Hacking the Human Network

A couple of network televisions shows have lately caught my eye.  Now I’m not a television critic but there were things in these shows that have security implications that warrant some attention.  These episodes came just as I had finished some hacking training and provide an opportunity to share some interesting new tools and attack scenarios.  

First, Alex Baldwin pimped Cisco’s TelePresence system on 30 Rock.  In the episode “The Audition,” Baldwin’s character Jack has bedbugs and is forced to use TelePresence to attend a meeting.  There is a very funny bit that takes product placement to a new tongue-in-cheek level:

TelePresence Screen: “Do you like the Cisco equipment?”

Jack:  “Of course, it continues to be the gold-standard by which all business technology is judged.  Cisco, The Human Network.”

Read more

Forrester BI Maturity Survey Results Are In

Boris Evelson By Boris Evelson

Our latest BI maturity survey results are in. We used exactly the same questions from our online BI maturity self assessment tool to survey over 200 Forrester clients. Now you can compare your own BI maturity level against your peers by using data from the survey.

In the self assessment tool and in the survey we ask over 30 questions in the following 6 categories

  • Governance
  • Organization
  • Processes
  • Data and technology
  • Measurement
  • Innovation

Our clients rated themselves on the scale of 1 to 5 (5, if they strongly agree with our statement or 1, if they strongly disagree). Here are the overall results. Keep in mind that these results do not evaluate BI maturity accross ALL business, but rather in businesses that are already pretty far ahead in their BI implementations (they are Forrester clients, they read our research reports, they talk to our research analysts):

  • Governance 3.00
  • Organization 2.74
  • Processes 2.47
  • Data and technology 2.73
  • Measurement 2.11
  • Innovation 2.00
Read more

Podcast: Lean: The New Business Technology Imperative

Our latest featured podcast is Connie Moore's"Lean: The New Business Technology Imperative".

In this podcast, BP&A Research Director Connie Moore covers how process professionals and IT leaders need to apply lean thinking to maximize value and minimize waste across the organization. This podcast features a combination of three components that have a tremendous amount of power, including: Lean as a concept, Lean software, and a trend in forward looking organizations where information technology is shifting its focus to Business Technology.




Read more

Podcast: Forge Your Lean Process Improvement Game Plan

Our latest featured podcast is Clay Richardson's "Forge Your Lean Process Improvement Game Plan".

In this podcast, BP&A Senior Analyst Clay Richardson covers how to deliver the impact and bang of process improvement without the traditional bloat usually associated with process improvement. Clay covers his framework for aligning an organization’s BPM approach and strategic intent in order to improve business processes and maximize profits.

 

 

 

 

 

We look forward to your questions and comments.

 

---

Subscribe to Business Process & Applications podcasts through iTunes.

Subscribe through RSS.

 

Remote Access And Virtualization: Not One And The Same

Some of you may have seen me tweeting recently about a little experiment that I have going on where I'm using a small PC (perhaps we can call it a netbook, but that's a semantics issue) — the Nokia Booklet 3G — as my primary computing device outside of the office.

Read more

New Technology Trends Shift IT Skill Requirements

Are you implementing or considering technologies, such as Social Computing and Cloud-based platforms?  Is IT positioned to exploit these technologies?

Read more

Categories:

The new ISO 31000 risk management standard . . . well-written, but not earth-shattering

By now, many of you have read the newly released ISO 31000 Risk management - Principles and guidelines standard. (Others may have seen its release draft or be familiar with its predecessor the AS/NZS 4360 standard.)

It provides a well-written, step-by-step guide to risk management processes that can be applied to whole organizations, or any part thereof. So far, it has received well-deserved praise for its surprising brevity and consolidated value. These are especially important characteristics for a document with as lofty a goal as standardizing what it calls “an integral part of all organizational processes.”

But if we expect the availability of ISO 31000 to have any sort of revolutionary or game-changing impact in the immediate future, we’re getting way ahead of ourselves.

Read more

Categories:

Note To CISOs: Be the Automator, Not The Automated

Rob Whiteley

I’d like to take a small commercial break from your regularly scheduled security & risk programming to bring you the following observation . . .

I was recently in a client session with one of our great infrastructure & operations (I&O) analysts, Glenn “Automation” O’Donnell. His research on IT automation is extremely interesting both tactically (advice for improving IT operations) as well as philosophically (a call to arms for IT professionals to update their skill set — or risk obsolescence).

Anyway, in this session Glenn made a great observation: IT is at a key inflection point in 2009 and it’s never going back. He was distilling the result of three IT macro-level events colliding: 

  • Business Technology (BT) architecture redefining how we define IT services
  • Cloud computing and virtualization redefining how we build IT services
  • Automation and ITIL redefining how we run IT services

But the big takeaway form me was automation. It’s the main ingredient in transforming information technology.

And now as we return to our regularly scheduled security & risk programming I’d like to pose the following question: What is automation doing for information security? My take: Not much.

Sure, we see pockets of automaton in information security. I’ve seen:

Read more

Do You Have A Handle On Game-Changing IT Trends?

Maybe it’s because it’s planning season. Maybe it’s because they’re just tired of focusing on cost-cutting and incremental improvements. Or maybe the IT to Business Technology (BT) shift – where the boundary between IT and the business is blurred as businesses become ever more technology dependent and technologically savvy – is becoming a reality and pushing CIOs to stay even further ahead of their business counterparts.

Read more

Categories:

The State Of EA In 2009 – A Disconnect Between Goals And Activities?

In September-October Forrester conducted its State of Enterprise Architecture survey – a broad look at EA in the context of the IT & business organization. We asked respondents questions ranging from where does the architecture function report, to the state of completeness of various architecture domains, the key technologies firms will be making significant architecture decisions about, and the degree of support for EA by various constituencies ranging from application developers to corporate business management. An upcoming series of reports from Forrester will discuss the survey results.

Last week, I conducted a webinar for the survey respondents – highlighting the results and discussing ‘what it means’. Webinar participants were very engaged in the discussion of the results – and with the broader question of the relationship and impact of EA to the larger business organization it is part of. 

Two figures that really stood out and generated discussion: 

We asked survey respondents – who were primarily architects in large enterprises – to identify the drivers for the EA program – essentially the mission and charter for the architecture organization.

 1 graphic

Read more