Tag Archives: Conference preview

The Open Group Conference in Sydney Plenary Sessions Preview

By The Open Group Conference Team

Taking place April 15-18, 2013, The Open Group Conference in Sydney will bring together industry experts to discuss the evolving role of Enterprise Architecture and how it transforms the enterprise. As the conference quickly approaches, let’s take a deeper look into the plenary sessions that kick-off day one and two. And if you haven’t already, register for The Open Group Conference in Sydney today!

Enterprise Transformation and the Role of Open Standards

By Allen Brown, President & CEO, The Open Group

Enterprise transformation seems to be gathering momentum within the Enterprise Architecture community.  The term, enterprise transformation, suggests the process of fundamentally changing an enterprise.  Sometimes the transformation is dramatic but for most of us it is a steady process. Allen will kick off the conference by discussing how to set expectations, the planning process for enterprise transformation and the role of standards, and provide an overview of ongoing projects by The Open Group’s members.

TOGAF® as a Powerful Took to Kick Start Business Transformation

By Peter Haviland, Chief Business Architect, and Martin Keywood, Partner, Ernst & Young

Business transformation is a tricky beast. It requires many people to work together toward a singular vision, and even more people to be aligned to an often multi-year execution program throughout which personal and organizational priorities will change. As a firm with considerable Business Architecture and transformation experience, Ernst & Young (EY) deploys multi-disciplinary teams of functional and technical experts and uses a number of approaches, anchored on TOGAF framework, to address these issues. This is necessary to get a handle on the complexity inherent to today’s business environment so that stakeholders are aligned and remain actively engaged, past investments in both processes and systems can be maximized, and transformation programs are set up for success and can be driven with sustained momentum.

In this session Peter and Martin will take us through EY’s Transformation Design approach – an approach that, within 12 weeks, can define a transformation vision, get executives on board, create a high level multi-domain architecture, broadly outline transformation alternatives and finally provide initial estimates of the necessary work packages to achieve transformation. They will also share case studies and metrics from the approach of financial services, oil and gas and professional services sectors. The session should interest executives looking to increase buy-in amongst their peers or professionals charged with stakeholder engagement and alignment. It will also show how to use the TOGAF framework within this situation.

Building a More Cohesive Organization Using Business Architecture

 By Craig Martin, COO & Chief Architect, Enterprise Architects

In shifting the focus away from Enterprise Architecture being seen purely as an IT discipline, organizations are beginning to formalize the development of Business Architecture practices and outcomes. The Open Group has made the differentiation between business, IT and enterprise architects through various working groups and certification tracks. However, industry at present is grappling to try to understand where the discipline of Business Architecture resides in the business and what value it can provide separate of the traditional project based business analysis focus.

Craig will provide an overview of some of the critical questions being asked by businesses and how these are addressed through Business Architecture. Using both method as well as case study examples, he will show an approach to building more cohesion across the business landscape. Craig will focus on the use of business motivation models, strategic scenario planning and capability based planning techniques to provide input into the strategic planning process.

Other plenary speakers include:

  • Capability Based Strategic Planning in Transforming a Mining Environment by David David, EA Manager, Rio Tinto
  • Development of the National Broadband Network IT Architecture – A Greenfield Telco Transformation by Roger Venning, Chief IT Architect, NBN Co. Ltd
  • Business Architecture in Finance Panel moderated by Chris Forde, VP Enterprise Architecture, The Open Group

More details about the conference can be found here: http://www.opengroup.org/sydney2013

1 Comment

Filed under Conference

3 Steps to Proactively Address Board-Level Security Concerns

By E.G. Nadhan, HP

Last month, I shared the discussions that ensued in a Tweet Jam conducted by The Open Group on Big Data and Security where the key takeaway was: Protecting Data is Good.  Protecting Information generated from Big Data is priceless.  Security concerns around Big Data continue to the extent that it has become a Board-level concern as explained in this article in ComputerWorldUK.  Board-level concerns must be addressed proactively by enterprises.  To do so, enterprises must provide the business justification for such proactive steps needed to address such board-level concerns.

Nadhan blog image

At The Open Group Conference in Sydney in April, the session on “Which information risks are shaping our lives?” by Stephen Singam, Chief Technology Officer, HP Enterprise Security Services, Australia provides great insight on this topic.  In this session, Singam analyzes the current and emerging information risks while recommending a proactive approach to address them head-on with adversary-centric solutions.

The 3 steps that enterprises must take to proactively address security concerns are below:

Computing the cost of cyber-crime

The HP Ponemon 2012 Cost of Cyber Crime Study revealed that cyber attacks have more than doubled in a three year period with the financial impact increasing by nearly 40 percent. Here are the key takeaways from this research:

  • Cyber-crimes continue to be costly. The average annualized cost of cyber-crime for 56 organizations is $8.9 million per year, with a range of $1.4 million to $46 million.
  • Cyber attacks have become common occurrences. Companies experienced 102 successful attacks per week and 1.8 successful attacks per company per week in 2012.
  • The most costly cyber-crimes are those caused by denial of service, malicious insiders and web-based attacks.

When computing the cost of cyber-crime, enterprises must address direct, indirect and opportunity costs that result from the loss or theft of information, disruption to business operations, revenue loss and destruction of property, plant and equipment. The following phases of combating cyber-crime must also be factored in to comprehensively determine the total cost:

  1. Detection of patterns of behavior indicating an impending attack through sustained monitoring of the enabling infrastructure
  2. Investigation of the security violation upon occurrence to determine the underlying root cause and take appropriate remedial measures
  3. Incident response to address the immediate situation at hand, communicate the incidence of the attack raise all applicable alerts
  4. Containment of the attack by controlling its proliferation across the enterprise
  5. Recovery from the damages incurred as a result of the attack to ensure ongoing business operations based upon the business continuity plans in place

Identifying proactive steps that can be taken to address cyber-crime

  1. “Better get security right,” says HP Security Strategist Mary Ann Mezzapelle in her keynote on Big Data and Security at The Open Group Conference in Newport Beach. Asserting that proactive risk management is the most effective approach, Mezzapelle challenged enterprises to proactively question the presence of shadow IT, data ownership, usage of security tools and standards while taking a comprehensive approach to security end-to-end within the enterprise.
  2. Art Gilliland suggested that learning from cyber criminals and understanding their methods in this ZDNet article since the very frameworks enterprises strive to comply with (such as ISO and PCI) set a low bar for security that adversaries capitalize on.
  3. Andy Ellis discussed managing risk with psychology instead of brute force in his keynote at the 2013 RSA Conference.
  4. At the same conference, in another keynote, world re-knowned game-designer and inventor of SuperBetter, Jane McGonigal suggested the application of the “collective intelligence” that gaming generates can combat security concerns.
  5. In this interview, Bruce Schneier, renowned security guru and author of several books including LIARS & Outliers, suggested “Bad guys are going to invent new stuff — whether we want them to or not.” Should we take a cue from Hollywood and consider the inception of OODA loop into the security hacker’s mind?

The Balancing Act.

Can enterprises afford to take such proactive steps? Or more importantly, can they afford not to?

Enterprises must define their risk management strategy and determine the proactive steps that are best in alignment with their business objectives and information security standards.  This will enable organizations to better assess the cost of execution for such measures.  While the actual cost is likely to vary by enterprise, inaction is not an acceptable alternative.  Like all other critical corporate initiatives, these proactive measures must receive the board-level attention they deserve.

Enterprises must balance the cost of executing such proactive measures against the potential cost of data loss and reputational harm. This will ensure that the right proactive measures are taken with executive support.

How about you?  Has your enterprise taken the steps to assess the cost of cybercrime?  Have you considered various proactive steps to combat cybercrime?  Share your thoughts with me in the comments section below.

NadhanHP Distinguished Technologist, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project. Twitter handle @NadhanAtHP.

1 Comment

Filed under Conference