These days, to serve the backbone corporate needs for more than 100,000 employees globally means betting big on the cloud.

That’s what James Hannah, SVP and global CIO of General Dynamics Information Technology, has done in partnership with the Reston, Va.-based aerospace and defense contractor’s 10 business units, each of which has its own CIO who works autonomously to make decisions about each division’s use of digital technologies for its unique business.

And the results are truly multicloud, as Hannah has opted to work with all the top cloud vendors to fill the company’s various back-office needs — AWS, Microsoft Azure, Google Cloud Platform, and Oracle Cloud — as well as Workday for HR and other SaaS vendors for specific needs. GDIT is now 100% on the cloud, having closed its final brick-and-mortar data center at the end of last year.  

“We’ve gone through our digital transformation already and migrated all of our application workloads into either an IaaS or SaaS environment,” says Hannah, whose focus is primarily on corporate systems, leaving each of GD’s other business unit open to make their own selections. “They’re free to go to whatever cloud they need to meet the needs of their customers,” he says.

Still, the 10 units are not all islands. Hannah’s IT division collaborates with and serves the needs of its “sister” business units where it makes sense, such as hosting financial applications for some business units. And there are overarching digital technologies that traverse General Dynamics’ business portfolio,  such as security, toward which all units are working to implement zero trust across the board.

But Hannah is clear about his mission, which is to provide critical services to the employees who serve GDIT’s high-level customers within the US government’s military-industrial complex and partners around the globe. It is not a candy store.

And in doing so, GDIT’s full cloud migration, which started pre-pandemic, is paying off nicely.  

Laying the multicloud foundation

When the IT division started its digital transformation, Hannah and his team performed a thorough assessment of General Dynamics’ corporate workloads to determine which cloud would be best based on functionality. As part of that process, integrations with other systems and applications were taken into consideration to avoid workloads “traversing from cloud to cloud” or “bouncing all over,” Hannah says.

“I think that the clouds are quite good. We saw a lot of reduction in cost,” he says. “We were able to get better metrics and reporting. And it increased or strengthened our DR [disaster recovery] posture overall.”

The next move, Hannah says, is to delve deeper into how GDIT can evolve more corporate assets into cloud-native, virtualized applications that can be optimized for the scalability, flexibility, and cost savings of its 100% multicloud infrastructure. Hannah’s team is also constantly learning how to strengthen and shift workloads to optimize performance and, in some cases, move workloads from IaaS to SaaS when it makes sense.

“That’s part of the evolution to the cloud,” he says. “You’re not going to be in a constant state of transformation. For me, it’s more of an evolution, assessing workloads and making sure they are still where they need to be.” 

GDIT has also automated many tasks within its finance systems such as accounts payable for inter- and intra-company transfers as well as for HR and IT business areas.

None of this is surprising for an IT division of a major enterprise these days, and GDIT is big — roughly 30,000 IT employees tend to General Dynamics’ corporate needs.

Skilling up and battening down

General Dynamics’ overall CTO leadership group is looking at generative AI and the implications and governance around it and how it could be potentially used with customers, Hannah says. But for a defense contractor — which manufactures nuclear submarines, aerospace systems, and combat systems, among other defense units — it is a very complex operation that has just begun, he adds.

Still, the CIO has made use of machine learning models available from one of its cloud providers to train employees for the rapidly evolving digital era and impart upward mobility within GDIT. The initiative is part of GDIT’s Career Hub, which provides employees with training recommendations around skills and certifications to help level up their careers, Hannah says.

“Since going live with that AI modeling capability, we’ve seen about a 30% increase in internal applications driven directly from the Career Hub,” he says.

Employees simply upload their resume or LinkedIn profile to Career Hub and the AI recommends current job openings, similar to the way Netflix makes movie recommendations, the CIO says. It also ties into the company’s learning and development system, providing skills and certification training recommendations that will help employees reach job openings they may not have thought of as suitable because they may presently have only 80% of the required skills.

Hannah is also deploying automation for lower-level repetitive tasks, freeing up GDIT employees to work on more complex tasks, such as rolling out automation within finance to enable speedier metrics, for example. In this way, GDIT’s use of automation helps employees continuously gain skills that not only allow greater efficiencies for the company but greater mobility for IT employees.

But if there’s one thing that keeps Hannah up at night, it’s security, which is pivotal for any enterprise, but especially a defense contractor. GDIT and all 10 business units are waiting for executive orders and guidance as part of a three-year security program currently under way. Still, cybersecurity remains Hannah’s primary focus now and over the next 12 months even as the top brass work on the comprehensive security plan.

“The focus is on transforming and evolving the cyber tools that we have … that’s the primary focus with the threats in this environment,” Hannah says. “We’re always under the watchful eyes of bad actors throughout the world. Being part of a group that always has a target on your back means you need to make sure you’re always looking at all the technologies available to improve your cyber posture as you move forward.”

Gartner analyst Daniel Snyder says the US government and military is relying heavily on partnerships with defense contractors such as General Dynamics to transform. 

“The Department of Defense relies on thousands of networks that are vital to execute its mission. Over the course of the past few decades, the development process has resulted in layers of stove-piped systems that are difficult to integrate,” he says, noting that as part of its digital transformation strategy, the DoD is overhauling its IT infrastructure to leverage the cloud.

“Much of the future success is hinging on the support of its industrial base with systems integrators such as General Dynamics, Leidos, Raytheon, and Northrop Grumman,” he says.

Aerospace and Defense Industry, Cloud Computing, IT Strategy, Multi Cloud

There’s no denying the fact that cloud technology is headed in many different directions, all aimed at providing rapid, scalable access to computing resources and IT services.

Yet as cloud technology evolves, many organizations are becoming more thoughtful and intentional in their transformation journey as they look to close the gap between simply running on the cloud and creating enterprise-wide value, observes Cenk Ozdemir, cloud and digital leader at business consulting firm PwC. “Organizations are really focused on achieving the elusive ROI of cloud that only a minority have been able to secure,” he says.

Here’s a quick rundown of the top enterprise cloud trends that promise to lead to greater ROI through innovation and enhanced performance.

1. AI/ML takes center stage

All the major cloud providers are rolling out AI/ML features and products, many designed for use with their core cloud offerings, says Scott W. Stevenson, technology partner at national law firm Culhane Meadows. He notes that most providers are also using AI/ML to improve provisioning of their own services.

While no one wants to be left behind if the promises of AI/ML hold true, there are varying levels of concern about reliability, security, and bias, particularly on the customer side, Stevenson says.

“There’s little doubt that adoption will continue at a fast pace overall, but larger enterprise customers — particularly in highly regulated industries — will be more measured,” he observes. Yet Stevenson doesn’t expect to see many enterprises sitting on the sideline. “It may be that the lessons they learned when migrating to cloud solutions in recent years will serve as a partial road map for adoption of AI/ML technologies — although on an accelerated timeline.”

Technology-driven organizations that prioritize innovation and digital transformation will be the most likely early AI/ML adopters in the cloud, says Michael Ruttledge, CIO and head of technology services at Citizens Financial Group. “Additionally, organizations that are data-driven and rely heavily on data analysis and insights will be able to leverage the best AI/ML services from different providers to enhance decision-making, automate processes, and personalize customer experiences,” he predicts.

Ruttledge notes that his enterprise’s cloud and AI/ML transition is driving stability, resiliency, sustainability, and speed to market. “Our AI/ML capabilities are increasing our ability to stay lean and drive insights into our internal and external customer services,” he says.

2. Industry clouds fuel innovation

Industry clouds are composable building blocks — incorporating cloud services, applications, and other key tools — built for strategic use cases in specific industries. Industry clouds enable greater flexibility when allocating resources, helping adopters make strategic choices on where to differentiate, explains Brian Campbell, a principal with Deloitte Consulting. “This ecosystem is evolving rapidly, driving the need to consistently monitor what exists and what works.”

By leveraging the ever-expanding number of cloud players serving industry-specific business needs in a composable way, industry clouds provide an opportunity to accelerate growth, efficiency, and customer experience. “Allowing for further differentiation on top of these solutions forges a close collaboration between business and technology executives on where to focus differentiation and resources,” Campbell says.

Enterprises looking to lead or stay ahead of their industry peers drove the first wave of industry cloud adopters. The success experienced by those organizations generated a rapid follower wave sweeping across a broader market. “Industry clouds are also leveling the playing field, so midmarket clients now have access to advanced capabilities they no longer need to build internally from the ground up to compete against their larger global competitors,” Campbell says.

3. Modernizing core apps for the cloud

Most large enterprises have sought quick wins on their digital transformation and cloud adoption journeys. They’ve brought smaller, less critical workloads to the cloud, containerizing legacy applications to make them more cloud friendly, and have adopted a cloud-first strategy for any new application development, observes Eric Drobisewski, senior enterprise architect at Liberty Mutual Insurance.

Yet an early emphasis on quick wins has left many vital business applications and related data stuck in enterprise data centers or private cloud ecosystems still in need of eventual migration. “Often, these workloads are tightly coupled to costly hardware and software [platforms] that were built at a time when all that was available was a vertically bound architecture,” Drobisewski explains.

Drobisewski warns that continuing to maintain parallel ecosystems with applications and data splintered across data centers, private clouds, public clouds, physical infrastructures, mainframes, and virtualized infrastructure is both complex and costly. “Simplification through modernization will reduce costs, address operational complexity, and introduce horizontal scale and elasticity to dynamically scale to meet emerging business needs,” he advises.

4. Making the most of the multicloud hybrid-edge continuum

The multicloud hybrid-edge continuum marks a crucial step forward for enterprises looking to drive ongoing reinvention by leveraging the convergence of disparate technologies. “Enterprises must focus on defining their business reinvention agenda and using the cloud continuum as an operating system to bring together data, AI, applications, infrastructure, and security to optimize operations and accelerate business value,” says Nilanjan Sengupta, cloud and engineering lead with Accenture Federal Services.

This trend will enable organizations to steer clear of an overreliance on a single public-cloud provider, Sengupta says. “It satisfies a multitude of business demands while unlocking innovation advancements in data, AI, cyber, and other fields, aligning capabilities to mission and business outcomes.” Hybrid architectures are rapidly becoming the only viable option for most organizations, he notes, since they provide the flexibility, security, and agility necessary to adapt to rapidly changing business needs.

The multicloud hybrid-edge continuum will impact CIOs and their enterprises by forcing them to address several key issues holistically, such as determining the right operating model, integrating and managing different technology platforms, finding the right talent, and managing costs, Sengupta says. “CIOs will need to develop strategies and roadmaps to transition to hybrid cloud environments, while also fostering a culture of agility and continuous innovation within their organizations,” he adds.

5. Reaping the rewards of cloud maturity

After years of aggressive adoption, the cloud is now firmly embedded in the IT and enterprise mainstream. “Cloud maturity is not something an organization gains overnight, but when taken seriously, it becomes a distinct competitive advantage,” says Drew Firment, vice president of enterprise strategies and chief cloud strategist at online course and certification firm Pluralsight.

Firment believes that cloud maturity typically starts with creating a Cloud Center of Excellence (CCoE) to establish a clear business intent, and gain experience with a single cloud before adding others. “Once an organization masters one cloud environment and is firmly established in the cloud-native maturity level, they can begin using other cloud providers for specific workloads,” he explains.

For example, Firment says, a customer service application might be built on Amazon Web Services while leveraging artificial intelligence services from Google Cloud Platform. “The goal is to align the strengths of each cloud provider to better support your specific business or customer needs.”

A purposeful and deliberate approach to a multicloud strategy gives CIOs and their organizations great power, Firment says. “While many technologists in 2023 will be focused on investments in multicloud tools like Kubernetes and Terraform, leaders will be focused on investing in the multicloud fluency of their workforce.”

6. The rise of FinOps and cloud cost optimization

Cloud FinOps offers a governance and strategic framework for organizations to manage and optimize their cloud expenditures transparently and effectively.

“By implementing a holistic FinOps strategy, an organization can drive financial accountability by increasing the visibility of cloud spending across the organization, reducing redundant services, and forecasting future cloud expenditures, allowing for more accurate planning,” says Douglas Vargo, vice president, emerging technologies practice lead at IT and business services firm CGI. “Driving more visibility and fiscal accountability around cloud costs will enable organizations to refocus that spending on innovation initiatives and realize more business value for their cloud investments.”

Organizations that effectively deploy FinOps governance and strategies will reduce cloud costs by as much as 30%, Vargo predicts, enabling them to re-invest those savings into innovation initiatives. “An effectively executed FinOps framework will improve the ROI of cloud spend and open up funding for other expenditures such as increased innovation funding,” he adds.

7. Hyperscalers adjust to slower growth

The three major hyperscalers — Amazon Web Services, Microsoft Azure, and Google Cloud Platform — have grown rapidly over the past few years, observes Bernie Hoecker, partner and enterprise cloud transformation leader with technology research and advisory firm ISG. Meanwhile, many enterprises have accelerated their digital transformation to meet the emerging demands created by remote work teams, as well as to provide customers with improved digital experiences.

“In many cases, however, enterprises overinvested in IT and cloud capabilities,” he notes, “and they’re now focused on optimizing the investments they’ve made rather than moving new workloads to the cloud.”

Yet enterprises weren’t the only overinvestors. “The Big Three hyperscalers also are going through some rightsizing after each of them overhired during the pandemic, and are now forced to deal with some bloat in their workforce,” Hoecker says. He reports that Amazon recently cut 9,000 more jobs in addition to the 18,000 they announced in January. Microsoft laid off 10,000 employees in January and Google, among other cost-cutting measures, has dismissed 12,000 staffers.

Cloud Computing, Cloud Management, Hybrid Cloud, Innovation, Private Cloud, Technology Industry

At Choice Hotels, cloud is a tool to help the hospitality giant achieve corporate goals. That can include making progress on immediate objectives, such as environmental sustainability, while keeping an eye on trendy topics such as the metaverse and ChatGPT.

“We’re investing in technology, we’re investing in leveraging the cloud to do meaningful things while we figure out what does tomorrow look like?” said CIO Brian Kirkland.

Kirkland will describe key points on how cloud is enabling business value, including its sustainability initiatives, at CIO’s Future of Cloud & Data Summit, taking place virtually on April 12.

The day-long conference will drill into key areas of balancing data security and innovation, emerging technologies, and leading major initiatives.

The program kicks off with a big-picture view of how the cloud will change the way we live, work, play, and innovate from futurist and Delphi Group Chairman and Founder Tom Koulopoulos. Afterward, he will answer questions in a lively discussion with attendees.  

Before organizations map an architectural approach to data, the first thing that they should understand is data intelligence. Stewart Bond, IDC’s vice president for data integration and intelligence software, will dissect this foundational element and how it drives strategy as well as answer audience questions about governance, ownership, security, privacy, and more.

With that foundation, CIOs can move on to considering emerging best practices and options for cloud architecture and cloud solution optimization. David Linthicum, chief cloud strategy officer at Deloitte Consulting and a contributor to InfoWorld, will delve into strategies that deliver real business value – a mandate that every IT leader is facing now.

Want to know how top-performing companies are approaching aspects of cloud strategy? Hear how Novanta Inc. CIO Sarah Betadam led a three-year journey to becoming a fully functional data-driven enterprise. Later, learn how Tapestry – home to luxury consumer brands such as Coach and Kate Spade – developed a cloud-first operating model in a conversation between CIO Ashish Parmar and Vice President of Data Science and Engineering Fabio Luzzi.

Another top trend is AI. Phil Perkins, the co-author of The Day Before Digital Transformation, will discuss the most effective applications of AI being used today and what to expect next.

At some organizations, data can be a matter of life and death. Learn about a data-focused death investigations case management system used to influence public safety in a conversation between Gina Skagos, executive officer, and Sandra Parker, provincial nurse manager, at the Province of Ontario’s Office of the Chief Coroner.

Throughout the summit, sponsors including IBM, CoreStack, VMware, and Palo Alto Networks will offer thought leadership and solutions on subjects such as new models of IT consumption, cloud security, and optimizing hybrid multi-cloud infrastructures.

Check out the full summit agenda here. The event is free to attend for qualified attendees. Don’t miss out – register today.

Cloud Management, Hybrid Cloud, IT Leadership, IT Strategy

When he’s not immersed in cybersecurity, hybrid cloud strategy, or app modernization, David Reis, CIO at the University of Miami Health System and the Miller School of Medicine, spends his time working with the board of directors and top leadership to reimagine healthcare and take the lead driving digital transformation.

A business objective to “arrive” more patients per hour or the CEO’s desire to leverage historical data to predict future patient volume and revenue doesn’t start with a technology discussion or spoon-feed IT a particular business strategy to execute. Today, Reis and his team are early-stage partners with the business to ideate new digital strategies aimed at keeping the healthcare provider at the forefront of patient experience and care, safety, and innovation.

“In these discussions, we didn’t talk about phones, infrastructure, servers, computers, or storage — all the things people expect with IT,” Reis says. “IT is now thought of as a partner and brought in much sooner in the overall rethinking of business processes rather than coming in at the end to digitize workflows.”

David Reis, CIO, University of Miami Health System and Miller School of Medicine

University of Miami Health System and Miller School of Medicine

Despite another year dominated by a transformation agenda and getting digital operations in order, CIOs like Reis are finding their footing as an invaluable strategic partner and resource for the business. According to the 2023 State of the CIO research, which surveyed 837 IT leaders and 201 line of business (LOB) participants, functional and transformational work consumed the bulk of IT leaders’ time this year, much the same as 2022.

Eighty-four percent of respondents were immersed in basic functional tasks such as security management (47%), improving IT operations and systems performance (40%), and cost control and expense management (28%). IT leaders were equally committed to transformation work (83%), including modernizing infrastructure and applications (35%), aligning IT initiatives with business goals (38%), cultivating the IT/business partnership (31%), and directing change efforts (28%).

Foundry /

While far fewer (61%) cited business strategist responsibilities as the year’s primary charter, many, like Reis, are already well-established and sought-after strategy leaders, continuing to mature their influence going forward. At the same time, the majority of 2023 State of the CIO respondents (71%) also anticipate greater immersion in business strategy over the next three years. With technology at the epicenter of all aspects of modern business, IT leaders fully expect their remit to include actively driving business innovation, developing and refining business strategy, and identifying opportunities for competitive differentiation.

Kevin Gray, CIO, City of Burbank, Calif.

City of Burbank, Calif.

“The CIO role today is really a business leadership role that is not necessarily focused on technology — technology is just part and parcel of what we do every day,” says Kevin Gray, CIO for the City of Burbank, Calif. “We are helping form strategy for our organizations, laying out roadmaps, and developing policy in ways we didn’t in the past. A CIO or CTO who wakes up thinking about technology is thinking about the wrong things.”

Foundry /

CIOs’ leadership stature matures

This year’s focus on IT transformation and modernization hasn’t diluted demand for CIO leadership. More than half of respondents to the 2023 State of the CIO survey (55%) said they proactively identify business opportunities and make recommendations regarding technology and provider selections while 23% said they advise on business need, technology choices, and providers.

As in prior years, the CIO role continues to be more digital- and innovation-focused — a trend cited by 85% of IT leaders participating in this year’s survey. Not only are CIOs involved in digital transformation — the majority of 2023 survey respondents maintain CIOs are more likely to lead digital transformation efforts compared to their business leader counterparts — a scenario cited by 84% of IT leaders along with nearly three quarters (72%) of LOB participants.

Foundry /

CIOs’ mounting credibility as a lever for business transformation is also being recognized on a broader scale, even as IT leaders are wrapped up with modernization efforts and operationalizing the technology investments that were accelerated these past few years. Eighty-five percent of respondents said they view the CIO role as a changemaker, slightly higher than last year.


of CIOs agree that the CIO is becoming a changemaker, increasingly leading business and technology initiatives

At the same time, CIOs continue to forge strong relationships with other influencers in the executive ranks: Seventy-seven percent of 2023 State of the CIO respondents have cultivated a strong educational partnership with the CEO and board of directors. Nearly half (49%) of IT leaders participating in this year’s research report directly to the CEO, and CIOs themselves have retained oversight of some of the newer C-level positions. For example, among the 2023 State of the CIO survey base, many chief data officers (53%) and chief digital officers (42%) now come under the CIO management umbrella. Chief security officers and chief analytics officers are also more likely to report into IT leadership.

Foundry /

In a similar vein, IT retains direct control over a good portion of the IT budget at most companies — on average, around 43.5% — with respondents expecting that ratio to tick up to about 50% over the next three years. In keeping with the reporting structures, CIOs are commanding oversight of budgets allocated to some of the newer executive titles: Fifty-eight percent of those surveyed said the CTO budget was factored into overall technology expenditures under CIO management while half said the same of the chief digital officer budget. A much higher number, 63%, confirmed chief data officer expenses came under the CIO and IT department’s remit.

While CIO’s leadership stature and immersion in the business has been steadily growing for some time, ongoing economic uncertainty, the vast potential of emerging technologies to transform business, and the lingering halo effects from CIOs’ widely heralded pandemic performance have underscored the significance of the role when it comes to business strategy. Specifically, the level of transformation during the pandemic was unrivaled compared to prior periods, and the business strategies and foundational platforms put in place call for IT leadership to promote broad adoption and oversee continuous care and feeding, says JP Saini, chief digital & technology officer at Sunbelt Rentals, a global player in the equipment rental market.

JP Saini, chief digital and technology officer, Sunbelt Rentals

Sunbelt Rentals

“It’s about how to maintain the edge we created with the business strategies we implemented,” Saini says. “Unlike prior years, where you launch something big and the next refresh cycle is three to four years out, there’s now a continued value creation formula for digital transformation that happens year over year.”

What’s on the 2023 docket

Sunbelt Rentals’ 2023 roadmap calls for evolving its digital platforms in areas such as omnichannel ecommerce, dynamic pricing, service, supply chain, and warehouse management. The company is also investing in new collaboration technologies and Zero Trust initiatives to fully empower its employees for hybrid work, no matter where they are and on whatever device they are working from, Saini says.

The digital transformation and technology organizations used to operate on two parallel tracks. Today, they’ve been consolidated into a single group reporting to Saini to accelerate delivery of systems that drive business strategy forward. “We’re now one group that handles initiatives from start to finish because time was of the essence,” he explains. “Whatever launches in terms of ecommerce, if you don’t have a good roadmap to keep ahead of competitors, the value is eroded.”

At insurance company The Hartford, the technology initiatives and business strategies that are on tap for 2023 are one and the same, according to Deepa Soni, the company’s CIO. Cloud deployment, AI, analytics, a modern data ecosystem, and digitization of more business processes are at the top of the agenda to simplify interactions for customers, brokers, and agents and to bring the power of digital tools to employees. For example, underwriters used to toggle between nearly a dozen tools to get their job done — today they use one streamlined tool with all relevant information at their fingertips to make better decisions while understanding risks, Soni says.

Deepa Soni, CIO, The Hartford

The Hartford

With new technologies poised to reinvent business processes and disrupt entire markets, Soni says she and her CIO counterparts must play a pivotal role guiding the business to think about things differently while recognizing opportunities to harness technology to create solutions for business partners, customers, and employees. One of the more significant changes at The Hartford has been to embrace agile practices, not just in the IT domain, but as a companywide business practice. “We’re now organized around customer-centric value streams that start with the product owners in the business and extend into technology,” she explains. “The opportunity to leverage data and technology is increasing so we have to deliver capabilities faster to be able to better capitalize on future opportunities.”

Leveraging data, advanced analytics, and AI is top priority across the board. Thirty-four percent of IT leaders responding to the 2023 State of the CIO survey called out data/business analytics as a major tech initiative driving IT investments, second only to security and risk management (38%). Machine learning and AI were also high on the list, cited by 26%.

Foundry /

With data and analytics a critical engine for driving business strategy, Dow Inc. combined its data and analytics teams into one group last year, elevating a new dedicated leadership role. Chris Bruman, Dow’s first chief data and analytics officer, reports directly into Melanie Kalmar, a corporate vice president and Dow’s CIO and chief digital officer.

Chris Bruman, chief data and analytics officer, Dow


In his dual role, Bruman leads a centralized data and analytics team, but also has accountability for building a data and analytics strategy for the entire enterprise, to both enable growth and empower productivity. On his watch, Dow has updated its data operating model to a hub and spoke approach, is setting up a data platform and data catalog that can support the entire enterprise, and expanded the data initiative to harness both structured and unstructured data. Bruman’s group has also invested time and resources in data literacy, launching a companywide program to upskill the enterprise in the language of data and how to take advantage of data and analytics.

“Because analytics are so much more important in how we do work every day, we don’t believe a fully centralized team can keep up with the demand,” he explains. With the federated or hub and spoke approach, the power of leveraging analytics rests in the business functions. “It’s about data democratization and empowering the spokes to do more on their own,” he says.

The CIO-plus role takes shape

In addition to the focus on data, Dow has also invested considerably over the past few years to put digital platforms in place, including those aimed at improving and speeding up the pace of innovation and delivering a better digital buying experience on while expanding direct connections with customers. Dow is also working to digitize its manufacturing sites, channeling data to the field where it’s needed to drive decisions and improve operational efficiency, operating discipline, safety, and reliability, according to CIO and CDO Kalmar. “Digital at Dow represents a company strategy, not just an IT strategy,” she says.

Melanie Kalmar, CVP, CIO, and chief digital officer, Dow


Other CIOs, like Kalmar, are expanding their roles and oversight responsibilities beyond IT as digital strategies move front and center in the business. Many are taking on new revenue responsibilities — a move cited by 68% of IT leaders this year, up from 65% in the 2022 State of the CIO survey. As part of the move, 44% of IT leaders are managing a team tasked with new revenue-generating capabilities, while a quarter are members of such a team, the research found. As part of this expanded revenue charter, IT leaders are automating business and IT processes (47%), creating new products and services (40%), and making data more available (34%).

Foundry /

Andrew Ho of Global Strategy Group (GSG) now has ownership of both the IT and offices services organizations — a move precipitated by the synergies between the two areas. With hybrid work now a mainstay, Ho’s dual role ensures he has accountability for evolving employee experience and engagement from working both remotely and in-office. For example, when reconfiguring office space to accommodate hybrid work, it’s impossible to separate technology requirements from construction given the need for immersive audio-visual tools, Zoom rooms, and hoteling capabilities, says Ho, senior vice president and head of technology and office services for GSG, a research, communications, and public affairs agency.

Andrew Ho, SVP and head of technology and office services, Global Strategy Group

Global Strategy Group

In addition, Ho says the office services staff is also best positioned to handle the front-end technical support for the firm given they are always in office and maintain a certain relationship with employees. “The lines have blurred with what is facilities versus what is technology, and all of that falls under IT,” he says.

Foundry /

Sastry Durvasula, who holds both the CIO and client service officer titles, came into TIAA a year ago in part for the CIO-plus opportunity. From a technology perspective, Durvasula’s 2023 roadmap balances transformation through a digital-first agenda built around data and AI for hyper-personalized experiences while at the same time, modernizing the core platforms and processes by harnessing automation and orchestrating hybrid, multicloud migration.

On the Client Services front, Durvasula’s focus is also on AI and automation to transform the way TIAA does everything from front-office client engagement to fraud management and client support services. “Our fundamental belief is that Client Services would have a significant benefit to have proximity to technology as they would be the biggest beneficiary when it comes to AI, automation, and the digital services we are investing in,” Durvasula explains. “It makes a lot of sense to bring them together.”

Sastry Durvasula, CIO and client service officer, TIAA


Durvasula, who’s held CIO-plus roles with oversight of IT and digital products at other companies, firmly believes technology’s front-and-center role in business strategy has changed the game and set IT leaders on a new course. It’s not a matter of switching focus between technology initiatives and business strategy, he says, it’s a balancing act that requires an equal focus on both.

“Now that technology is front and center in business strategy and not a back-end enabler, that changes the CIO role quite a bit,” he says. “Technology is disrupting business in a lot of ways and this is the best time to be on the CIO career path. The branches are wide open.”

Business IT Alignment, CIO, Digital Transformation, IT Leadership

As mobile work experiences redefine how business gets done, managing an increasing number of devices across a modern workforce has become a growing challenge. Imagine the retail associate using a tablet to check inventory and pricing for customers, the UPS driver recording deliveries and updating the system, and the construction foreman referring to a device for building specifications on-site.

A 2022 Future of Work study found that “94% of organizations shifted to some sort of hybrid work structure due to the pandemic which then forced the creation of new, more efficient and potentially long-lasting workflows and processes (62%).” These are just some of the transformational business activities making work intrinsically mobile across every industry, creating opportunities, challenges, and imperatives for IT leaders to reevaluate and improve their mobile device management processes.

Mobile devices: High-cost risk and the need for governance

While significant attention has been paid to the rise of mobile work, less has been paid to the ability to govern a mobile workforce that can become unwieldy. A high-profile example is the fintech industry – built on modern technologies with high reliance on smartphones to access financial records. In September 2022, the U.S. Securities and Exchange Commission (SEC) imposed over $1 billion in fines on 16 fintech firms for violating recordkeeping requirements related to federal securities laws. Concurrently, the Commodity Futures Trading Commission (CFTC) also enforced $710 million in penalties for “failing to diligently supervise matters related to their businesses.” At issue was how employees were using personal devices and unauthorized messaging apps for business matters and the inability to keep proper records to meet industry compliance.

Fintech companies and all types of businesses are reconsidering mobile device strategies to achieve higher levels of regulatory compliance and new Zero Trust precedents for security.

Most are modifying mobile management strategies

According to a recent report, 81% of companies plan to modify their mobile device ownership strategies to meet evolving business requirements for greater security and return on investment (ROI). While the adoption of bring your own device (BYOD) strategies grew to meet hybrid work demands during the pandemic, more than half of respondents cited security (53%) and data breaches (50%) among their biggest concerns with Bring Your Own Device (BYOD) approaches.

The report states, “The security concerns are worth reiterating because, at organizations with a BYOD policy in place, two-thirds (65%) of the devices used to access company information are likely to be personally owned. This demonstrates how intertwined BYOD is with employee workflow. Even in the financial services sector, known for strict vetting and compliance procedures, over half (58%) of the mobile devices utilized in this capacity are personally owned. While it is possible that further restrictions control access to confidential information, even seemingly harmless data can be exploited by cybercriminals more easily in this manner, thus highlighting a challenging predicament for organizations to navigate.”

Gaining visibility and control over your mobile fleet

When introducing mobile governance, it helps to address both mobile devices and cloud applications together, as the two are tightly intertwined. First take stock of your mobile devices, the ownership of each, and all applications in use. An accurate inventory is the primary step in gaining visibility and control for both recordkeeping compliance and security purposes. 

Glean intelligence from an accurate inventory: IT expense management platforms can identify all assets in the corporate fleet as well as all cloud applications (sanctioned and unsanctioned) in the IT environment. This will serve as a launchpad for policy decision-making and Shadow IT discovery processes that can reveal both monitored and unmonitored communication channels needing tighter control and necessary recordkeeping. Usage audits and application security intelligence can also be helpful in knowing not just what you have but also how information is flowing and the risk of current usage.

Simplify compliance using technology: Can’t see into your devices? Consider Mobile Device Management software, or Unified Endpoint Management tools to insert more control over mobile devices and their applications. These technologies make it easier to manage policies, security, and other aspects of both corporate-owned and employee-used mobile devices of all types. Businesses use this software to authorize and issue devices, track their use, monitor communications, enforce security policies, secure lost or stolen devices, and ensure compliance. In the case of BYOD, they also help partition personal applications from corporate ones.

Question your operating system: Whether you’re moving from a BYOD approach to a corporate-owned approach or tightening your existing policy, question whether standardizing your mobile device operational platforms will help ease the burdens of compliance. In response to the recent SEC news, for example, some financial firms are moving all mobile phones to one platform and one provider.  

Consistency is key: Compliance often slips through the cracks at key junctures in the mobile device lifecycle. This is particularly the case as employees enter and exit the firm or when newly purchased devices are set up or activated for service. As such, the key to consistent compliance is a disciplined approach across the full device lifecycle. 

The Confidence of mobile compliance

It’s easy to feel overwhelmed by the vast responsibilities of mobile compliance but take comfort in the fact that most CIOs describe themselves as in a “governance phase” in 2023. That’s no surprise given remote work and accelerated digital transformation have gone unconstrained over the past three years. With the possible threat of fines, clear lines now need to be drawn to keep all work-related conversations on corporate networks where communications are accessible, can be captured, and managed.

Drawing those lines is a step-by-step process that starts with evaluating your current approach, understanding what assets are in use, and seeing where your fleet is falling short of security requirements and industry regulations. Don’t be afraid to make drastic shifts in your strategy, establishing all-new mobile usage policies. This is far better than finding out the hard way, paying millions in fines to the federal government or to bad actors after a ransomware attack.

To learn more about mobile device management, visit us here.

Endpoint Protection, Master Data Management, Remote Access Security, Security Infrastructure

By George Trujillo, Principal Data Strategist, DataStax

Increased operational efficiencies at airports. Instant reactions to fraudulent activities at banks. Improved recommendations for online transactions. Better patient care at hospitals. Investments in artificial intelligence are helping businesses to reduce costs, better serve customers, and gain competitive advantage in rapidly evolving markets. Titanium Intelligent Solutions, a global SaaS IoT organization, even saved one customer over 15% in energy costs across 50 distribution centers, thanks in large part to AI.  

To succeed with real-time AI, data ecosystems need to excel at handling fast-moving streams of events, operational data, and machine learning models to leverage insights and automate decision-making. Here, I’ll focus on why these three elements and capabilities are fundamental building blocks of a data ecosystem that can support real-time AI.


Real-time data and decisioning

First, a few quick definitions. Real-time data involves a continuous flow of data in motion. It’s streaming data that’s collected, processed, and analyzed on a continuous basis. Streaming data technologies unlock the ability to capture insights and take instant action on data that’s flowing into your organization; they’re a building block for developing applications that can respond in real-time to user actions, security threats, or other events. AI is the perception, synthesis, and inference of information by machines, to accomplish tasks that historically have required human intelligence. Finally, machine learning is essentially the use and development of computer systems that learn and adapt without following explicit instructions; it uses models (algorithms) to identify patterns, learn from the data, and then make data-based decisions.

Real-time decisioning can occur in minutes, seconds, milliseconds, or microseconds, depending on the use case. With real-time AI, organizations aim to provide valuable insights during the moment of urgency; it’s about making instantaneous, business-driven decisions. What kinds of decisions are necessary to be made in real-time? Here are some examples:

Fraud It’s critical to identify bad actors using high-quality AI models and data

Product recommendations It’s important to stay competitive in today’s ever-expanding online ecosystem with excellent product recommendations and aggressive, responsive pricing against competitors. Ever wonder why an internet search for a product reveals similar prices across competitors, or why surge pricing occurs?

Supply chain With companies trying to stay lean with just-in-time practices, it’s important to understand real-time market conditions, delays in transportation, and raw supply delays, and adjust for them as the conditions are unfolding.

Demand for real-time AI is accelerating

Software applications enable businesses to fuel their processes and revolutionize the customer experience. Now, with the rise of AI, this power is becoming even more evident. AI technology can autonomously drive cars, fly aircraft, create personalized conversations, and transform the customer and business experience into a real-time affair. ChatGPT and Stable Diffusion are two popular examples of how AI is becoming increasingly mainstream. 

With organizations looking for increasingly sophisticated ways to employ AI capabilities, data becomes the foundational energy source for such technology. There are plenty of examples of devices and applications that drive exponential growth with streaming data and real-time AI:  

Intelligent devices, sensors, and beacons are used by hospitals, airports, and buildings, or even worn by individuals. Devices like these are becoming ubiquitous and generate data 24/7. This has also accelerated the execution of edge computing solutions so compute and real-time decisioning can be closer to where the data is generated.AI continues to transform customer engagements and interactions with chatbots that use predictive analytics for real-time conversations. Augmented or virtual reality, gaming, and the combination of gamification with social media leverages AI for personalization and enhancing online dynamics.Cloud-native apps, microservices and mobile apps drive revenue with their real-time customer interactions.

It’s clear how these real-time data sources generate data streams that need new data and ML models for accurate decisions. Data quality is crucial for real-time actions because  decisions often can’t be taken back. Determining whether to close a valve at a power plant, offer a coupon to 10 million customers, or send a medical alert has to be dependable and on-time. The need for real-time AI has never been more urgent or necessary.

Lessons not learned from the past

Organizations have over the past decade put a tremendous amount of energy and effort into becoming data driven but many still struggle to achieve the ROI from data that they’ve sought. A 2023 New Vantage Partners/Wavestone executive survey highlights how being data-driven is not getting any easier as many blue-chip companies still struggle to maximize ROI from their plunge into data and analytics and embrace a real data-driven culture:

19.3% report they have established a data culture26.5% report they have a data-driven organization39.7% report they are managing data as a business asset47.4% report they are competing on data and analytics

Outdated mindsets, institutional thinking, disparate siloed ecosystems, applying old methods to new approaches, and a general lack of a holistic vision will continue to impact success and hamper real change. 

Organizations have balanced competing needs to make more efficient data-driven decisions and to build the technical infrastructure to support that goal. While big data technologies like Hadoop were used to get large volumes of data into low-cost storage quickly, these efforts often lacked the appropriate data modeling, architecture, governance, and speed needed for real-time success.

This resulted in complex ETL (extract, transform, and load) processes and difficult-to-manage datasets. Many companies today struggle with legacy software applications and complex environments, which leads to difficulty in integrating new data elements or services. To truly become data- and AI-driven, organizations must invest in data and model governance, discovery, observability, and profiling while also recognizing the need for self-reflection on their progress towards these goals.

Achieving agility at scale with Kubernetes

As organizations move into the real-time AI era, there is a critical need for agility at scale. AI needs to be incorporated into their systems quickly and seamlessly to provide real-time responses and decisions that meet customer needs. This can only be achieved if the underlying data infrastructure is unified, robust, and efficient. A complex and siloed data ecosystem is a barrier to delivering on customer demands, as it prevents the speedy development of machine learning models with accurate, trustworthy data.

Kubernetes is a container orchestration system that automates the management, scaling, and deployment of microservices. It’s also used to deploy machine learning models, data streaming platforms, and databases. A cloud-native approach with Kubernetes and containers brings scalability and speed with increased reliability to data and AI the same way it does for microservices. Real-time needs a tool and an approach to support scaling requirements and adjustments; Kubernetes is that tool and cloud-native is the approach. Kubernetes can align a real-time AI execution strategy for microservices, data, and machine learning models, as it adds dynamic scaling to all of these things. 

Kubernetes is a key tool to help do away with the siloed mindset. That’s not to say it’ll be easy. Kubernetes has its own complexities, and creating a unified approach across different teams and business units is even more difficult. However, a data execution strategy has to evolve for real-time AI to scale with speed. Kubernetes, containers, and a cloud-native approach will help. (Learn more about moving to cloud-native applications and data with Kubernetes in this blog post.)

Unifying your organization’s real-time data and AI strategies

Data, when gathered and analyzed properly, provides the inputs necessary for functional ML models. An ML model is an application created to find patterns and make decisions when accessing datasets. The application will contain ML mathematical algorithms. And, once ML models are trained and deployed, they help to more effectively guide decisions and actions that make the most of the data input. So it’s critical that organizations understand the importance of weaving together data and ML processes in order to make meaningful progress toward leveraging the power of data and AI in real-time. From architectures and databases to feature stores and feature engineering, a myriad of variables must work in sync for this to be accomplished.

ML models need to be built,  trained, and then deployed in real-time. Flexible and easy-to-work-with data models are the oil that makes the engine for building models run smoothly. ML models  require data for testing and developing the model and for inference when the ML models are put in production (ML inference is the process of an ML model making calculations or decisions on live data).

Data for ML is made up of individual variables called features. The features can be raw data  that has been processed or analyzed or derived. ML model development is about finding the right features for the algorithms. The ML workflow for creating these features is referred to as feature engineering. The storage for these features is referred to as a feature store. Data and ML model development fundamentally depend on one another..

That’s why it is essential for leadership to build a clear vision of the impact of data-and-AI alignment—one that can be understood by executives, lines of business, and technical teams alike. Doing so sets up an organization for success, creating a unified vision that serves as a foundation for turning the promise of real-time AI into reality .

A real-time AI data ingestion platform and operational data store

Real-time data and supporting machine learning models are about data flows and machine-learning-process flows. Machine learning models require quality data for model development and for decisioning when the machine learning models are put in production. Real-time AI needs the following from a data ecosystem:

A real-time data ingestion platform for messaging, publish/subscribe (“pub/sub” asynchronous messaging services), and event streamingA real-time operational data store for persisting data and ML model features An aligned data ingestion platform for data in motion and an operational data store working together to reduce the data complexity of ML model developmentChange data capture (CDC) that can send high-velocity database events back into the real-time data stream or in analytics platforms or other destinations.An enterprise data ecosystem architected to optimize data flowing in both directions.


Let’s start with the real-time operational data store, as this is the central data engine for building ML models. A modern real-time operational data store excels at integrating data from multiple sources for operational reporting, real-time data processing, and support for machine learning model development and inference from event streams. Working with the real-time data and the features in one centralized database environment accelerates machine learning model execution.

Data that takes multiple hops through databases, data warehouses, and transformations moves too slow for most real-time use cases. A modern real-time operational data store (Apache Cassandra® is a great example of a database used for real-time AI by the likes of Apple, Netflix, and FedEx) makes it easier to integrate data from real-time streams and CDC pipelines. 

Apache Pulsar is an all-in-one messaging and streaming platform, designed as a cloud-native solution and a first class citizen of Kubernetes. DataStax Astra DB, my employer’s database-as-a-service built on Cassandra, runs natively in Kubernetes. Astra Streaming is a cloud-native managed real-time data ingestion platform that completes the ecosystem with Astra DB. These stateful data solutions bring alignment to applications, data, and AI.

The operational data store needs a real-time data ingestion platform with the same type of integration capabilities, one that can ingest and integrate data from streaming events. The streaming platform and data store will be constantly challenged with new and growing data streams and use cases, so they need to be scalable and work well together. This reduces the complexity for developers, data engineers, SREs, and data scientists to build and update data models and ML models.  

A real-time AI ecosystem checklist

Despite all the effort that organizations put into being data-driven, the New Vantage Partners survey mentioned above highlights that organizations still struggle with data. Understanding the capabilities and characteristics for real-time AI is an important first step toward designing a data ecosystem that’s agile and scalable.  Here is a set of criteria to start with:

A holistic strategic vision for data and AI that unifies an organizationA cloud-native approach designed for scale and speed across all componentsA data strategy to reduce complexity and breakdown silosA data ingestion platform and operational data store designed for real-timeFlexibility and agility across on-premises, hybrid-cloud, and cloud environmentsManageable unit costs for ecosystem growth

Wrapping up

Real-time AI is about making data actionable with speed and accuracy. Most organizations’ data ecosystems, processes and capabilities are not prepared to build and update ML models at the speed required by the business for real-time data. Applying a cloud-native approach to applications, data, and AI improves scalability, speed, reliability, and portability across deployments. Every machine learning model is underpinned by data. 

A powerful datastore, along with enterprise streaming capabilities turns a traditional ML workflow (train, validate, predict, re-train …) into one that is real-time and dynamic, where the model augments and tunes itself on the fly with the latest real-time data.

Success requires defining a vision and execution strategy that delivers speed and scale across developers, data engineers, SREs, DBAs, and data scientists. It takes a new mindset and an understanding that all the data and ML components in a real-time data ecosystem have to work together for success. 

Special thanks to Eric Hare at DataStax, Robert Chong at Employers Group, and Steven Jones of VMWare for their contributions to this article. 

Learn how DataStax enables real-time AI.

About George Trujillo:

George is principal data strategist at DataStax. Previously, he built high-performance teams for data-value driven initiatives at organizations including Charles Schwab, Overstock, and VMware. George works with CDOs and data executives on the continual evolution of real-time data strategies for their enterprise data ecosystem. 

Artificial Intelligence, IT Leadership

The onset of the COVID-19 pandemic led many organizations to further adopt public clouds, and geopolitical conflicts have demonstrated the importance and need for sovereign clouds. Today, many organizations are already embracing or are moving to multi-cloud environments, but this multi-cloud reality does not come without its challenges.

As the nature of the cloud evolves, so does the strategy in which organizations must approach these challenges. What does remain the same is the cloud concerns the organization must manage, such as cost, performance, security, and app delivery.

Establishing a Cloud Center of Excellence is one way to ensure that these concerns are continuously and consistently managed, no matter where you are in your cloud transformation and as business needs evolve. More importantly, with the cloud underpinning modern organizations’ digital businesses, a Cloud Center of Excellence ensures that your cloud management strategy is in alignment with driving business outcomes.

1. Establish a Cloud Center of Excellence

While some organizations have already begun seeing success with multi-cloud strategies, having different business apps and services across different clouds can make it difficult for organizations to ensure approaches to processes and management concerns remain consistent.

To address cloud management concerns around cost, performance, security, and app delivery, many companies have established a Cloud Center of Excellence, a cross-functional team tasked with the responsibility of supporting and governing the execution of an organization’s cloud strategy. A Cloud Center of Excellence team would be responsible for establishing policies and guardrails, driving collaboration and adoption of best practices, and supporting the implementation of new and existing cloud technologies. Thus, enabling centralized management for a decentralized IT delivery model.

The Cloud Center of Excellence team will help identify who within the organization needs to be involved to ensure cloud objectives are well-defined and aligned with business goals. This group should include those responsible for managing cloud cost, cloud operations, security, application development, and enterprise architecture. Ultimately, a Cloud Center of Excellence is pivotal to driving collaboration and setting standards, policies, and best practices that ensure cloud operations are addressing ongoing management concerns across all clouds.

2. Empower Platform Teams by Simplifying Your Cloud Management Strategy

During VMware Explore Europe in Barcelona, VMware polled its audience in order to better understand their cloud management needs. The majority of audience members shared they felt it necessary to not only converge their tools but their teams as well. These same respondents also overwhelmingly indicated that if they could simplify their cloud management approach, it would help them achieve greater cost optimization results, more relevant business insights, and better guardrails around their cloud operations. Having different teams use multiple tools to manage their public and private clouds was an obvious pain point in their cloud management strategy.

Organizations can help meet the need for integrated teams and tools through platform teams. They not only build and run the platform that developers use to create new applications to drive business revenue, but they also serve as a channel between developer teams, operations teams, and security teams. The platform team provides a route for business leaders, security personnel, and the rest of the organization to communicate business needs and meet business challenges, including management concerns.

3. Empower Your Cloud Center of Excellence with Visibility

Without visibility of your cloud applications and their dependencies, it becomes impossible for the Cloud Center of Excellence team to achieve its objectives. Teams are unable to manage what they cannot see. Teams need visibility into the infrastructure to assess spending and application efficiency.

Visibility can be mutually beneficial if you provide your team access to a unified cloud management platform. Doing so enables teams to view factors such as cloud cost, resource utilization, and application performance by business groups across all clouds. A unified cloud management solution also helps teams proactively detect and remediate misconfigurations in your cloud environment. This saves time by not having to review data for violations that may not exist, leaving more time for the team to continue building out best practices.  

The main goal of cloud management is to correlate cloud decisions to business outcomes. Organizations that embrace a Cloud Center of Excellence will be able to pursue a cloud management strategy that’s in alignment with the goals of the business, while also remaining nimble to respond to challenges as the nature of the cloud evolves.

To learn more, visit us here.

Cloud Computing

Most people have probably broken their new year’s resolutions by now, but here’s one I plan to stick with: resetting my passwords and rethinking the strategy behind password management solutions. 

Here’s why. If you work in information security, you already know how severe the LastPass breach of security, announced in late December 2022, was. By at least one account in Wired, the LastPass hack was “actually a massive and concerning data breach that exposed encrypted password vaults—the crown jewels of any password manager—along with other user data.”  

The big problem for users is that, as Wired points out, changing the LastPass master password that protects the vault data won’t be able to protect the data that has already been stolen. And that’s a big issue.  

Over the past decade, we relied on LastPass (or alternatives like 1Password, or Apple’s iCloud Keychain) to keep our critical passwords accessible – and more importantly – safe. We were relieved that we could have the convenience of an automated solution that could also keep our passwords protected in an encrypted format. We assumed the security measures were foolproof. But with this latest LastPass breach, it’s time to rethink the password strategy.  

Password resolutions 

It’s a new year, so why not make a fresh start with your password security? Update and refresh your passwords, regardless of whether you think you’ve been compromised or have a chance of being compromised. This is critical, even if you don’t leverage a password manager, relying instead on a sheet of paper or dozens of sticky notes.  

With this latest breach and those earlier in 2022, it’s more than likely that your employees have at least one or more of their passwords sitting out there exposed in the wild. And it doesn’t matter whether you point the finger at LastPass or something else. If somebody has had a password that’s been live for more than a year, they’re probably putting themselves and the company at risk. 

It’s also time to rethink your use of password managers. Do you want to place that much trust with all your passwords in the hands of one vendor? There may have been a time about 5-7 years ago when it was super convenient and safer to use password managers. But the LastPass breach proved that even the most convenient and secure ‘foolproof systems’ have flaws and can be hacked as well.   

Managing employee access 

Taking it a step further, make it a point to do continuous employee training to help your teams avoid being duped by phishing and malware tactics. User behavior in organizations has proven over and over to be a significant vulnerability for organizations, often leading to exposed credentials. 

At least two studies on data breaches during 2022 found that employee errors or mistakes caused either 88% or 95% of data breaches. You choose which number you believe. In any case, that is too high of a percentage to ignore, and it’s likely going to grow unless organizations rethink how they provide and manage access to their critical systems. More often than not, too many employees have access to things that they don’t really need.   

What about cloud security? 

Organizations must also better understand who can access corporate assets in the cloud. In theory, cloud security should be stronger as some of the very best enterprise organizations manage it. But breaches can occur, even within those organizations, like one did in May 2022 at AWS.  

In your cloud environment, access monitoring should also be a priority. Managing permissions and levels of permission can get complicated with revolving contractors and provisioning issues, and potentially hundreds of layers of functionality, each with its own layer of permissioning. Limiting access is important not just for improved security, but also for cost reduction. Why pay for access for people who don’t need it or shouldn’t have it? 

Among my portfolio companies is an enterprise security company that’s helping to refine exactly how to automate access management for cloud environments and SaaS applications. Their MO is all about determining which employees or contractors have access to which systems and projects; and enabling the continuous provisioning and management of these. The solution can quickly prune employees who are no longer employees or contractors who are no longer on the project, which improves security and drives down costs. This is all done while ensuring that users only have the access they need to do their jobs. I’m confident that efforts in this direction will become more commonplace moving forward.  

Beyond limiting access, reducing human error will also lessen opportunities for a cybersecurity attack on your organization. This requires continuous training around phishing, password cycling, and web surfing behavior, among other topics. Taking these proactive precautions within your organization can reduce human mistakes leading to cybersecurity data breaches.  

Consolidation driving progress 

While it appeared that 2022 was going to have a pretty weak showing when it came to growth rounds and exits for cybersecurity firms, a late investment surge in Q4 led to a better-than-expected investment scenario, according to Momentum Cyber research.  

The year ahead could see consolidation among firms in cybersecurity and data management. As financial markets start to recover and larger companies gain more confidence, they may be more inclined to buy the advanced technology that the startup world provides, likely at lower multiples than what may have been previously achievable a few months ago. And with market consolidation, CISOs may see some relief as one-off relationships get tucked into one of the larger providers. This would be good for the startup world, and more so for security execs looking to drive down the number of vendor relationships to manage. 

The year ahead looks promising. By taking a proactive stance to resetting passwords, rethinking password management strategies, improving employee cybersecurity savvy, and limiting who has access to what and when – you may just be able to better safeguard against some of the nefarious attacks 2023 might have in store for us.   

Password Managers, Passwords, Security

Are you overthinking your cloud model? If so, you’re likely in need of a well-defined cloud strategy. 

Companies with a clear cloud strategy position themselves to achieve more from cloud computing than those without. A well-defined cloud strategy provides a playbook inclusive of principles, baselines, services, financial models, and prioritization guidelines that enable companies to make informed decisions that support their goals.

In addition, a cloud strategy that is concise, actionable, and reviewed continuously allows organizations to assess current and future states in alignment with security, architecture, governance, compliance, human resources, quote-to-cash processes, and business objectives.

Unfortunately, many organizations mistakenly take their cloud adoption or migration plan as a cloud strategy. Whereas a cloud adoption or migration plan is focused on the “how,” a true cloud strategy is focused on answering the “what” and “why.” A cloud strategy provides a clear decision framework that directly supports business goals and outcomes.

In this article, I’ll share what a cloud strategy looks like, how it helps companies make better decisions, and how to get started.

What a cloud strategy is (and isn’t)

Unfortunately, many misperceptions surround the cloud, as outlined in Gartner’s Top 10 Mistakes in Building a Cloud Strategy. One such misperception is that a cloud strategy is a cloud adoption or migration plan. It’s not. A cloud strategy is not a data center strategy, a cloud-first strategy, or an IT-only strategy. Furthermore, it’s not the execution-level implementation plan many organizations think of. Take a minute to review the top 10 misperceptions that lead to mistakes in building a cloud strategy, as defined per Gartner:


In The Cloud Strategy Cookbook, Gartner defines a cloud strategy as “…a concise viewpoint on the role of cloud computing in your organization.” A true cloud strategy describes the role of the cloud as a business accelerant. It exists to align stakeholders and establish guardrails for decision-making. It includes leaders across the business, including C-level executives. Most of all, it directly supports whatever your business is trying to achieve.

A formal cloud strategy streamlines decision-making, drives better ROI, and reduces risks in strategy execution. A clearly defined cloud strategy helps businesses maximize their cloud investments and align with other synergetic domains of the business. Ultimately, a cloud strategy reduces frustration, disappointment, overspending, and low-value creation.

Getting started with your cloud strategy

If you don’t have a cloud strategy, you’re not alone. Most organizations don’t start with a strategy. Instead, they may begin with a business driver, such as closing a data center or merging with or acquiring another company. They may start with experimentation or heavier adoption in one silo of the organization. In most cases, it’s not until later that they circle back and create a cloud strategy that is not intermingled with adoption or execution planning.

A cloud strategy playbook does not need to be long or written in stone. In fact, it should be relatively short (10-20 pages) and considered a living document —updated regularly to reflect the shifting needs of your business, changes in the market, or anything that affects a significant organizational change.

For example, if your company merges with or acquires another company, that will impact your principles and R-Lane prioritizations. Or, if a new market opportunity comes along, you may need to revisit your cloud strategy to ensure it will help you drive competitive advantage.

The steps for creating a cloud strategy are simple:

Secure executive sponsorship.Gather the right people and set up a cloud strategy office, business office, or steering committee to help ensure your cloud strategy aligns with other domains in the business, such as security, architecture, data center, compliance, finance, IT service management, HR, and legal.Finally, host an iterative assessment series with workshop sessions to define or refine your cloud strategy, including principles and alignment to other domains (architecture, security, procurement, HR, etc.). Establish a cadence to review it regularly.

10 questions your cloud strategy should answer

As part of your cloud strategy definition, you should consider assessment and hands-on workshop sessions to define guiding principles. To do so, be sure that you answer the following 10 foundationally strategic questions:

What is your delivery and operational model? Align your workload and business objectives to a public, hybrid, private, multi-cloud, distributed, or smart cloud (workload-by-workload decision).What is your service model prioritization guideline (for SaaS, PaaS, IaaS, or XaaS)? Use guiding principles to define your service models based on defined guidelines.What is your consumption/development model? An example might be buying SaaS before building.What is your cloud deployment model? Will it be hybrid, multi-cloud, or cloud-native, distributed cloud?What is your R-Lane prioritization model? For example, define if lift-and-shift is the preferred option or last resort as a principle. Should a long-term and short-term R-Lane vision be defined for each workload? For instance, one workload can be a rehost in the short term but a re-architect/refactor in the long term.What is your FinOps model? Charge back or show back? Proportional or even split?What is your workload analysis model? Is it a workload-by-workload analysis or a big-bang analysis? How sophisticated are the inventory capabilities for workload-by-workload exercises (done outside of the strategy workstream itself)?What is your data center (or off-cloud) strategy?What is your cloud exit strategy?What is your level of strategic alignment with other parts of the business?

Define your cloud strategy with help from GDT

A solid cloud strategy helps ensure your organization makes suitable investments to support your business and streamlines decision-making around your cloud model.

With decades of experience, GDT can help you define your cloud strategy and create a cloud strategy playbook based on Gartner’s principles and best practices. To learn more, contact the cloud experts at GDT today.

Cloud Computing

Data is critical to success for universities. Data provides insights that support the overall strategy of the university. It can also help with specific use cases: from understanding where to invest resources and discovering new ways to engage pupils, to measuring academic outcomes and boosting student performance. Data also lies at the heart of creating a secure, Trusted Research Environment to accelerate and improve research.

Yet most universities struggle to collect, analyse, and activate their data resources. There are many reasons why.

For a start, data is often siloed according to the departments or functions it relates to. That means the various “dots” that join these datasets are missed, along with any potentially valuable insights.

This has not been helped by the fact that universities have traditionally lagged the private sector in terms of cloud adoption, a key technology enabler for effective data storage and analysis. One thing holding universities back has been a reluctance to move away from traditional buying models. Long-term CapEx agreements have helped universities manage costs, but such models are inflexible. In the age of the cloud, what’s needed is a more agile OpEx-based approach that enables universities to upgrade their data infrastructure as and when required.

Finally, the skills gap remains a challenge to the better use of data. Eighty-five percent of education leaders identify data skills as important to their organisation, but they currently lack 19% of skilled professionals required to meet their needs.

How can universities overcome these barriers? The first step is to put in place a robust data strategy. Each strategy will be different according to the unique needs of the university, but at a minimum it should include the following:

Evaluation of current data estate to understand pinch points and siloes so these can start to be tackled.Alignment of organisation strategy with technical requirementsEvaluation of the cloud market and cloud adoption roadmap to enable data transformation and agile, integrated data use.Comprehensive upskilling programme to overcome data skills gaps.

As universities embark on this journey, finding the right partner will be critical. One option is to team up with a company like SoftwareONE, which has extensive experience in enabling data strategies for large organisations.

Significantly, SoftwareONE is an Amazon Web Services (AWS) Premier Consulting Partner, which means it can bring to bear the capabilities of one of the world’s leading cloud platforms. SoftwareONE adds value by optimising and automating AWS infrastructure as code, which makes it faster and less expensive for universities to get their cloud data programmes up and running. The company also offers a rapid, cost-effective, and secure path to building trusted cloud-based research environments. 

What’s more, partners like SoftwareONE can help address the skills challenge, and not only through automation. SoftwareONE helps to upskill IT teams at universities and provides a full infrastructure as a managed service. Whatever your organisation’s level of comfort with the cloud, SoftwareONE can help you leverage cloud-based data tools with ease.

For more information about how SoftwareONE can help build your data strategy click here.

Education and Training Software, Education Industry