Turbotodd

Ruminations on tech, the digital media, and some golf thrown in for good measure.

Posts Tagged ‘risk management

Six Keys To Effective Reputational And IT Risk Management

leave a comment »

In September of last year, I blogged about the IBM 2012 Global Reputational Risk and IT Study, which I explained was an “investigation of how organizations around the world are managing their reputations in today’s digital era, where IT is an integral part of their operations and where IT failures can result in reputational damage.”

I also wrote “corporate reputations are especially difficult to manage in an era when anyone with a smartphone and Internet connection can file their complaint with a single touch.”

That continues to be the case, but what’s new is that IBM has recently issued another report on further implications of this study and its findings, and more importantly, what organizations can do to get on offense when it comes to better managing their corporate reputation.

The Connection Between Reputational Risk And IT

When the corporate world first began paying attention to the concept of reputational risk in 2005, organizations’ focus tended to be on business issues like compliance and financial misdoings.

Today, the focus has shifted to include the reputational impact of IT risks. Virtually every company is now reliant on technology for its critical business processes and interactions. While it may take 10 minutes or 10 hours to recover from an IT failure, the reputational impact can be felt for months or even years.

IBM - Factors Affected By IT Risk

Reputational damage caused by IT failures such as data breaches, systems failures and data loss now has a price tag. According to analyses performed by the Ponemon Institute, the economic value of a company’s reputation declines an average of 21 percent as a result of an IT breach of customer data — or the equivalent of an average of US $332 million.

The question now is not whether IT risks affect your corporate reputation, but what you can do to effectively prevent and mitigate these risks.

IBM -- True Price Of Reputational Harm

Six Keys To Effective Reputational And IT Risk Management

An analysis of responses to the IBM study revealed distinct correlations between the initiatives that organizations are undertaking to protect their reputations from the ramifications of IT failures and the overall effectiveness of their reputational and IT risk management efforts.

Based on this analysis, and the pattern it revealed among organizations that are most confident in their ability to prevent and mitigate IT-related reputational risk, there are six key initiatives that IBM recommends as part of every company’s efforts:

  1. Put someone in charge. Ultimate responsibility for reputational risk, including IT-related items, should rest with one person.
  2. Make the compliance and reputation connection. Measuring reputational and IT risk management strategies against compliance requirements is essential.
  3. Reevaluate the impact of social media. In addition to recognizing its potential for negative reputational impact, social media should be leveraged for its positive attributes.
  4. Keep an eye on your supply chain. Organizations must require and verify adherence of third-party suppliers to corporate standards.
  5. Avoid complacency. Organizations should continually evaluate reputational and IT risk management against strategy to find and eliminate potential gaps.
  6. Fund remediation; invest in prevention. For optimal reputational risk mitigation, companies need to fund critical IT systems as part of their core business

IBM -- Importance Of Reputational Risk

How IBM Can Help

When planned and implemented effectively, your organization’s reputational and IT risk strategy can become a vital competitive advantage. When you protect against and mitigate reputational risks successfully, you can enhance brand value in the eyes of customers, partners and analysts. Further, your organization can better attract new customers, retain existing customers and generate greater revenue.

IBM can help you protect your reputation with a robust portfolio of IT security, business continuity and resiliency, and technical support solutions. You can start with an IT security risk assessment, or penetration testing performed by IBM experts.

For business continuity and resiliency, you can begin with a Continuous Operations Risk Evaluation (CORE) Workshop and move on to cloud-based resiliency services. Our technical support solutions range from basic software support to custom technical support.

What makes IBM solutions work is global reach with a local touch. This includes:

  • Over 160 business resiliency centers in 70 countries; more than 50 years of experience
  • More than 9,000 disaster recovery clients, with IBM providing 100 percent recovery for clients who have declared a disaster
  • A global network of 33 security operations, research and solution development centers; 133 monitored countries
  • 15,000 researchers, developers and subject matter experts working security initiatives worldwide.

To learn more about the IBM Global Reputational Risk and IT Study go here.

Live @ IBM Pulse 2013: A Cloud Computing Security Roundtable

leave a comment »

At the IBM Cloud Security press roundtable, several IBM Security experts expounded on the issues and challenges organizations are facing as they work to better secure their cloud computing environments.

At the IBM Cloud Security press roundtable, several IBM Security experts expounded on the issues and challenges organizations are facing as they work to better secure their cloud computing environments.

If you’ve followed the headlines recently, you can’t help but notice the constant barrage of news concerning security break-ins at some of the most public cloud sites on the planet: Facebook, Google, Evernote…the list goes on and on.

Yet in spite of the looming cloud security concerns, enterprises and organizations continue to ramp up their investments in both public and private cloud infrastructure as a cost-effective, dynamic way to scale up their IT capacity.

At the IBM Cloud Security roundtable here at IBM Pulse 2013 yesterday in Las Vegas, several IBM security experts came together to discuss some of the challenges, best practices, and solutions to protect against threats and provide security-rich cloud computing environments.

Jack Danahy, director of security for IBM North America, hosted the panel before the gathered industry press, and offered up some prefacing comments to set the stage for the security discussion.

Jack began by stating that 9 out of 10 global CEOs say that cloud computing is critical to their business plans and “a way to increase their organizational productivity, but all also admit security is a lingering concern.”

Brendan Hannigan, the general manager for the IBM Security Division, explained that there are some key basic security concerns around cloud, including the safety of enterprise data, and whether or not it can be compromised or lost.

Hannigan explained: “Cloud is simply another computer upon which we can deploy capabilities for our customers, and we should be able to look at cloud security the same way we do across other domains.”  That includes giving organizations a single view of identity across their cloud environments.

Kris Lovejoy, general manager for IBM Security Systems, discussed some of the key inhibitors to organizations providing more effective cloud security measures, and explained that the cloud is actually inherently more securable than traditional IT infrastructure because of they way it’s designed and the manner by which you can replicate security controls.

So if the cloud is inherently more securable, why the seeming contradiction that nobody seems to be able to effectively secure it?

Because, Lovejoy explained, when you buy public cloud capability you typically have to buy the security features as an added extra, and may customers don’t do so.

“Think about the provider as being a hotel,” Lovejoy explained, “and in each hotel room they have a series of diseases. The provider must provide you good housekeeping to protect you from diseases in the other rooms, and yet so many cloud computing tenants don’t make that obvious investment to protect their cloud applications and data.”

When Danahy asked the panel about what can be done to make executives more comfortable with the idea of security investments in the cloud space, Hannigan chimed in, and explained the rationale comes down to a distinction in the type of data you’re working with, and delineating between the information that is critical and that which is less sensitive.

“When you have a specific application or data set,” Hannigan explained, “there are wonderful opportunities afforded by the cloud because in security, one of the biggest challenges is striking a balance between locking the infrastructure down and providing free and unfettered access to the that information customers and employees need.”

Lovejoy explained it was not dissimilar from the crazy notion of automakers selling cars without seatbelts or brakes. “You don’t want to suddenly discover you don’t have these features going 60 miles per hour down the interstate.”

Kevin Skapintez, program director of product strategy for IBM Security, said that the need for more cloud security standards reminded him of the late 1800s, when fire hydrants had different nozel sizes that required varying widths of connectors for the hoses.

“You have to have standards related to identity,” Kevin explained, “so you don’t have to build different registries per cloud!”

“More organizations needed to also heighten their log management regimes,” he explained, “so that they have improved visibility to see if they have the right controls in place and where incidents are occuring.”

Lovejoy explained that “most organizations have a pretty defined pathway to cloud success.” Many are using develop and test environments and are moving to non-core workloads, allowing a lot of applications to emerge and consolidate on the cloud.

At the same time, she explained, most companies are planning a security operations optimization and that the cloud is a remarkable opportunity. “As we consolidate,” she explained, “things get simpler. Companies need to think about this in the context of business transformation. You need to adopt the cloud in a safe and reliable manner while managing the risk.”

During the Q&A, I asked the panel whether or not all these very public public cloud security incidences we’ve seen in the headlines were driving any real productive conversation in terms of making cloud security more of a priority.

Lovejoy explained the scenario typically went something like this: A CEO would call up their provider, ask for an assessment, give them a threat briefing, then go to a third party standard to see if they matched the security checklist.

But that not enough of them were what she termed “security aware.”

Hannigan concluded, “It’s a classic dilemma with security spending. Security concerns are not specific just to the cloud, and clients are working about losing data, period. The question is, can they invest all the money necessary to adequately secure those environments?”

To date, the answer seems to largely be “no.”

IBM Announces New Security Solutions, Focuses On Cloud, Mobile, Big Data

leave a comment »

Today, IBM made a move designed to reduce the biggest security inhibitors that organizations face in implementing cloud, mobile and big data initiatives with the announcement of a broad set of security software to help holistically secure data and identities.

I blogged about IBM’s 2012 Global Reputational Risk and IT Study recently, the headline of which was this: Managing reputational risk is crucial to many organization’s business, and managing IT is a major part of their efforts.

I also interviewed Brendan Hannigan, the general manager of IBM’s Security Systems Division, at IBM InterConnect last week about some of these critical security matters.

Today, IBM made a move designed to reduce the biggest security inhibitors that organizations face in implementing cloud, mobile and big data initiatives with the announcement of a broad set of security software to help holistically secure data and identities.

New IBM Security Solutions

IBM’s new software capabilities help clients better maintain security control over mobile devices, mitigate internal and external threats, reduce security risks in cloud environments, extend database security to gain real-time insights into big data environments such as Hadoop, and automate compliance and data security management.

Along with IBM Security Services and IBM’s world-class research capabilities, this set of scalable capabilities supports a holistic, proactive approach to security threats spanning people, data, applications and infrastructure.

“A major shift is taking place in how organizations protect data,” said Brendan Hannigan, General Manager, IBM Security Systems. “Today, data resides everywhere—mobile devices, in the cloud, on social media platforms. This is creating massive amounts of data, forcing organizations to move beyond a traditional siloed perimeter to a multi-perimeter approach in which security intelligence is applied closer to the target.”

IBM is unveiling ten new products and enhancements to help organizations deliver real time security for big data, mobile and cloud computing.

Real Time Security for Big Data Environments 

State of the art technologies including Hadoop based environments have opened the door to a world of possibilities. At the same time, as organizations ingest more data, they face significant risks across a complex threat landscape and they are subject to a growing number of compliance regulations.

With today’s announcement, IBM is among the first to offer data security solutions for Hadoop and other big data environments.

Specifically, Guardium now provides real time monitoring and automated compliance reporting for Hadoop based systems such as InfoSphere BigInsights and Cloudera.

Highlighted data security solutions:

NEW: IBM InfoSphere Guardium for Hadoop

ENHANCED: IBM InfoSphere Optim Data Privacy

ENHANCED: IBM Security Key Lifecycle Manager

To learn more about the data security portfolio go here.

Mobile Security: Improving Access and Threat Protection

Today IBM is also announcing risk-based authentication control for mobile users, integration of access management into mobile application development and deployment as well as enhanced mobile device control.

IBM is also announcing a comprehensive Mobile Security Framework to help organizations develop an adaptable security posture to protect data on the device, at the access gateway and on the applications.

Highlighted mobile security solutions:

NEW: IBM Security Access Manager for Cloud and Mobile

ENHANCED: IBM Endpoint Manager for Mobile Devices

Go here to learn more about specific mobile security product attributes.

Cloud Security: From Inhibitor To Enabler

While the cloud can increase productivity with anywhere, anytime information access, it can also introduce additional challenges for enterprise security.

IBM today is announcing security portfolio enhancements designed to address these new challenges, providing improved visibility and increased levels of automation and patch management to help demonstrate compliance, prevent unauthorized access and defend against the latest threats using advanced security intelligence.

With IBM’s new SmartCloud for Patch Management solution, patches are managed automatically regardless of location and remediation cycles are reduced from weeks to hours thereby reducing security risks.

Additionally, IBM is announcing enhancements to its QRadar Security Intelligence Platform that provides a unified architecture for collecting, storing, analyzing and querying log, threat, vulnerability and security related data from distributed locations, using the cloud to obtain greater insight into enterprise-wide activity and enable better-informed business decisions.

The new IBM Security Privileged Identity Manager is designed to proactively address the growing insider threat concerns and help demonstrate compliance across the organization.

IBM Security Access Manager for Cloud and Mobile which provides enhanced federated single sign-on to cloud applications is now available with improved out-of-the-box integration with commonly adopted SaaS applications and services.

Highlighted cloud security solutions:

NEW: IBM SmartCloud for Patch Management

NEW: IBM Security Access Manager for Cloud and Mobile

NEW: IBM Security Privileged Identity Manager

ENHANCED: QRadar SIEM and QRadar Log Manager

Visit here to learn more about specific cloud security product attributes, please visit

Enhanced Mainframe Security Capabilities

In addition, IBM is announcing mainframe security capabilities that enhance enterprise-wide security intelligence based on QRadar security solution integration that provides real time alerts and audit reporting.

The mainframe offers Common Criteria Evaluation Assurance Level 5+ (EAL 5+) certification for logical partitions, providing a platform for consolidating systems, helping protect private clouds, and helping secure virtualized environment.

New IBM Security zSecure improvements help to reduce administration overhead, automate compliance reporting, enforce security policy, and pro-actively detect threats.

Highlighted zSecure security solutions:

ENHANCED: IBM Security zSecure

Through IBM Global Financing, credit-qualified clients can take advantage of 0% interest for 12 months on qualifying IBM Security products and solutions.

About IBM Security 

With more than 40 years of security development and innovation, IBM has breadth and depth in security research, products, services and consulting.

IBM X-Force is a world-renowned team that researches and evaluates the latest security threats and trends. This team analyzes and maintains one of the world’s most comprehensive vulnerability databases and develops countermeasure technologies for IBM’s security offerings to help protect organizations ahead of the threat.

IBM has 10 worldwide research centers innovating security technology and nine security operations centers around the world to help global clients maintain an appropriate security posture.

IBM Managed Security Services delivers the expertise, tools and infrastructure to help clients secure their information assets against attacks, often at a fraction of the cost of in-house security resources.

The Institute for Advanced Security is IBM’s global initiative to help organizations better understand and respond to the security threats to their organization. Visit the Institute community at www.instituteforadvancedsecurity.com.

IBM X-Force Mid-Year Report: Security Attacks Focused On Browsers, Mobile, Social

leave a comment »

SPAM aside, IBM’s mid-year X-Force Trend and Risk Report shows a sharp increase in browser-related exploits, renewed concerns around social media password security, and continued challenges in mobile devices and corporate “bring your own device” (BYOD) programs.

Yesterday, IBM released the results of its X-Force 2012 Mid-Year Trend and Risk Report.

The mid-year report is troubling, revealing ongoing challenges and opportunities and the need for continued vigilance in the digital security realm.

The headlines: The latest report shows a sharp increase in browser-related exploits, renewed concerns around social media password security, and continued challenges in mobile devices and corporate “bring your own device” (BYOD) programs.

“Companies are faced with a constantly evolving threat landscape, with emerging technologies making it increasingly difficult to manage and secure confidential data,” said Kris Lovejoy, General Manager, IBM Security Services. “A security breach–whether from an outside attacker or an insider–can impact brand reputation, shareholder value, and expose confidential information. Our team of security threat analysts track and monitor security events and attack activity to better help our clients stay ahead of emerging threats.”

Mobile, Social: New Security Targets Of Opportunity

Since the last X-Force Trend and Risk Report, IBM’s X-Force has seen an increase in malware and malicious web activities:

  • A continuing trend for attackers is to target individuals by directing them to a trusted URL or site which has been injected with malicious code. Through browser vulnerabilities, the attackers are able to install malware on the target system. The websites of many well-established and trustworthy organizations are still susceptible to these types of threats.
  • The growth of SQL injection, a technique used by attackers to access a database through a website, is keeping pace with the increased usage of cross-site scripting and directory traversal commands.
  • As the user base of the Mac operating system continues to grow worldwide, it is increasingly becoming a target of Advanced Persistent Threats (APTs) and exploits, rivaling those usually seen targeting the Windows platform.

Emerging Trends in Mobile Security 

While there are reports of exotic mobile malware, most smartphone users are still most at risk of premium SMS (short message service, or texting) scams.

These scams work by sending SMS messages to premium phone numbers in a variety of different countries automatically from installed applications. There are multiple scam infection approaches for this:

  • An application that looks legitimate in an app store but only has malicious intent
  • An application that is a clone of a real application with a different name and some malicious code
  • A real application that has been wrapped by malicious code and typically presented in an alternative app store

One game-changing transformation is the pervasiveness of Bring Your Own Device (BYOD) programs. Many companies are still in their infancy in adapting policies for allowing employees to connect their personal laptops or smartphones to the company network.

To make BYOD work within a company, a thorough and clear policy should be in place before the first employee-owned device is added to the company’s infrastructure.

Improvements in Internet Security Continue 

As discussed in the 2011 IBM X-Force Trend and Risk Report, there continues to be progress in certain areas of Internet security. IBM X-Force data reports a continuing decline in exploit releases, improvements from the top ten vendors on patching vulnerabilities and a significant decrease in the area of portable document format (PDF) vulnerabilities.

IBM believes that this area of improvement is directly related to the new technology of sandboxing provided by the Adobe Reader X release.

Sandboxing technology works by isolating an application from the rest of the system, so that if compromised, the attacker code running within the application is limited to what it can do or what it can access.

Sandboxes are proving to be a successful investment from a security perspective. In the X-Force report, there was a significant drop in Adobe PDF vulnerability disclosures during the first half of 2012.

This development coincides nicely with the adoption of Adobe Reader X, the first version of Acrobat Reader released with sandboxing technology.

New IBM Security Operations Center Opens In Poland

To further protect its clients from emerging threats like those reported in the IBM X-Force Mid-Year Trend and Risk Report, IBM yesterday announced the opening of a security operations center in Wroclaw, Poland.

This newest IBM Security Operations Center is the 10th worldwide facility to help clients proactively manage these threats, including real-time analysis and early warning notification of security events.

Data for the bi-annual X-Force report comes from IBM’s security operations centers which monitor more than 15 billion security events a day on behalf of approximately 4,000 clients in more than 130 countries.

About the IBM X-Force Trend and Risk Report 

The IBM X-Force Trend and Risk Report is an annual assessment of the security landscape, designed to help clients better understand the latest security risks, and stay ahead of these threats.

The report gathers facts from numerous intelligence sources, including its database of more than 68,000 computer security vulnerabilities, its global Web crawler and its international spam collectors, and the real-time monitoring of 15 billion events every day for approximately 4,000 clients in more than 130 countries.

These 15 billion events monitored each day, are a result of the work done in IBM’s 10 global security operations centers, which is provided as a managed security service to clients.

To view the full X-Force 2012 Mid-Year Trend and Risk Report go here.

IBM Survey: Social Media Impacting Threats From Reputational Risk

with 2 comments

More than 400 respondents in 23 industries across the globe agree: managing reputational risk is crucial to their business, and managing IT risk is a major part of their efforts. And, social media is cited as a major factor for those shifting more focus to their reputational risk management efforts. Learn what these respondents are doing — and what they’re overlooking — in the 2012 IBM Global Reputational Risk and IT study report.

So here’s a question for you?  What is your organization doing to more effectively manage its risk profile?

IBM recently released its 2012 Global Reputational Risk and IT Study, and the findings suggest that companies are viewing their IT investments through a new lens.

First, some background, and then a summary of the findings.

This study is an investigation of how organizations around the world are managing their reputations in today’s digital era, where IT is an integral part of their operations and where IT failures can result in reputational damage.

The report was written by the Economist Intelligence Unit, which both executed an online survey and conducted client executive interviews.

That included 427 senior executive responses from around the world, 42 percent of those being C-level, with 33 percent of respondents coming from North America, 29 percent from Europe, and 26 percent from Asia-Pacific.

The survey included industries that ran the gamut, including banking, IT, energy and utilities, and insurance.

Impact of Social Media On Risk

Corporate reputations are especially difficult to manage in an era when anyone with a smartphone and Internet connection can file their complaint with a single touch.

With social media sites like Facebook and Twitter boasting over 1.4 million people combined, there is now a highly visible and immediate alterative to a company’s own communications regarding its reputation.

Because of that, more organizations have introduced reputational risk as a distinct category within their enterprise risk management frameworks.

The study suggests that companies have begun to pay closer attention to the links between IT failures and reputational damage, and also examines how executives are attempting to protect their brands from what could arguably be called “a preventable glitch.”

So, drum roll, please.  Here’s a summary of some of the key findings:

  • IT risk management and investment directly supports a company’s reputation.  Reputational risk has evolved into an asset that is fundamentally supported by IT planning and investment.  78 percent say they included reputational risk in their own IT risk planning, and 75 percent say their budget will grow due to concerns for such. Eighteen percent indicate that spend will increase by more than 20 percent in the next 12 months.
  • The CEO owns it but shares it. When asked to name the top 3 C-level execs who owned reputational risk, close to two-thirds say it was shared across the C-suite. 80 percent of CEOs indicated it was theirs to win, followed by 31 percent of CFOs, 27 percent of CIOs, 23 percent of CROs (Chief Risk Officers), and 22 percent of CMOs.
  • Five characteristics of highly effective companies — they get reputational risk and invest in it. Of those who do, 83 percent indicated they have integrated IT into their reputational risk management regimes. They also perceive stronger links between IT threats and key elements of reputation (especially customer sat and brand reputation), and they also say they have strong or very strong IT risk management capacity (84 percent). Seventy-seven percent indicated they have well-resourced IT risk management functions, and are more likely to require vendors and supply chain partners to meet the same levels of control as they require internally.

Improving Reputational Risk Management: Best Practices

So what’s a concerned C-level exec to do? The study revealed several core strategies:

  • Be proactive rather than reactive. That is, be prepared to invest in developing comprehensive reputational risk management strategies that include robust controls on IT risks, particularly those related to security, business continuity and tech support.
  • Create an organization where IT managers collaborate with other risk management specialists. Together, they should be tasked with presenting a comprehensive profile of organization-wide reputational risks to senior management.
  • Engage in scenario analysis, especially with new and emerging technology. Don’t wait for the worst to happen — there are plenty of case studies to be used as a basis for “what-if” planning.
  • Assess risks across the entire supply chain. A failure by a downstream supplier can be just as devastating as an internal problem, and risk controls can be harmonized among key players.

A More Integrated, Holistic Approach

This more integrated, enterprise-wide approach to risk management — led by the C-suite on down — can help your organization increase the attention being paid to the direct reputational impact of IT risks, and help you mitigate those risks (including those stemming from the use of new technologies).

To learn more and to gain access to the full study, go here.

In Search Of The Mobile Enterprise

with 2 comments

The new mobile business model — with anytime, anywhere transactions and a blurring of lines between corporate and individual — can make your IT organization feel like it has lost control. For all the good that comes with mobilizing your workforce, there are challenges: maintaining security and compliance, managing multiple device platforms and addressing complex mobile requirements.

You can’t throw a rock these days without hitting a new smartphone or tablet device.

Last week, it was the iPhone 5 and the new Kindle Fire HD. Tomorrow, HTC’s expected to introduce some new mobile products.

And Apple still has yet to introduce the Apple “mini” iPad, currently expected in October.

The move to mobile computing raises some intriguing questions about the nature of work. What is it? Where does it take place?

As someone who’s worked their entire career at IBM, I can certainly attest to the idea that here, increasingly, work is not a place you go but what you do.

I’ve spent nearly nine full years working from my home, and several of those years, spent at least a week a month living (and working) in airplanes.

As the IBM “Services for the Mobile Enterprise” team recently observed, the new workplace is now undeniably a mobile enterprise.

CIOs On Mobile: 66% Plan To Increase Mobile Investments in 2012

Which makes it no big surprise that 66 percent of CIOs plan to increase investments in mobile services in the next year.

And of course, there’s the “BYOD” movement to contend with (“Bring Your Own Device”), with employees expecting whatever device they have to fit into their corporate environment.

This new mobile business model, with anytime, anywhere transactions and a blurring of lines between corporations and individuals, can send IT folks into a conniption fit.

Despite all the goodness — for employees, management, and most importantly, the bottom line — there are challenges that accompany this mobilization of the workforce.

Issues such as maintaining security and compliance.  Managing multiple device platforms.  Addressing complex mobile requirements.

IBM recently released this interactive infographic that has some interesting statistics I thought worthwhile sharing here.

To start, 35 percent of the world’s total workforce is expected to be mobile by 2013.

Here in the U.S., up to 72.2 percent of workers are already plugged in remotely.

This year, some 43 billion mobile applications are expected to be downloaded.

And yet on average, mobile workers spend only a total of 28 minutes a day on technology distractions…there’s too much work to do, otherwise!

The Mobile Upside: 240 Extra Hours Worked Per Worker Per Year

And here’s the upside bonus for you managers: Such mobile workers work an average of 240 extra hours per year.

But as the infographic observes, with those benefits come expectations.

This new mobile generation of workers demands flexibility. Today’s employees expect to use their own devices and applications at work to access information and social networks at will. They even value this flexibility more than a higher-paying salary (Can you say “Mobile enables work/life balance?”).

Cisco’s Connected World Technology Report in 2011 found that 66 percent of workers said they would take a job with less pay and more flexibility in device usage, access to social media, and mobility than a higher-paying job without such flexibility.

Mobile Presents New Challenges

So, as businesses work to embrace these new productive mobile work habits, they must also face the requisite challenges asscoated with the growing number of devices, networks, and applications. Enterprises need a solution that intertwines cross-platform compatibility, security, cost management, compliance, and the inevitable complexity.

By way of example, 21 percent of mobile workers say they have experienced a security issue related to their smartphone (lost, stolen, hacked, virus) in the last year alone.

Fifty-four percent of enterprises rate security and authentication as one of the two top concerns for their mobile environments.

Seventeen percent say they need to meet compliance/regulatory requirements in mobile environments.

And yet 45 percent of IT departments say they aren’t prepared policy- and technology-wise to handle this more borderless, mobile workforce.

Bridging Your Mobile Gap

To overcome those challenges, enterprises need an experienced partner with a strategy capable of spanning the distance between mobile advances and existing infrastructures.

Those early adopters are leaping ahead: They’re already experiencing 20 percent cost savings and productivity improvements.

And 75 percent of CIOs say mobility solutions are a top priority of theirs for 2012.

On the mobile front, IBM workers are walking their own mobile talk, connecting to 10 different networks located around the world, and with 100K+ of them connecting using their own handheld devices (using at least five supported device platforms).

IBM’s own app store, Whirlwind, offers over 500 applications and was recognized by CIO Magazine with the “CIO 100 Top Innovation Award.”

All of that experience IBM has had with its own mobile enablement has informed and shaped the company’s customer-facing mobile initiatives, both through product development and through the introduction of its mobile services offerings.

IBM can help your staff develop the right strategy and governance and deliver a wide range of mobile enterprise services to create a more productive, connected workplace.

You can read about some of those offerings here.

IBM Business Analytics: Preventing Fraud, Predicting Profits

leave a comment »

Scott Laningham and I are starting to think about repacking our suitcases and preparing to head back out on the road, this time across the pond to Madrid for the IBM Smarter Commerce Global Summit May 22-24.

In Madrid, we expect to hear quite a bit about IBM’s investment in the analytics space, but that doesn’t mean we have to wait to visit the Prado to relate some interesting details about business analytics.

Specifically, predictive analytics that can help companies across the span of industries to prevent fraud.

Here’s a sound byte you may not have yet heard: Did you know that insurance fraud has reached an estimated $80 billion per year in the U.S. alone??

And in South Africa, the rate of short-term insurance fraud is about 15 percent of all premium costs.

And yet, we’ve also found that organizations that effectively apply predictive analytics are 2.2 times more likely to outperform their peers.

One such client of IBM is Santam, South Africa’s leading short term insurance company, which has saved $2.4 million on fraudulent claims in the first four months of using IBM business analytics software.

This new analytics solution has not only enhanced Santam’s fraud detection capabilities, however — it has also enabled faster payouts for legitimate claims.

In partnering with IBM, Santam’s claims division developed a new operating model for processing claims, depending on varying risk levels. IBM’s predictive analytics software has enabled Santam to automatically assess if there is any fraud risk associated with incoming claims and allows the insurer to distribute claims to the appropriate processing channel for immediate settlement or further investigation, which in turn optimizes Santam’s operational efficiency.

In turn, Santam is able to reduce the number of claims that need to be assessed by mobile operatives visiting the customer or claim site, resulting in further considerable cost savings for the company.

IBM: Investing In Analytics, Predicting Results

In the last five years, IBM has invested more than $14 billion in acquisitions. With investments in SPSS, Clarity, OpenPages, i2 and Algorithmics, and others, IBM is building business analytics solutions providing clients with capabilities for managing fraud, risk and threat. In addition, IBM has assembled almost 9,000 dedicated analytics consultants with industry expertise, and created a network of eight global analytics solution centers.

The Santam project also illustrates IBM’s leadership in analytics in Africa. IBM is also actively laying the foundations for a major presence throughout the African continent, with offices in more than 20 African countries, where the company is assisting businesses and governments in building strategies, expertise, solutions, frameworks and operating procedures to help improve performance.

You can learn more about Santam here, and their new predictive analytics solution in the video below.  You can learn more about IBM business analytics solutions here.

%d bloggers like this: