CSC World Winter 2013
Transcription
CSC World Winter 2013
Winter 2013 WORLD Avis Budget’s Road to Customer Value Inside the Company’s Journey to Grow Revenue with Big Data Analytics INSIDE Big Data Meets Presidential Politics 9 Cloud Computing Predictions for 2013 Technology Helps Fight a Deadly Disease Cybersecurity for Industrial Control Systems let the data be your guide How do you navigate today’s business challenges without a map? CSC’s Big Data and Analytics services allow you to identify faster routes to your business goals. Our offerings help you stay on course during your business journey, no matter what the terrain. Our data-driven insights quickly lead clients to reliable results. That means enabling faster innovation and decision making for greater profitability and growth along the way. Learn more about how CSC can help you use your data as a guide: csc.com/big_data. WORLD DIRECTOR, GLOBAL BRAND & DIGITAL MARKETING Nick Panayi Inside CSC World Big Data: It’s No Joke EDITORIAL DIRECTOR Patricia Brown Senior managing editor Jeff Caruso Big data has typically been about the biggest brains in organizations looking for big solutions to big problems. For years, business intelligence has been the domain of people planning strategy over a relatively long time horizon, using tools and tactics that were cumbersome and often counterintuitive. You quite literally had to be a rocket scientist to understand what the huge amounts of data meant to the organization. Senior editor Chris Sapardanis But all of this is changing. Advanced processing power and rapidly maturing analytics technology are Contributing Writers Jim Battey Dale Coyner Peter Krass Jenny Mangelsdorf Art director Deric Luong Design & production Creative Services — P2 CSC colliding with a growing appetite among executives for in-depth, customer-based information. As a result, we are seeing new demands from every level of the organization to access vast amounts of information in support of day-to-day — even minute-to-minute — decision making, not just long-term planning. In other words, the most successful entities — whether they are companies, agencies, political parties or even individuals — are not just those that can apply economies of scale to produce competitively priced offerings. Instead, the winners will most likely be those who can microtarget, delivering what different segments of the market want based on a local understanding of conditions and circumstances during specific customer interactions. www.csc.com THE AMERICAS 3170 Fairview Park Drive Falls Church, VA 22042 United States +1.703.876.1000 Asia 20 Anson Road #11-01 Twenty Anson Singapore 079912 Republic of Singapore +65.6221.9095 Australia Take the case of CSC’s own Gary Jackson, who works with companies worldwide on developing big data strategies. He is very serious about big data. But he is also a very funny guy. Seriously, he’s funny. A couple of months ago he swung by D.C. from Hong Kong, and one evening a group of us saw him deliver his routine at a downtown comedy café. Comedy is truly a high-wire act, and Gary will tell you that every room is different. This is especially true if you cross continents and cultures. So, how is he able to leave us all laughing? He has learned how to capture the mood of the room and the moment. Only then can he segment the crowd to carefully choose the material he will present. A joke, or a product, cannot be delivered in exactly the same way in different places to different cultures in a successful manner. Organizations that understand this will increasingly provide more employees access Level 6/Tower B 26 Talavera Road Macquarie Park, NSW 2113 Sydney, Australia +61(0)2.9034.3000 to big data resources and offer business intelligence tools to support routine interactions. Europe, Middle East, Africa has a new marketing science organization, a new customer value model, and a new marketing campaign Royal Pavilion Wellesley Road Aldershot, Hampshire GU11 1PZ United Kingdom +44(0)1252.534000 CSC WORLD (ISSN 1534-5831) is a publication of Computer Sciences Corporation. Copyright ©2013 Computer Sciences Corporation All rights reserved. Reproduction without permission is prohibited. Comment on what you’ve read in CSC WORLD at www.csc.com/cscworld. Or write: CSC WORLD 3170 Fairview Park Drive Falls Church, VA 22042 USA This is clearly illustrated in our big data cover story, “Avis Budget’s Road to Customer Value.” Like many businesses, Avis Budget had loads of customer data with no clear way to analyze it. Today, the company and technology toolset. All of this has led to improved customer loyalty and improved profitability. Best of all, it has helped the company increase its revenue by $200 million. In the article, “Big Data Meets Presidential Politics,” we show how the Obama campaign successfully used big data analytics to gain votes. The campaign deployed a team of technologists who built a sophisticated data platform code-named Narwhal to help segment, track and microtarget voters. And don’t miss the piece by Sashi Reddi, VP and general manager of CSC’s Big Data and Analytics group, which identifies four big data trends you should be tracking. We hope you enjoy the issue and take the opportunity to visit and interact with us online. CSC World is also available at www.csc.com/cscworld, where you can subscribe, comment on stories, watch accompanying videos or download mobile versions. Best, Patricia Brown Editorial Director, CSC World www.csc.com/cscworld WINTER 2013 | CSC WORLD 1 CSC WORLD | winter 2013 | VOLUME 11 | NUMBER 4 14 28 22 36 8 4 NEWS big data Mergers-and-acquisitions activity dominates the end of 2012; a new center of excellence for mobility opens, and CSC’s Yogesh Khanna wins a CTO Innovator award. Customer intelligence is just one example of big data’s value. As the technology evolves, big data is expected to accelerate a number of important trends in 2013. 6 heard on csc.com Experts are coming to CSC.com to make their voices heard, in CSC Town Halls, online communities and Ingenious Minds blogs. cover story 8 Avis Budget’s Road to Customer Value 2 Technology is disrupting the rental car business. For Avis Budget Group, a new emphasis on big data analytics could hold the key to achieving significant growth in the United States and abroad. CSC WORLD | WINTER 2013 12 4 Ways Big Data Will Transform Business 14 Big Data Meets Presidential Politics In the 2012 presidential election, the Obama campaign successfully used big data analytics to influence voters. Enterprises can apply these same tactics to influence customers and drive sales. Executive Perspective People are living longer than ever before, largely as a result of improved public health and medical care. But as we start the second century of mass medicine, healthcare systems are under stress. 16 Better Coordination, Better Health 17 Australia’s World of Opportunity Australia is the center of the world. Don’t believe it? Gavin Larkings, vice president and general manager of CSC Australia, discusses the importance of natural resources, China and emerging tech in his region. financial services 18 iPad App Appeals to Younger Clients New ON CSC.COM As one of the oldest banks in Europe, Van Lanschot keeps in step with client needs. But company growth has brought in a younger clientele and has the bank rethinking its digital presence. Infographics Central: Explore key trends and data in visual and interactive ways with a collection of CSC infographics on emerging technologies such as cloud computing, big data and mobile banking. csc.com/Infographics 20 Is That Really You? Instant payments, paperless check deposits and one-touch transfers have made online banking wildly popular with customers. But the threat of fraudulent payments and identity theft is up as well. HEALTHCARE When scientists need access to information on medical topics such as human genetics and flu outbreaks, they turn to the National Library of Medicine. CSC supports this vast repository of healthcare data. CSC Town Halls: Join a continuing series of online conferences on IT topics that matter to you, featuring CSC experts and special guest speakers ready to answer your questions. csc.com/TownHall 22 Scientists Explore the Origin of Outbreaks Online Success Story Briefing Center: View video success stories featuring CSC subject matter experts, clients and global partners or search hundreds of stories that cover a wide range of solution areas. csc.com/Success_Stories 24 Technology Helps Fight a Deadly Disease At least 1.8 million people die from sepsis each year. CSC’s CareVeillance™ real-time clinical surveillance tool is helping The University of Kansas Hospital detect the disease early and save lives. CYBERSECURITY Cybercrime and data breaches are among the most common worries keeping healthcare CIOs up at night. Healthcare organizations must pursue an enterprise-type approach to securing data. 26 How Hospitals Can Immunize Against Hackers 28 Cybersecurity for Industrial Control Systems: The Time Is Now Research 36 Where ‘Mad Men’ Meets ‘Math Men’ Marketing is marketing, technology is technology, data is data, and never the three shall meet — right? Not so, says Frank Cutitta, a research associate in CSC’s Leading Edge Forum. 40 Open Source: It’s Not Just for Software Anymore The need for strong cybersecurity on industrial control systems is great. These systems — vital to the chemical, electrical, water and other industries — are increasingly under attack. cloud computing applications 30 Understanding Cloud and How to Buy It CSC and EMC sponsored the Outsourcing Center’s Cloud Buyer’s Guide, to provide a better understanding of cloud and how it differs from traditional IT outsourcing. 32 Overcoming the Fear of Cloud Despite cloud’s high adoption rates, lingering doubts about data security remain, according to Information Security Media Group’s 2012 Cloud Computing Security Survey. 34 How ‘Everything as a Service’ Can Save CIOs Money Today, nearly any type of hardware, software, IT process or business process can be offered as a cloud-based service. It’s called “Everything as a Service,” and the benefits to the enterprise are many. IT’s influence is growing beyond the server room to rewrite basic business strategy. A new CSC Leading Edge Forum study points to open source software as key to its expanding sway. 42 ‘Mobile First’ Movement Drives Application Design The rapid adoption of smart mobile devices has redefined industries and spawned new ones in just a few short years. That shift is also causing companies to rethink application development strategy. Last Word The cloud changes nearly everything, including IT’s relationship with the business. Siki Giunta, vice president and general manager of CSC Cloud Computing and Software Services, predicts major developments coming this year. 44 9 Cloud Computing Predictions for 2013 WINTER 2013 | CSC WORLD 3 news CSC’s Transformation Takes Big Turns in 2012 Another major transaction was designed to bolster the company’s big data offerings. In October, CSC acquired 42six Solutions, a premier software development company that specializes in big data processing and analytics, and advanced applications support for the U.S. Intelligence Community (IC) and the Department of Defense. “Data services and analytics capabilities are rapidly becoming essential elements of commercial and government operations, and these product offerings hold unmistakable benefits to the intelligence community,” says Sashi Reddi, vice president and general manager, Big Data and Analytics, CSC. “This acquisition aligns directly with CSC’s strategy of offering customers greater value through big data expertise and intellectual property.” In other divestitures, CSC reached an agreement with Adcorp, South Africa’s largest employment services company, to sell Paxus, CSC’s Australian IT staffing unit. The total value of this all-cash transaction is expected to be $73.5 million. In work that began with the hiring of a new CEO in March 2012, CSC’s turnaround plan hit major milestones in recent months. The 54-year-old company is forging ahead with an aggressive transformation initiative to rebalance its portfolio of services and focus on next-generation technology solutions and services. In its largest move to date, CSC sold its credit services unit to Equifax for $1 billion in cash. The after-tax proceeds from the sale of the business will be approximately $750 to $800 million, based on preliminary plans. CSC intends to use $300 to $400 million to repurchase shares, contribute $300 to $400 million to its pension plans and apply the remainder to general corporate purposes. CSC’s credit services unit had owned credit files in 15 Midwestern and Central U.S. states representing 20% of the U.S. population, and had been the largest independent U.S. consumer credit reporting agency and an Equifax affiliate for more than 20 years. 4 CSC WORLD | WINTER 2013 “Our turnaround is tracking to plan. We are transitioning to our new operating model and we are aligning our assets with our strategy of leading the next generation of technology services and solutions. Our cost takeout initiatives are yielding results as demonstrated by higher profit margins in all three lines of business when compared with the prior year. As a result, we are raising our target for fiscal year 2013 EPS from continuing operations to $2.50 - $2.70,” says Mike Lawrie, president and CEO. “During the quarter, we divested certain non-core businesses and we are using the proceeds to return cash to shareholders through our share buyback program and incremental contributions to our pension plans.” Also in October, as part of its ongoing service portfolio optimization, CSC entered into an agreement with Dedagroup, an Italian IT services company, for the sale of the consulting and systems integration services part of its business in Italy. After the transaction reaches final agreement, CSC will retain a presence in Italy and continue to provide a select portfolio of services, including cloud, financial services, infrastructure, business process outsourcing and healthcare offerings, to multinational companies. CSC will also retain corporate financial services products, solutions and services for CSC’s international accounts. Under the terms of the agreement, Dedagroup will assume from CSC all pan-Italian consulting and systems integration projects, as well as fashion industry software products and services. CSC’s Yogesh Khanna Wins CTO Innovator Award Yogesh Khanna, chief technology officer (CTO) for CSC’s North American Public Sector, won the 2012 Government Contractor CTO Innovator Award in the large company category from the Northern Virginia Technology Council (NVTC) and Washington Technology. The award was presented on November 12 at NVTC’s annual TechCelebration banquet. Khanna’s award recognizes his instrumental role in establishing CSC’s data center consolidation and cloud go-to-market strategy and offerings. He also developed a strategic roadmap for product offerings to support the Federal Data Center Consolidation Initiative and to help CSC’s clients migrate to the “as-a-service” consumption model. In addition, he established an Innovation Task Force, comprising CTOs who represent their respective divisions at CSC. Mobility Center of Excellence Opens in India With mobility creating new disruptions in the enterprise, CSC has established a Mobility Center of Excellence that serves as a focal point for the company’s worldwide mobility resources and a base for research and development, testing, demonstrations, creation of custom prototypes and definition of best practices. “Mobility has become a strategic priority for many enterprises,” says Chirag Srivastava, head of CSC’s Mobility Center of Excellence. “However, the opportunities generated by mobility may instigate significant technology and organizational change.” To address that change, the center, based in Noida, India, has opened research and development laboratories in Noida, Hyderabad and Bangalore, created tools that speed solution development, and established processes and project-execution models to help clients stay ahead of the mobility curve. CSC has a legacy in mobility, creating mobile solutions when wired solutions weren’t viable, such as in space or deep in the earth. Today, the company’s mobility solutions continue to evolve with innovation, providing a scalable, manageable, step-by-step approach to mobile-enabling processes, people and assets. “On the road or in the office, business must go on,” says Srivastava. “Our approach is based on proven technologies and process-transformation methodologies to help clients achieve rapid results from their mobility investments.” Learn more about CSC Centers of Excellence at csc.com/COE. “Yogesh has remarkable passion for and proficiency in delivering results that government customers and internal colleagues value,” says David Zolet, executive vice president and general manager of CSC’s North American Public Sector. “He leverages more than two decades of experience to continuously drive next-generation solutions that help our customers meet their missions and achieve greater efficiencies. I continue to be impressed by his technical acumen and engaging approach.” Khanna leads the development and implementation of the government cloud strategy and is an active contributor to CSC’s global cloud computing initiatives. He recently served as a commissioner on the TechAmerica Foundation Big Data Commission. He is frequently sought after for his opinions and perspectives by media, appearing on Federal News Radio and WTOP News in Washington, D.C. He also participates in panel discussions at industry conferences, presenting frequently at technology and business solutions conferences. This annual award recognizes CTOs within the region’s government contracting community for their critical contributions to achieving results for their customers and their leadership within their own companies. The winner was chosen by an independent panel of leaders from the government contracting community. Watch Yogesh and His Team in Action: From Ideation to Reality — Inside a CSC Innovation Center csc.com/innovation. Learn more at csc.com/newsroom. WINTER 2013 | CSC WORLD 5 Heard on CSC.com Experts inside and outside of CSC are coming to CSC.com to make their voices heard, in CSC Town Hall webcasts, our online communities and our Ingenious Minds blogs. Here are some highlights. Cloud cover In years past, when you spent time making IT better for your agency, you were probably making it harder to communicate with other agencies. Now managers see [cloud computing] as a way to jump over cultural and technical barriers they had created in the past. You don’t have to blow up what everyone has; you just build over it with applications offered as a service. Gen. Michael Hayden Former CIA and NSA Director csc.com/townhall/shadowIT The new breed of data scientist If you are having a hard time finding and hiring data scientists, you are probably looking for them in the wrong places. Data scientists are not necessarily graduating from universities with degrees in math, statistics or science. They could be graduating from your local school of art and design with a degree in digital media. … There is a massive shift around analytics that our current university graduate is not prepared for. Most university graduates know how to use various analytical tools. They also understand the statistics underlying the tools, but they cannot “abstract” or “story tell” as is demanded in the current market. Gary Jackson Director of Business Analytics at CSC csc.com/ingenious_minds/blog/Gary 6 CSC CSC WORLD WORLD || WINTER WINTER 2013 2013 Understand the Practical BYOD challenge The bring-your-own-device (BYOD) trend requires a lot of architectural planning and engineering, and it’s treated just like any large-scale business transformation project. It requires everyone — help desk, network engineers, server admins, architects of a dozen talents, accountants, legal experts and most important of all, end users — to come up with a solution that’s a) workable; b) useful; c) affordable. Using your iPhone to check your company email might seem effortless and easy, but it’s complex stuff. If we’re doing it, we need to know what we’re letting ourselves in for and how much of an open season we really want to declare. Mikio Tsunematsu Networks Specialist innovation People tend to think of innovation as cutting-edge technology, pie-in-the-sky. But innovation is also about cost, figuring out how to deliver a product a number of times more cheaply. I think that’s going to become increasingly important as you have a government customer with a constrained amount of funding that will be looking for low-cost providers for the solutions it needs. Joe Anselmo Editor-in-Chief, Aviation Week & Space Technology magazine Town Hall: “Aerospace & Defense Industry Searches for Solid Ground” csc.com/townhall/aerospace_defense CSC Blog in CSC’s CIO Engage community community.csc.com/community/cio-engage/byo-pita Rise of the machines Machine-to-Machine: It’s the Internet of the future. There will be two or three major distribution chains that will use more and more machine-to-machine or credit-card-by-phone networks to sell you, say, a Diet Coke at a ball game. In fact, the Olympics in Brazil will be a total M-to-M type of Olympics. Siki Giunta Vice President and General Manager, Cloud Computing and Software Services at CSC csc.com/cloud2013 Value evangelists Organizations have at least three ways to get value from IT: better management of IT itself, better management of business processes, and enhancing the customer experience, through smart uses of data, new services or new products. We need to raise awareness about the kind of value IT can bring to an organization, and then the senior leadership team needs to be clear about who in the organization is responsible for pursuing and achieving and sustaining those three sources of value. Nils Fonstad Associate Director, INSEAD eLab Town Hall, “CIO Barometer: The Rapidly Evolving Role of IT Leadership” csc.com/townhall/CIO_barometer WINTER 2013 | CSC WORLD 7 Cover STORY Avis Budget’s Road to Customer Value Inside the Company’s Journey to Grow Revenue with Big Data Analytics by Chris Sapardanis Technology is disrupting the rental car business. In a post-recession market, intense competition is forcing companies to offer new and better services to customers. The resulting touchscreen kiosks, mobile apps and car-sharing options are recent proof of a global $50 billion industry’s innovation awakening. 8 CSC WORLD | WINTER 2013 For Avis Budget Group, a leading global vehicle rental services company, and the only one operating two truly global brands, a new emphasis on technology, data analytics and marketing could hold the key to achieving significant growth in the United States and abroad. A postrecession plan Back in 2009, nobody was talking about big data. In the midst of the Great Recession, with millions of jobs lost in the United States between Sept. 2008 and Sept. 2009, companies were cutting back significantly on employee expenses such as business travel, and the uncertain economic outlook led many consumers to postpone or cancel their leisure travel plans. The recession’s toll on travel meant a reduced demand for rental cars at airports, which lowered revenue for rental car companies. But instead of keeping their heads down until the economic storm passed, executives at Parsippany, N.J.-based Avis Budget began formulating a plan to identify new opportunities and grow their business using customer data. “The recession was the time to revise our strategic thinking, and say, ‘When we come out of this, and we will come out of it, what is the investment that our company should make in order to enhance the post-recession customer’s experience and drive loyalty, revenue and profit for the company,’” says Tom Gartland, president of North America at Avis Budget Group. “When we first started talking about a customer relationship management (CRM) and loyalty program, the car rental industry was seen by many as a commodity business,” he says. “We had the opportunity to change that paradigm, that by the right customer execution, service excellence and an enhanced loyalty program, we would be seen by our potential clients as different from competitors.” Working with a big data team from CSC, Avis Budget began one of the most important programs in the company’s history. Their first goal: grow market share. “Avis is the leader in commercial car rental in North America,” Gartland says. “We have the No. 1 position when we talk about car rental for commercial travelers and a 64% share of their wallet. But we still have the opportunity for an additional 36%.” The same is true of Budget. “Budget is more of a leisure brand, and we have about 45% share of wallet with the normal Budget client,” he says. “How do we capture that incremental 55% share of wallet, so in their decision set they’re always thinking of using the Budget brand? If we could do that, we could add over two billion dollars of incremental revenue to the North American business.” A customer-centric plan The result of Avis Budget’s strategic planning during the downturn gave birth to the company’s focus on CRM. A customer value segmentation roadmap would be the starting point. CSC was chosen to help implement a program that would enable Avis Budget to derive new insights from their customer data and take informed channel-specific actions to market programs and services. “Before we arrived and started to work with Avis, the company was a transaction-based company,” says Alex Black, a senior partner in CSC’s Analytics Insights and Information practice. “Avis had a lot of transaction information but none of it was aggregated by customer.” Data-driven growth In the information age, data is a valuable asset. Research firm IDC is predicting a big data market that will grow revenue at 31.7% a year until it hits the $23.8 billion mark in 2016. For companies such as Avis Budget, the potential to mine their data — and derive actionable marketing insights — is practically limitless. CSC defines big data as data that consists of large volumes, high velocity or variety. Avis Budget’s challenge concerned elements of all three components. The company had significant volumes of transaction data that needed to be analyzed for real-time actions (offers, service treatments, etc.) and an accelerating volume of unstructured data coming in from its website, call center, emails and social media channels. Alex Black, a senior partner in CSC’s Analytics Insights and Information practice (left), and Tom Gartland, president of North America at Avis Budget Group WINTER 2013 | CSC WORLD 9 cover STORY CSC’s initial work with Avis Budget was to help it define and implement a customer-led, service-driven vision. Both the Avis and Budget brands would benefit from the program. “What we were focusing on was to start with a customervaluation approach,” says Black. “Let’s build a model, determine who the most valuable customers are and figure out how to concentrate on them by doing some extra special things. That meant a lot of data work, a lot of campaign-management work and a full program that included really transforming the entire organization.” “Then we really focused on the top-value segments to drive offers and treatments, as a way to engender loyalty,” Black says. “At the same time we were careful not to discriminate against lower-value customers because they might be high potential in the future. All of those nuances got involved in applying the results of the model.” Better service via data The car rental business seems pretty straightforward until you pull the skin back. The complexity begins when one considers all of the different touch points and systems. “Ultimately, Avis Budget is trying to create a differentiating experience every time someone rents a car,” Black says. “That’s a challenge, because car rental seems like a commodity to a lot of folks.” To validate the modeling, CSC helped Avis Budget develop and run six marketing campaigns powered by IBM Unica’s marketing campaign management tool. Despite the extreme complexity of running multichannel campaigns using a new system, in a short time frame, the effort solidified the power of the customer model, and actually generated additional revenue while the program’s work continued. The first step in the CRM program with Avis Budget was developing a customer intelligence roadmap. In six weeks, CSC delivered a three-year plan that outlined what business, technology and organizational projects were needed, broken down by costs, timelines and dependencies. A 360-degree view The more you know about your customers, the better you can serve them. Powered by IBM’s Master Data Management for Customer application, Avis Budget’s customer value scores are part of a 360-degree view of the customer that also includes rental history, service issues, demographics, corporate affiliation and customer feedback. “A value model predicts a customer’s future value,” Black says. “Avis had never done any customer value segmentation before. So this was a great starting point. It made a lot of sense to focus on, first and foremost, your most valuable customers and offer them a way to move the dial on their business.” 10 After the lifetime value model was developed and approved, implementation began. CSC applied the model to Avis Budget’s 40-million strong customer database. Customers were stack ranked from the top down into value segments. CSC WORLD | WINTER 2013 In order to develop further customer insights, CSC helped Avis Budget develop and launch an advanced analytics team named the Marketing Sciences Organization, including defining key roles and interviewing candidates. Fully launched six months ahead of schedule, Avis Budget’s new focus on customer value segmentation is gaining steam. The company is experiencing the benefits of big data analytics and a customer database organized by brand, segment and other key factors. “The first thing our analytics told us was that we weren’t capturing all of the potential rentals from our existing clients,” says Gartland, who is responsible for operations, sales, marketing and customer care for Avis Budget across the United States and Canada. “We were missing something — which was really rich data. And what the data said to us is that there were opportunities to create relationships and provide offers that met client needs.” The data also told Avis Budget that there was significant opportunity for customer upgrades. The company now has the information to appropriately enrich offers to upgrade, based on customer loyalty or different value propositions. The project has already helped Avis Budget increase incremental revenue by $200 million. Unstructured social data A major source of unstructured data for Avis Budget is social media. In fact, that’s a growing trend for most companies. The Nielsen Company found that one in three social media users with a customer service issue prefer to use social media, instead of calling the company’s customer service department. “Today, any given company can have a customer service problem that can go viral, and then the whole world knows about it within hours or days,” says Gartland. “Companies that fail to immediately address customer service problems, who do not manage these situations as potential customer recovery opportunities, are putting their brands at risk.” To manage the company’s presence in the social space, as well as collect valuable data, Avis Budget’s global social media team monitors mentions of the company’s brands across social channels. “We have a recovery process in place, so if it’s a complaint or a customer service issue, we can recover immediately, or reach out to that customer and solve the problem,” Gartland says. In addition to improving customer interactions, CSC is helping Avis Budget capture this unstructured data. During the customer value model implementation, CSC led a side project called a “voice-of-the-customer” roadmap. This project identifies the sources of feedback, figures out how that data can be harnessed and then puts it into an environment where it can be analyzed and acted upon. Client: Avis Budget Group Challenge: •Maximize customer lifetime value •Meet customer service expectations •Build customer loyalty Solution: •A new Marketing Sciences Organization •A new customer value model •A new marketing campaign and database technology toolset Results: •Improved customer loyalty •Improved profitability •Increased revenue by $200 million About Avis Budget Group: Avis Budget Group is a leading rental car supplier that serves the premium commercial and leisure segments of the travel industry. Budget also operates one of the leading truck rental businesses in the United States. Avis Budget Group and its subsidiaries and licensees provide a range of vehicle rental services through 10,000 rental locations in approximately 175 countries. The company has three operating regions: North America; Europe, Middle East & Africa (EMEA); and Latin America/Asia Pacific. Avis Budget Group has approximately 29,000 employees and is headquartered in Parsippany, N.J. Watch our Avis Budget Group Success Story Videos at csc.com/avis. “We are now able to understand whether it’s a customer offer, whether it’s a customer complaint, or whether it’s an opportunity to recover if there’s a customer service issue,” Gartland says. “We now better understand the lifetime value of the people in our database. And we can change our behavior. Our behavior can match the customer service expectation and the value of that customer for life.” CHRIS SAPARDANIS is a senior editor on CSC’s digital marketing team. WINTER 2013 | CSC WORLD 11 4 Big Data ways Big Data by Sashi Reddi Will Transform Business Big data is poised to exploit previously untapped efficiencies, deliver new innovations and create value. He didn’t realize it, but the ticket agent at the counter was about to make an expensive mistake. “He said he could put me on standby — no problem — and I felt grateful,” recounted a colleague, telling me of her recent misadventure. But then he said, ‘That’ll be $75 for the change.’” The agent didn’t know, and his system couldn’t tell him, that even though her longtime elite status had expired with this particular airline, my colleague was still an avid traveler whom they might want to win back — one who rightly expected some small consideration, a nuisance fee waived, as thanks for her past and, more important, her future loyalty. Big data expands customer intelligence From a customer’s perspective, it’s a simple question to answer: “Don’t you remember me?” For any enterprise with hundreds to millions of customers, that recognition doesn’t always happen. That’s changing. As our spotlight on Avis Budget notes, the company uses big data to identify its most valuable customers today and tomorrow. And it’s doing so without penalizing customers who aren’t frequent renters. 1 How? Big data differs from narrow applications that look at just one source of data, yielding small answers. Big data examines a broad range of sources that include structured information such as purchase histories, customer relationship management (CRM) data and intelligence from industry partners, as well as unstructured information such as social media. In the case of the airline, those partners could include credit card companies, hotels and other travel industry sources. Big data analytics also brings unstructured data into the fold, information gleaned from social media feeds, blogs, videos and other sources. Sorting through this information would have helped the airline answer a big-picture question that companies have struggled for decades to answer: How do we treat all of our customers like rock stars? Expanding customer intelligence is just one trend. As the technology evolves, using big data will accelerate three other trends over the coming year. 12 CSC WORLD | WINTER 2013 2 Big data improves operational efficiencies Big data will finally forge the last links of the value chain that will help companies drive more operational efficiencies from existing investments. That feedback loop is created by data generated in the field, and it’s growing at a pace that’s hard to comprehend. Sensors on a single commercial aircraft generate 20 terabytes of data an hour. Automobiles are reporting back data collected from onboard sensors and dealer service systems. And let’s not forget the growing tide of RFIDequipped vehicles, crates and packages. CSC’s BIG DATA AND ANALYTICS PRACTICE We offer consultancy and solutions to help organizations gain competitive advantage by executing on insights gained through the combination of internal and external information sources. If your challenge is determining where to find the right information and how to use it to drive the outcomes you require, our Big Data & Analytics experts can help. Learn more at csc.com/big_data. These incredible repositories of data, combined with machineto-machine interaction, are fueling a new wave of predictive analytics, services that enable equipment such as airplanes to determine their own maintenance schedule, alerting the supply chain to ensure that the needed parts arrive at the right place at the right time. For example, a delivery company with trucks in the field can improve on first-generation, efficient-routing tools by using smarter tools that can anticipate traffic conditions along certain routes at a specific time of day or create a new route in response to information about an accident that just occurred or information that’s input by the driver. Big data is moving from the realm of data scientists into everyday business transactions and encounters. In call centers, analytics-infused CRM systems can review multiple data sources in real time to suggest offers that a representative can present to a customer. At the doctor’s office, analytics integrated into a health maintenance app may improve outcomes by presenting the physician with informed suggestions and next steps to consider in treating a patient. No time to lose — big data and analytics go “as a service” Building an internal big data department stacked with petabytes of storage, rows of blade servers and a team of data scientists isn’t within the reach or a desired core competency of every company. In an earlier time, spreadsheets were the de facto tool and best friend of marketing managers, collecting data from campaigns and digesting it into rough but valuable insights. Ask them how that’s working now. Insurance companies, which have long been data driven, will benefit significantly from the introduction of big data. Industry-specific analytics will help them speed claims processing while reducing costs and spotting potential fraud by use of analytics-backed solutions that can determine whether a claim can be processed automatically or should be flagged for review by a specialist. The avalanche of inputs from social media and other unstructured information that is characteristic of big data doesn’t fit the spreadsheet model any longer. The volume, variety and velocity of data have made it too complex to analyze using old-school tools, and not everyone wants to become a data scientist. 3 Big data + mobile means new business processes As companies become more data-driven, it’s only natural that those insights find their way into the hands of people who can put them into action. Mobility will accentuate the impact of big data on both customer intelligence and operational efficiency by making everything immediately actionable. Armed with immediate decision-making capability and intelligence on your mobile phone, you will be able to implement new business processes that will change how business is done. Adding mobility to big data means enabling frontline employees with real-time insights, when and where they need them. Those insights will come from blending data in motion — information that’s changing on the fly — with data at rest. Mobility also enables real-time data collection from the field, adding to the pool of knowledge that will drive insights in another part of the system. 4 That’s where data and analytics offered as a service will help. Companies of any size can employ big data by sharing a pool of scientists and resources, getting the expertise they need without venturing beyond their core competencies or taking on a big fixed expense. Speaking of expense, that brings me back to my colleague and the ticket agent. How did she fare? “Well, I paid the fee because I really had no choice at that point,” she said. “But I do avoid booking with that airline when I can.” That’s an important and expensive lesson. Maybe the issue isn’t whether we can afford to implement big data, but rather, whether we can afford not to. SASHI REDDI is vice president and general manager of CSC’s Big Data and Analytics group. WINTER 2013 | CSC WORLD 13 big data Big Data Meets Presidential Politics by Jim Battey In winning the 2012 presidential election, the Obama campaign successfully employed big data analytics to influence people and get them to vote. Analytics experts say enterprises can apply these same tactics to influence customers and drive sales. The 2012 election was a watershed event for leveraging technology in the political arena. Both the Obama and Romney campaigns relied heavily on technology, but many observers say the Obama campaign tapped into the power of data analytics more effectively. “Part of the reason for the Obama victory was the campaign’s ability to mobilize the vote, and it used a lot of data to do that,” says Alex Black, who leads CSC’s Enterprise Intelligence Practice. The Obama campaign deployed a team of technologists who built a sophisticated data platform code-named Narwhal that proved highly effective for raising money and tracking voters. Narwhal served as the technical backbone for campaign operations, integrating data to enable functions such as customized email fundraising and identification of likely voters. Obama campaign staffers used the system to analyze voters’ 14 CSC WORLD | WINTER 2013 registration data and online habits. “They developed models predicting who was most likely to vote and then targeted follow-up events at those people,” Black says. Social media played a prominent role in the election. During the campaign, Deen Freelon, an assistant professor in the School of Communication at American University in Washington D.C., blogged extensively on the use of technology in the election. Freelon says that although more research needs to be done to determine the impact of social media, “There is no question that both candidates took social media seriously.” He says the best evidence of its impact is a study which found that people are more likely to vote if they learn, via social media, that their friends will vote. As a by-product of the technology efforts, and the fact that Democratic voters skew to a younger demographic, the Obama campaign maintained a lopsided advantage in social media circles. (See: “Obama vs. Romney: By the Numbers.”) The experts say organizations can capitalize on lessons learned from Obama’s victory in the use of data analytics and social media. Obama vs. Romney: By the Numbers Barack Obama Mitt Romney 35.4 million Facebook Likes* 11.8 million 24.9 million Twitter Followers* 1.7 million $1.07 billion Total Funds Raised $993 million $690 million Funds Raised Online N/A 9 Swing States Won 1 65,367,939 (51.0%) Popular Vote 60,707,106 (47.3%) 332 Electoral Votes 206 *As of Dec. 2012. Sources: Facebook, Twitter, New York Times, Time Magazine, Huffington Post. Analytics comes to the fore Obama’s victory confirmed the value of using technology and data analytics. The technology side of Obama’s campaign was organized into teams to oversee technology, digital and analytics. Engineers working for the campaign developed tools such as Dashboard, an online organizing community, and Obama’s analytics team developed The Optimizer, a tool for placing television advertisements in front of the most optimal audiences for the least amount of money. “The Obama campaign proved the power of big data,” says Gary Jackson, CSC’s director of Business Analytics. One lesson learned from the election is that enterprises can employ a concept called the “psychology of analytics” to prompt action from a customer. Jackson notes that many companies spend a lot of time and money on big data projects only to end up finding out the same insights they already knew. He calls it “Your Mom’s Mom Is a Woman” analytics. The key for businesses, he says, is using data analytics to target the right people. “The Obama big data team sought out those who were already advocates and did matchmaking using what CSC calls ‘affinity ratios’ — linking people with the same life-style and life-stage details with people in their social circles to drive action,” Jackson says. “We believe that customer behavior changes only when influenced by other human beings — social circles — or by being compared to people like them.” Dr. Freelon thinks there is no one-size-fits-all strategy that will work for every organization. “Just because Obama did it doesn’t mean it is right for everyone. Still, we do know the Obama campaign conducted rigorous message testing of its Web presences to determine what content and style elicited the greatest responses from users.” Engage your customers Similarly, Black says the Obama team successfully engaged in microtargeting voters. “But the key is what you offer them, and how you make it stick,” he says. So how can companies successfully engage with their customers? Watch an Inauguration Day video on Obama’s data-driven victory at csc.com/BigData_Politics. Learn more at csc.com/big_data. “Companies have a little bit harder time with engaging — turning it into a relationship that is continuous — so it helps not only with the purchase, but also helps postpurchase activities, using the product or suggestions about the product,” Black says. He advises enterprises to employ a lot of different tactics, and make social media a part of an engagement strategy. “Constantly review the analytics, build models and do a lot of testing and re-testing to see what works best.” Jackson says Obama’s team searched to find people who are the influencers and added them to social circles of people who would actually vote for him in the states he needed to win. “He used the ‘psychology of analytics’ to drive the vote in his favor,” he says. “Simply put, big data is about pairing up the ‘want to’s with the ‘have to’s.” Still, not all analytical data is useful and accurate. Companies should beware of poll bias. “A lot of people think that when there’s a sophisticated algorithm or model, it is statistically pure, yet we know many have bias in them. Whether it’s the bias of the researcher or the bias of the mathematician, all points in the building of models and algorithms are subject to bias.” In the end, just as in political campaigns, success in business is a matter of engaging customers. “This campaign demonstrated the ability to reach people,” Black says. “We’ve got to get our arms around big data and social media and build an analytical framework so we can gain insights and figure out how the data is going to affect our businesses. Enterprises need to learn how to use the data to come up with ways to improve the operation.” JIM BATTEY is a writer for CSC’s digital marketing team. WINTER 2013 | CSC WORLD 15 industry perspective Better Coordination Better Health by Andrea Fiumicelli The massive improvement in human life expectancy was undoubtedly one of the great achievements of the 20th century. While there are still dramatic differences between countries, people all over the world can expect to live longer than ever before, largely as a result of improved public health and the wide availability of medical care. But as we start the second century of mass medicine, healthcare systems are showing signs of serious stress, both in developed and developing nations. Coordinated care makes a difference Research from across the world suggests that “coordinated care,” by which we mean actively managing the relationships among multiple care providers, can both improve health outcomes and decrease costs. By establishing well-understood care pathways and protocols, a coordinated care system can make a real difference for patients. The role of technology is clear: information flow, process management, administrative scheduling and record keeping. The technology provider’s requirement is to deliver robust integrated systems that embrace multiple, independent care providers. As we move farther into the 21st century, it will be the way systems work together that will drive improvement as much as the individual systems themselves. A key feature of successful coordinated care systems is the adoption of “evidence-based” medical practices. Clearly, adopting approaches that have been demonstrated to be effective seems like a good idea. It is surprising then that Eric Topol, M.D., in his influential book, The Creative Destruction of Medicine, claims that “A large proportion of tests and prescriptions used frequently in medicine have little or no supportive evidence of utility.” He quotes The Institute of Medicine as a source supporting the claim. This is not the place to comment on the culture and practice of medicine. One thing is clear, though: The rising use of technology in medicine means more electronically held patient data. It is a scary thought that online retailers already have better systems for understanding the motivations and habits of their customers than healthcare systems have for their patients. It’s a complicated picture, but two factors seem clear: The activities of medical practitioners, no matter how effective they may be in isolation, are often not well coordinated; and medical interventions are often underpinned by surprisingly little evidence. Our health, it would seem, is an area where information technology can make a significant contribution. Analytical techniques produce evidence Applying analytical techniques to patient data will undoubtedly yield a rich source of evidence about populations as a whole, as well as insights that can transform the treatment of an individual patient. We are already seeing analytics help healthcare payers improve their businesses. The real health benefits will come when we use it to improve the provision of care — as, for instance, with the CareVeillance solution described elsewhere in this issue. Most of us will have experienced the frustration of dealing with multiple clinicians, each an expert in his or her field but each with only a partial picture of the situation. In some ways it is an inevitable reflection of the multiple specialties that make up medical care, but it is also a reflection that healthcare systems have not yet embraced systems that speed data flow through their organizations. Take a look at any care setting and you will see technology in use. Medical records and lab results are held electronically; in many cases, appointment booking and scheduling are computer-based; and of course a wide range of medical devices are measuring vital signs. In some hospitals, such as Cabrini in Melbourne, Australia, clinicians routinely carry iPads that give them immediate access to patient data. Watch Andrea Discuss Technology and the Future of Healthcare at csc.com/Future_healthcare. The next step is to coordinate all of that technology across all of those care settings, and to harvest the data we are already collecting. The foundation is effective next-generation technology solutions; the result will be better health outcomes. Andrea Fiumicelli is vice president and general manager of CSC’s Healthcare Group. 16 CSC WORLD | WINTER 2013 regional perspective Australia’s World of Opportunity by Gavin Larkings Australia is the center of the world. Don’t believe it? Well, do you monitor energy use? Australia is among the largest natural resources providers in the world. Concerned about the aging population? To us, it represents a growing market opportunity. How about cloud computing, big data and other IT developments? These and other new technologies have been eagerly adopted by Australian CIOs. Are you watching China? It’s our single largest foreign market. In fact, as Asia expands, so do our markets. To be sure, Australia, with nearly 23 million people, is nowhere near Asia’s size and capability; China alone has a population of more than 1.3 billion. Yet Australia offers many of the vital products and services that Asia requires. While Asian demand has temporarily declined, it’s still far more robust than that of, say, Europe. In fact, we believe that Asia will remain the source of big demand for Australian products and services over the next decade. Asia is where our business — both today’s customers and tomorrow’s prospects — is growing. so installations slowed dramatically. But now, people are looking to absorb cloud computing in a better manner, and as a result, we’re seeing the technology adopted across entire enterprises. While much of the world frets over energy use, Australia deals with it daily. Our natural resources sector includes mining, oil and gas, and these companies constantly seek greater efficiencies. One example is the adoption of automated trucks. Australia supplies great quantities of iron ore and other minerals to China. With this technology, each scoop of minerals from a crane is carefully measured, which means that trucks are always filled to precisely the same level. Similarly, Australia is also a major recycler. In the past year, CSC Australia alone recycled some 675 kg. (approximately 1,490 lb.) of electronic waste. An aging population is another issue that Australia, along with much of the Western world, must deal with — and another that can be addressed with IT. People 65 and older now represent about 14% of Australia’s population, according to the Australian Bureau of Statistics, while the proportion of those aged 85 years and older has more than doubled in the past 20 years, to nearly 2% of the total. Financial services is another critical domain for Australia. Four of the country’s top banks rank among the global top 50. Given Australia’s relatively small markets, that makes these banks even more important to our overall economy. Also, Australia has several large financial services and insurance companies. One of them, AMP, has been a client of CSC’s for more than 40 years. Technology for the business Australia also is a leader in the transformation of business by IT. Big data, cloud computing, virtualization and mobile technology are all game changers here. But the emphasis is always on the business, never on technology for its own sake. Cloud computing is a case in point. The business results of early cloud implementations left many Australian companies disappointed, Cybersecurity is another growing area of interest in Australia. Local clients are especially concerned about the risk of cyberattacks, especially in light of recent reports that China infiltrated the systems of several U.S. newspapers. That’s a big area of concern for us, given that China is both a major diplomatic partner and a large industrial customer. One result: Healthcare has become an important component of our national economy. IT can help. One of our healthcare solutions is a patient-administration service that can be provided remotely. So if you’re in the hospital in Melbourne or Sydney, your physician could monitor your vital signs even while vacationing in Hawaii. These and other challenges represent vital new opportunities where IT — and CSC — can help chart the future. Gavin Larkings is vice president and general manager of CSC Australia. Watch Gavin in the Video: Fueling the Australian Economy csc.com/AUSperspective. Learn more about CSC Australia at csc.com/au. WINTER 2013 | CSC WORLD 17 Financial services iPad App Appeals to Younger clients by Kim Henri Vandenhoute As one of the oldest independent banks in Europe, Van Lanschot has kept in step with client needs consistently over its long history. But even this centuries-old firm was surprised by the rapid change in customer preferences. Early versions of Van Lanschot’s online presence were limited to online payment services and statement viewing. The firm felt customers would continue to put greater importance on private banking than online access. But it soon became clear that the next generation of investment banking customers expected a different banking experience — one where tablets play a key role. Paul Timmermans, managing director at Van Lanschot, says the expansion of the firm’s client base brought in a wave of younger customers in their 30s and 40s who expected online banking services at a higher level. “These are clients who are very familiar with the online world in both their professional and private lives,” he says. “They expect to have online access to both their investment portfolio and the information that we offer them in our capacity as asset managers and investment advisors.” Designing a future-oriented platform Recognizing a significant change in customer needs, Van Lanschot engaged CSC to develop a new Web portal. Original features such as investment portfolio viewing were given a fresh look. New features were added, including access to a wide range of personalized financial information and research. Portal architecture was designed for performance on a wide range of browsers and devices — a notable upgrade from the previous system. Every aspect of the system was designed to be as flexible as possible to accommodate ever-changing customer needs. Client: Van Lanschot Challenge: • Improve the banker’s online presence and services for customers. • Offer more services that are attractive to all (and especially younger) generations. Solution: • A new multi-channel solution consisting of a new secured Web portal, which features a fresh look for investment portfolio viewing and upgraded personalization functionality for research and financial information. An app for iPad was also developed. Results: • The new portal is flexible, supporting a wide range of browser versions. • A specific app providing advanced portfolio management services is also available for the iPad. 18 CSC WORLD | WINTER 2013 The industry quickly took note of the Van Lanschot project. Banking & Finance recognized the firm’s new portal winner with its 2011 ICT Innovation Award. Following a successful rollout, the firm began anticipating additional services it could offer from its new platform as it sought to evolve a new multichannel organization. The evolution of tablet computers presented the firm with an opportunity to extend its innovative portal services to this new class of devices. “We saw the steady rise of mobile devices, the tablet in particular, with the iPad in the lead,” Timmermans says. “With the new portal as a base to expand from, it was clear we could immediately seize the occasion. iVan Lanschot would soon be a reality.” The change from a face-to-face, single-channel institution to one that serves customers via multiple channels isn’t a task that happens overnight. Timmermans says it required a commitment from the firm’s business group at all stages of the process, from the original design through delivery. The resulting iPad application makes Van Lanschot one of the first private banks to offer financial information and research to clients on a tablet computer. Of the firm’s 140 employees, seven members of the business group provided critical validation at each step, taking a leading role on the project. The entire 10-member IT team was involved as well. The firm also supported the change with a large dose of business transformation coaching to ensure that everyone was prepared. From a technical perspective, making the Van Lanschot portal accessible from a tablet required the coordination of multiple technologies and companies, including IBM for mainframe development, Thomson Reuters for front-office software, Clear2Pay for online payment and UnifiedPost for the delivery of digital account statements. Effective project management was a key success factor, Timmermans says, noting that a part of the bank’s systems is hosted at IBM and Accenture in the Netherlands. “Initially, we were going to manage the project ourselves, but we finally entrusted that aspect to CSC,” he says. Any undertaking of this magnitude often uncovers the need to make additional changes. Van Lanschot’s iPad application development was no exception. Designs called for an update to Thomson Reuters’ eXimius front-office software and improvements to Van Lanschot’s server park, both significant projects in their own right. CSC’s plan to make the maximum use of Web services resulted in a solution based on a service-oriented architecture and housed in a cloud infrastructure. “It was a good idea to further develop the underlying systems along with the modernization project that we carried out. Everything now runs with greater stability than ever before, exactly as an iPad user would expect,” Timmermans says. Offering information and research in a new way The resulting iPad application makes Van Lanschot one of the first private banks to offer financial information and research to clients on a tablet computer. Clients receive a structured view of their investment portfolio, including a clear overview of risks, returns realized and maturities. Investors can break down results by region, sector, share prices and more. iPad users also have access to all the research Van Lanschot offers, anytime, anywhere. “The whole idea fits into the concept of private banking. With Van Lanschot Private Banking Online and iVan Lanschot, we are clearly differentiating ourselves from our competitors,” Timmermans says. Recognizing the application’s popularity and client service capabilities, Van Lanschot’s Netherlands-based parent company has announced plans to make the application available to clients of other subsidiaries. “We’re quite proud that an initiative from a modest subsidiary was taken up in that way,” Timmermans says. For Van Lanschot the success of its iPad application confirms the institution’s strategy; a multichannel approach with a central focus on Internet access and mobility. Timmermans expects that the investment will continue to provide multiple returns as application use increases. “It’s ultimately about more than that,” Timmermans notes. “Our clients are just very happy that we can provide them with a solution via their iPads. And that may be the most valuable return of the project.” Kim Henri Vandenhoute is a senior consultant for Multichannel Service Offerings, CSC Financial Services. Learn more at csc.com/banking. About Van Lanschot With a history of more than 270 years, Van Lanschot is one of the oldest independent banks in Europe. Its focus is on private banking and providing services related to asset management and investment advice. Van Lanschot manages approximately €50 billion of assets. The Belgian subsidiary was created in 1992 to serve Dutch customers settling near the Belgian border. Since that time, the firm has expanded into the Belgian market. WINTER 2013 | CSC WORLD 19 Financial services Is That Really You? Authenticating your identity for online banking leaps forward with mobile devices. by Dale Coyner When was the last time you stood in line at a bank? It’s probably been a while. Instant payments, paperless check deposits and one-touch transfers have made online banking wildly popular with customers. And as virtual banking grows, the threat of fraudulent payments and identity theft rises as well. Financial transactions have always been a popular target for thieves, although the nature of the threat has changed over time. Mike Groat, partner executive at Daon, a CSC partner that supplies identity assurance software for CSC’s ConfidentID™ Mobile platform, says it’s more profitable today to conduct financial fraud electronically. “Financial institutions face a number of threats, and adding online and mobile banking increases the number of potential avenues for thieves,” Groat says. “You have direct assaults on a financial system as well as ‘man-in-the-middle’ attacks that try to get between customers and banks. That is becoming more prevalent with the use of mobile devices.” Fraud isn’t limited to hackers pounding on a bank’s firewall. Sometimes it’s an inside job, Groat says. “Some of the largest losses come from employees who misuse funds, engage in unauthorized after-hours trading or [make] transactions that don’t follow policy,” he says. 20 CSC WORLD | WINTER 2013 Despite the risks, the popularity of online and mobile banking services (and attendant cost savings for banks) means that financial institutions will continue to develop and extend them, even as the variety and sophistication of cyberattacks grow. Does mobility equal security? On the one hand, the use of smartphones and tablets provides more devices for cybercriminals to target with malware and Trojan apps that go after sensitive personal and financial data. Conversely, those very same devices are playing an increasing role in making mobile banking the most secure channel. Geoffrey Weiss, director of channel solutions for banking and credit services at CSC, says that having a second, independent device involved in a transaction improves fraud deterrence. “For example, while you’re making a money transfer on your computer, this other device that’s not a party to the transaction or ‘out of band’ can verify your action,” Weiss says. That’s just the start, Weiss says. Smartphones are becoming more capable with each revision, with more processing power and onboard features that can be used to verify a person’s identity with certainty. “This allows us to verify a person’s identity based on more than one factor,” Weiss adds. “The most secure solution combines several checks. If you put together something you know, like a PIN, something you have like a phone, and physical characteristics like voice recognition, and even where you are, that is the basis for a secure transaction.” You’re holding the answer Collecting all those factors in an easy-to-use way makes today’s smartphone the perfect platform for verifying an individual’s identity. Solutions such as CSC’s ConfidentID Mobile use mobile devices to perform identity verification for transactions conducted on that device, or as an additional check for Web-based transactions. Facial recognition is managed by the onboard camera while the microphone picks up the spoken PIN. The number is verified, as well as the speaker’s voice. Ownership of a device can be confirmed to correspond with an account holder. Location matters, too. Using the built-in GPS receiver, location can be compared to an owner’s address. If you usually circulate around Atlanta but a transaction request is on a mobile device not registered to you and located in, say, eastern Asia, that raises a red flag. Liveness is another factor that today’s powerful devices can tackle. Every voice has unique speech patterns, tone and timbre that can be analyzed. Your face does, too. Adding a factor of liveness to the mix eliminates the possibility that someone could employ low-tech covert tactics such as a voice recording or a static picture to spoof the system. Authenticate with Confidence CSC’s ConfidentID Mobile User Authentication is a biometric-enabled authentication solution that helps you verify your customers’ identity beyond a shadow of a doubt. Powered by Daon’s IdentityX engine, this offering is part of the ConfidentID Mobile Security Portfolio, CSC’s flexible, many-layered approach to security in the online banking environment. Learn more at csc.com/ConfidentID. There’s more to come, too. Todd Hawkins, CSC’s director of Identity Management Business Initiatives and ConfidentID portfolio manager, anticipates that smart devices will gain the ability to perform more verifications as onboard hardware improves. “Within a generation or two, we’ll have cameras on phones with enough resolution to take a picture of your iris to verify your identity,” Hawkins says. “We are using mobility to secure the mobile channel, as well as, using the mobile channel to secure more traditional channels like logical, remote and physical access,” he says. Transparent authentication is the key Using built-in capabilities such as the camera, microphone and touch-screen is critical to the success of identity authentication for consumer applications such as mobile banking. Weiss says that any solution aimed at improving the security of financial transactions has to be seamless. It has to be familiar and easy to use,” he says. “That’s the advantage of ConfidentID on a mobile device. Solutions that rely on special hardware you have to add or configure create cost barriers and usability barriers.” Hawkins agrees. “When you consider how much special hardware it used to require to perform biometric authentication, it’s easy to see why it wasn’t suitable for this type of application. Mobile devices remove many of those barriers.” That advance, Hawkins says, has laid the foundation for an easy-to-use, multifactor solution for high-risk transactions that requires nothing more than the device you’re holding in the palm of your hand. “ConfidentID Mobile ensures that you are who you say you are. Beyond a shadow of a doubt.” Dale Coyner is a writer for CSC’s digital marketing team. WINTER 2013 | CSC WORLD 21 Healthcare Scientists Explore the Origin of Outbreaks Online by Jim Battey Client: National Library of Medicine (NLM) Challenge: • Provide IT infrastructure support to meet high volumes of Internet traffic and help keep the world’s largest medical repository up and running 24x7. • Digitize and provide online access to a vast collection of historical medical materials. Solution: • Designed and deployed a “best of breed” open source software solution to enable the digitization of thousands of historical documents, photos and videos. • A veteran CSC team delivers technical expertise, development skills and local knowledge to provide ongoing support. Results: • Higher infrastructure capacity, improved security, 24x7 availability of online resources and more efficient use of NLM computing resources. • Ongoing success of the Digital Collections project and reliable worldwide access to online resources, enabling more than one billion searches each year. 22 CSC WORLD | WINTER 2013 When scientists need access to information on medical topics such as human genetics and flu outbreaks, they turn to the National Library of Medicine (NLM). As part of the world’s largest repository of healthcare information, the NLM is home to vast resources, including the principal DNA sequence database, a key resource in researching the genetic factors underlying human diseases. Founded in 1836 and located on the campus of the National Institutes of Health in Bethesda, Md., NLM plays a critical role in enabling biomedical research. Elements of the library’s collection of more than 18 million books, journals, manuscripts and audiovisuals have been digitized and made available online. NLM’s resources are searched more than one billion times each year by users around the globe. Using a combination of local knowledge and technical expertise, CSC teams with NLM staff and other contractors to support the shared communications and security infrastructure that helps NLM make these biomedical resources available to the public and research community. 24x7 availability is imperative Such an essential collection of resources needs to be reliable and secure. Since 2001, CSC has provided IT infrastructure services that help the library run efficiently. Over the years, CSC’s work has included support for desktop and server computing, communications networking, application development and IT security, as well as support for green initiatives and data center reengineering. Wes Russell, the NLM’s head of network engineering, says CSC delivers services in a reliable, efficient and effective manner. “It’s all about the technical staff and their expertise, their knowledge, skills and dedication in being able to support our multiple and diverse systems,” Russell says. NLM requires that services are run 24x7 to continuously support the global medical community, and, Russell says, “The staff is dedicated to doing that. They’re willing to work off-hours and deal with issues, as well as work with other teammates to resolve those problems to keep our services up and running.” Russell points to cybersecurity as a good example of how CSC is able to meet a significant technical challenge. CSC helped reengineer NLM’s internal network, which included the design and implementation of a number of security zones separated by firewalls to protect various sets of private resources that have restricted access. “CSC staff was integral in implementing those systems and monitoring our security, as well as responding to any kind of incidents we might have, which are rare, but they do happen. So it’s very important for us,” Russell says. Tom Gigl, CSC’s program manager for NLM, says that CSC’s local knowledge and a strong partnership with CSC strategic teammate AAC Inc. are also indispensable. “We’ve been fortunate to have the bulk of our team providing the same services for five-plus years. The people on the ground have a lot of experience as well as local knowledge of NLM.” Medical resources go digital CSC’s local knowledge came in handy when the NLM undertook an ambitious digitization project in 2006. A massive digital preservation repository, known as Digital Collections, gives online visitors access to a wide range of historical medicalrelated materials, all of which are in the public domain. Wei Ma, NLM’s applications branch chief, who led the digitization efforts, says, “The content people are like librarians. They know the content very well and know how to prioritize which historical books and videos should be digitized first.” Now, hundreds of rare documents, videos and photographs can be accessed free of charge. Ma says the resources are especially useful to epidemiologists studying the origins and outbreaks of diseases, such as the 1918 Spanish flu epidemic, which infected some 500 million people. In planning the digital repository, the CSC and NLM team worked together to evaluate and then recommend a leading open source software solution. The open source suite has Fedora Commons, a digital asset management architecture, at its core, combined with open source image server and book viewer software. The repository is more than just a Web application or database. Using semantic Web technology, it stores manifestations of content that describes and interrelates the materials using descriptive metadata. A user looking for specific content in a video, for example, can pinpoint just the part that is related to a search and not have to view the entire video. “Without the strong contribution of the technical development team, the Digital Collection project wouldn’t have been successful. CSC staff, as part of the technical development team, did a great job supporting the Digital Collections project,” Ma says. Russell adds, “CSC is involved in technical support of the communications and security infrastructure that enables making the library’s systems available to researchers and the public. If it wasn’t for these reliable IT services, NLM’s mission of enabling biomedical research, supporting healthcare and public health, and promoting healthy behavior could not be fulfilled.” Jim Battey is a writer for CSC’s digital marketing team. WINTER 2013 | CSC WORLD 23 Healthcare Technology Helps Fight a Deadly Disease by Jenny Mangelsdorf The numbers are staggering. At least 1.8 million people die from sepsis each year, and some say that the bloodstream infection really kills closer to 18 million worldwide. What’s worse is that those numbers are growing, fueled by an aging population and antibiotic-resistant infection. “Sepsis is going to be the dominant feature in the medical landscape,” says Steven Simpson, professor of medicine, Division of Pulmonary and Critical Care Medicine at The University of Kansas Hospital and co-director of the hospital’s sepsis team. “There’s no escaping sepsis unless we do something about it.” Since Simpson’s team began working to cut sepsis mortality rates in 2005, the hospital has seen its rates drop from 49% to 22% and savings increase by $18 million annually. However, for Simpson and the hospital, that is not good enough. Learn more at csc.com/health_services. Client: The University of Kansas Hospital Challenge: • Lower patient mortality rates from bloodstream infection • Speed detection of sepsis, a leading cause of death in hospitals • Leverage electronic health record data aggregation and integration Solution: • CSC’s CareVeillance Clinical Surveillance tool Results: • Fewer readmissions and reduction of critical care length of stay • Decreased costs • Reduced mortality rates 24 CSC WORLD | WINTER 2013 A key challenge with sepsis, which is a treatable condition when caught early, is how quickly it becomes fatal. The chance of death rises about 1.5% every five minutes treatment is delayed, with the mortality rate jumping to 50% if treatment for septic shock is delayed more than four hours. “Fortunately, quickly catching sepsis is something our tool excels at,” says Bryan Eckert, CSC Health Delivery Group senior principal. A pioneering software tool CSC developed a tool called CareVeillance™ Clinical Surveillance, while working with the hospital, which is the region’s premier academic medical center and one of the first participants in the international Surviving Sepsis campaign. CSC drew on its legacy of software development, data integration and data aggregation skills to create the tool, which integrates patient data from disparate systems, analyzes and connects this information, displays consolidated clinical data focused on the condition and alerts clinicians that a patient is showing early signs of sepsis. “In a pilot project we are finding that CareVeillance is a very useful tool and is almost always correct,” says Simpson, who adds that they have found that CareVeillance is more than 99% sensitive in its ability to find sepsis when it’s present and highly accurate in diagnosing the disease. “CareVeillance is helping us identify an extra two or three patients a day,” says Simpson. Saving lives with technology Unlike existing electronic health record (EHR) and data warehouse systems, CareVeillance leverages new EHR data about a patient and compares it, using complex clinical algorithms, to existing data to identify conditions requiring investigation or intervention. This gives caregivers the earliest possible opportunity to assess and treat at-risk patients and to ensure that best practice measures are delivered during critical time frames. The solution also acts as a predictive tool to identify patients at risk for re-admission. In addition to saving lives, the tool promises to save in other ways, too. Since its development, CSC’s tool has been certified as an inpatient EHR module for quality reporting. By 2015, U.S. hospitals that do not demonstrate meaningful EHR use will be subject to reductions in Medicare fee reimbursements. Jenny Mangelsdorf is a writer for CSC’s digital marketing team. Connect Care Collaborate Coordinated care is essential to meeting the healthcare expectations of people across the world. You need a technology provider who can make all of your systems work together. CSC is a global provider of next-generation technology solutions serving public and private sector healthcare clients in provider, payer and life sciences. Our products and services support coordinated care, providing superior returns on technology investments for our clients and improving individual and population health outcomes for everyone. Learn more at csc.com/health_services. WINTER 2013 | CSC WORLD 25 CYBERSECURITY How Hospitals Can Immunize AGAINST hackers by Jared Rhoads, Richard Staynings and Ashif Jiwani Cybercrime and data breaches are among the most commonly cited worries keeping healthcare CIOs awake at night. Recent surveys show that roughly three-quarters of healthcare organizations have suffered some kind of data breach or security incident in the past 12 months. Hospitals and other healthcare organizations need to broaden their focus on compliance and pursue a robust, integrated, enterprise-type approach to securing data and other key assets. Under the U.S. Health Information Technology for Economic and Clinical Health Act, hospitals and other organizations can be fined up to $1.5 million per year for serious security incidents. Recently, the Department of Health and Human Services’ Office for Civil Rights issued for the first time a financial penalty for a non-major breach (i.e., a breach affecting fewer than 500 individuals). In this instance, a hospice company in Idaho that reported the theft of a laptop will be required to pay a $50,000 fine and agree to a corrective action plan. The incident is believed to have affected 441 individuals. 26 CSC WORLD | WINTER 2013 The full cost of a breach, however, goes far beyond the fines. According to Ponemon Institute, the cost of identifying and notifying affected individuals — now mandatory under the law — is on average $214 per record. There are also intangible costs associated with compromised trust and reputation, as well as other significant costs, including harm to health, or even death. Cybercrime is well-organized, and cybercriminals will go after valuable information wherever it resides, including within healthcare organizations. Typically, cybercriminals do not distinguish based on public versus private sector, type of institution or other such factors. Instead, they target the most valuable information and sell it to the highest bidder. According to the World Privacy Forum, a stolen medical identity has a street value of $50 today, compared to $14 – $18 for a credit card number or $1 for a Social Security number. Most hackers who infiltrate health IT systems are seeking financial data, not medical information. In an analysis of 855 data breaches involving more than 174 million records from the healthcare, financial services, retail and hospitality industries, researchers found that such breaches are “almost entirely the work of financially motivated organized criminal groups, which typically attack smaller, low-risk targets to obtain personal and payment data for various fraud schemes,” according to a Verizon Communications 2012 Data Breach Investigations Report. BYOD presents new weaknesses Cybercriminals constantly target new areas of perceived weakness. Three of the newest trouble areas for healthcare organizations are mobile devices, portable media and medical devices. Mobile devices are targeted by cybercriminals interested primarily in identity and financial theft. Although most breaches still come from laptops and paper records, breaches related to mobile devices are rising the fastest. According to a recent CSC survey of IT executives, 57% of respondents named mobile clients and unmanaged devices their top security challenge. Resisting the bring-your-own-device (BYOD) movement, however, is not the best solution. Rather, organizations should design a secure way to allow employees to use their own equipment to do their work without increasing risk to the organization. Portable media is another prime target, especially for cybercriminals interested in identity theft, insurance fraud and financial theft. Loss and theft of portable media have affected more individuals than any other type of breach. Besides setting and enforcing clear policies and procedures surrounding the use of portable media, it is important to employ technical safeguards as well. Medical devices also need protection. These devices are a new target of choice for cybercriminals out to wreak havoc by causing equipment failures and malfunctions. To date, no medical injuries in the United States have been reported as a result of infected medical devices, but sophisticated malware has been “running rampant,” according to some government officials and hospital IT staff. Gaining cyberconfidence With lives at stake, security must involve more than locking down individual applications and systems; today’s threats require a holistic approach. Achieving cyberconfidence enables organizations to engage securely with patients, partners and others in a context of mutual trust. It is the knowledge that the organization can react to any threat or incident with speed and agility. One step toward cyberconfidence is performing a comprehensive risk assessment. An organization can undertake its own risk assessment or enlist the help of outside experts. Publicly available tools also can help. Once healthcare organizations complete a comprehensive risk analysis, security should be made part of an ongoing process of improvement that ties together security, compliance, risk management and corporate governance. As security threats grow more complex and challenging to keep up with, many organizations are turning to managed security service providers for 24-hour network monitoring, incident tracking and immediate incident response. This level of detection and response is critical to an organization’s security. A recent review of healthcare data breaches found that nearly two-thirds persisted for months before they were detected, giving criminals ample time to do damage. Staying current with cyberthreats can be challenging, but IT security should not hinder an organization’s growth or prevent it from using data assets to improve care delivery, quality and financial performance. With increased vigilance and the right technological tools, healthcare organizations can achieve true confidence in their cybersecurity. Jared Rhoads is a senior research specialist with CSC’s Global Institute for Emerging Healthcare Practices. Richard Staynings is a CSC cybersecurity and privacy officer. Ashif Jiwani is a partner with CSC’s Healthcare Group. 5 Ways to Protect Healthcare Data Regardless of your current risk profile, consider these ideas and recommendations at your next high-level security meeting: 1. Deploy advanced network monitoring. Organizations need automated tools to assess vulnerabilities and look for breaches. Seek out advanced tools to self-test the effectiveness of your firewall and consider egress solutions, which automatically monitor what is being sent outside the walls of an organization, where it is being sent and when. 2. Develop a 21st-century strategy for mobile devices and medical devices. You cannot fight the bring-your-own-device movement, but you can manage it and help employees make good decisions. Embrace security practices that are easy for end users. Try integrating part of the IT security function with the biomedical engineering services department. 3. Make system authentication multifactor and adaptive. Multifactor authentication systems are much preferred over systems that use only passwords. Multifactor systems are expensive and take a long time to deploy, so get a head start before they become required. 4. Test yourself by contracting with ethical hackers. Using ethical hackers to try to find exploits from the outside can help to identify more obscure vulnerabilities that may have been overlooked. Ask ethical hackers to test your technical environment as well as the training of your staff (i.e., through social engineering). 5. Consider whether purchasing cyberinsurance might be right for you. New insurance products on the market are designed specifically with hospitals and other healthcare organizations in mind. While insurance won’t make your systems more secure, it can help you feel more confident about your ability to survive a major adverse incident. Learn more at csc.com/health_services. WINTER 2013 | CSC WORLD 27 CYBERSECURITY CYBERSECURITY FOR INDUSTRIAL CONTROL SYSTEMS THE TIME IS NOW by Edward J. Liebig The need for strong cybersecurity on industrial control systems (ICS) has never been greater, or more urgent. These systems — vital to the chemical, electrical, water, oil and other industries — help companies control their field devices, collect data and detect problems. And they’re increasingly under attack. Cybersecurity events affecting ICS have increased by 2,100% over the past three years, according to data from the U.S. Department of Homeland Security’s ICS Cyber Emergency Response Team. These include targeted attacks by well-funded organizations, including both nation-states and terrorist groups. Yet today’s ICS environment is difficult to secure, mainly because older approaches no longer work. Historically, ICS environments had been protected from cyberattacks by physically isolating them, a practice known as “air gapping.” ICS environments were also considered low-priority targets. After all, these systems controlled not money, but industrial processes. Now all that has changed. The attacks are real, and they’re increasing. At the same time, businesses in nearly every industry are under pressure to do more with less, and that includes their ICS environments. These systems are now expected to provide insights into business metrics, increase supply chain efficiencies, provide business intelligence, and support mobile computing. Air gapping is no longer a viable approach. What’s more, ICS environments were never designed to support these new business requirements. Many IC systems, in fact, are quite old; some still run on Windows 98 or Windows 2000, versions of the popular OS no longer supported by Microsoft. While the solution would seem to be simple — just upgrade — the reality is more complex. Some hardware and underlying applications can’t run on the newer Windows versions. And many of the vendors of these older applications can’t write software patches, because they’re no longer in business. 28 CSC WORLD | WINTER 2013 Another challenge stems from how ICS environments are connected — or, more accurately, not connected. An ICS setup typically involves discrete processes known as “control loops.” For example, imagine a chemical plant process that combines two chemicals, blends them, then heats them, and finally packages the result. Each step could involve a separate control loop, one that does not communicate with the others. Worse, the control loops may not use TCP/IP, the common protocol for both networks and security tools. Combine all these factors, and you get an ICS environment that’s complex and difficult to secure. Companies must balance what’s reasonable from a security viewpoint with what’s feasible for the business. Policy puzzle Policies are another piece of the ICS cybersecurity puzzle. Security policies essentially codify industry best practices. Unfortunately, many common security policies can’t work in the ICS environment. For example, consider the practice of giving all users a unique user ID and password. Basic, right? Now imagine a factory control room staffed by six or seven engineers. The control-room displays show critical processes from across the plant; therefore, they can never go dark. But what happens when one work shift ends and the next begins? The plant can’t let the system go down while the new work crew logs in. Somehow, an alternative to individual logins and passwords must be created and implemented. In other words, ICS security differs dramatically from traditional LAN/WAN security. You can’t blindly apply the same policies or standards to both. You must think about each critically. How? Mainly, by assessing risk. CSC has embraced a process that examines all devices in an ICS setup and then evaluates the ramifications or risks they could pose to the business. This involves a review of several key risk factors, including life, health and safety, environmental release, monetary risk and reputational risk. Next, we review existing security standards to apply not the letter of the law, but its spirit. Then we cobble together a new standard — one that applies to the ICS environment while also striking a balance between the need for security, the relative areas of risk, and the unique demands of industrial controls. For any company with an at-risk ICS environment, that’s one safe bet. Learn more at csc.com/cybersecurity. Edward J. Liebig is the CTO of cybersecurity consulting at CSC. Trends in Cybersecurity: A Forecast for 2013 by Sam Visner The challenges of securing enterprise data, keeping data private and protecting intellectual property may seem daunting. But fasten your seatbelts: In 2013 we’re also going to start integrating these concerns with the security of systems used for manufacturing, supply chains and critical infrastructures. Here’s what I expect to see in 2013: Getting Integrated: This is the year when we’ll finally get serious about viewing cybersecurity from an integrated perspective. By integrated, I mean moving away from simply protecting individual desktops and databases, and instead protecting the entire enterprise. That includes mobile devices, industrial control systems, manufacturing supply chains and critical IT infrastructures (including the cloud). Control Systems: 2013 will also be the year when people accept the need to get serious about safeguarding the cybersecurity of not just information, but also the systems that rely on that information for control and management. Consider, for example, the control systems of a power plant or hospital. Different Strokes: We’ll become more aware this year of the two differing, even competing, visions of cybersecurity. In much of the West, cybersecurity means protecting the privacy and security of confidential information. But elsewhere, another approach is emerging. Going Mobile: Bring your own device (BYOD) is here to stay, and as a result, the world of cybersecurity will get more interesting in 2013. Employees have shown they’re willing to spend their own money to buy the devices they want. Now enterprises will need to spend some of their money, too, ensuring that these devices — and the applications and databases they can access — are secure. Double-Barreled: Organizations should start to offer cybersecurity from not one, but two perspectives: architecture and management. By architecture, I mean taking an integrated view of enterprise-wide security. And by management, I mean taking a top-down approach to cybersecurity. Too many organizations try to secure systems from the bottom up. Invest in Security: I hope this will be the year when we make a far more powerful and enduring investment in the science, technology, development and engineering behind cybersecurity technologies. It’s time to reinvigorate our academic base, research base, science base and technology base. Big Data, Big Threats: In all the excitement over the potential of data mining, we mustn’t forget to secure and protect that data. Big data lets us unlock value — but only to the extent that we have confidence in our data’s security. If we don’t know where the data comes from, don’t know whether it’s secure, and don’t know whether it’s been tampered with, then we can’t use it for decision making. Sam Visner is VP and general manager of cybersecurity at CSC. Watch 5 Cyber Predictions for 2013 at csc.com/cyber2013. WINTER 2013 | CSC WORLD 29 CLOUD COMPUTING Understanding Cloud and How to Buy It An Outsourcing Center Cloud Buyer’s Guide Reveals How to Optimize a Cloud Contract. by Jim Battey More sourcing professionals are evaluating cloud contracts from a variety of service providers. While cloud is often called another type of outsourcing, the contract terms, service level agreements and pricing are very different. In order to provide a better understanding of cloud computing and how it differs from traditional IT outsourcing, CSC and EMC sponsored the Outsourcing Center Cloud Buyer’s Guide to highlight some distinctions that require special attention. Here’s an excerpt of that report. The value of cloud The advent of cloud brings to enterprises new agility, speed and flexibility. Cloud enables them to contain capital expenditures, reduce operating costs, and scale up and down with ease to meet fluctuating market demands. For the past few years, everyone’s been talking about cloud, and for good reason. This delivery model has changed how companies work and the speed at which they can respond to changing market demands. The fast provisioning, dynamic scalability and pay-as-you-go cost model deliver big advantages to businesses and more fluidity to users. The cloud model: delivery types The cloud model is a measured service that promotes availability and delivers key benefits, such as on-demand self-service, broad network access, resource pooling and rapid elasticity. There are three basic cloud delivery models, and enterprises can employ one model or a combination of different models: Private or internal cloud: Cloud services are provided solely for an organization and are managed by the organization or a third party — or a combination of both. These services may exist on the customer’s choice of premises. This is similar to a traditional data center environment, but the services are provided within the cloud capabilities, not as complete IT service delivery. 30 CSC WORLD | WINTER 2013 Public cloud: Cloud services are available to the public and owned by an organization selling cloud services, such as Amazon, Google, Rackspace or other cloud businesses. Typically, a public cloud solution leverages a shared infrastructure service for all customers and may or may not enable the end customer to specify or even identify where data resides or applications are executed. Hybrid cloud: An integrated cloud services arrangement that includes a cloud model and something else. For example, data stored in a private cloud or a customer’s database in a traditional infrastructure is manipulated by a program running in the public cloud. Cloud benefits over outsourcing Cloud computing provides a threefold advantage over the traditional IT outsourcing (ITO) model: agility, predictability in costs (including moving expenses from CAPEX to OPEX), as well as potential cost savings, particularly when compared to a nonleveraged model. The three basic types of cloud service offerings are Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS). The cloud brings cost benefits in that enterprises can quickly leverage new technology to be more efficient when compared to introducing new technology by traditional means. On the infrastructure-management side, the benefits result from using a shared, multitenant infrastructure or by consolidating a company’s infrastructure through virtualization. On the application run-and-maintain side, cloud allows for a more leveraged shared-services model for applications with which the supplier has competence and capacity. On the application side, cloud benefits result from an environment that can be quickly established for application development, testing, QA and staging for production. Being able to replicate in a low-cost environment to reconfigure, change, test or stage before moving to production is a definite advantage. This saves time, accelerates application development to meet critical business or mission requirements, and provides a higher level of quality across an organization. How to buy cloud services Cloud agreements require a living document of business requirements, containing only those technical requirements that are absolutely necessary. When soliciting cloud services, enterprises should be stating their specific business challenges and any explicit requirements they may have for that system — such as interconnectivity, middleware or data exchange. Because every provider defines a virtual CPU (vCPU) differently, companies need to ask some specific questions to adequately compare services in the cloud. When assessing a cloud solution, consider the following: vCPU: It’s important to understand how the provider is measuring CPU capacity: in gigahertz, number of cores or some combination. Smart customers should request that providers compare their measurement to a standard set by the customer, using the Intel Xeon X processor as a baseline, and assess how many vCPUs it takes to equal that capacity. RAM and Storage: Some vendors do not include RAM as a measured service because, as a commodity, it is a very small fraction of the total cost. Regarding storage, in the majority of cases, customers should base their cost structure on persistent storage only. Network: It is important to accurately estimate the volume of data traffic the network solution may require, so either dedicated connections or an expansion of current capacity can be planned prior to implementation. Capacity Planning and Usage: Customers can opt for Capacity on Demand, which typically refers to a specific set of circumstances in the private cloud that lets a customer reserve a minimum capacity but lets the usage “burst,” with the customer paying for the additional capacity only when using it. Or, customers can opt for Guaranteed Capacity, in which a “block” of computing resources is purchased, but not all of it used due to any number of reasons; however, the capacity has a finite limit. Support: The single most important point to consider is the delineation of support between the provider and the customer. In most instances, management and support ends either at the virtual hardware level or at the OS level, with all additional application support provided by the customer. Cloud contracts are less complex than traditional ITO contracts but also less negotiable, because customers are buying a bundled service. A typical cloud contract will have little flexibility in negotiating terms and penalties. The only real option in a true cloud implementation will be a credit for downtime, with no enhancements for loss of business-critical functionality. Jim Battey is a writer for CSC’s digital marketing team. The Cloud Buyer’s Guide The Cloud Buyer’s Guide was created by the Outsourcing Center (outsourcing-center.com) and sponsored by CSC and EMC. CSC provides cloud solutions for the enterprise that are secure, reliable, easy to use and supported by an innovative business model; it offers the only OPEX private cloud — CSC BizCloud™ — billed as a service and ready for workloads in just 10 weeks. Download the full version of the Cloud Buyer’s Guide at csc.com/CloudBuyersGuide. Learn more at csc.com/cloud. WINTER 2013 | CSC WORLD 31 CLOUD COMPUTING OVERCOMING THE FEAR OF CLOUD Results from the 2012 Cloud Computing Security Survey by Jenny Mangelsdorf Despite cloud’s stratospheric adoption rates among businesses, governments and personal users, lingering doubts about data security remain. Information Security Media Group’s 2012 Cloud Computing Security Survey found security concerns are still topof-mind for users considering cloud adoption. The CSC-sponsored survey examines cloud security concerns, as well as how risks are being addressed through policy, technology and vendor management. The survey queried senior leaders who are involved with cloud computing decision making in their organizations and help determine their organizations’ IT and/or IT security budgets. The survey found that nearly one-third of respondents’ organizations haven’t used any cloud architecture, citing worries about data protection as their “greatest reservation,” followed by “enforcement of security policies” and “data loss.” “Data protection is a particularly important concern,” says Sam Visner, vice president and general manager, cybersecurity. “Organizations need to ensure that their cybersecurity policies and protections cover information assurance — particularly as they seek to unlock the value of information and big data and use it to make high-value decisions regarding customer strategy, public policy and national security. The survey shows we still have some way to go to allay these types of cybersecurity concerns.” Almost three-fourths of the respondents reported that security concerns prevent them from adopting many cloud services. Of the services they currently or will shortly use, application hosting tied email/messaging at the top of the list, both at 34%, with data storage following at 29%, collaboration software at 25% and application development/testing at 23%. Popular Offerings What cloud services does your organization have or will shortly deploy? (top five answers listed) Application hosting 34% Email/messaging 34% 29% Data storage 25% Collaboration software 23% App dev/testing Vendors, trust and risk Tied to cloud security are issues such as cloud vendors’ trustworthiness, risk, ultimate responsibility and the cloud’s effect on the bottom line. More than two-thirds of the survey’s respondents expect cloud computing will save their organizations money. When asked about the benefits of cloud computing, respondents ranked cost savings at the top, followed by better scalability and improved flexibility as second and third, respectively. Even though survey respondents believe in the cloud’s benefits, approximately 40% of respondents’ organizations had allocated just 10% or less of their IT budgets on public, community and hybrid clouds. Nearly 40% hadn’t budgeted for these types of clouds at all. When organizations use the cloud, they believe that trust is key to adoption. More than 85% stated that external certification of a cloud provider is crucial. To reduce risk, 66% of respondents used a third-party organization to “certify or attest a cloud provider’s security,” whereas only 7% reported not verifying provider security in any way. Checking Out Cloud Providers What are the primary ways your organization verifies the security your cloud provider offers? (top six answers listed) 35% Third-party attestation 28% Conduct own assessment Joint vulnerability testing with provider Accept word of provider 7% We don’t verify 7% Follow lead of another company similar to yours 32 CSC WORLD | WINTER 2013 16% 5% “Information technology professionals in general, and CIOs in particular, need to be informed about the controls necessary to protect their operations and the providers’ approach to meeting those controls,” says Visner. “Those contemplating the acquisition of cloud services should look carefully at how security certification or attestation is being performed, and who is performing it.” The Guardians Who’s responsible for ensuring security of cloud resources? Cloud provider IT or IT security organization Business side/data owner For U.S. federal government respondents, 57% said they use third-party providers to vet cloud providers’ security. That will change as a new U.S. initiative called the Federal Risk and Authorization Management Program becomes operational this year. Under the initiative, the government will require agencies to use third-party assessment organizations to independently verify and validate that cloud providers meet security requirements. While 79% of respondents stated that security is a “high priority” when evaluating a cloud provider, only 41% believe they have adequate policies and procedures to enable safe and secure cloud use. Just 50% of respondents also stated that internal audit reviews provide appropriate feedback to improve cloud security. Two reasons respondents cited for this low confidence in internal audits is a lack of education and sophistication in many cloud initiatives. To enhance confidence, NASA’s Jet Propulsion Laboratory (JPL), an early cloud adopter, has created a Cloud Computing Commodity Board, whose members span JPL, from departments such as finance and acquisitions to individuals such as the scientists and researchers who will be using the cloud. “We don’t put everything in one cloud because different clouds are good at different things,” says Tom Soderstrom, JPL chief technology officer/IT, in the survey report. “So far we have data in 10 different clouds, and we let the users dictate which one is the stronger.” Ultimate responsibility Regardless of how well vetted a cloud provider’s security may be, respondents show different views on who ultimately has responsibility for security. “Whether you put [your data] in the cloud or in the trunk of your car, it’s your responsibility,” says Françoise Gilbert, IT Law Group managing director, in the survey report. “It may be even more responsibility than before because there are situations where the cloud provider does not have a clue about the data that you have ... because that’s not their business.” Just more than half of the respondents agree with Gilbert, with 38% handing responsibility to the IT or IT security organization, and 14% giving it to the business side/data owner. However, 48% of respondents give responsibility for ensuring security of cloud resources to the cloud provider. 48% 14% 38% “One of the things people thought [was], ‘Maybe we could get out from under some of this risk if we move things to the cloud,’” says David Matthews, City of Seattle deputy chief information security officer, in the survey report. “We just have to assume that we’ve got, if anything, maybe more risk, or a different kind anyway.” As enterprise computing continues to move to the cloud, ultimately security will be the IT security professional’s responsibility, the survey reports. However, the survey adds, in taking that responsibility, professionals should partner with their organization’s IT and business groups as well as the cloud provider. Jenny Mangelsdorf is a writer for CSC’s digital marketing team. 6 Principles for Effective Cloud Computing ISACA, the professional association focused on IT governance, says organizations adopting cloud should adhere to the following principles: • Enablement: Plan for cloud computing as a strategic enabler, rather than as an outsourcing arrangement or technical platform. • Cost/benefit: Evaluate the benefits of a cloud acquisition based on a full understanding of the costs of cloud compared to the costs of other technology solutions. • Enterprise risk: Take an enterprise risk management perspective to manage the adoption and use of cloud. • Capability: Integrate the full extent of capabilities that cloud providers offer with internal resources, to provide a comprehensive technical support and delivery solution. • Accountability: Manage accountabilities by clearly defining internal and provider responsibilities. • Trust: Make trust an essential part of cloud solutions, building trust into all business processes that depend on cloud computing. Download the full Cloud Computing Security Survey report at csc.com/CloudReport2012. WINTER 2013 | CSC WORLD 33 CLOUD COMPUTING HOW ‘EVERYTHING AS A SERVICE’ CAN SAVE CIOs MONEY Cloud computing is changing the way IT serves the enterprise. Today, nearly any type of hardware, software, IT process or business process can be offered as a cloud-based service. It’s called “Everything as a Service” (XaaS), and the benefits to the enterprise include greater agility, higher levels of innovation, faster responsiveness to market changes, and a new, improved ability to contain costs and reduce the need for capital. by Jim Battey XaaS is a combination of utility-based offerings that can be consumed on a flexible per-seat, per-month model, based on usage. Companies with broad technology portfolios such as CSC are able to bundle as-a-service offerings and deliver to CIOs only the products and services they want and need. Wendy Hartzell, CSC’s CIO for Global Sales and Marketing, sees XaaS as a paradigm shift in IT. “We are in the midst of one of the most exciting times in technology, fueled by the combination of mobile devices and emerging XaaS capabilities,” she says. “This is requiring an overhaul of our thoughts around IT, the IT department, budgeting models, and in fact, ‘everything.’” Research firm Gartner also views as-a-service as a significant trend. According to an August 31, 2012 report, “Market Trends: Cloud Business Process as a Service Outsourcing Trends,” by Cathy Tornbohm, a research vice president at Gartner, “Cloud and ‘as a service’ are being promoted as great ways for customers to cut costs and access technologies and 34 CSC WORLD | WINTER 2013 services quickly.” The report also says, “To clients, the attractive marketing features of most as-a-service cloud offerings are lower costs, pay-as-you-go per transaction, limited or no capital investment and increased speed to solution.” As cloud computing emerges as a viable enterprise strategy, CIOs have more options than ever to choose from. But how does XaaS reduce costs, and how does everything fit together? Flexible model As CSC’s executive director of Global Unified Communications and Collaboration Solutions, Dean Fernandes helps customers craft their IT strategies. “What CIOs are looking for today is a way to manage costs,” he says. “And they want their costs to be usage based. They want to pay for things such as email storage on an ‘as-you-go’ basis, and they also want the model to be flexible enough that it can be delivered either on premises or in the cloud.” For example, enterprises can experience dramatic swings in network traffic, Fernandes says. “It’s very seasonal, and this is especially true when you have a contact-center business where there are peak call times and non-peak call times,” he says. To accommodate these fluctuations, cloud technology provides infrastructure flexibility, giving CIOs the choice of deploying a private cloud, a public cloud or a hybrid. XaaS reduces costs in that you pay for only what you use, says Fernandes. “Our clients want to go from a fixed-cost model to a variable-cost model, based on usage,” he says. “If you understand your usage and your usage goes up or down, that’s what you want to pay. You don’t want to pay for the capacity you’re not using.” Hartzell adds, “The flexibility introduced by XaaS will introduce a more dynamic element to the budgeting process. There will be a shift from the major long-term capital investments needed for traditional on-premises systems to subscription-based, as-aservice offerings.” Integrating everything Since XaaS is all about everything, a key challenge for CIOs is how to integrate everything. “At CSC, we have been building our portfolio around as-a-service, and we have the ability to integrate various services together and provide our customers a per-month, per-user bill based on their requirements,” Fernandes says. For instance, in the area of unified communications, CSC offers a virtualized environment on a per-seat, per-user basis. “Not every user in the company uses the same features, so why should customers pay for features they’re not using?” Fernandes asks. Fernandes says people should be able to collaborate and talk to each other in the way they want to. The various as-a-service models provide employees diverse ways to communicate and help make them more productive. “With mobility and the consumerization of IT, we are able to communicate very effectively across all the mediums on iPads, iPhones or other devices wherever we are and whenever we want to,” he says. The best news for CIOs is that XaaS lets technology professionals concentrate on what they do best. “XaaS offers great opportunity for the IT department to redirect focus to more forward-thinking and strategic initiatives while confidently leveraging XaaS offerings,” Hartzell says. Evergreen model The beauty of XaaS also lies in the fact that an evergreen model is built into it. “One of our customers’ biggest complaints is that after three to five years, the technology becomes obsolete.” With XaaS, Fernandes says, “Whenever we have an update, we will update our customers’ environment as part of the cost. That way, they are always up to date with the hardware and software, and we continue to manage that service for them.” In Gartner’s report “Market Trends: Cloud Business Process as a Service Outsourcing Trends,” August 31, 2012, author Cathy Tornbohm observes that as-a-service offerings are increasingly being configured for specific industries. “Options for buying business services have never been more varied, with heavily customized offerings still being available and a host of very prescriptive, potentially configurable offerings emerging,” the report states. The financial services industry is especially ripe to benefit from XaaS, Fernandes says: “Some of our biggest financial services customers are looking at using multiple portfolios and offerings from across CSC.” CSC’s vast network of partnerships and alliances serves as a solid foundation for making XaaS happen. Fernandes says, “CSC can offer as-a-service subscription models only if our partners help us get there — they have to provide a special licensing model.” Through it all, Fernandes says, the key for CIOs is to identify which cloud option and what as-a-service offerings best meet their needs: “CSC can tie the various offerings together and funnel those to the customers so they get a bundled solution of all the products and services that we offer in an as-a-service model.” Jim Battey is a writer for CSC’s digital marketing team. 3 Flavors of Cloud Cloud-based services are available in several varieties, giving CIOs and their enterprises a wide range of choices and options. But choosing the best solution can be complicated. Here are three main approaches to take: •Private cloud: Offered on an enterprise’s private network, this approach provides the highest levels of security and control. But it also requires the highest levels of staffing and equipment, which can limit or even cancel the cost savings. •Public cloud: Helps an enterprise reduce its need for capital, staff, hardware, software and maintenance. Public clouds also provide an enterprise with added flexibility and speed. The tradeoffs include less control and, possibly, lower levels of security. •Hybrid cloud: Combines the strengths of public and private clouds. For example, in a setup known as “cloudbursting,” a retailer that normally runs its applications on a private cloud could rely on a third-party public cloud during periods of high activity. Learn more at csc.com/cloud. WINTER 2013 | CSC WORLD 35 research Where ‘Mad men’ meets ‘math men’ by Patricia Brown An interview with Frank Cutitta Research Associate, CSC Leading Edge Forum 36 CSC WORLD | WINTER 2013 Marketing is marketing, technology is technology, data is data, and never the three shall meet — right? Not so, says Frank Cutitta, a research associate in CSC’s Leading Edge Forum, which provides clients a knowledge base and global network of innovative thought leaders on the current and future role of IT. To find out why, CSC World, spoke recently with Cutitta. An edited version of that conversation follows. How can IT and marketing learn to cooperate and coordinate? Cutitta: We’re researching that right now with our Weapons of Mass Discussion™ project, which is an offshoot of the “socially awkward” research we completed last year. That research looked into the relationship — or lack thereof — between marketing and IT. We found there really were two cultures. In some organizations, it’s a pitched battle, while in others, more of a “friendly fire” situation. Either way, there’s still the age-old stereotype that IT is the “land of slow and no,” and marketing is the realm of unguided missiles. The truth is somewhere in between, of course. But many people still believe that IT’s major function is simply to keep the lights on, while marketing is much more customer-facing. We’ve also found a great deal of anxiety among CIOs and other IT professionals. They worry about marketing taking share and control of IT budgets. CIOs also see marketing absorbing traditional IT functions, mainly in a quest for greater agility. And, in an age of instantaneous metrics, there’s even a difference between how IT and marketing define agility. This has a bearing on investments, because a lot of marketing technology doesn’t look like traditional IT. Marketing doesn’t have to worry about email, databases, networks and the like. Yet many other things that walk like IT and quack like IT are now part of marketing’s budget. technologist. But that’s like saying that if I take a physics course and a biology course, I could become a biophysicist. It’s just not that simple. What’s needed instead are people who think in a way that combines both marketing and technology. It’s like learning a second language; when you start dreaming in French, you know you’ve got it. The same is true here. You mean things such as social media? Cutitta: Yes. IT often doesn’t have a personal relationship with social media. In fact, in both our socially awkward research and other surveys we’ve done, CIOs and other IT professionals tend to view social media as little more than using LinkedIn as a CV or resume service. They don’t see social media from the conversational marketing point of view. Could this be resolved by creating C-level positions that combine marketing and IT? Cutitta: In some cases there will be chief marketing information officers, chief information marketing officers, perhaps even chief marketing data officers. So we can see the development of a whole new alphabet soup. Job titles aside, our research shows that organizations need new skill sets to reflect the rapid coevolution of IT, marketing and data. These skill sets will differ significantly from those of the past. It relates to what I call the biophysicist problem. In IT and marketing, we think that if someone has taken a marketing course and an IT course, [he or she] could become a marketing Then, making it even more complicated, we need to add data. So now you’ll be seeing the convergence of IT, marketing and data. This will herald a new way of thinking. It may also give data scientists an advantage over IT professionals. Data scientists already possess many IT skills, and it’s relatively easy for them to acquire additional behavioral marketing and psychology skills. What can CIOs do to improve the situation? Cutitta: CIOs need to develop personal branding strategies on a global scale. This will help them enhance their careers, be viewed as legitimate partners by other parts of the organization, and form new alliances among IT, marketing and data. Data is a separate issue. You might suppose that anything having to do with data automatically belongs in the IT department. But we’re finding new organizations that cannibalize both marketing and IT. We’re also finding that less-than-agile business intelligence organizations can fall victim to new big data and predictive behavior groups. WINTER 2013 | CSC WORLD 37 You mean by way of “shadow IT”? Cutitta: Yes, and we’re seeing a lot of it. In the past, it was limited to marketing stealing IT people to create agile, technology-powered marketing programs. But now, new data organizations are emerging that are independent of IT and marketing. Within these organizations, data scientists are setting up shadow IT and shadow marketing. While they operate in a world that’s separate from marketing and IT, they’re also dependent on them. In response, marketing is saying, “Wait a second! Data is now part of social media. I need that information for my metrics.” At the same time, IT is saying, “Hold on. We’ve always handled data. Why aren’t we handling this?” So it behooves both marketing and IT to look closely at how data has evolved. In the past, data was like a rear-view mirror, showing us historical data. Now, it’s more like the front windshield, giving us a much more predictive view. was coming from customer relationship management (CRM) systems and finance feeds, IT was able to hold onto it. Mainly for historical and legacy reasons, this data was considered the domain of IT. But now, as data becomes more predictive — and as data intersects with both the science of “why they buy” and technology-driven loyalty programs — a new way of thinking has emerged. One example is the way Target has identified women customers in their first trimester of pregnancy — in at least one case, even before the father knew the baby was coming! Target essentially triangulates the shopping patterns of women customers based on tiny, obscure buying “blips.” Maybe a woman buys a new vitamin, an organic food, or something else that seems unrelated to her pregnancy. But in this way, Target can pretty accurately determine when a woman customer is in her first trimester of pregnancy. Then the retailer uses that information for targeted messaging. Target’s research shows if it captures women at this earliest stage, they are more likely to consider Target a preferred supplier after their baby is born and, more importantly, as their family grows. Could data scientists be the ones to bridge the IT/marketing gap? So data marketing involves far more than just social media? Cutitta: Certainly, they add a third party to the relationship. But we’re still trying to determine how data science operates within the organization. Is it independent, or is it really an extension of IT and/or marketing? We’re also at a moment when CEOs are fed up with all this infighting. As a workaround, some CEOs have established innovation centers that report to them and incorporate IT, marketing and data science. It may be that where IT/marketing alliances fail, data-minded CEOs can succeed. Certainly, our research shows that when a marketing-technology or data-science deployment is driven from the top, it has a much greater chance of success. Cutitta: Yes. It’s part of the “Internet of Things.” We have literally hundreds of new kinds of feeds, and these make data different from what it had been before. Of course, this is also related to the phenomenon of big data. I like to say that the “big” is actually a verb: We’ve got to “big” the data. Though it doesn’t mean you must have petabytes of data. For CIOs and others in IT, data is a big challenge. They must look at the unstructured, conversational data coming from blogs, customer feedback and the help desk. Thomson Reuters, for example, has nearly 19,000 indices it tracks, based on the intersection of news and social media feeds. Has something important changed the nature of data? Cutitta: We’ve always had database managers, and they tended to be part of IT. Every now and then, you’d see an instance where data was totally independent. But because much data Target has identified women customers in their first trimester of pregnancy — in at least one case, even before the father knew the baby was coming! Target essentially triangulates the shopping patterns of women customers based on tiny, obscure buying “blips.” 38 CSC WORLD | WINTER 2013 Typically, that’s outside the mentality of IT as we know it. Yet enterprise IT is increasingly under pressure to turn unstructured data into a corporate and competitive asset. When we talk about “weapons of mass discussion,” that information — the ability to optimize conversational content — is, in effect, the enriched uranium. You seem to be making a distinction between content and data. Why? Cutitta: You can’t optimize data unless you optimize the content that generates it. This data can be traditional (print/broadcast), online, social or conversational. Then IT has to look at what I call the “alchemy of content” as inseparable from data. That means inculcating a culture of content as data, then developing an intimate relationship with the content developers in the enterprise. For example, what are the characteristics of the content that let me make a supposition about what a recent engagement meant? This is essentially a lab test on content. We want to quantify data’s characteristics, much as a physician might analyze your blood sugar or cholesterol level. Needless to say, this is quite a stretch for IT. But in the new “content as data” culture, it is an essential skill. “CIOs need to develop personal branding strategies on a global scale. This will help them enhance their careers, be viewed as legitimate partners by other parts of the organization, and form new alliances among IT, marketing and data.” Anything else IT executives can do to retain their marketing relevance? Cutitta: CIOs should get more involved in the social enterprise, as opposed to customer-facing social media. Mainly because the social enterprise is, like CRM, still seen as an IT concern. Also, because marketing tends to have a much more indirect relationship with the internal social enterprise, this presents an opportunity for IT. Besides, the social enterprise is a great place for CIOs to get their feet wet. By using platforms such as Jive, Chatter and Yammer, CIOs can learn about the psychology of communication and unstructured data. The social enterprise can also improve the way IT is perceived within the organization. It’s a subliminal way to market IT internally. And many CIOs are bringing in shadow marketing talent to do just that. Once you’ve established credibility within the organization, you can extend your credibility to external, customer-facing projects. Because now you know the dynamics and metrics related to social enterprise interactions. You also have the street cred when it comes time to extend to external, social CRM deployments. Other marketing tips for CIOs from your research? Cutitta: Perhaps the most important area involves adopting what we call an “outside-in” approach to deployment strategy. Our research shows that many deployments fail as a result of an updated version of the old last-mile telecom problem. The technology gets to the curb, but not into the house. Often, it’s because either IT or marketing neglected to research the limitations of the current corporate infrastructure, skills sets or ingrained habits. Consider healthcare: While physicians use a great deal of technology to treat patients, when it comes to putting those patients’ healthcare records online, doctors mainly scribble illegibly on a paper notepad. Then they hand it off — often, to someone who can’t read their handwriting — to be uploaded into a medical records system. As a result, the accuracy rate for transcribed dosages can be frighteningly low. That’s what I mean by the problem of the last mile. To what degree are these issues generational? Some workers are digital natives, but many of us are recent digital immigrants. Cutitta: It’s definitely an issue. CIOs should survey their users to determine their mix of digital natives and immigrants. Otherwise, they could end up supposing that all of their users are comfortable with social media or tablet usage, when that’s not true. In fact, some CIOs may need an entirely new game plan, one that involves either re-educating workers or making sure they get their data in a form that’s digestible. In this way, a CIO could avoid a budgetary surprise when, say, transforming to a data-driven sales force or agent network — and that surprise could be more expensive than the technology infrastructure modernization. Further, our research shows that in this outside-in model, an analysis of the digital immigrants in the field should precede any work on the design and deployment of “Weapons of Mass Discussion.” Patricia Brown is director of digital content strategy at CSC. Can you give an example of how that might work? Cutitta: One of the fastest-growing areas in the social enterprise is reducing the number of help desk tickets. IT can do this by implementing a pre-emptive social self-help service. In effect, employees help each other. Other social enterprise initiatives have found IT and HR working together to create collaboration platforms. These let people across the organization share ideas and knowledge, as well as offer suggestions to corporate management. So the social enterprise can touch IT in a positive way from both a perception point of view and in terms of cost reductions and resource efficiencies. Watch CSC Town Hall Sound Bites: Weapons of Mass Discussion — Enterprise Social Media csc.com/EnterpriseSocialMedia. Learn more about the LEF and its latest research at csc.com/LEF. WINTER 2013 | CSC WORLD 39 research Open Source: It’s Not Just for Software Anymore An idealistic trend from the ’90s emerges as a key economic force in today’s connected, global economy by Dale Coyner As the backbone of private companies and public institutions alike, information technology has become more than a technical marvel. Rapid data sharing, analysis and instant communication enabled by IT have unlocked immeasurable economic value, reinvented industries and even toppled governments. Now IT’s influence is growing beyond the server room to rewrite basic business strategy. The key to its expanding sway? A new CSC Leading Edge Forum (LEF) study, titled “Beware of Geeks Bearing Gifts: Strategies for an Increasingly Open Economy,” points to a trend that has grown remarkably in size and influence from its inception in the early 1990s — open source software. Open source is more than free The author of the study, LEF Researcher Simon Wardley, says there’s an important distinction between software given away at no cost, free software and open source projects. “Software that companies don’t charge you anything to obtain is still controlled by a person or a company. Free software is software that you have access to the code, it can be used and modified by anyone and it is free from many traditional constraints. Open source software, on the other hand, had not only a focus on freedom from constraints but encouraged the growth of a community and a collaborative manner of development around a piece of software. That’s a critical aspect of the open nature.” Wardley says Linus Torvalds, creator of the Linux operating system, pioneered today’s concept of open software development. “Torvalds created more than an operating system; he built a large community around his project. This collaborative way of working helped rapidly evolve the project and drew more people and companies into the Linux universe.” Popular open source projects can become global collaborative efforts, Wardley explains, with features and bug fixes contributed by software developers around the world. 40 CSC WORLD | WINTER 2013 Simon Wardley LEF Researcher, CSC Leading Edge Forum “It’s a highly collaborative approach that encourages the development of a community around an idea,” Wardley says. “Individuals contribute to open source projects because they’re interested in the solution a piece of software provides, but it is also a means to improve and display their coding skills and gain peer recognition.” Clearly, the incentives to participate are powerful, and popular. Black Duck Software, which maintains a knowledge base of open source software projects, estimates that as many as 600,000 open source software initiatives have created more than 100 billion lines of code through 10 million person-years of human effort. Without open source products such as Apache, mySQL and Hadoop, Wardley says, transformative technologies such as the Internet, cloud computing and big data would be far more expensive and limited, if they existed at all. What drives the influence of open? Today, the open concept is spreading to areas beyond software – from open data to open hardware. This open notion of collaborative and community-based efforts is gaining acceptance in manufacturing, science, higher education, government and beyond. “Software is indispensable in virtually every industry, so it should come as no surprise that the dynamics of the software industry should begin to be modeled elsewhere,” Wardley says. The collaborative work practices honed by software developers are being borrowed by other departments inside the business. Competitive pressures play a role, too. Wardley’s research shows that the continuing need to drive out costs while increasing innovation is causing companies to consider new and more open strategies. Open as a strategy While individuals may participate in open source projects to demonstrate their expertise, companies are generally motivated by economics. Wardley explains that open initiatives are a tactic companies can use to tilt markets in their favor. “You have to understand your value chain very well, and if you do, an open strategy creates opportunities for you to build walls around some aspects of your value chain, or perhaps lower barriers [to] entry at other points that would impact your competitors,” Wardley says. Google, for example, uses a mix of proprietary and open strategies to maintain its market leadership. “Google offers many products that are open, such as its Android operating system, but its search algorithms remain proprietary. In the case of Android, you can view this open approach as a way for Google to protect its value chain around data from the walled garden that Apple was creating. It’s a highly competitive play to build an alternative ecosystem to compete with Apple.” While the vast majority of companies consume open technology, the most advanced companies think highly strategically and appear to use open as a competitive weapon. IT as consultant The growing influence of the open movement and its roots in information technology offers an interesting opportunity for the enterprise IT department. Wardley says that the experience IT departments have gained with open models in software and services makes them natural consultants to other parts of businesses that want to adopt open models. “IT’s knowledge in these areas can be leveraged in new and often highly strategic ways, from methods of collaboration to tactical game play to the importance of transparency, governance and standards to the practical details of how to operate an open project,” Wardley says. Many businesses lack experience in these areas, and the forms of cooperative competition they often imply remain strange ideas to many people who built businesses through proprietary, closed methods. The open movement extends well beyond commercial interests. Wardley says that both a growing emphasis on open science in universities and free curricula have roots in the open source movement. Government is getting in on the act, too, with a growing commitment to more transparent operation, the publication of data and creating level playing fields with open standards. Wardley believes that the ability to adapt to open methods is an imperative that companies must address. And what fate lies ahead for companies that fail to adapt? The open movement isn’t limited to intangibles such as software or data; the manufacture of physical products is seeing the effects of the open movement as well. “One of the most intriguing aspects is the power of open source manufacturing designs when combined with 3D printing,” Wardley says. “There is now open activity at virtually every level of business and IT.” Dale Coyner is a writer for CSC’s digital marketing team. “That’s an open question,” he says, adding, “Failing to adapt to a changing environment doesn’t normally work out well, though.” The Power of Open lef.csc.com/PowerOfOpen WINTER 2013 | CSC WORLD 41 applications ‘Mobile First’ movement Drives Application Design New tools and evolving standards answer a growing need to develop mobile apps quickly and easily. by Dale Coyner 42 The rapid adoption of smart mobile devices has redefined industries and spawned new ones in just a few short years. That sudden shift is also causing companies to rethink strategies for application development. Jim Petrassi, managing director, Systems Integration & Development at CSC, agrees. “A few years from now, you won’t say ‘We need a mobile application,’ you’ll just say ‘We need an application.’ Mobility will be presumed,” Petrassi says. Jonathan Marshall, CSC’s global portfolio director for end-user services, says tablets and smartphones have completely changed how we think about applications. “Mobile devices demand sniperlike applications with very specific functions. That stands in contrast to the shotgun-like approach of desktop applications.” Developing applications that accommodate devices with different screen sizes, input methods and connectivity is a special challenge. In the enterprise, Marshall says application development can follow the Henry Ford model: “You can have any device you like, as long as it’s an iPad.” CSC WORLD | WINTER 2013 Applications for a broader audience have a greater need to operate across platforms. HTML5, the new standard for describing Internet documents and applications, brings important capabilities to mobile Web development that have previously been available only in native development environments. • Offline Support — Tools such as AppCache and Database inside HTML5 enable developers to store data locally on a device, ensuring that Web-based apps will work in environments with limited connectivity. • Canvas and Video — These features support graphics and video on a page without the need for plug-ins. This capability may have influenced Apple’s decision to support HTML5 in its mobile devices instead of the popular Flash plug-in published by Adobe Systems. Adobe has since discontinued Flash support for mobile devices to focus on HTML5. • Advanced Forms — HTML5 improves frequently used features such as forms that will make mobile applications easier to use. For example, HTML5 forms will be able to validate data such as credit card numbers and zip codes inside the browser instead of relying on add-ons. That means less communication and faster processing. Petrassi says that in addition to HTML5, many of the standards and best practices that communicate to back-end systems are still relevant for mobile apps. “Mobility adds a layer of complexity because you need lighterweight protocols to reduce the amount of data you’re moving over cellular networks,” Petrassi says. “You need to make sure the data is secure — not only when it’s in transit, but when it’s sitting on that device, too. Is it encrypted? Can I wipe it if I need to?” Petrassi expects a growing number of enterprise applications will be built with open standards such as HTML5, especially as it matures. “There will always be applications that require native code, but I think over the next couple of years, we can build three of four mobile apps on open platforms,” he says. Accelerating that trend is a new crop of hybrid application toolkits such as PhoneGap, a development environment that combines native code with HTML5. Native code offers access to device-specific features such as a camera, while the overall application is wrapped in HTML5. This reduces the amount of time required to port an app from one device family to the next. And lest we forget, the impact of Windows 8 has yet to be fully felt in the marketplace. “It’s hard to predict these things, but I do believe Windows 8 is a game changer,” Petrassi says. Marshall notes that even though Microsoft is arriving late to the mobile party, its large base of enterprise clients and mature management tools make it relevant. He believes that Microsoft may yet play a role in setting, or influencing standards, whether official or de facto. X-Ray Vision for Your Phone Any kid who ever held a comic book gazed longingly over ads for magic tricks, go-karts plans and other youthful ephemera. But all eyes were drawn to the ads for X-ray glasses. The promise to “see through anything” was tantalizing, but too good to be true. Or is it? Richard Brown, CSC’s application visualization lead at the Stennis Space Center in Mississippi, says augmented reality apps coming to market may help mobile devices do just that, in a manner of speaking. Keyed by GPS, location markers or visual clues, augmented reality apps on mobile devices will enable workers in a wide range of industries to find relevant information immediately. If a building has been mapped, an augmented reality app will reveal the location of everything hidden behind the walls, including pipes and cable runs. “That concept can be replicated for gas mains, water or electrical utilities or nearly any type of infrastructure,” Brown says. And it can have life-saving applications too. “It will be a real aid in nighttime operation. For example, a firefighter will [be able to] open a display to locate fire hydrants in the dark,” he says. “We’ve had augmentations in military aircraft for decades, but it’s about to become a widespread technology. I think the winning scenarios are where augmented reality lets you see what can’t be seen and know what isn’t known.” Sounds like those X-ray glasses weren’t so far-fetched after all. - Dale Coyner “When you apply adoption curves to this market, it’s clear that we are still in the innovation phase,” Petrassi says. “We’ll see a lot of change, dead ends, and exciting things in app development and management over the next few years. But one thing is clear — everything will be built with mobility in mind.” Dale Coyner is a writer for CSC’s digital marketing team. Learn about CSC’s FuturEdge, a unique approach to applications modernization csc.com/FuturEdgeVideo. Learn more at csc.com/applications. WINTER 2013 | CSC WORLD 43 9 last word cloud Computing Predictions for 2013 by Siki Giunta Cloud computing is without question the most important IT development in recent memory. The cloud changes nearly everything, including the role of the CIO, how companies pay for computing power, even IT’s relationship with the business. And these changes show no sign of slowing. In fact, we expect to see several new and dramatic cloud-computing developments this year: Security: The conversation matures. While the business continues to worry about security and compliance in the cloud, the security trade-offs are now better understood. Some workloads are appropriate for the cloud; others are not. One result of this should be a rapid adoption of virtual private clouds. These systems let CIOs provision private, isolated sections of larger public clouds. This approach helps CIOs lower costs while offering security at nearly data center levels. Financial services: Accepting the cloud. Until very recently, the financial services industry distrusted the public cloud and instead chose to build private clouds, essentially virtualized data centers. However, building private clouds has proven expensive, with few benefits to show. As a result, we expect financial services companies to begin engaging trusted service providers to offer selected IT services. Manufacturing: Machine-to-machine. The cloud is a great platform for machine-to-machine (M2M) communications. A soda-vending machine can now communicate with banking systems, via the cloud, to securely accept credit cards. Automobiles will increasingly stream over the cloud videos, applications, driver manuals, security information and more. And houses connected by the cloud could assist the elderly while also helping all of us reduce energy use. M2M is the Internet of the future. 44 CSC WORLD | WINTER 2013 Watch Siki Discuss 5 Cloud Predictions for 2013 at csc.com/cloud2013. Public sector: “Shadow IT” hangs around. Thanks to the cloud, individuals can order IT services directly, without having to go through their IT departments. Known as “shadow IT,” this development may be empowering for individuals, but it’s a problem for both IT and public sector organizations. Fortunately, government programs are now formalizing cloud contracts, and eventually, there should be no need for individual workers to order IT services directly. But “shadow IT” will not disappear overnight. Enterprise applications: Get on board. This year, automated production workloads — enterprise-class applications — should move to the cloud en masse. Increasingly, automated templates will be used to initiate applications in the cloud. This, in turn, should spur the development of enterpriseclass clouds that are secure, scalable, automated and easy to use. Disaster recovery: From “nice-to-have” to vital. Last year the United States saw devastating hurricanes, blizzards and droughts. Yet many cloud vendors still offer disaster-recovery services that are less than top notch. This must change. Enterprises today demand instant availability, continuity and recovery. These demands will only intensify, placing cloud providers under severe pressure to respond. Mobile computing: Love the cloud. Mobile computing and the cloud were made for each other. As 4G service becomes more widely available, and as the quantity of data that flows in and out of our smartphones and computing tablets grows exponentially, the cloud becomes indispensible. Mobile apps and data will increasingly live in the cloud. Cloud brokers: Gaining prominence. Expect to hear a lot this year about cloud brokers, community platforms that offer template-based services. Users of these cloud brokers can now buy software, infrastructure or other platforms — all as a service. For now, however, the cloud-broker market is still somewhat vaguely defined. That will change. In fact, we believe cloud brokers represent cloud computing’s next generation. Asia: Leapfrogging to the cloud. China’s market for cloud services will likely exceed $100 million for the first time this year. That will set the stage for even more investment and segmentation. Other areas of Asia — notably Malaysia and Indonesia — are ripe for the cloud, too. These countries have a tradition of leapfrogging technologies. For example, while the West transitioned from the mainframe to the minicomputer to the PC, much of Asia jumped directly from mainframes to the Web. Now these countries are mostly skipping virtualization and heading directly to the cloud. Siki Giunta is VP and general manager of cloud computing and software services at CSC. Solving Government’s Most Difficult Challenges Improve mission performance. Reduce costs. Secure data. Meet mandates. With more than 50 years of government and commercial experience, CSC brings your agency world-class best practices around next-generation technology — cloud, applications modernization, cybersecurity, big data and mobility — to address the nation’s biggest challenges. We proudly serve nearly every agency and department of the U.S. government, helping our clients achieve excellence through best commercial practices, innovative IT, business operations and engineering services. Worry less about business processes and technology. Focus more on the mission. Learn more at csc.com/government. WINTER 2013 | CSC WORLD 45 Worldwide CSC Headquarters The Americas 3170 Fairview Park Drive Falls Church, Virginia 22042 United States +1.703.876.1000 Asia 20 Anson Road #11-01 Twenty Anson Singapore 079912 Republic of Singapore +65.6221.9095 Australia Level 6/Tower B 26 Talavera Road Macquarie Park, NSW 2113 Sydney, Australia +61(0)2.9034.3000 Europe, Middle East, Africa Royal Pavilion Wellesley Road Aldershot, Hampshire GU11 1PZ United Kingdom +44(0)1252.534000 About CSC The mission of CSC is to be a global leader in providing technology-enabled business solutions and services. With the broadest range of capabilities, CSC offers clients the solutions they need to manage complexity, focus on core businesses, collaborate with partners and clients, and improve operations. CSC makes a special point of understanding its clients and provides experts with real-world experience to work with them. CSC leads with an informed point of view while still offering client choice. For more than 50 years, clients in industries and governments worldwide have trusted CSC with their business process and information systems outsourcing, systems integration and consulting needs. The company trades on the New York Stock Exchange under the symbol “CSC.” © 2013 Computer Sciences Corporation. All rights reserved. www.csc.com/cscworld