Originally posted on LinkedIn

This is a complex topic.

There are no easy answers, but the traditional thought is that data kept in inside your data center is safe because it's behind the corporate firewall. That used to be true, but no longer.  With sophisticated tools and techniques developed over the last 5 years by organized hacker syndicates in places like those in Eastern Europe, government sponsored hacker groups, and the rise of hacker ecosystems, pretty much any corporate firewall is now vulnerable.

 We've seen multiple recent high profile breaches like the ones at Target, Home Depot, and Sony, but most don’t realize just how big the problem really is...

A recent survey  conducted by Symantec indicates that cyberattacks against big companies surged by 40% in 2014 and “Five out of six companies employing more than 2,500 people were targets of cyber attacks last year”

If these are mostly attacks on traditional on premise enterprise systems, what does this have to do with cloud computing?

The new model is that one has to assume hackers will at some point penetrate the perimeter firewall and security policies must be in place for every node in the network. 

With stagnant budgets, IT departments have struggled to develop and retain the security expertise required to put the effective controls in place that keeps their data secure.   This is where cloud and other service providers can help.  The way I see it, cloud providers have six major advantages when it comes to security:

1. Because security has been such a big issue in cloud computing, cloud providers typically prioritize security higher and invest more resources than the typical enterprise. Cloud technology providers usually build robust security controls in from day one.
2. Cloud service providers are targeted far more than traditional enterprises and learn from being involved in these cyberattacks. As a result, they implement controls which are much more stringent than those typically used by enterprise IT departments.
3. IT security experts are expensive and can be deployed to help multiple companies utilizing a service provider model
4. Cloud providers have the ability to leverage security best practices developed with one customer across their entire customer base
5. Cost to develop security models and tools is spread across multiple customers.
6. Companies can tap into a set of best of breed IT security partnerships that cloud providers typically develop.

The bottom line is that the people, policies and tools in place to keep your data secure are much more important than the location of the data itself. 

Cloud providers are increasingly a key component of companies’ enterprise data security strategy but IT departments still need to own their overall strategy.  Here are some of the key components of a data security strategy:

• Data Encryption: If firewalls are now vulnerable, data needs to be encrypted at rest.
• Access control: SSO and other access controls need to be in place as part of an identity management strategy.  In the old model, users inside the firewall were assumed to be trusted.   In the new model, users are assumed to be untrusted and strict access control needs to be in place at the device level.
• Governance and Audit: Data should not be available to all personnel and copies of sensitive data should tracked and destroyed when no longer needed.  Best practices like limiting access to passwords, robust password policies and ensuring that passwords are stored in encrypted data stores are a must.
• Monitoring: Threats coming from both inside and outside the company need to be monitored at the device level.
• Testing – All IT departments should have a rigorous penetration testing strategy for both on premise and cloud environments.

 By working with the right cloud provider, the task of securing your enterprises’ sensitive data can be made easier.  Thanks to Jim Page for asking the question that inspired me to write this post.

You've probably heard about Tesla's announcement of a new division, Tesla Energy and  the POWERWALL, a sleek and stylish battery for the home.  Not a big deal, right?

Wrong.

This battery, along with electric autos, recharging stations, solar cell modules, residential and commercial solar installations and financing are all part of a carefully orchestrated plan launched years ago by Elon Musk and his colleagues to dramatically accelerate the transition to clean renewable energy.

To understand the plan, you have to look at Tesla and SolarCity as part of a unified strategy

To solve for sustainable energy, the key questions Musk would need to ask are:

1. Where is the opportunity to make the quickest and biggest impact?

2. How does one attract investment in renewable energy to create the technologies, infrastructure, markets, and ecosystems required?

3. What critical parts of the overall value chain are inhibiting opportunities for economic profit?

4. How does one create the sustainable competitive advantage required to provide a source of cash flow needed to fund further investments?

Although some see SolarCity as primarily a solar residential installation company and Tesla as primarily a car company, the reality is that Musk’s companies have operations across much of the energy value chain. This distribution of investments and activities is not random. Musk’s focus has been on elements of the value chain that tend to have the biggest impact on sustainability and present the greatest economic impediment to creating a superior cost alternative to the fossil fuel value chain. It’s also not a coincidence that these components of the value chain also present the largest opportunity for sustained competitive advantage and profits.

What's the biggest obstacle to renewable energy?  Distribution.

For energy to be utilized cost effectively, it has to be distributed to energy consumers in a form they can use. Unfortunately,  over 70% of energy in the US is distributed via liquid, gas, and solid fossil fuels, not electricity.  If we wanted to reduce fossil fuel consumption by half, we would have to more than double electrical distribution capacity, which would require truly massive capital investment given that utilities spent nearly $100 Billion on transmission over the last 10 years in the US alone.

What solves the distribution problem?  Batteries
 
In addition to making electric cars a successful business, the growth of Tesla’s capabilities with respect to electrical storage stands to benefit the development of a distributed energy production model. For example, Walmart already has Tesla batteries installed at 11 locations in California. Once Tesla’s Gigafactory is complete, Musk will be able to use high volume battery production to both accelerate penetration of the automotive market with the mid-market Tesla Model III and help extend SolarCity’s market share leadership by enabling commercial and residential customers to become energy self-sufficient with energy modules containing both solar cells and batteries.

Batteries and distribution are just one part of a complicated energy picture.  I've put together an extensively researched whitepaper that details Elon Musk's motivations and strategy to accelerate the transition to clean renewable energy.

MAKING MONEY WHILE CHANGING THE WORLD:  Elon Musk’s 6 Point Strategy to Solve Global Climate Change by Transforming the Energy and Transportation Sectors

In this whitepaper, you'll see how Musk's strategy follows these 6 key principles:

1. Start with the big picture view
2. Start in a niche small enough to dominate
3. Execute like crazy
4. Only move into mainstream market segments when you can create real competitive differentiation
5. Prioritize investments in the elements of the value chain that “aren’t good enough”
6. Integrate across boundaries within the value chain to create economies of scope

Read the whitepaper, comment on this post or reach out to me directly.  I'd love to hear what you think.

Disruption is in the air. While HP and IBM both grapple with what has become a long term downward revenue trend, Amazon, Google and others are enjoying the spoils of disruption.

To combat the threat, both HP and IBM are doubling down hard on cloud computing, but as HP CEO Meg Whitman mentioned in the Q1 investor call last Thursday, the key to managing the disruption will be to manage the decline in revenues:

“The water is now going to stop draining out of the bathtub as fast as it has, so the water that we pour in ought to lead to a rising level in the tub” - HP CEO Meg Whitman

Probably not the way I would have worded it, but I get her point.

Will the growth from HP and IBM investments be enough to stop the revenue declines? Eventually, probably, yes, but it’s difficult to say when growth from the new business will exceed decline from the old. There is no doubt about the scale of investment. During IBM CEO Ginni Romnetti’s analyst meeting last week, she mentioned an additional $4 Billion investment in emerging technologies like social, mobile, analytics and cloud; this is in addition to the $2 Billion acquisition of Softlayer as well an incremental $1.2 Billion in additional cloud capacity. The Eucalyptus acquisition is an example of HP's investments in cloud computing . That said, all appearances are that IBM’s total dollar investment in cloud is far greater than HP's, with HP appearing to rely on a more organic growth strategy that leverages Openstack to quickly gain capabilities.

Will HP’s strategy work?

If co-opted correctly, open source can be an effective defensive weapon against disruption, but the key is to maximize the benefit of your investments; I think IBM is doing a better job on that score than HP.

As this chart indicates, IBM’s relative contribution to the Openstack code base has declined while HP's has increased. Even though Openstack is a key component of IBM's cloud software portfolio, HP is now the leader in contributions to Openstack. So what happened to those developers? Did IBM lose them to HP and others? Unlikely. What’s more likely is that these developers are now working on proprietary enhancements and integrations into IBM’s software portfolio. If true, then the more HP invests in Openstack, the more IBM benefits as IBM continues its aggressive investment and acquisition strategy while continuing to use Openstack as a core technology. That’s not to say that HP won’t see success, it’s just that IBM seems to be taking advantage of a better position, and arguably better understanding of how best to use open source as a competitive weapon.

What do you think? Who will end up on top?

Or do you think it doesn't matter since the Amazons and Googles of the world will crush the IT incumbents?

Nine years of cloud computing and counting...

The year was 2006. While Andy Jassy and Jeff Bezos were inventing a whole new way of delivering technology over the Internet at Amazon, I was busy at HP trying to convince customers to move their applications from legacy IBM mainframe systems to UNIX systems. As you might guess, that didn’t go too well; I was stunningly unsuccessful convincing folks to move off mainframes. (Fortunately, I could consistently beat quota by helping customers deploy standard UNIX workloads like Oracle and SAP.) The re-platforming cost and risk was just too great and an IBM sales rep would always come in at the 11th hour with a low-ball offer and a reminder of the risk and lack of experience with the new platform - and the deal died. I learned an extremely important lesson from that experience:

Don’t underestimate the power of those leveraging resistance to change

Fast forward to 2015 and the IT technology world is radically different, but some things haven’t changed. Although declining gradually, IBM’s mainframe ecosystem is still generating billions in revenue. Corporate IT is now largely virtualized but most application architectures are unchanged from when they ran on physical servers. Companies like Uber, Airbnb, and Netflix that were “born in the cloud” are disrupting their respective industries with technology from Amazon, Google and others, but over 90% of the Gartner estimated $3.8 trillion in 2015 worldwide IT spend will still be on legacy systems and services to support those systems. Why?

The answer is that most technology decisions are rational and those decisions depend on both the value and cost of changing technology. More on the value part of the cloud equation and why many companies are missing the point in a future post.

What is the industry response to the AWS advance?

Meanwhile, IBM, HP, Microsoft, the EMC/VMware federation and other incumbents have taken notice and are investing heavily in new technology to help customers simultaneously achieve the business benefits of cloud computing, minimize migration risk and maintain platform stickiness. Case in point is IBM's acquisition of and further investments in Softlayer while rumors swirl about reducing overall headcount. Many of us recognized the same pattern in the early 2000’s when leading telecommunications providers maintained their status as incumbents by turning a potentially disruptive new cellular technology into a way to combat new entrants, an approach described in Clayton Christensen's book, Innovator's Solution.

The idea is that current leaders can minimize disruption if they recognize the threat early enough and invest aggressively in new technologies and business methods to protect their industry position, even though new players are deploying new technologies in a way that disrupts the industry's predominant business model. Oftentimes, this requires carefully staged self-cannibalization. HP, for example, addressed this by keeping its cloud services organization separate from its enterprise services business unit (the old EDS business).

How is cloud computing disrupting the IT sector?

The pattern we are seeing in cloud computing at the moment doesn’t fit the classic industry disruption model. Unlike their colleagues in the retail and media sectors, IT industry leaders are fighting back by evolving their business models, making new investments and rapidly co-opting new technologies.

By some, this could be seen as a provocative statement

Is the growth of cloud computing disruptive? Absolutely, but it depends on your perspective of who is being disrupted. We can expect to see continued turbulence where a number of IT companies will not navigate the transition to the as-a-service cloud business model, but most of the biggest players will be able to maintain their position as industry leaders (although the order will likely change in the shakeout)

Traditional IT leaders are starting to see the results of their cloud efforts

As we see IT industry incumbents invest heavily in new capabilities and technologies and co-opt cloud innovation concepts, we are also seeing them aggressively work to maintain and extend their platform ecosystems. Those efforts are starting to generate results. By some measures, Microsoft is growing its cloud revenue almost twice as fast as Amazon, and IBM is only 2 percentage points behind.

Case in point: Even though Amazon AWS is the clear market leader with up to 75% share of cloud platforms according to Forrester, Microsoft has grown its cloud business from low single digit market share 3 years ago to as high as 25% at the end of 2014.

This is because of the mature Microsoft ecosystem combined with the gradual maturation of Microsoft cloud technologies. The key word here is ECOSYSTEM. Microsoft has 10,000’s of partners, a large mature enterprise sales force and a .NET platform that is nearly ubiquitous with Fortune 1000 IT departments. Because of this, they can leverage the high ground to gain cloud market share from AWS, Google and other new entrants and protect their base. Other leaders like EMC and IBM are employing a similar strategy. Does this mean that IBM and the other incumbents are out of the woods? No, but they're fighting back hard and aren't going anywhere anytime soon.

The Cloud Biome: A set of ecosystems emerge

While the new players led by Amazon and Google are growing their cloud ecosystems organically, established players are re-purposing their existing ecosystems of developer communities, resellers, technology providers, integrators, and service providers. This takes work: There are new winners and losers and capabilities have to be evolved but the results are unmistakable. Taking a closer look, we see a key subset of cloud platform ecosystems emerge:

• Amazon AWS
• Openstack – IBM, HP, Red Hat, Rackspace
• Microsoft Azure
• VMware/EMC
  
• Google

Other platforms may achieve critical mass in the future, but it’s clear these platforms are here to stay. One way of looking at this is to look at the number of jobs posted requiring competence with a particular platform. If you look at trends on the Indeed.com website, you will see skills related to all of these platforms in high demand. (Be careful how you read the results though, the high growth of jobs in the transportation sector skews the results.)

Do enterprises care who’s the biggest? No.

Every platform mentioned here has and will continue to attract its share of customers for the foreseeable future. Many enterprises will also standardize on multiple platforms depending on their current state, future state plans, and to spread out risk. Do we care which platform provides the best fit for any given situation?

Absolutely yes, but.....

I’d love to hear your thoughts; let me know what you think by leaving a comment below.

Originally posted on www.tylerjohnsonconsulting.com.

I recently came across Geoffrey Moore's  recent YouTube video, Is Your Business Model Being Disrupted? The Era of Code Halo... and it triggered a few thoughts.

First, I think Geoffrey Moore and guest Malcolm Frank, author of book on Code Halos or “digital footprints” are definitely on the right track on their thinking around SMAC – “social, mobile, analytics, cloud” (And I will buying and reading the book – unless someone wants to send me a free copy…).  Gartner calls it "Nexus of Forces" – another term I’ve heard is technology convergence.  The reality is that these new technologies in various ways are being used to create new business models that are disrupting every industry from publishing to retail and beyond. 

In particular, I like this framework from the video:  (Let’s call it “Geoffrey’s SMAC down”.)

What we are talking about is adoption of these radically new technologies as a weapon to disrupt your industry.  The massive challenge here (as discussed in the video) is that this framework represents pulling together a daunting set of skills and knowledge that few companies have in house.  Sounds like an opportunity for consultants, right?  While that may be true, (Moore and Frank are consultants after all J) that’s just the beginning.  IT and business executives will need to develop new skills, new business processes have to be developed and implemented, organizational evolution will need to occur.  You could hire Chasm, or Cognizant, or KPMG, or Deloitte, but I don’t believe that is enough if you’re the right people in your organization don’t understand the interplay between technology and business in this context.  Change is hard because it requires making the right investments and right tradeoffs in the right places; this is why most industries will eventually be disrupted by new entrants with only few surviving incumbents.  To understand this more fully, let me take you through a thought experiment.

Let’s look at a hypothetical large retail banking institution.  The IT folks are thinking about virtual desktop (VDI) solutions as a way to reduce cost, improve security.  Leadership is thinking about their M&A strategy, litigation, and growing profits.  How could VDI transform their business?

·         M&A – grow revenue be accelerating integrations, make acquisitions more accretive.  How?  By deploying VDI, the bank could move an acquisition’s remote offices’ core banking software over instead of integrating two systems and replacing all the local PCs.  (They probably need a private cloud solution as well)

·         Litigation – total control over all data by not letting it leave the datacenter.  This reduces the risk of employees stealing customer data, hacking/tampering with software installed at the remote office, etc.

·         Profit – reduce cost of building and supporting new remote locations. Enable new form factors for remote locations.  Remote tellers? (Implies linkage with a mobile strategy)

Unfortunately, each group has their own POV and has a hard time communicating their needs and the implications of their needs to the other.  As a result, communication reduces down to the lowest common denominator – “cost reduction”.  They’re using the current budgeting process.  Based on NPV, EVA, payback, etc., this process doesn’t take into account the other benefits of a VDI solution.  They need a new way to prioritize investments; soft benefits need to quantified, which requires understanding of both the technology and the business impact of the technology, not an easy task.  To trust the process, producers and consumers of the analysis need to understand both the technological and business implications of the transformation.  The organization itself needs to change, i.e. what organization, roles, and skills are required to successfully complete such an exercise?  You could argue that you just go do it, but then how do you measure this project against others, like a big data (analytics) project that combines customer data with digital footprints from social media to create new financial products, hyper targeted demand campaigns and the like?  And we haven’t even addressed the bigger question of how SMAC could create new opportunities for business model transformation - like creating a platform for crowd sourced microloans to disrupt the check cashing industry. On the other hand, maybe that's the type of thing that could disrupt the bank as well...

The point I’m making here is that it is not enough to look at how SMAC could transform your business model and create new sources of competitive advantage; you also need to look at how SMAC could transform your industry, and how your company has to evolve to embrace all this change.

Let me know what you think.