SlideShare una empresa de Scribd logo

ISACA_21st century technologist

Descargar como PPTX, PDF
Donald Tabone
Donald Tabone
1 de 24
The 21st Century Technologist DONALD TABONE 12/03/2015 DTABONE@GMAIL.COM
A story of tech evolution  1986, Memotech 512s2  1990, Goldstar 286 12Mhz PC  1994, dan 486DX 66Mhz PC  … To a state wherein each family member (inc. my four year old) now has two or more electronic devices we use on a daily basis – connected to the web Have we all evolved into technologists?
Some recent stats..1 Sources: We are social - Social, Digital & Mobile in Europe, Feb 5 2015  In total we spend close to  6 Hours online!  Necessity vs. habit
Some recent stats..2  Regular internet users are 73.2% of the population aged 16 to 74 Sources: Internet access in 81% of Maltese households, Maltatoday, Mar 3 2015 We are social - Social, Digital & Mobile in Europe, Feb 5 2015
“ ” A thirsty crow found a pitcher containing some water, albeit too little and low to reach. As it seemed she would die within sight of the remedy, so the crow struck upon an idea to drop pebbles into the pitcher. The water level rose and the crow was able to drink. Necessity is the mother of invention – Aesop The crow and the pitcher And as tech continues to evolve so do businesses and the way we do business. Lest we forget, so does the technologist (out of necessity) …
Define: technologist  Pronunciation: /tɛkˈnɒlədʒɪst/  A specialist in the field of Information Technology  Information technology (IT) is the application of computers and telecommunications equipment to store, retrieve, transmit and manipulate data, often in the context of a business or other enterprise Which gave birth to what we like to call the IT professional …. (generically)
Zooming in  CTO/CIO  Systems/Infrastructure Engineer  IT Manager  Systems Administrator  Systems Support Executive  Developer / Software Engineer  Technical Architect  Information Security Analysts  Database Administrator  Network Engineer  Some duties include:  Ensuring business continuity  Ecommerce development  Establishing Legal safeguards  Managing teams  Improving process efficiency & effectiveness  Developing an IT and digital strategy  The identification & communication of IT risks  Budgeting Major distinction is between technologies that a firm seeks to actually develop to commercialize itself vs. technologies that support or enable a firm to carry out its ongoing operations
The challenges  RESOURCES Limited technical, human and financial resources  FOCUS Changing landscape of the business  PEOPLE Team management – performance and people problems  QUANTIFICATION Quantifying risks and proposed solutions  IT GOVERNANCE Policy implementation / establishing standards  SECURITY Justifying the need for security  CHANGE MANAGEMENT Acting as agents for change  SOLUTIONS AND TECHNOLOGY new technologies in favour of legacy systems  ANALYTICS Leveraging big data, BI and data mining techniques & TIME !
Supported by:
Resources  There is a technical solution for everything… BUT clearly we need  TIME TO DEVELOP / IMPLEMENT SOLUTIONS  FINANCING  HUMAN RESOURCES + KNOWLEDGE + ADEQUATE SKILL SETS  ADEQUATE SUPPOTING TECHNICAL INFRASTRUCTURE  How should we manage expectations? COBIT basic principle and identified IT resources Applications, Information, Infrastructure, People
Focus  Companies change focus too often  Adopt a ‘react or die’ approach  Doing things by default  As a consequence  Resources are spread thinly  Not dedicating enough time for any one project  Motivation & demoralisation issues ?  Overworked & underutilised staff ?  Productivity issues?  Perhaps we should be making our highest contribution where it really matters. Image source: http://www.amazon.com/Essentialism-The-Disciplined-Pursuit-Less/dp/0804137382
Focus Image source: http://www.amazon.com/Essentialism-The-Disciplined-Pursuit-Less/dp/0804137382
People  The organisation of team dynamics  Skill sets that are hard to find  Flexitime  Mobility  Device independence  Company hierarchy structure constraints
People  Does this apply to the evolution of a technologist?
Quantification (of risks)  Adopting a risk based approach to quantify risks is difficult to drive  Risks can be quantified when looked at from various angles:  Financial (though cost/benefit analysis)  Reputation  Business  Customer base  Loss of market share  Indirect / direct dependencies  Legal liability  Risks would always be relative to the business  Such an approach is also beneficial to prioritise
IT Governance  COBIT5 enables a company to take a holistic approach to IT Governance  Provides a structured control framework against which you can benchmark the activities in an IT Department
Security  Information security is often  Downplayed  Misunderstood  Taken for granted  Assumed to be only applicable in the digital world  Security awareness sessions are rare and very fruitful  The answer to – How secure are we? – is vague at the very minimum  The result of security exercises (when done) are often left on shelf 13  Sometimes we actually prefer NOT TO KNOW..  Security policies are rarely upheld or embraced and controls are ineffective  Balancing security and usability is a feat…  We prefer to take a reactive approach rather than proactive  The business always wins… Quote source: Executive Priorities – Balancing Security and Usability, Rafal Los, 17 Mar 2015 "No one should ever have to fight against a set of security tools to accomplish their job. Ever.” “ without security the business still most likely can survive. Without the business, security is unemployed.”
Change management  General resistance to change  The old adage of ‘if it ain’t broke, don’t fix it’ still very much applies Image source: Applying COBIT framework in change management, Madhav Kulkarni, CISA  Accelerants to the process of change management  Revamping of business strategies such as diversification, acquisitions, mergers  Competitive pressure  Rising customer expectation  Emergence of new tech
Solutions and technologies  We are living in a mobile-fist, cloud-first world  Cloud computing is driving business agility (positively)  Reducing (if not eliminating) capital expenditure  Transforming  Domiciling information out-of-the-office  But also creating increased dependencies on third parties Image source: Harvard Business Review, the digital transformation of business
Solutions and technologies Internet of Things (IoT) There is more risk being seen as wearables and other connected devices are increasingly making their way into the workplace  Embracing the benefits requires:  Preparation  Education  Governance Source: ISACA, Internet of Things: Risk and Value considerations
Analytics  Business Intelligence is driving management to take data driven decisions  BIG data allows management to gauge and benchmark performance in a wider context (rather than just local)  Analytics through data mining  Further allows the company to get to know its online audience  Provide better targeted products vs. a one size-fits-all approach  Understand and respond to customer concerns  Embrace customer engagement (on social media)  (Market) trends are easily deduced over time  Facilitates decisions related to diversification efforts  There must be an effort to transform data into information through management systems SOME FACTS  Data is increasing at nearly 50-80% year over year  Storage capacity is doubling every 18 months and dropping in cost by 50% a year Fact source: Introduction to Associative Information Systems, Jean Michel Letennier, CTO AtomicDB Corp.
 With doubt, with MANY CHALLENGES!  A plethora of designations to choose from (related to IT)  A warrantless profession that is continually evolving  And in need of several skill sets  Managerial  Business (development) oriented  Legal oriented  Technically savvy and up to date  Sanity is achieved with structure – by adopting a framework such as COBIT  Training, leading by example and a general can-do aptitude are essential  Communication in general is vital for survival Conclusion Where does all this leave the technologist? A FEW LESSONS LEARNT
In case you were wondering!
Thank you! DONALD TABONE 12/03/2015 DTABONE@GMAIL.COM

Recomendados

CIO Advisory Services Guide | White Paper from Brittenford Systems
CIO Advisory Services Guide | White Paper from Brittenford SystemsCIO Advisory Services Guide | White Paper from Brittenford Systems
CIO Advisory Services Guide | White Paper from Brittenford Systems
Brittenford Systems
 
Dit yvol3iss48
Dit yvol3iss48Dit yvol3iss48
Dit yvol3iss48
Rick Lemieux
 
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...
Livingstone Advisory
 
Analytics Service Framework
Analytics Service Framework Analytics Service Framework
Analytics Service Framework
Vishwanath Ramdas
 
Building the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your CompanyBuilding the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your Company
AIIM International
 
BIG DATA, small workforce
BIG DATA, small workforceBIG DATA, small workforce
BIG DATA, small workforce
Newton Day Uploads
 
Information Governance
Information GovernanceInformation Governance
Information Governance
Atle Skjekkeland
 
Understanding Data Backups
Understanding Data BackupsUnderstanding Data Backups
Understanding Data Backups
GFI Software
 

Recomendados

CIO Advisory Services Guide | White Paper from Brittenford Systems
CIO Advisory Services Guide | White Paper from Brittenford SystemsCIO Advisory Services Guide | White Paper from Brittenford Systems
CIO Advisory Services Guide | White Paper from Brittenford Systems
Brittenford Systems
 
Dit yvol3iss48
Dit yvol3iss48Dit yvol3iss48
Dit yvol3iss48
Rick Lemieux
 
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...
Livingstone Advisory
 
Analytics Service Framework
Analytics Service Framework Analytics Service Framework
Analytics Service Framework
Vishwanath Ramdas
 
Building the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your CompanyBuilding the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your Company
AIIM International
 
BIG DATA, small workforce
BIG DATA, small workforceBIG DATA, small workforce
BIG DATA, small workforce
Newton Day Uploads
 
Information Governance
Information GovernanceInformation Governance
Information Governance
Atle Skjekkeland
 
Understanding Data Backups
Understanding Data BackupsUnderstanding Data Backups
Understanding Data Backups
GFI Software
 
From Chaos to Catalyst
From Chaos to CatalystFrom Chaos to Catalyst
From Chaos to Catalyst
Cognizant
 
Becoming a Software-Centric Business - Best Path Forward in an Uncertain Post...
Becoming a Software-Centric Business - Best Path Forward in an Uncertain Post...Becoming a Software-Centric Business - Best Path Forward in an Uncertain Post...
Becoming a Software-Centric Business - Best Path Forward in an Uncertain Post...
Cognizant
 
Deloitte Tech Trends 2013
Deloitte Tech Trends 2013Deloitte Tech Trends 2013
Deloitte Tech Trends 2013
Ruben Dario Diaz
 
Brighttalk getting back on track - final
Brighttalk getting back on track - finalBrighttalk getting back on track - final
Brighttalk getting back on track - final
Andrew White
 
Highlights from the EMC & VMware CIO Summit
Highlights from the EMC & VMware CIO SummitHighlights from the EMC & VMware CIO Summit
Highlights from the EMC & VMware CIO Summit
EMC
 
The it department pain
The it department painThe it department pain
The it department pain
john coaxum
 
District Office of Info and KM - Proposed - by Joel Magnussen - 2004
District Office of Info and KM - Proposed - by Joel Magnussen - 2004District Office of Info and KM - Proposed - by Joel Magnussen - 2004
District Office of Info and KM - Proposed - by Joel Magnussen - 2004
Peter Stinson
 
Microsoft Core Infratructure
Microsoft Core InfratructureMicrosoft Core Infratructure
Microsoft Core Infratructure
irvin1969
 
MTW03011USEN.PDF
MTW03011USEN.PDFMTW03011USEN.PDF
MTW03011USEN.PDF
Marisol Rawlins
 
EMB Briefings_technology_risk management final
EMB Briefings_technology_risk management finalEMB Briefings_technology_risk management final
EMB Briefings_technology_risk management final
Mike Wilkinson
 
Overcoming The Legacy Technology Trap
Overcoming The Legacy Technology TrapOvercoming The Legacy Technology Trap
Overcoming The Legacy Technology Trap
Accenture Insurance
 
Investing in AI: Moving Along the Digital Maturity Curve
Investing in AI: Moving Along the Digital Maturity CurveInvesting in AI: Moving Along the Digital Maturity Curve
Investing in AI: Moving Along the Digital Maturity Curve
Cognizant
 
Data Con LA 2019 - Innovating with Data by Joey Beitdashtoo
Data Con LA 2019 - Innovating with Data by Joey BeitdashtooData Con LA 2019 - Innovating with Data by Joey Beitdashtoo
Data Con LA 2019 - Innovating with Data by Joey Beitdashtoo
Data Con LA
 
ILTA 2014: LexisNexis Software Company Update
ILTA 2014: LexisNexis Software Company UpdateILTA 2014: LexisNexis Software Company Update
ILTA 2014: LexisNexis Software Company Update
LexisNexis Software Division
 
Finance Crunsh Time Reporting | Deloitte India
Finance Crunsh Time Reporting | Deloitte IndiaFinance Crunsh Time Reporting | Deloitte India
Finance Crunsh Time Reporting | Deloitte India
aakash malhotra
 
Aiim ibm advanced casemanagement-2013-01
Aiim ibm advanced casemanagement-2013-01Aiim ibm advanced casemanagement-2013-01
Aiim ibm advanced casemanagement-2013-01
Katleen Aems
 
Trends in Technology for the year 2014
Trends in Technology for the year 2014Trends in Technology for the year 2014
Trends in Technology for the year 2014
Winston DeLoney
 
Workforce 2025 - Financial Services Skills & Roles Of The Future
Workforce 2025 - Financial Services Skills & Roles Of The FutureWorkforce 2025 - Financial Services Skills & Roles Of The Future
Workforce 2025 - Financial Services Skills & Roles Of The Future
Accenture Insurance
 
3 Secrets to Becoming a Predictive Enterprise
3 Secrets to Becoming a Predictive Enterprise3 Secrets to Becoming a Predictive Enterprise
3 Secrets to Becoming a Predictive Enterprise
Decision Management Solutions
 
The Realm Of Digital Forensics
The Realm Of Digital ForensicsThe Realm Of Digital Forensics
The Realm Of Digital Forensics
Donald Tabone
 
Survey & Review of Digital Forensic
Survey & Review of Digital ForensicSurvey & Review of Digital Forensic
Survey & Review of Digital Forensic
Aung Thu Rha Hein
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital Forensics
Anyck Turgeon, CFE/GRCP/CEFI/CCIP/C|CISO/CBA
 

Más contenido relacionado

La actualidad más candente

Brighttalk getting back on track - final
Brighttalk getting back on track - finalBrighttalk getting back on track - final
Brighttalk getting back on track - final
Andrew White
 
The it department pain
The it department painThe it department pain
The it department pain
john coaxum
 
EMB Briefings_technology_risk management final
EMB Briefings_technology_risk management finalEMB Briefings_technology_risk management final
EMB Briefings_technology_risk management final
Mike Wilkinson
 
Aiim ibm advanced casemanagement-2013-01
Aiim ibm advanced casemanagement-2013-01Aiim ibm advanced casemanagement-2013-01
Aiim ibm advanced casemanagement-2013-01
Katleen Aems
 

La actualidad más candente (19)

From Chaos to Catalyst
From Chaos to CatalystFrom Chaos to Catalyst
From Chaos to Catalyst
 
Becoming a Software-Centric Business - Best Path Forward in an Uncertain Post...
Becoming a Software-Centric Business - Best Path Forward in an Uncertain Post...Becoming a Software-Centric Business - Best Path Forward in an Uncertain Post...
Becoming a Software-Centric Business - Best Path Forward in an Uncertain Post...
 
Deloitte Tech Trends 2013
Deloitte Tech Trends 2013Deloitte Tech Trends 2013
Deloitte Tech Trends 2013
 
Brighttalk getting back on track - final
Brighttalk getting back on track - finalBrighttalk getting back on track - final
Brighttalk getting back on track - final
 
Highlights from the EMC & VMware CIO Summit
Highlights from the EMC & VMware CIO SummitHighlights from the EMC & VMware CIO Summit
Highlights from the EMC & VMware CIO Summit
 
The it department pain
The it department painThe it department pain
The it department pain
 
District Office of Info and KM - Proposed - by Joel Magnussen - 2004
District Office of Info and KM - Proposed - by Joel Magnussen - 2004District Office of Info and KM - Proposed - by Joel Magnussen - 2004
District Office of Info and KM - Proposed - by Joel Magnussen - 2004
 
Microsoft Core Infratructure
Microsoft Core InfratructureMicrosoft Core Infratructure
Microsoft Core Infratructure
 
MTW03011USEN.PDF
MTW03011USEN.PDFMTW03011USEN.PDF
MTW03011USEN.PDF
 
EMB Briefings_technology_risk management final
EMB Briefings_technology_risk management finalEMB Briefings_technology_risk management final
EMB Briefings_technology_risk management final
 
Overcoming The Legacy Technology Trap
Overcoming The Legacy Technology TrapOvercoming The Legacy Technology Trap
Overcoming The Legacy Technology Trap
 
Investing in AI: Moving Along the Digital Maturity Curve
Investing in AI: Moving Along the Digital Maturity CurveInvesting in AI: Moving Along the Digital Maturity Curve
Investing in AI: Moving Along the Digital Maturity Curve
 
Data Con LA 2019 - Innovating with Data by Joey Beitdashtoo
Data Con LA 2019 - Innovating with Data by Joey BeitdashtooData Con LA 2019 - Innovating with Data by Joey Beitdashtoo
Data Con LA 2019 - Innovating with Data by Joey Beitdashtoo
 
ILTA 2014: LexisNexis Software Company Update
ILTA 2014: LexisNexis Software Company UpdateILTA 2014: LexisNexis Software Company Update
ILTA 2014: LexisNexis Software Company Update
 
Finance Crunsh Time Reporting | Deloitte India
Finance Crunsh Time Reporting | Deloitte IndiaFinance Crunsh Time Reporting | Deloitte India
Finance Crunsh Time Reporting | Deloitte India
 
Aiim ibm advanced casemanagement-2013-01
Aiim ibm advanced casemanagement-2013-01Aiim ibm advanced casemanagement-2013-01
Aiim ibm advanced casemanagement-2013-01
 
Trends in Technology for the year 2014
Trends in Technology for the year 2014Trends in Technology for the year 2014
Trends in Technology for the year 2014
 
Workforce 2025 - Financial Services Skills & Roles Of The Future
Workforce 2025 - Financial Services Skills & Roles Of The FutureWorkforce 2025 - Financial Services Skills & Roles Of The Future
Workforce 2025 - Financial Services Skills & Roles Of The Future
 
3 Secrets to Becoming a Predictive Enterprise
3 Secrets to Becoming a Predictive Enterprise3 Secrets to Becoming a Predictive Enterprise
3 Secrets to Becoming a Predictive Enterprise
 

Destacado

Cyber forensic standard operating procedures
Cyber forensic standard operating proceduresCyber forensic standard operating procedures
Cyber forensic standard operating procedures
Soumen Debgupta
 

Destacado (7)

The Realm Of Digital Forensics
The Realm Of Digital ForensicsThe Realm Of Digital Forensics
The Realm Of Digital Forensics
 
Survey & Review of Digital Forensic
Survey & Review of Digital ForensicSurvey & Review of Digital Forensic
Survey & Review of Digital Forensic
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital Forensics
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Digital Crime & Forensics - Report
Digital Crime & Forensics - ReportDigital Crime & Forensics - Report
Digital Crime & Forensics - Report
 
Cyber forensic standard operating procedures
Cyber forensic standard operating proceduresCyber forensic standard operating procedures
Cyber forensic standard operating procedures
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
 

Similar a ISACA_21st century technologist

CIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonCIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 Watson
Patricia M Watson
 
Cleveland Sight Center_low res
Cleveland Sight Center_low resCleveland Sight Center_low res
Cleveland Sight Center_low res
Michael McManamon
 
A Guide to CIO Advisory Services
A Guide to CIO Advisory ServicesA Guide to CIO Advisory Services
A Guide to CIO Advisory Services
Wipfli LLP/Brittenford Systems Inc.
 
00 14092011-0900-derick-de leo
00 14092011-0900-derick-de leo00 14092011-0900-derick-de leo
00 14092011-0900-derick-de leo
guiabusinessmedia
 
Organizational Behavior Question#3
Organizational Behavior Question#3Organizational Behavior Question#3
Organizational Behavior Question#3
Waseem Saeed
 
Project 3 – Hollywood and IT· Find 10 incidents of Hollywood p.docx
Project 3 – Hollywood and IT· Find 10 incidents of Hollywood p.docxProject 3 – Hollywood and IT· Find 10 incidents of Hollywood p.docx
Project 3 – Hollywood and IT· Find 10 incidents of Hollywood p.docx
stilliegeorgiana
 

Similar a ISACA_21st century technologist (20)

CIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonCIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 Watson
 
Afinal o que é Big data?
Afinal o que é Big data?Afinal o que é Big data?
Afinal o que é Big data?
 
Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11
 
Managing Storage - Cost, Governance, Risk and the Environment
Managing Storage - Cost, Governance, Risk and the EnvironmentManaging Storage - Cost, Governance, Risk and the Environment
Managing Storage - Cost, Governance, Risk and the Environment
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security Risk
 
Mis 012
Mis 012Mis 012
Mis 012
 
Mis 999
Mis 999Mis 999
Mis 999
 
Cleveland Sight Center_low res
Cleveland Sight Center_low resCleveland Sight Center_low res
Cleveland Sight Center_low res
 
Thinking about VC themes
Thinking about VC themesThinking about VC themes
Thinking about VC themes
 
A Guide to CIO Advisory Services
A Guide to CIO Advisory ServicesA Guide to CIO Advisory Services
A Guide to CIO Advisory Services
 
Demonstrating Big Value in Big Data with New Analytics Approaches
Demonstrating Big Value in Big Data with New Analytics ApproachesDemonstrating Big Value in Big Data with New Analytics Approaches
Demonstrating Big Value in Big Data with New Analytics Approaches
 
00 14092011-0900-derick-de leo
00 14092011-0900-derick-de leo00 14092011-0900-derick-de leo
00 14092011-0900-derick-de leo
 
The Joy Of Bits
The Joy Of BitsThe Joy Of Bits
The Joy Of Bits
 
Analytics Trends 20145 - Deloitte - us-da-analytics-analytics-trends-2015
Analytics Trends 20145 - Deloitte - us-da-analytics-analytics-trends-2015Analytics Trends 20145 - Deloitte - us-da-analytics-analytics-trends-2015
Analytics Trends 20145 - Deloitte - us-da-analytics-analytics-trends-2015
 
Organizational Behavior Question#3
Organizational Behavior Question#3Organizational Behavior Question#3
Organizational Behavior Question#3
 
IT Solutions for 3 Common Small Business Problems
IT Solutions for 3 Common Small Business ProblemsIT Solutions for 3 Common Small Business Problems
IT Solutions for 3 Common Small Business Problems
 
The IT archipelago
The IT archipelagoThe IT archipelago
The IT archipelago
 
Project 3 – Hollywood and IT· Find 10 incidents of Hollywood p.docx
Project 3 – Hollywood and IT· Find 10 incidents of Hollywood p.docxProject 3 – Hollywood and IT· Find 10 incidents of Hollywood p.docx
Project 3 – Hollywood and IT· Find 10 incidents of Hollywood p.docx
 
Modern IT: Keeping Pace in a Cloud-First World
Modern IT: Keeping Pace in a Cloud-First WorldModern IT: Keeping Pace in a Cloud-First World
Modern IT: Keeping Pace in a Cloud-First World
 
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
 

Más de Donald Tabone

Manning Information Security Strategy
Manning Information Security StrategyManning Information Security Strategy
Manning Information Security Strategy
Donald Tabone
 
MARM State of Security v2
MARM State of Security v2MARM State of Security v2
MARM State of Security v2
Donald Tabone
 

Más de Donald Tabone (7)

Manning Information Security Strategy
Manning Information Security StrategyManning Information Security Strategy
Manning Information Security Strategy
 
ICTSA v2
ICTSA v2ICTSA v2
ICTSA v2
 
ELPUB_2015
ELPUB_2015ELPUB_2015
ELPUB_2015
 
MARM State of Security v2
MARM State of Security v2MARM State of Security v2
MARM State of Security v2
 
Selling security to the C-level
Selling security to the C-levelSelling security to the C-level
Selling security to the C-level
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
Mca Erg Oct 09
Mca Erg Oct 09Mca Erg Oct 09
Mca Erg Oct 09
 

ISACA_21st century technologist

  • 1. The 21st Century Technologist DONALD TABONE 12/03/2015 DTABONE@GMAIL.COM
  • 2. A story of tech evolution  1986, Memotech 512s2  1990, Goldstar 286 12Mhz PC  1994, dan 486DX 66Mhz PC  … To a state wherein each family member (inc. my four year old) now has two or more electronic devices we use on a daily basis – connected to the web Have we all evolved into technologists?
  • 3. Some recent stats..1 Sources: We are social - Social, Digital & Mobile in Europe, Feb 5 2015  In total we spend close to  6 Hours online!  Necessity vs. habit
  • 4. Some recent stats..2  Regular internet users are 73.2% of the population aged 16 to 74 Sources: Internet access in 81% of Maltese households, Maltatoday, Mar 3 2015 We are social - Social, Digital & Mobile in Europe, Feb 5 2015
  • 5. “ ” A thirsty crow found a pitcher containing some water, albeit too little and low to reach. As it seemed she would die within sight of the remedy, so the crow struck upon an idea to drop pebbles into the pitcher. The water level rose and the crow was able to drink. Necessity is the mother of invention – Aesop The crow and the pitcher And as tech continues to evolve so do businesses and the way we do business. Lest we forget, so does the technologist (out of necessity) …
  • 6. Define: technologist  Pronunciation: /tɛkˈnɒlədʒɪst/  A specialist in the field of Information Technology  Information technology (IT) is the application of computers and telecommunications equipment to store, retrieve, transmit and manipulate data, often in the context of a business or other enterprise Which gave birth to what we like to call the IT professional …. (generically)
  • 7. Zooming in  CTO/CIO  Systems/Infrastructure Engineer  IT Manager  Systems Administrator  Systems Support Executive  Developer / Software Engineer  Technical Architect  Information Security Analysts  Database Administrator  Network Engineer  Some duties include:  Ensuring business continuity  Ecommerce development  Establishing Legal safeguards  Managing teams  Improving process efficiency & effectiveness  Developing an IT and digital strategy  The identification & communication of IT risks  Budgeting Major distinction is between technologies that a firm seeks to actually develop to commercialize itself vs. technologies that support or enable a firm to carry out its ongoing operations
  • 8. The challenges  RESOURCES Limited technical, human and financial resources  FOCUS Changing landscape of the business  PEOPLE Team management – performance and people problems  QUANTIFICATION Quantifying risks and proposed solutions  IT GOVERNANCE Policy implementation / establishing standards  SECURITY Justifying the need for security  CHANGE MANAGEMENT Acting as agents for change  SOLUTIONS AND TECHNOLOGY new technologies in favour of legacy systems  ANALYTICS Leveraging big data, BI and data mining techniques & TIME !
  • 10. Resources  There is a technical solution for everything… BUT clearly we need  TIME TO DEVELOP / IMPLEMENT SOLUTIONS  FINANCING  HUMAN RESOURCES + KNOWLEDGE + ADEQUATE SKILL SETS  ADEQUATE SUPPOTING TECHNICAL INFRASTRUCTURE  How should we manage expectations? COBIT basic principle and identified IT resources Applications, Information, Infrastructure, People
  • 11. Focus  Companies change focus too often  Adopt a ‘react or die’ approach  Doing things by default  As a consequence  Resources are spread thinly  Not dedicating enough time for any one project  Motivation & demoralisation issues ?  Overworked & underutilised staff ?  Productivity issues?  Perhaps we should be making our highest contribution where it really matters. Image source: http://www.amazon.com/Essentialism-The-Disciplined-Pursuit-Less/dp/0804137382
  • 13. People  The organisation of team dynamics  Skill sets that are hard to find  Flexitime  Mobility  Device independence  Company hierarchy structure constraints
  • 14. People  Does this apply to the evolution of a technologist?
  • 15. Quantification (of risks)  Adopting a risk based approach to quantify risks is difficult to drive  Risks can be quantified when looked at from various angles:  Financial (though cost/benefit analysis)  Reputation  Business  Customer base  Loss of market share  Indirect / direct dependencies  Legal liability  Risks would always be relative to the business  Such an approach is also beneficial to prioritise
  • 16. IT Governance  COBIT5 enables a company to take a holistic approach to IT Governance  Provides a structured control framework against which you can benchmark the activities in an IT Department
  • 17. Security  Information security is often  Downplayed  Misunderstood  Taken for granted  Assumed to be only applicable in the digital world  Security awareness sessions are rare and very fruitful  The answer to – How secure are we? – is vague at the very minimum  The result of security exercises (when done) are often left on shelf 13  Sometimes we actually prefer NOT TO KNOW..  Security policies are rarely upheld or embraced and controls are ineffective  Balancing security and usability is a feat…  We prefer to take a reactive approach rather than proactive  The business always wins… Quote source: Executive Priorities – Balancing Security and Usability, Rafal Los, 17 Mar 2015 "No one should ever have to fight against a set of security tools to accomplish their job. Ever.” “ without security the business still most likely can survive. Without the business, security is unemployed.”
  • 18. Change management  General resistance to change  The old adage of ‘if it ain’t broke, don’t fix it’ still very much applies Image source: Applying COBIT framework in change management, Madhav Kulkarni, CISA  Accelerants to the process of change management  Revamping of business strategies such as diversification, acquisitions, mergers  Competitive pressure  Rising customer expectation  Emergence of new tech
  • 19. Solutions and technologies  We are living in a mobile-fist, cloud-first world  Cloud computing is driving business agility (positively)  Reducing (if not eliminating) capital expenditure  Transforming  Domiciling information out-of-the-office  But also creating increased dependencies on third parties Image source: Harvard Business Review, the digital transformation of business
  • 20. Solutions and technologies Internet of Things (IoT) There is more risk being seen as wearables and other connected devices are increasingly making their way into the workplace  Embracing the benefits requires:  Preparation  Education  Governance Source: ISACA, Internet of Things: Risk and Value considerations
  • 21. Analytics  Business Intelligence is driving management to take data driven decisions  BIG data allows management to gauge and benchmark performance in a wider context (rather than just local)  Analytics through data mining  Further allows the company to get to know its online audience  Provide better targeted products vs. a one size-fits-all approach  Understand and respond to customer concerns  Embrace customer engagement (on social media)  (Market) trends are easily deduced over time  Facilitates decisions related to diversification efforts  There must be an effort to transform data into information through management systems SOME FACTS  Data is increasing at nearly 50-80% year over year  Storage capacity is doubling every 18 months and dropping in cost by 50% a year Fact source: Introduction to Associative Information Systems, Jean Michel Letennier, CTO AtomicDB Corp.
  • 22.  With doubt, with MANY CHALLENGES!  A plethora of designations to choose from (related to IT)  A warrantless profession that is continually evolving  And in need of several skill sets  Managerial  Business (development) oriented  Legal oriented  Technically savvy and up to date  Sanity is achieved with structure – by adopting a framework such as COBIT  Training, leading by example and a general can-do aptitude are essential  Communication in general is vital for survival Conclusion Where does all this leave the technologist? A FEW LESSONS LEARNT