Avoiding new technology failures within your organisation

By popular request, this is the edited transcript of the presentation delivered at the CIO Summit on August 21, 2013 on the Gold Coast, Australia. The focus of the presentation was on Avoiding new technology failures within organisations.

This content as relevant today as it was 3 years ago.

Rob explores the influences of technology induced changes on organisations, and how these are shaping contemporary enterprise IT Strategies. Aspects covered include strategic inflection points, the democratisation of Technology, Enterprise IT, Risk, Privacy and Intellectual Property.

The video of this presentation is here


Avoiding new technology failures in your business – How can this be achieved?

The agenda for this session was

  1. Exploring the ‘success trap’
  2. Forces shaping enterprise IT
  3. Strategic inflection points
  4. Democratisation of :
    • Technology
    • Enterprise IT
    • Risk
    • Privacy
    • Intellectual Property
  5. Ideas for avoiding the technology induced Success Trap
  6. Open questions and discussion


On the one hand, avoiding new technology failures can be a daunting task to when trying to identify and manage many of the risks – especially those that are less obvious, or not readily identified during a conventional risk assessment process

On the other hand, fact is, with the appropriate insights as to the technical, people, organisational, contractual and process factors underpinning your move to implement new technologies, the likelihood of unidentified or poorly mitigates risks is significantly reduced, if not almost eliminated.

Consider the concept of the ‘Success trap’ when it comes to the rapid and widespread uptake of the latest technologies

1. Exploring the ‘success trap’

 

Attributes of the success trap are:

  • What’s been successful up to now, may be self limiting at a point in the future.
  • Just keep exploiting existing opportunities along the same lines until you run out of resources and/or options, resulting in a collapse or catastrophic change.

Is the focus on the ‘short term win’ just part of the human condition? The Present is tangible and obvious, hereas the Future is uncertain and abstract.

By way of illustration, let’s explore a few examples

  • Antibiotic-resistant bacteria: Can you die from a cut finger? Success has led to widespread use including: Over prescription, use in food production, No new class of antibiotics discovered since the 1980s.
  • Economic: GFC – Could not stop ourselves gorging on easy money and the Ponzi economy. Constellation of organisations, not to mention whole countries – impact on society – widespread and profound and still being felt

2. Forces shaping enterprise IT

  • The first, and most influential of these forces in my view, is the increase uncertainty and volatility facing Australian organisations, whether public, private or government. This tends to drives executive decision making which is increasingly focussed on the short term.
  • The second influence is the fundamental shift in the expectations of enterprise IT by other executives and the business as a whole. This is a direct consequence of having first hand exposure to user friendly, low cost (or free) consumer grade IT technologies and solutions, and pervasive marketing from IT vendors.
  • The third is internal inconsistency and/or adherence of business strategies across business units. This presents a challenge for those in IT leadership roles, who are expected to respond to inconsistent short term demands, some of which are fragmented, not always well thought through, potentially contradictory and not always in the best long term interests of the organisation.
  • The fourth is the expectation that IT leadership should not appear as technologists. The ‘new IT leader’ should be able to communicate clearly in ‘business speak’ and turn technical, governance and risk complexity into plain language.

Questions is, in the midst of these factors, how can enterprise IT departments influence their own business landscapes?

What’s the appropriate approach to creating influence?

  • On the one hand, we have small, adaptable and well trained teams that collaborate. Characteristics include: Empowerment, trusting, adaptable, multi-skilled, perceptive, observant, powers of persuasion, self sufficiency, engagement.
  • On the other hand, we have siloed, established and hiearchical organisations. Characteristies typically include an undue focus on governance, process, control, policy driven , mono-skilled, change is seen as a threat

3. Strategic inflection points

At an inflection point, you barely notice the change, then you’re heading in another direction …..
Question is: What forces are at play on your organisation right now? How adaptive is your enterprise strategy?
– a change that will require the transformation of the organisation’s strategic intent, direction, action, etc.
– If not managed effectively, survival is not guaranteed! It’s all about managing the transition …..

Consider the quote attributed to William Edwards Deming – “It is not necessary to change. Survival is not mandatory.” He is the father of Kaizen and a spectrum of related disciplines including agile and lean.

The early detection of inflection points is crucial to the survival of the organisation:

  • Effective leaders detect change well before it’s influence is generally recognised.
  • See value in Feedforward as well as feedback decisionmaking and business processes.
  • As a CIO, seize the high ground when it comes to technology induced change and guide the organisation through the opportunities and pitfalls in the adoption of new technologies.
  • Develop an ‘early warning’ radar. Read widely and ensure that you are able to critically analyse the factors affecting your environment.

4. The ‘democratisation’ effect on Technology, your IT department, and other factors

The democratisation of Technology effect is reshaping most organisation’s use of IT. Understanding the forces for change and the underlying factors will help define both the opportunities as well as the risks associated with technology decisionmaking.

4.1 Democratisation of Technology

The rise of our U.S. centric global digital landlords such as Apple, Amazon, Google, Microsoft, and others are shaping the Technology ecosystem. They underpin many businesses IT platforms, globally.  You change on their terms.

Think of the Democratisation of technology in terms of the following ‘equation’:

  • Democratisation of technology = Global industrialisation and standardisation of IT + Cloud computing (ready access) + Mobility (Smartphones and tablets) + Low / Nil financial barrier to adoption + widespread uptake + data and analytics.

4.2 Democratisation of enterprise IT

mr-t

(C) HBO

The phenomenon of Shadow IT is pervasive, and here to stay. Shadow IT has re-shaped expectations of IT within the enterprise by users, and your organisation’s customers,

Tony Soprano “You see out there it’s the 1990s but in this house it’s 1954”

Is this what users feel about their enterprise IT systems when compared to what they can do on their home PC, tablet or Smartphone?

4.3 Democratisation of risk management

In a hyperconnected world, ‘digital wildfires’ are a reality.  Avoiding new technology failures in hyperconnected technology-dependent environments can be a risk that appears from outside of the organisation.

Take time to read the World Economic Forum’s 2013 Risks report. Know what you’re dealing with.

4.4 Democratisation of privacy

But what about privacy in an era in which your every move has been recorded somewhere in the digital world through your electronic transactions? Take a moment to install the Collusion add-on for your Firefox browser then browse your secure corporate site(s).

You may be surprised to see how your every action online is being tracked and traced by a swarm of interested parties

Lightbeam is an experimental add-on for Firefox and allows you to see all the third parties tracking your movements.

4.5 Democratisation of intellectual property

The gradual demise of the once giant Nortel through the persistent siphoning off of intellectual property by alleged Chinese hackers over a 10 year period should be a salutary reminder that nothing should be taken for granted in the realm of information security.

Question: Who is taking an interest in your enterprise’s internal processes and IP?

5. What can you to do avoid the Technology Success Trap?

Consider these factors in avoiding new technology failures:

  1. Institutionalise innovation organisation-wide
  2. Recognise that your IT department (or vendor) cannot drive innovation unilaterally
  3. Review managerial and staff incentive schemes
  4. Transform your IT departments from a technology cost center to a business relevant services broker
  5. IT Vendor Management V2.0
  6. Protect your crown jewels
  7. Monitor systemic risk
  8. Manage the technology evangelists in your organisation

1. Institutionalize an innovation capability organisation-wide

Have expectation that enabling new and superior ways of exploiting IT, which would in turn enable business improvements to be achieved Change the way the business operates

democratization of technologyStrategic: Can have significant impacts on the whole organisation, its stakeholders, customers, staff, etc…

Business Processes: Change the way the business operates

IT Operational Level:  Have expectation that enabling new and superior ways of exploiting IT, which would in turn enable business improvements to be achieved

 

2. Recognise that your IT department (or vendor) cannot drive innovation unilaterally

IT relentlessly drives and delivers innovation at a global, societal, and individual level at phenomenally fast rates, yet, paradoxically, IT departments within organisations often struggle to drive innovation from within their own organisations to the same extent

Make the shift to enterprise wide agility and adaptability.

3. Review managerial and staff incentive schemes

Framing short term financial incentives primarily around functional responsibilities will reinforce behaviours that will drive results that may not be in the best long term interests of the whole organisation.  Avoiding new technology failures by including key business and non-IT stakeholders is key.

Localised / functionally focussed incentives can undermine attempts at cross-functional collaboration..

Incentives drive temporary compliance. What does that say for the longer term?

The inappropriate focus on driving localised short term targets can hamper or even undermine enterprise-wide collaboration. Cross-functional collaboration is key in avoiding new technology failures across the organisation.

4. Transform IT from a technology cost center to a business relevant services broker •

SaaS: Strategy as a Service: Proactively deliver business relevant strategies to meet defined or expected changes with adaptability and agility.  Clearly define the accountability locus for enterprise IT across the organisation and consider:

  • What’s in-scope for the management of IT services?
  • What is /is not negotiable in the IT portfolio of services?
  • IT should be regarded as the trusted advisor, not consultants or vendors! •

IT should constantly and proactively identify the opportunities and risks of new and emerging technologies for their organisation.

Upgrade / coach IT leadership to operate confidently and with business relevance at most senior levels of management

5. Upgrade your technology vendor management practices

The conventional RFP-bid-response approach to engaging IT vendors may not be adequate in the uptake of new, emerging and disruptive business technology.  Complex, monolithic contracts inhibit agility and partnering across a range of providers, and can inhibit the interactions between (potentially competing) providers.

Need for a far tighter, more transparent ongoing working relationship between you, your provider(s) and between the providers themselves

Factors shaping vendor relationship landscape include:

  1. IT may no longer be the primary decision makers.
  2. Your exit is more important than the entry.
  3. Disruption in your vendor’s market
  4. Too big to talk?
  5. ‘Agile’ is the new black
  6. Risk appetite is not constant
  7. Managing vendor jurisdictions
  8. Your vendor’s shareholders are not yours.
  9. What’s the purpose of your contract?
  10. Fragmentation of the vendor’s supply chain. http://rob-livingstone.com/2013/07/smarter-it-vendor-management/

6. Protect your crown jewels

Intellectual property is often your organisation’s primary asset – ensure your IT and organisational security controls are effective and appropriate.  For Cloud and outsource service providers, do not assume compliance to specific legislation such as privacy, data protection, or respect for jurisdictional boundaries. Cybercriminal activity is a multi billion dollar industry – and it’s a constant arms race between the good guys and the bad guys – and it appears that the bad guys are winning.

Organisations often reluctant to report that they have been successfully hacked or compromised for reasons of brand damage, adverse impact on share price, etc. Mitigates against industry- wide collaboration to fight cybercrime & lowers the perceived level of risk. Read authoritative, vendor independent reports and work out what’s relevant to your organisation

7. Monitor Systemic Risk

What processes do you have to identify and mitigate the systemic risks to your organisation?

8. Manage the technology evangelists in your organisation

The technology evangelist is typically categorised by the persistent advocacy and promotion for the use of a particular product or technology with a view to its broad adoption. Distinguishing the true technology evangelist from an enthusiastic and persuasive acolyte of a particular vendor’s offering may be a challenge for senior Non-IT executives.

The single minded technology evangelist’s enthusiasm for their specific solution may gain a groundswell of support without the appropriate due diligence and rigour being applied to the solution.

This fuels the emergence of Shadow IT, which, if not managed appropriately could set the seeds of future systemic risk for the organisation through inappropriate use of technology