Our Blogs – For CIOs by CIOs

By Stephen McGrady
Principal

As I discussed in my article on the difference between Business Continuity Planning (BCP) and Disaster Recovery (DR) planning, Business Continuity Planning is about the operations side of disaster preparedness. How will you keep the business running after disaster strikes?

When helping organizations address their Business Continuity Planning needs, CIO Professional Services uses a four-step approach: conduct a Business Impact Assessment, get Governance mechanisms defined and approved, prepare the team to handle Crisis Management, and create the Emergency Operating Plans (EOPs) for highly-impacted departments. Here’s an overview of how this works…

By Stephen McGrady
Principal

There’s nothing like the unthinkable happening to make businesses realize that the unthinkable really can and does happen. This was the case with the 9/11 attacks, which not only collapsed two towers, but also left a significant part of lower Manhattan closed for business for quite some time. By 9/12 the necessity of preparing for disasters was at the forefront of every executive’s mind.

That said, disaster preparation is a multi-faceted endeavor. The two biggest aspects are known as Disaster Recovery (DR) planning and Business Continuity Planning (BCP). The following is a high-level introduction to both…

By Scott Smith
Security Practice Lead

Whether talking to people at large companies or small companies, when we bring up the topic of Identity and Access Management (IAM) we often hear a lot of the same comments…

• “I am concerned that we have employees who have been here 10 years, and have access to everything, but I don’t know how to control that risk.”

• “Of course we have password policies…but I’m not sure they’re being enforced.”

• “I recently discovered an account for someone who left the company 14 months ago.”

• “Half the people in our IT department have global permissions—they can access anything.”

By Scott Smith
Security Practice Lead

Four years ago Target suffered a data breach that caught the attention of consumers and executives everywhere. By starting with a stolen dormant login from an HVAC contractor who was no longer working with Target, attackers were able to gain root access directly into Target’s data center. Once in, they found a web application vulnerability and managed to use this to steal the PII (personally identifiable information) for over 70,000 people, and seize the data for over 40 million credit and debit cards from a Point of Sale system that was not directly connected to the internet.

By Jeff Richards
Managing Partner

Your company is growing. You know your organization needs to move fast, but in focusing on the business you may have underinvested in IT. Now IT has become such a constraint that you’re not sure your systems can keep up with the growth. On top of that, you’re concerned that IT and the lines of business may not even be on the same page.

Or perhaps the CIO thinks that IT is doing fine, but the rest of the management team doesn’t understand what they’re getting for their IT investment. There’s even a concern that IT is too expensive. To make matters worse, you’re in a situation where the CEO can’t “speak IT,” and the CIO can’t “speak business”...and a complete disconnect has ensued.

To get on track you need to quickly get your bearings and determine if you’re doing the right things, in the right order, and doing them well. An excellent way to do so is through an IT Effectiveness Assessment.

By Jeff Richards
Managing Partner

Considering hiring one of the big systems integrators (SIs) to help you with a large-scale project? This could be an excellent move. After all, the big systems integrators are known for their expertise in identifying, designing and deploying complex IT solutions for the enterprise.

Unfortunately, hiring a big systems integrator usually means big teams and big bills. It can also be a financial train wreck, as many of these organizations are renowned for bidding one thing and then by accident or design presenting change orders and scope creep that leads to much higher costs and longer schedules.

By Jeff Richards
Managing Partner

There comes a point in many company’s growth when it becomes obvious that the investments made in IT haven’t kept pace with the business and this shortfall has now become a constraint. Your technology capabilities just aren’t good enough, but for reasons of either capacity or skill sets, your current in-house IT team is not able to rectify the situation. You realize that your organization could really benefit from the expertise of an experienced CIO (Chief Information Officer) to chart the way forward—but you either do not need or cannot afford to bring someone in on a full-time basis. This is where the fractional CIO comes in.

Mark has joined CIOPS as an Associate.  Here’s his recent article on CIO Leadership styles:

Neustar Inc. is a global information services provider and a leader in connection science, but it faces the same challenges as any other organization. For Mark Tonnesen, the chief information officer, chief strategy officer, and vice president of operations, the focus remains on the end consumer, and how to deliver a product better, faster, and cheaper.

“We may be selling our products and services through a B2B model, but we still have to consider the end consumer as we think about design, packaging, and delivering those products and services,” Tonnesen says. “To me, the new challenge is how we can package those in a way that we can deliver them faster, continuously meeting or exceeding their expectations, so we have the immediacy of new features and functions, or pricing and discounting and packaging together as one.”

Read more at Sync Magazine...

Our Managing Partner, Jeff Richards, is quoted in this article in the November 7 issue of ComputerWorld.

The latest in IT services? CIO hired guns

Damon Neth hasn't had a full-time, salaried position with a company in nearly 20 years. And he wouldn't have it any other way.

That's because Neth has built a lucrative career as an interim CIO. Highly qualified and rich in experience, he and other IT guns-for-hire possess a unique blend of IT expertise, business smarts and boardroom savvy. Rather than commit to cubicle life, interim CIOs transition from one client to the next with contracts typically spanning three months to two years, and annual compensation of six figures.

Read more on COMPUTERWORLD...

Get the PDF version...

By Jeff Richards
Managing Partner

We deliver a lot of fractional CIO and interim CIO engagements at CIOPS. In fact, over the past six or so years we’ve seen the demand for fractional CIOs in what we define as the mid-market (i.e. organizations with sales in the $250MM to $1BB per year range) increase by around 60%. This is more than double the 25% or so increase in demand that we’ve seen for interim CIOs.

While I don’t have any actual studies or data to back this up, from where I sit it seems that more and more organizations are reaping the benefits of using fractional CIOs. Here’s what you need to know…