GDPR – The Countdown Conundrum

Posted on : 30-01-2018 | By : Tom Loxley | In : Cloud, compliance, Cyber Security, data security, Finance, GDPR, General News, Uncategorized

Tags: , , , , , , , , , , , , ,

0

Crunch time is just around the corner and yet businesses are not prepared, but why?

General Data Protection Regulation (GDPR) – a new set of rules set out from the European Union which aims to simplify data protection laws and provide citizens across all member states with more control over their personal data”

It is estimated that just under half of businesses are unaware of incoming data protection laws that they will be subject to in just four months’ time, or how the new legislation affects information security.

Following a government survey, the lack of awareness about the upcoming introduction of GDPR has led to the UK government to issue a warning to the public over businesses shortfall in preparation for the change. According to the Digital, Culture, Media and Sport secretary Matt Hancock:

“These figures show many organisations still need to act to make sure the personal data they hold is secure and they are prepared for our Data Protection Bill”

GDPR comes into force on 25 May 2018 and potentially huge fines face those who are found to misuse, exploit, lose or otherwise mishandle personal data. This can be as much as up to four percent of company turnover. Organisations could also face penalties if they’re hacked and attempt to hide what happened from customers.

There is also a very real and emerging risk of a huge loss of business. Specifically, 3rd-party compliance and assurance is common practice now and your clients will want to know that you are compliant with GDPR as part of doing business.

Yet regardless of the risks to reputation, potential loss of business and fines with being non-GDPR compliant, the government survey has found that many organisations aren’t prepared – or aren’t even aware – of the incoming legislation and how it will impact on their information and data security strategy.

Not surprisingly, considering the ever-changing landscape of regulatory requirements they have had to adapt to, finance and insurance sectors are said to have the highest awareness of the incoming security legislation. Conversely, only one in four businesses in the construction sector is said to be aware of GDPR, awareness in manufacturing also poor. According to the report, the overall figure comes in at just under half of businesses – including a third of charities – who have subsequently made changes to their cybersecurity policies as a result of GDPR.

If your organisation is one of those who are unsure of your GDPR compliance strategy, areas to consider may include;

  • Creating or improving new cybersecurity procedures
  • Hiring new staff (or creating new roles and responsibilities for your additional staff)
  • Making concentrated efforts to update security software
  • Mapping your current data state, what you hold, where it’s held and how it’s stored

In terms of getting help, this article is a great place to start: What is GDPR? Everything you need to know about the new general data protection regulations

However, if you’re worried your organisation is behind the curve there is still have time to ensure that you do everything to be GDPR compliant. The is an abundance of free guidance available from the National Cyber Security Centre and the on how to ensure your corporate cybersecurity policy is correct and up to date.

The ICO suggests that, rather than being fearful of GDPR, organisations should embrace GDPR as a chance to improve how they do business. The Information Commissioner Elizabeth Denham stated:

“The GDPR offers a real opportunity to present themselves on the basis of how they respect the privacy of individuals, and over time this can play more of a role in consumer choice. Enhanced customer trust and more competitive advantage are just two of the benefits of getting it right”

If you require pragmatic advice on the implementation of GDPR data security and management, please feel free to contact us for a chat. We have assessed and guided a number of our client through the maze of regulations including GDPR. Please contact Thomas.Loxley@broadgateconsultants.com in the first instance.

 

Be aware of “AI Washing”

Posted on : 26-01-2018 | By : john.vincent | In : Cloud, Data, General News, Innovation

Tags: , , , ,

0

I checked and it’s almost 5 years ago now that we wrote about the journey to cloud and mentioned “cloud washing“, the process by which technology providers were re-positioning previous offerings to be “cloud enabled”, “cloud ready” and the like.

Of course, the temptation to do this is natural. After all, if the general public can trigger a 200% increase in share price simply by re-branding your iced tea company to “Long Blockchain“, then why not.

And so we enter another “washing” phase, this time in the form of a surge in Artificial Intelligence (AI) powered technologies. As the enterprise interest in AI and machine learning gathers pace, software vendors are falling over each other to meet the market demands.

Indeed, according to Gartner by 2020;

AI technologies will be virtually pervasive in almost every new software product and service

This is great news and the speed of change is outstanding. However, it does pose some challenges for technology leaders and decision makers as the hype continues.

Firstly, we need to apply the “so what?” test against the claims of AI enablement. The fact that a product has AI capabilities doesn’t propel it automatically to the top of selection criteria. It needs to be coupled with a true business value rather than simply a sales and marketing tool.

Whilst that sounds obvious, before you cry “pass me another egg Vincent”, it does warrant a pause and reflection. Human behaviour and the pressures on generating business value against a more difficult backdrop can easier drive a penchant for the latest trend (anyone seen “GDPR compliant” monikers appearing?)

In terms of the bandwagon jumping, Gartner says;

Similar to greenwashing, in which companies exaggerate the environmental-friendliness of their products or practices for business benefit, many technology vendors are now “AI washing” by applying the AI label a little too indiscriminately

The second point, is to ask the question “Is this really AI or Automation?”. I’ve sat in a number of vendor presentations through 2017 where I asked exactly that. After much deliberation, pontification and several “well umms” we agreed that it was actually the latter we were discussing. Indeed, there terms are often interchanged at will during pitches which can be somewhat disconcerting.

The thing is, Automation doesn’t have the “blade runner-esc” cachet of AI, which conjures up the usual visions that the film industry has imprinted on our minds (of course, to counter this we’ve now got Robotic Process Automation!)

So what’s the difference between AI and Automation? The basic definition is;

  • Automation is software that follows pre-programmed ‘rules’.
  • Artificial intelligence is designed to simulate human thinking.

Automation is everywhere and been an important part of industry for decades. It enables machines to perform repetitive, monotonous tasks thus freeing up time for human beings to focus on the activities that require more reasoning, rationale and personal touch. This drives efficiency and a more productive and efficient business and personal life.

The difference with Automation is that is requires manual configuration and set up. It is smart, but it has to follow set instructions and workflow.

AI however is not developed simply to follow a set of predefined instructions. It is designed to mimic human behaviour to continuously seek patterns, learn from it data and “experiences” and determine the appropriate course of action or responses based on these parameters. This all comes under the general heading of “machine learning”.

The common “fuel” that drives both Automation and AI is Data. It is the lifeblood of the organisation and we now live is an environment where we talk about “data driven” technologies at the centre of the enterprise.

Whilst it’s hard to ignore all the hype around AI it is important for decision makers to think carefully not only in terms of what they want to achieve, but also how to filter out the “AI washing”.

Battle of the Chiefs

Posted on : 25-01-2018 | By : Tom Loxley | In : Predictions, Uncategorized

Tags: , , , , , ,

0

2018 Prediction – Deep Dive

Chief Information Officer 1 – Chief Digital Officer 0

Digital transformation is undeniably the main driving force for change in businesses today. We have seen the financial sector being completely transformed by new technologies that offer the ability to engage customers in very different ways, driving more profits. Originating in the marketing department, digitally morphed into E-commerce where it gained more budget and more power. This led to the establishment of a new executive role of the Chief Digital Information Officer (CDiO). The more traditional role of the Chief Information Officer (CIO) faded in many organisations as CIO’s concentrated on their legacy systems, often accused of being slow to change in this new fast-paced environment. The CDiO rose as the star of the transformation show moving at lightening digital speed, propelling the competitive advantage and adding value to the business.  The two Chiefs have been working alongside each other uncomfortably over the past few years, neither understanding the boundaries between them. Not for much longer ….

We are starting to see some CDiOs come adrift as the main power point, with the promised world of digital failing to emerge. They too are being slowed down and unseated by the weight of legacy systems and legacy ideas in many organisations. Business leaders are getting impatient with the time to deliver ‘revolutionary’ change. Is it that these changes take time or is there a hint of the ‘Emperor’s new Code’ about this?

Broadgate believes that 2018 will see the resurgence of the CIO as the leading force. The digital buzzword is fading as digital is increasingly seen as a core part of any business strategy, intrinsic to the organisation. The development of the CDiO was a good short-term fix to turbo charge the digital roadmap, taking some of the weight off the CIO shoulders and enabling change. It could be said that the CDiO role developed as a result of an early division of labour between old and the new as digital models emerged. However, recently we have seen a considerable shift across all major sectors with four trends leading the charge for change: cloud, mobility, IoT and big data. It is this technological innovation that has enabled the role of the CIO rise once more.

This is the big moment for the CIO essentially becoming the hero of the digital age, not only embracing the new but also connecting the old with the new and really enabling organizations to move forward. That said, we must not underestimate the scale of the challenge CIO’s face, there is a level of complexity in this new age of digital transformation that isn’t going away. Compounding this issue, business processes are often overlooked when technology is being rapidly applied. In many cases the CIO needs to reach out to their business counterpart in the area where technology is going to be deployed to ensure not only that there is complete connection but also that, working together, they understand how the business will function in that new environment and how orchestrating business technology will produce and deliver a strong result. CIOs must now take ownership of both to ensure they are not locked out of future technology decisions. The CIO who can keep up with the pace of new technology adoption can stay ahead of potential CDiOs encroaching on their territory.