemented many large deployments in India during his tenure at Deutsche Bank includ-ing a locally acquired core banking solution that acted as a backup option in case the core system at Sin-gapore failed.

In 2001, Phanasgaonkar moved from Mumbai to Delhi to join GE Capital in Gurgaon.

This was a much bigger role for him and in his own words, “This was a significant job in my career in terms of learnings in various aspects of banking and six sigma among many other things.”

In 2004, the CEO of GE Capital International Services (GECIS), Pramod Bhasin, decided to focus on expanding the business. From the existing business of outsourcing, he decided to create an independent company under the name of Gen-pact. The new company brought together several GE BPO companies based in China, Mexico, Hungary, and the US and merged them with the Indian entity of GECIS. Phanas-gaonkar was appointed the Global CIO of Genpact.

After taking up this position, the the biggest challenge that confronted Phanasgaonkar was to move from GE Capital's infrastructure and set up an independent and globally deployed IT systesms and infrastruc-ture. The task at hand for Phanas-gaonkar was not only to create new infrastructure but also to implement a new ERP system and a new service delivery platform. Phanasgaonkar describes this project as the most important one in his career.

From January 2004 to June 2004, he and his team worked 24X7 to achieve what they aspired for. The team comprised of 150 IT full time employees and 350 vendor consul-tants. With a large number of GE businesses outsourcing their mis-sion critical processes to Genpact, Phanasgaonkar and his team had to

MilestonesKey

Public Cloud Deployment: At Reliance Capital Group, his team enabled10,000 users on Google Apps in the public cloud. This is being looked upon as a major collaboration platform through the use of tools such as GMail, Google Talk, Google Docs, YouTube, Google Sites and the social media tool Google+. Google Docs, which is the cloud based office suite, will almost entirely replace MS Office, except for some power users.

Private Cloud: Under Phanasgaonkar's leadership, Reliance Capital (RCap) and its 5 Lines of Business have their entire back-end servers, core systems, storage, security and specialised network equipment co-located at the third party data center facility of Reliance Communication in Vashi, Mumbai. His team created specific capability for perimeter security and edge network which is shared by all the businesses.

SAP for finance and HR was entirely centralised for RCap and lies in a shared services cloud that is accessed by all businesses. The same architecture has also been extended to the company's DR setup in Chennai and Bangalore.

Mobility: RCap's mobility journey, initiated by Phanasgaonkar, commenced in 2009. RCap experimented with multiple platforms including Volantis (now a part of Antenna) and used wrapper software such as Seattle Clouds to enable mobile apps on different mobile operating systems and form factors. Today, RCap has largely standardised on Android with some of the older apps on version 2.3 and newer apps being developed in Java on Android version 4.0 and above. Only specific development happens on iOS. The business apps are largely focused on customer service, lead management, collections, claims survey, new business mobilisation, mobile trading etc. Mail and messaging are available on most mobile devices including android, IOS, BlackBerry with data security driven through enterprise servers, VPN and mobile device management (MDM).

T h i n k i n g b u s i n e s s v a l u e | C O v e R s T O R y

23February 2013

ensure a smooth transition without disrupting business. The project turned out to be a huge success and helped Phanasgaonkar gain rich experience in the areas relating to business, customers, reduction in resolution time and improved communications.

During the process, Phanasgaonkar realised that the project would be impossible to implement if there was a lack of communication with employees, customers and vendors. He needed effective comunication to several questions — What changes will take place? How would customer care executives take calls? What capabilities would be available and what wouldn’t be available? How would some of the existing services change? He then hired a third party consultant to put a communications plan in place.

The exercise lasted six months and Phanasgaonkar reached out to GE’s global CIO in July 2004 to make the final transition.

Giving an animated description of the excited moment, Phanasgaonkar said, “The transition worked like a perfect orchestra—the instruments worked perfectly, musicians (read employees) knew how to play and the audience (cus-tomers) could enjoy the music.”

pEOplE aRE alwaYS lOOking fOR aDViSORY SERViCES likE a

CuSTOmiSED SERViCE ThaT iSn’T VERY ExpEnSiVE anD giVES fOCuSED COnSulTing –SanDEEp phanaSgaOnkaR

In 2006, Phanasgaonkar joined Reliance Capital and went back to Mumbai. While getting him onboard, Amitabh Jhunjunwala, Vice Chairman of Reliance Capital told him, “IT is not just a business enabler, it is the key differentia-tor for us. IT is core to us. Everything we do relies on IT.” Those words gave Phanasgaonkar the encouragement to start looking at growing the business with the help of new IT systems. He ensured the company had the right systems in place that could help create new business avenues.

However, the financial meltdown in 2008 changed everything. Suddenly the focus was on maintaining a

24 February 2013

good bottom-line and on cost management. IT costs had to become variable and be in sync with sales and since the sales were down, the IT costs were also required to go down. That said, most of the IT costs were fixed and reducing them was going to be very difficult.

Key InitiativesPhanasgaonkar took the recession as an opportunity to deploy modern IT systems in the company. He took the virtualisation route to cut close to 50 percent servers. He also renegotiated vendor contracts and brought variability in licence costs to make costs proportional to business revenues. From that point on, he started looking at IT costs from a bottom-line perspective. He leveraged emerging cloud infrastructure and SaaS technologies to ensure that the company paid only for what it used and not for idle or peak capacity.

Phanasgaonkar later saw an opportunity in the mobile space and latched onto it.

“We realised that mobile subscribers were a great opportunity area for us.” What start-ed two years ago as an experiment to tap a set of potential customers, has turned into a revolution at Reliance Capital.

When Phanasgaonkar started on the mobility journey, the large number of mobile form factors was a big challenge from a technical issues perspective. There were also too many mobile platforms, making service delivery even more complex. The company, therefore, decided to focus only on Android platform and tap into a growing market.

Reliance Capital is now planning to extend even its corporate applications on to the mobile for employees to enable anywhere anytime access on mobiles and tablets.

To enable the mobile strategy within the enterprise, Phanasgaonkar zeroed in on Cirtix Virtual Desktop solution, which also coincided with the company's desktop refresh cycle. For end point devices, the com-pany decided to use the VDI technology and also leveraged the same to give enterprise application access on mobile devices. It has turned out to be a major cost advantage for the company in terms of bandwidth, power costs etc. There are close to 1000 users already on VDI and by the end of 2013, the number is expected to go up to 5000.

Reliance Capital Group implemented 10,000 users in Google Apps in the public cloud. This was being looked upon as a major collaboration platform through the use of tools such as GMail, Google Talk, Google Docs, YouTube, Google Sites and the social media tool Google+. Google Docs is being used as the defacto office suite. Google Talk has enabled audio and video communication between the leadership and its teams. Hangout in Google+ has enabled low cost simultaneous, multi-location and interactive video conferencing with the additional ability to stream live to thousands of employees through “Hangout on Air” on YouTube. Login authentication, website lockdown, data loss to the internet is imple-mented through on-premise tools. Google has also worked on enhancing security fea-tures as appropriate for a financial services enterprise. Large storage, host of apps and features have compelled users for adoption.

In 2009, the company needed to enhance profitability. It was decided that what was neeeded were user insights to take better

and faster business decisions. Phanasga-onkar deployed a BI solution from SAS to get insights that previously didn't exist in the system. The company started putting special focus on customer segmentation. Along with using analytics to get better insights into the company's business, Reli-ance Capital also started using predictive analytics to implement new business mod-els in the field.

Management StylePhanasgaonkar believes that as a CIO, you not only grapple with technology but also business. It is therefore important for CIOs to keep pace with both technology as well as business. He is a firm believer of encourag-ing his team members to create and share knowledge. He feels it is important for a CIO to absorb all this knowledge generated by the team to see how he can innovate and act as a true leader.

According to Phanasgaonkar, focus on end-users and customers is very important. A CIO needs to adapt to change, given the dynamic nature of business and technology.

Phanasgaonkar recently decided to quit his position at Reliance Capital. Given his penchant to be an entrepreneur, he is con-sidering to take up strategic consulting and mentoring high-tech startups. “I might look at offering innovative IT services, create a package of innovative service concepts and different models of delivery.”

“People are always looking for advisory services like a customised service that isn’t very expensive and gives focused consult-ing. This is something that is still lacking and I hope I would be able to bridge this gap sometime.”

Future of ITPhanasgaonkar believes that going forward, customers would be more IT savvy, technol-ogy would be more self service and delivery time of a service would go down drasti-cally. Moreover, App store concepts would become essential to enterprise computing.

He believes that even complex tools such as analytics would get into the hands of the end users as end points tend to get more and more powerful. Phanasga-onkar also feels that the line between work and personal life would get blurred going forward.

Favourite Book: Da Vinci Code by Dan Brown. He also likes to read fiction and periodicals

Favorite Sports: Phanasgaonkar is into sports big time. He likes to involve himself in various sporting activities such as cricket, table tennis and swimming

Acitvities: He loves to travel. Phanasgaonkar is a people's person and visiting new countries and meeting people from different walks of life always excite him

Leadership Mantra: Encourage team participation, knowledge sharing and absorb this knowledge for taking innovative decisions

Favorite Wheels: Toyota Fortuner

FactsKey

T h i n k i n g b u s i n e s s v a l u e | C O v e R s T O R y

25February 2013

“phanasgaonkar is a genuine person”Murli Nambiar, CTO and Group CSO, Reliance Capital worked very closely with Sandeep Phanasgaonkar. In an interview with CIO&Leader, he shares his personal experience about working with him.

How do you see Sandeep Phanasgaonkar as a person?

I’ve worked with Sandeep closely and I feel he is a very genuine and warm person. He’s also a very open person who has a great sense of humor.

What is Phanasgaonkar’s style of working?Sandeep gives full independence to his team and

also ensures that team members are given suitable responsibilities so that they can function in the best pos-sible way and achieve the objectives.

How do you rate him on the leadership scale?In my opinion, Sandeep should be rated high on the

leadership scale. While I can’t put a number to it, all I can say is that he’s an excellent leader.

What are the things that you have learned from Phanasgaonkar?

What I learnt from Sandeep was that it is important to trust your team members and allow them to take newer responsibilities along with accountability for the job. It is also very important to have trust in your team and allow them to find ways in which they can perform better than the expectations.

“SanDEEp giVES full inDEpEnDEnCE TO hiS TEam

anD alSO EnSuRES ThaT TEam mEmBERS aRE giVEn SuiTaBlE RESpOnSiBiliTiES SO ThaT ThEY funCTiOn in ThE BEST pOSSiBlE waY anD aChiEVE ThE OBjECTiVES”–muRli namBiaR, CTO & gROup CSO, RElianCE CapiTal

C O V E R S T O R Y | T h i n k i n g b u S i n E S S V a l u E

26 February 2013

“The art of leadership is

saying no, not saying yes. It

is very easy to say yes.”

—Tony Blair

26AFebruary 2013

SpecIAl

leAderShIp SecTIon

26B February 2013

CIO&LEADER This special section on leadership has been designed keeping in mind the evolving role of CIOs. The objective is to provide an eclectic mix of leadership articles and opinions from top consultants and gurus as well as create a platform for peer learning. Here is a brief description of each sub-section that will give you an idea of what to expect each month from CIO&Leader:

An opinion piece on leadership penned by leadership gurus. Plus, an insightful article from a leading consulting firm

Cross leveraging our strong traction in the IT Manager community, this section will have interviews/features about IT Managers and CIOs talking about their expectations, working styles and aspirations. In this section, a Mentor and a Mentee will identify each other’s strengths and weaknesses, opine on each other’s style of functioning, discuss the biggest lessons learnt from each other, talk about memorable projects and shared interests

Featuring a top CIO/Technology Company Head and the best guidance/recommendation he received with respect to his personal or professional growth. The advice could relate to dealing with people, managing personal finance, and balancing work and life

A one-page review of a book on leadership

Me & MY MenTee

leAdIng edge 28

This feature focusses on how CIOs run IT organisations in their company as if they were CEOs. It will comment on whether IT should have a separate P&L, expectation management of different LoB heads, HR policies within IT, operational issues, etc. This section will provide insights into the challenges of putting a price on IT services, issues of changing user mindset, squeezing more value out of IT, justifying RoI on IT, attracting and retaining talent, and competing against external vendors

Top down2731

30

36

The BeST AdvIce I ever goT

ShelF lIFe

I n T r o d u c T I o n

Preparing Future LeadersAshok Cherian, CIO, JK Cement, feels that the best way to learn is by taking up responsibilities

company to track different needs in the market. I believe in helping my team members in leadership traits.

As a leader, I have always believed in delegating work. There will be 99 percent instances where you will find me delegating work to my juniors. In this way I am preparing my juniors to be the future leader in the organisation. If you don’t put the subordinate in a position where he is answerable for his actions, then you are depriving him of the opportunity of becoming a future leader. The best way to learn is to take up responsibilities and think in a manner where you are the business leader. Once you expose your team members to greater responsibil-ities, they will learn to take bigger decisions and their confidence also increases manifold.

Another important trait that I teach my juniors is to keep their cool and think over the problem in a rational manner. This helps them in coming up with solutions rather than getting impatient and in turn creating a situation where the whole team panics. I believe in team work and keep on moti-vating them from time to time.

— As told to Atanu Kumar Das

When I joIned JK Cement, there were lots of things that needed to be done to make the IT process stream-lined. Since I am JK Cement’s first CIO, my mandate is to set up an IT department that would increase the com-pany’s bottomline. As I had to set up the IT team from scratch, I hand picked each member. I communicated to them that their job was not only to build an IT system but also work closely with the various departments to understand their issues and provide solutions to them through IT.

Today, we have a 33-member IT team. It took us two years to set it up. We have a centralised IT team and everything is structured perfectly which ensures that It plays an important part in the company’s growth. We have to ensure that we come up with innovative products to move ahead of the competition. It is very important for a company as big as JK Cement to have an IT network that is centrally accessed as it helps the

Top Down Ashok CheriAn Cio, Jk CemenT

27February 2013

iima

ge

by

su

bh

oji

t p

au

l

The early monThs of a CIO’s tenure are an extremely important time to learn about a company’s culture and critical issues, shape an agenda for change, build relations with peers and senior leaders, and make decisions—on people, funding, and other matters—that will provide a solid founda-tion for the future.

Ian Buchanan, who has served several financial institutions as CIO or COO, says: “In the first 100 days, you have to make your mark. In that period, you also need to for-mulate a compelling vision, because if you want to lead, as opposed to executing the visions of others, you do need to come out quickly with a story that everybody can align around.” (For more, see “Hitting the ground

running as a new CIO: An interview with Barclaycard’s Ian Buchanan.”)

By working over the years with many senior executives stepping into this role, we’ve learned about elements to cover, pri-orities to make, and mistakes to avoid. We have attempted to distill the most important topics to address during these critical first months. Of course, the particulars of each situation will have an impact on the priori-ties of each CIO. But we believe every new CIO will benefit from reviewing these ele-ments and using them as a starting point to shape his or her own course of action.

1. sTarT The fIrsT 100 days before your fIrsT day

Use the interview process to understand organisational dynamics and expectations.

Ensure you see all stakeholders, such as corporate directors, to form a better perspective. Talk with systems integrators and other outside experts to obtain a fuller view.

Start building a hypothesis of your plan.

2. ClarIfy and sTrengThen your mandaTe Understand what is expected of you and how you will be measured, for example, with regard to new business capabili-ties, cost targets, automation levels, and projects to fix. Set out your “strategic pos-ture”—for instance, emphasising IT as a

The first 100 days of a new CIOIt’s critical to get a good start when stepping into the CIO role. Consider several measures when you shape your course by michael bloch and Paul Willmott

LeADing eDge miChAeL BLoCh AnD pAuL wiLLmoTT

28 February 2013

driver or enabler of strategy. Set clear expectations with the CEO and other stakeholders on the levers that you must have control over, such as the free-dom to cancel projects, change reporting lines, replace business unit CIOs, or out-source functions.

Enlist CEO support for early symbolic actions, for instance, stopping a high-pro-file project or replacing an underperform-ing executive.

3. buIld relaTIonshIPs WITh busIness unIT exeCuTIves and agree uPon PrIorITIes You only get one opportunity to make a strong first impression, so prepare for these meetings well. Get input from

members of your team who know the executives you’re meeting. Learn as much as possible about their priorities and con-cerns up front. Form a hypothesis of the likely answers, and test and refine them in every discussion.

Develop alliances across the group. Set meetings with business unit heads and other key executives, for instance, cli-ent account managers and R&D leaders. Focus on the business imperatives that IT can enable or transform with regard to, for example, channels, customer relations, and products.

Set the tone for peer relationships and avoid conversations about executives’ IT concerns. Challenge current priorities and plans when appropriate. Educate others

when necessary. Many executives are ner-vous about IT simply because they don’t understand it.

4. undersTand The uPsIde and doWnsIde Understand the specific role of technology in the industry and how it creates value. Study the best and most admired users of technology in your industry. What do they do that your company does not?

Ensure that an IT-enabled innovation pipeline is in place. Start building this capability if needed.

Make sure you understand the IT-driven risks in the organisation, for instance, regarding cybersecurity and large, ongo-ing programs that might not deliver on expectations. See to it that regular review and mitigation plans are in place.

5. develoP The Plan Create transparency on performance and health. Develop a fact base not only on IT performance—for instance, cost levels, service levels, head count, and key proj-ects—but also on IT health with regard to architecture, capabilities, culture, and delivery.

Understand your technical assets and benchmark them against best practice. Consider technological discontinuities, such as cloud computing, mobility, and social media, and study how you can lever-age them.

Choose levers selectively. There are many levers for improving IT, but the most effective transformations focus on just a handful. Sequence improvements to build capabilities. Partner or outsource where required to fill capability deficits, but make sure to develop internal capabilities as part of the plan.

6. buIld your Team Start with organisational design. Incum-bent team members might be effective in their current roles but not in a new struc-ture. Aim high. Sketch out the profiles of your “dream team” rather than shuffling existing players.

29February 2013

m i C h A e L B L o C h A n D p A u L w i L L m o T T | L e A D i n g e D g eil

lu

st

ra

tio

n b

y p

ho

to

s.c

om

Michael Bloch is a director in McKinsey’s Tel

Aviv office, and Paul Willmott is a director in

the London office.

30 February 2013

The besT advice that I have got was during the early years of my career. At that time I had seven to eight years of work experience and was about to move into a managerial level role from being an engineer. One day my boss gave me the good news about my promotion. He told me about my new role, opportunities and challenges that lay ahead. It was a completely new role for me, as earlier as an individual I was responsible for my own work but in a manegirial role I had to take care of others’ work as well. The new role came with new responsibili-ties and I was given the opportunity to lead an entire team. I was supposed to execute the orders and guidelines of my superior. Infact, the opportunity was a stepping stone towards a leadership role.

My boss gave me an important advice which I cherish till today. He told me to try and create value out of every project that I execute.

While at that point of time it sounded sweet and simple even after completing more than two decades of my professional life, I still find it was a very profound state-ment. I followed that advice throughout my career. Even today, I follow it in my day-to-day life. I try to create value for my custom-ers, who are largely the internal audiences. The advice has helped me to a great extent.

Earlier, the management used to look at the IT team as executors. We were never involved in any decision making process.

It was easy for me to adopt this new change because I was already doing this since the early stages of my career.

I pass on this advice to my juniors, espe-cially those in the support team. They are the people who never gets any apprecia-tion, which they deserve. The moment things go haywire, they start getting the brickbats.

As my boss adviced me, I too adviced my juniors to create value in every project that they execute. This will help them get recognition and appreciation. I hope they will follow my advice during their journey ahead.

—As told to Akhilesh Shukla

Orders and guidelines were issued to us and we were supposed to execute them.

This perspective began to change when we started creating value in every project that we executed. The IT team soon started gaining respect among the stakeholders.

Our role was transformed from being executors to becoming enablers. The IT team started to get involved in decision making at much earlier stage, as opposed to earlier when it was informed about any new project after the top management took the final decision.

The advice is relevant even in today’s time when the role of a CIO has changed from just running the IT infrastructure to critically supporting the business role.

murALiDhArAn rAmAChAnDrAnCio, synTeL

“Create value out of every project”

The BesT ADviCe i ever goT

31February 2013

menTorJAyAnTA prABhuCTo, essAr group

menTee

keyur DesAiAvp, iT infrAsTruCTure & proJeCTs group, Aegis LimiTeD

What do you look for in a mentee? (qualities, attributes, skills, etc.)

jayanTa Prabhu The basic ingredient of a Mentor – Men-tee relationship is “Trust”. Although technical skill sets have their own place, an individual with hard + smart working skillsets, Positive attitude, Enthusiastic, Open for new learning in life with honest approach are some of the key qualities and attributes desired in a mentee.

What do you look up to in your mentor? (qualities, attributes, skills, etc.)

Keyur desaI My Journey from a Trainee to Associate Vice President within the span of 11 years at Essar Group has been very exciting and the most memorable in my Life. I have always admired Jayantha Prabhu – my mentor for People management skills, inspiring Leadership Skills, Positive instinct towards growth and change and Practi-cal approach in life. He is a Quick Thinker — Decision maker and last but not the least — a very good human being. His never tiring spirit has always inspired me to work relentlessly meeting the deadlines. There have been many incidents where, by his mere statements, I could perform more than the expectations. It felt amazing how he could gauge the potential within the person.

How do you identify and priorities areas where you think your mentee needs to focus on for

further professional development?jayanTa Prabhu It is always important to judge the

individual in the very first instance, this gives you the right way to prioritise the areas of improvement in your mentee. Keyur has been with me since quite some years and over the period of time have known him very well, time and again have been able to guide him to focus on the key areas that has helped him to grow.

Do you think your mentor spends enough time with you? How do you think your mentor could

contribute more towards your professional growth?Keyur desaI Jayantha, although keeping himself very busy with the important meetings all day long, he ensures that he speaks to me in person or over call, cou-ple of times a day either to discuss official matters or at least to say “How are you doing?” I feel this is an encour-aging way that helps to ease the work pressure and main-tain a better relation. At times, there are chances when have actually not met in person due to his busy travel schedules and other important meetings. I strongly feel, if I can meet him in person more frequently, it will open up lot many horizons between us that will enable more professional interactions and help in my professional growth. The “Core Insights” and the “Managing Power” will be the key takeaways from this change.

How do you think your mentee can take on more responsibilities?

jayanTa Prabhu Keyur has been very energetic in his approach and has a cool temperament to analyze

Grooming the Team for Leadership

me & my menTee

32 February 2013

and handle the pressure situations very efficiently. His timely adherence to commitments with the blend of good communication and People management skills has always encouraged me to assign more responsibil- ities on his shoulders. He is a quick learner with sharp wittedness that gives me confidence to allow him handle bigger decisions.

Does your mentor delegate enough tasks and responsibilities to you? How often do you take

key decisions yourself? How would you like the situation to change (if at all)?

m e & m y m e n T e e | J A y A n T A p r A B h u & k e y u r D e s A i

“the basic ingredient of any mentor–mentee relationship is undoubtedly “trust”

Keyur desaI Jayantha strongly believes in job delega-tion with justified empowerment to his team and has believed in grooming the team as Leaders. He has always empowered me with the authority to take decisions in my domain verticals and have genuinely supported my decisions. I remember an incident where the project got delayed and there was a chaos situation. He supported me in those critical moments and later explained me my missed out pointers. He has always guided me with the principle, “Never fear the Failures, they are the learning steps to Success.” Today, at times - even in his absence I have the confidence to take the decisions in my areas ensuring the right protocols are followed.

Are there any conflicts between you and your mentee? If so, how do you resolve them (you

may also cite one or two instances)? If not, what do you think is the secret of your smooth working relationship?jayanTa Prabhu There have been some instances where we have difference in opinion on the technical approach to which I prefer to discuss and understand his point of view before the final call is taken. It always has been my strong belief in empowering my mentees and grooming them into Leaders. I prefer to give chance to Keyur to prove his point, that has helped him to boost his self-confidence and improve his leadership qualities as well.

Please describe your working relationship with your mentor and how the two of you

address key challenges together or resolve any conflicts of opinion. (You may cite a couple of examples.)Keyur desaI While Jayantha has the art of extracting the best out of the team and his ability to motivate people – he believes in maintaining a good rapport with all. At times, he has gone out of his ways to help people and never look back by giving “extra efforts” for others. During the critical times at work, I used to desperately try to speak to him — since I was always sure that by just talking to him, I’m going to get the enough strength to put more efforts and achieve success. He works on simple principles and backs up his team at all times. I remember an incident couple of years back when I was working on a critical inter-national project and was struggling with my team to have the vendor support due to weekends. He went out of his ways to arrange the vendor support while myself and my team worked relentlessly ensuring the deadlines were met. There has always been a trust relationship between us that has been one of the key factor of our relation. At times there have been differ-ence of opinion, I always opted to suggest with healthy discussions to come to a mutual conclusion and at

ima

ge

by

jit

en

ga

nd

hi

33February 2013

J A y A n T A p r A B h u & k e y u r D e s A i | m e & m y m e n T e e

times where the decisions were not clear, I respected his word as final.

What are the two or three key things you have learned from your mentee?

jayanTa Prabhu Although we share a good professional relationship, I admire his adventurous nature and the way he builds personal rapport with different People in his personal and professional life.

What are the two or three key things you have learned from your mentor?

Keyur desaI Over the years, although I have learnt a lot of good virtues from him — I believe, being humble and helping others is one of the key learning and have been practicing in my life. Leadership is influence – His instincts to groom Leaders within the team and the Posi-tive energy towards life that keeps him charged at any hour of the day have been fascinating and has helped me achieve success in my personal and professional life.

What are the challenges and constraints for a mentor/CIO to devote more time and effort for

the development of their immediate juniors?jayanTa Prabhu Owning the responsibilities of Group CTO of Essar Group and the schedules due to meetings with our Senior management, Technology Vendors, Business CIOs & CEOs along with travel schedules, at times it becomes difficult to spend quality time with my leadership team — my direct reports. My busy schedules, always encouraged me to stay in touch with my subordinates over call on daily basis to ensure my personal touch with them. I always believe in going one extra mile understanding their personal problems to ensure I can extend all my support to them.

What are your views on the need for a mentor for IT managers in realizing their full potential?

Keyur desaI I strongly feel that a mentor is a must for any individual irrespective of the professional field. Mentoring helps to groom the individual with the true virtues of experience and success in personal and pro-fessional life. IT is an ever changing dynamic field and IT managers have to keep themselves abreast with the latest technologies to keep up the pace while ensuring right technology is implemented within the Organiza-tion. IT Leaders are the IT Enablers in any Organization that acts as the catalyst in improving the productivity of end users and thereby contributing in overall growth of the Organisation. A mentor plays a very important role to help IT Managers keeping the right attitude at work towards betterment of the people, help improve the pro-ductivity and achieve success in life.

Please share your views on the role you think a CIO can play in mentoring IT managers and

take them to the next level.jayanTa Prabhu Role of a CIO / CTO is very important in mentoring the next level IT leadership team within the organisation. Today’s mentees are the future lead-ers and they need to be groomed to take care of the current dynamic situation and keep them prepared for the upcoming challenges in future. I strongly believe, developing leaders within the team is the best approach towards Organization’s Growth and Success.

—As told to Yashvendra Singh

“jayantha strongly believes in job delegation with justified empowerment to his team”

34 February 2013

DAviD Limopinion

The muCh vaunted United Nations conference at Copenhagen is over — but not the wheeling and deal-ing that led to a much criticised conference statement which promised some improvements in carbon emis-sions, but held no one accountable for any targets. From the outset, from a leadership perspective the chal-lenge was huge: 15,000 delegates and officials, 5,000 journalists and 98 world leaders attempting to agree on something – ANYTHING. Essentially, the delegates were split into two broad camps – the developed coun-tries resisting an agreement that would legally bind them to cut emissions by a certain amount by 2020; and the developing world that wanted more help to reduce their emissions, and also to avoid being tied down to legal agreements that might both save the planet and nix their growing economies.

These were dense, multilateral negotiations, and here are what we can learn from the negotiation skills dis-played by the players.

1) stonewalling and avoidingChina, one of the world’s biggest polluter (bit not by a per capita basis) adopted two effective negotiation tactics. They were staunchly resistant to committing to anything, and thus avoided making any commitments throughout the proceedings. By simply postponing and avoiding doing anything, you can sometimes get away with what you want, rather than cause increased ten-

What Happened at Copenhagen? Future negotiations for climate change need to take place swiftly, and probably best done by having a ‘side’ deal of binding commitments signed between the nations that impact carbon emissions level most significantly

ABouT The AuThordavid lim, Founder, everest motivation team, is a leadership and negotiation coach, best-selling author and two-time mt everest expedition leader. he can be reached at his blog http://theasiannegotiator. wordpress.com, or david@everestmotivation.com

35February 2013

D A v i D L i m | o p i n i o n

ima

ge

by

ph

ot

os

.co

m

sion and/or outright hostilities by adopting a pro-active stance. Recall that it was President Obama who had to find the ‘missing’ Chinese delegation — who were later found to be cutting a side deal with other develop-ing nations from the BRIC (Brazil, Russia, India and China) bloc.

2) managing expectations and setting more defined goalsA key letdown was the near-total inability with the UN meeting convenor to set a series of intermediate and achievable goals that the majority of the nations present could adopt and move ahead. Wildly optimistic state-ments, and ambitious carbon control targets set way beyond the lifetime of democratic governments just set up Copenhagen for failure.

3) Introducing new Players Into the game can Change the dynamicFaced with a total non-result, Obama’s persuasion and influence led to, at least, a non-binding commitment from richer nations to help poorer nations by a sum of some billions of dollars. This was hardly a victorious end to Copenhagen, but it was at least something as a start. If only UN head Ban Kim Moon had framed

China adopted two effective negotiation tactics. They were staunchly resistant to committing to anything, and thus avoided making any commitments throughout the proceedings. By simply postponing and avoiding doing anything, you can sometimes get away with what you want, rather than cause increased tension and/or outright hostilities by adopting a pro-active stance

the meeting as a ‘start’ and not the solution in the very beginning, delegates would not have been negotiating over so many non-negotiables from the start

3b) Invoke the doomsday TacticObama probably invoked what we call the Doomsday tactic – that a non-result finish to the conference would make all of the top leaders look stupid and obstinate, and that unpalatable public relations reality likely spurred the rest of the key players to grudgingly make the final concessions (though non-binding).

So what now? Future negotiations for climate change need to take place swiftly, and probably best done by having a ‘side’ deal of binding commitments signed between the nations that impact carbon emis-sions level most significantly, and overseen by observ-ers. This won’t be liked by the less influential nations, but then you won’t have valuable time taken away by lengthy diatribes of little value spouted by tinpot dictators – as what happened in Copenhagen. This is where pure democracy worsens rather than improves a climate for healthy negotiations and actual, binding action and results. Give me a pound of action over a ton of talk anytime.

DAVID LIM IS A LEADERSHIP AND NEGOTIATION

COACH AND CAN BE FOUND ON HIS BLOG http://

theasiannegotiator.wordpress.com, OR subscribe to his free

e-newsletter at david@everestmotivation.com

36 February 2013

The Business of T20 The book reveals how the

author guided a T20 cricket team to championship glory. His success mantra: Cricket

is not a team game

WhaT Is mosT important while selecting a good cricket team?

How do you value a cricket team in a league that has not been launched yet? These are some of the questions Ravi Ramu and his friends had to find answers to after bidding for one of the teams in the inaugural Karna-taka Premier league in 2009.

The answers to these questions form the crux of the book Inside Indian T20 .

The book penned by Ramu takes readers into a journey of the pro-cess of setting up a T20 squad in a nascent league (KPL) and leading it to victory in the first season.

Says Ramu: “We started with just an idea to bid for a team. We had no idea about the returns from the invest-ment from the venture and whether it would be a success. We decided to take a gamble and it paid off.”

He adds, “I have worked in many management roles across the globe and was initially wary on how managing a team would be. It has been a great experience and I have enjoyed it thoroughly. It has helped me take to the T20 format of the game as well.”

Ramu is a keen follower of the game and felt that a side needs a good captain and a coach.

“They need to be people who would rally their players and make everyone give their best. I wanted a captain and coach who have the correct atti-tude to lead.”

“This holds true in a cricket field and a corporate office, ” says Ramu. Giving an example from the cricket field, he contends, “Mike Brearley was a mediocre player, but an excel-lent captain. He had the knack of managing a team well and getting results from the players. That is the perquisite for any captain.”

Ramu says that he met his players only once in the course of the tournament.

“I do not think owners have a role to play in how a team performs on field. That is the job of the coach and the captain.”

“I feel that it is very important that every player should be in his own zone, when he is on the field,” says Ramu

He adds, “I do not agree with the oft repeated statement that cricket is a team game.”

“It is not a team game like football or hockey, where you need passes, good saves and a team effort to do a good job. In cricket, when you are batting or bowling, you are playing an individual game. The team does not determine how you bat or bowl as an individual,” says Ramu.

The main problem that the Indian team has faced in its slump over the last 18 months has been the lack of a communicative coach and captain, says Ramu.

“You need someone who makes you comfortable in the zone or coax-es you into it. That does not seem to be happening, which is a major cause of concern.”

—This book review was originally pub-

lished in The Hindu.

— To read the original article, please

visit http://www.thehindu.com/todays-

paper/tp-features/tp-metroplus/the-

business-of-t20/article4338147.ece

ABouT The AuThorravi ramu is a member of the institute of chartered accountants in england and Wales, london. after many years in london, amsterdam and dubai, ravi returned to india in 1994. ravi is also working on his next book: a novel set in the corporate world.

“I do not think owners have a role to play in how a team performs on field. That is the job of the coach and the captain” — rAvi rAmu

sheLf Life

N O H O L D S B A R R E D | A L O k B H A R A D w A j

38 February 2013

Alok Bharadwaj Executive Vice President, Canon India Pvt Ltd talks to Varun Aggarwal about the growth and opportunities in the managed document and print services market in India

DOSSIER

Company:Canon

EstablishEd:

1937

hEadquartErs:

Tokyo, Japan

produCts:

SLR cameras, still

cameras, digital

cameras, camcorders,

printers, scanners etc

EmployEEs:

198,307

“Cost-Effectiveness Driving MPS Market”

A l o k B h A r A d w A j | N o h o l d S B A r r E d

39February 2013

Managed services market in India is still very fragmented with re-filler

and printer outsourcing vendors selling their services under the MPS umbrella. How do you distinguish your services in such a market?India is getting more globalised and it has become imperative for organisations to adopt newer technologies in order to streamline their business processes and become more effective and efficient. With the changing technology MDS not only caters to specific segments but also to a group of small and large enterprises. There is increasing awareness about the MPS market in India as outsourcing as a service model matures and early adopters demon-strate benefits.

As the technology is redefining the ways, solutions software services are becoming increasingly a lot more critical to the suc-cess of the business. With Canon Managed document services, organizations can achieve efficiencies in document workflow, making their staff more productive at the same time. A successful MDS partnership with Canon will enable following long term benefits for organisations:

1. Reduce Operational Cost in Document Management

2. Enhanced Employee Productivity3. Improved Document Processes4. Greener Working Environment5. Enhanced Print & Document Security

Most of the MPS contracts are restricted to per page cost. How are

you highlighting the values offered by these services? Do you see a change in the way CIOs look at MPS?With India getting more globalised it is imperative for CIOs to be aware of and adopt new technologies in order to stream-line businesses and the right management of resources.

India produces approximately 4.4 lakh tons of e-waste and this is growing at 20 per-cent YoY with less than five percent being recycled. The better side is that, companies today are going green and the first thing a CIO looks at when it comes to MDS is paper management. MPS provides anywhere and anyplace printing reducing 20 percent to 30 percent reduction in IT support costs for print/copy/fax/scan user issues. These

services help reduce fleet management by saving electricity, real estate i.e. space saving and manpower saving. This helps in a reduction of print-related Help Desk calls that brings IT related costs down. The machines provided by Canon consume least electricity even when in a sleep mode in comparison to industry standards.

There is increasing awareness about MPS market in India. The momentum is currently evident in large enterprises and the vibrancy in the market with the entry of more players offering MPS is slowly but surely permeating to other segments includ-ing the medium and small enterprises.

Printing is often not handled by the CIOs and is considered to be an

admin function. That said, what are you doing to sensitize CIOs towards the importance of these services?

by companies there are huge opportunities wherein they can save up to 30 percent of these costs with effectively managed docu-ment services. CIOs are also realising the need for domain experts to manage pro-cesses and activities more effectively. Thus, outsourcing has gained importance in docu-ment management and other spaces. Enter-prises today are looking at saving costs by shifting from CAPEX to OPEX models and bringing in operational excellence and we feel one of the major areas where this can be implemented is print infrastructure.

The first thing on a CIO’s mind today is paper management to go green. Along with paperless office and streamline workflow optimization of storage, readiness and accuracy of data, security and digital color printing is also on their mind. Some of the other factors that play a big role is- will out-sourcing their entire printing requirement will help streamline their infrastructure, what kind of infrastructural changes will the organization have to do for adopting MDS, issues around having partial print management solutions that only cover a portion of their printers. Canon’s managed document services provide users appropri-ate contract and optimization of processes with automated supplies, controls around the usage, pool printing, job accounting and rules-based printing, providing significant cost savings.

We at Canon believe that CIOs today have to be sensitised about these issues and the need to have effective MPS. Canon works towards building awareness amongst CIOs on the importance of adequately managed print fleet. Lack of the right printing facili-ties affects the company’s ability to adopt to change in addition to constant management and maintenance.

How big is MPS business for Canon? What are your growth plans

in India?The MPS market in India is growing fast and according to a study by Infotrends the market size for managed print services in India will exceed $275 million by 2014.

Canon has 15 percent of market share in the MDS business in India. We have already signed up with 75 large enterprises by the end of 2012. MDS accounts for 1/3rd of the B2B office imaging business.

“Canon works towards building

awareness amongst CIOs

on the importance of adequately managed print

fleet”

Indian CIOs have recognised the need to reduce costs and optimise resources so they can build higher competitiveness for the organisation. According to Gartner esti-mates, organizations spend approximately one to three percent of their annual revenue on print activities and these document out-put costs are rising at around 30 percent per annum. Companies have started to realize that printing is one of the few remaining areas of IT spending where substantial sav-ings can be realized with little risk. Printing cannot be neglected as the printed informa-tion adds values to the business by support-ing the brand and helping to create sales opportunities. Though print management is the ‘the last grey area of uncontrolled costs’, if handled efficiently and strategically

NEXTHORIZONS

Data Privacy and Information Security Pg 42

iPad Users Say Tablet is Mission Critical Pg 43 More

FeaTUreS InSIDe

“Big Data” has been around for a while and many organisations are forging ahead with Hadoop deploy-ments or looking at NoSQL

database models such as the open-source MongoDB, to allow for the process-ing of vast logistical, marketing or consum-er lead data sources. Infosec is no stranger to a big approach to data gathering and analytics. SIEM (security information and event monitoring) solutions have long since been focused on centralising vast amounts

Security Analytics: Hype or Huge?Big data is here to stay and security analytics just needs to figure out the best way to use it By Simon Moffatt

ima

ge

by

ph

ot

os

.co

m

40 February 2013

of application and network device log data in order to provide a fast repository where known signatures can applied.

Big and FastThe SIEM vendor product differentiation approach, has often been focused on capac-ity and speed. Nitro (McAfee’s SIEM prod-uct) prides itself on it's supremely fast Ada written database. HP’s ArcSight product is all about device and platform integration and scalability. The use of SIEM is symp-tomatic to the use of IT in general — the focus on automation of existing problems, via integration and centralisation. The driv-ers behind these are pretty simple — there is a cost benefit and tangible Return on Investment of automating something in the long term (staff can swap out to more com-plex, value driven projects, there’s a faster turn around of existing problems) whereas centralisation, provides simpler infrastruc-tures to support, maintain and optimise.

The Knowns, Unknowns and Known Unknowns of SecurityI don’t want to take too much inspira-tion from George Bush’s confusing path of known unknowns, but there is a valid point, that when it comes to protection in any aspect of life, knowing what you’re protecting and more importantly, who, or what you are setting protection from, is incredibly important. SIEM products are incredibly useful at helping to find known issues. For example, if a login attempt fails three times on a particular application, or the ability to identify traffic going a black-listed IP address. All characteristics have a known set of values, which help to build up a query. This can develop into a catalog of known queries (aka signatures) which can be applied your dataset. The larger the dataset, the more bad stuff you hope to capture. This is where the three S’s of SIEM come in - the sphere, scope and speed of analysis. Deployments want huge datasets, connected to numerous differing sources of information, with the ability to very quickly run a known signa-ture against the data in order to find a match. The focus is on a real-time (or near time) analysis

using a helicopter-in a approach. Can this approach be extended further? A pure big-data style approach for security? How can we start to use that vast data set to look for the unknowns?

Benefits to SecurityThe first area which seems to be gaining popularity is the marrying of SIEM activity data to identity and access management (IAM) data. IAM knows about an individu-als identity (who, where and possibly why) as well as that identity’s capabilities (who, has access to what?), but IAM doesn’t know what that user has actually been doing with their access. SIEM on the other hand, knows exactly what has been going (even with out any signature analytics) but doesn’t neces-sarily know by whom. Start to map activity user id's or IP addresses to real identities stored in an IAM solution and you suddenly have a much wider scope of analysis, and also a lot more context around what you’re

analysing. This can help with attempting to map out the ‘unknowns’ such as fraud and internal and external attacks.

Unknown Use-CasesManaging the known attacks is probably an easier place to start with. This would involve understanding what metrics or signatures an organisation whats to focus on. Again, this

would be driven by a basic asset classifica-tion and risk management process. What do I need protecting and what scenarios would result in those assets being threatened? The approach from a security-analytics per-spective, is to not be focused on technical silo’s. Try to see security originating and terminating across a range of business and technical objects. If a malicious destina-tion IP address is found in a TCP packet picked up via the firewall logs in the SIEM environment, that packet has originated somewhere. What internal host device maps to the source IP address? What operating system is the host device? What common vulnerabilities does that device have? Who is using that device? What is their employ-ee-id, job title or role? Are they a contractor or permanent member of staff? Which sys-tems are the using? Within those systems, what access do they have, was that access approved and what data are they exposed to and so on? Suddenly the picture can be more complex, but also more insightful, especially when attempting to identify the true root cause.

This complex chain of correlated “security big data,” can be used in a manner of ways from post-incident analysis and trend ana-lytics as well as for the mapping of internal data to external threat intelligence. — The article is printed with prior permission from

www.infosecisland.com. For more features and

opinions on information security and risk manage-

ment, please visit Infosec Island.

This complex chain of correlated “security big data,” can be used in a manner of ways from post-incident analysis and trend analytics as well as for the mapping of internal data to external threat intelligence

$17bnwIll BE THE SIZE Of glOBal BuSINESS

INTEllIgENcE SOfTwaRE maRkET By 2016

41February 2013

S E c u R I T y a N a l y T I c S | N E X T H O R I Z O N S

Data Privacy and Information SecurityCyber Insurance Trends report 2013 offers an impressive lineup of recognisable industry experts that offer their insightful views

To help show support of Data Privacy Day 2013 and the impor-tance of “Data Privacy and Security risks,” Cyber Data Risk Managers chose to release its 2nd Annual Data Privacy, Infor-mation Security and Cyber Insurance Trends report on Data Privacy Day 2013.

This exclusive report offers an impressive lineup of recognizable industry experts that offer their insightful views of the 2013 Data Privacy, Information Security and Cyber Insurance landscape rel-evant to businesses and organisations of all sizes and sectors.

InroductionBeyond embarrassment, today the private and public sectors face financial and reputational damage, competi-tive inroads, and significant regulatory sanctions when confidential information is inadequately protected. Clearly enough reasons as to why cyber security must be prioritised regardless of what sector one conducts their organisation.

As our nation has become heavily reliant on the inter-net, organisations, public and government agencies and businesses of all sizes continue to struggle with cyber security due to the continuous force and increas-ingly sophisticated cyber threats that have become the new norm. Intrusion prevention suppliers reveal privately that their systems are unable to keep up with the sophistication of attacks, and anti-virus companies report that attackers are reverse-engineering the vendors’ antivirus software and building new viruses so sophisticated that the tools cannot stop them. At the time this report was published, it was reported that the hacktivist group, Anonymous had taken over the website of the US Justice Department’s Sentencing Commis-sion and threatened to release sensitive government data and use computer-code based “warheads” against other sites. Simultaneously, US financial institutions are being pounded with high-powered cyber attacks that some suspect are being orchestrated by Iran.

Besides the weekly round, or of late what seems to be becoming more of a daily occurrence of cyber attacks just as much continues to happen offline as well. “Unencrypted” mobile devices continue to get lost which in turn increases the number of data breaches that we all read about in the media headlines on what seems like a weekly basis. Inadequate security measures on government and private sector networks, critical infrastructure and telecommunications rep-resent perhaps the most potent national security and economic risks facing the nation. There also seems to be a disconnect and an ele-ment of collaboration missing between the Federal Government and

the private sector as it pertains to cyber security. Team-work is essential to getting things done. In todays global and digital 24/7 world, challenges are more complex; it’s becoming increasingly important to bring more, diverse minds to the table and to break down silos. We all know that life offers no guarantees and that “when one door closes, another one opens.” This holds true for cyber security, especially with today’s evolving threat environ-ment and the force of attacks that continue to knock on the doors of countless networks.

Enter “cyber insurance.” While cyber insurance can-not stop incidents or prevent them from happening, it can help respond to incidents when they do happen.

When a security incident or a data breach happens, most cyber insurance policies have a team of experts already in place to help determine how your incident happened, whether or not any sensi-tive (PII) Personally Identifiable Information or (PHI) Personal Health Information has been exposed and helps determine if the security breach needs to be reported. Cyber insurance offers the private and public sector the ability to mitigate the residual risk, losses and associated costs of a security incident and/or data breach. Cyber insurance protects against the liability that comes from compensating others because cyber security has failed. Cyber insurance, aka “privacy and security” insurance continues to evolve

7%wIll BE THE INcREaSE

IN IT SpENdINg By HEalTHcaRE pROvIdERS

IN INdIa IN 2013

42 February 2013

N E X T H O R I Z O N S | I N f O R m a T I O N S E c u R I T y

ill

us

tr

at

ion

by

ph

ot

os

.co

m

as many more businesses, organisations and risk managers are realising that it can be used as a way to respond to a data breach and/or security incident and as a key component of an incident response plan. While cyber insurance has been around for 10+ years, it is only within the last few years that more policies have come to market. It remains a specialised product, which should naturally require working with a specialist. Would you ask your Gen-eral Medical Doctor for specialised advice on a health threat he does not follow or practice? Of course not This same theory applies to cyber insurance. With over 30+ cyber insurance carriers today offering non-standard policies, a broker specialising in cyber insurance can help make what’s been stated as a difficult process become an easier and informative process.

— The article is printed with prior permission from

www.infosecisland.com. For more features and

opinions on information security and risk manage-

ment, please visit Infosec Island.

A cyber insurance specialist understands the cyber risks and threats that public sectors face

iPad Users Say Tablet is Mission Criticalapple iPad users would rather skip a meal than have to travel without their beloved tablet

when it comes to business, Apple’s popular iPad tablet is viewed as a critical tool, according to an online survey of 1,320 iPad owners employed

at companies of varying sizes and across industries, conducted by online and mobile presentation company Brainshark. The iPad is helping users with their jobs to such a great extent, almost half of respondents (47

percent) said they’d rather have an iPad for work than a bigger or better office or a more senior title (34 percent).

Tixty-eight percent said they’d rather have an iPad than their own parking space at work, while almost one in four (23 percent) would prefer the tablet over an extra week of vacation each year. The survey, conducted in August, asked respondents about how they use their iPad for personal and business

activities, and how and whether the device has impacted their lives and routines. The survey found 92 percent of iPad owners said the device currently supplements their note-book, but more than half (51 percent) think it will be their primary computing device within the next two years.

“Ever since the iPad burst onto the tech-nology scene, it s indelibly changed the way and speed at which individuals and busi-

43February 2013

T a B l E T S | N E X T H O R I Z O N S

nesses communicate,” Andy Zimmerman, CMO for Brainshark, said. “No one doubts the device’s popularity, but what’s really eye-opening about these statistics is just how inextricable the iPad has become from users everyday lives. From a business perspective, it's now incredibly important for companies to find ways to conveniently reach their audiences on this device of choice”

When using their device for business, owners say they check work emails (82 percent), do Web research (72 percent), use business apps (46 percent) and view or deliver presentations (74 percent).

Sixty-four percent of those surveyed said the iPad has made them more productive, while 32 percent said they have become more successful at their jobs an able to close deals more effectively (21 percent). When traveling for business, 89 percent of iPad owners reported using their iPad, with 79 percent saying it improves connectivity while on the go.

Sixty percent of users say they currently bring their iPad and notebook with them, but more than one in three (35 percent) bring just their iPad and leave the notebook at home. The usefulness of the tablet —

and business users dependence on it, is reaching new heights, which the survey illustrated through the use of some eye-opening questions. When asked what they would go without before they would give up travel with their iPad, nearly half (48

percent) say they would forego meals, 41 percent would skip drinking water, and more than one in three (35 percent) would give up bathroom breaks. — The article was first published in CIO Insight.

For more stories please visit www.cioinsight.com.

The Rise of the Quantum Age of ITThe Quantum age of IT represents a shift from a monolithic IT organisation that “owns” its technology to one that delivers value By Charles Araujo

SeThe shift in power to the customer represents the dawning of a new era in IT organisations. Call it the Quantum Age of IT. It involves a shift in focus away from a monolithic IT organisation that “owns” its technology to one that is pur-pose-built to deliver value as either a strategic sourcer or a

strategic innovator. It will result in both the explosive application of technologies that drive innovation and a highly optimised approach

to the delivery of IT services. And it will require an unrelenting focus on the customer and the constant retuning of the IT organisa-tion to deliver meaningful value.

““I learned to design everything from the customer perspective,” says Bill Wray, CIO of Blue Cross Blue Shield of Rhode Island. “It is like storming the beaches of Normandy without disturbing the people getting a tan on the beach.”

ima

ge

by

ph

ot

os

.co

m

N E X T H O R I Z O N S | m a N a g E m E N T

44 February 2013

In the Quantum Age of IT, the customer is at the cen-ter of everything--finally. The focus will no longer be on “owning” technology, but on creating a highly optimised delivery model that provides the greatest value to the customer. It will be about moving away from a focus on technology itself to a focus on a set of five organisational traits that will enable IT to consistently and reliably deliver both explosive and optimised value.

The Quantum Age of IT will be a time of great change and disruption as the fundamental delivery models of IT shift. But like Thomas Edison before us, for those who see what is to come and seize it, it is a time of great opportunity.

When Joel Manfredo joined the County of Orange, Calif., as CTO, he found a lot of good people — and a chaotic mess. There were 77 active projects and no priorities. “It was like five-year-old soccer,” he says. “Everyone chased the last ball.” His job was to create order out of the chaos — and to begin the journey of taking the County of Orange into the Quantum Age of IT.

Manfredo instinctively knew his first priority was to change the perspectives of his team. "People are constrained in their thought

by their experience,” Manfredo says. “If they haven't done it before, it doesn't exist.” There was a prevailing sense among the team that Manfredo’s efforts were just another thing that would eventually pass without having any meaningful impact.

Manfredo began by focusing on a set of tactical activities that would produce an immediate, positive improvement in service. But his focus was less on the activities themselves and more on teaching his team to expect that change was possible, to embrace change and to understand how to continually pursue improve-ment. Whether his team knew it or not, Manfredo was

creating a “learning organisation” out of the chaos he inherited--and laying the groundwork for taking his organisation into the Quantum Age of IT.

— Charles Araujo is the founder and CEO of The IT Transformation Institute.

He frequently speaks on a wide range of subjects related to his vision of the

future of IT.

— The article was first published in CIO Insight. For more stories please visit

www.cioinsight.com.

The Quantum Age of IT will be a time of change and disruption as the delivery models of IT shift. But like Thomas Edison before us, for those who see what is to come and seize it, it is a time of great opportunity i

ma

ge

by

ph

ot

os

.co

m

25%INcREaSE IN puBlIc

clOud SERvIcES maRkET IN mIddlE EaST

aNd NORTH amERIca IN 2013

m a N a g E m E N T | N E X T H O R I Z O N S

45February 2013

46 February 2013

TECH FORGOVERNANCE

Privacy Breaches and High School PhysicsA look at the damage caused by patient privacy breaches and why patient data security is like high school physics By Danny Lieberman

Of DDoS attackes that will happen in 2013 will be application-based

25%DAtA Briefing

ima

ge

by

ph

ot

os

.co

m

47February 2013

s E C u R i T y | T E C H F O R G O V E R N A N C E

PPOintS

5 Patient data loss

is a lot like planes

disappearing in the

Bermuda Triangle

HigH scHool physics model can

be used to calculate

the damage of

patient data loss

tHe ability of

an attacker to

damage an asset in

analogous

according to physical argument

risk is indeed a

dependent variable

doing tHe right thing is the

cheapest thing

The question am I about to ask is really quite simple:Does it matter how many patient records are lost, or

does it matter whose patient data records was lost?Let’s take an analogy for airplane crashes.If an Airbus A380 (http://en.wikipedia.org/wiki/Air-

bus_A380) with 525 tourists from Elbonia on board was lost in the Bermuda triangle, it would be a big deal for a few days, but people would forget. Who cares about people from Elbonia anyhow?

On April 2010, when a Polish Airforce TU-154 crashed on approach to Smolensk, all 96 people on board were killed including President Lech Kaczyński and his wife Maria, former President Ryszard Kaczorowski, the chief of the Polish General Staff, other senior Polish military officers, the president of the National Bank of Poland, Poland’s deputy foreign minister, Polish government officials, 15 members of the Polish parliament. It was a national diaster for Poland. Today – 2.5 years later, I believe that the rest of the world scarcely remembers when the event happened. Buddy Holly, was an American singer-songwriter and a pioneer of rock and roll. Although his success lasted only a year and a half before his death in an airplane crash in 1959 – his work and innovation influenced the Beatles, Rolling Stones, Bob Dylan and Eric Clapton and had a profound influence on popular music. Over 50 years later – Buddy Holly is still a house-hold word. I think you get my drift – there is some kind of a relationship between the magnitude of the damage from a patient data loss event and the identity of the patient.

The next question is – can this relationship between patient identity and patient data loss impact be measured?

The answer is yes: by using a high school physics model. A high school physics model for calculating the damage of a patient data loss event

1 The estimated value of an asset is analogous to it’s momentum mv, the product of its mass and velocity. A very large database of 20 year old patient data that

was archived somewhere in the cloud might have a large mass but almost zero velocity and therefore low value.If a EMRsystem for a big network of hospitals had 100,000 patient-related transactions/day then it would have a high

Patient data loss is a lot like planes disappearing in the Bermuda Triangle — no one really knows where the planes disappeared to, since the people on the planes never return to tell the story. We talk about patient data loss and never really consider how you can “lose” patient data and whether it can be “returned”

velocity and correspondingly high momentum and high value. I note that this model runs counter to all privacy regulation but I think it holds water from a practical per-spective. (I’m trying not to confuse logic with regulation).

2 This physical analogy leads to some interesting con-clusions. If an attacker were to steal 10 million patient datarecords from 20 year old archive in the

cloud – the dollar value of the damage would actually be low in this model.On the other hand, if political hactivists were to access patient records at a private clinic in Virgina; the damage might be astronomical if it was disclosed that President Obama had just spent an intimate weekend with Toni Braxton under the pretext of minor elective sur-gery on his elbow and the data was disclosed just before his reelection campaign.

3 The ability of an attacker to damage an asset is anal-ogous to the force it can exert on the object we call an asset.

4 The ability of a security countermeasure to protect an asset is analogous to the force it can exert on the attacker. Observed from an inertial reference frame,

the net force on the object (the asset) is proportional to the rate of change of its momentum F = d (mv) / dt. Force and momentumare vectors and the resulting force is the vector sum of all forces present.Newton’s Second Law says that “F = ma: the net force on an object is equal to the mass of the object multiplied by its acceleration.”If the attacker manages to decelerate the asset to v=0, then the momentum of the asset is zero and it has been rendered inoperative. In a case like this — the damage to the asset is 100 percent if the asset runs faster than the attacker or another force deflects the attacker,thenthe asset momen-tum is unchanged, and damage to the asset is zero per-cent. This simple-minded physical argument shows that risk is indeed a dependent variable;Risk = the vector sum of the forces of the attackers and security countermea-sures relative to the asset. Not easy – but doing the right thing is the cheapest thing – and better than being written in the history books as the health IT organisation that cost President Obama the 2012 election because of shoddy patient data handling practices and network security.

48 February 2013

VIEWPOINT

After 30 yeArs or so Michael Dell is taking his baby private again. Good for him. Why on earth wouldn’t he? Who, in their right mind, would suffer the stupidity and often indignity of being endlessly questioned for your every move — by a 28-year old who has never had a real job let alone run a real company?

Why would anyone want to be perpetually Monday morning quar-terbacked?

Why would anyone other than the truly perverse welcome an uncom-fortable rectal exam daily?

No one would - unless the pain, suffering, and foolishness was tolerated for a bigger “good” - namely, money.

The stock market avails entrepre-neurs and private money people the opportunity to “exit” — to cash out on their hard work and brilliance (the entrepreneurs, that is — normally the money guys are simply lucky sperm), but that comes along with selling your corporate soul to the devil. Once you take public money you are no longer beholden to your own values, your products, your

bucks of stock without ever having a real job, and try to get something done. In transformative markets, being public can DESTROY a com-pany. It forces you to focus on the wrong things - and often leads to death. The times have changed - and so too must Dell in order to remain relevant. Old Mr. Dell (a year younger than me, the bastard) must have woken up six months ago and finally figured out that he didn’t need to deal with this crap anymore. He could put a pile of his own money in (because really, how much does anyone need? After a billion or two it really becomes a nuisance!) and now work for himself - doing what he/they think best for the real stakehold-ers of the business - the employees and the customers.

There probably is something to the fact that his name is on the building, every product, and is itself a cultural icon, but frankly I’m not sure I read too much into that. The guy is a work animal and always has been. I don’t see it changing. It’s just now he can do things for his own reasons — not someone else’s.

customers, or your employees. First and foremost, you are beholden to your stockholders. Stockholders care about one thing — return on their investment. Everything else is super-fluous noise.

Thus, when the quest for returns outweighs the “long term” strategic objectives of the business (long term = 91 days +), the business ceases to operate as a platform for “good” (for said entrepreneur, employees, customers, etc.) and instead operates to spit as much money as is possible into the hands of those who control the stock. While this is not necessar-ily evil, it tends to be that way.

Don’t feel bad for the company that goes public —they know exactly what they are doing — and why.

In the case of Dell, there no longer is any value in dealing with Wall St. for Mr. Dell, et. al. He/they already have all the money they could ever want, so why bother to suffer fools if they don’t have to? Now he/they can operate the business with a long term strategy - focus on products, customers, and employees instead of the 28-year old controlling a billion

Private Parts Don’t feel bad for the company that

goes public

STEVE DuPlESSIE | steve.duplessie@esg-global.com

About the Author: Steve Duplessie

is the founder of

and Senior Analyst

at the Enterprise

Strategy Group.

Recognised

worldwide as

the leading

independent

authority on

enterprise storage,

Steve has also

consistently been

ranked as one of

the most influential

IT analysts. You

can track Steve’s

blog at http://www.

thebiggertruth.com

illu

st

ra

tio

n b

y p

et

er

so

n p

j