Turbotodd

Ruminations on tech, the digital media, and some golf thrown in for good measure.

Archive for May 3rd, 2012

New IBM Security Study: Finding A Strategic Voice In The C-Suite

with one comment

I’m back from IBM Impact 2012…but my brain is still processing all the information I took in through all the interviews Scott and I conducted for ImpactTV and for all the sessions I attended…and I won’t mention all the cocktails in the evenings where I learned SO much from my industry peers.

The first ever IBM security officers study reveals a clear evolution in information security organizations and their leaders with 25 percent of security chiefs surveyed shifting from a technology focus to strategic business leadership role.

I’ll be putting together a recap post of some of the major announcements, and I’ve still yet to transcribe my interview with Walter Isaacson, but first, I wanted to highlight an important new study from IBM on the security front.

For those of you who follow the Turbo blog, you know the issue of security (particularly cybersecurity) is one I take very seriously and that I follow closely, partially because of my longstanding interest in the topic, and partially because I recognize we live in an imperfect world using imperfect technology, created and used by imperfect humans.

But the promise and hope for security, fallible though it may sometimes be, is a worthy aspiration.  There are ideas, assets, and often even lives at risk, and the more we move up the stack into an intellectual capital driven global economy, the more there is at stake and the more that will be needed to protect.

So, that’s a long way of saying expect to be hearing even more from me on this important topic.

Chief Security Officers: “We’ve Got Our CEO’s Attention”

To that end, now for the new information security study results. The new IBM study reveals a clear evolution in information security organizations and their leaders, with 25 percent of security chiefs surveyed shifting from a tech focus to one of a more strategic business leadership role.

In this first study of senior security executives, the IBM Center For Applied Insights interviewed more than 130 security leaders globally and discovered three types of leaders based on breach preparedness and overall security maturity.

Representing about a quarter of those interviewed, the “Influencer” senior security executives typically influenced business strategies of their firms and were more confident and prepared than their peers—the “Protectors” and “Responders.”

Overall, all security leaders today are under intense pressure, charged with protecting some of their firm’s most valuable assets – money, customer data, intellectual property and brand.

Nearly two-thirds of Chief Information Security Executives (CISOs) surveyed say their senior executives are paying more attention to security today than they were two years ago, with a series of high-profile hacking and data breaches convincing them of the key role that security has to play in the modern enterprise.

Emerging Security Issues: Mobile And A More Holistic Approach

More than half of respondents cited mobile security as a primary technology concern over the next two years.  Nearly two-thirds of respondents expect information security spend to increase over the next two years and of those, 87 percent expect double-digit increases.

Rather than just reactively responding to security incidents, the CISO’s role is shifting more towards intelligent and holistic risk management– from fire-fighting to anticipating and mitigating fires before they start.  Several characteristics emerged as notable features among the mature security practices of “Influencers” in a variety of organizations:

  • Security seen as a business (versus technology) imperative: One of the chief attributes of a leading organization is having the attention of business leaders and their boards. Security is not an ad hoc topic, but rather a regular part of business discussions and, increasingly, the culture. In fact, 60 percent of the advanced organizations named security as a regular boardroom topic, compared to only 22 percent of the least advanced organizations.  These leaders understand the need for more pervasive risk awareness – and are far more focused on enterprise-wide education, collaboration and communications.  Forward-thinking security organizations are more likely to establish a security steering committee to encourage systemic approaches to security issues that span legal, business operations, finance, and human resources. Sixty-eight percent of advanced organizations had a risk committee, versus only 26percent in the least advanced group.
  • Use of data-driven decision making and measurement: Leading organizations are twice as likely to use metrics to monitor progress, the assessment showed (59 percent v. 26 percent). Tracking user awareness, employee education, the ability to deal with future threats, and the integration of new technologies can help create a risk-aware culture. And automated monitoring of standardized metrics allows CISOs to dedicate more time to focusing on broader, more systemic risks.
  • Shared budgetary responsibility with the C-suite: The assessment showed that within most organizations, CIOs typically have control over the information security budget. However, among highly ranked organizations, investment authority lies with business leaders more often. In the most advanced organizations, CEOs were just as likely as CIOs to be steering information security budgets. Lower ranking organizations often lacked a dedicated budget line item altogether, indicating a more tactical, fragmented approach to security.  Seventy-one percent of advanced organizations had a dedicated security budget line item compared to 27 percent of the least mature group.

Recommendations to Evolve the Security Role in an Enterprise

To create a more confident and capable security organization, IBM recognizes that security leaders must construct an action plan based on their current capabilities and most pressing needs. The report offers prescriptive advice from its findings on how organizations can move forward based on their current maturity level.

For example, those “Responders” in the earliest stage of security maturity can move beyond their tactical focus by establishing a dedicated security leadership role (like a CISO); assembling a security and risk committee measuring progress; and automating routine security processes to devote more time and resources to security innovation.

About the Assessment

The IBM Center for Applied Insights study, “Finding a strategic voice: Insights from the 2012 IBM Chief Information Security Officer Assessment,” included organizations spanning a broad range of industries and seven countries.

During the first quarter of 2012, the Center conducted double-blind interviews with 138 senior business and IT executives responsible for information security in their enterprises. Nearly 20 percent of the respondents lead information security in enterprises with more than 10,000 employees; 55 percent are in enterprises with 1,000 to 9,999 employees.

Click here to access the full study.

IBM To Acquire Mobile Analytics Provider TeaLeaf Technology

leave a comment »

IBM yesterday announced a definitive agreement to acquire Tealeaf Technology, Inc., a leading provider of customer experience analytics software that helps organizations to gain intelligence and react more swiftly to consumer trends in today’s digitally transformed marketplace.

Financial details were not disclosed. The acquisition is subject to customary closing conditions and regulatory clearance and is expected to close in the second quarter of 2012.

The need to deliver a seamless mobile experience has become increasingly critical to CMOs with global online commerce expected to hit $1 trillion by 2014 and mobile commerce $200 billion by 2015.  Organizations today are struggling to meet the demands created by the rapidly shifting buying patterns of their customers, who increasingly turn to online, social and mobile channels to gather information, make purchases and receive services.

This new digital marketplace requires companies to be highly responsive to their customers’ behaviors in order to both compete and grow. The opportunity to better understand a customer’s experience on websites and mobile devices presents a major competitive advantage for businesses.

Mobile Analytics On The Go

With this agreement, IBM extends its Smarter Commerce initiative by adding qualitative analytics capabilities that provide chief marketing officers (CMOs), e-commerce and customer service professionals with real-time and automated insights into online customer buying experiences across online and mobile devices.

As a result, organizations can gain actionable insight that allows them to improve customer support, transform site usability, tailor marketing campaigns and increase online conversion rates.

Tealeaf provides a full suite of customer experience management software, which records and analyzes a customer’s website and mobile interactions. As a result, marketers can spot patterns and address issues in website and mobile application design and provide a more streamlined online customer experience that leads to improved revenue, customer satisfaction, customer service productivity, and profitability.

TeaLeaf: Over 450 Customers Worldwide

Tealeaf has over 450 customers worldwide including 30 of the Fortune 100 companies. These customers are predominantly in financial services, travel, retail and communications services. Current clients include: Dell, Wells Fargo, Air Canada, GEICO, Orbitz, Crate & Barrel, Neiman Marcus, Expedia, Zappos, ING Direct, Best Buy, DirecTV, McKesson and StubHub.

Tealeaf will extend IBM’s leadership in Smarter Commerce by giving companies qualitative web and digital analytics capabilities, allowing them to capture and replay a customer’s web and mobile interactions to provide a more granular and richer view of a customer’s experience.

This insightful view helps marketers answer the question of “why” customers interact as they do and thus provide a more optimized online customer experience leading to improved revenue, customer satisfaction, customer service productivity and profitability.

Tealeaf is based in San Francisco, California with additional offices in Europe.

%d bloggers like this: