Last week I attended a CIO conference that focused on IT Security. The debate that ensued was whether IT security is strategic or tactical within an organization. This was discussed by an eminent panel comprising of CIOs, Chief of IT security and a consultant.
From the word "go" it was kind of obvious that no one is willing to accept that within their enterprise IT security is tactical. Many instances were cited to drive home the point that it is indeed strategic. When I asked around the audience, it was evident that the desire is to get security to a strategic level but the reality is that in most organizations the level of focus is purely tactical.
The proponent of the strategic intent even went on to give a story about how his business leader consulted him on security; little realizing that the example made it quite evident that there was no alignment between the business leader who was primarily ticking off his checklist on clearances sought after the system was ready to deploy.
A few CIOs were prudent in stating that there is a balance between the strategic intent and the tactical implementation. Without the technology and process underlying the operation, the people will rarely see the value of what it really means.
I happened to talk about IT security in another seminar a couple of weeks back which desired to highlight the practical aspects of IT security and how does one manage it. The discussion was not about whether a tactical view should be taken or strategic with discussion and debate on the pros and cons of deployment, but how does one succeed in deploying controls and technology with the help of people to be effective.
The question still remains in my mind whether in the first place we should elevate the question "IT security is strategic or tactical". To me IT security is a must without which IT will probably collapse with significant business impact. Even the best laid plans do fail (the story of TJX is still not cold) and not for want of trying but someone trying harder to break in.
I welcome your thoughts.
Monday, February 26, 2007
Wednesday, February 21, 2007
Gartner CIO Summit
Today was the last day of the Gartner CIO India summit at Mumbai. The difference which i found from the earlier CIO gathering events is worth noting from Vendors Perspective.
1. It was a paid event for CIO 1000USD. It gives a focus serious audience.
2. It has multiple round table tracks hence focused sliced audience was available to the vendor
3. Gartner had selected limited vendors for sponsorship.
In fact we were shocked when they refused us the sponsorship mentioning that they were sold out. The event content was research based and had one on one sessions.
Nothing in this world comes free. If CIO time is valuable and in shortest time they would like to grasp maximum technology and business value then only option is to pay to Gartner type events.
On business intelligence front the domain where in we are working is now becoming the top priority for CIO across the board. We had an overwhelming response from all vertical across the industry due to our participation at CIOL C-Change 07 and IE Technology Senate. It means that CIO present at that events were benefited by attending the event as they got exposed to a new value proposition in BI space.
1. It was a paid event for CIO 1000USD. It gives a focus serious audience.
2. It has multiple round table tracks hence focused sliced audience was available to the vendor
3. Gartner had selected limited vendors for sponsorship.
In fact we were shocked when they refused us the sponsorship mentioning that they were sold out. The event content was research based and had one on one sessions.
Nothing in this world comes free. If CIO time is valuable and in shortest time they would like to grasp maximum technology and business value then only option is to pay to Gartner type events.
On business intelligence front the domain where in we are working is now becoming the top priority for CIO across the board. We had an overwhelming response from all vertical across the industry due to our participation at CIOL C-Change 07 and IE Technology Senate. It means that CIO present at that events were benefited by attending the event as they got exposed to a new value proposition in BI space.
Subscribe to:
Posts (Atom)