towards high performance secure tech savvy organisation - chandrasekhar

Towards a High Performing, Secure and Tech Savvy

Organization - Every CIO's Goal

V Chandrasekhar

Change – Every One is Loosing Control

Fast Changing Technologies Younger population in china / india Older Generation manning enterprises Fast changing business models Destructive competition Emergence of younger organisation Old order gives way for new Impact of technology has never been greater in

history of business and society than it is now It can only accelerate We are all bloody lucky that something hasn't

obliterated IT on earth Connected world 9/11, SARS.

CIO Current - Challenges

Size Digital Divide – customers,

employees Strategy – Tactical, Strategic Tactical - Minimization of

operational risk in legacy systems Data Quality MIS Quality Security Frauds

CIO Future - Challenges Complexity Integration New Systems Integration of Legacy with New Systems IT enabled transformation Identify costs Improve efficiency BPR Incremental business to pay for IT

CIO Future - Challenges CRM DWH HRIS Compliance - Basel, SOX, AML, Patriot

etc M&A Retaining Talent Educator Role to Top Mgt Enhancing Business Value of IT

CIO in PSB Technology selection issues Unequal competing platforms May be we go thru two or three cycles of

implementations Process, organisation , business issues not

addressed No change in business models or

organisation structure Internalisation of change

CIO Role Service Provider Organisation – COO CIO to CEO More of Service Integration Vendor / Contract Management In Indian Banking Sector – ISV did not

know business and Business did not know IT. Most purchases are PPT driven / Consultant Driven rather by enlightened decision making process.

CIO

CIO to PIO - process information officer

BIO - Business Information Officer CIO – CEO Opportunities Part of Business Career as CIO is over Skill retention issues

Service on Demand

People donot want computers they want to execute programs

Access to IT Services Computers will be only in Data

Centers End point - only information access

devices and authentication

New SW Selection Integrate ( with existing legacy SW ), Co

exist, Replace High availability and scalability to be able to

support increased trade volume. Silos continue to exist as long business and

IT get misaligned Middleware will thrive for some more time Web Services will emerge Need for ERP for banking industry

Business Sophistication of customer Smart employees Operational Efficiency 360 degree view of enterprise Industrialisation of banking – through

application of technology to handle volumes IT for creating Agile Enterprise Adaptive Enterprise / Zero Latency Enterprise by

building business processes via simplification, standardization, modularization, and integration

Enabling Environment Sustained - Vision, Goal and Passion Continuous measurement – Benchmark Strategy, Plan, Implementation is easy Still to come out of compliance culture We operate in a world where every business

decision triggers a series of IT events The link between business and IT has never

been more essential, nor has it ever been more complex.

Opinions can change Strategies

Financial district Location Data centers Location Accounting standards Process standards Charter of accounts M&A

Compliance Basel II – Risk Mgt ( Credit, Mkt, Operational),

Capital Adequacy , Supervisory Controls to manage risk and capital, Corporate Governance – disclosure norms (Tracking, Modelling, Disclosure of Risk and Capital Adequacy)

AML, Patriot Act ( 2001), SOX ( 2002) , eMail Retention Rules ( SEC 2003)

Needs Data Integration, Application Integration STP – Seamless Txn Data Compatibility,

Standards, Eliminate Manual interventions, Enabler for faster settlement cycles, Reduces Operational Risk. ISO 15022 Messaging Std for STP by Swift

Security – COBIT ( ISACA), BS 7799

CIO in PSB

Political pressures – be fair Technology changes donot impact my

decisions as much as top mgt changes in PSBs

Skill Levels, Retention Issues Frequent Transfers

IT in PSBs

Infrastructure Cost of doing business Still to emerge as Weapon to counter

competition or reduce costs or increase operational efficiency

IT is not IT procurement – provide desktops or servers

Technology issues

Create a standards based computing environment

Convergence of computing and communications – disruptive computing

IT no more confined to glass houses like MF

Explosion of Information Information Life Cycle Mgt Creation of Dynamic Architectures

Technology issues

Computing becoming ubiquitous Utility model TCO

Top CIO challenges – people, process,

technology Getting right sponsor Getting right talent – skill identification,

competency mapping Retaining right talent Deploy right talent – role clarity Getting right technology Vendor selection Issues Deploying right technology under poor

infrastructure conditions Getting right business leaders for getting

right BPR done Getting right business value

Top CIO challenges – people, process,

technology

IT administration Project mgt Vendor mgt Technology is the challenge Poor infrastructure Security CIO like two or three wild

horses – still staying alive – technology, business , consultant

CIO Challenge

Every thing is possible, given the right Time Cost Power CIO – change agent

New Focus BI KM DWH CRM RISK ALM

Content mgt Portal designs Collaboration Workflow

automation

CIO Challenges Fragmented views Integration Enterprise view Data as asset Mining of data DSS Transaction systems to information

mgt systems

Future Rural India Subsidising the Urban

India This imbalance should be corrected Use of IT for appropriate tasks WTO etc to provide access to Asian

markets Basel-II , Risk Mgt etc – to provide

comfort level for western investors into Asian Companies

Future Architecture Audio Visual Computing Very Large Databases Graphics & Rendering Machine Learning Work Load Mgt Dynamic Reconfiguration Self Healing Architecture Seamless Wireless Computing On Chip / Board Integration – Cache, Memory,

LAN, Modem, Graphics, I/O Ports, Device Drivers

Future Architecture

RFID IP Telephony Video Conferencing Sensor Based Computing Robotics Machine Intelligence

Client / Server

Machine Proliferation Loss of Control Complexity

On Demand Introduction to the Grid The Business Case Early Adopters Panel Technology Futures Panel On-Demand Data Storage: Is the Future Bright or Hopeless? The Truth About Virtualization Road Map for Automation On-Demand Case Study On-Demand Servers Networking On-Demand Autonomic Computing On-Demand and the Data Center

MF

Single Manageable Resource Bullet Proof Manageable

Infrastructure Re-Architecture

Re-Architecture of Legacy Systems ( Transaction Oriented / Batch )

Security 15% of Annual IT Budget now it is less than 5% Data volume continues to grow by a factor of 2x every 12

to 18 months must harness as a corporate asset. Business solution integration must migrate to a plug and

play platform CIOs need an environment founded on modularity,

standardization, automation and end-to-end manageability."


Storage Consolidation Server Consolidation Data Center Consolidation Network Consolidation Single Sign on PKI DRS BCP Wireless Office

Architecture

Computing Platform Convergence Storage Platform Printer Consolidation Communication Platform Security Platform Virtualisation for better utilisation

basic requirement for on demand computing

Less is more - Consolidation To reduce IT costs To reduce complexity To improve resource management To improve availability . . . with up to

99.999%availability To improve mission-critical application

performance by up to 80% To reduce IT staffing expenses by up to 85% To recover your investment in as little as one year

Infrastructure

MF to Open Systems HRIS Centralised Authentication

Technologies Portal Design Security / Vulnerability Application to Service Orientation Web Services


Infrastructure Mgt Asset Mgt SW Updates Security Monitoring NIST Security Check List Security & Efficiency / Agility DWH BI Framework


Architecture migration of a running system

Wireless and Mobility Security Windows Platform On Demand Computing The Digital Enterprise Web Services

ISV - IT & Business

IT Blindness – inability of IT layers to deliver business results

Business Blindness – inability by business to articulate its IT needs

Consultants Blindness Customer Blindness ?? Or is he

smart

IS Architecture

IS organizations in enterprises need to adopt a framework to manage the boarder picture than just providing transaction oriented systems and utilizing interfaces available to access the transaction systems through Data warehousing.

SOA Producer, Consumer, Registration of Service Location transperancy / Code Mobility ( across any

network) Uses Published Interface - Network Addressability of

Service ( Intranet / Internet) Interoperable - Web Services consist of four

technologies in combination that provide an implementation of an SOA.

You can use Web Services to provide all of the properties necessary to build a service. Web Services include HTTP as the primary network protocol, SOAP/XML for the payload format, UDDI for service registry, and WSDL to describe the service interfaces.

Dynamic Self Discovery & Reuse

Semantic Web First envisioned by Tim Berners-Lee, the

Semantic Web is complementary to the World Wide Web and consists of machine-usable information

Semantic Web services are an extension of Web services

Web Service Description Language (WSDL) provides a description of how a Web service will communicate, whereas Semantic markup provides details about what a service provides and why.

Security Threat Perceptions

SOHO Enterprise High Security

Policies Environmental Developmental Policy Deploymental Policy HR Policy

Security Digital Certificates SSL SET Kerberos IPSec VPN EMV Firewall IDS

Security Size, Spread, Low IT Literacy , Lack of IT Culture

etc increases risk More the channels more security vulnerabilities More the spread more the vulnerabilities Faster the rate of change greater the risk Increased connectivity increased risk

To protect company assets, To gain a competitive advantage, To comply with regulatory requirements, To keep your job

Authentication technologies – centralised authentication mgt, Centralised channel mgt, No Software for Fraud Mgt

Security Security at End point – Transport – Decision

Making Points Layered Security – Local Desktop / Server /

LAN, WAN, Data Center, Network Security technology, Security culture (like CRM

Culture), Lead by example Security addressed only after its breach – one

can see that in airports Need for Security Policy, Security Framework Technological, Procedural/Organizational,

Human/Cultural, Audit

Mobile World More than 50 percent of jobs are mobile—away from

a physical office. In the United States, an average worker spends only

two days in formal training programs. To date, over 500 million Web-enabled mobile

phones have been shipped to customers. Multipurpose hand-held devices, such as PDAs and

cellphones, will out sell laptop and desktop computers combined by 2005.

The enterprise market for mobile computing is estimated at $30 billion.

Collaboration and the Emerging Virtual Workforce

IP Telephony and Mobility Instantaneous Online Communications:

Instant Messaging, Presence, and Blogging Web, Video, and Media Conferencing

Wireless World

Wireless devises from being passive to active devices

Mobile Computing with HDD, WiFi, Blue Tooth etc – connected to corporate , client networks

Business / Personal Data in Mobile Major Access point in Future

Thanks

towards high performance secure tech savvy organisation - chandrasekhar

Documents