Changes and updates: the Analyst Blogs index 28 Feb 2014Posted by Tony Law in Insight services, ITasITis, Tech Watch, Technorati.
add a comment
Within the last few days I’ve undertaken a full refresh of the InformationSpan index to key analyst blogs. I’ve refreshed the Gartner list; as usual there are a handful of changes since last time. I’ve refreshed the list of URLs covered by my custom Google search.
More importantly, there’s been a full review of the index to Forrester’s blogs; a lot has happened since the last one. Forrester’s approach to their blogs is different from Gartner’s: analysts post in different areas, and Forrester roll these blogs up into topics and then into high-level blogs. At the top level there use to be three: Business Technology (that is, enterprise IT); Marketing & Strategy; and Technology Vendors. The last two have been brought together. At the next level down there have been a number of changes; Forrester haven’t removed any category links at this level so you can still, for example, click to the Vendor Strategy blog within the Business Technology stream but this will now redirect you to the CIO stream. There are more changes within the Marketing & Strategy stream.
Forrester do publish content as individual analyst blogs too but they don’t index this. So we provide an index by analyst name and this is now more consistent with the way we list Gartner’s blogging analysts. One main difference though: the topic areas indicated for each analyst identify the roll-up blogs for these areas and not the topic descriptions on Forrester’s website. There isn’t an exact match between the two.
Thirdly I’ve reviewed the content on the Other Blogs page, checked all the analysts referenced, and made a few changes. I intend to make more, to make this page more useful. Candidate blogs from known or less-known analysts would be welcome; please comment.
Click the tab above this posting to see more. Don’t forget to refresh your browser if you use this service regularly.
Horses for Sources: what’s with outsourcing 6 Feb 2014Posted by Tony Law in Insight services, IT marketplace, ITasITis, Tech Watch, Technorati.
add a comment
I’m on a webinar by HfS Research: my first direct encounter with Phil Fersht’s organisation. It’s a where-are-we-going session called “Outlook for the Extended Enterprise”. This post will update live, as we go.
Primarily we’re discussing “extended’ in the sense of multiple outsourced operations, not of industry alliances and cooperative business. HfS’s own research, done in conjunction with KPMG, seems to be painting quite a poor picture of outsourcing value beyond running standard operations. “Talent, technology and analytics value”, Phil asserts, are frequently absent. Once the initial savings are off the books, value doesn’t develop in, for example, exploiting “big data”.
Business-enablement of IT is a gap. I’m beginning to feel like this conversation might have happened equally any time in the last ten, perhaps 20 years. What’s interesting is a breakdown of “BPO maturity” into four quartiles. There seems to be a gap which companies are about to cross to get into the top quartile.
What are the problems? Fear of change; lack of vision; silo operations. The espoused change is to a centre-led organisation; the pros and cons of this haven’t been discussed though. The point’s already been made that perhaps not all enterprises can achieve effective globally-managed business services (which means IT, HR and so on). Maybe that should be “… nor should they”?
Microphone being passed to Ed Caso of Wells Fargo Securities. He’s a senior analyst and has just switched the screen to presenter split-screen. Finally got into proper presentation mode. He’s offering a survey, I think, of the key providers in the outsource market. It’s the sort of analysis which Gartner and the others started out in … Some comments about the financial situation in India and its impact; changes in some providers. And a note that a lot of early 10-year contracts are coming up for review and re-tender. There are visa and immigration issues in several major economies, which might drive more work offshore as it becomes harder to identify skilled staff entitled to work in the home country.
Enterprise-wide sourcing is linked to wider awareness of options, a portfolio approach (provider, location and skills) rather than single-source, hybrid cloud usage, and worries about data security post-Snowden (see my previous post on this). And the providers are further challenged by SMAC (Social, Mobile, Analytics, Cloud): opportunities for the providers, but long term contracts don’t fit the speed of technology development. There’s still a tendency to be more comfortable with deliverables-based contracting rather than value-based.
Another change of speaker: Mike Friend of HfS. Where Caso was US-focussed, Friend is looking at Europe in the context of some fiscal optimism. There’s a prediction for IT oursourcing to grow at around 3.5% through the next four years, and BPO 6.1%, led by the UK market and particularly public sector spending. He’s mentioning a lot of individual companies.
So where do we go? Charles Sutherland of HfS takes over on process automation – that is, avoiding direct people costs – invoking more capable and “friendly” tools. This is still in the context of sourcing: looking for providers who can offer this as a way forward. It’s a potential differentiator in the market. Sutherland is encouraging buyers to look beyond simple cost. He’s suggesting what the signs might be that this is moving in the market, through 2014.
And the final speaker: Ned May of HfS on “the impact of digital”: the SMAC stack again, emphasising the need to embrace all four elements. The speaker does accept that “digital is not new” but I thought it had been around at least since the inauguration of the Web in the mid 1990s. The examples seem to be describing how what goes round comes around, perhaps with a new view of its capabilities. Experimentation will change to planned projects, but skunkworks projects will be of value. This isn’t just a technology change, it’s a mindset change. Some people have been saying this for a long time!
And finally: workforce issues, Christa Degna Manning. Who doesn’t seem to be accessible … emphasising the importance of a back channel for management issues on web calls! The issue is HR outsourcing as, like other areas, this moves to second/third generation outsourcing. Perhaps no longer primarily to support the HR practitioner, but to support and develop the employee.
The key question is whether this is still same-old outsourcing, or whether the trends discussed earlier apply here too. That is, to look for what the webinar regards as higher-maturity outsourcing: the role of talent, for example, and long term benefits; managing contractors and non-employees; connection through collaboration technologies and perhaps to the world of crowd-sourcing and micro-work contracting (think Amazon Mechanical Turk). I’m reminded of John Adair’s long-established Venn diagram depicting management as the intersection of Task, Team and Individual.
Webcast preview link: http://www.horsesforsources.com/the-hfs-2014-outlook_012814. A replay link when I have it.
Over time, but a couple of quick questions to wrap up. The question of handling IP (I presume this means the IP that the outsource process generates). Providers like to be able to re-use (perhaps by back-licensing) processes, for example, developed within a contract. A bit more elaboration about “digital”. I clearly need to figure out what HfS mean when they say “digital” but I think it means digitally-captured business information from, perhaps, unconventional, distributed, and big-data sources. And a question about how this works in a shared services model (which is not the same as global business services, even within the one enterprise).
Time to drop off the call. I’ll add some reflections, and tidy this up, tomorrow.
Security operations: sources 22 Jan 2014Posted by Tony Law in Insight services, ITasITis, Tech Watch, Technorati.
add a comment
First of all, a belated happy New Year …
I’m shortly to facilitate an online meeting on the topic of Security Operations Centres (SOC). Not something I know a great deal about (an advantage for a facilitator, but there are limits …) so I undertook a little research from the usual sources and this note summarises what I found.
First: there is not, it appears, a great deal of content from the Insight services specifically about centralised security operations. There’s a great deal, of course, about the various elements of security: malware detection, incident response, perimeter protection (firewall) and so on. Gartner have a mid-last year online (free) webinar replay Top Security Trends and Take-Aways for 2013. There’s a Security Information and Event Management (SIEM) Technology Magic Quadrant. Perhaps the one to watch from Gartner is an analyst, Adam Hils: he’s recently returned to Gartner after a few years elsewhere, and SOC is one of the areas he expects to cover. And there’s a definition of the role of a Managed Security Service Providers (MSSP).
Forrester have a Security Architecture And Operations Playbook (collection of documents and tools) which, for clients, would repay exploration. They do have a report (not free) entitled SOC 2.0: Virtualizing Security Operations: but this dates from 2010. There’s a recent (August 2013) Forrester Wave on Emerging MSSPs, and a report (same date) on SOC staffing: so although the Playbook contents list isn’t very revealing it looks as if Forrester are up to speed on this topic. Forrester’s buzz phrase is the Zero Trust Model. Clients, have a conversation with your Sales Manager.
One or two of the smaller providers have some content. ESG (The Enterprise Strategy Group) have a very recent blog post: Enterprise CISO Challenges In 2014; this identifies some challenges and some players, and the need for efficacy linked to a strong security architecture, but doesn’t discuss organisational centralisation. Smart Directions publishes a Security Reference Diagram (architecture) which is worth a close look: based only on the online summary (you’ll need a subscription), there is a top layer here which can be interpreted as the function of an SOC.
But the two most helpful documents I’ve uncovered are not from Insight providers.
DEF CON is a hacker conference. Don’t let that put you off; “hacker” was a respectable attribute until it got hijacked by miscreants. DEF CON 18 included a useful presentation by Josh Pyorre and Chris McKenney entitled Build Your Own Security Operations Center for Little or No Money (the title on the slide deck is slightly different). Although this is also some years old (DEF CON 18 was in July-Aug 2010) this is a useful summary of the What and Why of an SOC. There are some useful hints such as the need for an internal (private) network to carry SOC secure communications. There’s some useful information too, though three and a half years old, on tools.
And probably the best paper, unusually, is from a vendor. Again it’s a year or two old: HP’s Building a successful Security Operations Center is dated 2011. It discusses the why and wherefore of not outsourcing this operation (basically, you get generalised, aggregated operations which while they may be 24×365 are not necessarily optimised to your business context); and its how-tos extend to the kind of staff you need, potential shift patterns, and how to respond to the likelihood that really good analysts will get mentally tired after two or three years, lose their effectiveness, and need to move on.
I’d be most pleased if any source or provider who feel they’ve been misrepresented or left out would add a comment.
Oh, and if searching: don’t forget that most material is American and they spell it Center.
• Forrester Research: The Security Architecture And Operations Playbook (this is a collection of documents, continuously updated); SOC 2.0: Virtualizing Security Operations (20 Apr 2010)
• Forrester Wave: Emerging Managed Security Service Providers, Q1 2013 (14 Feb 2013)
• Gartner: Top Security Trends and Take-Aways for 2013, free webinar (or download PDF); Glossary entry: Managed Security Service Provider
• ESG: Enterprise CISO Challenges In 2014, blog post, Jon Oltsik (10 Jan 2014)
• Smart Directions: Security Reference Diagram (report flyer), undated (probably 2013)
• DEF CON 18 (30 Jul-1 Aug 2010) Archive: page down to Build Your Own Security Operations Center for Little or No Money, Josh Pyorre, Chris McKenney (PDF download)
You can view or hear the recorded presentation as video or audio from the DEF CON page (see link above)
• HP: Building a Successful Security Operations Center, Enterprise Security white paper, 2011 (direct link, PDF download)
• Gartner Blog: Adam Hils
Insight providers and market evaluation 6 Nov 2013Posted by Tony Law in Impact of IT, Insight services, IT marketplace, ITasITis, Managing IT, Tech Watch, Technorati.
add a comment
This is a slightly extended version of a response in LinkedIn to Michael Rasmussen, who has published some thought (“a rant”) about Gartner’s Magic Quadrant.
MQ is a highly influential and long established analyst tool. As an insight services user in enterprise IT, I made use of MQs regularly and would also review similar tools such as Forrester’s Wave when a purchasing decision was being made. Like anything else, it’s essential to know just what a tool like this is, how it’s created and what it does and does not convey. The same is true of Gartner’s Hype Cycle, as I’ve commented elsewhere.
Michael highlights several concerns about Gartner’s recently updated MQ in his own area of considerable expertise, that is, global risk and compliance (GRC). Do read his original, which I won’t attempt to summarise; see the link below. Here’s my response.
Michael, having read the whole post in your blog, a couple of comments from a user’s perspective. First: I wholly agree that Forrester’s Wave value is in the open availability both of the evaluation criteria and of the base data; it would be fantastic to see the same from Gartner. This isn’t just an issue of general open-ness. Since a user can adjust the weightings on the Forrester evaluations, it becomes a much more practical tool.
Second, I remember the moment of revelation when I realised there is a whole industry out there called Analyst Relations, that is, people employed by (big) vendors to influence the analysts. Users often don’t realise that’s how the insight market works.
Third, new approaches do emerge. I’d be interested in your take on Phil Fersht’s Blueprint methodology at Horses for Sources (HfS).
My own analysis of the insight market itself classifies providers in various dimensions. One of these looks at reach, both geographic and content: from global generalists (Gartner for example) through to niche (often start-ups – you yourself have progressed from niche to global specialist since you left Forrester). Perhaps tools like the Wave or MQ should have similar dimensions so that the innovative new providers can be properly assessed.
To add a couple more points. As a technology innovation researcher, I was always well aware that small start-ups often offered innovative options which larger vendors didn’t have or hadn’t got round to. But you took the risk of the enterprise falling apart, failing to deliver, or just failing. Experimental technologies always carry risk and the options are tactical (innovation for shorter-term business benefit) not strategic. Gartner I’m sure would assert that innovation is handled by their Vision dimension in the MQ but, as Mike points out, there are thresholds and other elements which mean that these tools don’t make it into MQs. HfS makes innovation explicit.
Second, in business-critical areas which are highly specific to your business area it’s unlikely that an insight provider will know as much as you do. Don’t automatically assume that a MQ or any other tool will deliver the right answer. Use the tools most certainly, but be prepared to reason your way to, argue for and adopt a solution which is at odds with what the tools say. You must of course be able to justify this, but the general answer may not be right for you.
• Gartner GRC Magic Quadrant Rant, Part 3, Mike Rasmussen, GRC Pundit, 23 Oct 2013
• The HfS Blueprint Methodology Explained, Jamie Snowden and others, HfS Research, Oct 2013
• GRC 20/20 research (Mike Rasmussen)
Even lightweight articles can mislead … 19 Oct 2013Posted by Tony Law in Impact of IT, Insight services, ITasITis, Tech Watch, Technorati.
add a comment
Today’s inbox flags a short report in TechRepublic by Eric Eckel looking (yet again) at the Total Cost of Ownership differential between a current iMac and a midrange Windows PC (Windows 7, not Windows 8 by the way). This is something you can argue about for ever and I’m not joining that debate.
I read it, though, since I’m a Mac user myself and like to see where these arguments are going. And my approach is always to dig behind the presentation and go back to original sources.
Well, there’s an authoritative reference here. The writer quotes Gartner to the effect that “in June, Gartner predicted that iOS/OS X will soon surpass Windows as the most popular computer platform”.
There were several issues with this reference. First and most obviously: the text carried an active link which, I assumed, would be to a Gartner press release or an authoritative report of the Gartner report. No such thing. It was to a prior report in another trade publication: MacWorld. Not only that: it wasn’t a link to the article; only to the top-level MacWorld front page. No use at all for finding an artlcle written back in June, when Gartner’s report came out. More on this below.
Second: the link says “iOS/OS X”. The Gartner figures combine iPhones and iPads with Macs. And it balances this by including Windows smartphones, which by most accounts are not the most successful technology. But the TechRepublic article does not discuss smartphones and tablets. It’s about the TCO of business desktop computers . Data should be restricted to what’s relevant.
Third: yes the MacWorld article does report Gartner as predicting iOs/OS X overtaking Windows – by 2015. But the conversation then splits.
MacWorld itself goes on to discuss the success of Android: “sales of devices based on Google’s Android operating system [will] beat the combined sales of Apple and Windows products”. When? – this year. This is from the Gartner research.
But there’s the other follow on. A quick search for other reports of the Gartner work reports their expectation that Windows will bounce back and “pull away again” by 2017 – see PC World, for example. It’s worth noting that the two articles (MacWorld and PC World) are by the same IDG News Service reporter, Martyn Williams, but spun differently for the Mac and Windows audiences. As are other reports in, for example, Computerworld. Everyone’s syndicated the same piece, near enough.
Next, who are the Gartner analysts? Carolina Milanesi, the Gartner analyst quoted by Williams, works in Gartner’s Mobile and Wireless area (not mainstream PCs) and contributes to Gartner’s regular client webinars for device market forecasting, in tandem with Ranjit Atwal who covers PCs, laptops and handheld devices.
I haven’t been able to see the original Gartner research; it’s in a client report. The original reporting is from June this year: a Gartner press release from that date quotes figures up to 2014 only, and on that timescale they predict Windows remains ahead of the combination of OS X and iOS. Credit to one report by Blair Hanley Frank in GeekWire which links to the press release directly, instead of relying on someone else’s reporting. The problem with using Gartner research is that most of it is priced to limit it, in effect, to paying clients: so you have to rely on press releases, on free research which they release (and yes, it does exist), and on reports by others who’ve been at events such as Symposium. Oh yes, and on blogs: don’t forget that if you find Gartner’s Blog Network impenetrable then InformationSpan offers a full index by either analyst name or coverage area, and a search too. The link’s in the side bar here.
So using Gartner research requires a little digging, but it isn’t that hard. It’s too easy to un-critically use someone else’s reporting to support a case you’re trying to make. I’ve got nothing against persuasive writing, but this case study shows the importance of (a) going back to original sources; (b) being critical about the sources you cite; and (c) looking more widely than the reference you first thought of!
• iMac vs. a comparable Windows box: The TCO lowdown, Erik Eckel, TechWorld, 15 Oct 2013
• The MacWorld article referenced by Eckel is: Apple devices ‘to overtake Windows by 2015′, Martyn Williams, MacWorld, 15 Jun 2013
• Alternative report: Apple OSes to narrow gap with Windows, says Gartner, Martyn Williams, PC World, 24 Jun 2013
• Android vs. Apple vs. Windows: Forecast shows shift for PCs, tablets, devices, Blair Hanley Frank, GeekWire, 24 Jun 2013
• Gartner Says Worldwide PC, Tablet and Mobile Phone Shipments to Grow 5.9 Percent in 2013 …, Gartner press release, 24 June 2013
• Gartner analysts: Carolina Milanesi and Ranjit Atwal
Business Process Improvement 17 Sep 2013Posted by Tony Law in Impact of IT, IT is business, ITasITis, Managing IT, Technorati, Uncategorized.
add a comment
Working for GlaxoSmithKline IT, after the 2000 merger, developed my familiarity with business process improvement (small letters) and with Six Sigma methods and metrics. I would never call myself an expert. Routine training was to Green Belt level, without taking the qualifying exam, and I don’t have the instincts which make a leading practitioner able to pick the right tools to adopt for any specific need.
But it taught me a lot, which can be applied well beyond IT. First: as a previous CEO used to say, “If you don’t keep score, you’re only practising”. So, to drive and verify and improvement, you need metrics. But pick the right ones, which will show you where you are. Establish your baseline before you start doing anything. Use the metrics to demonstrate the change (you hope!). And when the improved process has reached the status of business-as-usual, you can probably drop the measure. It’s no longer needed.
Second: a saying that was drummed into us. “Don’t tinker!”. Don’t make changes on the basis of “I think …” without the analysis. Don’t over-react to one-off incidents: processes have variability, and some outliers will happen naturally.
And third: develop and demonstrate your own (internal IT) understanding and improvements before you try to work with the rest of the business. IT has, perhaps, an unique overview of what goes on across the company, and is almost always a participant in any business improvement project. So there’s good leverage there: but you have to gain credibility first. It takes a lot to get to the point where, when a business leader asks for an IT development, you can say “Why? What improvement are you driving? Who will own it? How will you measure it?”
Well: tomorrow I’m facilitating a Corporate IT Forum event on Business Process Improvement (BPI). I’m expecting the twin threads of, first, identifying and improving IT’s own processes; and, second, putting that experience and expertise at the service of the business as a whole. Where are the sources of information and analysis?
Gartner have a Leaders Key Initiative on BPI. The overview, as recent as July this year, has a natty graphic showing the BPI practitioner as a juggler (operations, transformation, skills, technology and innovation) under pressure from both business and technology forces. They offer a number of tools for maturity assessment “across IT disciplines” (what about the rest-of-business?); key metrics (that’s IT spending and staffing, not how to measure a process); and best practices across several competencies. It seems, though, towards the end to lapse back into business process management (BPM) not BPI.
There isn’t a lot in the Gartner blogs, but a useful post from Samantha Searle earlier this year challenges us to avoid the word “Process” (unless your business-side colleagues are process engineers or in manufacturing). That kind of gells with the observation that Gartner probably, under the covers, maintain an IT-oriented focus because Process is very present in the key initiative!
Similarly I don’t find a great deal in Forrester specifically around BPI. But there’s a stronger focus on the interplay of IT expertise and whole-business improvement. A recent report, for example, discusses the shift from “a tactical process improvement charter” to a more strategic role across the enterprise. This requires a plan “for optimizing the BPM practice to deliver on new strategic drivers and business objectives”. That sounds more like it.
Interestingly, a search collected a link to Cambridge University which I expected to be to the business school or computer science. But it’s to their internal management services division with a one-page (one-slide, really) graphic and definition of BPI. Take a look. But the Judge Institute of Management Studies does indeed have a Centre for Process Excellence and Innovation, also worth reviewing.
There’s a lot of material you can find by searching. Too much to survey. Assess with care!
• Business Process Improvement Leaders Key Initiative Overview, Gartner, 25 Jul 2013 (search Gartner for ID:G00251230)
• 10 New Year Resolutions for BPM Practitioners #2: Don’t Mention the “P-word …, Samantha Searle, Gartner blogs, 8 Feb 2013
• Optimize Your Business Process Excellence Program To Meet Shifting Priorities, Clay Richardson, Forrester report, 6 Jun 2013
• Business Process Improvement, University of Cambridge, Management and Information Services Division (undated)
• Centre for Process Excellence and Innovation, Judge Institute, University of Cambridge
add a comment
In 2010 we reported the inauguration of R “Ray” Wang’s new venture, Constellation Research. Constellation launched with a dozen analysts, Ray himself having left Forrester and stayed a short while with Charlene Li’s Altimeter Group. The founder analysts were all senior, recognised industry figures: many had built their reputations within Forrester, Gartner or (in one case) AMR Research which Gartner, at the time, had just acquired. Others came from high profile consulting companies.
Of the original group, Ray is the only one remaining although Liz Herrell, who joined from Forrester very shortly after the group was founded (and before its official launch) is still there.
Today’s email includes the announcement from Constellation that Ray Wang is stepping down from one of the elements of his role. Constellation has appointed an externally recruited, separate CEO. Bridgette Chambers comes from the user side: she is credited with a strong performance in the American SAP Users’ Group. Her credits include the award of Maverick of the Year in 2012. Now there’s an idea I like!
In three years, Constellation has become seriously established and it isn’t just about research reports. There’s a focus on introducing disruptive technology to an enterprise. This year’s major development is the Constellation Academy with workshops and best practice case studies. Remember that disruptive doesn’t necessarily mean novel; established technologies can be used in a disruptive way. The primary event, Connected Enterprise, also has a focus on innovative use of technology; and Constellation now hosts the Supernova awards (see note below). It’s interesting to look not only at the finalists listed for this year, but at the winners and citations from 2012. The group claims over 200 clients world-wide.
A note on Supernova: Kevin Werbach’s Supernova Group retains its web presence but there is no information there about its Supernova Awards since the 2010 event. The Constellation timeline claims the event since 2011. Kevin Werbach, who is Associate Professor of Legal Studies and Business Ethics at the Wharton Business School in Philadelphia, is himself still active through his blog. In April 2011 he posted that he was not contemplating another Supernova event and in July 2012 repeated exactly the same comment. So I’m not clear what the link is between his Supernova events, now apparently ceased, and Constellation’s. To find these entries, go to Werblog (link below) and search it for “Supernova 2011″ and so on.
Best wishes to Ray and his partners.
• Constellation Names Bridgette Chambers as New CEO, Constellation announcement, 4 Sep 2013
• Constellation Research: what can users expect?, ITasITis, 15 Nov 2010
• Constellation: the next step, ITasITis, 17 Feb 2011
• Constellation Research: timeline
• Maverick of the Year is one of the American Business Awards (Stevies)
• Constellation’s Supernova Awards
• Supernova Group (Werbach)
• Supernova Hub (Werbach)
• Werblog (Kevin Werbach’s blog)