Building the Bridge Between Strategy and Governance Aboard the IT Enterprise – An Interview with Kevin Gray of the City of Burbank

Building a Bridge Between Strategy and Governance Aboard the IT Enterprise – An Interview with Kevin Gray, CIO of the City of Burbank

Eleventh in a series of in-depth interviews with innovators and leaders in the fields of Risk, Compliance and Information Governance across the globe.


Kevin Gray is the Chief Information Officer for the City of Burbank, leading an IT department responsible for administrative and network management, geographic information systems and technical services for more than 1400 city employees across 15 departments. Before assuming this role he served as VP of Global Media and IT for Viacom, one of the world’s premier entertainment companies, overseeing an international team located across six continents. He received his Bachelor of Science from California State University, Long Beach and is a certified Scrum Master and PMP. I spoke with him over lunch this May about aligning governance with business strategy, balancing risks and opportunities in AI and his insights on career growth.


Kevin, you began your career path at Orion Pictures administering Unix systems and then directed data center ops for DreamWorks. How did this early hands-on experience with application design and DB administration prepare you for future IT leadership positions at Viacom and ultimately the CIO role with the City of Burbank?

Well I started out on a service desk actually, really at the entry levels in IT, and I’ve been lucky to have grown up through all aspects of it. I think climbing that ladder one rung at a time definitely helped give me a clear vision to see across all the disciplines of technology.  It enabled me to see the forest through the trees, the big picture, gave me the ability to design operations, develop strategy… and equipped me with a vision to incorporate it all. And now I can more thoughtfully pull together a clear plan for how to run an organization, understand how to innovate, how to drive change through both a specific business unit or an organization. Experience is what best prepared me to lead.

One of your focal points has always been the importance of properly aligning IT governance with an organization’s business strategy. What are some of the practical ways IT teams accomplish this goal and how critical is the relationship building component that accompanies that synchronicity?

I think the most practical way to accomplish this is to focus on the people. Focus on the people developing the strategy and look at how their business is trying to implement it, because the most important thing is to be in alignment with the shared goal, in alignment with the people you’re partnering with. You have to be a true partner with the business. And that has to be the focus, not the technology. The technology is the secondary piece. Technology is what you use to try to find the solution for the business problems that they’re trying to solve. And those business problems don’t always stay the same, they change. They change based on economic conditions, they change based on market conditions, they may change based on who might be occupying the seat that you’re trying to partner with.

smart-city-1200px

So, you have to stay close and you have to stay connected. That allows you to stay aligned. Then you can figure out the solutions that are going to help solve that business problem. You have to be agile. You have to be able to switch directions. When the business switches direction, you have to be able to switch direction. And I think too many times, IT organizations, they don’t stay connected. They believe that they’re trying to solve this business strategy, that they’re trying to solve the business’ problems. But then the business problems change, the strategies change, and they’re suddenly not connected and eventually they’re heading down the wrong direction for another three to six months, which is a lifetime in technology.

Keep Reading

Advertisements

Document Strategy Forum Next Week! My Session – Executing the Information Governance Strategy for the Post-Cloud World

Content. Communication. Strategy.

I’ve attended and spoken at many different “information management” conferences over the years and each has their strengths and weaknesses. But I’m especially excited to speak at DSF ’19 this year, sponsored by companies like OpenText, Quadient, Adobe, PitneyBowes and Doculabs. Why am I so thrilled? Besides the fact that I get to share my thoughts and experiences for the first time representing Compliance & Privacy Partners, this conference is practitioner driven, with a stellar board of advisors that has spent time with its presenters, making sure the content fits the program tracks AND elevates the conversation.

At the very heart of all the buzz surrounding “big data and artificial intelligence (AI) lives a universal truth- Information is the critical asset of every organization. Information flows through people and applications at such a rapid pace that it demands effective management. Enterprises are flying blind if they don’t have an information management strategy. It is impossible to understand customer needs and improve their experiences without the right information feeding decision making systems. Without proper management of info, employee engagement is doomed. The bottom line is that effective information management will dictate critical decisions for both internal and external facing processes that bring the intersection of employees and customers into context. –David Mario Smith in the latest Document Strategy Magazine

I’ll be presenting a best practices deck on Executing the Information Governance Strategy for the Post-Cloud World in the Automation of Information track, covering Records Compliance, Legal Hold Software and Enterprise Architecture Tools.

Agenda:

  • How to build and automate your Information Governance strategy using the right policies, technology, and stakeholders
  • How to recognize the right collaboration opportunities and strategically partner on the projects most likely to support and advance your agenda
  • What approaches to take when introducing your plans to senior leadership and how to effectively manage the optics around your contributions to your company’s bottom line

Tickets may be available if you act now but the event is quickly selling out. You can learn more here.

This slideshow requires JavaScript.

AvePoint - Migrate Manage Protect

Marketing The Moving Targets of Digital Transformations – An Interview with Dux Raymond Sy of AvePoint®

Marketing the Moving Targets of Digital Transformations – An Interview with Dux Raymond Sy of AvePoint

Tenth in a series of in-depth interviews with innovators and leaders in the fields of Risk, Compliance and Information Governance across the globe.


Dux Raymond Sy is the Chief Marketing Officer of Avepoint® and has successfully driven business and digital transformation initiatives for commercial, educational and public sector organizations across the globe. He’s a Microsoft Regional Director (RD), a Microsoft Most Valuable Professional (MVP) and has authored numerous books, articles and whitepapers on IT and business process strategy. He received his Bachelor of Science from Southern Polytechnic University in Telecommunications Engineering. I interviewed him recently about the unique challenges of marketing digital products and services, the future of cloud computing, O365 and the shifting IT career landscape.


Dux, Avepoint specializes in leveraging the breadth of Microsoft technologies including SharePoint and Office 365 to help companies migrate and manage their cloud, on-premises and hybrid environments. There are some trend reports indicating a few enterprises have shifted back toward hybrid stacks after overextending themselves in the cloud. Do you believe most enterprises eventually will evolve, or are there factors such as data protection that will always prevent full cloud adoption for certain entities?

When it comes to enterprise technology, we rarely move backwards. The cloud’s cost, scale, efficiency access, and yes, even security advantages, are too great for on-premises  or hybrid infrastructures to prevail long-term.  What I will say is the transformation will take much longer than the advertising of cloud providers would have you believe. Most organizations are not all-in the cloud today. We did a study in 2017 that showed about 70 percent of organizations were still in hybrid architectures. We sponsored a study with AIIM this year that showed 1 in 3 organizations is maintaining at least 2 versions of SharePoint. Attitudes towards the cloud have changed, now the conversation is mainly focused on how to get there rather than the why. 

Lastly, there are capabilities that the cloud offers that cannot be delivered on-premises s. Cloud-based advanced services, like machine learning, artificial intelligence, and data analytics, open new opportunities for technical teams to drive business value.

AvePoint and Office 365 - Information Governance Perspectives

The free e-book “Designed to Disrupt” unpacks this in full detail: https://azure.microsoft.com/en-us/resources/designed-to-disrupt-reimagine-your-apps-and-transform-your-industry/

How is Infrastructure, Platform and Software-as-a-Service changing the organizational hierarchy of IT departments, reporting structures and collaborative teams? Are companies beginning to hire more administrators and get along with fewer developers, architects and support staff? Where will the best IT jobs be in the next few years at the current pace?

This is a great question! My colleague Hunter Willis recent wrote a piece about this that sparked a huge debate on Twitter. What we have found is that people and organizations evolve more slowly than the technology. Right now, most organizations are just shifting on-premises  roles to the cloud. So if you were the SharePoint admin or the Exchange admin, you are now the SharePoint Online admin or Exchange Online admin. But what about applications that don’t exist on-premises ? Who owns PowerApps? This also ignores the advanced workloads and connections between apps that exist in the cloud. What you do in Microsoft Teams impacts your Exchange and vice versa. What organizations need, and we haven’t seen yet, is an Office 365 admin that truly owns the platform and looks at these platform wide issues. If were seeing some of these issues just within Office 365, imagine what we will see as multi-cloud architectures become more popular. The best IT jobs in the next few years will be business enablers who have a love of learning. You will need to be agile in the era of tech intensity.

Keep Reading

Building a Framework to Sustain the Coming IoT Tsunami – An Interview with Priya Keshav of Meru Data

Building a Framework to Sustain the Coming IoT Tsunami – An Interview with Priya Keshav of Meru Data

Ninth in a series of in-depth interviews with innovators and leaders in the fields of Risk, Compliance and Information Governance across the globe.


Priya Keshav is the founder and CEO of Meru Data LLC, a software company focused on building solutions that simplify and achieve corporate information governance goals. Prior to Meru, she was the leader of KPMG’s Forensic Technology Services Practice in the Southwest United States. She received her MBA from University of Florida’s Warrington College of Business Administration. I had the chance to sit down with her this January and discuss IG, the Internet of Things, consulting, and software development.


Priya, you’ve written extensively, often in collaboration with thought leaders in IG including Jason Baron, about the enormous ethical questions emerging from IoT. Do you think there is yet a universal, cross-industry awareness of these challenges or are business drivers in this area primarily the result of European or US regulatory pressures?

I think there is universal recognition that the use of IoT will bring unique challenges and ethical questions. However, I would not call this universal awareness or understanding at this point. The use of IoT is rapidly increasing, the solutions being developed are integrating multiple industries and we are just scratching the surface of what is possible with IoT. I think today, we are at a point where we recognize that some unique challenges are going to arise. I do not believe we have fully understood the nature of these challenges, especially as the uses and applications for IoT are rapidly evolving.

Both industry and regulators are at the same point – thinking about appropriate frameworks for discussing and addressing these challenges. I don’t believe regulatory pressures from either Europe or the US are the primary drivers for the growing awareness. It does seem regulators have more of a focus on the challenges while the industry focus is more around creating newer solutions. There are multiple efforts underway to understand challenges with IoT, driven by both industry and regulatory interest. However, I do not think this is primarily due to regulatory pressure. There is regulatory interest that has industry taking notice but even the industry is realizing the need to manage the unique challenges from the use of IoT. Existing regulations like the GDPR, COPA etc. obviously would apply to IoT. There is increased scrutiny and regulations around data privacy and security in general and that might look like there is increased regulation around IoT. However, there are very few IoT specific regulations like the California SB327.

Regulatory efforts around IoT to date have been more guidelines focused and have tried to not slow down the uptake of IoT. Examples include the recently issued NIST draft report on IoT cyber security standards that provides a great discussion of how risks from IoT are unique and how organizations could adapt their policies to handle this. There have also been integrated efforts with working groups to review existing IoT security standards and initiatives in the US (by the National Telecommunication and Information Administration) and in Europe (Working Group 3 formed by Alliance for Internet of Things Innovation). Other agencies like the the Consumer Products Safety Commission and the FTC have also been gathering comments on their roles in regulating IoT.

With the Meru Data platform, you’ve strived to develop a functional and reporting tool that simplifies and sustains data governance programs for your customers. Is most software today built around policy frameworks, such as FINRA compliance or privacy-by-design, and are these types of approaches even feasible amidst shifting customer wants and seemingly prescriptive laws like GDPR?

Keep Reading

Book Review: Infonomics – How to Monetize, Manage, and Measure Information As An Asset For Competitive Advantage by Douglas B. Laney

Are CFO’s finally ready to heed the advice of their Chief Data Officers and begin adding information assets to the balance sheet?

Although the commonly used quote “There is nothing more powerful than an idea whose time has come.” is regularly and erroneously misattributed to Victor Hugo, originating from his account of the French coup d’état of 1851 that brought Napoleon III to power, I feel it’s almost appropriate for Douglas B. Laney’s passionate argument on Infonomics. It’s an idea he’s been meticulously developing and arguing for almost two decades and has at last fully articulated in his latest book published by Taylor & Francis entitled Infonomics: How to Monetize, Manage, and Measure Information As An Asset For Competitive Advantage. Laney previously published his thoughts on Infonomics in Forbes back in 2012.

This brilliantly researched book, supported by industry giant Gartner, is steeped in both a mastery of information technology as well as economics, in particular accounting methodology and complementing business disciplines that range from supply chain economics to compliance frameworks.

Laney, with brevity and unfailing pragmatism, weaves his impressive understanding of the business of information, it’s flow and it’s enormous potential into a convincing pleading that I believe is a must read for not just the aspiring digerati, but any CFO, Chief Data Officer or executive hoping to survive and thrive in the Information Age.

Keep Reading

You Think You Don’t Know Enough About GDPR? You Are Right and Here’s How

The EU has taken the first step in protecting the data and privacy of its residents. Through the enactment of the General Data Protection Regulation (GDPR), people are now able to have the protection they are looking for online. This means changes for businesses everywhere that are planning to reach consumers in the EU.

Companies need to look at the way that they are handling the personal data of their customers and have an action plan in place to ensure their privacy is protected. Without a strong understanding of what the GDPR means and how it affects your business, you could find yourself in a situation with the EU that you didn’t count on.

Fifteen members of Forbes Technology Council discuss some of the more unexpected consequences of the new GDPR regulation. Here’s what they had to say:

1. Restriction Of Privacy And Innovation

GDPR is the latest version of Y2K compliance — long on speculation and fear, short on reality. In my opinion, regional enforcement of global technology is an impossibility and will restrict — not enhance — privacy, freedom and innovation. The result will be regions of non-compliance (GDPR havens), enormous expense and uncertainty. – Wayne LonsteinVFT Solutions

2. Roadblocks For Blockchain Data Storage

GDPR could impact the decisions and data sets being stored and collected in emerging private and public blockchains. This may create roadblocks for companies looking to embrace blockchain to store any data that may fall under GDPR. – Aaron VickCicayda

3. Opt-In Fatigue

One of the most unexpected consequences of GDPR is the wave of new regulations in jurisdictions outside of Europe, including California, New York and perhaps soon in Asia. Another unintended impact is “check the box” fatigue where opt-in consent language is presented so frequently on websites and apps that consumers don’t read the consents and just check the box, waiving their privacy rights. – Silvio Tavares, CardLinx Association

4. Poor Customer Service

One GDPR byproduct distortion or unintended consequence is excessive regulation leading to poor customer service. The pendulum has swung too far and will be moderated by citizen feedback. – Jeff BellLegalShield

5. Small Businesses Getting Hurt

The companies that are best prepared for GDPR are the big ones: Facebook, Google, Amazon — those that have the money to pour into their tech and legal teams for ultimate compliance. The small and medium-sized businesses, however, may be less prepared, making them more vulnerable to potential fines and penalties. – Thomas GriffinOptinMonster

6. The Slow Death Of Free Services

If a service is free, then your data is the product. We all love using Facebook, YouTube and the many other social media platforms. However, we fail to realize how these businesses operate. If regulations strangle business, then the alternative is a paid model. Just look at YouTube and how it’s strugglingwith its paid subscriptions. – Daniel Hindi, BuildFire

7. Talk About Similar Regulation In The U.S.

The most unintended consequence has been the multitudes of discussions about a similar impending regulation in the U.S. In fact, reading between the lines of Facebook’s testimony to Congress, it is clear to me that tech leaders realize more care ought to be given to sensitive data, and users should have more rights. They are preparing for coming regulation stateside. – Michael RoytmanKenna Security

Read more on Forbes:

https://www.forbes.com/sites/forbestechcouncil/2018/08/15/15-unexpected-consequences-of-gdpr/#2ce5537f94ad 

 

Digital Bondage and the Fallacy Of Work-Life Integration

Forget your elder’s sage advice on maintaining a good work-life balance. There’s a new patently absurd approach (promoted here by the time-strapped PhD’s at Berkeley Haas), and it’s spreading like wildfire throughout the business world. They call it… “Work-Life Integration!”

The term “Work-Life Integration” is so misleading because at this point we’re all enduring an increasing degree of overlap between our personal and professional lives. It may be sold to us as “convenience” but much of it is not exactly “optional.” This obsessive and all-in-one approach to time-management ends up usurping the little personal, spontaneous and family time we still have left.

It reminds me a little of Chris Rock’s famous bit on “Job v. Career.”

But not everybody is as fortunate as Chris and there’s a bigger impact to his lifestyle than he’s letting on in the above clip. And so “Work-Life Integration” also makes me think about Cecil DeMille’s classic The Ten Commandments and the famous scene where a worker is about to be trampled by a giant stone moved by “her colleagues.” Moses’ character, played by Charlton Heston, comes down from his managerial pedestal to save the poor soul, who later turns out is his own Mother! It’s a metaphor for how easily, often and unfairly, we as society, put work before family, friends and for believers, even God. And when it negatively impacts others it is arguably immoral.

I was most recently educated on this 24/7 mindset by an executive who boasted, “Say I’m on flight to Hawaii with my family for the weekend, and I’ve got to approve a purchase order for half-a-million. I can do it right here from my iPhone!” Well, that’s nice, but it highlights the disconnect between those who literally have the world at their fingertips and those who get interrupted with email from their boss on the weekends. The same technology fix that feeds the workaholic is now invading the space of almost everyone, not just the guy or gal with a “career.” It’s affecting their partner, their children, their social circle, people on the road. And in many cases it is invasive, counter-productive and unhealthy for the family and the self. Do we really want to live in digital bondage?

In many ways, this digital bondage is reminiscent of the days when men and women of all ages built the Pyramids until they dropped dead. Sure, the Pyramids still stand as a testament to architecture and ingenuity, but to many they will also always represent a chapter in history when there was seldom a break from work. Luckily today we have a choice.

We must stand firmly behind the importance of rest and personal space. Sure, working remotely through technology has given us flexibility. There’s no denying that. But half-baked ideas like “Work-Life Integration” have adversely impacted the very relationships and working-conditions they were meant to improve.

Some in the Jewish faith believe that one of the Ten Commandments, to observe a day of rest on the Sabbath, is a cornerstone of not just spiritual growth, but what ultimately may lead to success in other areas of one’s life. Most cultures share this important value but as it erodes across the globe and the lines between work and rest are blurred, we all suffer.

Stay off the devices this weekend as much as you can. Find true balance by freeing yourself from digital bondage.