• Legacy
  • Academy
  • Business
  • PayTech
  • Ignite
  • Cellcos
  • Wired
  • CovidTech
  • Library
  • Touch Base
Subscribe
CW Pakistan

Computerworld Pakistan

CW Pakistan
  • Legacy
  • Academy
  • Business
  • PayTech
  • Ignite
  • Cellcos
  • Wired
  • CovidTech
  • Library
  • Touch Base
  • CIO

6 Hard Truths IT Must Learn to Accept

  • January 1, 2018
  • Content Desk
Total
0
Shares
0
0
0

The rise of shadow IT, shortcomings in the cloud, security breaches — IT leadership is all about navigating hurdles and deficiencies, and learning to adapt to inevitable setbacks.

Sometimes the truth hurts.

It can be hard to admit that you’ve lost control over how your organization deploys technology, or that your network is porous and your code poorly written. Or no matter how much bandwidth you’ve budgeted for, it never quite seems to be enough, and that despite its bright promise, the cloud isn’t the best solution for everything.

In a world where anyone with a credit card and keyboard can spin up their own data center, it’s easy for CIOs to feel irrelevant and redundant.

Good luck with all that. The gap between your dreams and cold hard reality just gets wider every day. That doesn’t mean you should give up, but it does mean you need to get real about what you can change and what you must accept.

Read: Snowden’s App Haven to Protect Laptops from Prying Eyes

Here are six hard truths CIOs must learn to live with.

  1. Shadow IT has come out of the shadows

Five years ago, one of the biggest headaches IT managers had to deal with was the emergence of BYOD, as employees used their own smartphones on the job. Now, with a few clicks of a mouse and a credit card swipe, they can bring their own data centers.

“BYOD has become BYOIT,” says Mike Meikle, CEO of secureHIM, a healthcare cybersecurity and education firm. “Employees can quickly stand up whole IT solutions, from applications to storage, with a few button clicks, and then access these platforms from their mobile devices.”

But the definition of “shadow IT” has shifted over time, says Bobby Cameron, vice president at Forrester Research. It used to mean engineering teams sticking a server in a closet and using it to run their own skunkworks. Now it means the sales and marketing team signing on to a software service or spinning up servers on AWS without asking for permission. But that doesn’t mean IT should just step aside.

“It’s about digital empowerment, and it’s customer-led,” Cameron says. “IT is no longer pushing products and services to its internal customers, but it still needs to know what they’re consuming and shape its deliveries to match that. ”

The IT manager’s job has shifted from controlling what technology employees use to offering guidance on the services they should procure, says Steven A. Lowe, principal consultant for ThoughtWorks.

“The issue isn’t control,” he argues. “IT lost control years ago and cannot get it back. The issue is strategic relevance — using your IT knowledge to help the business make better decisions about third-party apps and services.”

  1. You can’t do everything in the cloud

Six years ago, more than 40 percent of CIOs surveyed by Gartner believed they’d be running most of their IT operations in the cloud by now. While the vast majority of organizations run some business-critical systems in the cloud, full migration is still relatively uncommon.

Instead, Gartner predicts that 90 percent of organizations will adopt a hybrid infrastructure by 2020, keeping some IT resources in house while outsourcing others to public or private cloud providers.

There’s no question the cloud has had a dramatic impact on IT operations, but it hasn’t always lived up to the hype. A June 2017 survey of 300 IT pros found that 80 percent said the cloud wasn’t meeting their expectations due to problems with security, compliance, complexity and cost. According to a January 2017 survey by cloud management firm RightScale, from 30 to 45 percent of enterprise cloud spend is wasted.

That’s because a lot of companies reflexively moved to the cloud with no clear understanding of why or how to do it, says Lowe.

“Merely moving a critical service to the cloud does not automatically make it more reliable or scalable,” he says. “To truly take advantage of the cloud, software needs to be architected and implemented differently, using microservices instead of monoliths.”

And some organizations that thought they could move all their legacy apps to virtual machines in the cloud have had a rude awakening, adds Tom Mainelli, VP at IDC.

“Companies will always find some app they can’t virtualize,” he says. “Like an expense program that’s 25 years old and the company that built it has been gone for 15 years. You’ll probably never be fully rid of old proprietary apps your company uses every day.”

  1. Your systems have already been hacked

It’s a given that your corporate network has been compromised and your data is at risk. Things are only getting worse. In fact, data breaches increased 40 percent in 2016, according to the Identity Theft Resource Center.

The question is, What can you do about it? Many enterprises respond by investing in network security appliances. That’s the wrong approach, says Meikle.

“Everybody wants systems that are easy to manage and hard to breach,” he says. “But they usually end up with big ticket security appliances that are hard to manage and sensitive data that remains unprotected. A smarter approach is to assume your environment has already been compromised and design your security plan around that.”

Instead of trying to protect networks and devices, smart IT organizations focus on securing company data on those endpoints, says Mainelli.

“Obviously you don’t want your networks or end points compromised, but what happens once somebody plugs in a USB drive?” he says. “Is the critical data the company relies on secure? What happens when it’s moving from email to email or hard drive to hard drive?”

Security has gotten worse in part because there are more devices and more data to protect, says Cameron. But technologies like Docker-based containers for cloud data and AI-driven automated breach detection are helping to mitigate the problem. And after high-visibility breaches like Equifax and Yahoo, Cameron says the C-suite and the board are finally starting to pay attention.

“It’s like we’re in Star Trek and the Klingons are coming after us,” he says. “But we do know how to deal with it.”

  1. Your software is unpatched and insecure

Unpatched software is a huge security and compliance risk. Yet according to a Feburary 2017 survey by Flexera, 10 percent of U.S. users were running unpatched versions of Windows. A May 2016 report by Duo Labs claimed that one in four business systems was at risk due to outdated software.

“We’ve seen customers who can’t keep pace with patches, which are rapidly growing in size and take longer to apply,” says James Lee, executive vice president and CMO for Waratek, an application security company. “This is coupled with legacy applications that can’t be updated or secured short of complete rewrite or replacement.”

Worse, adds Lee, security is often a lower priority for software developers, who are incentivized to emphasize features and deliver code on time and under budget. The result: software that is increasingly vulnerable to attack.

The problem stems from a failure to conduct true software quality assurance, says Mark S. Kadrich, interim CISO for Martin Luther King Jr. Community Hospital in Los Angeles.

“I’ve been in the industry long enough to know that if I’m losing sleep over technology failing, I’m in the wrong industry,” he says. “Eighty percent of software is crap, while 20 percent of it just sucks. There’s very little that can be considered well-engineered.”

His response: Assume the software will fail and plan for the worst case scenario.

“You know the software will fail; you know you’re going to get hacked,” he says. “So I plan for failure. I make the network fail, see how long it takes for us to detect and recover from it, and implement my procedures accordingly.”

  1. You’ll never have enough bandwidth

It’s inevitable: Just as you’ve finished installing that 100-gigabit ring around your corporate campus, some bright bulb in the C-suite decides they need to stream all training and marketing videos in 4K.

“No matter how fast the internet gets, we keep shoveling bigger files through the pipe until it clogs,” says Simon Jones, application delivery expert at Cedexis, a software-defined application delivery platform.

Thanks to the influx of mobile and IoT devices, the amount of data flowing across business networks is expected to more than double by 2021, according to Cisco.

The good news is that companies are getting better at intelligently managing network congestion, Jones adds.

“Telemetry, data processing, and AI are moving so quickly that avoiding slowdowns is getting easier to automate,” he says. “Managing internet traffic will work much as Waze works for drivers: With intelligence available to find all the possible routes around congestion, you’ll only get slowed down or stopped when there simply isn’t an alternative pathway.”

  1. IT is still relevant — but only if it adapts

Despite the explosion in self-service IT, tech expertise is still highly valued in organizations. But tech pros will need to up their game, hone some new skills, and be willing to accept some help from robots.

Successful IT pros are good at adapting to change, says PK Agarwal, regional dean and CEO of Northeastern University-Silicon Valley. A few years ago, IT pros were talking about data management and development; now they talk about IoT and devops. The topics may change, Agarwal says, but the requisite skills do not.

“Today’s IT leaders need to be more reliant on soft skills and emotional intelligence, so they can guide complex conversations about the collision of digital transformation with legacy eco systems,” he says. “The upsurge in automation and self-service also means IT professionals need to be more committed than ever to life-long learning.”

AI-driven automation will change tech delivery in significant ways — eliminating low-level and repetitive jobs, while enhancing tech pros’ ability to pull meaning from vast quantities of data, says Isabelle Dumont, VP at Lacework, a cloud security company.

“Cloud security is a good example where machine learning can augment IT’s ability to perform,” she says. “From breach detection to investigation analysis, ML can compile and analyze the billions of events and the output of thousands of VMs faster than any human, so IT teams can focus on the things that matter most.”

Still, the onus is on CIOs to overcome the stigma of IT being seen as a cost center and technology pros as order takers, warns Lowe.

“If you want to be treated as a strategic partner, you have to act like a strategic partner,” he says. “This may make for some uncomfortable conversations, but only by inserting IT into upstream strategic thinking can it have impact and change the perception to one of partnership.”

 

This article was originally published on CIO.com and can be accessed here.

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Content Desk

Previous Article
  • News

Careem, JS Bank Team Up To Turn 1000 Captains Into Entrepreneurs

  • December 30, 2017
  • Content Desk
View Post
Next Article
  • Technology

Codefest 2017 – 10Pearls University Tests the Best

  • January 2, 2018
  • Content Desk
View Post
You May Also Like
View Post
  • CIO
  • Computerworld
  • DEMO PAKISTAN
  • Ignite
  • Technology

Punjab’s Minister of Higher Education and Information Technology officially launches e-Earn, the province’s largest co-working network.

  • Sub Editor
  • April 15, 2022
View Post
  • CIO
  • Computerworld
  • DEMO PAKISTAN
  • Ignite
  • Technology

At a TEDx event sponsored by TopCity-1, industry experts will emphasise the importance of innovation.

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Technology

Extreme Commerce and Dukan.pk have teamed up to promote micro-enterprise through online selling.

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

In Fintech, There Are Three Areas Where AI Can Help

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Technology

C Square has been chosen as a social media and WhatsApp banking partner by Dubai Islamic Bank

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

In 11MFY21, ICT exports brought in $1.9 billion.

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

A portal has been developed to help Pakistanis living abroad and missions

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

To comply with Pakistani legislation, TikTok has removed 6.5 million videos from the market.

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

The “Bulletin” news platform from Facebook is now available.

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

RapidCompute is the first Pakistani company to provide proactive management services to Runecast.

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Partnerships
  • Technology

WALLIX, a global leader in access and identity cybersecurity solutions, has signed an agreement with JBS.

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

Pakistan is now one of the top 15 countries in the world in terms of cryptocurrency adoption.

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

With the launch of Studio 77, Systems Limited introduces a new approach to design thinking.

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

Samsung intends to manufacture cellphones in Pakistan.

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

Telenor’s Chief Operating Officer: “We Are Rolling Out Our Biggest Modernization Effort Ever.”

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

SBP grants in-principle approval to Akhtar Fuiou Technologies to create an e-wallet

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

A new report identifies the factors that may cause Pakistani customers to switch banks

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

The 100 million people who have access to broadband

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

Jahanzeb Khan has been appointed as the new CEO of FINCA Microfinance Bank.

  • Sub Editor
  • April 15, 2022
View Post
  • Business
  • CIO
  • Computerworld
  • Technology

The State Bank of Pakistan is planning to implement a no-collateral loan scheme.

  • Sub Editor
  • April 15, 2022

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

about
About
Launched in 1967 internationally, Computerworld Magazine is the oldest tech magazine/media property brand in the world. Today Computerworld (abbreviated as CW) is an ongoing decades old professional publication which in 2014 "went digital”. In Pakistan Computerworld was launched in 1995. Initially providing news to IT executives only, once CIO Pakistan from the same family launched, and took over the domain, CW Pakistan has slowly emerged as a holistic technology news platform reporting everything tech in the country. It remains the oldest running continuous IT media publishing platform in the country and approaching 3 decades of existence, it has been the industry’s biggest benchmark and hopes to continue for years to come.
Read more
Explore Computerworld Sites Globally
  • ComputerWorld.es
  • computerworld.com.pt
  • Computerworld.com
  • cw.no
  • computerworldmexico.com.mx
  • computerwoche.de
  • computersweden.idg.se
  • computerworld.hu
  • cwi.it
  • project.nikkeibp.co.jp
Content from other IDG brands
  • PCWorld
  • Macworld
  • Infoworld
  • TechHive
  • GameStar
  • Network world
CW Pakistan
  • CWPK
  • CXO
  • WALLET
  • Demo
CW Media & all its sub brands are copyrighted to SPIN-IDG Wakhan Media Inc., the publishing arm of NCC-RP Group. Site is designed by Crunch Collective ©️ 2022

Input your search keywords and press Enter.