CIO & LEADER-Issue-10-January 2018 (1)
The cover story on CIO&Leader's January issue is a dive into the skills that CIOs are going to develop and hire in 2018
The cover story on CIO&Leader's January issue is a dive into the skills that CIOs are going to develop and hire in 2018
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Face Off<br />
Is <strong>CIO</strong>'s vertical specialization<br />
important? Pg 24<br />
Banking<br />
Why tech is the ultimate<br />
cash cow for farmers? Pg 38<br />
Volume 06<br />
<strong>Issue</strong> <strong>10</strong><br />
<strong>January</strong> <strong>2018</strong><br />
150<br />
TRACK TECHNOLOGY BUILD BUSINESS SHAPE SELF<br />
Skills<br />
<strong>CIO</strong>s will<br />
Develop<br />
& Hire to<br />
Conquer<br />
<strong>2018</strong> page.<br />
16<br />
A 9.9 Media Publication
EDITORIAL<br />
Shyamanuja Das<br />
shyamanuja.das@9dot9.in<br />
Beyond the<br />
Hyperboles<br />
A<br />
For ensuring that<br />
the organization<br />
remains both<br />
competitive and<br />
responsible, one<br />
of the immediate<br />
priorities is<br />
drawing of an<br />
action plan<br />
for systematic<br />
reskilling<br />
At the time of writing this, the annual meeting<br />
of the World Economic Forum is on at Davos.<br />
India, of course, is getting a lot of mindshare,<br />
not just because of the plenary speech of prime<br />
minister Narendra Modi in which he reiterated<br />
India’s commitment to globalization but also<br />
because India’s role in global economy is now<br />
unquestionable!<br />
Technology has become one of the recurring<br />
themes in all global agenda setting. In a multidisciplinary,<br />
cross-cultural platform like WEF<br />
it is even more prominent—as technology now<br />
touches and impacts all aspects of life.<br />
What is somewhat new this year, however, all<br />
that tech talk is not one-sided optimism. Global<br />
leaders—including tech leaders—have started<br />
discussing the adverse impact of technological<br />
progress, incidentally one of the global risks<br />
that WEF has been trying to measure in its<br />
annual Global Risk Report (GRR).<br />
Talking of GRR, this year, two of<br />
the cyber risks—cyber-attacks and<br />
data theft/fraud—have been identified<br />
by thought leaders as two of the<br />
five most likely risks for the world<br />
in <strong>2018</strong>.<br />
But the WEF discussion goes<br />
much beyond the immediate risks.<br />
Apart from cyber security, other<br />
impact of technology that has been<br />
discussed is the impact that technology<br />
has on children, on jobs, and on<br />
society in general. Who could have<br />
imagined a decade back that Cisco<br />
CEO would stand on one of the most important global<br />
platforms and urge the parents to control device<br />
use among children?<br />
This is but one ex<strong>amp</strong>le of the fact that the global<br />
tech community is becoming far more responsible.<br />
As an important constituent of that community, the<br />
<strong>CIO</strong>s should keep this aspect in mind.<br />
One of the more actionable items on that responsibility<br />
agenda is doing something about new automation<br />
making certain current functions redundant/<br />
less important. For ensuring that the organization<br />
remains both competitive and responsible, one of the<br />
immediate priorities is drawing of an action plan for<br />
systematic reskilling.<br />
The recently released WEF report, Towards a<br />
Reskilling Revolution: A Future of Jobs for All introduces<br />
a new data-driven approach to identifying reskilling<br />
and job transition opportunities.<br />
But as a recent survey by us finds out—and our<br />
cover story is based on that—our <strong>CIO</strong>s are more<br />
than sensitized to the need of reskilling. The <strong>2018</strong><br />
agenda is primarily to act. We present ten top <strong>CIO</strong>s’<br />
take on what skills they are looking at hiring and<br />
what skills that they are looking to acquire for themselves.<br />
And they explain why.<br />
Tell us about yours<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
1
A 9.9 Media Publication<br />
Face Off<br />
Is <strong>CIO</strong>'s vertical specialization<br />
important? Pg 24<br />
TRACK TECHNOLOGY BUILD BUSINESS SHAPE SELF<br />
Banking Volume 06<br />
Why tech is the ultimate <strong>Issue</strong> <strong>10</strong><br />
<strong>January</strong> <strong>2018</strong><br />
cash cow for farmers? Pg 38<br />
150<br />
16<br />
CONTENT<br />
JANUARY <strong>2018</strong><br />
COVER STORY<br />
16-23|<br />
Skills <strong>CIO</strong>s Will<br />
Develop & Hire To<br />
Conquer <strong>2018</strong><br />
advertisers ’ index<br />
Godrej<br />
Vodafone<br />
Skills<br />
<strong>CIO</strong>s will<br />
Develop<br />
Conquer<br />
<strong>2018</strong> page.<br />
& Hire to<br />
Cover Design by:<br />
Shokeen Saifi<br />
FC<br />
BC<br />
Please Recycle<br />
This Magazine<br />
And Remove<br />
Inserts Before<br />
Recycling<br />
COPYRIGHT, All rights reserved: Reproduction in whole or in part without written permission from<br />
Nine Dot Nine Interactive Pvt Ltd. is prohibited. Printed and published by Vikas Gupta for Nine Dot Nine<br />
Mediaworx Pvt Ltd, 121, Patparganj, Mayur Vihar, Phase - I, Near Mandir Masjid, Delhi-1<strong>10</strong>091. Printed at<br />
Tara Art Printers Pvt ltd. A-46-47, Sector-5, NOIDA (U.P.) 2013011<br />
This index is provided as an<br />
additional service.The publisher<br />
does not assume any liabilities<br />
for errors or omissions.<br />
2 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
AROUND THE TECH<br />
04-07<br />
Colonels, Commanders &<br />
Cybersecurity<br />
www.cioandleader.com<br />
COLUMN<br />
08-09<br />
Essential Traits Of A<br />
New Leader<br />
By Priya Dar<br />
<strong>10</strong>-11<br />
How Enterprises Are<br />
Redefining Businesses<br />
With Big Data Powered<br />
By AI<br />
By Aashish Kalra<br />
INSIGHT<br />
26-27<br />
Artificial Intelligence<br />
Is Creating Happy<br />
Workplaces<br />
28-29<br />
Tech Job Trends In<br />
<strong>2018</strong> And Beyond<br />
32-33<br />
When Cloud Gives You<br />
Wings<br />
SECURITY<br />
34-36<br />
Web Application<br />
Security In A Digitally<br />
Connected World<br />
MANAGEMENT<br />
Managing Director: Dr Pramath Raj Sinha<br />
Printer & Publisher: Vikas Gupta<br />
EDITORIAL<br />
Managing Editor: Shyamanuja Das<br />
Associate Editor: Shubhra Rishi<br />
Content Executive-Enterprise Technology:<br />
Dipanjan Mitra<br />
DESIGN<br />
Sr Art Director: Anil VK<br />
Art Director: Shokeen Saifi<br />
Visualisers: NV Baiju & Manoj Kumar VP<br />
Lead UI/UX Designer: Shri Hari Tiwari<br />
Sr Designers: Charu Dwivedi, Haridas Balan & Peterson PJ<br />
SALES & MARKETING<br />
Director-Community Engagement<br />
for Enterprise Technology Business:<br />
Sachin Mhashilkar (+91 99203 48755)<br />
Brand Head: Vandana Chauhan (+91 99589 84581)<br />
Assistant Product Manager-Digital: Manan Mushtaq<br />
Community Manager-B2B Tech: Megha Bhardwaj<br />
Community Manager-B2B Tech: Renuka Deopa<br />
Associate-Enterprise Technology: Abhishek Jain<br />
Assistant Brand Manager-B2B Tech: Mallika Khosla<br />
Regional Sales Managers<br />
South: Ashish Kumar (+91 97407 61921)<br />
North: Deepak Sharma (+91 98117 911<strong>10</strong>)<br />
West: Prashant Amin (+91 98205 75282)<br />
Ad Co-ordination/Scheduling: Kishan Singh<br />
PRODUCTION & LOGISTICS<br />
Manager Operations: Rakesh Upadhyay<br />
Asst. Manager - Logistics: Vijay Menon<br />
Executive Logistics: Nilesh Shiravadekar<br />
Logistics: MP Singh & Mohd. Ansari<br />
OFFICE ADDRESS<br />
Nine Dot Nine Mediaworx Pvt Ltd<br />
121, Patparganj, Mayur Vihar, Phase - I<br />
Near Mandir Masjid, Delhi-1<strong>10</strong>091<br />
Published, Printed and Owned by Nine Dot Nine Mediaworx<br />
Private Ltd. Published and printed on their behalf by<br />
Vikas Gupta. Published at 121, Patparganj,<br />
Mayur Vihar, Phase - I, Near Mandir Masjid, Delhi-1<strong>10</strong>091,<br />
India. Printed at Tara Art Printers Pvt Ltd., A-46-47, Sector-5,<br />
NOIDA (U.P.) 201301.<br />
Editor: Vikas Gupta<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
3
WHAT<br />
<strong>CIO</strong>s ARE<br />
TIRED OF<br />
HEARING...<br />
around<br />
thetech<br />
SECURITY<br />
Colonels,<br />
Commanders &<br />
Cybersecurity<br />
In 1978, Transformational Leadership<br />
was introduced by expert, James Mc-Gregor Burns,<br />
in his book “Leadership”. There are close to a dozen<br />
CISOs in Indian industry—who have served in Indian<br />
the defense forces—namely the Indian Army and Indian<br />
Navy. Somehow, we do not see many ex-Airmen in the<br />
list. But what exactly is prompting India, Inc. to go for<br />
these defense personnel as CISOs? On the face of it,<br />
many say current cyber threats require a real combat<br />
mindset that comes naturally to the defense personnel.<br />
Whatever it is, at present fauji CISOs seem to be ruling<br />
the CISO-dom. Here is a list of a handful of CISOs.<br />
“The Chief<br />
Information Officer<br />
role is nearing<br />
extinction and may<br />
cease to exist a few<br />
years from now.”<br />
AK Anand<br />
Senior Vice President, Global<br />
Practice Head & CISO<br />
NIIT Technologies<br />
Colonel in Indian Army<br />
AJ Vijaykumar<br />
CISO<br />
Tata Communications<br />
Lt Colonel in Indian Army<br />
Brijesh Datta<br />
SVP & CISO<br />
Reliance JioInfocom<br />
Colonel in Indian Army<br />
Kaushal K Chaudhary<br />
Executive Director – Group Head<br />
IT & IS<br />
Lanco Infratech<br />
Jt Director Systems<br />
(Commander of Indian Navy)<br />
Manish Tiwari<br />
CISO<br />
Bharti Airtel<br />
Director – CERT, Indian Navy<br />
Murli Menon<br />
CISO<br />
Atos India<br />
Commander at Indian Navy<br />
Mukesh Saini<br />
Head, IT Security<br />
Essel Group<br />
Commander at Indian Navy<br />
Prashant Veer Singh<br />
SVP, CISO and <strong>CIO</strong><br />
Bharti Infratel<br />
Officer Commanding<br />
Communications (Major) at<br />
Indian Army<br />
4 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Around The Tech<br />
BY THE BOOK<br />
We recommend you to read Pedro<br />
Domingos’ The Master Algorithm,<br />
which gives us a peek inside the learning<br />
machines that power Google, Amazon,<br />
and your smartphone. The author<br />
paints a picture through machine<br />
learning's five major schools of thought,<br />
showing how they turn ideas from neuroscience,<br />
evolution, psychology, physics,<br />
and statistics into algorithms ready<br />
to serve you. Domingos, a Professor<br />
at University of Washington, is also a<br />
researcher in machine learning, creates<br />
a blueprint of The Master Algorithm,<br />
and discusses what it means for the<br />
future of business, science, and society.<br />
The quest for universal learning is one<br />
of the most significant, fascinating, and<br />
revolutionary intellectual developments<br />
of all time. A ground-breaking<br />
book, The Master Algorithm is the<br />
essential guide for anyone wanting to<br />
understand not just how the data revolution<br />
will happen, but how to be at its<br />
forefront.<br />
makingheadlines<br />
When people arrived in Las Vegas to attend CES in <strong>January</strong> this year, one of the<br />
first things they noticed was Google’s massive promotional c<strong>amp</strong>aign for its<br />
Google Assistant service. There were ads splattered on the sides of buildings,<br />
painted on trains, and displayed on the screens of hotel room TVs. The effort<br />
wasn't to make artificial intelligence a huge theme at this year’s show–mainly in<br />
the form of digital assistants. Google, on the other hand, is also using its network<br />
of Android devices and integrate its digital assistant service into millions of cars<br />
from companies such as Ford, GM, Volkswagen and Volvo. Likewise, Amazon<br />
left no stone unturned to showcase Alexa as the new wave in digital assistants.<br />
Alexa's history preceded itself since it was the star of last year's CES. At CES<br />
<strong>2018</strong>, Amazon's Alexa service has diversified into cookers from Whirlpool and<br />
GE as well as Bluetooth-enabled portable devices such as smartwatches, headphones<br />
and smartglasses.<br />
Only 17% of senior roles are held by women in India.<br />
The global survey by Grant Thornton – Women in business:<br />
New perspectives on risk and reward, of 5,500<br />
businesses in 36 economies further adds that 41%<br />
of the Indian businesses surveyed have no women in<br />
leadership roles, 7 points higher than the last year.<br />
India continues to rank third lowest in the proportion<br />
of business leadership roles held by women for the<br />
third year consecutively.<br />
At the global stage, Grant Thornton’s data shows<br />
developing regions continue to lead the charge on<br />
diversity with developed economies lagging behind.<br />
Eastern Europe performs best, with 38% of senior roles<br />
held by women in 2017 and just 9% of businesses<br />
with no women in senior management. Meanwhile the<br />
MINT economies (Mexico, Indonesia, Nigeria and Turkey)<br />
saw the most improvement, with the proportion of<br />
senior roles held by women rising from 24% in 2016 to<br />
28% in 2017.<br />
gender<br />
bender<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
5
Around The Tech<br />
CES <strong>2018</strong><br />
SPECIAL<br />
matter of<br />
twitter<br />
Toyota president Akio Toyoda has announced e-Palette, the auto<br />
company's on-demand autonomous vehicle solution for business<br />
applications, which it said will essentially form on-demand cities.<br />
E-Palette is one ex<strong>amp</strong>le of Toyota's vision for autonomous business<br />
applications," Toyoda said at CES <strong>2018</strong>.<br />
E-Palette will be fully electric, and will be powered by Toyota's<br />
autonomous technology. Or, if they prefer, partner companies can use<br />
their own automotive driving system instead. In either case, e-Palette<br />
will include Toyota's Guardian technologies, which will act as a<br />
safety net. It's an open, flexible platform that can be easily adapted to<br />
support a range of uses, including ride sharing, delivering, and retail.<br />
Announced at CES <strong>2018</strong>, the e-Palette could enable on-demand<br />
use cases for retail experiences, personal shops, markets, showrooms,<br />
and office sharing while transiting to and from the workplace.<br />
Ride sharing transport could also share the space with on-demand<br />
meal deliveries.<br />
VITAL<br />
STATISTICS<br />
Digital business<br />
maturity has a<br />
direct impact on<br />
<strong>CIO</strong> position<br />
Percentage of <strong>CIO</strong>s reporting to the<br />
CEO by digital maturity<br />
70%<br />
0%<br />
31%<br />
No Digital<br />
Initiative<br />
(n=260)<br />
36%<br />
Desire/<br />
Ambition<br />
(n=604)<br />
41%<br />
Designing<br />
(n=851)<br />
43%<br />
Delivering<br />
(n=799)<br />
48%<br />
Scaling<br />
(n=417)<br />
59%<br />
Harvesting/<br />
Refining<br />
(n=94)<br />
Source: Gartner's <strong>CIO</strong> Agenda <strong>2018</strong> Survey<br />
6 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Around The Tech<br />
<strong>CIO</strong> Movements<br />
Niranjan<br />
Bhalivade<br />
IS NOW<br />
CEO - Information<br />
Technology,<br />
Trident Group<br />
WAS<br />
<strong>CIO</strong>, CEAT<br />
Niranjan Bhalivade has<br />
joined as the CEO -<br />
Information Technology<br />
at Trident Group, a<br />
leading manufacturer<br />
of textiles and based<br />
in Ludhiana. Bhalivade,<br />
who has served as a<br />
jury member for annual<br />
NEXT<strong>10</strong>0 awards by<br />
9.9 Media's IT NEXT<br />
for multiple years, was<br />
serving as the <strong>CIO</strong> of<br />
CEAT for last eight years.<br />
He will be leading the<br />
digitalization program at<br />
the group.<br />
Manish<br />
Tiwari<br />
IS NOW<br />
Senior VP and<br />
Global CISO, Bharti<br />
Airtel<br />
WAS<br />
CISO, Microsoft<br />
India<br />
Manish Tiwari has<br />
joined as Senior VP and<br />
Global Chief Information<br />
Security Officer (CISO)<br />
for Bharti Airtel, India's<br />
largest telecom service<br />
provider. Tiwari, an<br />
ex-defence personnel,<br />
who served as the<br />
director for Indian Navy's<br />
Computer Emergenecy<br />
Response Team (CERT),<br />
was most recently<br />
serving as the CISO for<br />
Microsoft India.<br />
Anand<br />
Thakur<br />
IS NOW<br />
Chief Digital Officer,<br />
Jubilant Foodworks<br />
Ltd<br />
WAS<br />
CTO, Koovs<br />
Anand Thakur has<br />
joined as the Chief<br />
Digital Officer of Jubilant<br />
Foodworks Ltd. This is a<br />
newly created position at<br />
the company. A techie,<br />
Thakur served in various<br />
IT companies including<br />
Infosys, Perot Systems,<br />
Adobe before having<br />
a stint in online retail<br />
companies including<br />
Lenskart and Koovs.<br />
His immediate last<br />
assignment was as the<br />
CTO of Koovs.<br />
Major Vikas<br />
Singh Yadav<br />
IS NOW<br />
CISO, Max Life<br />
Insurance Company<br />
WAS<br />
CISO, Government<br />
of India<br />
Major Vikas Singh<br />
Yadav, an experienced<br />
information security<br />
professional, who was<br />
with the Indian Army<br />
and was working most<br />
recently in a government<br />
assignment, has joined<br />
as the Chief Information<br />
Security Officer (CISO) at<br />
Life Insurance company,<br />
Max Life.<br />
Vikas is a dynamic<br />
professional with<br />
excellent academic<br />
record and cross domain<br />
experience.<br />
Arindam<br />
Singha Roy<br />
IS NOW<br />
<strong>CIO</strong>, East India<br />
Udyog<br />
WAS<br />
Head of IT,<br />
SPML Infra<br />
Arindam Singha Roy has<br />
joined as the <strong>CIO</strong> of East<br />
India Udyog, a major<br />
transformer, conductor<br />
and EPC company.<br />
Before this, he was the<br />
Head of IT at SPML<br />
Infra where he was<br />
responsible for setting<br />
up IT infrastructure,<br />
security and applications<br />
and was in-charge of the<br />
entire IT set-up. Arindam<br />
had spent more than 12<br />
years at SPML Infra.<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
7
COLUMN<br />
By Priya Dar<br />
Essential<br />
Traits Of A<br />
New Leader<br />
Priya Dar, Chief Information Officer,<br />
Godfrey Phillips, writes about leadership<br />
in the digital age<br />
W<br />
“Who is a leader?” - My 13-year old son asked me one day. This<br />
got me thinking. Having spent some time in the leadership spectrum,<br />
this is a hard truth to live by. You have to constantly ask yourself:<br />
Are you a leader? A good leader? A conscientious leader? A<br />
just leader?<br />
Is he/she the one who stands front and center or is he/she the<br />
one who stands in the back ensuring everything goes well? After<br />
taking a scholastic approach, I think I have learnt a few things<br />
about leadership.<br />
In my opinion, anyone can become a leader. Are you a team<br />
player?; Are you decisive enough without letting your ego get in<br />
the way?; Do you communicate?; Are you approachable?; Do your<br />
people know you have their back?<br />
Know When To Change<br />
Sometimes you will need to lead the troops, and at other times you<br />
will have to nudge your people to take the plunge. Access the situation<br />
and decide.<br />
Be Decisive<br />
Not with an iron fist though. Any attempt to rule with an iron fist<br />
will go down like a lead balloon.<br />
The author is Chief Information Officer<br />
at Godfrey Phillips<br />
Keep Learning<br />
However, high on the career graph, you should be open to learning<br />
from anyone around you – irrespective of rank.<br />
8 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Column<br />
1<br />
Promoting the<br />
company's vision<br />
2<br />
Operationalizing<br />
CSR<br />
3<br />
Obtaining top<br />
management<br />
support<br />
4<br />
Engaging diverse<br />
stakeholders<br />
5<br />
Empowering<br />
and developing<br />
stakeholders<br />
Sometimes you will need to lead the troops<br />
and at other times, you will have to nudge<br />
people to take the plunge<br />
6<br />
Communicating<br />
with stakeholders<br />
7<br />
Measuring<br />
performance<br />
8<br />
Setting ethical<br />
standards<br />
Source: Report by Russel Reynolds on Sustainable<br />
Leadership: Talent requirements for sustainable enterprises<br />
Be Appreciative<br />
Just because it is a job, does not mean,<br />
you cannot appreciate small things.<br />
I have learnt from experience that<br />
appreciation begets loyalty, which is at<br />
the core of a successful leader.<br />
Pace Yourself<br />
Just because there is a book called<br />
“First <strong>10</strong>0 days of a CXO” does not<br />
mean you have to complete everything<br />
within <strong>10</strong>0 days. Every organization is<br />
different and so the list of accomplishments<br />
will be different.<br />
Build Relationships/<br />
Network<br />
Build your network - internally and<br />
externally. One of my mentors used<br />
to say this – a lot can be accomplished<br />
over a cup of tea.<br />
Delegate<br />
As you go higher up the corporate<br />
ladder, there are things you will<br />
have to delegate. Create the bandwidth<br />
for yourself by delegation and<br />
then let the delegate handle the day to<br />
day stuff.<br />
Lead by Ex<strong>amp</strong>le<br />
If you want people to respect policy<br />
– start following it yourself. I have<br />
seen people preach about the benefits<br />
of strong passwords while their own<br />
passwords are “abc123.”<br />
Don’t Forget to Enjoy<br />
You have earned it. Ultimately my<br />
answer to my son was on similar lines<br />
– a leader is not just someone who<br />
leads but someone who inspires others<br />
to follow<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
9
COLUMN<br />
By Aashish Kalra<br />
How<br />
Enterprises<br />
Are Redefining<br />
Businesses<br />
With Big Data<br />
Powered By AI<br />
How these technologies is giving<br />
businesses a new lease of life<br />
T<br />
The author is Chairman, Cambridge<br />
Technology Enterprises Limited<br />
The world is transforming and<br />
economies like India and China that<br />
remained undiscovered in early 90s,<br />
hold the potential to be discovered as<br />
growth stories and creators of asset<br />
class because of their ability to create<br />
unstructured data sets. Data is the<br />
next natural resource, like air,<br />
oil, water, and the convergence of<br />
Big Data and Cloud powered by AI<br />
and ML is a potential multi-trillion<br />
dollar opportunity.<br />
Artificial Intelligence is no longer<br />
a theory, it is for real because of the<br />
availability of unstructured data,<br />
high bandwidth and affordable computing<br />
resources.<br />
Discovering AI is the<br />
new normal<br />
As the world transforms, businesses<br />
are going to need a lot of elements to<br />
implement AI. They need an element<br />
of Big Data and Cloud, then they need<br />
to manage data, followed by an ability<br />
to see panoramic view of data to<br />
innovate and help businesses leapfrog<br />
and most importantly, draw<br />
insights to take the decisions. Majority<br />
of the companies will not be able<br />
to articulate the problem or hire the<br />
people to execute.<br />
There will be businesses with the<br />
resources and capital to get to decisions<br />
while some may still be finding<br />
the way to cross the bridge. Discovering<br />
the power of AI for your business<br />
will be the new impact. Gartner<br />
recently estimated that the term “AI”<br />
ranked seventh in the most searched<br />
terms. This is significant jump compared<br />
to <strong>January</strong> 2016 when “AI”<br />
was not even in the top <strong>10</strong>0 for the<br />
same category.<br />
Artificial Intelligence is transforming<br />
the way businesses are defined,<br />
designed and delivered and enterprise<br />
value is captured. Asian economies<br />
like India and China are poised to<br />
leapfrog the world in Artificial Intel-<br />
<strong>10</strong> <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Column<br />
ligence as the demography is not constrained<br />
by legacy usage of computers<br />
or tablets so they can move directly to<br />
the phone. Also, India and China are<br />
creating unstructured data at a very<br />
rapid pace and has datasets in volume<br />
that very few countries possess.<br />
In the Asian context, India is a<br />
country with inefficiencies and lack<br />
of infrastructure in financial services,<br />
retail, education, health services,<br />
insurance and manufacturing. Most of<br />
these sectors have limited innovation<br />
in technology due to the majority of<br />
transactions being done in cash. Now,<br />
with the increasing adoption of digital<br />
currency, it will create a treasure<br />
trove of data in every industry. With<br />
incredible advances in Artificial Intelligence,<br />
India Inc. will have the ability<br />
to upend, disrupt and create industryshaping<br />
companies from scratch.<br />
Mobility in India will drive digital<br />
adoption. As the next 700 million<br />
Indians get online – they will create<br />
data on how they live, move, transact<br />
and interact. This will in turn create<br />
opportunities in healthcare services,<br />
transportation, building better cities,<br />
retail, e-commerce and media.<br />
As we approach this future, we will<br />
see startups and big companies alike<br />
take advantage of Artificial Intelligence<br />
to re-invent and innovate. The<br />
vision of Digital India requires considerable<br />
investment and a sustained<br />
push to create better infrastructure<br />
and development of talent to support<br />
this transformation. If we can combine<br />
the efforts in government policy and<br />
innovation that young Indians are<br />
creating today, India will leapfrog the<br />
technologies of yesterday and emerge<br />
as the engine of global growth.<br />
On a larger context, application<br />
of Artificial Intelligence to crossfunctional<br />
departments can generate<br />
insights adding immense value to ingrained<br />
business processes in terms<br />
of improving performance on a proactive<br />
basis. For implementing Artificial<br />
Intelligence at an enterprise level,<br />
both AI and businesses have to ‘Think<br />
Gartner recently estimated that the<br />
term “AI” ranked seventh in the most<br />
searched terms<br />
Big, Start Small and Act Fast’.<br />
So, that’s the global context of what<br />
businesses should be trying to solve.<br />
The first thing is to capture the data<br />
and place it in databases that can<br />
handle that volume of data. This is not<br />
your traditional databases. The second<br />
part is how you analyse it. Today, the<br />
world analyzes it by brute force but<br />
tomorrow, we are convinced that the<br />
world will analyze large parts of data<br />
with Artificial Intelligence. Once you<br />
get to that point, the way we deal with<br />
information, the way the world works<br />
transforms itself. It is no longer transactional,<br />
it is relationship.<br />
Identifying hidden correlations is<br />
the aim of applying AI to business<br />
processes. Data-rich and digitally<br />
transformed organizations are going<br />
to have an advantage here compared to<br />
ones that are not capturing their data.<br />
Former organizations should start<br />
understanding the power of AI and<br />
start identifying different processes in<br />
business units where they can maximize<br />
results with the usage of AI.<br />
In the years to come, enterprises<br />
will scale new heights by exploring<br />
this untapped data and extract incremental<br />
value. AI powered by Big<br />
Data will affect almost all facets of our<br />
existence ultimately influencing the<br />
way enterprises chase growth, to<br />
positive effect.<br />
Whether businesses are ready<br />
or not, AI is going to take us overwith<br />
its disruption and it is going to<br />
work in the favor of those who are better<br />
prepared<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
11
COLUMN<br />
By Rahul Kumar<br />
Cloud<br />
Security:<br />
A Case For<br />
Effective<br />
Encryption<br />
Having an effective encryption and key<br />
management solution is vital to the<br />
success of any security strategy<br />
I<br />
It has not yet reached epic proportions, but the number of organizations<br />
adopting cloud-based technologies is growing dramatically.<br />
Organizations of all sizes across industries are turning towards<br />
cloud-based infrastructure and cloud computing for better scalability,<br />
accessibility and a collaborative work environment. However,<br />
after moving to the cloud, many organizations mistakenly assume<br />
that it is the role of the cloud service provider (CSP) to secure data<br />
and ensure compliance.<br />
Even though the CSP may provide services for protecting data,<br />
organizations must understand the fact that virtual environments<br />
are not always fully secure and that they—organizations—too have a<br />
role in protecting the security and privacy of their data. Remember,<br />
the liability to notify those affected and remediate damages is on you<br />
should your company suffer a data breach!<br />
The author is Country Manager for<br />
India at WinMagic<br />
Knowing the levels of responsibility<br />
does matter<br />
When it comes to choosing between cloud infrastructure and cloud<br />
computing, companies must make the decision backed by a plan to<br />
implement the right security solution. The solution should effectively<br />
address issues such as securing data, managing risk related<br />
to unauthorized access, and meeting compliance and regulatory<br />
requirements. Remember, the cloud is subject to the same threats<br />
12 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Column<br />
With increased sophistication of threats, cloud security is<br />
becoming even more dynamic as it evolves<br />
as a data center. Whether cloud or onpremise,<br />
organizations have to deal<br />
with human error, malicious breaches<br />
from internal and external sources, as<br />
well as system glitches. The massive<br />
amounts of data located on shared<br />
cloud servers always entice criminals.<br />
Things get a lot more complicated<br />
when a multitude of mobile devices<br />
are used in organizations.<br />
With increased sophistication of<br />
threats, cloud security is becoming<br />
even more dynamic as it evolves.<br />
Organizations continue to be responsible<br />
for security, privacy and compliance<br />
even when under different cloud<br />
service models. The need for consistent<br />
policies, password rules and<br />
specialized data encryption methods<br />
has never been greater. Both the organization<br />
and the CSP have roles that<br />
vary in scope, but then both also have<br />
different levels of responsibility that<br />
encompass the entire gamut of operations—from<br />
data classification,<br />
endpoint protection, identity and<br />
access management, application and<br />
network level controls, to host and<br />
physical security.<br />
There are clear boundaries defined<br />
and responsibilities identified for<br />
organizations and CSPs. For instance,<br />
in both on-premise and cloud models,<br />
the organization is responsible for<br />
ensuring that the data is classified<br />
and encrypted in compliance with the<br />
regulatory obligations. In the case of<br />
endpoint devices, CSPs may facilitate<br />
the management of these devices by<br />
providing secure device management,<br />
mobile application management, and<br />
PC management capabilities; however,<br />
the responsibility of implementing the<br />
security solution again lies with the<br />
customer organization.<br />
Who is responsible for<br />
a breach?<br />
There is no question about who is<br />
responsible when a breach occurs. For<br />
businesses, the vital consideration in<br />
securing the infrastructure and data<br />
relates to where the CSP’s responsibility<br />
ends and the organization’s begins<br />
so that a breach does not occur in the<br />
first place. This means that while the<br />
provider is responsible for protecting<br />
the hardware, software, physical facilities<br />
and other aspects involved with<br />
running the cloud services provided,<br />
businesses maintain control over a<br />
number of key security measures.<br />
Some key security measures for<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
13
Column<br />
businesses include:<br />
Network configuration and security<br />
(such as firewalls)<br />
Data Security (including encryption)<br />
The use of third-party security tools<br />
such as encryption key management<br />
software<br />
Determining the type of content and<br />
data to store in the cloud<br />
Access control and management<br />
Making life simple with encryption<br />
There is abundant evidence to show<br />
the difference that encryption makes<br />
in containing the volume of loss and<br />
associated costs when a breach occurs.<br />
In fact, according to a study, extensive<br />
use of encryption is the second most<br />
impactful factor that can limit the costs<br />
of a data breach. Despite all pointers<br />
that emphasize its advantages, usage<br />
of encryption is limited in many businesses<br />
across industries. Although the<br />
adoption of encryption has increased<br />
over the last decade, only a mere 37 percent<br />
of businesses employ it as a cloud<br />
security strategy.<br />
Remember, encryption is the important<br />
first step for businesses that wish<br />
to take control of the ownership of<br />
data; better encryption key management<br />
follows next.<br />
While encryption renders data<br />
into a format that can only be read by<br />
authorized users, it does not make a<br />
powerful strategic tool if not combined<br />
with effective key management. Far<br />
too often, companies follow a laissezfaire<br />
approach to key management,<br />
which makes its utilization needlessly<br />
complex and cumbersome. Problems<br />
do get out of hand when there is no<br />
clear ownership of keys within the<br />
organization, when no skilled personnel<br />
is in charge of the keys, or when<br />
a siloed approach is followed for key<br />
management.<br />
Having an effective encryption and<br />
key management solution is vital to<br />
the success of any security strategy.<br />
Data encryption, when executed<br />
properly, ensures the protection of<br />
sensitive information. Although there<br />
are many myths surrounding data<br />
Encryption is the important first step for businesses<br />
that wish to take control of the ownership of data;<br />
better encryption key management follows next<br />
encryption (too expensive, too difficult<br />
to manage, etc), the surprising truth is<br />
that it is indispensable. In fact, encryption<br />
provides the foundational framework<br />
to any data security protection<br />
strategy.<br />
There are security options out there<br />
to help organizations in:<br />
Encrypting and managing data<br />
stored on virtual machines and<br />
Infrastructure-as-a-Service (IaaS)<br />
platforms.<br />
Encrypting files at the endpoint<br />
before they are synchronized to<br />
enterprise file sync and share (EFSS)<br />
services across a range of enterprise<br />
platforms.<br />
Managing encryption keys across<br />
the enterprise<br />
Whether data is stored in public,<br />
private, or hybrid cloud environments,<br />
organizations need a robust<br />
solution to ensure full control of<br />
encryption and its keys. Much of the<br />
encryption related problems can be<br />
alleviated with the adoption of file<br />
encryption software, and ideally with<br />
an intelligent key management system<br />
that encrypts virtual machines and<br />
removes encryption keys at the conclusion<br />
of each virtual instance.<br />
Using a single platform often is<br />
more effective as an organization can<br />
ensure the implementation of a unified<br />
encryption strategy across any<br />
endpoint, provide a virtualized or<br />
cloud environment with increased<br />
enterprise security, ensure encryption<br />
compliance, and reduce complexities<br />
of risk management and audits<br />
14 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Skills<br />
<strong>CIO</strong>s will<br />
Develop<br />
& Hire to<br />
Conquer<br />
<strong>2018</strong> By<br />
Shubhra Rishi
Cover Story<br />
L<br />
et's address the elephant<br />
in the room: The world is<br />
staring at a talent crisis.<br />
The Fourth Industrial<br />
Revolution is disturbing<br />
the demand supply equilibrium<br />
- creating a shortfall<br />
of new skills. This is a classic Catch-<br />
22 situation where, on the one hand,<br />
<strong>CIO</strong>s are shifting their investments<br />
in favour of digital transformation.<br />
On the other hand, skilled IT workers<br />
are hard to come by. In a recent Skill<br />
Survey conducted by <strong>CIO</strong>&Leader, we<br />
found that 45% of Indian <strong>CIO</strong>s find it<br />
"hard" to hire the right skills for their<br />
department while 14% agree that it is<br />
rather "very hard" to fill in these highskilled<br />
positions.<br />
This is hardly a surprise because<br />
<strong>CIO</strong>s across the board identify the IT<br />
skills gap as a serious impediment to<br />
their growing digital ambition and<br />
they are under enormous pressure<br />
to help their organizations become<br />
agile and stay relevant in the current<br />
digital age.<br />
Every <strong>CIO</strong> is probably in a classic<br />
fear-of-missing-out moment with<br />
technology. One in every third <strong>CIO</strong> is<br />
either implementing an AI-powered<br />
digital initiative or leading the digital<br />
transformation initiative in the organization.<br />
According to recent Skill<br />
Survey, <strong>CIO</strong>s will hire skills in BI &<br />
Analytics, security, cloud, infrastructure,<br />
networking, vertical-specific<br />
skills, enterprise architecture, business<br />
consulting, among others.<br />
Today's business expect <strong>CIO</strong>s and<br />
their IT organizations to develop digital technology and<br />
business skills such as design thinking, data sciences, usercentric<br />
design and exposure to new technologies, such as<br />
IoT, Machine Learning, Big Data, and Blockchain, to drive<br />
transformation and sustain long-term benefits.<br />
Traditionally, <strong>CIO</strong>s have hired IT consultants, contrac-<br />
Vertical-specific<br />
skills<br />
<strong>10</strong>%<br />
Which specific skills will <strong>CIO</strong>s hire in <strong>2018</strong>?<br />
Cloud/Infrastructure/<br />
Networking<br />
17%<br />
Enterprise<br />
Architecture<br />
17%<br />
Business<br />
Analyst<br />
17%<br />
BI & Analytics<br />
17%<br />
Security<br />
48%<br />
Which leadership/business skills are <strong>CIO</strong>s planning<br />
to hone in <strong>2018</strong>?<br />
3% 3%<br />
Marketing<br />
Vendor<br />
Mgmt<br />
14%<br />
Financial<br />
Mgmt<br />
21%<br />
Team<br />
Mgmt<br />
59%<br />
Business<br />
Transformation<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
17
Cover Story<br />
Which tech skills are you planning to develop in <strong>2018</strong>?<br />
<strong>10</strong>%<br />
IT<br />
Security<br />
26%<br />
Cloud<br />
Services<br />
33%<br />
Big<br />
Data<br />
64%<br />
Digital<br />
Technologies<br />
Which skill is more important to develop in <strong>2018</strong>?<br />
“Every <strong>CIO</strong> is<br />
probably in the<br />
middle of a classic<br />
fear-of-missingout<br />
moment with<br />
technology”<br />
7%<br />
Leadership<br />
27%<br />
Technology<br />
66%<br />
All of the<br />
above<br />
What is the level of difficulty you face/have faced in<br />
hiring skills for IT?<br />
7%<br />
Easy<br />
27%<br />
Medium<br />
45%<br />
Hard<br />
14%<br />
Very Hard<br />
7%<br />
None of<br />
the above<br />
Source: Skills survey <strong>2018</strong><br />
tors and outsourcing services to meet this challenge. But we<br />
all know the reality of the modern world that this solution<br />
is far from sustainable, and is definitely expensive (even if<br />
companies can afford to spend on it) in the long run. Developing<br />
and retaining IT talent is a critical issue that organizations<br />
are already facing or likely to face in the future. <strong>CIO</strong>s<br />
find themselves tacking this problem head first. The other<br />
not-so-immediate solution is for <strong>CIO</strong>s to focus on reskilling<br />
and upskilling their workforce. This is definitely not an<br />
option, but is a necessity of modern times.<br />
Some of the leading <strong>CIO</strong>s in the industry are already<br />
advocating a radical new approach. They are identifying<br />
and incubating small technology start-ups within their own<br />
organizations. This way they are able to add new skills,<br />
capabilities and competencies to their teams and stay not<br />
only relevant to their organizations, and win from within.<br />
As they cultivate new skills, <strong>CIO</strong>s are not leaving any<br />
stone unturned to develop their own leadership and technology<br />
skills. <strong>CIO</strong>s today want to be in the know and get<br />
their hands dirty as new technologies get deployed within<br />
their organizations. In the survey, 65% of <strong>CIO</strong>s said that<br />
they want to develop skills in digital technologies namely<br />
IoT, artificial intelligence, and robotics, closely followed by<br />
big data (35%), cloud services (36%) and IT security (<strong>10</strong>%).<br />
Similarly, business transformation continues to be a top priority<br />
for <strong>CIO</strong>s.<br />
In order to dig deeper, we probed <strong>10</strong> leading Indian <strong>CIO</strong>s<br />
to tell us how they are finding top talent– and how they are<br />
planning to hone their leadership and technology skills and<br />
develop new competencies in <strong>2018</strong>. Here's what they said:<br />
18 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Cover Story<br />
Alok Khanna<br />
Executive Director –<br />
Information Systems<br />
Indian Oil Corporation<br />
Limited<br />
Skill I Plan To Hire in <strong>2018</strong><br />
At Indian Oil, a number of digital transformation projects are already<br />
under way. We are taking another step towards procuring a dealer<br />
management plus CRM system. There are primarily four areas where<br />
we plan to hire digital skills, namely big data and analytics, machine<br />
learning, IoT and chatbots. Artificial intelligence is an important area of<br />
investment for us. Last year, we deployed a chatbot as a downloadable<br />
application to serve as a digital assistant to all our delegates at a global<br />
conference. This year, we will also be focused on hiring predictive analytics<br />
and big data skills to drive positive business outcomes through<br />
actionable insights. Cyber security is an area where skills are hard to come by, and<br />
therefore our focus will be to deploy a service model supported on cloud or an onpremises<br />
model managed by experts.<br />
Alok wants<br />
to focus on<br />
developing big<br />
data analytics<br />
and cybersecurity<br />
skills in <strong>2018</strong><br />
Skill I Plan To Hone in <strong>2018</strong><br />
Considering there are a number of digital initiatives underway at IOCL, my main<br />
focus is to deliver them in a timely manner. Nevertheless, I am planning to hone<br />
my skills in mainly two areas namely big data & analytics and cyber security; the<br />
latter, I believe will come handy in probing complex and ever-evolving ransomware<br />
and IoT-related threats -- and thus, help me in identifying future threats and finding<br />
staff that can mitigate those risks.<br />
Ashok wants to<br />
focus on adopting<br />
and promting<br />
a culture of<br />
collective<br />
leadership in<br />
<strong>2018</strong><br />
Skill I Plan To Hire in <strong>2018</strong><br />
No business has been left untouched by the impact of technology.<br />
The Paints industry is undergoing a transformation. Therefore,<br />
in <strong>2018</strong>, we will be hiring innovative skill set in artificial intelligence<br />
and social media for better reach to our consumers and<br />
mobility for helping us bring together all functions and complex<br />
processes.<br />
Skill I Plan To Develop in <strong>2018</strong><br />
In <strong>2018</strong>, I will focus on adopting and promoting the culture of<br />
collective leadership. What it means is accepting the fact that no<br />
one is the master of everything, and we need to create more and<br />
more leaders in various IT sub-domains. <strong>CIO</strong>s need to break classical<br />
reporting structures, form a pool of expertise using multiple<br />
sources for innovation and distribute leadership role across business<br />
and technology. I will pay more attention to how business<br />
functions impact business performance and how technology can<br />
help. I will personally focus on learning more about blockchain<br />
and how it can be used in our business and industry. There will be<br />
an additional focus on understanding more about AI and Machine<br />
Learning which is the future.<br />
Ashok Jade<br />
<strong>CIO</strong><br />
Shalimar Paints<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
19
Cover Story<br />
Skill I Plan To Hire in <strong>2018</strong><br />
<strong>2018</strong> is the year of mobility and analytics. IoT will also be a<br />
prime area of focus. Therefore, we will focused on hiring talent<br />
in these digital technologies. Cloud computing is set to continue<br />
on its high-velocity path as business shifts from legacy to<br />
cloud-based systems. We are also in the process of adopting<br />
digital business strategies. Additionally, I believe that the selection<br />
of the right partner is extremely important if you choose an<br />
outsourced model. It is because you're outsourcing your business,<br />
and therefore, it is a critical part of the <strong>CIO</strong>'s job today.<br />
Farhan Khan<br />
Head-IT<br />
Radico Khaitan<br />
Farhan's focus<br />
will be on<br />
hiring mobility,<br />
analytics and<br />
IoT talent<br />
Skills I Plan To Develop in <strong>2018</strong><br />
The changing technology dynamics warrant a new set of skills<br />
for a <strong>CIO</strong>. I believe that I wish to continue to develop my understanding<br />
of IT infrastructure and enterprise architecture. The<br />
<strong>CIO</strong> will have to showcase an intuitive understanding of finance,<br />
marketing, operations, HR as well as other functions. Additionally,<br />
I will also be looking at developing skills in business process<br />
reengineering, project management, and strategic planning.<br />
I believe that leading through that change is probably the<br />
most critical skill a <strong>CIO</strong> can possess.<br />
Glory Nelson<br />
Senior Vice President-IT<br />
Spice Jet<br />
Skill I Plan To Hire in <strong>2018</strong><br />
In <strong>2018</strong>, we will be focused on delivering an outstanding customer experience.<br />
However, getting UX skills is extremely hard. In order to do that,<br />
I will be hiring UX architects who play a critical role in understanding<br />
what the user expects from a product. A good UX specialist has a strong<br />
knowledge code, and should be well-versed in creating strategic plans<br />
that will help us improve overall customer experience.<br />
I will also be investing in hiring business consultants who are well-versed<br />
in business and technology. The other key area of skills investment will<br />
be broadly in Robotics Process Automation (RPA). As individual technology<br />
skills are very hard to find, we leverage partners who can provide advanced<br />
analytical and business intelligence skills in the RPA domain to eliminate a number<br />
of mundane and repetitive tasks.<br />
Skill I Plan To Develop in <strong>2018</strong><br />
Data science is a field that has constantly piqued my interest. Mining large<br />
amounts of structured and unstructured data to identify patterns can help an<br />
organization rein in costs, increase efficiencies, recognize new market opportunities<br />
and increase an organization's competitive advantage. I will also be seeking<br />
certifications in developing UX skills and RPA. The idea is to gain knowledge<br />
as we advance our deployments in these technologies.<br />
Developing<br />
know-how in<br />
robotics, data<br />
science and UX<br />
will be Glory's<br />
main focus in<br />
<strong>2018</strong><br />
20 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Cover Story<br />
Jaspreet Bindra<br />
Senior Vice President –<br />
Digital Transformation,<br />
Mahindra Group<br />
Skills I Plan To Hire in <strong>2018</strong><br />
In <strong>2018</strong>, my main focus will be to develop hard skills in digital<br />
technologies and not just legacy tech. I will work with my<br />
team to develop use cases that will help them implement<br />
digital initiatives with ease. I will also look for people with<br />
entrepreneurial experience and those who have exposure to<br />
new technologies such as Internet of Things (IoT), Machine<br />
Learning, Big Data, and Blockchain. Not only that, I will also<br />
look for people with soft skills such as design thinking, agile<br />
way of working, tolerance for failure, risk taking, storytelling<br />
and change management.<br />
Skills I Plan To Develop in <strong>2018</strong><br />
The current times call for leaders to constantly learn something<br />
new. Whether it is for creating new business models or<br />
great customer experiences, leaders today must know how to<br />
make effective use of digital technologies available to them<br />
and foster innovation. We have used blockchain— one of the<br />
newest technologies—in our financial services sector. In <strong>2018</strong>,<br />
my focus will be to develop design thinking capabilities, hone<br />
coaching, and coding skills.<br />
Jaspreet's<br />
main focus will<br />
be to develop<br />
design thinking<br />
capabilities in<br />
<strong>2018</strong><br />
Kamal's focus will<br />
be on completing<br />
his research on<br />
Flexibility in IT<br />
systems from IIT,<br />
Delhi<br />
Skill I Plan To Hire in <strong>2018</strong><br />
When it comes to hiring in <strong>2018</strong>, our focus at RJ Corp will be to hire people<br />
who have worked in AI, machine learning and IoT skills. Our aim is to hire<br />
emerging talent for a number of ongoing digital projects in the organization.<br />
However, skill gap being one of the biggest obstacles of digital India,<br />
good skills are difficult to find. To tackle this issue, we are incubating startups<br />
or working with them to recruit fresh talent for our various digital projects.<br />
We are also hiring entry level professional from top engineering and<br />
management schools.<br />
Skill I Plan To Develop in <strong>2018</strong><br />
<strong>CIO</strong>s must upgrade their skills every year. They must keep an eye on the<br />
latest digital technologies in the market. <strong>CIO</strong>s must focus on personal skill<br />
development. They must also know how to enable strategic innovation and<br />
disruption in their organization. For instance, I'm pursuing my research in<br />
Flexibility in Information Technology from Indian Institute of Delhi where I<br />
focus on how flexible Information technology systems can become such<br />
that the business can use it to drive flexibility strategically. In retail, flexibility<br />
of IT systems can increase the value of your overall business. As part of<br />
my research, I collected a lot of data and spoke to a lot of organizations. In<br />
a few months, I will be submitting my thesis.<br />
Kamal Karnatak<br />
Group <strong>CIO</strong><br />
RJ Corporation<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
21
Cover Story<br />
In <strong>2018</strong>, Priya's<br />
main focus will<br />
be on developing<br />
greater business<br />
understanding<br />
Skills I Plan To Hire in <strong>2018</strong><br />
We are experimenting with a lot of initiatives involving automation,<br />
bots, data, and dashboards. With such a barrage of digital projects<br />
commencing in <strong>2018</strong>, there is a huge need to set aside a project governance<br />
plan in place In <strong>2018</strong>, I hope to hire a digitally enabled project<br />
manager who understands enterprise IT, understands the new digital<br />
changes, and works with the team to ensure some of the initiatives<br />
are taken to implementation and acceptance by business. Data understanding<br />
will be a big part of all the job profiles that go out this year.<br />
Skills I Plan To Develop in <strong>2018</strong><br />
As I grow to a more strategic role, technology understanding without<br />
business knowledge won’t be of any use or outcome. We need to<br />
concentrate more on business understanding, how technology can<br />
be used in a cost effective way to reduce some pain points of business<br />
starting from reducing cycle times, removing resources from<br />
mundane jobs to data-based decision making to increase profits. In<br />
an ever-changing technology world, everyone has to have basic understanding<br />
of data and some level of analytics. I plan on taking some<br />
courses, reading on this aspect of data, and encourage my managers<br />
to do the same.<br />
Priya Dar<br />
<strong>CIO</strong><br />
Godfrey Phillips India<br />
Suresh Kumar<br />
<strong>CIO</strong><br />
Grant Thornton<br />
Skills I Plan To Hire in <strong>2018</strong><br />
As we embark on our Digital transformation journey, I will need to<br />
hire resources skilled in digital technologies. We plan to build our<br />
Digital data lake to be more agile and derive real-time business<br />
insights; mine value from unknown and large amount of data;<br />
enable data driven mindset across the organization and harness<br />
the power of big data in a cost effective manner. I will need to hire<br />
skilled resources for Hadoop, Yarn, Tableau and Power BI.<br />
Skill I Plan To Develop in <strong>2018</strong><br />
I would like to hone my leadership skills further. With many millennials<br />
joining the team, it is imperative to change your leadership<br />
style. Instead of ‘managing’ people, one needs to empower people<br />
and lead from the front. I plan to spend time learning about each<br />
of the businesses of the organization in greater detail and ‘partner’<br />
with them to not only provide solutions to meet their requirements<br />
but also help in developing new innovative services. My<br />
focus this year will be to learn digital technologies including Big<br />
Data, AI, Analytics and Robotics and use all possible avenues to<br />
acquire these skills.<br />
In <strong>2018</strong>, Suresh<br />
plans to develop<br />
his leadership<br />
style , empower<br />
people, and lead<br />
from the front<br />
22 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Cover Story<br />
Sunil Mehta<br />
Senior Vice-President<br />
& Area Systems<br />
Director – Central<br />
Asia<br />
JWT<br />
Skill I Plan To Hire in <strong>2018</strong><br />
The shift to a digital economy is creating a talent crisis that is putting<br />
companies’ survival—and <strong>CIO</strong>s’ own careers—on the line. Today the nature<br />
of the skills that organizations need in IT is changing. Digital business is<br />
being built cloud-first and mobile-first, and is heavily dependent on analytics,<br />
automation and new security models. My main area of focus will be<br />
to create a culture of growth, empowerment, and transparency; and above<br />
all, making sure work is meaningful, challenging, and fun. Additionally, I will<br />
also be focused on sourcing good artificial intelligence skills available in<br />
the market.<br />
Skill I Plan To Develop in <strong>2018</strong><br />
The IT skills gap is an ongoing concern for <strong>CIO</strong>s, particularly in the search<br />
for cyber security talent. Complex and ever-evolving threats, from the rise<br />
in ransomware to the emergence of billions of BYOD and IoT devices,<br />
mean the risks and staffing needs are always growing and changing Even<br />
though organizations are progressively looking for a modern business<br />
environment, <strong>CIO</strong>s today are concerned about having a proper security<br />
environment in place owing to the open nature of the Internet and increasing<br />
cyber threats. In <strong>2018</strong>, I will focus on developing and honing security<br />
skills to prepare for modern security warfare.<br />
In <strong>2018</strong>, Sunil's<br />
focus will be<br />
on developing<br />
cybersecurity<br />
skills<br />
Yateen has<br />
authored a book<br />
titled ' Life of<br />
CXO' - a skill<br />
development<br />
guide for the<br />
future<br />
Skill I Plan To Hire in <strong>2018</strong><br />
Hiring has undergone a transformation in the last three years. In my book, Life of CXO, I<br />
have explained how the skills required for future have replaced the skills of the past. Given<br />
the enormous operational and strategic importance of IT today, <strong>CIO</strong>s should act as CEO's<br />
IT advisor who understands the business as well as the technology. <strong>CIO</strong> is no longer<br />
focused on just technical matters: they are integral to company strategy, security<br />
and risk management, and how companies and customers interact. In <strong>2018</strong>, I will<br />
look for managerial level skills in core areas such as Strategic mindset, Risk management,<br />
Emotional Intelligence, Vendor management, Smart sourcing and negotiation<br />
skills. I will also look for technical expertise in areas such as Project and<br />
Operations management, Mobile, Web, Omni Channel application development,<br />
Data mining, Data Warehouse and Big data management, Next Gen Data centre<br />
technologies: Converged Infrastructure Rack management, and Cloud.<br />
Yateen Chodnekar<br />
Group <strong>CIO</strong><br />
Writer Corporation<br />
Skill I Plan To Develop in <strong>2018</strong><br />
The success or failure of a company is often linked to its highest level executives. Being<br />
the <strong>CIO</strong> I am at the driver’s seat as a custodian of data and technology decision maker.<br />
Therefore, I am rightly positioned to shape success of a business with use of latest technologies<br />
which can cross physical boundaries and achieve exponential business volumes.<br />
As part of my learning agenda in <strong>2018</strong>, I wish to focus on developing strategic, financial<br />
and business orientation, BI and analytics, Blockchain, and Enterprise Architecture.<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
23
FACE OFF<br />
//HOW IMPORTANT IS A <strong>CIO</strong>'S VERTICAL SPECIALIZATION?<br />
I have worked in the healthcare sector<br />
for only a decade as compared to my<br />
overall experience of over 20 years or<br />
so, and yet, I have been labelled as a<br />
healthcare <strong>CIO</strong> despite the fact that I<br />
come from a varied experience in organizations<br />
such as Microsoft (MS) and<br />
manufacturing in GE and Xerox.<br />
However, the market reality is that<br />
<strong>CIO</strong>s in specific industries such as<br />
Telecom, Healthcare and Banking are<br />
preferred due to their vertical specialization.<br />
It is slowly becoming a norm<br />
in order to reduce the learning and<br />
assimilation cycles. Today, the return<br />
of investment on most IT and digital<br />
projects is less than a year, thus making<br />
it necessary to hire people with<br />
relevant experience.<br />
However, in the organizations that I<br />
have worked in, I have hired IT Infra<br />
folks from retail space to allow cross<br />
pollination of people, ideas and innovation<br />
to flow. However, people in the<br />
core application had to be hired from<br />
the healthcare vertical.<br />
However, it is also true that due to a<br />
tight market situation, it doesn’t allow<br />
people to experiment and hire people<br />
from across industries, which is an<br />
unfortunate market reality.<br />
Quick View<br />
Rajesh Batra, VP-IT,<br />
Kokilaben Dhirubhai Ambani<br />
Hospital, says that <strong>CIO</strong>'s<br />
vertical specialization is<br />
a necessary evil in the<br />
competitive age<br />
RAJESH<br />
BATRA<br />
VP-IT, Kokilaben<br />
Dhirubhai Ambani<br />
Hospital<br />
In my own view, I do NOT agree with<br />
silo mindset of the market. It would<br />
NOT have allowed me to experience<br />
various industries from manufacturing<br />
to cards (my days at American<br />
Express) to software company like<br />
MS and then Healthcare. It not only<br />
gave me a perspective of the industry<br />
but allowed ideas and practises to<br />
flow from one industry to another. For<br />
ex<strong>amp</strong>le, when I joined my previous<br />
organization, healthcare was ripe for<br />
workflow adoption but nobody had<br />
implemented. Despite not possessing<br />
a healthcare background, it took<br />
conviction and courage to implement<br />
the workflow system. My team and I<br />
succeeded in implementing it without<br />
prior experience, and today workflow<br />
management systems are a norm.<br />
However, keeping in mind current<br />
industry norms, I believe that<br />
<strong>CIO</strong>'s vertical specialization is a necessary<br />
evil.<br />
“In certain sectors,<br />
<strong>CIO</strong>s with vertical<br />
specialization are<br />
preferred. It is<br />
slowly becoming<br />
a norm in order to<br />
reduce the learning<br />
and assimilation<br />
cycles”<br />
24 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Face Off<br />
SUNIL MEHTA<br />
Senior VP &<br />
Area Systems<br />
Director – Central<br />
Asia – JWT<br />
related implementation is taking place.<br />
Let me give you another ex<strong>amp</strong>le.<br />
Until a few years ago, <strong>CIO</strong>s were in<br />
charge of enterprise IT, infrastructure<br />
and security. Today because of digital,<br />
if <strong>CIO</strong>s have not kept themselves relevant,<br />
they will lose their jobs and companies<br />
will hire people who are young<br />
with relevant skills. However, just hiring<br />
a digital expert doesn’t ensure that<br />
he will also be able to perform a <strong>CIO</strong>'s<br />
responsibilities.<br />
“The truth is that<br />
a <strong>CIO</strong>'s overall<br />
experience, and<br />
more specifically<br />
IT experience,<br />
matters more<br />
than his vertical<br />
specialization”<br />
At a <strong>CIO</strong> level, I do not believe that vertical<br />
specialization is important. Most<br />
<strong>CIO</strong>s I know in the industry today<br />
have worked across sectors – gaining a<br />
wide-range of domain expertise.<br />
In the past when <strong>CIO</strong>s were EDP<br />
managers, they were responsible for<br />
driving change with the help of technology.<br />
Today technology has enabled<br />
organizations to drive that change.<br />
At JWT, the IT department has put<br />
the mandate on the finance department<br />
to choose their finance solution.<br />
While the IT department deploys it,<br />
the finance department is empowered<br />
to select the right solution as per<br />
their needs.<br />
Times have changed. Today if a <strong>CIO</strong><br />
is in charge of IT transformation globally,<br />
he can lead the transformation in<br />
any industry. The truth is that a <strong>CIO</strong>'s<br />
overall experience matters more than<br />
his/her vertical specialization— which<br />
comes handy only when a domain<br />
Quick View<br />
Sunil Mehta, Senior Vice-<br />
President & Area Systems<br />
Director – Central Asia<br />
– JWT, says that <strong>CIO</strong>s<br />
primarily should know how<br />
to run IT<br />
The <strong>CIO</strong> role is transforming into a<br />
digital specialist and he/she doesn't<br />
have to be an expert overnight. However,<br />
he or she should be able to use<br />
the expertise in one area or vertical to<br />
make a difference in the other.<br />
If a CEO can be hired without any<br />
vertical specialization, so can a <strong>CIO</strong>. So<br />
if a CEO knows how to run the organization,<br />
<strong>CIO</strong>s know how to run IT,<br />
irrespective of which sector they work<br />
or have worked in.<br />
But at the same time, there are several<br />
<strong>CIO</strong>s who have evolved, but there<br />
are also those who won't transform,<br />
and will not even want to step out of<br />
their comfort zones.<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
25
INSIGHT<br />
Artificial<br />
Intelligence Is<br />
Creating Happy<br />
Workplaces<br />
As per Gartner, by 2022, personal devices will know more<br />
about an individual's emotional state than his own family<br />
due to the impact of AI<br />
By <strong>CIO</strong>&Leader<br />
26 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Insight<br />
EEmotion artificial intelligence (AI)<br />
systems are becoming so sophisticated<br />
that Gartner predicts that by 2022,<br />
personal devices will know more about<br />
an individual's emotional state than<br />
his/her own family. AI is generating<br />
multiple disruptive forces that are<br />
reshaping the way we interact with<br />
personal technologies.<br />
"Emotion AI systems and affective<br />
computing are allowing everyday<br />
objects to detect, analyze, process and<br />
respond to people's emotional states<br />
and moods to provide better context<br />
and a more personalized experience,"<br />
said Roberta Cozza, research director<br />
at Gartner. "To remain relevant, technology<br />
vendors must integrate AI into<br />
every aspect of their devices, or face<br />
marginalization."<br />
The current wave of emotion AI<br />
systems is being driven by the proliferation<br />
of virtual personal assistants<br />
(VPAs) and other AI-based technology<br />
for conversational systems. As a second<br />
wave emerges, AI technology will<br />
add value to more and more customer<br />
experience scenarios, including educational<br />
software, video games, diagnostic<br />
software, athletic and health performance,<br />
and the autonomous car.<br />
"Prototypes and commercial products<br />
already exist and adding emotional<br />
context by analyzing data points<br />
from facial expressions, voice intonation<br />
and behavioral patterns will<br />
significantly enhance the user experience,"<br />
said Cozza. "Beyond smartphones<br />
and connected home devices,<br />
wearables and connected vehicles will<br />
collect, analyze and process users'<br />
emotional data via computer vision,<br />
audio or sensors capturing behavioral<br />
data to adapt or respond to a user's<br />
wants and needs."<br />
Other personal device predictions<br />
from Gartner include:<br />
By 2021, <strong>10</strong>% of wearable<br />
users will have changed<br />
lifestyles, and thereby<br />
extend their life spans by<br />
an average of six months.<br />
As AI emotion systems evolve there is<br />
huge potential for specialized devices,<br />
such as medical wristbands, which can<br />
anticipate life-threatening conditions<br />
and facilitate an early response system.<br />
At the same time special apps are also<br />
being developed for diagnostic and<br />
therapy services that will help to recognize<br />
conditions such as depression<br />
or help children with autism.<br />
"Even a basic wearable device could<br />
have a positive impact on the wearer's<br />
health," said Annette Zimmermann,<br />
research vice president at Gartner. "We<br />
are seeing growing numbers of users<br />
actively changing their behavior for<br />
the better with the adoption of a wearable<br />
device. Not only can this have beneficial<br />
influence on the amount of exercise<br />
they do but there is evidence that<br />
one or two out of <strong>10</strong> smart watch and<br />
fitness band users discover a condition<br />
such as sleep apnea or cardiac arrhythmia<br />
through wearing the device."<br />
By 2020, 60% of personal<br />
technology device vendors<br />
will use third-party AI<br />
cloud services to enhance<br />
functionality and services.<br />
Cloud-based AI technologies are driving<br />
compelling user experiences on<br />
a variety of connected devices. Cloud<br />
offerings from the big tech players,<br />
such as Google, Microsoft, Amazon,<br />
Tencent, Baidu and IBM, are starting<br />
to proliferate due to their attractive<br />
cost model, easy-to-use integration and<br />
potential to create complex services.<br />
A major catalyst for device vendors to<br />
use cloud AI services is the increased<br />
usage of VPAs and natural-language<br />
technologies, while the adoption of<br />
VPA-based, screenless devices such as<br />
Amazon Echo and Google Home is also<br />
on the rise, further increasing usage of<br />
cloud AI services.<br />
"We are starting to see adoption of<br />
these services from high-profile vendors<br />
that are using them to widen their<br />
reach," said Anthony Mullen, research<br />
director at Gartner. "Fitbit uses Alexa<br />
Skills to make user stats and functionality<br />
available through VPA speakers<br />
just as Netflix uses Actions for Google<br />
Assistant to voice control its service.<br />
Ultimately, vendors will compete on<br />
the best user experience and the smartness<br />
of their products, not the technology<br />
behind it."<br />
Through 2022, security<br />
technology combining<br />
machine learning,<br />
biometrics and user<br />
behavior will reduce<br />
passwords to account for<br />
less than <strong>10</strong>% of all digital<br />
authentications.<br />
Password-based simple authentication<br />
is becoming less and less effective for<br />
personal devices. Even today's popular<br />
biometric technology — fingerprint<br />
authentication — is only around 75%<br />
successful due to contaminants such as<br />
dirt and sweat.<br />
"Users need more convenient and<br />
accurate options for unlocking their<br />
devices," said CK Lu, research director<br />
at Gartner. "Security technologies that<br />
combine machine learning, biometrics<br />
and user behavior will become necessary<br />
to improve ease of use, self-service<br />
and frictionless authentications.<br />
Within the next five years new security<br />
technology will recognize the user,<br />
prevent fraud and detect automation<br />
threats such as malware, remote access<br />
trojans and malicious bots."<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
27
Insight<br />
Tech Job Trends In<br />
<strong>2018</strong> And Beyond<br />
In-demand IT roles have started to shift towards including<br />
positions focused on advanced technologies, such as AI,<br />
IoT, AR and VR<br />
By Pradipto Chakrabarty<br />
28 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Insight<br />
The transformation in the world<br />
is happening at a pace which we<br />
have not experienced in the past.<br />
Implementation of new cuttingedge<br />
technology is moving out from<br />
a drawing board stage to being<br />
practised by organizations<br />
TThe transformation in the world of<br />
technology is happening at a pace<br />
which we have not experienced in the<br />
past. Implementation of new cuttingedge<br />
technology is moving out from a<br />
drawing board stage to being practiced<br />
by organizations across the world. As<br />
more and more organizations undertake<br />
the process of digital transformation<br />
to offer tech-enabled products or<br />
services, IT roles and skills is undergoing<br />
radical shifts, something which we<br />
are already observing. This will affect<br />
the tech job scenario as we move into<br />
<strong>2018</strong> and beyond.<br />
In-demand IT roles have started<br />
to shift towards including positions<br />
focused on advanced technologies,<br />
such as artificial intelligence (AI), augmented<br />
and virtual reality (AR and<br />
VR), and the Internet of Things (IoT)<br />
along with exciting positions within<br />
cybersecurity, cloud computing, and<br />
network technology.<br />
Through these observations we have<br />
identified the following as some of the<br />
key job roles companies require as<br />
they transform their businesses and<br />
processes for the future:<br />
Cybersecurity Analyst: This individual<br />
will manage risk for organizations<br />
through the use of relevant tools<br />
and techniques to gather vital endpoint<br />
and network host data with the<br />
goal of identifying vulnerabilities.<br />
Network Engineer: This role will<br />
encompass coordinating between<br />
cloud and traditional networking<br />
resources to make a business communicate<br />
efficiently. They will need<br />
to know how to map technical network<br />
elements (e.g., a router, an edge<br />
device, a micro datacenter) to a company’s<br />
business needs.<br />
Vulnerability Assessment Manager:<br />
The role of a penetration tester<br />
has matured. Today’s pen tester does<br />
more than hacking a server or using<br />
fancy security tools. Today’s pen tester<br />
takes a responsible approach and<br />
conducts strong, comprehensive tests<br />
to identify – and correct – unacceptable<br />
risks.<br />
Technical Support Specialist: Gone<br />
are the days when the help desk<br />
professional fixed PCs. The world<br />
needs more tech support specialists<br />
than ever before: today’s tech support<br />
engineer helps manage increasingly<br />
complex issues involving data<br />
management, authentication, and<br />
network troubleshooting.<br />
Machine Learning Engineer:<br />
Machine learning uses sophisticated<br />
programming, such as R and Python<br />
to develop AI machines and systems<br />
that can learn and apply knowledge<br />
to perform tasks. These professionals<br />
will also work with complex datasets<br />
and algorithms to convert machines<br />
to intelligent machines.<br />
Network Analysts: Businesses are<br />
investing more heavily in their networks<br />
as IoT is fast becoming critical<br />
to manufacturing tech-enabled products.<br />
A growing number of “things”<br />
need to be connected in an efficient<br />
way, and that's going to be a major<br />
driver of demand there. Network<br />
analysts in the coming years will<br />
combine their technical skill set with<br />
an understanding of how to apply it<br />
to provide real-time trending information<br />
on network traffic, and what<br />
those insights mean for the business.<br />
Cloud Engineer: Almost all businesses<br />
are mobbing their on-prem<br />
systems to cloud and are choosing<br />
a hybrid approach, with multiple<br />
vendors. In the coming years, cloud<br />
engineers will need to create solutions<br />
which are a mix of multiple<br />
technologies. Gone are the days when<br />
an Amazon engineer only worked<br />
on AWS or Microsoft engineers only<br />
knowing Azure<br />
–The author is Regional Director,<br />
CompTIA India<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
29
Insight<br />
Consumers Are Ready<br />
To Say Goodbye To<br />
Passwords<br />
Indian consumers overwhelmingly favor use of<br />
biometrics as a faster, easier, and more secure alternative<br />
to passwords<br />
By <strong>CIO</strong>&Leader<br />
30 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Insight<br />
VVisa have announced a survey, conducted on Indians<br />
exploring awareness and perceptions of biometric authentication<br />
confirms that consumers continue to have a strong<br />
interest in new biometric technologies that make their lives<br />
easier. New forms of authentication, such as fingerprint,<br />
facial, and voice recognition, can make unlocking accounts<br />
and payments much easier and more convenient than traditional<br />
passwords or PINs - which are difficult to type onto<br />
tiny keyboards, easy to forget, and can be stolen.<br />
“The payments ecosystem is witnessing a rapid change<br />
in adoption of new form factors of payments and modes of<br />
authentication. For financial institutions, the time has never<br />
been better to integrate biometric technology into banking<br />
apps and payments experiences for customers,” said TR<br />
Ramachandran, Group Country Manager, Visa, India &<br />
81% of consumers<br />
sweepingly perceive that<br />
biometrics are faster<br />
than passwords<br />
South Asia. “We are excited with the increased popularity<br />
of biometrics across Indian consumers. Today smartphones<br />
have advanced features increasing the accuracy and speed of<br />
biometrics, such that they can be used for financial transactions.<br />
Indian consumers too have discovered the ease of biometric<br />
authentication and are open to using this technology<br />
for transactions going forward, which augurs well for the<br />
Indian payments industry.”<br />
Authentication Survey Findings<br />
According to the Visa study conducted of 500 Indians by<br />
AYTM Market Research, 99% are personally interested in<br />
using at least one biometric method to verify their identity,<br />
and 99% are interested in using at least one biometric<br />
method to make payments. Higher income consumers are<br />
more interested than lower income consumers in facial<br />
recognition. Younger consumers (36 and under) are more<br />
interested than older consumers in vein pattern recognition.<br />
Findings from the survey illustrate consumers’ desire to see<br />
the implementation of biometric tools in payment authentication<br />
processes.<br />
Highlights from the survey include:<br />
Consumers were most familiar with fingerprint recognition,<br />
with 32% having used it once or twice and another<br />
63% using it regularly. By comparison, about 48% have<br />
used voice recognition in the past and 26% use it regularly.<br />
The top benefits associated with using biometric authentication<br />
for payments are the perception that it is more secure<br />
than passwords/PINs (48%) and that it gives consumers<br />
peace of mind that their payment is protected (46%).<br />
Indian consumers overwhelmingly perceive that biometrics<br />
are faster (81%) and easier (84%) than passwords.<br />
51% are concerned both about the risk of a security breach<br />
of sensitive biometric information.<br />
To help financial institutions and merchants more quickly<br />
adopt emerging biometric authentication solutions, the<br />
Visa ID Intelligence platform provides a curated selection of<br />
leading third-party authentication technologies. Visa clients<br />
can create, test and adopt new authentication solutions with<br />
simple integrations using Visa APIs and SDKs<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
31
Insight<br />
When Cloud Gives<br />
You Wings<br />
As per Synergy Research Group, cloud services and infra<br />
market revenues reached USD 180 billion, a growth of<br />
24% annually<br />
By <strong>CIO</strong>&Leader<br />
32 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Insight<br />
In 2016, cloud started<br />
dominating many IT<br />
market segments; In 2017,<br />
cloud was the new normal<br />
technologies, such as<br />
artificial intelligence (AI),<br />
augmented and virtual<br />
reality (AR and VR)<br />
NNew data from Synergy Research<br />
Group shows that across six key cloud<br />
services and infrastructure market segments,<br />
operator and vendor revenues<br />
for the four quarters ending September<br />
2017 reached USD 180 billion, having<br />
grown by 24% on an annualized basis.<br />
IaaS & PaaS services had the highest<br />
growth rate at 47%, followed by enterprise<br />
SaaS at 31% and hosted private<br />
cloud infrastructure services at 30%.<br />
2016 was notable as the year in which<br />
spend on cloud services overtook<br />
spend on hardware and software used<br />
to build public and private clouds, and<br />
in 2017 the gap widened. In aggregate<br />
cloud service markets are now growing<br />
over three times more quickly than<br />
cloud infrastructure hardware and<br />
software. Companies that featured<br />
the most prominently among the 2017<br />
market segment leaders were Amazon/<br />
AWS, Microsoft, IBM, Salesforce, Dell<br />
EMC, HPE and Cisco.<br />
Over the period Q4 2016 to Q3 2017,<br />
total spend on hardware and software<br />
to build cloud infrastructure<br />
approached USD 80 billion, split evenly<br />
between public and private clouds,<br />
though spend on public cloud is<br />
growing more rapidly. Infrastructure<br />
investments by cloud service providers<br />
helped them to generate over USD <strong>10</strong>0<br />
billion in revenues from cloud infra-<br />
Cloud<br />
Infrastructure<br />
Services<br />
Other<br />
Cloud<br />
Services<br />
Infrastructure<br />
Hardware &<br />
Software<br />
Cloud Market Growth & Segment Leaders - 2017<br />
Iaas &<br />
Paas<br />
Hosted<br />
Private<br />
Cloud<br />
Enterprise<br />
Saas<br />
UCaas<br />
Public<br />
Cloud<br />
Private<br />
Cloud<br />
Dell EMC<br />
HPE<br />
Cisco<br />
Dell EMC<br />
RingCentral<br />
Mitel<br />
IBM<br />
Rackspace<br />
Microsoft<br />
Saleforce<br />
Amazon<br />
Microsoft<br />
0% <strong>10</strong>% 20% 30% 40% 50%<br />
Annualized Revenue Growth - Q3 2017<br />
Source: Synergy Research Group<br />
structure services (IaaS, PaaS, hosted<br />
private cloud services) and enterprise<br />
SaaS – in addition to which that cloud<br />
provider infrastructure supports<br />
internet services, such as search, social<br />
networking, email, e-commerce and<br />
gaming. Meanwhile, UCaaS, while in<br />
many ways a different type of market,<br />
is also growing strongly and is driving<br />
some radical changes in business communications.<br />
“We tagged 2015 as the year when<br />
cloud became mainstream and 2016 as<br />
the year when cloud started to dominate<br />
many IT market segments. In<br />
2017, cloud was the new normal,” said<br />
John Dinsdale, a Chief Analyst and<br />
Research Director at Synergy Research<br />
Group. “Major barriers to cloud adoption<br />
are now almost a thing of the past,<br />
with previously perceived weaknesses<br />
such as security now often seen as<br />
strengths. Cloud technologies are now<br />
generating massive revenues for cloud<br />
service providers and technology<br />
vendors and we forecast that current<br />
market growth rates will decline only<br />
slowly over the next five years.”<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
33
SECURITY<br />
Web Application<br />
Security In<br />
A Digitally<br />
Connected World<br />
According to a survey, 68% of organizations admit low<br />
confidence in information security posture<br />
By Nikhil Taneja<br />
34 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Security<br />
GGlobal organizations stand on a cybersecurity<br />
precipice. Emerging technologies,<br />
such as Blockchain, Artificial<br />
Intelligence (AI) and Internet of Things<br />
(IoT), along with the explosive volume<br />
of mobile, Web and cloud apps creates<br />
uncharted, highly lucrative pathways<br />
to revenue generation, optimized productivity<br />
and enhanced brand value.<br />
At the same time, the speed and sophistication<br />
inherent in these technological<br />
advances exposes application vulnerabilities,<br />
security risks and skills deficiencies.<br />
These compromise sensitive<br />
company and customer data, devalue<br />
the brand, and severely impact financial<br />
performance.<br />
The conundrum for any organization<br />
is how to take the leap towards<br />
these new technologies that help<br />
breakdown barriers to consumer<br />
engagement and deliver substantial<br />
economic reward while successfully<br />
protecting corporate assets, Intellectual<br />
Property (IP), and personal customer<br />
information.<br />
It is important to uncover other<br />
aspects such as the challenges these<br />
new technologies and rapid-fire application<br />
deployments present, ascertain<br />
how organizations in different<br />
industries identified application-layer<br />
and API vulnerabilities, measure the<br />
impact that bots have on organizations,<br />
how companies combat applicationlayer<br />
attacks (like those listed in the<br />
OWASP Top <strong>10</strong>) and construct a security<br />
roadmap for today and tomorrow.<br />
Also, vital to understand how the<br />
exponential number of security breaches<br />
against the application layer (such as<br />
the recent Equifax attack) would alter<br />
the financial and operational actions<br />
these companies would take.<br />
Based on a survey conducted with<br />
over 600 Chief Information Security<br />
Officers (CISOs) and other security<br />
leaders across six continents, the following<br />
key findings came forth:<br />
68% of organizations admit low<br />
confidence in information security<br />
posture<br />
Organizations often leave sensitive<br />
data under-protected. 45% report<br />
they suffered a data breach while<br />
52% do not inspect traffic being<br />
transferred to and from APIs. 56%<br />
do not have the ability to track data<br />
once it leaves the company.<br />
Bot traffic represents more than half<br />
(52%) the amount of Internet traffic,<br />
exceeding 75% of the total traffic<br />
among some organizations. 49% of<br />
all bot traffic is bad bots, yet 33% of<br />
organizations cannot distinguish<br />
between good and bad bots.<br />
API security is often overlooked.<br />
While 60% both share and consume<br />
data via APIs, including personally<br />
identifiable information, usernames/<br />
passwords, payment details, medical<br />
records, ., 52% don’t inspect the data<br />
that is being transferred via APIs<br />
and 51% don’t perform any security<br />
audits or analyze API vulnerabilities<br />
prior to integration.<br />
Application-layer DDoS is a greater<br />
fear than network-level DDoS<br />
assaults. Only 33% feel confident<br />
they can mitigate application-layer<br />
attacks compared to 50% that feel<br />
confident they can protect agains<br />
tnetwork-layer DDoS attacks.<br />
Seven out of ten businesses (72%)<br />
are not fully aware of the frequent<br />
change made to in-house applications<br />
and APIs within their organizations’<br />
software development environment<br />
40% of respondents claim their<br />
organization updates applications at<br />
least once per week, posing a great<br />
challenge for organizations<br />
Everyone wants the speed and agility<br />
that continuous delivery provides<br />
but few feel they can achieve<br />
it securely. Half (49%) currently use<br />
the continuous delivery of application<br />
services and another 21% plan<br />
to adopt it within the next 12-24<br />
months. However, 62% reckon it<br />
increases the attack surface and<br />
approximately half say that they<br />
don’t integrate security into their<br />
continuous delivery process.<br />
Less than a year prior to the due date<br />
(May <strong>2018</strong>) for General Data Protection<br />
Regulations (GDPR) compliance,<br />
68% of organizations are not<br />
confident they will be ready to meet<br />
these requirements in time<br />
#1 Conundrum: The<br />
Confidence Crisis:<br />
Protecting Applications<br />
Against Data Theft and<br />
Bot Attacks<br />
As the rate and number of new technologies<br />
materialize at an accelerated<br />
pace, many security professionals<br />
face the unprecedented challenge of<br />
mitigating a wide swath of threats and<br />
attacks that often are by-products of<br />
the evolving IT landscape. Existing<br />
security strategies, plans and measures<br />
may not measure up to quickly<br />
developed malware, floods and other<br />
threats. The result is a “crisis ofconfidence”<br />
that can overwhelm skills,<br />
deplete budget and resources, chip<br />
away at brand equity and fracture customer/partner<br />
relationships.<br />
Take the recent Equifax breach,<br />
which exposed over 145 million individuals<br />
and their personal information<br />
because of a Web application<br />
vulnerability. While there may have<br />
been governance and accountability<br />
plans in place, there may have been<br />
other actions, such as a Web Application<br />
Firewall (WAF), which could<br />
have mitigated such a massive attack<br />
had it been updated properly against<br />
known vulnerabilities. A simple question<br />
may have been: did the company<br />
have the confidence they could protect<br />
against a probability of attack or was<br />
false confidence in the “impossibility”<br />
of such an attack their strategic<br />
approach.<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
35
Security<br />
The growing prevalence of attacks is<br />
a known fact; thus, the more alarming<br />
finding is the uncertainty within these<br />
companies that they could even detect,<br />
prevent or contain these attacks,<br />
especially when it comes to emerging<br />
threats such as Layer 7 DDoS<br />
attacks. Research shows that 64% of<br />
financial services institutions, 62% of<br />
healthcare organizations and 58% of<br />
retailers acknowledge the difficulty in<br />
mitigating Layer 7 DDoS attacks.<br />
Bot Attacks<br />
Automated attack programs, such as<br />
‘bad’ bots, are the main force behind<br />
the majority of the attack landscape<br />
today. In fact, bots conduct more than<br />
half of all Internet traffic flow. For some<br />
organizations, bots represent more<br />
than 75% of their total traffic. This is<br />
a significant finding considering only<br />
one in three (33%) organizations cannot<br />
distinguish between good bots and bad<br />
ones. Good bots serve critical functions,<br />
such as price aggregators to customer<br />
service chatbots and search engine<br />
spiders. However, for every good bot<br />
in the world, there is a bad bot wreaking<br />
havoc. Bots make traditional attack<br />
vectors more effective, faster and larger<br />
than anything humans can accomplish<br />
on their own.<br />
1 in 3 organizations cannot<br />
distinguish between good bots and<br />
bad ones<br />
#2 Conundrum:<br />
Continuous Delivery<br />
Security Challenge<br />
Organizations are looking for ways to<br />
optimize the deployment of application<br />
services. Many try to fully automate<br />
the cycle of application development,<br />
QA, testing, modifying and deploying<br />
in staging, and the production environment<br />
in what is known as continuous<br />
delivery. A successful continuous<br />
delivery implementation can yield a<br />
competitive edge and save operational<br />
expenses. For some of the more dynamic<br />
application services, the fast pace is<br />
critical as they are required to deploy<br />
multiple versions into production per<br />
day. The challenge, on the other hand,<br />
is to ensure accurate application security<br />
throughout the process, as almost<br />
two-thirds (62%) believe it increases<br />
the attack surface. Continuous delivery<br />
is high priority for many organizations<br />
with half of respondents currently<br />
using this approach and another<br />
20% planning to do so within the<br />
next two years.<br />
Research indicated that security executives<br />
and other experts understand<br />
the impact continuous delivery is having<br />
on their organizations. While 62%<br />
believe continuous delivery increases<br />
the attack surface, risks and vulnerabilities,<br />
only 25% are confident that<br />
security is integrated with continuous<br />
delivery of in-house, Web or cloud.<br />
#3 Conundrum: GDPR<br />
Preparedness Effect<br />
Organizations around the world that<br />
do business in or with the European<br />
Union (EU) will soon need to meet<br />
stricter data privacy laws with the<br />
GDPR taking effect in May, <strong>2018</strong>.<br />
Any organization that offers goods<br />
or services to EU residents, monitors<br />
personal behavior or processes or<br />
handles personal data of EU residents<br />
will be impacted by this law. Those<br />
who do abide by the regulation will be<br />
subject to hefty fines. This is a particular<br />
challenge for large multi-national<br />
corporations that do business in the<br />
EU as well as companies that may be<br />
headquartered there.<br />
It is advised that whatever WAF<br />
solution an organization is evaluating,<br />
it covers critical security solution fundamentals<br />
- complete OWASP Top <strong>10</strong><br />
vulnerabilities, effective API security,<br />
HTTP DDoS mitigation. By evaluating<br />
existing security processes, systems<br />
and security tools, and implementing<br />
application security solutions and<br />
practices that augment and enhance<br />
these capabilities, organizations will<br />
build the foundation for an application-secure<br />
infrastructure<br />
—The author is Managing Director -<br />
India, SAARC & Middle East, Radware<br />
36 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
BANKING<br />
Farm All The Way To<br />
The Bank<br />
Adequate and timely access to agricultural credit plays a crucial<br />
role in improving farm production and productivity and thereby<br />
livelihood of the farmers<br />
By MS Rama Rao<br />
38 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>
Banking<br />
AAdequate and timely access to agricultural<br />
credit plays a crucial role in<br />
improving farm production and productivity<br />
and thereby the livelihood of<br />
farmers. Nearly 80% of our agriculturists<br />
are small and marginal farmers,<br />
heavily dependent on credit for carrying<br />
on their seasonal agricultural<br />
operations. The over hundred year old<br />
Cooperative Credit System (CCS) in the<br />
country has been a major provider of<br />
agricultural credit, mainly short-term<br />
loans for raising crops, serving an<br />
estimated 50% of all farmers served by<br />
institutional credit agencies, with over<br />
75% of the its credit disbursal being for<br />
small and marginal farmers.<br />
The rural cooperative banking system<br />
in our country is well over a century<br />
old, having taken birth in around<br />
the first decade of the 20th century<br />
during the British period. Although<br />
the system was intended to be shaped<br />
along the lines of the Raiffiesen Cooperatives<br />
in Germany, as autonomous<br />
self-reliant institutions, over time it<br />
took shape as a government supported<br />
mechanism for providing credit to<br />
the farmers in the rural areas.<br />
Over the decades and right into<br />
the early 90’s, the cooperative credit<br />
and banking system shored up as the<br />
mainstay for providing credit to the<br />
agriculturists, with the Reserve Bank<br />
of India right from its own inception<br />
detailing a policy of productionoriented<br />
systems of lending for agriculture<br />
and providing concessional<br />
refinance to the cooperative banks,<br />
towards supplementing their resources<br />
in meeting the credit requirement of<br />
agriculturists in the rural areas.<br />
The rural cooperative credit mechanism<br />
in India essentially comprises<br />
two parallel structures viz. the three<br />
tier short-term credit structure for<br />
dispensation of short- and mediumterm<br />
credit for crop production and<br />
agriculture allied activities; and the<br />
long-term credit structure for providing<br />
long-term credit for investments<br />
in agriculture e.g., land development,<br />
farm mechanization, horticulture, etc.<br />
These institutions have been supported<br />
both by way of policy and refinance<br />
supported for a considerable time<br />
by the RBI and later by the ARDC<br />
and NABARD.<br />
The short-term credit and banking<br />
structure in most states comprises State<br />
Cooperative Banks (St.CB), District<br />
Central Cooperative Banks (DCCB/<br />
CCB) at the District level, and Primary<br />
Agricultural Credit Societies (PACS) at<br />
the village level. Some smaller states /<br />
UTs have only State Cooperative Banks<br />
and PACS. The State and District level<br />
institutions which are part of the shortterm<br />
credit structure are recognized as<br />
banks by the RBI and carry out various<br />
banking activities in addition to<br />
providing agricultural credit through<br />
the PACS at the grassroots level. However,<br />
the PACS which are actually the<br />
last mile connect to the farmer, are not<br />
recognized as banking institutions.<br />
They are,however, exempted from the<br />
provisions of the Banking Regulations<br />
Nearly 80% of our<br />
agriculturists are<br />
small and marginal<br />
farmers, heavily<br />
dependent on credit<br />
for carrying out their<br />
seasonal agricultural<br />
operations<br />
Act, giving leeway for them to undertake<br />
banking activities. Many PACS<br />
undertake basic banking services for<br />
members along with credit and various<br />
other functions, such as input distribution,<br />
running consumer stores, warehousing,<br />
procurement & marketing,<br />
Public Distribution System (PDS), etc.<br />
The foray of commercial banks into<br />
agricultural credit post nationalization,<br />
setting up of RRBs, adoption<br />
of the multi-agency approach and<br />
directed credit programmes, saw<br />
in their wake the fall in the share of<br />
amount disbursed by rural cooperative<br />
banks for agricultural credit. In<br />
the euphoria of expanding credit supply<br />
by commercial banks, the need<br />
to shore up these institutions that up<br />
until then had played a major role and<br />
are geographically positioned for a<br />
better outreach, had been lost sight<br />
of. Central regulatory and financing<br />
agencies are observed to have maintained<br />
an arm’s length in this regard.<br />
Notwithstanding this, the short-term<br />
cooperative credit and banking system<br />
continues as a potent instrument in<br />
meeting the credit and related needs of<br />
the farmers. Around 5.5 crore farmers,<br />
mostly small and marginal farmers,<br />
continue to be dependent on the PACS<br />
supported by DCCBs, numbering 380<br />
with around 14000 branches and 32<br />
state coop banks for their agricultural<br />
loans. There are around one lakh<br />
PACS spread across the rural areas<br />
of the country, with over two-third of<br />
them being operationally viable.<br />
However, the grassroots level operations<br />
of this century old structure<br />
continue to be driven by outdated<br />
manual systems and processes, standing<br />
in the way of timely and adequate<br />
provision of credit to the farmers. As<br />
the PACS are not considered a part of<br />
the banking and payments system,<br />
the benefits of technology and digital<br />
payments environment is as yet to be<br />
positioned for ensuring timely and<br />
hassle free credit to their members.<br />
Given the vast geographic outreach<br />
of the Cooperative Credit Structure,<br />
<strong>January</strong> <strong>2018</strong> | <strong>CIO</strong>&<strong>LEADER</strong><br />
39
Banking<br />
The ideal tech solution must facilitate<br />
Rupay card based ops through ATMs<br />
there is urgency in mainstreaming<br />
the PACS into the emerging technobanking<br />
digital environment in a big<br />
way towards providing agricultural<br />
credit, other loans, agricultural inputs,<br />
basic banking facilities, procurement,<br />
warehousing and marketing and a<br />
host of other services. In the context of<br />
renewed signals of distress from farmers<br />
across various parts of the country,<br />
it is imperative to rejuvenate PACS<br />
through technology and provide them<br />
the interface to the mainstream banking<br />
environment and enable digital<br />
banking and payments related services<br />
at their end, so that their outreach<br />
can be fully harnessed in meeting the<br />
various needs of the farmers.<br />
The ideal technology solution must<br />
facilitate Rupay Card based operations<br />
through ATMs and micro-ATMs<br />
on KCC Accounts by farmer members<br />
on their accounts with the PACS, in<br />
tune with RBI/NABARD guidelines.<br />
The technology solution needs to be<br />
a cost-effective centralized solution<br />
with extensive parameterization to<br />
support the local usage and custom;<br />
be easy to use by grassroots level<br />
staff, preferably being picture/icon<br />
driven and having online help facility<br />
as well as being available in local<br />
languages. It should be expected to<br />
cover the entire functionality of all<br />
types of agricultural credit, covering<br />
short, medium- and long-term loans<br />
in a wide spectrum of parameterized<br />
options of loan products, origination<br />
and sanction systems-covering<br />
processes that span across different<br />
tiers of the credit system; cover different<br />
reporting system requirements to<br />
district level, state level, NABARD and<br />
GOI levels; handle various national<br />
and state level schemes, such as crop<br />
insurance ,interest subsidy and subvention,<br />
etc. The coverage of solution<br />
should include basic banking like<br />
savings bank, term deposits, recurring<br />
deposits, pigmy deposits, different<br />
types of non-agri. loans, personal<br />
loans, consumer loans, gold loans,<br />
etc. which PACS do. It should handle<br />
under the automated environment,<br />
various other functions handled by<br />
PACS, such as seed, fertilizer and<br />
other inputs supply, consumer stores,<br />
PDS, outlets for other items of business,<br />
as also warehousing, procurement<br />
and marketing, etc. On positioning<br />
such solution, online access to<br />
ground level information is expected<br />
to enhance inputs for policy formulation<br />
and facilitate timely monitoring<br />
of the progress of various schemes.<br />
The state of Odisha, in which the<br />
cooperative banks have a share of<br />
around 65% in agricultural credit,<br />
has been the early mover and taken<br />
the lead in adoption of technology in<br />
all the three tiers of the cooperative<br />
credit structure from the state level to<br />
village levels on the above lines. The<br />
implementation, currently in the final<br />
stages, provides Rupay Kisan cardbased<br />
operations to the farmers across<br />
the state. The adoption of technology<br />
in the cooperative credit system has<br />
also facilitated direct benefit transfer<br />
of money into farmers’ accounts of<br />
proceeds of paddy procurement made<br />
by state agencies running into several<br />
thousands of crores.<br />
Such technology led transformation<br />
of this important segment of our<br />
rural eco-system across the country<br />
is expected to go a long way to help in<br />
mitigating the problems of our farmers.<br />
It is in recognition of this imperative<br />
that the GOI in the Union Budget<br />
for 2017-18 has made its policy and<br />
financial commitment towards computerisation<br />
of all viable PACS in the<br />
country over a span of three years. It<br />
expected that technology adoption on<br />
the lines adopted by Odisha state will<br />
find favor for replication across the<br />
country for the benefit of a huge segment<br />
of farmers in our country comprising<br />
mostly small and marginal<br />
holders who are wedded to the cooperative<br />
banks for their credit and other<br />
needs. This would further the cause of<br />
financial inclusion of the excluded and<br />
marginalized segments of the rural<br />
population in a big way<br />
—The author is Chief Product Officer,<br />
VSoft Technologies<br />
40 <strong>CIO</strong>&<strong>LEADER</strong> | <strong>January</strong> <strong>2018</strong>