Archives For CIO

shadowShadow IT – It’s Everywhere

CIOs see Shadow IT  as another aggravation in the way of them doing their job.  

Shadow IT is much more serious than job aggravation. Like Spam (something end users see as a time waste) it’s more of a threat than inconvenience.

Where there’s a threat, there’s an opportunity…an urgency to fix the emerging security holes.

What Is Shadow IT?

It’s Hillary using gmail. It’s IT using back doors to managed their systems from home. It’s end users downloading unauthorized apps to get their jobs done faster. It’s the giant DEC VAX Implementation I discovered at a large pharmaceutical manufacturer (one you would surely recognize if I were to name it) during an assessment years ago.  No kidding, the IT department swore the entire company was IBM – little did they know, R&D had installed a global VAX network behind the scenes, and no one knew about it!

Here’s The Problem – And It’s Big

Sound Bites: According to a study published by Cisco Systems this year,…

  • 38% of business and 32% of IT workers use non-approved apps because IT approval processes are too slow.
  • 24% of those surveyed use non-approved SaaS apps because they are better than the approved alternative.
  • 18% of business and 14% of IT workers use these apps because the approved tools don’t perform needed functions.

In another study published by Second Watch, 93 percent of enterprise business units are using the cloud, while a substantial 61 percent of them are bypassing their IT departments and doing it themselves.”$1 HC Book Ad

The two big Issues Named in both studies are Cost and Security. The cost represents about 20% of the IT budget – which is a big number. But the security is the bigger issue. At least 30% of the study respondents were concerned with what this does to security. But think about it, who’s securing these applications if IT isn’t?

This is the perfect lead in to an assessment.  First, to discover where a company’s data is – many larger companies have no idea where their data is. Unstructured data is out of control as soon as Shadow IT enters the picture – reference Hillary’s email issues…Second, looking at end node security is now more important than ever. You can be sure much of this computing is being done on personal devices…so how secure are they?

Please comment – where are you seeing new opportunities with Shadow IT, and how are your IT and CIO contacts reacting to this expanding problem?

© 2016, David Stelzl

 

Advertisements

cloud1Where Should You Focus Sales Efforts in 2016

The trends are important.  Whether you resell technology or sell for a vendor, you need to know what CIOs are up against…if you call on the SMB, think of the owner as the part-time CIO. Both are going to leverage technology if they plan to grow.

Know the Important Trends Before You Make Your Next Sales Appointment

Regardless of what President Obama claims, WSJ continues to report a shaky economy. That translates into tighter spending.  This morning’s WSJ reports three significant trends…

  1. BIG DATA is where the gains are. Big data represents a promise for future decision making – better decision making. Especially in the enterprise, data analysis can lead to better marketing, better hiring, and greater efficiency. The value proposition here is Competitive Advantage! One of the four key value props I wrote about in From Vendor to Adviser.
  2. CLOUD is strong. People are moving to the cloud to achieve greater efficiencies. That means they want to see a reduction in TCO – Total Cost of Ownership.  This too is one of the four value props I describe in my book.
  3. Third, there is a slowdown in SECURITY – but the WSJ is talking about new companies and IPOs, not security spending. IT Spending as a whole is down by more than 5% this year as compared to last (According to recent WSJ reports), but security spending is up.

If you understand Cloud and Big Data (And we should mention IoT as well here), you know that using these technologies demands a change in the security strategy. Tie the two together and you’re well positioned to drive security business. If you call on the SMB market, you should be adding the DETECTION side of security to every existing contract – it’s an almost guaranteed up-sell opportunity.

© 2016, David Stelzl

PS. I still have some seats in the SECURITY MASTERY SALES PROGRAM – These are for resellers only, sponsored by distributors and manufacturers… Where You’ll Learn Exactly How to Make Security Sales Happen. (CLICK)

What’s The One Big Mistake Just About Every Business Is Making When It Comes To Security?

There are lots of mistakes being made…I guess you could argue one over the other. But the big mistake I constantly see is a lack of insight into what’s going on.

No Detection. No Intelligence.

As Mike McConnell put is months ago in the Wall Street Journal, IT lacks the data and the trade-craft to bring intelligence to their company.

This morning, 8:30 AM, I am on stage in Charlotte, NC. speaking to business leaders and IT personnel on this topic. Usually I am doing this talk at Lunch & Learns, sponsored by resellers and security product manufacturers. But this morning I decided to accept an invitation to speak at SecureWorld.

My hope is that my talk will generate opportunity for the many resellers and technology vendors I work with. It’s the education session in my conversion chart, but this time there’s no real conversion. The sponsoring technology companies will be lined up in the Technology Expo Hall. If you’ve read my book, you know that conversion goes way down once they leave this room.

If you really want to drive technology sales, you need a presentation like this in you home town, with a sign up sheet calling your audience to an assessment. Without, it’s just education.

Even so, I am looking forward to meeting with this group simply to learn more about what they are thinking, doing, and needing. The more you know about the CIO and IT culture the better equipped you’ll be in your next meeting.  Hope to see you there – learning about CIOs and IT. But don’t expect a big conversion.

Copyright, 2016, David Stelzl

 

executive-1Three Things You Can Do To Earn A Seat At The Table

Continuing from yesterday’s topic on, Things Sales People Do That CIOs Hate, last week’s keynote also covered three things CIOs really need…and can’t easily get internally.

  • Security Intelligence.  Intelligence is the new security buzzword. Not that it’s new. But for years people have talked about “Defense in Depth”, “Zero Day Response”, “Layered Security,” etc.  Recent WSJ reports are telling us that just about every board meeting agenda allots about 30 minutes to security.  What do the leaders of that meeting want to know? They want a measure of risk – “What are the odds our company will get hit this year?”  Who, besides you can give them that information?
  • Advice on leveraging new technologies. In the interview I referenced yesterday, the CISO I was meeting with talked about his need for advisors. He can’t know everything, and his team is heads down on support issues, project implementations, and daily operations. They don’t have time to keep up with technology the way you do.  So rather than showing up with your corporate presentation, show up with research and examples. Knowing what other “like” companies are doing to compete will go a long way.  In the Interview he mentioned compliance as an area they constantly need more advice on…can you advise your clients on HIPAA, GLBA, PCI, etc.compliancy group
  • Trust. Most of the sales people out there are just trying to sell. Is that you? Do you care whether your product actually works, or delivers a benefit this client needs? If you do, and I hope you really do, you’re a minority. The great thing about security is, just about everyone needs new security. As threats evolve, and IT moves toward new disruptive technologies, the security strategy is constantly evolving. It’s safe to say that, regardless of who they end up buying from, they do need security. Make sure you are doing the things that earn that trusted advisor status. Security is a great place to start.

Copyright, 2016 David Stelzl

PS. Check out what Compliancy Group has to offer resellers…compliance offerings without going back to school for four years.

IMG_3863Last week I spoke to the High Performance Technologies Sales Team…

Delivering a Keynote on, The Secrets of High Priced Consultants…lessons I’ve learned from the Big Six and others, who know how to call on C-Level Executives.

There are 5 major disciplines I see high-priced consultants mastering.  For instance, they sell one of 4 things – Customer Experience Gains and Risk Mitigation being the two most compelling value propositions.  Technology is then just a means of achieving these things.

But perhaps the most important aspect of my message came from a recently interview with the CISO of Sodexo. From our 45 minute discussion I gleaned 5 important things sales people should stop doing if they really want to peer with C-levels.

  • Stop calling with generic messages like, “I wanted to introduce myself.” CIOs get thirty to forty of these every week from technology sales people. They don’t have time for this.
  • Stop Showing your generic corporate presentation. I know your marketing people think it’s great, but it looks like every other company’s presentation. There really is nothing unique or compelling about it.
  • Stop making things sound worse than they are. Security is a big issue, but without proper justification, you can’t just start throwing statistics at them.
  • Stop calling to tell them about the latest hack printed in your local paper. They probably knew about it before you did. It’s not interesting or insightful to them.
  • Stop showing up with nothing meaningful to say. Instead, start reading about the things they care about, become an expert in something they would find helpful, and then give them a call about something specific.

I’d love to hear more from anyone who has first hand experience with “What not to do” when meeting with an executive…

Copyright 2016, David Stelzl

PS. I was on a call years ago with a sales rep from the company I was involved in. The sales rep managed to get a C-Level meeting, which I attended. One of his first questions was, “So what does your company do?”  Big mistake…

 

Donna+SeymourHow to Stop CIOs From Sending You Back To IT

And What We Can Learn From Donna Seymour

Are you talking about the most important things in IT when you meet with business owners and CIOs? It’s security – not managed services.  Cost savings are great, but security is crucial.  In fact, for some, not only do they need more security…they need more education and perhaps a lawyer.

What Happened to Donna Seymour?

Just a few months ago no one knew the name, “Donna Seymour”. Today, she’s becoming a household name.  Is it her fault that millions of employee records were taken from the OPM? It might be – but who knows. It would be easy to jump on the bandwagon and say she should lose her job. The truth is, any company can be successfully hacked and the CIO can’t stop it. However, there are some things to consider.  Due care means taking the steps that should be taken to decrease the risk of an attack.  But this is harder than it sounds.

First, how often do politics get in the way of making the right decision? You know, the budget constraints everyone works under.  I just got off the phone with a sales rep going through my Vendor to Advisor Mastery Program – he’s facing this issue right now. A very large company in the midst of a merger, not willing to spend any money. How should he respond?

With Donna, what we can say, based on a recent study I wrote about a few days ago, is that these business leaders are not equipped to make a case for better security because they can’t quantify the risk.  They don’t know how much risk they really have, so they don’t know how to budget, or how to justify more budget.

As a result, Donna Seymour is not only being pressured to join the Target leadership in resigning, she’s being threatened with lawsuits.  She blames it on outdated infrastructure – that’s probably true, but as Eric Ries, author of The Lean Start Up recommends, you need to ask “Why?” five times, to get to the root cause….and it’s not outdated infrastructure.

Why did OPM get hacked?

Outdated infrastructure – that’s what they are telling us.  But why is the infrastructure outdated?  Because Donna didn’t get budget to upgrade it sooner.  Why not….etc.  I bet it eventually boils down to not predicting the need. A security expert probably would have predicted it. The average CIO would have delegated  that meeting down to someone in IT Security, and that person would have delayed any sort of action due to budget constraints – not wanting to pressure Donna, or being too afraid to ask. That IT person is still unknown and still employed.  Donna on the other hand may not be for long.  Donna should have taken the meeting.

Or, it could be that there just wasn’t a sales person bold enough to ask for the meeting with Donna. Maybe should have listened, if the sales rep had offered the assessment. Who knows.

Of course they’ve had assessments, but were they the right kind? Did they just choose the low cost provider and get what they paid for?  Or did the provider deliver the right results, but Donna failed to take action?  Who knows?

These lawsuits are personal 

Donna’s being held personally responsible for the loss of millions of personal employee files. Whatever her organization wasn’t willing to spend, she’ll make up for personally (Of course she can’t really do that – millions of people are affected and a credit score service is not going to protect them on this one.)

Are You Talking To The People Who Need To Know?

Are you calling on CIOs that won’t take the meeting? The WSJ reports, “CIOs generally should expect to be sued in increasing numbers over cybersecurity issues…”  In my latest book, The House & The Cloud, on page 195, I explain exactly what Donna needed, and what every CIO, CISO, and board member needs to know.  So you have a great reason to make the call – what can you say to get them to listen. Hopefully, by understanding these recent attacks, you can get someone’s attention before it’s too late.

© 2015, David Stelzl

dhs_headCIOs Must Change or Risk Unemployment!

Are you watching the news, reading the CIO reports, or talking with IT business leaders about the future?  Things are changing quickly…

Read this…

“CIOs should take an active role in
helping their companies undertake
deep digital transformation, by ignoring
business processes and focusing
instead on how their organizations
make money,” writes Michael Higgins
in a recent WSJ article.

Isn’t this what the CIO job is all about?  Custodial Responsibility over the data center…

or:

“The enemy of digital innovation is the
concept of business process,” – Gartner
analyst David Aron

Special Report on CIOs and Technology Providers

This week I published a special report on the CIO, CISO, and CDO (Chief Digital Officer) roles – but more importantly,

How technology providers must change if they want to continue (or start,) working at the leadership level.  Here are a few comments from the report:

CIOs are in trouble in my opinion.  What I mean is, while this title has held budget control for a long time, and continues to do so, the CIO’s job is not a secure one.  What must CIOs do to remain a key person in the C-suite, worthy of big salaries going forward? And how will these changes affect technology providers?

The CIO role has traditionally been one of custodial responsibility over IT systems.  They are the owner of the data center, responsible for keeping the lights on.  But 2014 has become the year of cloud computing adoption, along with many changes to the traditional computing model. Corporate computing infrastructure is in place for the most part, legacy applications are up and running, and new functionality is being accessed through cloud services. Meanwhile, many companies are looking to third party service providers for system / network management and maintenance.”

So What Should the CIO Be Doing?

My report goes on to talk about CIO relevance – the importance of integrating new technology advancements with company strategy.  Board members are calling on the CIO – or what is being treated more like a CTO role, to help.  While Wal*Mart and other big box retailers struggle with their store model, Amazon is growing.  In fact, they just raised their PRIME membership by about 20% – will their customers complain and run?  Probably not.  Can your average customer raise their prices by 20% like that?  Probably not.  Why can Amazon do this, while others can’t?  Their model is completely different. They have designed a company using technology that completely changes the retail model.  I pay Amazon – with their new pricing model, $99/year before I go shopping!  But somehow it seems worth it.

The Point of the Report

The report has two purposes…first, it will help your team better understand what IT leadership should be thinking about right now.  It will also help you measure your company’s performance to see where you might want to change your approach…I guess this is two things right here, but they both have to do with your approach.

Second, I’ve written this report in a way that is presentable to a customer.  In other words, you can use this report as a news bulletin to help your clients see where they need to be changing their own role. Hopefully this provides some value to you as a technology provider.  I recently worked with a large reseller up in the Chicago area, building a presentation using this as the basis…we took it to market with 20 CIOs as a marketing piece and landed 20 strategy meetings in a one hour lunch & Learn meeting.

Here’s the report – it’s free just for visiting my blog: Click to Request it Here!

© 2014, David Stelzl