Cyber-resilience: A national response is required

Cyber-resilience: A national response is required Conclusion: IT executives from Australia’s largest organisations are actively looking for ways to create cyber-resilience, not just in their organisations, but also in the ecosystem their organisations operate in. These executives are...

02 9238 1931  sales@ibrs.com.au

Current Research

Security Frameworks - know the rules before you break them

Security leaders should approach security frameworks as a challenge to how the organisation secures its information assets. So, security leaders should be able to defend adherence, or variation, from any point on a chosen framework. Variance may be critical for business function, but the security leader needs to know this and be able to articulate it. This is not an argument for non-compliance, but toward a deep understanding of business requirements – and being able to defend this position to internal and external auditors.

Running IT as a Service - Part 2: Business-centric IT Strategy

Business-centric IT strategies are critical to run IT-as-a-Service1 because they attempt to integrate IT with business strategies. The rationale is to support business operations by implementing new technologies that reduce business risks, create business opportunities and achieve high levels of customer satisfaction. Business-centric IT strategies focus on addressing the business critical issues by implementing new IT solutions in a timely and cost-effective manner. The proposed IT solutions should provide capabilities that address the current and emerging market forces such as consumerisation, mobility, social media and Cloud. This will signal to business lines that IT is being modernised to meet consumers’ exigent needs. It is critical for business-centric IT strategies to be developed within two months to accelerate IT as a Service transitioning.

Understanding and Optimising Microsoft Software Assurance:Part 1 - The Basics

Microsoft’s Software Assurance should not be viewed as a monolithic software maintenance and ‘upgrade path’ for existing solutions. Instead, it should be viewed as a collection of additional licences that extend product usage rights, and grant features for enterprise scale deployments. Knowing which Software Assurance licences to procure, and which to reject, can result in significant savings.

How to avoid Vendor Lock-in

In most vendor-client relationships power shifts from the client to the vendor as soon as the deal is signed. As the SMACC (Social, Mobile, Analytics, Cloud and Consumerisation) ecosystem evolves, strategies are emerging that enable power to remain with the client for the duration of the vendor-client relationship. However, this shift in power will only happen if the client actively works to eliminate vendor lock-in strategies.

Trust Dividends, Relationships and IT Outsourcing

Organisations are increasingly leveraging the services, skills and capabilities of third party organisations to deliver high quality IT services to their organisations. At the same time, there is industry recognition that contract management skills within organisations are often under par. Well managed relationships can result in significant returns for the organisation in terms of ROI and reduced management costs. Well planned arrangements with performance measurements represent sound management practices. Going beyond the basics to mature relationships and trust dividends is even better.

VMware EVO: Hyper-converged or just Hype?

VMware’s EVO hyper-converged infrastructure is the tipping point for the move away from SAN based architectures. Over the next 3-5 years VMware EVO will commoditise and simplify compute/storage infrastructures in the same fashion VMware commoditised and simplified servers. This will disrupt traditional systems vendors (e.g., HP, IBM) and new systems vendors (e.g., Cisco, VCE) and challenge the growth and long term viability of upstart hyper-converged vendors (e.g., Nutanix and SimpliVity). However, the real challenge to EVO will be IaaS, especially VMware Air.

How best to articulate the rules of business

The development of new digital services often entails not only changes to workflows but also changes to the business rules that must be enforced by software. Whilst vendors of business rule engine technology often market their products as powerful and highly generic tools, the best results are achieved when restricting the use of the different approaches to specific use cases.

Comparison of Investment Analysis Models

There are several established models which have been used to evaluate technology investments. Some models are applied to assess the value of technology in use within an organisation. Organisations can select a model for a particular need; however it is fundamental that the assumptions and the factors that construct the model are realistic and clearly understood. Furthermore, the models should be comprehended by other departments within an organisation, such as finance. A model that is only applied within, and solely has merit for IT is generally not an altogether useful tool. The outputs and the inferences drawn from these outputs may not convince other parties if the tool is not compatible to cross-department interpretation.

Mind the Gap in the IT and Business Partnership

With increasing pressure to digitise extra services to clients, now is the time to review the effectiveness of the partnership between IT and business units. Unless it is strong the capacity to deliver the extra services will be at risk.

Sourcing Monthly: August 2014 - September 2014

New service contract agreements have been prominent the past month, particularly with the Department of Defence which has traditionally engaged in high volume, high value, complex projects and invests a lot in IT to enable the support of its critical functions. Last month has seen Defence establish a number of contracts for its $800M data centre consolidation project, which is only one part of a larger, ongoing ICT transformation. While most companies cannot work on the scale that Defence does, its activities can provide useful insights for organisations that outsource if viewed from a basic level. Problems, such as cost overruns in the eHealth project as well as approaches to vendor management and general practices can assist when planning outsourcing strategies, agreements and contract maintenance.