Over the next few years, CIOs say they will focus more than ever on helping set corporate strategy and developing innovative information technologies that will enable their companies to achieve strategic business goals.
To answer those questions, the editors of Ziff Davis Medias Enterprise Group—Baseline, CIO Insight and eWeek—talked with the CIOs who should have the best handle on new information technology tools: the CIOs at leading technology vendors.
Lee Congdon, Red Hat
Red Hats Lee Congdon: Aiming for a world-class, open-source enterprise.
Congdon joined Red Hat in March 2007 as vice president of global information technology. He previously held positions in I.T. management with Capital One, NASDAQ and Citicorp, after starting his career as an operating system developer with IBM. He manages a staff of 160 people in 30 locations around the world. He spoke with Baselines Brian P. Watson.
Baseline: What innovative things are you working on?
Congdon: Were deploying Red Hat Enterprise Linux 5 [operating system] on desktops right now. Were starting on a number of programs to take our I.T. organization to the next level. My goal is to be the world-class, open-source enterprise. So were looking at not only our own products, but partner products, to deliver capabilities. Were making more use of JBoss (Java-based application server) and MetaMatrix (data management and integration software), but also looking broadly at our partners, particularly in Red Hat Exchange (an open-source marketplace for developers).
What are the most innovative things the I.T. department has done in the past?
Ive been delighted with the technical work the team has done to implement our products in our internal environment. And Im certainly very pleased with using the products we deliver to customers in the desktop and server environment. Im also pleased with the interaction with product group, on both sides, to determine what capabilities we need and looking to external channels for feature capabilities. And then were just getting started with Red Hat Exchange, but many of those partners offer products that I can see direct applicability for our enterprise, so Im excited about that as well.
How do you foster innovation inside your company?
I have a game plan based on my past experience that Im adapting to the organization at Red Hat. Openness and receptiveness from the team, from the business, from our partners, from the community and our partners is essential to any firm, but particularly essential at an open-source firm. One of the great advantages we have at Red Hat is that people are so immersed and excited about technology. I have not only my team, but the whole organization, out there looking for and sharing ideas and concepts. That really sparks an organization thats receptive to change and looking for the next technology that can really change the business. And thats an exciting thing.
What can other CIOs do to foster innovation?
I think it needs to be part of the fundamental fabric of what information technology organizations do, because that adds value to the enterprise. We need to weave it into everything from the operations, like how they use virtualization, to the development organization, where they can use our tools to improve their capability to deliver, to the capabilities of our partners. The executive team has welcomed me as a member. The (information technology) staff works closely with the entire executive team to recognize strategic imperatives and make sure theyre supported by the information technology organization.
Jim Haar, BEA
BEAs Jim Haar: Using SOA to overhaul business processes.
Haar is responsible for BEA I.T. systems and operations worldwide. Before taking over the CIO role, Haar was responsible for a sales operations group, where he delivered substantial year over year license and maintenance revenue growth. Prior to joining BEA in 2004, he served as the director of marketing business operations at Sun Microsystems, where he played a key role in driving the companys pricing strategy, licensing models and marketing analytics, and held several senior positions with Compaq, where he spearheaded its Global Supply Chain Systems Group and led the I.T. integration effort during Compaqs acquisition of Digital Equipment Corp. Haar and Baselines John McCormick conducted an e-mail interview.
Baseline: What new and innovative things is your I.T. department working on?
Haar: Inside BEA Systems, we are using SOA technologies and approaches to overhaul fundamental business processes. This approach is enabling us to, in effect, mash-up existing business processes and the underlying data in legacy applications and databases. The result will be a next generation of business capability, new processes that legacy applications cant deliver. The first business process innovations we deliver will be transactions based on advanced real-time analytic capability. We look across more than 10 years of transactional data in a variety of core business applications in order to present a whole picture of our customers BEA technology consumption. This will enable us to tailor offerings specific to customers. Later, this same services infrastructure will enable us to de-customize legacy applications. This will allow us to direct a larger share of our I.T. budget to further innovation instead of maintaining static applications.
On the operational front we are piloting virtualization —like everyone—as a mechanism to control physical server sprawl. Our primary data center is in Reno so we are fortunate to have relatively inexpensive power. However, the data center has limited physical space and as BEA grows we need to do more with the same floor area.
How important is I.T. innovation to your company?
As a software manufacturer, our company has to react faster to market changes than a traditional industrial corporation whose product cycles are dependant on physical constraints. Change affects us as quickly as our customers or our engineers can think of it. The essence of BEAs business is I.T. innovation, and its critical to us both externally with our customers and internally as we drive continuous improvement in our operating models. We are growing both through new products in new markets and through acquisition; thus I.T. innovation isnt optional. We need to continually do more with relatively fixed I.T. budgets. We are no different than most companies in that respect. And innovation is one way we do that. We are innovating not only in the technologies we use and the services we deliver, but also in how we operate I.T. We are innovating in our vendor partnerships, our support and operations delivery models, and how we organize ourselves in I.T.
What are the most innovative things your I.T. department has done in the past? And How has the company been affected by those innovations?
A key innovation weve executed on recently is the shift to an agile development mechanism for our major projects. In the last year weve moved from a 100% “waterfall,” or traditional development mechanism, to one where today about two-thirds of our development work is delivered through the agile method. We are finding that this is well suited to an SOA implementation effort. The key benefits of this—in addition to speed and cost control—are the quality of the output and the close partnership with the business teams we are supporting. Its bringing I.T. and the other business groups in the enterprise closer together.
How do you, or any CIO, foster innovation in a corporation/I.T. department?
In the services we deliver to the enterprise, we need to make sure the innovations we pursue are relevant to BEA. The only way to achieve relevant innovation is through relevant alignment. When I.T. and the customers I.T. serves are of common understanding of the business problems at hand, and can evaluate and prioritize needs in an organized and structured manner, then successful innovation follows. Thats our experience at BEA.
Inside of I.T., we are fostering innovation by encouraging calculated risk taking, and driving an I.T.-wide shared comprehension of what the priorities we are working on are. We have [tiered our] list of projects. Tier-1 is work that must be done, and isnt optional. We have clear metrics that define how we will measure progress and support. Tier-2 projects are things to work on as long as the Tier-1 efforts are well in hand. Tier-3 items are those we know to be important, but we are consciously setting them aside in favor of Tier 1 and 2 work. The point is that innovation isnt relevant if it isnt on the right things. Focus also brings innovation, as it enables multiple minds to work together and in my experience, thats when we get the best results.
David Thompson, Symantec
Symanetcs David Thompson: Taking a risk-based approach to I.T.
David Thompson sits in the chair that many CIOs would like to occupy. As Symantecs CIO, Thompson reports directly to CEO John W. Thompson (no relation). As CEO, John Thompson wanted a CIO tightly aligned with business goals. He also wanted to give the CIO the ability to promote innovation—and not be hamstrung by a less direct reporting structure. Since arriving in January from Oracle, David Thompson has engaged in a wide range of projects including becoming the final test bed for products before being made available to customers, including a new tool—code name Hamlet—that combines security and compliance features. Heres what the CIO told eWeek editorial director Eric Lundquist at Ziff Davis CIO Summit in May.
Baseline: What skills do CIOs need to foster close relationships with the CEO and other top corporate executives?
Thompson: Having a broad base of business experience has been key in my career. I had a background in the military, a background in consulting, and a background in the implementation of technology. And, really being just a pure technologist, youre not going to be a successful CIO. You do have to have a broad base of knowledge and stay abreast of whats happening in your company, but you also have to form relationships with your business leaders. The key factor in being successful is that you have to understand what they do everyday and help them use technology to be successful.
Innovative companies still must understand risk. How do you address risk management?
I.T. has to have a risk-based approach because our technology is a tool for business. If you got risks in your technology, you got risks in your business. We have to measure risks, understand where our risks are. Many CIOs make the mistake of not understanding where their risks are. They assume where the risk is. But, when you look at things, youll find that your financial systems arent the most critical things, maybe your customer support system has a higher priority and should be put on a higher priority for recovery in case of an incident.
On security, are the bad guys getting smarter?
We now have moved into an environment where we cannot afford to have any vulnerability. When a vulnerability has been discovered, the product must be patched [immediately]. We, at Symantec, are spending more of our time in the I.T. world, and responding with products with built-in heuristics. The threat landscape has changed. Were looking at our employees, contractors and partners for vulnerabilities more than we have before because the ecosysystem has gotten very, very closely aligned with the use of technology.
Robert Worrall, Sun Microsystems
Sun Microsystems Robert Worrall: Pushing a new model for I.T. organizations.
Worrell was appointed CIO of Sun in July, 2006. He says that although the job has given him more gray hair than any previous job at Sun, where he has worked for 17 years, hes still having fun. Baselines Debbie Gage spoke with Worrall.
Baseline: Whats an example of how Sun uses technology to solve problems?
Worrall: We have a data center in the Netherlands, and because of investment deferrals, service levels were declining. We looked at it earlier this year and said, the world has changed, lets look at technology for driving down cost. This is a shameless commercial for Sun, but with Suns new product offerings we were able to take the same applications and service levels, refresh the technology—and machines are now faster and cheaper—and were able to close the data center and move a smaller set of new servers into an existing facility in the U.K. So there was a 70% to 75% reduction in footprint requirements in servers and an 80% power reduction.
As CIO of Sun, are you required to use Sun products?
We have a fairly rigorous program for using our own equipment. [We are doing an Oracle enterprise resource planning deployment] on Sun hardware and middleware. We try to showcase Suns products and services. Its maybe a little harder on me as an I.T. shop—Im an early adopter, and I might be running alpha or beta and there might be bugs—but its better for customers. We get an early version of hardware and software, kick the tires and do final QA (quality assurance). If there are challenges that customers run into, we have a direct line back into the product team.
How important is innovation to you? How do you balance innovation against keeping Sun running day to day?
Innovation is very important. Its an interesting time for us. Transformation is coming in I.T., and I think at Sun we have a road map for how to steer the transformation. Its a simple vision. Whereas an I.T. organization today is building applications and running servers, that model is not sustainable. You have spiraling energy costs, low utilization of servers, continuing complexity of applications, and we say, stop the madness.
Our vision is that I.T. organizations will evolve into the role of an aggregator of services to buy over the Internet. Most shops, take e-mail for example, they run their own mail server like we do today. But if you go buy mail as a service, I can run it over the public Internet. So do that for every business application you do today. Were doing it today inside Sun—there are a handful of services we buy today and run them over the public Internet. We continue to push that model with Oracle and others. HR [human resources] services are delivered that way—stock option management, 401K, and were now in discussions with our outsourcing partner to deliver HR transactions as a service over the Internet, not an intranet. A big target will be ERP applications. Were working closely with Oracle to demonstrate running their applications on a public grid and what are the security concerns, so, as the industry matures, we at Sun are right at the leading edge of adopting those service and evolving our own I.T. shop.
Dave Hansen, CA
Dave Hansen: Focusing on employee development.
Promoted to CIO last fall after four years at CA, Hansen talks about the challenges of managing 560 technologists worldwide at a $3.8 billion company struggling to right its reputation after the jailing of its former chief executive, Sanjay Kumar, who, along with former sales executive Stephen Richards, pleaded guilty last year to obstruction of justice and securities fraud. Baseline senior writer Kim S. Nash spoke with Hansen.
Baseline: You are CIO at a tech company. You get access to new technologies before other CIOs. You also get support for those products that other companies dont get. Does that mean you can be more innovative?
Hansen: People ask me about the difference between being CIO at a tech company compared to any other kind of company. The first is, I have 15,000 people here who think they can do my job better than me. I really do. The second and easier one is—Ive had headhunters call me because of this—you have to really integrate a showcase strategy around your tech. We run more CA technology than any other customer.
What do you do with that early access?
Theres a technology, for example, CA just went to market with and it does not have functionality we need. I said to the development group, “I want to use the app but I cant without this piece. Can you put this in?” They decided to put it in, with me co-funding it.
What is that product?
Its Unicenter Patch Management. Those products were designed for Windows patching and not necessarily for Unix. It works with Unix, but CA hasnt decided as a company to commit to researching Unix vulnerabilities to push out those patches to customers. Internally, I wanted the product to do both. There are a couple products on the market that can, but we had built our own.
In hiring and training high-performing I.T. staff, how innovative are you?
Were very, very focused on employee development and career pathing and training and education. Its critical. Some people overlook that when theyre trying to run 100 mph and you end up not keeping staff up to snuff. We want independent certification for almost all roles. We categorized 600 roles to 12 groupings, such as management, field support, and network-and-telecom. We defined internal and external certifications we want people to have and have gotten aggressive funding to do that.
Certifications are controversial. Are they worth the money?
There are a lot of different needs and desires these people have. Some people feel strongly about getting an accredited certification—Microsoft, Cisco. All my security guys are getting CISSP [Certified Information Systems Security Professional accreditation]. These guys really feel that theyre being heavily invested in. They all [the I.T. staff] have a development plan about what certifications theyre working toward for the next couple of years.
It is hard to measure the loyalty you engender with training or any kind of soft investment?
When I walked into CA five years ago—its been a tough five years at the company. Were starting to see the end of the bad stuff. But employees have worked really, really hard. Ive gone in with the attitude of, if I can get an I.T. organization that people enjoy working in—with equipment, software, training—then I will have a great I.T. organization. But there are many pieces; its not just throwing money at people. And believe me, we did do the money part. I analyzed the compensation of every employee and made sure they were paid to market rates. We compared against the 25th percentile, 50th and 75th and are making sure no ones under the 50th. When you fix one thing—training—but find out youre underpaying, that wont work.