Posts Tagged ‘market research’
Six Keys To Effective Reputational And IT Risk Management
In September of last year, I blogged about the IBM 2012 Global Reputational Risk and IT Study, which I explained was an “investigation of how organizations around the world are managing their reputations in today’s digital era, where IT is an integral part of their operations and where IT failures can result in reputational damage.”
I also wrote “corporate reputations are especially difficult to manage in an era when anyone with a smartphone and Internet connection can file their complaint with a single touch.”
That continues to be the case, but what’s new is that IBM has recently issued another report on further implications of this study and its findings, and more importantly, what organizations can do to get on offense when it comes to better managing their corporate reputation.
The Connection Between Reputational Risk And IT
When the corporate world first began paying attention to the concept of reputational risk in 2005, organizations’ focus tended to be on business issues like compliance and financial misdoings.
Today, the focus has shifted to include the reputational impact of IT risks. Virtually every company is now reliant on technology for its critical business processes and interactions. While it may take 10 minutes or 10 hours to recover from an IT failure, the reputational impact can be felt for months or even years.
Reputational damage caused by IT failures such as data breaches, systems failures and data loss now has a price tag. According to analyses performed by the Ponemon Institute, the economic value of a company’s reputation declines an average of 21 percent as a result of an IT breach of customer data — or the equivalent of an average of US $332 million.
The question now is not whether IT risks affect your corporate reputation, but what you can do to effectively prevent and mitigate these risks.
Six Keys To Effective Reputational And IT Risk Management
An analysis of responses to the IBM study revealed distinct correlations between the initiatives that organizations are undertaking to protect their reputations from the ramifications of IT failures and the overall effectiveness of their reputational and IT risk management efforts.
Based on this analysis, and the pattern it revealed among organizations that are most confident in their ability to prevent and mitigate IT-related reputational risk, there are six key initiatives that IBM recommends as part of every company’s efforts:
- Put someone in charge. Ultimate responsibility for reputational risk, including IT-related items, should rest with one person.
- Make the compliance and reputation connection. Measuring reputational and IT risk management strategies against compliance requirements is essential.
- Reevaluate the impact of social media. In addition to recognizing its potential for negative reputational impact, social media should be leveraged for its positive attributes.
- Keep an eye on your supply chain. Organizations must require and verify adherence of third-party suppliers to corporate standards.
- Avoid complacency. Organizations should continually evaluate reputational and IT risk management against strategy to find and eliminate potential gaps.
- Fund remediation; invest in prevention. For optimal reputational risk mitigation, companies need to fund critical IT systems as part of their core business
How IBM Can Help
When planned and implemented effectively, your organization’s reputational and IT risk strategy can become a vital competitive advantage. When you protect against and mitigate reputational risks successfully, you can enhance brand value in the eyes of customers, partners and analysts. Further, your organization can better attract new customers, retain existing customers and generate greater revenue.
IBM can help you protect your reputation with a robust portfolio of IT security, business continuity and resiliency, and technical support solutions. You can start with an IT security risk assessment, or penetration testing performed by IBM experts.
For business continuity and resiliency, you can begin with a Continuous Operations Risk Evaluation (CORE) Workshop and move on to cloud-based resiliency services. Our technical support solutions range from basic software support to custom technical support.
What makes IBM solutions work is global reach with a local touch. This includes:
- Over 160 business resiliency centers in 70 countries; more than 50 years of experience
- More than 9,000 disaster recovery clients, with IBM providing 100 percent recovery for clients who have declared a disaster
- A global network of 33 security operations, research and solution development centers; 133 monitored countries
- 15,000 researchers, developers and subject matter experts working security initiatives worldwide.
To learn more about the IBM Global Reputational Risk and IT Study go here.
IBM’s 2012 Tech Trends Report: Skills, Skills, And More Skills!
Across the four technology areas covered in the 2012 IBM Tech Trends Report – mobile, business analytics, cloud and social business – only one in ten organizations has all the skills it needs. These shortages are not trivial or isolated. Within each area, roughly one-quarter report major skill gaps, and 60 percent or more report moderate to major shortfalls.
Okay boys and girls, it’s that time of year.
No, not the time for Saint Nicholas to come shooting down your chimneys to deliver lots of tablets and smartphones for Christmas.
That time will come soon enough.
No, I’m referring to the results from IBM’s third annual Tech Trends Report, where we talk to an extended sample of technology decision makers to find out what’s on their minds.
In 2010, I explained from the results that it was all about mobile and the cloud.
Last year, the headlines centered on IBM’s Watson technology and business analytics.
This year…while we wait for the drum roll, let me first tell provide you with some background about this year’s study.
About the 2012 IBM Tech Trends Report Study
The 2012 Tech Trends Report is based on a survey of more than 1,200 professionals who make technology decisions for their organizations (22 percent IT managers, 53 percent IT practitioners, and 25 percent business professionals), and who come from 16 different industries and 13 countries (which span both mature and growth markets).
IBM also surveyed more than 250 academics and 450 students across those same countries in order to better understand how tech trends are impacting future IT professionals.
The Headlines This Year: What’s Old Is New, And What’s New Is An Emerging Skills Gap
According to this year’s survey, what’s old is new. Mobile technology, business analytics, cloud computing, and social business continue to be emergent key themes. What’s new is this: Though new and exciting business possibilities are emerging from these new capabilities, significant IT skills shortages, combined with lingering security concerns, are threatening adoption and business progress.
By way of example, the survey revealed that only one in ten organizations has all the skills it needs, and within each of the four areas previously mentioned, roughly one-quarter of respondents report major skills gaps, and 60 percent or more report moderate to major shortfalls.
The skills shortage is more acute in mature markets, with roughly two-thirds of respondents indicating moderate to major shortages versus roughly half in growth markets.
With respect to security concerns, they consistently rank as the most significant barrier to adoption across mobile, cloud computing and social business.
The report observes that IT security is not just a technology concern, however. It’s a broad business issue with far-reaching policy and process implications, and notes that moving into mobile means organizations must address the increased risk of data loss and security breach, device management challenges, and complications introduced by the growing trend toward “bring-your-own-device” (BYOD).
In cloud computing, it calls for policies on employee use of public cloud services, segregation of data within shared or hybrid cloud solutions, and ensuring the right data is in the right place subject to the right controls.
In social business, organizations need to consider customer privacy expectations, regulatory compliance, and employee guidelines on confidentiality, acceptable use, and protecting the corporate brand.
Pay Attention To The Pacesetters
So with all this in mind, which organizations are better positioned to create competitive advantage? Early adopters or late arrivers? Those focused on strategic impact or tactical implementations?
The data suggest it’s those companies forging ahead faster (in spite of adoption hurdles) and using mobile, analytics, cloud, and social technologies in more strategic ways.
The so-called “pacesetters” believe emerging technologies are critical to their business success and are using them to enable new operating/business models.
They’re also adoption ahead of their competition.
What sets them apart from the “followers” and “dabblers” are three key factors: They’re more market driven, they’re more analytical, and they’re more willing to experiment.
And where they say they’re headed next also provides a learning opportunity.
More than 75 percent of pacesetters are increasing investments in mobile and cloud computing over the next two years, and they’re betting heavily on business analytics and social business (two to three times as many pacesetters are raising those investments by 10 percent or more).
With respect to skills, 70 percent of pacesetters are building capabilities in mobile integration, security, privacy, and mobile application architecture, design and development.
Twenty-eight percent have already developed business analytics expertise in probability, statistics and mathematical modeling (and another 60 percent are eagerly developing those capabilities).
In cloud computing, more than 70 percent are developing skills in cloud security, administration, and architecture.
The 2012 IBM Tech Trends Report data suggests an opportunity for organizations everywhere to help close the large and expanding technology skills gap. Is your organization prepared to take these important and often necessary actions?
And nearly one-quarter of them have already built the expertise needed to extend social business solutions to mobile and to perform social analytics.
Their intent to combined technologies — mobile and social, social and analytics, etc. — are helping drive even greater business value for their organizations.
The 2012 IBM Tech Trends Upshot?
CEOs understand the external factors impacting their organizations most: Technology and skills.
But one without the other is a recipe for innovative decline, and to effectively address these interconnected imperatives, business and IT executives need new approaches for bridging skills gaps and helping their organizations capitalize on the strategic potential of emerging technologies.
The figure to the right demonstrates specific actions that can help you as a leader move your organization into a pacesetting position. And IBM is also stepping up and offering some new skills-building initiatives as well.
Bridging The Skills Gap
On the heels of this study, IBM has announced an array of programs and resources to help students and IT professionals develop new technology skills and prepare for jobs of the future.
The initiatives include new training courses and resources for IT professionals, technology and curriculum materials for educators and expanded programs to directly engage students with real-world business challenges. You can learn more about those here.
CMO Talk: What If Everything You Knew About Marketing Changed?
Click to enlarge. The practice of marketing is going through a period of unparalleled change, putting CMOs everywhere to the test. However, you can seize the opportunity to transform your marketing function. The combined insights of the 1,734 senior marketing executives participating in IBM’s Global CMO study point to three strategic imperatives that can strengthen your likelihood of success, as outlined in the graphic above.
Contrary to popular opinion, we don’t all know one another at IBM.
I know, I know, it’s hard to believe, considering there’s only 400,000+ plus of us — you’d think we all knew one another, but we don’t.
But the good news is, we’re always making new acquaintances inside IBM.
That was the case at the Word of Mouth Marketing Association Summit I attended last week in Vegas, where I finally got to meet face-to-face my colleague, Carolyn Heller Baird.
Carolyn is situated in IBM’s Global Business Services organization, and for the better part of two years, Carolyn served as the Global Director for our Chief Marketing Officer study, which was released late last year (and for which I wrote an extensive blog post, which you can find here.)
Carolyn was also in attendance at WOMMA, where she presented the CMO findings in some detail before a sizable audience.
I sat down with Carolyn to talk about the study’s findings in more detail, and to also try and better understand the implications for marketers in general, and social media practitioners in specific.
Before I hand you off to our interview below, I want to highlight the fact that the study results are still available via download here.
As the study concluded, half of all CMOs today feel insufficiently prepared to provide hard numbers for marketing ROI, even as they expect that by 2015, return on marketing investment will be the primary measure of the marketing function’s effectiveness.
There’s a gap to close there, and Carolyn’s comments in the video provide some actionable insights on to how to start to close it!
New IBM Study: The Business of Social Business
IBM’s recent study on “The Business of Social Business” revealed three major areas where organizations can most effectively apply their social business investments. The study surveyed more than 1,100 businesses worldwide, and included extensive interviews with more than two dozen widely recognized leaders in social business. You can find a link to a downloadable version of the study later in this blog post.
If you’ve been looking for a study that will help you better understand how organizations around the globe are viewing the opportunity social business presents as a fundamental way by which to rethink and overhaul how they conduct their business operations in the social age, IBM has something for you.
Earlier today, we released the new IBM Institute for Business Value study entitled “The Business of Social Business.”
This was a survey conducted of more than 1,110 businesses around the world, and with extensive interviews with more than two dozen recognized global leaders in social business. Many of those executives explained to IBM that, in fact, social business is gaining traction in their organizations.
Top line, 46 percent of the companies surveyed increased their investments in social business in 2012, and 62 percent indicated they were going to increase their expenditures in the next three years.
As the executive summary of the report stated, “The question surrounding social media today is not whether you are doing but, but whether you are doing enough.
Getting your 100,000th “Like” on Facebook, or having your latest pearl of wisdom retweeted 200 times an hour is all well and good, but are these activities driving revenue, attracting talent, and bridging the collaboration gaps in your organization?”
Is your use of social media allowing your organization to engage with the right customers, improve their online experience, and tap into their latest insights and ideas?
And does your social approach provide your customer-facing representatives with the ability to search the globe for expertise or apply learnings?
For far too many organizations, the answer are, “not yet.”
What IS Social Business?
IBM defines social business as embedding tools, media, and practices into the ongoing activities of an organization. It enables individuals to connect and share information and insights more effectively with others, both inside and outside the organization.
Social business tools facilitate engagement in extensive discussions with employees, customers, business partners, and other stakeholders and allow sharing of resources, skills and knowledge to drive business outcomes.
And what’s the upside? Top-line growth for social business users can improve between 3 and 11 percent, according to a recent study from the McKinsey Global Institute, and productivity can be enhanced by between 2 and 12 percent.
I’ll hand you off to a link of the full study later, but to net out the findings, IBM’s survey and interviews revealed three major areas where organizations apply social business investments (see graphic above):
- Create valued customer experiences
- Drive workforce productivity and effectiveness
- Acclerate innovation
Shifting Towards Sales And Service
For those who have been involved in the social media realm to date, it’s important to note that social business is about moving beyond basic promotional activities to encompass the entire customer lifecycle, including lead generation, sales, and post-sales service.
The IBM study had a sub-sample of clients with some social business experience which revealed that while the percentage of companies expecting to use social business for promotional activities will rise slightly, from 71 percent today to 83 percent in the next two years, the number of companies expecting to use social approaches to generate sales leads and revenue will increase dramatically.
How companies are using social business capabilities is evolving rapidly. As you can see in the graphic, it is moving beyond basic promotional activities to encompass the entire customer lifecycle, including lead generation, sales, and even post-sales service.
Today, 51 percent use social approaches for leads and revenue, while 74 percent plan to get on board in the next two years. Post-sales support is also expected to increase, from 46 today to 69 percent over the next two years (see graphic entitled “Users of Social Business”).
Getting Started With Social Business
Regardless of where your organization is in its own social business journey, the use of social business practices is a transformation that leads toward new ways of working.
IBM’s research revealed three essential actions to be taken across the enterprise, from the CEO’s office to the farthest corner of the organization.
- Develop social methods and tools to create consistent and valued customer experiences.
- Embed social capabilities to drive workforce productivity and effectiveness.
- Use social approaches to accelerate innovation.
If you’re interested in reading the full study, you can register to download it here.
As IBM’s vice president for social business, Sandy Carter, explained in the video interview below during our recent interview at the IBM Interconnect in Singapore, “culture eats strategy for lunch.” Sandy offered up some great advice on world-class social business practices, as well as how companies and individuals can better establish their brands in an increasingly crowded social marketplace.
Big Study On Big Data
Perfect timing.
In advance of IBM’s massive event next week in Las Vegas featuring all things information management, Information On Demand 2012, IBM and the Saïd Business School at the University of Oxford today released a study on Big Data.
According to a new global report from IBM and the Said Business School at the University of Oxford, less than half of the organizations engaged in active Big Data initiatives are currently analyzing external sources of data, like social media.
The headline: Most Big Data initiatives currently being deployed by organizations are aimed at improving the customer experience, yet less than half of the organizations involved in active Big Data initiatives are currently collecting and analyzing external sources of data, like social media.
One reason: Many organizations are struggling to address and manage the uncertainty inherent within certain types of data, such as the weather, the economy, or the sentiment and truthfulness of people expressed on social networks.
Another? Social media and other external data sources are being underutilized due to the skills gap. Having the advanced capabilities required to analyze unstructured data — data that does not fit in traditional databases such as text, sensor data, geospatial data, audio, images and video — as well as streaming data remains a major challenge for most organizations.
The new report, entitled “Analytics: The real-world use of Big Data,” is based on a global survey of 1,144 business and IT professionals from 95 countries and 26 industries. The report provides a global snapshot of how organizations today view Big Data, how they are building essential capabilities to tackle Big Data and to what extent they are currently engaged in using Big Data to benefit their business.
Only 25 percent of the survey respondents say they have the required capabilities to analyze highly unstructured data — a major inhibitor to getting the most value from Big Data.
The increasing business opportunities and benefits of Big Data are clear. Nearly two-thirds (63 percent) of the survey respondents report that using information, including Big Data, and analytics is creating a competitive advantage for their organizations. This is a 70 percent increase from the 37 percent who cited a competitive advantage in a 2010 IBM study.
Big Data Drivers and Adoption
In addition to customer-centric outcomes, which half (49 percent) of the respondents identified as a top priority, early applications of Big Data are addressing other functional objectives.
Nearly one-fifth (18 percent) cited optimizing operations as a primary objective. Other Big Data applications are focused on risk and financial management (15 percent), enabling new business models (14 percent) and employee collaboration (4 percent).
Three-quarters (76 percent) of the respondents are currently engaged in Big Data development efforts, but the report confirms that the majority (47 percent) are still in the early planning stages.
However, 28 percent are developing pilot projects or have already implemented two or more Big Data solutions at scale. Nearly one quarter (24 percent) of the respondents have not initiated Big Data activities, and are still studying how Big Data will benefit their organizations.
Sources of Big Data
More than half of the survey respondents reported internal data as the primary source of Big Data within their organizations. This suggests that companies are taking a pragmatic approach to Big Data, and also that there is tremendous untapped value still locked away in these internal systems.
Internal data is the most mature, well-understood data available to organizations. The data has been collected, integrated, structured and standardized through years of enterprise resource planning, master data management, business intelligence and other related work.
By applying analytics, internal data extracted from customer transactions, interactions, events and emails can provide valuable insights.
Big Data Capabilities
Today, the majority of organizations engaged in Big Data activities start with analyzing structured data using core analytics capabilities, such as query and reporting (91 percent) and data mining (77 percent).
Two-thirds (67 percent) report using predictive modeling skills.
But Big Data also requires the capability to analyze semi-structured and unstructured data, including a variety of data types that may be entirely new for many organizations.
In more than half of the active Big Data efforts, respondents reported using advanced capabilities designed to analyze text in its natural state, such as the transcripts of call center conversations.
These analytics include the ability to interpret and understand the nuances of language, such as sentiment, slang and intentions. Such data can help companies, like a bank or telco provider, understand the current mood of a customer and gain valuable insights that can be immediately used to drive customer management strategies.
You can download and read the full study here.
Update: Also check out the new IBM Big Data Hub, a compendium of videos, blog posts, podcasts, white papers, and other useful assets centering on this big topic!
IBM Survey: Social Media Impacting Threats From Reputational Risk
More than 400 respondents in 23 industries across the globe agree: managing reputational risk is crucial to their business, and managing IT risk is a major part of their efforts. And, social media is cited as a major factor for those shifting more focus to their reputational risk management efforts. Learn what these respondents are doing — and what they’re overlooking — in the 2012 IBM Global Reputational Risk and IT study report.
So here’s a question for you? What is your organization doing to more effectively manage its risk profile?
IBM recently released its 2012 Global Reputational Risk and IT Study, and the findings suggest that companies are viewing their IT investments through a new lens.
First, some background, and then a summary of the findings.
This study is an investigation of how organizations around the world are managing their reputations in today’s digital era, where IT is an integral part of their operations and where IT failures can result in reputational damage.
The report was written by the Economist Intelligence Unit, which both executed an online survey and conducted client executive interviews.
That included 427 senior executive responses from around the world, 42 percent of those being C-level, with 33 percent of respondents coming from North America, 29 percent from Europe, and 26 percent from Asia-Pacific.
The survey included industries that ran the gamut, including banking, IT, energy and utilities, and insurance.
Impact of Social Media On Risk
Corporate reputations are especially difficult to manage in an era when anyone with a smartphone and Internet connection can file their complaint with a single touch.
With social media sites like Facebook and Twitter boasting over 1.4 million people combined, there is now a highly visible and immediate alterative to a company’s own communications regarding its reputation.
Because of that, more organizations have introduced reputational risk as a distinct category within their enterprise risk management frameworks.
The study suggests that companies have begun to pay closer attention to the links between IT failures and reputational damage, and also examines how executives are attempting to protect their brands from what could arguably be called “a preventable glitch.”
So, drum roll, please. Here’s a summary of some of the key findings:
- IT risk management and investment directly supports a company’s reputation. Reputational risk has evolved into an asset that is fundamentally supported by IT planning and investment. 78 percent say they included reputational risk in their own IT risk planning, and 75 percent say their budget will grow due to concerns for such. Eighteen percent indicate that spend will increase by more than 20 percent in the next 12 months.
- The CEO owns it but shares it. When asked to name the top 3 C-level execs who owned reputational risk, close to two-thirds say it was shared across the C-suite. 80 percent of CEOs indicated it was theirs to win, followed by 31 percent of CFOs, 27 percent of CIOs, 23 percent of CROs (Chief Risk Officers), and 22 percent of CMOs.
- Five characteristics of highly effective companies — they get reputational risk and invest in it. Of those who do, 83 percent indicated they have integrated IT into their reputational risk management regimes. They also perceive stronger links between IT threats and key elements of reputation (especially customer sat and brand reputation), and they also say they have strong or very strong IT risk management capacity (84 percent). Seventy-seven percent indicated they have well-resourced IT risk management functions, and are more likely to require vendors and supply chain partners to meet the same levels of control as they require internally.
Improving Reputational Risk Management: Best Practices
So what’s a concerned C-level exec to do? The study revealed several core strategies:
- Be proactive rather than reactive. That is, be prepared to invest in developing comprehensive reputational risk management strategies that include robust controls on IT risks, particularly those related to security, business continuity and tech support.
- Create an organization where IT managers collaborate with other risk management specialists. Together, they should be tasked with presenting a comprehensive profile of organization-wide reputational risks to senior management.
- Engage in scenario analysis, especially with new and emerging technology. Don’t wait for the worst to happen — there are plenty of case studies to be used as a basis for “what-if” planning.
- Assess risks across the entire supply chain. A failure by a downstream supplier can be just as devastating as an internal problem, and risk controls can be harmonized among key players.
A More Integrated, Holistic Approach
This more integrated, enterprise-wide approach to risk management — led by the C-suite on down — can help your organization increase the attention being paid to the direct reputational impact of IT risks, and help you mitigate those risks (including those stemming from the use of new technologies).
To learn more and to gain access to the full study, go here.
InformationWeek’s IT Pro Ranking: Enterprise Social Networking
Click to enlarge. InformationWeek surveyed 405 IT professionals to evaluate enterprise social networking software. When it came to success metrics, fifty percent of respondents cited “user activity on the system” as a key metric of success.
We’ve seen a lot of consolidation in the social enterprise scene of late.
Most recently, Oracle bought Involver and Collective Intellect, Salesforce bought Radian6 and, later, BuddyMedia.
We’ve also started to see some report cards being issued about who’s leading in what arena.
Last week, InformationWeek released such a report, entitled “IT Pro Ranking: Enterprise Social Networking,” in which IW surveyed 405 IT pros to evaluate enterprise social networking software vendors.
IW explained that its ratings were based on two broad sets of criteria, the first for overall performance and items such as product reliability, innovation, and cost. And second, category-specific features like status updates, team workspaces, and social bookmaring.
Six firms made the top box to receive a full evaluation: Drupal, Google Sites, IBM Lotus Live/Lotus Connections, Microsoft SharePoint, Salesforce.com Chatter, and Yammer (the study was apparently conducted prior to Microsoft’s recent acquisition of Yammer).
In terms of overall performance, Google Sites came out on top as the “best-performing” vendor (73%), but IBM’s Lotus Live/Lotus Connections and Salesforces’ Chatter were just a percentage point behind Google (72%), “indicating a tight race.”
Drupal arrived at 70%, and Microsoft 69%.
In terms of product reliability, Google, IBM and Salesforce came in on top with a 3.9 score, the highest mean average ranking for that criterion.
In terms of respondents’ rating of enterprise social networking features, Google earned the highest ranking at 77%, with IBM following at 75%, and Microsoft at 74%.
In terms of data security controls, IBM came out on top at 4.1, although Microsoft was close behind at 4.0.
The report had some other interesting insights, citing the need to “enable new services or applications” as the number one reason for replacing or adding a vendor, followed by “performance gains” and “operational cost savings.” “Substantial operational cost savings” was cited as the number one reason for “factors resulting in a change in vendor,” followed by “substantial capital cost savings” and “clear technology advantage compared with current vendor.”
You can download the full report here. Meanwhile, you can learn more about how your organization can garner measurable ROI with IBM Connections enterprise social software here.
Just How Big IS Big Data?
So just how big IS big data?
This is your opportunity to find out, and, to contribute.
IBM’s Institute for Business Value is conducting a study on big data, and we’d like to hear from you.
The idea behind the study is simple: To develop a fact-based analysis of big data activities in the global marketplace.
Through this research, IBM hopes to help the marketplace better understand some key tenets behind the big data movement: To gain an organizational view of big data and organizations’ primary objectives for investments in this burgeoning area. To understand better the drivers and leaders of big data activities. To understand the current and planned state of big data activities, and patterns that suggest best practices of big data implementations.
The survey is slated to run through June 29, 2012, and takes approximately 10-15 minutes per respondent.
All responses will be viewed in the aggregate, and individual responses will not be disclosed beyond the survey analysis team without expression permission of the respondent.
The audience for the survey: Global business executives, management and analysts, as well as IT professionals, across all levels of the organizational hierarchy (from C-suite to data analysts).
Once the fielding is completed, the survey results will be analyzed by a wide team of subject matter experts from within IBM, along with a team of faculty from a globally recognized university.
This data will be combined with interviews and case studies to develop a final reporting of findings and big data benchmarks to be published in October of this year.
So, in short, this is your opportunity to be part of the benchmarks that will define the big data era, one that you can use to compare with your own organization.
All participants will receive a copy of the final study, and will also be eligible to download the IBM e-book entitled “Understanding Big Data.”
Here’s the link if you’d like to be part of this exciting big data discovery!
New IBM Security Study: Finding A Strategic Voice In The C-Suite
I’m back from IBM Impact 2012…but my brain is still processing all the information I took in through all the interviews Scott and I conducted for ImpactTV and for all the sessions I attended…and I won’t mention all the cocktails in the evenings where I learned SO much from my industry peers.
The first ever IBM security officers study reveals a clear evolution in information security organizations and their leaders with 25 percent of security chiefs surveyed shifting from a technology focus to strategic business leadership role.
I’ll be putting together a recap post of some of the major announcements, and I’ve still yet to transcribe my interview with Walter Isaacson, but first, I wanted to highlight an important new study from IBM on the security front.
For those of you who follow the Turbo blog, you know the issue of security (particularly cybersecurity) is one I take very seriously and that I follow closely, partially because of my longstanding interest in the topic, and partially because I recognize we live in an imperfect world using imperfect technology, created and used by imperfect humans.
But the promise and hope for security, fallible though it may sometimes be, is a worthy aspiration. There are ideas, assets, and often even lives at risk, and the more we move up the stack into an intellectual capital driven global economy, the more there is at stake and the more that will be needed to protect.
So, that’s a long way of saying expect to be hearing even more from me on this important topic.
Chief Security Officers: “We’ve Got Our CEO’s Attention”
To that end, now for the new information security study results. The new IBM study reveals a clear evolution in information security organizations and their leaders, with 25 percent of security chiefs surveyed shifting from a tech focus to one of a more strategic business leadership role.
In this first study of senior security executives, the IBM Center For Applied Insights interviewed more than 130 security leaders globally and discovered three types of leaders based on breach preparedness and overall security maturity.
Representing about a quarter of those interviewed, the “Influencer” senior security executives typically influenced business strategies of their firms and were more confident and prepared than their peers—the “Protectors” and “Responders.”
Overall, all security leaders today are under intense pressure, charged with protecting some of their firm’s most valuable assets – money, customer data, intellectual property and brand.
Nearly two-thirds of Chief Information Security Executives (CISOs) surveyed say their senior executives are paying more attention to security today than they were two years ago, with a series of high-profile hacking and data breaches convincing them of the key role that security has to play in the modern enterprise.
Emerging Security Issues: Mobile And A More Holistic Approach
More than half of respondents cited mobile security as a primary technology concern over the next two years. Nearly two-thirds of respondents expect information security spend to increase over the next two years and of those, 87 percent expect double-digit increases.
Rather than just reactively responding to security incidents, the CISO’s role is shifting more towards intelligent and holistic risk management– from fire-fighting to anticipating and mitigating fires before they start. Several characteristics emerged as notable features among the mature security practices of “Influencers” in a variety of organizations:
- Security seen as a business (versus technology) imperative: One of the chief attributes of a leading organization is having the attention of business leaders and their boards. Security is not an ad hoc topic, but rather a regular part of business discussions and, increasingly, the culture. In fact, 60 percent of the advanced organizations named security as a regular boardroom topic, compared to only 22 percent of the least advanced organizations. These leaders understand the need for more pervasive risk awareness – and are far more focused on enterprise-wide education, collaboration and communications. Forward-thinking security organizations are more likely to establish a security steering committee to encourage systemic approaches to security issues that span legal, business operations, finance, and human resources. Sixty-eight percent of advanced organizations had a risk committee, versus only 26percent in the least advanced group.
- Use of data-driven decision making and measurement: Leading organizations are twice as likely to use metrics to monitor progress, the assessment showed (59 percent v. 26 percent). Tracking user awareness, employee education, the ability to deal with future threats, and the integration of new technologies can help create a risk-aware culture. And automated monitoring of standardized metrics allows CISOs to dedicate more time to focusing on broader, more systemic risks.
- Shared budgetary responsibility with the C-suite: The assessment showed that within most organizations, CIOs typically have control over the information security budget. However, among highly ranked organizations, investment authority lies with business leaders more often. In the most advanced organizations, CEOs were just as likely as CIOs to be steering information security budgets. Lower ranking organizations often lacked a dedicated budget line item altogether, indicating a more tactical, fragmented approach to security. Seventy-one percent of advanced organizations had a dedicated security budget line item compared to 27 percent of the least mature group.
Recommendations to Evolve the Security Role in an Enterprise
To create a more confident and capable security organization, IBM recognizes that security leaders must construct an action plan based on their current capabilities and most pressing needs. The report offers prescriptive advice from its findings on how organizations can move forward based on their current maturity level.
For example, those “Responders” in the earliest stage of security maturity can move beyond their tactical focus by establishing a dedicated security leadership role (like a CISO); assembling a security and risk committee measuring progress; and automating routine security processes to devote more time and resources to security innovation.
About the Assessment
The IBM Center for Applied Insights study, “Finding a strategic voice: Insights from the 2012 IBM Chief Information Security Officer Assessment,” included organizations spanning a broad range of industries and seven countries.
During the first quarter of 2012, the Center conducted double-blind interviews with 138 senior business and IT executives responsible for information security in their enterprises. Nearly 20 percent of the respondents lead information security in enterprises with more than 10,000 employees; 55 percent are in enterprises with 1,000 to 9,999 employees.
Click here to access the full study.
turbotodd
