Chief Chief Officer

Every major technology innovation marks the dawn of a new era and with it the promise that business and technology will never be the same again.  And it seems to follow that we need a new 'chief' to lead us into this promised land.

The latest earth-shattering wave of innovation is, of course, AI.  So, as with BI, Cloud and others before them, we are now seeing cries for a Chief AI Officer.  Ours is the only discipline which can't decide on what the top spot should be called.  Of course, it took decades before technology rose to the C-level at all, but when we did, we immediately confused everyone by using CIO and CTO almost interchangeably. 

The CEO, CFO and COO titles are by far the most consistent. CMO and CRO are later entrants to the c-suite but clearly represent the leader of the marketing and sales organizations, respectively. HR recently got into it by adopting CPO (Chief People Officer) presumably so they too could have a three-letter acronym. 

There have been many other novel chief somethings invented along the way such as Chief Experience Officer, Chief Sustainability Officer, Chief Diversity Officer and others.  However, these Chiefs are focused on an outcome and not on the use of a specific toolset. 

There is only one head of technology in any organization, just as there is only one CEO. This has been referred to in some circles as the President of Technology having overall responsibility for the use of technology throughout the business. This is a C-level position, and the CIO (or CTO) should be focused on the business first and, being the person on the senior management team most knowledgeable about technology, how to best leverage technology to execute the mission of the company. 

Part of that role involves building the right team with all the necessary skills and experience to efficiently and effectively design, build and operate the technology that supports the business. This team must include or have access to expertise in relevant technologies. AI is critically important, and the emergence of generative AI is clearly a watershed moment in technology, but it is still only a tool to be used wisely and not an outcome in and of itself. 

There is an exception to my CIO rule. The CISO role does rise to the C level on its own for two reasons. First, security should not report to the CIO. There are conflicting priorities, and it is unfair to hold the CISO accountable when the "boss" can override decisions. Second, like sustainability or diversity, security is an outcome and not merely a set of tools and techniques. 

A company with a Chief AI Officer, Chief BI Officer, Chief Cloud Officer or other C whatever Officers, will probably need a Chief Chief officer, one Chief to bind them all. 

Captain Joe 

Follow me on Twitter @JPuglisiLLC

All My Children

Leaving your child at daycare for the first time can be unsettling, despite knowing the facility is safer than your home and staffed by professionals. Similarly, entrusting your data to cloud security can be daunting. You worry if your data will receive the same attention and care as you would provide. This anxiety is natural, but it's essential to recognize that hosting centers and Software as a Service (SaaS) providers invest heavily in physical and logical security, far surpassing what most companies can afford.

Their expertise and resources provide robust protection, including state-of-the-art infrastructure, monitoring, and incident response. This partnership doesn't entirely alleviate concerns, but it does shift some of the burden to the provider. Your organization remains accountable for educating users on cloud security best practices and governance policies, controlling costs associated with cloud services, and holding the provider accountable for safeguarding your digital assets.

To establish trust, it's crucial to include key provisions in your contract, such as Service Level Agreements (SLAs) that define performance metrics, uptime guarantees, and response times. Additionally, ensure the provider complies with industry-recognized security standards like SOC 2 or ISO 27001. Regular security audits and penetration testing should also be conducted, with transparent reporting. Clearly outline data ownership, access, and retrieval rights, as well as procedures for contract termination, data return, and secure deletion.

It's also important to maintain vigilance. Regularly review security reports, conduct periodic risk assessments, and engage with the provider's security team to address concerns. This "trust but verify" approach helps build confidence in your cloud security solution. By partnering with reputable providers and implementing checks and balances, organizations can overcome cloud security anxiety.

Just as you learn to trust daycare staff with your child's well-being, you can trust your cloud security provider to safeguard your digital assets. Recognizing the benefits of cloud security and taking steps to ensure accountability can help alleviate concerns, allowing you to focus on your business while knowing your data is secure.

Captain Joe

Follow me on Twitter @JPuglisiLLC

The Lesson of the Holiday Roast

Have you ever heard the story of the holiday roast? Little six-year old Mary is watching Alison, her mom, carefully preparing the big holiday meal. There are appetizers, salads and all sorts of side dishes. But the centerpiece is always the wonderful holiday roast.

After spending time at the market to choose just the right one, Alison is now in her kitchen, ready to begin cooking it. It is unwrapped, placed in a huge roasting pan, seasoned, coated and finally, most importantly, carefully cut exactly in half. As she gently placed each half face down in the sauce little Mary asked why she had cut this beautiful roast in half. Alison had lots more to do and shrugged off the question.

After exactly two hours, Alison opened the oven, pulled the pan out, turned it around and put it back in. Little Mary, curious again, wanted to know why the roast had been cut in half, and why the pan had to be rotated. "Why?" Alison snapped back. "Well that is the way my mother, your grandmother, taught me to do it," she explained.

Still curious, the little girl asked her mother if they could call grandma and ask her these questions. When they got grandma on the phone, she said the same thing. It was just what she had been taught. Maybe cutting it open makes it juicier inside, and rotating the pan makes it cook more evenly, but I never really asked my mother. Fortunately, great grandma was still around in a nursing home. Little Mary's curiosity still unsatisfied, grandma thought perhaps great grandma could reveal the secret.

As IT professionals, we will often try to uncover the origin of a particular business process. Like little Mary, when we see how things are done, and it is not obvious why, we ask. Called upon to add, change or remove some element of a process, it goes beyond mere curiosity. It is important to know the real reason behind each step being taken, and to put this process into the context of the larger picture. While this can be irritating to the person making a seemingly simple request, this story illustrates why the relentless inquires are often justified.

You see, they got great grandma on the phone and little Mary suggested cutting the roast made it soak up the juice better or would somehow preserve tenderness. Great Granny laughed and explained that in her day the ovens were small and if you didn't cut the roast and lay it flat it wouldn't fit! The wood fueled oven was much hotter in the back than the front and so you had to rotate the pan to cook both halves the same. Of course, neither of these conditions existed today and the tradition was pointless.

And so often it turns out that a business process was invented to meet a need which was outside of the capabilities of systems in place at that time. The reporting oven could only bake so much data at one time leading to a need to slice the data in half. Clever people invent clever ways to achieve their goal by whatever means they know and it then becomes routine. As time passes and people hand off responsibilities, the approach becomes institutionalized and the rationale behind the design of the process is lost. It becomes tradition or, as we often hear, simply "the way we have always done it."

We all know the speed and capacity of systems today are far greater. The data "ovens" are larger and "heat" evenly all the way around. Moreover, software capabilities have expanded beyond our wildest imagination. If together we focus on the ultimate goal, deconstruct the current process and perhaps even trace its origin we are likely to find we can eliminate unnecessary steps and take advantage of newer, faster approaches. With less effort we quickly and consistently deliver the best holiday roasts.

Captain Joe

Follow me on Twitter @JPuglisiLLC

The Third Golden Rule

Anyone who has ever been a member of my staff will tell you to get along with me you only need to adhere to my two golden rules.  These are very simple, straightforward and quite reasonable. Nothing too complicated to remember or follow, and they have served me well for many years.

First, when something, anything goes wrong I always want to be the first to know. Phone me, text me, send a telegram or message on a carrier pigeon. There is nothing worse for me than to hear about a systems related issue from someone outside of my department. I ask my staff to advise me as soon as they know something has gone awry. They have no fear or reprisal, even if they inadvertently did something to cause the problem. My focus is always on understanding what happened, fixing it and then devising a means of ensuring it can never happen again. The only fatal mistake you can make is trying to hide a problem from me.

Second, don't get in the way of the business. Often we can lose sight of the fact that while technology is important to the business, it should rarely be considered a higher priority. We can easily get caught up in the need to reboot a server or upgrade a piece of software and overlook the impact it will have on the business -- and its ability to generate the revenue that pays all of our salaries. So whatever we are doing, no matter how "critical" we think it may be, we should always be certain it will not somehow adversely affect the operations of the company. Usually this is just a matter of careful testing, coordination and scheduling.

Recently, I decided to add a third golden rule. Your opinion matters. It struck me that I embrace the concept that the entire department is a team working together towards common goals. No one works for me. Everyone works with me. I may be the senior manager and head of the department, but I don't want to be surrounded by lemmings who will follow me happily as I lead them over the cliff. As the saying goes, the buck stops here, and, yes, I will likely have the final say. But that should never inhibit anyone from expressing their view. Any sound, fact-based argument can and should be put forth respectfully, and I assure you I will listen.

These rules have always been key to my success as a manager. Follow them and we will be golden.

Captain Joe

Follow me on Twitter @JPuglisiLLC

Who Are You Going To Call

Leveraging technology to make a company run more efficiently, reduce cost or improve quality is simply not enough. A resume in which you offer to replicate this for any new company is going to be passed over by most. Today the head of technology is expected to be a full member of the

management team contributing to the development of new product and services, expanding the customer base, and opening new markets of all kinds.  The good news is we are empowered to do this with the affordable computing power, connectivity and data available.  Moreover, the world is finally in a state of readiness to accept these new ideas. The classic examples include Airbnb, Uber and the new similar application where people share boats.  The new norm is technology turning an industry completely inside-out.

We are now an on demand, variable supply, value-based micro-company society where every individual can be an entrepreneur, running an entire business, often without having to leave home. Business opportunities exist on both sides of this model. Traditional companies  leverage just-in-time supply of expertise, consuming just enough to meet their needs without incurring additional overhead or associated costs. Individuals can apply their deep knowledge and experience to a wide variety of issues across many clients, constantly learning and improving while delivering efficient and effective solutions. Instead of one individual with a little experience in several areas being on staff, engage six experts as needed for portions of the project achieving superior results with lower long term cost.  

What I envision is different from the classic consulting model where companies engage teams from well know firms like Accenture, Oracle or Mercer, and instead turn to vehicle such as e-lance to solicit bids for specific resources or solutions from individuals.  As the boomers age out of the work force they become increasing rare and valuable resources with exactly the right knowledge and skills to meet these demands. Orchestrating the match of needs to resources represents, in my mind, one of the most interesting and potentially rewarding business opportunities today and the near future.

Captain Joe

Follow me on Twitter @JPuglisiLLC