Last week I published two research reports on the hottest topic in PCI: Tokenization and Transaction Encryption. Part 1 was an introduction into the topic and Part 2 provided some action items for companies to consider during their evolution of these technologies. Respected security blogger, Martin McKeay, commented on Part 1. Serendipitously, Martin was also in Dallas (where I live) last week and we got an opportunity to chat in person about the report and other security topics.
Martin’s post highlighted several issues that deserve some response. He felt that I, “glossed over several important points people who are considering either technology need to be aware of.” Let me review those items:
Comment: “This is one form of tokenization, but it completely ignores another form of tokenization that’s been on the rise for several years; internal tokenization by the merchant with a (hopefully) highly secure database that acts as a central repository for the merchant’s cardholder data, while the remainder of the card flow stays the same as it is now.”
Calling all tech industry marketing and strategy professionals! We need some help with our current research on market opportunity assessement.
"Where in the world are you? And, how'd you get there?"
Strategists in the tech industry face a continuous stream of critical decisions in today’s complex global market. One of those is “where in the world?” One the one hand, globalization expands the options available, making it “easier” to enter new markets. However, those decisions aren’t always themselves easy. To better understand how strategists are undertaking the tasks of identifying, evaluating and prioritizing technology market opportunities in new geographies, we have launched a short survey. The survey questions include background on market presence and intended entry, data sources and factors that influence these decisions, stakeholders' involvement, and the process itself. This is where we need your help. If you are part of a team or team leader for strategic planning in global markets, we’re interested in your input. The data gathered will be used for an upcoming report – Where in the World? Tech vendor strategists weigh opportunities (and risks) of expansion (working title). The report will also use public data and research interviews (where we'd also like your help).
The survey should take no more than 15 minutes and participants who complete the survey will receive a complimentary copy of the completed report. Terms and conditions (the fine print): As always, we keep your individual responses confidential.
Like many movements before it, IT is rapidly evolving to an industrial model. A process or profession becomes industrialized when it matures from an art form to a widespread, repeatable function with predictable result and accelerated by technology to achieve far higher levels of productivity. Results must be deterministic (trustworthy) and execution must be fast and nimble, two related but different qualities. Customer satisfaction need not be addressed directly because reliability and speed result in lower costs and higher satisfaction.
IT should learn from agriculture and manufacturing, which have perfected industrialization. In agriculture, productivity is orders of magnitude better. Genetic engineering made crops resistant to pests and environmental extremes such as droughts while simultaneously improving consistency. The industrialized evolution of farming means we can feed an expanding population with fewer farmers. It has benefits in nearly every facet of agricultural production.
Manufacturing process improvements like the assembly line and just-in-time manufacturing combined with automation and statistical quality control to ensure that we can make products faster and more consistently, at a lower cost. Most of the products we use could not exist without an industrialized model.
This is my first post as the new Research Director for the Security and Risk team here at Forrester. During my first quarter as RD, I spent a lot of time listening to our clients and working with the analysts and researchers on my team to create a research agenda for the rest of the year that will help our clients tackle their toughest challenges. It was a busy Q1 for the team. We hosted our Security Forum in London, fielded more than 443 end client inquiries, completed more than 18 research reports, and delivered numerous custom consulting engagements.
In the first quarter of 2010, clients were still struggling with the security ramifications of increased outsourcing, cloud computing, consumer devices and social networking. Trends have created a shift in data and device ownership that is usurping traditional IT control and eroding traditional security controls and protections.
We’re still dealing with this shift in 2010 — there’s no easy fix. This year there is a realization that the only way that the Security Organization can stay one step ahead of whatever business or technology shift happens next is to transform itself from a silo of technical expertise that is reactive and operationally focused to one that is focused on proactive information risk management. This requires a reexamination of the security program itself (strategy, policy, roles, skills, success metrics, etc.), its security processes, and its security architecture. In short, taking a step back and looking at the big picture before evaluating and deploying the next point protection product. Not surprisingly, our five most read docs since January 1, 2010 to today are having less to do with specific security technologies:
I was able to catch pieces of live testimony in front of the House Financial Services Committee yesterday on the Lehman Brothers collapse (covered via live blog by the Wall Street Journal). It was interesting to watch former Lehman head Richard Fuld reluctantly attempt to explain to an understandably skeptical audience, “We were risk averse,” in the period leading up to the company’s collapse.
Meanwhile, Goldman Sachs is back in the spotlight after the SEC leveled charges of fraud against the company last week related to alleged misstatements and omissions in the marketing of specific financial products. While this seems like a relatively small initial shot at the large financial firms, the SEC appears to be reasserting its authority after a series of embarrassing stories have come out about failures of oversight including Madoff, Stanford, and now Lehman.
So what does all this mean for governance, risk, and compliance professionals?
It’s hard to tell what might come of the fraud charges against Goldman Sachs, but if anything, this appears to build a case for more rigorous compliance policies and manual oversight. It’s hard to see how automated controls could have helped here, but the case could involve substantial e-discovery to determine how certain marketing decisions were made.
TECH DEVELOPMENTS: Like half a dozen Forrester colleagues, I have been stuck in London since last week due to the Icelandic volcano's disruption of air travel. So, this allows me a UK perspective on IBM's results for Q1 2010. These turned out to be very much what I expected (see "US And Global IT Market Outlook: Q1 2010 -- The Tech Market Recovery Has Begun"). I thought IBM's revenues would grow by mid-single digits; in fact, they grew by 5%. I expected its software revenue growth to be in low double-digits; its hardware revenues to be around 3%-5%; its outsourcing revenues up about the same; and its consulting and SI revenues down by 5% to 10%. Again, actual results came in pretty close: software revenues were up 10.6%; systems and technology revenues up 4.9%; outsourcing (GTS outsourcing) up 6%; and IT consulting and systems integration services (Integrated Technology Services and Global Businesses Services) flat with the year before.
Based on the results we have seen so far from IBM, Oracle (quarter ending February 28), Accenture (quarter ending February 28), and Atos Origin, here's what I think we will see for vendors for the rest of the quarter:
Software will be strong, up 10% or more growth in US dollar revenues for most vendors. Microsoft will do better than this, thanks to strong sales from Windows 7.
Hardware will also be strong, with PC vendors posting 15% growth and server/storage vendors coming in around 5% to 8%.
IT consulting and systems integrations servies will still be down, lagging the upturn in software investment.
I haven’t been blogging or tweeting recently because I’ve been on an unprecedented two-week vacation, but didn’t want any potential burglars to know that. Now, thanks to Eykanmuckyourlifeup or whatever its called, that vacation has turned into an extended business trip states-side (see #ashtag). So I’m taking the opportunity to meet more clients on the smoke-free side of the pond, to help them with their software negotiations.
This is a busy time of year, particularly for Oracle and Microsoft deals in front of their financial year-ends of May 31st and June 30th respectively. One of software buyers’ frequently asked questions is, “what extra leverage does a vendor’s year-end really give us?”
The answer is in the title above. On the one hand, if your deal would give your sales rep a Spiff, an extra bonus for selling specific products, then he’ll be very keen to prevent your order slipping into next quarter, when the spiff may not be available. Even better, he’ll be desperate to close your transaction now if he needs it to make his annual target, to avoid becoming part of next quarter’s reduction in force (RIF) program.
Last December I wrote about Building B2B Technology Markets, looking at how to penetrate a market with almost none of the traditional characteristics of a mature technology market? As technology vendors increasingly look to emerging markets as a significant opportunity and source of growth, this question becomes more pressing. The report explored some of the elements of Cisco’s Country Transformation initiatives in order to identify steps in the process of building market infrastructure:
For example, the report looked at partnering with governments to encourage market-friendly policies and investment in the necessary technology infrastructure to support market development and overall economic growth. And, from a sales perspective, trade associations provided an alternative channel to reach small and medium businesses in markets where distributors and resellers weren't available.
But, another element critical to successful market development is the ecosystem of partners developing solutions specific to the particular market, or even just contributing local innovation for new approaches to broader global issues. Building B2B Technology Markets discussed finding local organizations to act as partners in the market, and even investing in educational initiatives, but missed the next step of how to help create these new local ecosystem partners.
During a recent set of interviews with IT service providers on how they help their client’s innovate, I had the opportunity to speak with K Ananth Krishnan, CTO at Tata Consultancy Services (TCS). Ananth described to me what I consider to be one most progressive innovation programs I encountered during these interviews – it was consistent with TCS’s capabilities, holistic in scope, and has the potential to be a important part of the company’s long-term evolution.
A few key findings from my discussion with Ananth:
Today, Oracle announced yet another acquisition - this one of Phase Forward, a clinical research suite that helps life sciences companies manage their R&D process. Oracle paid $685 million in cash for this acquisition. While my research role focus does not encompass life sciences software specifically, Oracle's overall apps strategy is definitely of interest to me. My thoughts about this deal are as follows:
Oracle continues to aggressively acquire industry-specific applications to complement its core ERP solutions (e.g., EBS, PeopleSoft, J.D. Edwards, and the yet-to-be-released Fusion Applications). Industry apps enable Oracle to achieve deeper relevance with specific types of businesses, and sell them additional products, including middleware, integration accelerators, BI, databases, core ERP applications, and now even computer hardware.
The Phase Forward clinical trials software puts Oracle into the mix in large pharma accounts, where SAP tends to have the lion's share of the wallet for applications.
Healthcare overall is a massive market opportunity for which Oracle has only scratched the surface. Oracle only recently established a Health Sciences Global Business Unit, and more acquisitions can be expected in and around the healthcare ecosystem. Healthcare provider solutions may fit into this build-out at some point.
Your thoughts on Oracle's apps strategy and portfolio? Feel free to comment here.