Who you gonna call? Cloudbusters?

Cloud market is growing 35% (Gartner, Rightscale) faster than expected and in one year, half of the enterprises are going all-in for the public cloud. In five years, you ARE using the public cloud in some sense and more than 80% is using ERP from the cloud – most of them fully.

More than 70% of the cloud users are not satisfied for the cost savings and 67% are puzzled by the compliance and security challenges.

Cybersecurirty Insiders 2019

Despite that, more than 60% are planning to move more workloads to the cloud. 

Then there are many, who does not absolutely understand what is the difference of private and public cloud? Now you can have all in hybrid, plus you can have private cloud in public cloud and some of the private clouds are hosted at public cloud. Sounds like a mess right?

Specially at the small Nordics, it is difficult to understand what the hyperscale really stands for. Datacenter of thousands or tens of thousands of servers might sound big and capable. Well, it is not. If you have 20 locations on each of the continents, all locations have half a dozen datacenters, containing hundreds of thousands of servers, THAT is hyperscale.

Why the scale matters?

Removing the variable of scale totally changes the enterprise architecture and with it, the business model. Now we are talking about the real paradigm shift. We can forget about the traditional challenges regarding infrastructure, cost and availability and we can start to concentrate on direct support for business. This is why 72% of the enterprises now seek cloud for business agility.

Deloitte, 2019

So who you are going to call?

Call the hyperscale vendors? Nope. They are just going to tell you that their one is the best and why. They rarely tell you what are their weaknesses and very ofter you hear the suspicious “yes, but…”. Usually you need to go very high in the organisation and establish high level of trust to hear the things you need to hear.

How about the hybrid vendors? Nope again. They have invested a lot of money for their private cloud and they are usually calculating costs instead of customer business value and co-creational innovations with pure business focus. 

Cloud solution providers? Well that could work, but they are usually focused on certain vendors, since their are measured and rewarded by the consumption they bring and selling multi-cloud is difficult. It is easier to select just one to lead with.

Hire your own people then? Well, that works for a while, but the person needs to be extremely well connected, continuously developing self and there will be little time for anything else than just keeping up the pace with the surrounding change. That will be very expensive.

OK, I know it is not that black and white, but the fact is, that getting good and correct information in the middle of the cloud-boom is not that easy. It is like crazy 2000 bubble again.

Who is the cloudbuster then? 

It is a company who you can trust. The one who’s business focus and investments are not on traditional computing or business models. Your advisor needs to make their money for presenting trust of giving good advises. The more trust you give, the more you gain. 

Trust does not just mean co-creation, it means taking a risk, investing when uncertain and openly exploring for new options. In this specific case, the trust comes from the best practises and knowledge what the advisor has built and your organisation is willing to receive. 

Who you gonna call?

Call the one who openly shares common goals with you. It is the one who says you need to take more than just one step towards public cloud. It is the one who says you went too fast and you need to take step back and plan your strategy and journey before you jump in to conclusions.

Why should you care about how you lead and the people who follow you?

Jack Ma vs Kim

One of my friends wrote a very touching article about his recent failures and learnings about leadership. That inspired me to share some tips what I have learned. I keep failing all the time, so those stories I will save later as a comic reliefs for my presentations. This is not about how to be a good leader or a basic leadership lesson, it is about couple of tips for certain situations you will end up with when being a leader.

Need to do a big change which touches a lot of people? Just do it! 

Naturally you need all the necessary governance stuff, negotiations, change management etc, but when is the time for the execution, just do it. It does not hurt less or succeed better if you prolong it more than it should. Communicate very clearly and constantly why it needed to be done, how it will effect everyone and what is the end goal. Talk about people, about the numbers and the grand plan – your vision of why.

Everyone will not be happy. It is just how it always is. When you execute the change quick, the actual change will benefit more from the novelty effect and the people also have more time to retain and recover their motivation. If the big change takes a lot of time and happens bit-by-bit, there is no time for people to respite and regain their motivation. Future changes will come more difficult and expectations are negative. If the people have the time to adjust and they can trust some level of stability on their environment, they also become more receptive for change and trust them.

You genuinely have to care! 

The advice I got from one of my former managers is a good one, but it does not work for everyone. If you are typical Finnish engineering-oriented technology lover like me, it is sometimes difficult to care about everything and everyone you encounter – even I have learned that is possible too. 

If you do not care about things, that is easy, just delegate the responsibility to some-one who cares. You get way better results that messing the things up by yourself which you really do not care about.

If you do not genuinely care about the people, you are in trouble. You need to care or learn to care. Learn or do not lead. You can co-operate by “just concentrating on the business”, but you cannot lead or inspire that way. When people see you actually care about them, they start to trust you. When you have gained certain amount of trust, that endures over disagreements and upholds an additional level of motivation and mutual understanding. 

Don’t be a Ninja, be a Samurai! 

There is a famous advertisement saying that experience brings confidence. You need a lot of confidence to be a workplace Samurai. The Bushido code mentions the eight virtues of the Samurai and they form an ideal example of a modern leader. In this context, I would add one trait – transparency. If you can be transparent, honest and keep communicating constantly what and why you do things like you do, your life starts to get easier very fast. Again, not everyone will like that, but you need to spend a lot less time on explaining what you do and who does what on your organisation. People will also start to solve conflicts by themselves and not always seeking you as their referee.

Trust and respect! 

As the recent Harward research states, trust and respect are the first and strongest things that you are been evaluated from the start. They come together and they are also given and achieved in common. This is vital for building success and you cannot lead with out it. Giving out a lot of trust may feel like losing control, but it actually raises the results to totally different level and builds mutual respect. You cannot and should not work with the people you simply cannot trust.

Good example of a successful big change and trust is when former Cisco CEO John Chambers decided to turn his big boat around. He communicated the vision, plan and the goal transparently and honestly. He gave his top 1.500 managers a fiscal quarter time to decide if they were all in at the change. If not, they would have a significant resignation package and no hard feelings afterwards. If memory serves, more that 95% of the managers were all in and after two years, the big change was successfully completed.

Not everyone of us can make a that level of a decisions, but still the lesson is important. You cannot turn the direction if the people do not support you and if you need to force the change, you need to do it fast, honestly and you need to care and trust the people around you.

You cannot be BiModal

In short, no single person can be Bimodal. In contrast, many other entities can. Despite the hype and the mystery around the concept, Bimodal IT is actually something simple which actually gives you many tools for a better governance model.

CIO’s, IT departments and business leaders are all thrilled about the term and now every reputable organisation wants to master the one of the most popular hype words used by the Gartner. So what does it mean?

Gartner did not actually invent the concept of Bimodal. It was invented by Béla Bartók, one of the most important composers at 20th century. For him, the Bimodal meant simultaneous use of two distinct pitch collections, which do not need to be in traditional scales. So basically playing music in two different ways at the same time.

I do not know when the Gartner did adopt the term for Bimodal IT, but I guess it was around 2014. It started as a hype word, but it was quickly adopted to larger enterprises and by the most agile CIO’s as their favoured way of handling the new more quick-paced productivity requirements. 

Gartner has a nice glossary, which states the explanation for the term like this:

Mode 1 is optimized for areas that are more predictable and well-understood. It focuses on exploiting what is known, while renovating the legacy environment into a state that is fit for a digital world. Mode 2 is exploratory, experimenting to solve new problems and optimized for areas of uncertainty. These initiatives often begin with a hypothesis that is tested and adapted during a process involving short iterations, potentially adopting a minimum viable product (MVP) approach. Both modes are essential to create substantial value and drive significant organizational change, and neither is static. Marrying a more predictable evolution of products and technologies (Mode 1) with the new and innovative (Mode 2) is the essence of an enterprise bimodal capability. Both play an essential role in the digital transformation.

To me, this is just a part of the explanation. When I saw the presentation of the Bimodal IT at the first time, I thought that very agile organisation could actually just be fully on Mode 2 and the whole model is nonsence. Very soon I realised, that even the most agile startup would still require some more stable systems or services for the basic parts of the business. Why would you need to have very agile Mode 2 management on your email services, since you just basically want it to work? Using Mode 1 makes sense on more stabile, traditional or legacy parts of the information management. They do not need to be complex, just more stable.

When the use for Public Cloud started to come common in business applications, it came apparent that the new way of working with new services and platforms required a new approach for the governance and processes. Cloud architects adjust the enterprise architecture much faster than in the traditional infrastructure model. Business development is faster and whole business processes change in very fast pace. Managing all this cannot be done in traditional way, waterfall organisations react too slowly and old project models fail to their own complexity. Mode 2 is needed and this really is the sweet-spot for it. Services, professionals around them and the management model are all Mode 2. 

There is one additional aspect of Bimodal IT. The most important part of all business and management is the people. The people are also Bimodal. So you cannot personally be Bimodal, but you are either one, Mode 1 or Mode 2. If you think about the Gartner’s explanation, it states the characteristics of the modes as predictable, improving, renovating, exploratory and experimenting. These definitions suite to humans as well as IT. When listening to our employees feedback and wishes for the IT, there were clear split between two major groups how the people wanted to work and to use the tools in their preferred way. It is also very dependent of the individual role and the daily tasks. You should not point out who is Mode 1 or Mode 2, since it would not be correct, but you should be able to offer a Bimodal options for daily work and let everyone pick the ones they prefer.

As a summary, Bimodal IT is important and every organisation needs it. Everything can be split to Bimodal, but only governance models can handle both at the same time. The more future proof you want to be – in any aspect, the more Mode 2 you need to have.

You are wasting your money to the cloud

Digital super through

…because you are probably doing the Public Cloud in a wrong way

Transformation to the cloud. Which is more important, the destination or the journey?

In our digitalized world, where even the most outrageous hypes are quickly realized as everyday commodities and everyone is raving about the future, the journey itself seems barely relevant.

I think that underestimating the journey is the worst mistake we can make. It is easy to talk about the benefits of new technologies on the cloud, while referring to organizations that have successfully made the transformation. In reality, they have had a rocky journey and usually succeeded only partly on their set business goals.

Public cloud services have long been in the spotlight and liberal use has been made of the terms IaaS, PaaS and SaaS, depending on the business requirements and technological capabilities of the organization in question. We can talk about two different levels of utilization. The first level is so-called “lift and shift”, whereby a traditional IT infrastructure has made the transition to a cloud infrastructure model. This involves little need for change, but very little cost-effectiveness and additional business values are achieved. Success is usually measured using a maturity model with a variety of miscellaneous, technology-related indicators.

In most cases, this is followed by another level – a genuine transformation to the cloud involving the creation of new business applications, data structures, integrations and changes in business processes. Efficiency, scalability and completely new business scaling capabilities are thereby achieved. This is referred to as adaptation, whose metrics tend to be more business-oriented and quantitative than maturity indicators.

Few experts or organizations have genuine capabilities and even fewer have wide experience of their own in planning all of the changes needed to make optimized and innovative use of public cloud services. However, without such changes the benefits remain small. It is also easy to be blinded by the market hype and the concentration of expertise on a particular solution. Poorly executed projects can even lead to negative final results, without attaining any of the promised objectives.

Are you a master of the public cloud or just a digital flop? 

In the CIO 2018 workshop, I claimed that the journey towards exploiting the public cloud in Finland and Nordic markets are distorted by market forces and certain megavendors with a strong local presence. This point of view is based on my interpretation on several studies according to which 85% of global use of the public cloud occurs at application level (IDC 2018, Rightscale 2017), when the corresponding figure for Finland is around 50% (BizTech 2017). This view is supported by a new term publicized by Gartner this year, “Digital Super Through”, which refers to the digital flop of the years 2019 to 2020. 

The underlying cause of the digital flop lies in the perception that exploitation of the public cloud does not produce the promised and desired results in terms of growing a business. IT management scales, but businesses do not. 

Why does the application level (or SaaS at the public cloud) matter? Because the outsourcing of IT infrastructure, as such, to the public cloud only provides scalability for corporate IT management, but does not scale the business model in question. This, which is also known as ‘reactive service development’, is the simplest form of public cloud service utilization. We are still taking our first steps into the public cloud.

Operational excellence can only be achieved by refining the use of the public cloud infrastructure to the ‘nth’ degree through automation, architectural expertise, an IT service management system (ITSM) and with the right partners. This means taking IaaS optimization and utilization to extremes, but the same could have been achieved in a private cloud or even in one’s own IT infrastructure. The company’s service culture is very IT-oriented.

The counterpart of operational excellence is business innovation. A company’s orientation, business and IT management cooperation work smoothly, but either the business model, processes or partners are not quite ready for using the public cloud in business development or the management of core IT functions. 

When the required expertise is in place and an adequate level of process automation has been achieved, the paradigm shift can be made from commercial innovation to the proactive generation of business value. IT management’s role lies in innovating and facilitating new data-based business opportunities. Only this level represents the sustainable digital transition of the future and a genuine model for benefiting from the public cloud.

Reality is often driven by compromises. Even if 50% of companies have an “all-in” strategy for benefiting from the public cloud within the next couple of years, in practice only around 40% of business data will be processed through the cloud. So it is worth letting those inflexible legacy systems wind down to end of their lifecycles, to focus on building applications in the public cloud from the cleanest possible slate. 

Do not, therefore, seek a better end result based on your original goal, but set wholly new goals for benefitting from the public cloud and your data. Allow, enable and encourage innovation. Appointing or recruiting a cloud architect is often the first step. 

When you use cloud services, your number of partners is bound to increase. So create a partner strategy, take care to choose the right strategic partners, and try to create a Service Integration and Management (SIAM) model. The role of IT management should become that of a broker for partners and services, where businesses and end users only see the data and service layer.

To benefit from the public cloud, you will need a completely different management model. Explore the Bi-Modal management model and remember that a agile (Mode-2) management model is needed in order to manage the public cloud. You will not succeed with traditional models.

While 85% of the respondents in our workshop had only reached the reactive level of benefiting from the public cloud, their transition into the cloud was already underway. Achieving business scalability requires a transformation in management models and processes, which is always an executive decision and has at least some impact on every process and beneficiary of processes within an organization.

Bringing the enterprise to the public cloud, or the public cloud to an enterprise?

As I have said before so often, the technology part is easy, but change and leadership of all kinds are difficult. To move from beating about the bush to gaining a significant business edge, public cloud processes should be brought into companies, not the other way around.

Processes can be broadly divided between four different target groups: management, the organization, architecture, partners and IT management.

Change management is the key to managing a public cloud. The first step is to prioritize actions. This can be done in a very traditional manner by creating a vision, strategy and roadmap. Next come developing and managing competencies, alongside budgeting and new responsibilities (particularly cloud architects). If IT management is not yet BiModal, it must be established immediately. Use of the public cloud must be based on an agile (Mode 2) organizational model and very few organizations can cope without any kind of traditional (Mode 1) organizational model whatever.  Finally, documentation, contract templates and IT management principles must be developed in a public cloud-required manner. IT management consists of service catalogs, response times, data security, contract management, service risk management, and various auditing and maintenance tasks.

All organizational process updates are based on roles and sponsors. No new strategy can function unless it is clear and has the strong support of executive management. Such change also requires the training and orientation of the entire staff in the operating models of the business environment. Although the public cloud sets new demands on staff, it also creates freedoms and the possibility to introduce new types of standards for the efficiency of the work environment. Built-in services become similar to self-service, frequently recurring tasks are automated, and IT management serves as a broker of services rather than a provider.  As always, communication is the key issue during organizational change. The importance and clarity of internal communication can never be overemphasized. 

Recommendations on the architecture are similar to general advice on best practices. In every case, the cornerstone is the enterprise architecture, and a cloud map serves as part of this. An architecture model can be used to evaluate the information service portfolio, integration requirements and technology choices. Technology choices involve deciding whether you prefer cloud independency or want to focus on vendor-locked, optimized services. The implementation of the enterprise architecture is supported by a cloud architect responsible for driving cultural change in collaboration with communications, alongside his or her architectural work.

Partner management has a certain, specific feature. When benefiting from the public cloud, the number of partners will rise, regardless of the organization’s intentions. 

Special attention must be paid to the choice of partners, since changing partner will be very difficult. Many organizations have introduced a Partner Management Service (SIAM), where one of the primary partners is responsible for ensuring that the policies and processes of the other partners are a good fit with the end-customer. The choice of partner must be based on the classification and prioritization of workloads. Once the workloads have been categorized (security, latency, scalability, location, cost structures, lifecycle and own competences etc), the partner providing the most suitable services can be selected on their basis.

In most cases, IT management is already prepared for change, but it is worth mentioning a few key issues here. A frequent complaint concerns the inflexibility of legacy systems in the public cloud. If this is the case, such systems should be left unchanged until the end of their life cycle, while a replacement system is specifically designed for the public cloud. IT management can use the public cloud at infrastructure (IaaS) level, but only applications and platforms (SaaS, PAAs) should be offered to enterprises and end users. Public cloud services are often better than than in-house ones, but it is worth paying attention to the verification and recovery of information in particular. Here too, speed and easiness are the key benefits. You should therefore invest properly in various test environments and agile development. Tests, pilots and trials of the minimum viable product (MVP) are inexpensive and easy to implement. However, to understand all this, you will need a team whose expertise is focused on public cloud solutions and partners. You will not succeed without an open mind and sufficient competencies.

I have tried to explain what the public cloud is, why its use has run into some difficulties, especially in Finland, and how the issue should be managed as a whole. I hope that I have provided food for thought, and challenged and guided you towards development in new directions.

Stop rubbing your software


If you still do it, stop. This is absolutely the final chance for you to stop it.

I am talking about software and how to use them. It does not matter if you are a CIO providing software solutions to your own organisation or a SaaS-provider, providing software from a fancy multi-tenant application environment.

Doing your own stuff made sense when solutions were developed by small companies, even smaller than your own. They just had the basic functions and user interfaces were clumsy. People were unfamiliar with IT and wanted everything look and work exactly as they used to have (in analog or digital).

Once I was part of a identical CRM-project two times in a row. First project took more than two years and the result was less than satisfactory. The second one took four months and everyone was happy. The biggest difference between the projects was, that the second company adopted the best practise processes of the application vendor as their own. The first one was more keen on forcing their own (old) processes and every button needed to be at the right place. Can you guess what happened when it was time for major version/feature update?

Another time I saw a huge development and customisation project around the first versions of “certain” very popular cloud portal. They did over 5.000 hours of work. After two months of the completion, the vendor rolled out their first version update to the cloud. Customised application died, totally. People were not pleased.

One company made a huge extension to third party cloud solution. The extension was meant to be core of their business model. After couple of months, the cloud vendor released a version, which included everything and more that the small company has made. If was the end of that small company.

The examples go just on and on…

So why am I right and you are wrong? I am not right, but the megavendors are. If major players invest billions of dollars for research and development work and they have constant feedback of even hundreds of millions users, what is the odds that you are the only person or organisation inventing a place that should be developed better?

The best part of modern cloud-based SaaS-solutions is that they force you to update newer versions. Essentially, that means best practise processes, future-proof compatibility and more security than you could ever achieve in your customised application environment.

Most CEO’s and some CIO’s think that their business is different. Well, it is not. Not at least from the information technology point of view. Of course there are exceptions and very specialised industries, but I challenge you to try! Next time when you do a transformation, do it the standard way. Use the common processes, API’s and integrations, but do not customise the applications. After a while, you will be surprised how good it actually works and when it is time for update, you will have a smile and reasonable budget!

How to handle a cold call with just one question?

Customer service

There has been a lot of discussion about the traditional sales work and cold calling customers in random. Is it useful or not?

Since I am certainly not the best professional on the topic, unlike my friend Sani Leino who really is, I will concentrate more on the person who answers the call.

My long background as a ICT-solution consumer and also as a CIO has made me an wanted target for cold calls. On the best (or worst) days, I receive more than 50 calls, originating from more than 20 different countries. Unfortunately, less than 1% of them are good or even average. Still, some of them are very good, like the one I got few years ago from Sani. His cold call definitely worked as planned and besides the actual business deal made, we eventually built strong mutual respect and even became friends.

So when you answer the call, remember always to be polite. The caller is doing his/her job and it is certainly not easy. If the call is bad, the fault is not the callers, you should blame the people who trained and instrucred the caller badly. If you are very busy at the time, just do not pick up the phone. You know when your colleagues, friends or family are calling and that is no excuse to answer unknown number when eating your lunch or in a important meeting.

You are a busy person. So how to handle the intrusive feeling calls politely? I have one simple thing I suggest you to try – and this is good to know for the callers too.

Answer the call only if you have one or two minutes to spare. Otherwise you will waste both your and the callers time just stating “you are too busy”.

After the elevator speech (what ever it is), I always start with a question: “What problem of mine do you solve?“.

If they just want to meet and you feel lonely, then your problem is solved. If they cannot solve any problems or you do not have a problem they can solve, the discussion is over and both parties should realise that. You can state that quite straightforward and again, save both parties time by doing that.

If they have a solution for your problem, then you should give them more time, even meet them.

Caller can of course start asking or even guessing about your problems, but that will not work. They have to have something what should fix problems and if you do not have that specific problem, it is useless to meet representative of the call originating company or even continue the discussion.

Sounds too simple? I challenge you to try, it works!

We need more digital skills

Progamming has now came to elementary school. As digitalization changes business models, even the everyday life of individuals are affected by the level of new skills they possess. 

Finland is in the best position in the world for creating business benefits from deepening digitalization, but when it comes to utilising the actual concepts, the country is ranked fifth. Last year we were among the last.

We certainly are not too prejudiced, but we do seem to lack the courage to make big decisions and effect real change. This a matter of generation and culture.

Finnish children have just started their first year with a syllabus that includes code writing, for example. This is a tangible example of the direction that we all are headed, an example of the skills that we are required to have from a very early point in our lives. We must start improving our digital skills and understanding today, not a day or a year later.

I do not event want to mention the IoT here. It is far beyond digitalization and consists from a lot more than just sensors and assortments of random expensive technology.

The goal of my empolyer Enfo is to make it as easy as possible to understand digitalization. Recently launched knowledge platform thedigitaldimension.com offers information and practical examples for everyone interested in utilising digitalization and being leaders in it.

The idea to create this platform emerged from discussions with a CEO. He admitted that he didn’t know what digitalization actually means or what it can create. This led us to conclude that there is a need to explain the phenomenon more efficiently. After all, digitalization is something that affects us all, people and businesses alike.

What all Finns should know about digitalization?

Digitalization is not a threat. It is a tool for further developing our welfare state. With it, we can both tackle the sustainability gap and build new services and products that generate jobs and revenue for Finland. 

The high level of education that Finns have, their positive attitude to technology and the high speed at which ideas spread, enabled by digitalisation, all provide an internationally significant competitive advantage. 

What all businesses should know about digitalization

Digitalization favours the bold and the brace. It is often difficult to predict success, and this is part of today’s business. New types of actors may emerge quickly and shake up the entire market. As this is the situation, it is well worth testing new ideas and ways without prejudice. 

If it looks as if a particular digital solution is not suitable to the needs of your business, it is good to try something else. What is important is to do something instead of watching others do it.

You are getting scammed


My Dead Friends,

I write this to you, because you are being scammed and your identity is in immediate danger. This is not a joke and I am not selling you anything than just a friendly reminder.

Making your social media updates private or limiting them to your closest friends will not help anything. Internet is basically open – as it has always been. Nothing is 100% secure.

Because of social media every one knows what you like, what is your home town, what is your mother’s maiden name, your first pet and the web shops you use. Probably your ISP, bank and insurance company are also known by the “tweets” of your feedback and claims. Your pictures tell where you are where you have been and what is important to you. Now, because of the newest “circular letter” #myfirstsevenjobs, your first job is also known. There is only very little what is NOT known.

All this information defines your digital identity. It can be easily accessed and even more easily stolen. Your password can be reset and your account stolen – from every account you have. This can happen to all of us.

Please take care of your personal information and remember what you post to social media.

Best regards
Your friendly herald of cybersecurity

Cognitive cybersecurity

HP Cognitive cyber defence

I have now had couple of months to familiarise with the major vendors offering what they each call “Cognitive Cybersecurity” and it is very interesting.

They all essentially mean the same – taking advantage of advanced business analytics to create better view and understanding about cyber universe and its threats. What the solutions actually do, is totally different.

There seems to be two major rules when talking about Cognitive Cybersecurity solutions (and this is the part where people gets irritated). 

Rule number one. If you started as a network solution provider, your security concentrates on network security. If you started as anti-virus company, your security concentrates on virus detection and prevention on clients and servers. They have all kinds of fancy stuff, but the basic principles stay the same.

Rule number two. The more you pay, the better solution you get. To get a real Cognitive Cybersecurity solution, you have to pay a lot. There is no way to get round of it. It just costs a lot of money and resources. Period.

So if you are planning to have a solution not from client/server/network concentrated vendor and it will cost a lot more than $100K you are on the right track.

What should Cognitive Cybersecurity solution do? Most important thing you always need, is a lot of data. With out several data sources and big data you cannot have proper analytics.

When you have the data, it needs to be subjected to cognitive analysis. Proper data contains the traditional threat intelligence feeds and network analysis, but also audio, video, news, stock information, radio and even TV-news. Analysing Twitter tells you a lot more, than just waiting something to happen to your web service. 

Analysed data is inserted to proper Security Incident and Event Management system and distributed to peers via intelligence sharing systems. On top of the all, you need a threat operations center or a Security Operations Center as usually called.

This sounds like a complex and expensive setup and it is. On the other hand, cybercrime is the worlds second most profitable criminal activity and even most of the governments do it. So you need to clarify how secure you need to be and act accordingly. I just want to point out, that there are solutions out there, providing the ultimate situational awareness and protection – not 100%, but close enough to make attackers turn away.

Why progress is so difficult?


I had a very interesting discussion with a colleague today concerning  digitalization and corporate strategy.

My colleague has been doing a consulting work for a customer and I have recently been involved with a new solution development with totally new technology.

Surprisingly, we faced identical challenges in our so different projects – the difficulty of communication. Even both of us had a clear vision what must be done and how, the people around us understood differently. They had a totally different understanding, vision and plan to execute.

Additionally, it is natural that people like different things. This will add the motivation to go different way and create common goal even more difficult to achieve. When we talk about digitalization, this shows as longer projects and elevated costs.

Every-one talks and writes about the leadership and new better ways to lead. I agree, it is time for mesh-type management (guru follows guru) and project-based organisations, but this post is not about leadership, it is about communication.

Digitalization is difficult and IoT is even more challenging. Despite that, you must be part of them. If more than half of Fortune 500 companies have gone bankrupt since 2000, it is sure that disregarding digitalization and IoT will result as a end of business/operations.

What I did not realise, was that when ICT domains started siloing, so did the communications regarding them. That would seem like a obvious thing, but when dozen ICT-specialists talk about the same thing, it is sometimes difficult to see that they all actually mean different thing. The more difficult the topic, the more difficult the communication. 

Digitalization and IoT are the most difficult topics to understand, since they always involve people from totally different background, education and point of view. Achieving progress requires a lot of communication and repetition. You must have a clear vision and understand it well enough. Just like Albert Einstein stated:”If you can’t explain it simply enough, you don’t know it well enough”.

So my wisdom of the day is this:”You always work with teams and peers. Make absolutely sure, that every-one understands exactly what you are talking about”.