Main
Log in

IBRS iQ is a database of Client inquiries and is designed to get you talking to our Advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.
 

Register to read more...


The CIO Cyber & Risk Network Mandate:

To provide CIOs in Australian organisations with a forum in which to share their issues and approaches to cyber security and risk. The intended outcome is that organisations make better informed decisions to help protect their organisations, staff, customers and the economy.
Introduction
Not all Australian organisations are fortunate enough to have a Chief Information Security Officer. But not having a CISO doesn’t mean the challenge of managing cyber risk goes away. IBRS clients have been telling us that the frequency with which they are being asked to report on cyber security to their boards has increased. Now, four times a year is the minimum, and the board members are asking better, more in-depth, questions. The CIO Cyber and Risk Network is a vendor independent forum for CIOs to share with and learn from each other. 

Who can participate?

The CIO Cyber & Risk Network is a service for CIOs who are accountable for cyber security as part of their role.
To ensure that trusted relationships can develop, and provide an experience of continuity within the group, CIOs invited to participate will not exceed 20
The CIO Cyber & Risk Network is an invitation only forum. This is to ensure that the forum is not swayed by vested interests, and that the participating CIOs are assured of the confidentiality of the discussion.

Format

4 gatherings per year. Each gathering will be for 4 hours; 2 hours as a formal facilitated discussion and a 2 hour informal session which is an opportunity for the CIOs to have the 1:1 and small group conversations to follow up to the formal session.
IBRS will facilitate each gathering.
IBRS will also coordinate any external guests.
All gatherings are closed door, and held under the Chatham House Rule.
A summary of findings is distributed after each gathering
Participate in a distribution list of like minded CIOs
Should a CIO not be available to attend a gathering, sending a direct report is possible but discouraged. If direct reports are sent too often, as determined by the group, the CIOs’ invitation to participate may be withdrawn and no refund will be offered.

Highlights

CIO Cyber & Risk Network August 2018
The Cyber and Risk Network August gathering focused on four areas;
Incident Response & GDPR
Maturing Cyber Security functions - participants highlighted four very different approaches
Scaling Cyber Security functions - participants discussed six different strategies
Validation of Controls
Technical sharing among the participants provided some good market insights into new and established vendors offering security solutions

Conclusion: This month, discussions regarding data-driven products and associated services have been prominent. There has been an increased interest in offerings that facilitate the collection, measurement and quantification of useful data, then translation to optimise business operations or internal processes. These types of offerings are particularly useful when automating functions, identifying and tending to inefficiencies and resolving intractable problems. New regulatory standards, increased competitive pressures, growth opportunities in evolving markets and responding to customer behaviours and preferences are critical issues for clients. Managed service providers need to be sufficiently flexible when providing offerings that incorporate data-driven services that can support changes in a company’s organisational culture, business processes and internal management frameworks.


Register to read more...


Conclusion: IT organisations revisiting their service contracts as a result of mergers and acquisitions should establish a federated vendor management arrangement. The rationale is to ensure central consistency while retaining local autonomy to address tactical matters. For example, the central consistency demands leveraging the economy of scale to reduce cost, whilst the local autonomy allows the extension of services scope to cover local requirements without the need to change the local vendor management arrangements. However, the local autonomy should be governed by verifiable policies.


Register to read more...


Related Articles:

"Delivering IT-as-a-Service requires an Enterprise Architecture for IT" IBRS, 2017-09-02 01:42:22

"Mergers, Acquisitions and Divestitures: What does it mean to your business?" IBRS, 2017-01-01 10:35:33

"Running IT as a Service Part 1: Prerequisite Building Blocks" IBRS, 2014-10-01 18:33:12

"What to do when your vendor gets acquired" IBRS, 2003-07-28 00:00:00

Conclusion: Organisations undertake strategic planning activities on a regular basis, whether it be every three years or a rolling review every 12 months, to establish goals for the following three years. However, a review of many strategic plans and more specifically the resulting programs of work are often developed from the perspective of the project rather than the business benefits being sought. Understanding each investment and plotting that investment within an investment matrix will provide executives with a perspective about the balance of their ICT investment portfolio. Strategic investment goals such as planning an allocation for innovation will support execution of plans and achieving strategic goals.


Register to read more...


Related Articles:

"Benefits management: Keeping it real" IBRS, 2018-07-05 03:02:17

"Is your organisation addressing the three dimensions of IT planning?" IBRS, 2017-11-02 04:14:17

"Project review: Active assurance" IBRS, 2018-03-06 07:02:37

"Tips for improving and monitoring ICT project governance" IBRS, 2018-07-05 03:12:50

Conclusion: Organisations planning to transform their business operations using IT must develop a shared vision of how to use IT to enable the transformation. Failure to provide a vision will frustrate attempts to implement the transform agenda, demotivate employees and, if false starts occur, could adversely impact business relationships with suppliers and clients.


Register to read more...


Related Articles:

"Digital Strategy Part 1: What are the traits of digital leaders?" IBRS, 2018-02-01 10:26:23

"IT management leadership role in risk management" IBRS, 2018-05-04 18:43:08

"Innovation: Taking action in 2018" IBRS, 2018-08-01 09:14:16

"Know how to sell ideas and support the digital strategy" IBRS, 2018-08-01 09:46:03

Conclusion: Being able to deal with workplace conflict quickly and effectively reaps many rewards. There are different strategies that can be used to deal with the differing types of conflict in the workplace. Being mindful that personality classifications are fluid states of being, i. e. there is no such thing as a pure introvert or extrovert1, in a recent survey2, slightly over 50 % of IT professionals classified themselves as introverts, another 20 % as extroverts and a quarter as “ambiverts” (neither one nor the other). So there is also a requirement to be mindful of what strategies work well (or not) with the differing personality traits of all involved at the time.


Register to read more...


Related Articles:

"Benefits of a great working relationship with the CIO" IBRS, 2018-06-01 04:12:19

"Future-proofing your ICT team: Predictions and mitigation" IBRS, 2018-02-01 10:12:40

"Virtual Teams need new skills and behaviours" IBRS, 2017-03-04 16:53:02

Conclusion: Technology leaders in organisations brought together through a merger or acquisition (M&A) play an extremely important role and can significantly impact the potential economic benefits and success of the M&A. IT needs to align with the business units to understand how the business units are going to align or change through the M&A. IT must then develop plans and execute on appropriate IT strategies to support the new organisation.

M&As provide organisations with the opportunity to rationalise, deduplicate, and modernise especially in the areas of applications, data, infrastructure and facilities.

Whilst keeping the existing systems operational, IT should set up specific integration teams, to quickly develop the direction and priorities that will be of most importance and value to the new integrated organisation.


Register to read more...


Related Articles:

"Dealing with conflict in an IT environment" IBRS, 2018-09-04 13:35:55

"Mergers, Acquisitions and Divestitures: What does it mean to your business?" IBRS, 2017-01-01 10:35:33

"Running IT as a Service Part 4: Transforming from Service Level Agreements to Service Value Agreements" IBRS, 2015-01-29 18:59:44

"Running IT-as-a-Service Part 46: Mergers and acquisitions impact on service contracts" IBRS, 2018-09-04 13:46:42

In the News

Managed security: a big gamble for Aussie IT providers - CRN - 02 August 2018

TechSci Research estimates the Australian managed security services (MSS) market will grow at a CAGR of more than 15 percent from 2018-23 as a result of the increased uptake of cloud computing and...
Read More...

Kids, Education and The Future of Work with Dr Joseph Sweeney - Potential Psychology - 25 July 2018

What is the future of work and how do we prepare our kids for it? Are schools and universities setting kids up for future success? Does technology in the classroom improve outcomes for kids? Should...
Read More...

PageUp starts rebuilding and looks to learn lessons after data breach nightmare - AFR - 27 June 2018

The timing couldn't have been worse for PageUp; two days before Europe's new data protection regime came into force the Melbourne-based online recruitment specialist's security systems detected...
Read More...

Australia is still in the cyber security dark ages - AFR - 28 June 2018

In terms of cyber security years, Australia is still in the dark ages, a period typified by a lack of records, and diminished understanding and learning. We're only a few months into practising...
Read More...

AMP does maths on infosec shortage - ITnews - 18th June 2018

Cyber security and risk advisor at analyst firm IBRS, James Turner, said the cyber skills shortage was prompting a wider rethink around the domain in terms of resourcing for the last few years....
Read More...

Subscribe to IBRS Updates

Invalid Input
Invalid Input
Please enter a valid email address
Please enter your mobile phone number
Invalid Input

Get in-context advice from our experts about your most pressing issues or areas of interest

Make an Inquiry

Sitemap

Already a subscriber?

Login to read your premium content.

        Forgot your password?
Recently Viewed Articles