2. 2
A CIO perspective:
investment decisions and the
future for technology for associations
Paul Costelloe
Technology for Associations June 2015
3. 3
Agenda
Embracing digital transformation: Creating an IT readiness
strategy
Overcoming the Associations investment hurdle: nice to
have vs need to have financial decisions
Gaining senior management and full organisational support
for IT transformation investments for ROI
Coming out of the silo: which parts of the organisation
does technology need to reach
Supporting external project management
4. CIO Forum
Sweden
Hellenic
CIO Forum
4
Tübiyad
Turkey
• EuroCIO was created by CIOs for
CIOs in 2004.
• An international not-for-profit
association, registered in Brussels
• Governance by members
• 25 direct members
• 11 National CIO Bodies
• 900+ consolidated members
• > 300,000 IT employees
• 14 European countries
• Consolidated IT budgets in excess
of €150 billion
(*) Co-founder
EuroCIO
CIGREF (*)
France
CIO Platform
The Netherlands
Corporate
IT Forum
UK
CIOforum
Belgian Business
VISZ
Hungary
VOICE
Germany
AICA
Italy
European CIO Association
CIO Club
Bulgaria
7. 7
Four Councils
Supplier Relationship Council
Licencing, product strategy, maintenance - IT vendors
Cloud Computing Council
Official stakeholder in E.U., EU Cloud Partnership, ETSI
programmes
HR and Education Council
EeSA co-chair, CEN steering committee
Education Program
(MBA, Architecture & Security Courses)
Cyber Security Council
Official stakeholder in EU; ENISA / CERT-EU
Make the
business case
Project
management
8. 8
Key European Organisations
European Cloud Partnership
- Cloud providers and EuroCIO
European Union Network and Information Security Agency
(ENISA)
- Cloud Security & Resilience Expert Group
- Produce guidelines for cloud implementation (Public sector / SME)
Cyber Emergency Response Team (CERT-EU)
- Incident response / threat advisories
Europol
- Cyber criminal investigations
9. 9
Cloud Consultation Project
Consultation on specific key actions of the
European Cloud Strategy with business
users of cloud computing services
Directorate General
Communications Networks, Content and Technology
(CNECT)
10. 10
EC Policies and Standards
• Data Protection - Code of Conduct for Cloud Service Providers
- Cloud Select Industry Group (C-SIG)
• Cloud Computing Certification Schemes Metaframework (CCSM),
complemented by Cloud Computing Certification Schemes List (CCSL)
- ENISA (European Union Network and Information Security Agency)
• Cloud Standards Coordination - Final Report
“Cutting through the Jungle of Standards”
- European Telecommunications Standardization Institute
• Cloud Services Level Agreement Standardization Guidelines
- Cloud Select Industry Group (C-SIG)
11. 11
Governance Frameworks
• Control objectives for Information and Related Technology (COBIT)
• RiskIT / ValIT
• IT Infrastructure Library (ITIL)
• E-Competence Framework / Skills Framework for the Information Age
• Industry-specific / regulatory e.g. PCI-DSS
A common terminology based on recognised standards
13. Protection and security, every organisation needs it.
About CIPROS International:
CIPROS International is a Security Vulnerability and Risk Management company specialising in
critical infrastructure protection, defending information systems from cyber-attacks and related
business services.
We provide a comprehensive range of services to meet the needs of our clients, spanning a number
of highly volatile industry sectors, including Energy and Utilities, Sport and Sport Regulation,
Insurance and Financial Services, as well as many others.
Our People:
At CIPROS International, we pride ourselves on the quality, integrity and professionalism of all our
people. Our team of experienced professionals come from trusted, confidential and secure business
operational backgrounds, including Security Services, Police, Military, Legal, IT and Finance.
www.ciprosinternational.com
15. 15
Board of Directors
Freddy Van Den Wyngaert (Agfa-Gevaert) – President
Ali Malaz - Tübiyad (Turkey)
Sjourd Wijdeveld (Wavin) – CIO Platform (NL)
Peter Braun (OTP Bank) – VISZ (Hungary)
Bruno Brocheton (EuroDisney) – CIGREF (France)
Gloria Gazzano (SNAM) – AICA (Italy)
Joss Delissen (PostNord) – CIO Forum (Sweden)
Thomas Endres - VOICE e.V. (Germany)
Michael Gorriz (Daimler AG)
Christian Pagel (SGL Carbon)
Dario Scrosoppi (Generali)
Peter Hagedoorn – Secretary General
16. 16
Objectives
- Creating a European platform for CIO level and senior IT professionals.
- Sharing knowledge and experience via Councils, webmeetings, papers,
etc.
- Providing information on the Association to the outside world (European
Commission, IT-vendors)
- Creating a coherent, cross-national framework between the national IT-
demand organizations and between them and European institutions or
organisations.
- Lobbying at and assisting European Union regulatory authorities, other
international authorities, academics and public bodies in or outside
Europe.
- Getting organised through Councils or other means at European level.
- Communicating with the media at European level.
- Expanding the activities to those European countries which do not have
an organized IT-demand organization