computerweekly.com 7-13 March 2017 1

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

computerweekly.com

KIN

WU

N/I

STO

CK

Industrial control systems pose big risk to security

Legacy systems in national infrastructure are an open door to cyber criminals

Home

7-13 MARCH 2017

computerweekly.com 7-13 March 2017 2

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

AWS storage outage knocks sites and services offlineThe Amazon Web Services (AWS) cloud storage service experienced technical difficulties in the US last week. Organisations that rely on AWS’s Simple Storage Service (S3) to store data, host websites and run cloud-based services were hit by connectivity issues for sev-eral hours due to problems at the company’s US East-1 datacentre region in Virginia.

Hundreds more sub-postmasters take action against Post OfficeSeveral hundred more sub-postmasters who claim to have been wrongly punished for accounting errors have applied to join a group action against the Post Office. The group litigation order was applied for by the legal team representing an initial 198 sub-postmasters who believe they were wrongly punished, but hun-dreds more have since applied to join the action.

Welsh uni offers fintech degreeWrexham Glyndwr University in North Wales is launching a BSc (Hons) financial technology man-agement (fintech) course, which will be full time over three years. Course leader Anna Sung said: “Rather than teaching students the technologies behind the rise of fintech, the course will teach them how to generate new business ideas and create their own startup using the technologies available to them.”

NHS ‘mislays’ half a million confidential patient documentsMore than 500,000 instances of NHS patient data were unintention-ally put into storage rather than delivered to their intended recipi-ents. Between 2001 and 2016, the letters, which contained informa-tion such as test results and diag-nostics, were mistakenly put into a warehouse run by the NHS Shared Business Services – a joint venture between the Department of Health and Sopra Steria.

Government focuses digital strategy on skillsThe government digital strategy pledges to grow the UK’s technology skills and make the country the best place for digital businesses to invest and grow. One of the key focuses of the strategy is around upskilling the UK public and businesses. This includes a digital skills partnership in which the government will work with busi-nesses, charities and voluntary organisa-tions to make sure people have the skills they need to thrive in a digital world.

❯Catch up with the latest IT news online

NEWS IN BRIEF

WU

ND

ERV

ISU

ALS

/IST

OC

K

computerweekly.com 7-13 March 2017 3

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

NEWS IN BRIEF

Girls seek encouragement from women in technical roles More than 60% of girls have admitted they would like to see more encouragement from women who are coders, develop-ers and lab scientists, according to Microsoft research.

GDPR good for UK business and economy, experts claimImplementation of the European Union’s (EU’s) General Data Protection Regulation (GDPR) makes good commercial sense, a panel of data protection experts told the House of Lords EU Home Affairs Sub-Committee.

Microsoft to discontinue Skype Wi-Fi service this monthSkype Wi-Fi will cease to exist from 31 March, as Microsoft retires the service to enable it to focus on other Skype-based services. Skype Wi-Fi allows users to connect to a Wi-Fi hotspot and automatically notifies them if a hotspot is supported.

Liberty begins legal proceedings in challenge to Snoopers’ Charter Civil rights organisation Liberty has issued a legal challenge to the indiscriminate state surveillance powers in the Investigatory Powers Act, after raising £52,000 to fund a High Court judicial review.

Santander develops mobile apps for staff with IBM, Apple inputSantander is working with IBM to develop iPhone-based mobile apps to help staff engage better with custom-ers. IBM is also working with Apple on the project to design a suite of IBM MobileFirst apps using Apple’s Swift programming language.

Alibaba runs academy to find future e-commerce leaders Alibaba has selected 32 people from 14 countries to take part in its Global Leadership Academy, designed to train and integrate the firm’s next gen-eration of employees. They will spend a year at Alibaba’s Chinese headquar-ters in various business units. n

Global MNOs use big data for social goodMobile trade association GSMA has announced an initiative to exploit the big data capabilities of mobile network operators (MNOs) to address humanitar-ian crises such as epidemics and natural disasters. Big Data for Social Good has enlisted 16 MNOs, which between them account for two billion mobile connec-tions in more than 100 countries.

❯ UK fintech investment down in 2016.

❯ Cyber security need not cost a fortune, says researcher.

❯ Norwegian banks join forces in mobile payments.

❯ Tata helps telcos transition to digital.

❯Catch up with the latest IT news online

GSM

A

computerweekly.com 7-13 March 2017 4

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

Rise of the white-box server makers poses threat to major manufacturersTraditional server providers still claim the lion’s share of the on-premise datacentre market, but original design manufacturers are now a major competing force, writes Cliff Saran

The latest financial results from HPE have highlighted a growing issue facing server makers around the effects of cloud computing. In its first-quarter 2017 results, HPE

reported an 11% decline in server revenue due to what CFO Tim Stonesifer described as “a softer-than-expected core server mar-ket combined with some execution challenges”.

In a transcript of the earnings call, posted on the Seeking Alpha financial blogging site, HPE CEO Meg Whitman said: “Revenue was impacted by a tough market environment, particularly in core servers and storage. We saw a significantly lower demand from one customer and major tier one service provider that was facing a very competitive environment.”

In a question-and-answer session with financial analysts, Whitman admitted cloud computing was affecting HPE’s server and storage business, but she said the company was now focus-ing on private and hybrid clouds, using its Synergy product range.

“We are ramping our Synergy offering, we’ve got the power of SGI and our high-performance compute that was part of HPE,”

she said. “Synergy is important because it allows us to provide on-premise private cloud alternatives at public cloud econom-ics, both the total cost of ownership as well as the consumption-based pricing model. And we have now seen a number of custom-ers move workloads off the public cloud back into an on-premise datacentre because it is more cost-effective.”

Strong competitionOne of the questions raised at the HPE fiscal briefing concerned the impact of contract manufacturers or original design manu-facturers (ODMs) that produce so-called “white-box” servers for cloud providers. Whitman would not be drawn on whether HPE was seeing strong competition from white-box server makers.

When asked about the lower demand for HPE servers from the tier one service provider that directly contributed to the lower server sales in the quarter, she said: “I’m not entirely sure. What I will tell you is that they have dramatically decreased their pur-chasing below commitments that they had made to us.”

ANALYSIS

computerweekly.com 7-13 March 2017 5

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

But it is not uncommon for cloud and service providers to choose white-box servers to reduce infrastructure costs, result-ing in lower sales by the major server companies.

John Dinsdale, a chief analyst and research director at Synergy Research Group, said: “For traditional IT infrastructure suppli-ers, there is one fly in the ointment – hyperscale cloud providers account for an ever-increasing share of datacentre gear and many of them are on a continued drive to deploy own-designed serv-ers, storage and networking equipment, manufactured for them by ODMs. ODMs in aggregate now control a large and growing share of public cloud infrastructure shipments.”

OCP gains tractionOver the last few years, the Open Compute Project (OCP), which was originally devised by Facebook, has been gaining traction as a hardware specification for hyperscale datacentre comput-ing. White-box servers that meet the OCP specification can be deployed in datacentres.

Benefits include lower costs for both hardware and energy, plus interoperability and compatibility, so hardware from different manufacturers can be deployed.

As Computer Weekly has previously reported, Facebook claims that using OCP kit saved the social media site about $1.2bn in IT infrastructure costs within its first three years of use, by formulat-ing its own designs and managing its supply chain.

In a Computer Weekly blog post, James Bailey, director of data-centre hardware provider Hyperscale IT, said that Rackspace –another founding member of OCP – had used the architecture to

ANALYSIS

CO

OK

IEC

UTT

ER/F

OTO

LIA

computerweekly.com 7-13 March 2017 6

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

deploy white-box servers for its OnMetal product. Microsoft is also a frequent contributor and runs more than 90% of its hard-ware as OCP, according to Bailey.

And it is not only server providers. Goldman Sachs is also believed to have a “significant footprint” of OCP equipment in its datacentres. Again, white-box servers are being used instead of servers from the major hardware companies.

Taking market shareWhat this means is that non-traditional server manufactur-ers are increasingly taking market share from the established providers. In November 2016, IDC’s quarterly server tracker reported that the ODM segment (white-box servers) accounted for 10% of the market in terms of value, making white-box serv-ers the third-biggest server supplier with 10.3% of the overall market, ahead of Lenovo (7.9%), Cisco (7.3%) and IBM (6.9%).

“Other than Cisco, all major US-based suppliers experienced significant global revenue declines year over year, while many international and smaller suppliers were able to find areas of growth,” said Lloyd Cohen, research director, computing plat-forms at IDC.

“As large enterprise accounts slowed their demand for servers, small businesses and startups continued to grow their IT port-folios via non-traditional channels with innovative supply chain strategies. It will be interesting to see how this segment develops over time.”

HPE’s rival, IBM, is already shifting its business away from on-premise datacentre computing. IBM sold its x86 server business

to Lenovo in 2014. In January this year, Ginni Rometty, IBM chair-man, president and chief executive officer, said the company’s shift from its core business to so-called “strategic imperatives” accounted for 40% of its earnings.

The full impact of the rise of the white-box server makers is yet to be felt. According to analyst Gartner, ODMs are not particu-larly effective at dealing with enterprises and small and mid-sized businesses. Partnering with an organisation that could meet the needs of these customers more effectively would allow the white-box server suppliers to benefit from more comprehensive sales and marketing programmes, according to Gartner’s report Lack of comprehensive go-to-market mechanisms keeps server ODMs in check – for now.

The analyst warned that the biggest risk to the major server manufacturers was if and when a major systems integrator part-nered with a white-box server supplier, which would provide a deep customer relationship, plus sales and marketing expertise. n

“As lArge enterprise Accounts slowed their demAnd for servers,

smAll businesses And stArtups grew their it portfolios”

LLoyd Cohen, IdC

ANALYSIS

❯ IBM’s Watson AI technology and cloud strategy are overtaking core product areas.

computerweekly.com 7-13 March 2017 7

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

Industrial control systems are the top threat to UK cyber security, says expertMost organisations understand cyber security readiness, but lack response and resilience capabilities – especially regarding industrial control systems in the UK, as RSA cyber defence expert Azeem Aleem tells Warwick Ashford

Vulnerabilities in industrial control systems (ICS) com-monly used by suppliers of critical national infrastructure are potentially the biggest threats to UK cyber security,

according to a cyber defence expert.“Industrial control systems in Europe and particularly the UK

are based on legacy systems, which is creating opportunities for attackers as we move to a process control network environment,” said Azeem Aleem, director of advanced cyber defence practice for Europe, Middle East and Africa (Emea) at RSA.

“We are seeing evidence of attacks on ICS in things like Stuxnet, Shamoon and BlackEnergy linked to the attacks on the Ukrainian power grid,” he told Computer Weekly.

According to RSA researchers, there is a sophisticated surge in the attack domains across industrial control systems. At the same time, many organisations are not aware of the device connectivity patterns inside and outside their ICS environment.

“Shamoon 2, for example, triggers the Wiper component for wiping hard drives only at weekends when no one is in the office,

which shows the attackers are being more creative,” said Aleem. “From Stuxnet to Shamoon 2, there is a distinct evolution to more advanced malware being targeted at ICS, which means there is a lot of work to be done in the UK in terms of defending critical national infrastructure.”

Assessing the problemAccording to Aleem, who is based in London, one of the big-gest initial challenges is assessing the true size and nature of the problem across water utilities, oil and gas suppliers, and electri-cal power distribution networks.

“The UK cyber security community and the government really need to focus on this issue in the face of increasingly sophisti-cated attacks by nation state actors,” he said.

“In the US, we have seen attempts to influence the outcome of the presidential elections, and those same actors could start manipulating industrial control systems within suppliers of criti-cal national infrastructure.”

ANALYSIS

computerweekly.com 7-13 March 2017 8

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

Although there is some work being done in this area in the UK, Aleem said that in the light of recent developments and emerging trends, this work needs to be expanded and expedited.

“There is a growing recognition of the risk, but the government needs to be more aggressive in its efforts to understand what is happening and in developing a robust framework to mitigate the risks,” he said.

Assess the threatThe RSA Advanced Cyber Defence Practice, which was set up in the wake of the RSA breach in 2011 to help other organisa-tions deal with similar breaches based on the company’s own experience, recommends a framework of questions to assess the threat. These include:n Is the ICS network attached or separated from the IT network?n Are there plans within the timeline of the engagement to sepa-

rate/join the ICS and IT network?n If the ICS network is separated from the IT network, is it fully

air-gapped?n If the ICS network is air-gapped from the IT network, is it man-

aged via ICS Wi-Fi or otherwise?n Is the ICS network managed remotely?n How feasible would ad-hoc manual collection of logs and/or

deployment of a packet capture device on to the network be?n Can a high-level network map be produced for review?Typically, said Azeem, when his team does an assessment in this way, they discover that the organisation is unaware of about 70% of connections to its industrial control systems.

ANALYSIS

JAO

CH

AIN

OI/

FOTO

LIA

Industrial control systems used in the oil and gas industry could be vulnerable

to cyber attacks

computerweekly.com 7-13 March 2017 9

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

“The problem with legacy systems is that they are often custom-built, with little or no documentation, and organisations that oper-ate them have no idea what is happening,” he said.

According to RSA researchers, attacks through cloud service providers within ICS are also on the rise, and there is a dire need for intelligence correlations and reporting mechanisms around such attacks, through behavioural analytics.

RSA’s Advanced Cyber Defence Practice is the consulting arm of RSA and is focused on cyber security readiness, resilience and response. “Readiness is about assessing how proactive organi-sations are in terms of detecting an APT [advanced persistent threat] attack,” said Aleem. “We look at their people, processes and technology to assess their ability to pre-empt an attack.”

Cost-benefit analysisThere is a growing awareness among organisations that there is no such thing as 100% security, he said, and as a result they are investing in understanding what their critical data assets are, how to define and assess risk, how to prioritise risk, and how to do a cost-benefit analysis.

Response can be reactive, in terms of assessing the scope of an attack that has already happened to help limit the damage. Proactive response is about developing capabilities to minimise the breach exposure time, including developing threat intelligence relating to an organisation’s critical data assets.

“Response is typically less well understood than readiness, and capabilities are often lacking, especially when it comes to proactive capabilities to achieve actionable intelligence by

filtering out the noise to identify the threats that are specific to the organisation,” said Aleem.

The RSA security operations centre (SOC), for example, tracks 50-60 million events an hour, which are filtered down to just 110-120 incidents being tracked each day, with 98% being resolved in the same day. “Resilience is about helping organisa-tions keep operations running during an attack and to maintain that capability as the threat environment changes, which typically involves helping organisations to develop, operationalise and run security operations centres,” said Aleem.

Where organisations already have an established SOC, Aleem said his team works in a product agnostic way as a trusted adviser to refine the security intelligence across the SOC as well as develop incident response capabilities, which includes innovating to develop a proactive hunting capability. In return, RSA uses data gathered on attacks to improve its products and services.

“Like response, resilience is less well understood and capabili-ties are lacking, but the biggest problem is often the lack of tal-ent to maintain the evolution of cyber defence knowledge and

“the biggest problem is lAck of tAlent to mAintAin cyber defence knowledge”Azeem ALeem, RSA

ANALYSIS

❯Planning and foresight are essential to any cyber security incident response plan.

computerweekly.com 7-13 March 2017 10

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

capabilities,” he said. “There is also the problem of companies still investing in prevention only, and not in response and resilience.”

Where organisations are lacking in response and resilience capabilities, Aleem said the standard advice is to identify key data assets and top business risk.

“Step two is to identify and assess the effectiveness of what the organisation is doing to protect those assets and mitigate those risks, and then to look at the incident response plan,” he said.

But according to Aleem, many organisations either lack an inci-dent response plan and/or adequate and consistent processes across the organisations to support one. “Having an actionable threat intelligence capability is the next key element,” he said.

This involves looking at the tools, tactics and procedures of the most likely attackers and adjusting your defences accordingly.

“The goal here is to take the fight back to the criminals by obstructing the way they work in the hope they will go after other targets rather than going to the trouble of finding an alternative way to come after your organisation,” said Aleem.

The final key element, he said, is visibility, which is essential in developing readiness, response and resilience capabilities. “By visibility, I do not just mean visibility in the network, but also in endpoints, netflows, and at the organisation’s perimeter to be able to identify patterns of cyber criminal activity, which relies not only on products, but skilled professionals with hunting capability.” n

The Ukraine has suffered cyber attacks on its power grid

ELEN

A P

ENKO

VA/F

LIC

KR

computerweekly.com 7-13 March 2017 11

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

Laying down the law on technology sets up Linklaters for digital transformationLinklaters CIO Matt Peers tells Mark Samuels how he is taking the firm through a complete digital transformation

Matt Peers, CIO of global law firm Linklaters, recognises that the legal sector is often viewed as being behind the times – and it is an opinion he is keen to change.

“Law firms are seen as following businesses in other industries,” he says at the firm’s London headquarters near the Barbican Centre. “I want to help change that perception. I think there’s a big opportunity to use technology to make a genuine difference to how people work.”

Big changesAfter 18 months at the firm, Peers has made big changes in key areas, such as security, mobility and connectivity. But his work is far from complete and digital transformation remains his focus.

“Our lawyers still spend too much time on processes that take their focus away from their clients,” he says. “One of my key jobs is to fix that – I want to provide the technology that will help make lawyers more efficient and effective.”

Peers says pushing the transformation process in a legal firm with a global presence, as well as having to seek consensus from

INTERVIEW

Matt Peers: “I want to provide the technology

that will help make lawyers more efficient and effective”

computerweekly.com 7-13 March 2017 12

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

a wide range of stakeholders, is a significant challenge. Yet it is a task he relishes. “This firm produces a great number of ideas all over the world,” he says. “In my role, I have to work out how we deliver the staple of IT products, such as email and document management, while also ensuring that the business is able to make the most of technological innovation.”

Peers says Linklaters needs to focus, first and foremost, on great project delivery. “We can create a competitive advantage through technology by being better, faster and quicker to market than other organisations,” he says.

One significant factor is that Peers has the support of col-leagues across the business. “It’s a really friendly firm,” he says. “Everybody works well together – it’s a single partnership. At a global level, each individual who works for the firm has an incen-tive to make things better. And I find that liberating.”

Peers joined Linklaters in May 2015 after four years as CIO of consultant firm Deloitte across the UK and Switzerland. He says there are definite similarities between Linklaters and Deloitte – both are huge professional services firms with a global presence.

“It’s nice to work with lots of smart people as part of a bright organisation,” he says. “I like working with demanding stakehold-ers. I want people to hold me to account, and you get that when you have to work with partners in a firm.”

But there are differences between the organisations, particularly regarding Peers’ role. He describes Deloitte as a fabulous firm, but the scale of business operation means change management can be tricky, and doing things quickly requires a lot of co-operation.

Now as global CIO of a rapidly changing practice, Peers has the opportunity to drive transformation. “The key difference is that I have my own agenda and I get to sell my ideas to the board,” he says. “So far, that’s exactly how it’s panning out here – and that’s why I’m really enjoying the role.”

Tightening securityPeers talks about three key achievements during his first 18 months at Linklaters. First is information security, in which he says legal clients are now more demanding than ever. ISO 27001 accreditation has helped the firm to prove its security strengths.

“Clients want to know where their data resides and who has access to it,” he says. “And that’s an environment you have to take seriously. We’ve got policies and procedures in place now that help give our clients confidence, as well as making sure our house is very much in order.”

Peers says his second key achievement concerns mobility. Before he arrived, Linklaters was a heavy user of BlackBerry devices, but is now more wedded to Apple devices and iOS. Everyone who works for the firm – from the back office to the chief executive

INTERVIEW

“clients wAnt to know where their dAtA resides And who

hAs Access to it”mAtt PeeRS, LInkLAteRS

computerweekly.com 7-13 March 2017 13

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

– receives a corporate-supplied smartphone. “We are making more and more things available to people through apps on their devices in a secure manner,” he says. “When you have something like a time and expenses app, it’s important the information is pre-sented to everyone in the same consistent manner.”

Peers says his final big achievement relates to connectivity and collaboration. The firm used to be reliant on its virtual desktop setup, with employees able to work at any Linklaters terminal in any office in the world and access their own files. But there was a problem – staff could not log in on the road.

“People spend a lot of time travelling,” he says. “What’s more, different countries have specific ways of working – you can be made to wait to see a client for many hours, for example, and that is dead time if our associates can’t connect. We can’t rely on patchy cellular networks to keep our people connected.”

Windows 10 choicePeers has embarked on a programme to give all fee-earning employees the choice of a Windows 10-based laptop or tablet. The firm’s IT department has a strong grounding in Microsoft skills and Peers is using that capability to ensure staff connect securely to the enterprise network.

“The factor that always comes first in our decisions is the security of client data – and we will not do anything that could potentially compromise that primacy,” he says. “The provision of Windows 10 laptops and tablets has really changed how our people are able to work. The feedback to the programme is really positive and we know people can now work securely from any location.”

When it comes to immediate priorities, Peers is keen to help Linklaters make the most of innovation. “I want to get to a point where, as a firm, we are willing to take some more risks,” he says. “Those need to be calculated risks – it’s not about running pro-jects with client data for the sake of it.”

Peers refers back to his time in the retail sector, where he spent more than a decade in senior IT roles at Carphone Warehouse before joining Deloitte. He says retailers accept that only one in 10 projects is likely to succeed. By comparison, executives in the legal sector demand a 100% success rate.

“We like to predict the outcome of everything we do,” he says. “But that can sometimes act as a barrier to innovation. If we are going to embrace innovation, we’ve got to get better at running rapid proof of concepts. We’ve got to focus on projects that help us serve our clients differently.”

Peers accepts that his role will be crucial if Linklaters makes the most of IT-led innovation. “I will need to influence my team and ensure they are aligned with wider business aims, but I’ll also need to focus on practice,” he says. “I’ll need to help them understand

“i wAnt to get to A point where, As A firm, we Are willing to

tAke some more risks”mAtt PeeRS, LInkLAteRS

INTERVIEW

❯ Ian Fisher, CIO, DHL UK&I, talks about the gender gap and emerging technologies.

computerweekly.com 7-13 March 2017 14

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

what technology can do for our clients and how the IT team can help bring some of these ideas into a production-ready state.”

The biggest benefit of embracing innovation, says Peers, is that his firm will gain a competitive advantage, and he believes Linklaters is well placed to move forward. For example, the firm already uses the cloud across time recording, email filing, and internet and firm-wide security.

Peers says the IT team has excelled in providing the core sys-tems and services used by lawyers, which provides a strong foun-dation on which to build further change. “We are in a position now where we can start to think about technology that might add more value to the business and its customers,” he says.

One area of development is around big data and artificial intel-ligence, and Peers is keen to give lawyers a “Google-like” search experience. The firm currently provides basic search facilities that help lawyers find information through trial and error, but he wants to provide a much better user experience.

“I want to get to the point where one of our lawyers in Spain, for example, can use a search tool and get an answer to their ques-tion quickly,” he says. “The markets that we’re in mean clients are asking more and more of us. The power of bring able to turn things around quickly should not be underestimated.”

Finally, Peers talks about long-term success metrics. He says one clear indicator would be the elimination of paper within the firm. Linklaters, like other law firms, is still heavily reliant on paper – and often with good reason.

Research suggests lawyers are statistically more accurate when they proof-read legal contracts on paper rather than on screen. “But there are times when people don’t need to print,” says Peers. “Great search technology can help us to reduce the firm’s depend-ency on paper.”

In-house knowledgePeers also believes the rest of the organisation will start to draw on in-house IT knowledge during the next few years. Business engagement teams normally include people from a range of areas, including project management, legal expertise and other operational areas.

Technology is not currently part of the process, but Peers antici-pates a shift in emphasis. “We’ll get to a point where that changes – and that means people in my team will need to become more cli-ent-facing, or we’ll need to give lawyers in the firm more access to IT skills,” he says. “Technology will become a fundamental part of what we do. I want everyone across the business to have a much greater understanding of the potential benefits of technology.” n

“we Are in A position now where we cAn stArt to think About

technology thAt might Add more vAlue to the business”

mAtt PeeRS, LInkLAteRS

INTERVIEW

computerweekly.com 7-13 March 2017 15

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

Computer Weekly, 25 Christopher Street, London EC2A 2BS

General enquiries 020 7186 1400

Editor in chief: Bryan Glick 020 7186 1424 | bglick@techtarget.com

Managing editor (technology): Cliff Saran 020 7186 1421 | csaran@techtarget.com

Head of premium content: Bill Goodwin 020 7186 1418 | wgoodwin@techtarget.com

Emea content editor: Karl Flinders 020 7186 1423 | kflinders@techtarget.com

Security editor: Warwick Ashford 020 7186 1419 | washford@techtarget.com

Networking editor: Alex Scroxton 020 7186 1413 | ascroxton@techtarget.com

Management editor: Lis Evenstad 020 7186 1425 | levenstad@techtarget.com

Datacentre editor: Caroline Donnelly 020 7186 1411 | cdonnelly@techtarget.com

Storage editor: Antony Adshead 07779 038528 | aadshead@techtarget.com

Business applications editor: Brian McKenna 020 7186 1414 | bmckenna@techtarget.com

Business editor: Clare McDonald 020 7186 1426 | cmcdonald@techtarget.com

Production editor: Claire Cormack 020 7186 1417 | ccormack@techtarget.com

Senior sub-editor: Bob Wells 020 7186 1420 | rwells@techtarget.com

Sub-editor: Jaime Lee Daniels 020 7186 1417 | jdaniels@techtarget.com

Sub-editor: Ryan Priest 020 7186 1420 | rpriest@techtarget.com

Sales director: Brent Boswell 07584 311889 | bboswell@techtarget.com

Group events manager: Tom Walker 0207 186 1430 | twalker@techtarget.com

Government digital strategy lacks ambition

The very best thing about the government digital strategy is that it exists. The areas covered by the strategy are vitally important for the UK’s economic future – not just for our digital economy – and the strategy documents are comprehensive. They mostly tick all the right boxes – skills, startups, broadband and 5G, cyber security, data infrastructure, and digital transformation in busi-

nesses and government. It was seen as a major announcement by the government, and the recognition of its importance extends to the highest levels of

Westminster. It is good and right and promising that the government has released such a plan. And yet…If you read through the strategy in detail, you’ll probably find yourself nodding in agreement but not getting especially fired up by plans

that minister Karen Bradley said would “make Britain the best place to start and grow a digital business”. Much of the strategy as released is not new, for a start – it’s simply bringing together a number of previously announced initiatives

under one banner. It contains topical and forward-looking elements, such as aiming to make the UK a leader in artificial intelligence (AI). But all it actually offers is £17m for a number of research initiatives and a review of the “critical elements” for building an AI industry. Meanwhile, the rest of the world is actually building an AI industry. A Silicon Valley AI startup would turn its nose up at a meagre £17m of potential investment.

There’s no vision of a future digital Britain – just a series of initiatives that will, probably, take us in generally the right sort of direction and hopefully will take us somewhere better. There are no measurable targets to aim for – so if any of those initiatives don’t actually change much, nobody is accountable, and nothing much happens about it.

While you wouldn’t object or complain about any of the proposals in the strategy, none of it is especially ambitious. It’s all good. There’s nothing wrong with it. But it could have been so much more. And that’s before you even get on to Brexit.

The government gets that digital is important. It knows where the challenges lie, and it’s taking action to address them. But nobody reading this critically important strategy is likely to come away enthused that it’s going to put the UK at the forefront of the global digital economy for the next 10 years. Let’s hope it is only a start, because we need a more ambitious vision than the government’s digital strategy currently offers. n

Bryan Glick, editor in chief

❯Read the latest Computer Weekly blogs

EDITOR’S COMMENTHOME

computerweekly.com 7-13 March 2017 16

By the end of 2020, smartphones will be in the pockets of 91% of global consumers. But the mobile channel is not simply another device for developers to support – it is the manifestation of a much broader shift to new

systems of engagement that help firms to empower their custom-ers, partners and employees with context-aware applications and smart products.

Mobile affects almost every area of the development shop, including infrastructure and operations, security and risk man-agement, and enterprise architecture. Mobile experiences, while challenging to develop, throw open the door to new opportunities for companies to win, serve and retain customers.

Mobile mind shiftApplication development professionals are linchpins in firms’ mobile strategy-setting efforts. The reason is simple – everyone wants mobile. Organisations want experiences to engage cus-tomers, extend business processes, improve communication, extend the working day, speed decision-making, and so on.

Someone has to figure out which apps to buy, which apps to build, and how to make it happen – and that requires developers. The mobile mind shift is more than just an evolution in develop-ment platforms – it is an expansion of the customer journey from standalone interactions to becoming the choreographer of an ecosystem of experiences.

This demands collaborative engagement with business peers and creates a direct relationship with customers and employees. It also means revisiting acquisition and sourcing strategies.

Build mobile experiences that drive engagement

Mobile experiences throw open the door to new opportunities

for firms to win, serve and retain customers, writes Jeffrey Hammond

BUYER’S GUIDE TO MOBILE APP DEVELOPMENT | PART 3 OF 3

JEMA

STOCK/FO

TOLIA

HOME

computerweekly.com 7-13 March 2017 17

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

The shift is a complex, multidimensional prob-lem. First, context and immediacy make new types of experiences possible. Imagine eliminating the need to stop at a hotel’s front desk to pick up a room key, or hitting a new personal best time for a 10km run because of the built-in coaching in a run-ning app. The instruments on mobile devices open up a tremendous amount of context about an indi-vidual, and that context creates an opportunity to provide value through engaging experiences.

Second, business leaders recognise the importance of technol-ogy. Technology organisations that have spent the past decade outsourcing and downsizing their application development skills now face a dilemma. Their business peers are working with agen-cies and technology boutiques to build the mobile experiences they need to support customers, sales reps and field service per-sonnel. Either technology management organisations engage with a service provider or watch their spheres of influence be eroded by outsiders closely aligned with busi-ness units such as marketing and sales.

The other big challenge is that teams must support an ever-expanding range of platforms – and at speed. The aver-age US online adult uses more than four connected devices. As a result, shops need to support the next ver-sions of Android and iOS soon after they are released, not six months

later. The implications for development shops are sobering: two to three releases will be necessary for every app every year just to keep up – and they need to do these for every supported platform.

Successful mobile development strategies take a people-centric approach. The end goal of a mobile development strategy is simple – reliably create and maintain useful experiences. But that is easier

said than done. Technology strategies are useless without plan-ning for the impact on people – both the developers and the users of the mobile experiences.

New architectureSuccessful mobile engagements require adding a fourth layer to the three-tier web architecture: the aggregation tier. This tier provides discovery to the service tier below it, aggregates data and performs protocol translation to push content up to the deliv-ery tier. Development teams should look closely at the users they

are targeting, the objectives they have, and the best strategy to engage them to inform the technology strategy.

So, it is time to plan and execute the mobile development strategy. Such a strategy requires a lot more effort than simply picking a technology for build-ing mobile apps. Organisations must invest in improving agile development capability, building a flexible sourcing

technology strAtegies Are useless without plAnning for

the impAct on people – both the developers And the users

of the mobile experiences

BUYER’S GUIDE

❯Mobile users have high expectations, and there is no such thing as one size fits all. We look at how this affects mobile app development.

computerweekly.com 7-13 March 2017 18

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

strategy, and creating a plan to improve digital experiences. A good service-oriented architecture strategy is a great founda-tion for the four-tier engagement platform upon which successful mobile apps rely.

A successful, long-lived mobile practice involves a number of steps. The first is the discovery stage. Mobile is changing how the world works and is challenging every enterprise. Mobile devices give companies an opportunity to engage deeply with their custom-ers. It is easy to get bogged down by the amount of development options available – understanding the “why” and “when” is key when making a choice between them.

This understanding enables devel-opment leaders to establish the costs of ramping up capabilities in mobile. To secure ongoing investment, development leaders must partner with business leaders to quantify goals and objectives to define the most rel-evant and valuable metrics to measure mobile success.

The second step is the planning phase. Mobile demands perme-ate all aspects of the software development lifecycle. The wide-reaching changes necessitated by mobile development require an assessment of current capabilities and future objectives.

Black-and-white questions such as “Should we go with a native application development approach, use HTML5 or go hybrid?” misunderstand the situation. It’s not a question of either/or – it’s

which approach best fits the experience in question. To match the needs for mobile scaling and responsiveness, development teams are incorporating an aggregation tier into their application architectures. This four-tier architecture is essential for strategic mobile success.

The third step is execution. New processes and organisational setups are essential to satisfy app users at the release speed they demand. Deciding what tools and technologies are best to support the people and processes compounds the challenge, particularly in view of different app, web, wearable and bot development approaches.

Traditional enterprise independ-ent software suppliers, as well as myriad startups, force app devel-

opment leaders to base their technology choices on suppliers’ organisational capabilities, goals, strategies and historical deliv-ery while tempering requests for proposals with a faster decision-making process.

Finally, there is optimisation. Mobile development maturity requires feedback-driven lifecycles. Feedback loops informed by post-release monitoring tools help enhance and optimise future iterations of mobile experiences. n

This is an extract of the Forrester report “Build mobile experiences that

drive engagement” by Forrester principal analyst Jeffrey Hammond.

BUYER’S GUIDE

the wide-reAching chAnges necessitAted by mobile

development require An Assessment of current

cApAbilities And future objectives

computerweekly.com 7-13 March 2017 19

Running a happy, productive and high-functioning IT department, staffed with people who look forward to coming to work, is something all CIOs aspire to.

But it is an aspiration that many are doomed never to realise unless they are willing to commit to cultivating a good working culture, says Helen Beal, a DevOpsologist at London-based digital transformation consultancy, Ranger4.

“When we talk about culture, it’s often linked to the way an organisation is structured and operates. What IT departments should be looking to avoid are cultures led by fear, punishment or blame,” she says. “Organisational hierarchies that are very ‘com-mand and control’ in nature are also to be avoided, because what you are looking to create is a culture where people can work with autonomy and purpose.”

Central to this is giving staff “meaningful work” to do that demonstrably contributes to supporting the company’s wider growth ambitions, says Beal. “If we have those things, it generally follows that people are happier and more productive,” she says.

For IT departments drowning in technical debt and helpdesk tickets – as the legacy technology the business runs on lurches from one system failure to another – meaningful work can be diffi-cult to come by. Particularly as getting whatever system has fallen over back up and running again takes priority over projects that could improve the customer experience, and deliver real value to the business.

Tips for building a DevOps culture

Cultivating a supportive and collaborative business environment is central to getting DevOps to take hold in an organisation.

Caroline Donnelly delves into what this entails

COLLABORATIVE DEVOPS

OJO

GA

BON

ITO

O/I

STO

CK

HOME

computerweekly.com 7-13 March 2017 20

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

Addressing problems head-onIn this type of situation, the best thing an IT department can do is resolve to address the technical debt and legacy technology problems head-on, says Beal.

“With technical debt built into their systems, what you get is an IT depart-ment under pressure to produce more innovation while working with very fragile systems,” she says. “It is a journey a lot of organisations need to go on. They almost have to throt-tle change in their organisation to give themselves the time and space they need to tackle the technical debt, but it can be a very hard thing to do.”

Not doing so, however, can have a detrimental impact on staff morale, as the IT department gets it in the neck whenever one of the creak-ing legacy systems the company runs on fails.

Stuck in a cycle of firefightingThis is a situation Oliver Wood, an Amazon Web Services (AWS) architect now working for managed service provider Solarwinds, knows only too well. “Years ago, I was trying to figure out why I wasn’t enjoying what I was doing at the time, and it was because I was stuck in a cycle of firefighting, where we weren’t actually solv-ing the bigger technology problems or the root cause of the issue – we were simply fixing the system when it was on fire,” he says.

Getting stuck in a day-to-day rut like that can negatively affect how people feel about the quality of the work.

Hannah Foxwell, product manager at software-as-a-service monitoring and alerting platform Server Density, experienced this sev-eral years ago, while working as an IT programme manager at a UK super-market chain. The organisation was heavily siloed and operating a sizea-ble legacy IT environment, despite the best efforts of Foxwell and her team to keep it up and running. “I hate fail-ing, and we were constantly trying to work out why we couldn’t ship code into this environment reliably. You then dig a little deeper and realise the problem is technical,” she says.

Before this realisation, though, the tendency among her team members was to blame themselves for any technical difficulties that arose and assume they were terrible at their jobs. “I discov-ered continuous delivery and the DevOps movement when I was trying to figure out why we were so bad at our jobs,” says Foxwell.

Stopping the break-fix cycleGetting locked in to a break-fix-style support cycle on a day-to-day basis can be physically and mentally draining too, says Wood. “If all you are doing is firefighting, and the root cause is not being addressed, you will always be firefighting. But what

COLLABORATIVE DEVOPS

“i discovered continuous delivery And the devops movement when trying to figure out why we were

so bAd At our jobs”hAnnAh FoxweLL, SeRveR denSIty

computerweekly.com 7-13 March 2017 21

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

organisations should want is people who are being productive, are happy with what they are doing and are not half-dead because they have been up three days straight,” he says.

It is not just the operations team who find working under con-ditions like this a drag, says Beal. “For the support desk, it’s hor-rible, because they will be the ones getting the rough end of the deal, with all the annoyed employees complaining at them, while operations are likely to have someone shouting at them to get the system back up and running.”

The pressure on operations to fix the problem can be exacer-bated by the fact that the root cause may be down to an errant piece of code or other change the development team is responsi-ble for pushing through. “It could be down to bad communication between the developers and the operations team about the con-figuration of the environment, but the point is the support people are getting the rough end of the deal during an outage,” says Beal.

Culture of collaborationTo prevent scenes like this, CIOs should take steps to open up lines of communication between all members of the IT depart-ment, irrespective of job role, and encourage collaboration between developers, operations and support staff to thrive.

“Developers are very proud of what they do, and giving them more involvement in a problem is something they’re often quite keen to do,” says Beal. “Getting them in close proximity to the support desk is really key.”

This can be achieved by breaking down the traditional IT depart-ment siloes, and reorganising people into small, cross-functional

COLLABORATIVE DEVOPS

CO

OLG

ENG

ZZ

/IST

OC

K

CIOs need to break down traditional IT department silos so developers, operations and support teams work together in a DevOps-like fashion

computerweekly.com 7-13 March 2017 22

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

team units, paving the way for developers, operations and sup-port staff to work side-by-side in a DevOps-like fashion.

“If you look at the organisational chart of a traditional IT organi-sation, you’ve got a CIO, you’ve got developers, you have the operations team, and they are all very segregated, and then there is often further segregation within these silos,” she says. “You’ll have developers separate from the people testing the code, and then the operations team who have networks, security and sup-port all separate as well. The end result is that collaboration between developers and operations is not very good, or within the operations team itself, and that can give rise to conflict.”

In that kind of setup, it’s not diffi-cult to see how resentment, frustra-tion and conflict can arise between the disparate groups of people that make up a traditional IT depart-ment, which isn’t exactly condu-cive to creating a good workplace environment.

Working in this way can contrib-ute to people in these silos feeling as though they are being pitted against one another, says Foxwell, particularly when it comes to appor-tioning blame for outages and system failures.

“You can end up feeling like everybody is waiting for someone else to fail, because you don’t want to be the ones responsible for launching something that breaks the system. There is a lot

of friction,” she says. “Testing would wait for the environment to break, so they could say it wasn’t their fault, and then – when the environments went down – the developers would get the blame, and it becomes a vicious cycle.”

Cross-functional career developmentDepending on the size of the IT department, each cross-functional team can be tasked with looking after all or part of an application, website or service, paving the way for them to cre-ate, test and deploy secure and compliant code into production

environments multiple times a day.Getting to this point, though, will

require CIOs to address how the IT organisation views failure, as this can have a direct impact on the creative output of these cross-functional teams, says Beal.

This is important because innova-tion and experimentation are intrin-sically linked, and punishing people when their efforts do not pay off may only serve to encourage them to play it safe in future.

It is a notion cloud giant Amazon Web Services subscribes to, and is one the organisation credits with allowing it to rapidly expand the functionality of its platforms and services on a daily basis. AWS CEO Andy Jassy describes failure as a by-product of innovation, and a sign of how highly productive its cross-functional

COLLABORATIVE DEVOPS

innovAtion And experimentAtion Are intrinsicAlly linked,

And punishing people when their efforts do not pAy

off mAy encourAge them to plAy it sAfe in future

❯Download this free guide to agile DevOps, which offers tips for successful adoption.

computerweekly.com 7-13 March 2017 23

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

teams are. “We hope that most of the things we do aren’t going to be failures, but if you are innovating enough, you will have things that don’t work, and that’s okay,” he says. “As long as the inputs into that initiative were executed well, the staff don’t somehow have their careers clipped.”

In a bad working culture, employees are often made to feel like failure is a “bad and scary” thing, and contributing to one occurring could negatively affect their workplace reputation and career prospects, says Ranger4’s Beal. “In a good culture, fail-ure is seen as something to embrace, as long as that organisation has built in systems that allow employees to fail safe, fail smart and fail fast.”

And by that, she means technolo-gies that allow the reinstatement of the last known good state of a sys-tem should the deployment of new code adversely affect its per-formance. “There are also digital performance monitoring tools, which effectively help us to pre-empt system failures, and – when they do occur – fix them and identify the root cause fast,” she says.

Adjusting CIO attitudes to experimentationFor more risk-averse CIOs, getting them to adjust their attitude to experimentation and failure may require these cross-functional teams to engage in a few trust-building exercises first.

“We have to go through this process, particularly if we have nerv-ous executives who have been in the job 30 or so years and have

seen a lot of bad things happen,” says Beal. “The teams will have to make an effort to showcase and prove what they can do all the time, and get them comfortable with the fact it is possible to do multiple code releases a week without a single outage occurring.”

From a technology perspective, isolating what needed to be done to shore up and stabilise failure-prone IT systems was rela-tively straightforward for Server Density’s Foxwell, compared with

securing buy-in for her DevOps trans-formation plans from the relevant stakeholders.

“I became so enthused by the sub-ject of DevOps and continuous deliv-ery, I was given the remit to embed the principles in my team, but when it came to the human and cultural aspects of it, that’s where progress really slowed down,” she says.

Cultivating a working culture that supports experimentation, encourages collaboration and celebrates failure will take time, and is often the hardest part of any digital transformation project, says Beal. And for this reason, it is important for CIOs not to lose sight of what they’re trying to achieve and the benefits they stand to realise once the process is complete.

“The cultural journey is a long one for a lot of companies because what we’re effectively saying is, here are a bunch of humans who are performing in a certain way and we want to change that. They have habits we would like to break and reform, and that can be very hard to do,” she says. n

COLLABORATIVE DEVOPS

“if you Are innovAting, you will hAve things thAt don’t

work, And thAt’s okAy”Andy JASSy, AmAzon web SeRvICeS

computerweekly.com 7-13 March 2017 24

As organisations aim for digital transformation and debate the relevance and role of IT decision mak-ers, how can traditional CIOs deal with the threat of becoming undesirable in the job market?

According to the 2016 CIO Survey by recruitment firm Harvey Nash and consultancy KPMG, the proportion of organisations with chief digital officers (CDOs) has risen from 7% to 17%, implying that one in 10 firms hired a CDO in 2015. Appointments of CDOs stalled a little in 2016 – down by 2% – but firms are assigning increasing importance to the notion of a dedicated digital leader separate from the CIO, and for some the trend is irreversible.

Over the past two decades, the emphasis in enterprise technol-ogy has moved from managing back-office systems to position-ing IT as the primary means of delivering to, and communicating with, customers. Not all CIOs were immediately up for the chal-lenge – or at least they were perceived not to be – and new roles, such as chief data officer, were created to provide for modern management capabilities.

Identity crisisThe urge to “go digital” amid this identity crisis has caused a problem when it comes to hiring, because businesses don’t know what they actually need, according to Ian Cohen, a former CIO and now digital adviser at the Leading Edge Forum.

“Some organisations are running around hiring a CDO without even knowing what digital means to them,” he says. “Frankly, if an organisation has a CIO and is now looking to replace that role with a CDO, it just means they had the wrong CIO to start with.

CIOs must become hybrid IT and digital leaders

It looked for a while that CDOs would replace CIOs, but organisations are realising that they need a mix of both roles, writes Angelica Mari

IT MANAGEMENT

HOME

BIZ

VEC

TOR/

FOTO

LIA

computerweekly.com 7-13 March 2017 25

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

“The best CIOs understand that digital is not something separate from their role – it is just a convenient label for predominantly ‘outside-in’ enabling and engaging technologies for customers, clients and markets.”

Regardless of organisations’ motivation for hiring a CIO, or another role such as a CDO, the uncer-tainty has damaged the CIO and the IT department internally, according to Ben Booth, former CIO at polling firm Ipsos Mori and now an interim IT leader, whose recent assignments have included IT and change director at the National Offender Management Service.

“A few years ago, having a CIO and a CDO was necessary in some organisations, but led to fragmentation of resource, effort and expertise,” he says. “The result was often dysfunctional and, when the digital world was dependent on IT-delivered infrastruc-ture, there were often problems.”

Flaky systemsAnother problem, says Booth, is that many digital experts were not familiar with the demands of cyber security and resilience, which made for flaky systems. But this has been corrected, and CDOs, as well as CIOs, are up to speed with digital realities, resulting in a convergence back to a single IT organisation – a situation that has occurred at government departments such as the Home Office and the Department for Work and Pensions.

Booth echoes the view that the skillset required from executives now encompasses both digital and traditional IT – so IT leaders

need to demonstrate capabilities across the board. “Businesses are best served by having both areas under single integrated management,” he says.

Fernando Birman, head of the digital office at Belgian chemical giant Solvay, says the CIO and CDO briefs can be confusing in many companies. The CIO’s aim has always been to use IT to add value to the business, but enterprise ambitions to

achieve digital change have often associated that objective with the CDO, he says.

“Each company deserves a different solution depending on its size, market and culture. The sectors that have a more aggressive profile and are more subject to startup competition preferred to separate the CIO and CDO roles, leaving to the latter the challenge of blending into the business and finding innovative solutions.

“In most companies, however, the CIO and CDO are the same person. With cloud and outsourcing becoming more intense, the role of the CIO as a resource manager will continue to lose impor-tance, with the CIO eventually becoming the CDO.”

Double roleIt may be just a matter of time before the CIO and CDO roles merge, but some CIOs are not prepared to take on this double role yet, according to Simon Gratton, former CDO at Zurich Insurance and Deloitte, and now an interim executive.

“At present, experienced CIOs do not generally have a digital and data mindset, which is a problem for companies looking to transition to a digital operating model,” he says. “Companies

IT MANAGEMENT

❯Just as the CIO finally proves his or her worth, a new evangelist is trying to take credit for all things

digital – the CDO.

computerweekly.com 7-13 March 2017 26

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

looking for significant change are generally looking outside for a CIO/CDO hybrid, but in reality few of these individuals exist.

“Ironically, those that look in-house for their next CIO often believe digital is not needed across back-office systems when, in fact, transformation focus is shifting from digital channels to digi-tal back office.”

Tech leaders seeking opportunities in this new context need to increase their digital and data think-ing to be successful, but this varies, says Gratton. In small and medium-sized com-panies, a single individual can handle the task, while bigger businesses require a “golden triangle” between the CIO, CDO and the chief operating officer, he says.

More culture than skillsetGratton says the recruitment of leaders who will be effective in a digital context is more about culture than skillset. If corporate cultures and operating models are adapted to embrace digital, rather than focusing on internal politics around IT and digital, not only is success more likely, but it will also allow for skills to be cross-pollinated between the CIO and CDO organisations.

“CIO skills need to expand, but the single biggest threat to the CIO is a digitally-averse culture,” he says. “You cannot separate IT from digital transformation as they need to go hand in hand.”

The need for skills convergence between IT and digital becomes more evident when speaking to recruiters who work with

executives focused on both ends of the spectrum. According to Iain McKeand, director of the CIO practice at recruitment firm Harvey Nash, companies are looking for CIOs with expertise that encompasses digital, data, security and innovation, in addition to the technology itself.

“Organisations want individuals with all those elements in their DNA,” he says. “The traditional skills required about five years ago

around managing and controlling the IT estate have become unfashionable and even undesirable by employers.

“Hybrid leaders are few and far between. They will often be working on massive change programmes and will immediately move on to the next assignment once they are done. They are hard to find and expensive, which makes things difficult for headhunting.”

Mobile and marketableMcKeand says CIOs transitioning to this new hybrid world real-ise not only that they have to be more mobile geographically, but also that they need to become more marketable to find them-selves suitable employment sooner rather than later.

“CIOs who are looking to become more attractive in this digi-tal context need to be able to describe an interesting project they have been involved with, as well as promote it via speaking engagements and by going to as many industry events as pos-sible,” he says. n

IT MANAGEMENT

“cio skills need to expAnd, but the single biggest threAt to the cio is A

digitAlly-Averse culture”SImon GRAtton, InteRIm exeCutIve

computerweekly.com 7-13 March 2017 27

Home

News

Rise of the white box server makers poses threat to major manufacturers

Industrial control systems are the top threat to UK cyber security, says expert

Laying down the law on technology sets up Linklaters for digital transformation

Editor’s comment

Buyer’s guide to mobile app development

Tips for building a DevOps culture

CIOs should be hybrid IT and digital leaders

Downtime

Handle in the windIf you haven’t met Handle yet, Handle’s the latest robot to be deliv-ered by the benign storks at Boston Dynamics, an intensely creepy subsidiary of not-so-proud parent Google.

How does one describe Handle? Handle is very well-built and tall in stature, no less than when it stands up on its wheeled hind legs. It picks stuff up, and it glides around with said stuff at about 9mph. It makes very light work of steps.

Handle is graceful in its every movement, like the scandalous lovechild of Matilda from Robot Wars and Wayne Sleep we’ve all been waiting for. But that’s the kind of robot that’ll get us, isn’t it?

A booming, menacing git with machine guns for arms is too obvi-ous. Robots would dispose of us with total panache. They’d flounce up and down our streets a bit first, like this new kid on the block. They’d limber up. They’d crouch down into our faces and fling our prized possessions through neighbouring roofs. Then kill us.

We understand why Google wants to get rid of Boston Dynamics. It must be hard enough as it is trying to win the world’s trust while tip-toeing through literally every piece of information about every-one everywhere. It might be able to do its thing a bit quieter with-out these nerve-wracking machines loitering behind it asking for tenners and help with homework. n

DOWNTIME

❯Read more on the Downtime blog