I promised a second blog based on the English-language presentations at the itSMF Norway annual conference but then I had a better idea … rather than just giving you the something akin to Twitter highlights I decided to be cheeky and ask a couple of the presenters to write blogs based on their presentations. Smart or lazy, I think it is better for you the reader.
Here is the first from Paul Wilkinson of GamingWorks – no stranger to writing blogs for my Forrester blog roll. The second is by Stuart Rance of HP and this will appear soon. Paul’s topic?
“How to improve the Return On Value (ROV) of an IT service management training initiative”
To quote Paul: “Hardly an innovative, exciting, sexy subject when everybody wants to hear about cloud, BYOD, social media, and all that new stuff.” BUT Paul was asked to present the same session he delivered in 2012 given that it was one of the top 3 well-received the previous year. I personally thoroughly enjoyed it – Paul is good at making you believe that there is “a better way” when it comes to changing the way we think about IT service delivery.
What were Paul’s key messages?
What was so important? Why should you read on? What should YOU now do differently?
Paul set the scene nicely. In his words (with a little editing by yours truly):
Security threats develop and evolve with startling rapidity, with the attackers always seeking to stay one step ahead of the S&R professional. The agility of our aggressors is understandable; they do not have the same service-focused restrictions that most organizations have, and they seek to find and exploit individual weaknesses in the vast sea of interconnecting technology that is our computing infrastructure.
If we are to stand a chance of breaking even in this game, we have to learn our lessons and ensure that we don’t repeat the same mistakes over and over. Unfortunately, it is alarmingly common to see well known vulnerabilities and weakness being baked right in to new applications and systems – just as if the past 5 years had never happened!
A recent report released by Alex Hopkins of Context Information Security shines a light on the vulnerabilities they discovered while testing almost 600 pre-release web applications during 2011. The headlines for me were:
On average, the number of issues discovered per application is on the rise.
Two-thirds of web applications were affected by cross site scripting (XSS).
Nearly one in five web applications were vulnerable to SQL injection.
It makes depressing reading, but I’m interested in why this situation is occurring:
Are S&R professionals simply not educating and guiding application developers?
Are application developers ignoring the training and education? Are we teaching them the wrong things or do we struggle to explain the threats from XSS and SQL injection?
Are our internal testing regimes failing, allowing flawed code to reach release candidate stage?
I was recently asked about the importance of selling skills for CIOs - does a CIO need to be a good salesperson? It seems to me the answer to this should be a resounding yes. After all, IT executives need to be able to sell themselves effectively in order to attain the heights of the C-Suite. Great CIOs must be great communicators, capable of delivering a compelling presentation or a memorable speech, and inspiring others to follow them.
But what of sales skills beyond being a good presenter? Since many sales skills are focused on understanding people and connecting with them, I've found sales training to be highly effective on two levels:
Developing better listening skills. One of the first things you learn as a salesperson is not how to make a pitch, but how to listen to a customer - only by listening can a good salesperson effectively satisfy the needs of a prospect/customer.
Understanding how products/services meet the customer needs. Salespeople spend a lot of time learning about a firm's products and services; they learn how they meet the various customer needs and they learn how to present them in the best light.
So go ahead and sign up for the next sales training class being run in your organization - you may be pleasantly surprised!
Are CIOs the only people in IT needing sales skills?
I'd like to make the case for putting everyone in IT through sales training - here's why: