by Ross Sivertsen | Sep 29, 2016 | Blog, Current Affairs
The Starfish and the Widows Mite
Most of you who know me, know that i’m not prone to quoting religious dogmatic stories in my posts; Today I feel the need to make a couple of comments about helping others.
I love the story of the starfish; where an adult finds a small girl throwing starfish, one at a time, back in to the ocean from a beach filled with starfish washed ashore after a storm. When the adult asks how can she possibly expect to make a difference saving them when the beach is literally littered with thousands of starfish; she picks up one starfish turns to the adult asking the question, throws it back to the ocean and remarks “It made a difference to that one.”
Too often we are overwhelmed by the need in the world that we become paralyzed from doing anything because we simply don’t think we can make an impact. The fact folks is that you can… and you do it by one small gesture at a time. By helping, volunteering, and donating; every single bit makes a difference especially to the small NPOs in your community…
But there’s another part to the story; when it comes to donating funds to a cause… and that’s the story of the widows mite… In the Christian Bible the book of Mark Chapter 12 v41-44 (paraphrased); Christ talks to his disciples at the temple treasury; when noticing that a widow makes her donation is that of only a penny, while the rich make significantly larger donations.
He tells the disciples that the widow has contributed more to the cause because her penny donated is everything she has and doing so out love, than the rich who donate more, but less in percentage of the widow, and donate for recognition.
The point of this allegory is it does not matter how much you contribute; simply that you do contribute. if not in money then with time. The poor widow donated a penny, but that penny was all she had to give.
So please… I encourage, get involved, make a stand, throw a starfish back in to the ocean… just one. It will make a difference.
“You must be the change you wish to see in the world.” – Mahatma Gandhi
“Do what you can, with what you have, where you are.”- Theodore Roosevelt
#Starfish
by Ross Sivertsen | Jun 3, 2015 | Blog, Business
Why I didn’t write this nearly 30 years ago is beyond me, it’s a topic that I’ve wrestled with for that long.
Huh? You’re asking yourself… What’s he talking about?
I’ll start with my background and how I got here. You can easily read from my LinkedIn profile, that I started out life as a technical practitioner in IT, and nearly 30 years later I’m still in IT. So I guess you can call me career IT.
IT isn’t exactly the easiest career path to stay on, especially in the world of business.
The product practitioners and software engineers look down at you because you’re obviously not good enough to do REAL product development. The business and financial practitioners look down on you because you’re the geeks who don’t understand business, speak a language they can’t relate to and are at best a fixed expense to be managed and minimized. The business and financial people at least tolerate the quirkiness of engineers, because they produce a revenue generating product, usually.
Sound familiar?
So after 27 years, two masters degrees and four companies why am I still fighting the daily battle that is a discipline called Information Technology? Because I have the firm belief that there is a direct contribution that this discipline can make to facilitate and generate top line revenue growth for a business; I believe in a world of cost reduction and technology commoditization, that Information Technology can and must become a competitive advantage to business in the 21st century.
Nicolas Carr wrote in 2003 a watershed article entitled “IT Doesn’t Matter,” in his article, published in the May 2003 edition of the Harvard Business Review, Carr asserts the notion that in an environment where every business has an IT department to write management reports and process data, having the ability to do so no longer is a competitive advantage. He continues to assert that as these technologies become more widely available they should become costs to control rather than invest in.
When I first read the article, it took me some time to understand the perspective Carr was fostering. At the time the article was written, Carr was correct, and at some level still is. As traditional IT becomes increasingly commoditized in an ever increasing cloud world, Services, servers, and infrastructure do become operational expense that should be outsourced and controlled.
But traditional IT is changing; IT must truly become a driver to the business, IT and the role of the CIO must transform from a support expense to business technologist, share increasing evangelist; dare I say visionary partner to the others in the “C” suite about how the business market can be transformed through the use of enabling technology.
It was after reading Carr’s article I committed to understanding business, the drivers behind markets, and the sensitivity to market share that every CEO and business leader are concerned about; and then demonstrating the value that IT brings to the table to facilitate revenue growth, and improve shareholder value making IT a competitive advantage in the hands of the right person.
IT’s has a real challenge in dealing with the business
Why is it such a struggle for IT practitioners to communicate with the business owners in such a way that both sides of the table understand where the other is coming from? I mean we are all on the same team, right? We all believe that when the business succeeds as a whole we as team members succeed, right?
While perception of ‘when the team wins we all win’ is absolutely right; the technical practitioners in IT, and the business owners look at the world through completely different sets of lenses.
Eliyahu Goldratt said in his seminal 1984 book “The Goal” that “the goal of the business is to make money.” And everything related to a business must contribute to removing the constraints of obtain the goal.
That’s how the business owners view the world, through the lens of making a profit from the business (while some business owners might want to appear to take a more altruistic approach, I would argue that if you weren’t running an enterprise with the purpose of turning a profit, you’re probably in the wrong pursuit).
The finance and accounting practitioners look at the business through a similar lens, adding that they are to produce the financial statements used to measure the profit, and identify sources of cost that sub-optimize profit generation.
IT, however, tends to look at things in terms of how to leverage tools to accelerate execution or improve communication, or secure the business from risk. While ITs view of the world isn’t incorrect, it is challenging to communicate to non-technical practitioners the meaning and impact of ITs agenda on the business, especially given the highly technical nature of ITs solutions.
And the last paragraph is exactly the reason why the communication breaks down so frequently and thoroughly. IT is often attempting to forward the IT agenda… NEWS FLASH: It’s not ITs Agenda it’s the BUSINESS’, but when IT speaks it is frequently doing so in such a way that it sounds like gibberish to the business and finance practitioners. And when the gibberish to the business practitioners sounds something like “we need to implement a high availability virtual cluster built on Hyper-V, and attached to our global MPLS data network.” The business owners hear “blah, blah blah” becoming yet another reason for IT to become irrelevant.
A great example of this is the movie Pearl Harbor starring Ben Affleck. When my wife and I saw the movie for the first time, we both loved it, but for entirely different reasons. When a friend asked me what I thought of the movie, I said I thought it was a great representation of some of the lesser known historical facts of WWII and the events before and after the attack. When the same question was asked of my wife, she said it was a great love story.
We both saw the same movie, at the same time, but we both looked at the movie through two very different lenses.
And I believe that’s the fundamental struggle in communication between the technical practitioners of IT and the business and financial practitioners charged with running the business.
Add to this miscommunication, that there is very little crossover or trust between disciplines, and that the situation can be compounded by the technical practitioners somewhat smug and occasionally outright condescending self-righteous attitude toward non-technical practitioners, and the whole thing becomes a recipe for disaster.
Finally, articles written by the trade journals are typically written by either the financial professionals fostering the need for more governance and control over the IT function, because they are incapable of doing it themselves.
Or articles written by the technical practitioners complaining that the business and accounting functions aren’t qualified to make decisions or govern the technical function because they don’t have the technical acumen and decisions shouldn’t be made on finance alone.
Ok, so what, this is all well and good you say, but what needs to change?
If IT wants a seat at the table, to be a meaningful contributor to the business, and help drive profit and change, then IT needs to earn it’s seat at the table.
It means that IT leadership MUST become a business leader, the CIO must not only understand what drives profit in the enterprise, he or she must also understand the market channel the enterprise plays in, and how IT can make a meaningful contribution to exploiting the drivers to drive sales, increase revenue and profit.
The CIO MUST learn the vocabulary of business, to be able to communicate with his or hers business peers in a way they can relate.
It also means that the CIO absolutely must get out from behind the desk and build relationships with the business leadership, because in the end, that is going to be the ONLY way to understand what drives product and profit.
It means Mr or Ms CIO, that you must learn how to read a balance sheet and income statement, you have to understand the impact you can have on cost of sales and operating income. Developing an understanding of the market drivers for your industry doesn’t hurt either.
It also means to check the technical ‘alpha’ ego at the door. Business and technical practitioners, you might be the smartest person in the room; but if you don’t know how to work together, and relate to people, that smart mass just means you’re a jerk.
But this isn’t a one way street either.
Mr or Ms CFO or business leader, it also means that you must develop at least a basic understanding of what drives the use of technology in the enterprise; it doesn’t mean you have to become a network or database engineer; but it does mean that you need to understand the impact of the tools and trends on the business. For example can you explain in simple terms why social media is important to driving customer and employee engagement in your enterprise?
It’s a process.
I’d like to say that as an IT evangelist I’ve been completely successful, and most days I feel like I am. But I continue to struggle with staying relevant, communicating with the business in ways that are meaningful to them, and not fall in to the trap that the truth (at least to me) is self-evident.
And I find it ironic and (most of the time today) funny that in a room full of officers, board members, venture capitalists, and business executives, everyone continues to turn to me when there’s a problem with the WiFi at a conference center where we are having an investor’s meeting. (sigh) Forever the printer repairman.
by Ross Sivertsen | Mar 19, 2015 | Blog, Information Security
This isn’t going to come as any surprise to any of you reading these messages from me; simply file this little tidbit as ‘par for the course.’
Premera Blue Cross Blue Shield revealed that it was a vector for an attack that exposed health records of some 11 million of it’s customers.
In a WSJ article a couple of weeks ago, Kaspersky Lab ZAO (the Russian security firm with antivirus of the same name) revealed that organized criminals have stolen millions of dollars from US and Eastern European banks over the last two years.
Some of the most revealing information is that the culprits have been identified (as it appears) Chinese nationals. Certainly this information can be faked, but the important information I want to pass along is the dynamic and rapidly evolving landscape of computer crime.
I’m frequently asked “why should I care about the attack on an insurance company like Premera or Anthem; they don’t really have financial information.”
The reality is folks, that the people stealing this information not only have taken identity information from these companies, they’ve taken medical records. The use of which can be used for everything from unfair competitive advantage or blackmail for some individuals who have sensitive medical information they would rather not be revealed.
What was once considered targets of opportunity and the hacking attempts of ‘script kiddies’ are now sovereign nations and organized crime attacking targets of choice.
Certainly this doesn’t come as any surprise to any of you, this information stolen globally affects all of us. But here’s a scary thought for all of us… The attacks we hear about, the viruses and trojans we discover, are the attacks that have FAILED. In fact the environment is so target rich that the scale is still tipped far in the attackers favor.
So as I’ve sent out my first three tips, they all appear VERY basic, but they are the foundation of good information protection practices. My next tip will focus on the use of multi-factor authentication.
http://lrs.ms/EastEuropeHacks
http://lrs.ms/PremeraBCBSHack
http://lrs.ms/InfoSecTip1
http://lrs.ms/InfoSecTip2
http://lrs.ms/InfoSecTip3
by Ross Sivertsen | Feb 12, 2015 | Blog, Information Security
Physical hardware does not need to leave your possession for data to be compromised, particularly when you’re using equipment or network connections in public internet cafes, business centers, airports or hotels.
It is not uncommon to find spyware on such PCs. Many users may have plugged USB sticks into such computers to aid data transfer, but this is in itself a possible source of infection.
It may come as a surprise to know that a business center in a hotel can often be less securely managed than a street cybercafé like Starbucks. And when it comes to the wireless internet facilities available in hotels ad other public areas, it is easy for anyone to set up a fake WiFi network and encourage people to connect to it to capture sensitive information.
Consider using a VPN; I use a VPN on my mobile devices and laptops when ever and where ever I go. There are several good inexpensive options. I use Private Internet Access
First of all make sure your personal firewall is turned on for your PC, both PCs and Macs have them.
If you don’t have a data tethering plan on your mobile device, consider getting one and use it in place of connecting to a public WiFi
Finally you might simply want to consider only using certain sites when connecting to a public WiFi access point.
http://lrs.ms/DataSecureTravel
http://lrs.ms/SecurePublicWifi
http://lrs.ms/VPNReviews