This post was contributed by Luis Casco-Arias, Senior Market Manager for IBM Security.
As technology evolves and becomes more ubiquitous, it is imperative to re-think our approach to information security. Initially, the few key IT assets to be protected belonged to enterprises, and few people had the expertise or resources to access them. It sufficed to implement a security strategy that had the right access controls, and to protect the enterprise by erecting firewalls to fence out outsiders, or deploying antivirus software to protect the inside. Turn the page a few decades ahead, and now we are in a digital world that is practically available to everyone. Not only do people have devices (mobile or otherwise) to connect amongst themselves and to businesses, but connectivity is considered almost a birth right. Our dependency on these digital computerized environments has grown integral to our life and work.
In turn, this openness dynamic has created a vast amount of data to be handled. In many cases this data is very sensitive, not only to businesses, but to individuals, and to the point that major regulations now revolve around its protection. New technologies have spawned to help us deal with this data, such as: Web 2.0, Cloud computing, virtualization, and Big Data. Effectively, these technologies have helped offload some of the burden of managing, communicating, or analyzing this data, in many cases, outside the realms of the enterprise. It is then puzzling when we see that enterprises continue to rely by inertia only on perimeter security to protect their digital assets. We are experiencing a paradigm shift in enterprise security, which requires not only that we care about perimeter security, but that IT security expands protection to the data itself, wherever it resides.
Evidence of the significance of data can be found in the latest security breach and trend reports, such as those published by Verizon and the IBM X-Force. There are many types of cyber attacks and risks threatening the enterprise: simple, sophisticated; original, copycat; external hackers, internal privileged users; targeted, random. They can even have different drivers or motivators: egomania, obstructing business, shaming, stealing or damaging resources, stealing or changing information. However, as trends go, regardless of the attack vector, the objective of the breaches involves getting to sensitive data in more than 90% of the cases. Therefore, it makes a whole lot of sense to directly protect this sensitive data across the board. The good news is that there are technologies that can help us get there effectively and efficiently. A good place to start is to look for solutions that address the following areas: data discovery and classification, real-time data activity monitoring and alerting, data resource vulnerability scanning, data encryption and masking, data loss prevention, and data audit and compliance automation. Ensure that these solutions cover all of your data and application resources, and that they link well with other IT and Security solutions. After all, security is like a chain, and data security and compliance is its last link (which does not need to be a weak link anymore).
A few weeks ago, IBM held the largest event ever in Asia: IBM InterConnect. This inaugural event in Singapore brought together over 2500 business and IT leaders from 52 countries to explore how information and technology serve as the catalyst for unleashing innovation. A valuable opportunity for attendees, but we were also able to bring back some great insight for the rest of us.
Of particular interest to IBM Software Blog readers is the keynote by Rod Adkins, Senior Vice President of IBM Systems & Technology Group on "Unleashing Innovation with Smarter Computing." In his keynote, he spoke about how the confluence of Big Data, cloud, mobile and social technologies is transforming the way we find and engage customers, source and manage our supply chains, and orchestrate critical business processes. At a time when the stakes have never been higher, he shared how only IT can lead this transformation.
Enabling Business Growth with Enterprise Systems was one of the Hot Topics at IBM InterConnect. Guests of the event heard from STG�s Doug Balog, General Manager of System z and Colin Parris, General Manager of Power Systems on how new technologies can be applied in innovative ways to promote profitable growth.
During their sessions they provided a deep dive on the three critical attributes of enterprise systems�cloud, data and security. They also shared client case studies on the major business impact stemming from a platform with trusted information delivery, security of data, and infrastructure efficiency. Finally, they shared how recent advancements and announcement within the Power and z portfolio are delivering against new and pressing challenges for IT.
Smarter Storage was also front and center at the event. This hot topic centered on how clients are transforming their business with IBM Storage solutions, while meeting budget constraints and increasing ROI. These experts also shared some of the critical best practices for intelligently and automatically moving data to optimize performance and cost.
Listen in as Shon Saliga, worldwide STG Market Manager for the Storage Platform as he explains how front office transformation, social, mobile and more are impacting the need for Smarter Storage.
At InterConnect attendees learned how to accelerate delivery of new applications, analytics, and exploit big data with IBM PureSystems. With solutions that are �built for Cloud�, integrated by design and simple to use and manage, they learned how IBM clients are leveraging this offering to react quickly to change. The event also offered a venue to share how IBM has expanded its PureSystems family of expert integrated systems with the introduction of the IBM PureData System.
Overall one of the biggest benefits this scale of event provides is the opportunity to bring together the whole IBM community�and we have that for you too. Visit the IBM InterConnect YouTube channel for more insight from leaders across software, systems, storage, services and more, along with IBM customers and partners telling their story and sharing best practices.
This post was written by Glinda Cummings, World Wide Senior Product Manager, zSecure at IBM.
When it comes to enterprise security, no news is not necessarily good news. A lack of alerts about attempts to attack your system doesn�t mean they didn�t happen�because chances are, they did. Many large organizations track multiple attempts a week. A lack of alerts just means that while previous attacks were unsuccessful, you may not have received the information and insight you need from your security system to protect against the next attack. That next attack could be successful�and devastating. In today�s interconnected business environment, no system is immune to threats, including mainframe environments.
Security intelligence has come a long way from the early days of simple reports or using an isolated group of people in back offices, who may or may not understand the security requirements for the organization. This isolated group is manually poring over huge amounts of logs and data points. Today, the entire enterprise requires timely security intelligence in making its decisions. Security intelligence has moved from the back office to critical real-time operations. Every part of today�s corporation needs some form of decision support but the scope and complexity is a taunting tasks � from mainframe system logs, application logs, privileged us who are global, and complex models of behavior.
Only a highly integrated series of solutions, like those found in the IBM security intelligence offering, can produce the necessary visibility to safeguard the environment. Security intelligence enables the organization to better discover and respond to:
External threats such as financially-motivated criminals and �hacktivists� seeking sensitive data
Internal threats such as employee theft of intellectual property
Unintentional but exploitable weaknesses such as misconfigured security devices or improperly configured access controls
To achieve consistent reporting on vulnerabilities or threats, including monitoring privileged and non-privileged users, the organization needs centralized logging and intelligent normalization of security data. To ensure that compliance and security goals align, it needs visibility into network segments where logging may be problematic. To discover unknown, excessive or unauthorized mainframe access, it needs visibility into asset communication patterns.
Security intelligence offerings from IBM help provide organizations with comprehensive and actionable insight into threats and risks in mainframe and distributed systems environments. Applying real-time collection, normalization, and analysis of access information and other security-related data, it can reduce both the risk of security breaches and�just as important�the manual effort of security operations, freeing your team to focus on more serious incidents rather than wading through an endless stream of data without context.
IBM security intelligence solutions can strengthen mainframe security operations and enhance availability by consolidating security views to improve identification and remediation of threats. The IBM approach integrates a number of solutions including the Security zSecure Suite, InfoSphere Guardium solutions RACF, DB2, CICS ,and QRadar SIEM. These products build on the threat intelligence expertise of the IBM X-FORCE� research and development team to provide a preemptive approach to security. IBM solutions integrate with competitive products for seamless operations designed to help organizations stay ahead of today�s ever-increasing risk of advanced threats.
The 2012 edition of Information On Demand certainly left us all with a lot to think about, whether it was our Big Future, its Big Possibilities or simply the new mandate to Think Big.
No doubt you�re wondering how to share with your colleagues all the great things you saw and learned over the course of those three days. Naturally, the best way to determine your next steps would be to contact your IBM rep or Business Partner.
For my part, I�ve compiled a list of assets and sites related to the big themes of this year�s conference, namely: Big data, Smarter Analytics, IBM PureSystems and Watson.These are by no means exhaustive, but they should help you get started.
Finally, you can always review our rich store of event video content on our Livestream channel. Review and revisist the opening general sessions, track keynotes and a long list of Scott and Todd�s interviews with keynote speakers and IBM executives.
A crowdsourced collection of big data challenges and analytics opportunities was on the agenda for the Technical Unconference at Information On Demand. Here�s a sampling of what transpired.
�Businesses, place your bets�
�Business is all about placing bets on what you think will happen next,� said IBM Big Data Evangelist James Kobielus. He laid out some of the criteria that IT must satisfy and the capabilities they must embrace to turn the odds in their favor. For example:
Engage Customers as Individuals: Organizations must use every tool at their disposal to drive personalization capabilities into every touch point and form a bond with each customer. Big data and social analytics can help organizations go beyond a 360-degree view of their customers (knowing who they are, what they�ve bought and what they�re worth in the long-term) to a 720-degree view that reveals their undeclared needs and opportunities to satisfy them. �When you develop this capacity, customers will stay with you because you make them happy,� he said. �Listen carefully, then lavishly respond. Intimacy is everything.�
Go faster: Kobielus placed a premium on the speed and agility of your analytics operations, right down to the code. �Python and PHP didn�t get popular because they were better. They got popular because they�re faster.� Speed and agility are key IT attributes in a volatile market marked by an every-tightening spiral of shorter cycles, faster responses and urgent decisions. Successful organizations are powerful, flexible and faster, he said. They�re production-driven, business-focused and results-oriented. Users will choose sub-par tools if they help them get work done more quickly.�
Automate your analytics: Predictive models are the backbone of the agile enterprise, Kobielus said. But with so many people needing them and with more and more decisions being automated, how does IT respond? �Automate your analytics,� he said. �Automating your modeling function is the only way to respond at scale.� This automation must also include governance capabilities to refresh the models or replace them with next-best challengers when outcomes start to slide
The two people you�ll meet in every big data project
Tom Deutsch, IBM Big Data Program Manager, gave an overview of the two personality types you�re bound to run into in every big data or analytics project.
"This Changes Everything� Guy: prone to hyperbole and susceptible to the new and shiny. You�ll know him when you hear things like this:
�Everything older than six months is crap."
�We�ll figure out the information and metadata lineage later.�
�Breaking down silos takes too long. We�ll just create a new one."
�This will never work� Guy: obsessed with process and addicted to exactitude. His telltale expressions include:
�All this new stuff is crap.�
�We need to get all the governance and metadata right before we start.�
�I don�t trust anything without a schema.�
These opposing dispositions aren�t going to go away, Deutsch said. Further, each has a valuable part to play on any project. Your job is to find roles for them where they don�t manifest these behaviors. There is a happy, successful and profitable medium between utter chaos and complete control.
On the �irony� of NoSQL
RedMonk analyst Steven o�Grady assuaged fears in the room that emerging NoSQL technologies would not, in fact, render their hard-earned and well-honed SQL skills obsolete. �A lot of people thought NoSQL would replace the relational database. They got scared that they would be replaced.� The truth, said O�Grady, is more sophisticated than that. �The SQL skills that you�ve developed are just as relevant in NoSQL as in SQL,� he said.
O�Grady said another misconception is that NoSQL is a blanket, one-size-fits-all term. Rather, he said, �there are lots of NoSQL tools that have nothing to do with each other. It�s a matter of knowing what each tool is good at and picking the right one for the job.� These new tools provide IT with considerably more options - and opportunities � to build the right solution.
�Before NoSQL, the answer to every question was to run an SQL query against a relational database,� said O�Grady. �Now, you can choose the right tool for each function.�
"We all have our horror stories"
The frustration floodgates opened wide when participants explained how user demands for faster analytics run straight into the persistent (and persistently thorny) issues of data governance and SLAs.
Here�s a sampling (business users, take note: they�re trying to drive better outcomes, too):
�They�re distinct factions that don�t like to work together.�
�People always want to go off and do their own stuff.�
�Users don�t care how clean the data is. They just want all of it so they can do their own ETL. Taking time to clean it frustrates the bejeebus out of them.�
�It�s difficult to establish service levels in the cloud when a build takes one hour one day and four days the next. My users won�t even wait an extra 30 seconds.�
�I can teach smart people how to think, but it takes time for them to learn the business.�
�I kept rubbing my eyes and saying �I don�t see the value�.�
�The approach is generating revenue for us and I don�t want to stop it, but I can�t build a product out of something that only one person knows.�
�I found a massive Microsoft SQL installation running on someone�s desktop that was running an entire shop floor. We didn�t know it was there until it crashed.�
�The data becomes accepted, then embraced, then we find out it�s wrong.�
�You can�t dictate use models when users are in control.�
This post was contributed by Darren Argyle, World Wide Security Solutions Market Leader for IBM Security. Connect with Darren on Twitter @D_Argyle.
It's been over a week since I attended IBM InterConnect in Singapore, and with some great customer feedback still ringing in my ears, I thought it timely to provide some reflective thoughts.
For the most part I was sharing my days and evenings with our valued customers from the region, either in the �meet the expert� sessions, hosting them in the evening or sitting in with them in the 'hot topic' sessions (Defending Against Cyber Threats with Security Intelligence) that Brendan Hannigan (IBM GM Security Systems division) was leading. Mitigating new attacks from cyber-criminals, hacktivists, espionage, & disgruntled insiders dominated client discussions, and in an evolving multiple-perimeter environment, and particularly when using cloud computing, being confident that your data is safe becomes an even greater challenge.
The business benefits of cloud are well documented, reduced costs and increased flexibility, but many still fear taking those first steps toward optimizing their IT because of concerns about security. These concerns reminded me of the early days of outsourcing, a perceived loss of control and visibility of their enterprise systems, however with agreed security controls and operational security governance in place, outsourcing vendors, such as IBM, have been able to demonstrate a level of control that clients and auditors find satisfactory. At the foundation of cloud computing is the broader concept of converged infrastructure and shared services, so it�s easy to see where these concerns come from. For private/hybrid clouds in particular, it�s especially important that the security solution technologies are scalable, integrated and intelligent to protect against new threats, regain visibility and demonstrate compliance with activity monitoring and security intelligence.
EXA Corporation was in attendance at IBM InterConnect, and their experience provides us with an excellent case study for securing private/hybrid cloud. EXA has multiple offices across Japan and was faced with the challenge of how to best manage various servers located in each office, while also providing secure access and defending the enterprise from attacks. Working with IBM they embarked on a risk based security approach to cloud computing and built a secure hybrid private cloud. They were able to integrate proprietary and external data centers as one virtual data center and by deploying federated identity manager software they were able make it transparent to users. This mechanism has unified the management of user information, enabled the single sign-on based on a single ID, improved the customer experience and usability of the system, and created a secure authentication environment. See full case study here.
Moreover, in a �meet the expert� session I was hosting on cloud security, a similar discussion started with a CISO from an Indian organization; they were looking to build a private cloud to improve SAP service delivery speed and quality to their distributed business units across India. The CISO was particularly concerned about defending against the increasing cyber attacks that were highly publicized during 2011 and the first half of 2012 (see IBM X-Force Reports 2011/2012) and was curious as to what additional security controls he�d need to consider for cloud. Having quickly established that he�d already gained support from his senior executive team and security was already embedded into the design phase of this new project, his organization was well on its way to a successful outcome. So, we talked about the next set of priorities and I offered some advice based on the approach we have taken with other customers, using the IBM security framework as a reference point to show how security solutions need to integrate and enable security intelligence, to stay ahead of the threat and be protected against the latest sophisticated attacks (learn more in the IBM Cloud Security Solutions brief)
When securing cloud there is no one size fits all, so building a cloud strategy roadmap with security at its heart and using a proven security framework as a reference point (including - people, data, applications and infrastructure), you have transparency of the risks and appreciation of the accelerated value that can be gained from using the cloud. In today�s multi-perimeter environments corporate data is stored in so many places, making sure that data is safe and can be accessed securely is now a business priority when competing on a world stage. The media headlines about a business should be about growth and profitability, not being a victim of a security breach and causing shareholder confidence to drop. A �secure� cloud environment provides the opportunity for business to innovate with confidence, be more agile and be faster to market.
Please engage with me directly for further discussion on twitter @D_Argyle, also see IBM SmartCloud Security video.
Big Ideas conveyed, Big Opportunities revealed, the last full day of Information On Demand concerned itself with a Big Future.
Your future, our future, the entire planet�s future.
As it turns out, host Jason Silva isn�t the only on here thinking about it. A charming �person on the street� video compilation yielded some interesting ideas about what our accelerating technology can do for us. For example: houses that talk to us; table tops as touch screens, pay-per-view sports offering immersive, in-home experiences; a universal translator app for all the languages we speak.
But if they seemed straight out of Star Trek or The Jetsons, none of them phased Silva in the slightest.
�We�re in a world where complexity is bootstrapping on its own complexity. The more dense and complex the connections among people and systems, the further we advance as a species. We�re riding a wave of accelerating change that is human history. Culture and technology and the manipulation of matter reaching an infinite velocity.�
Remember, Big Future.
But while not everyone will appreciate a surround-screen Super Bowl, everyone will appreciate improved health, which will most certainly be a hallmark of our collective Big Future. Next up was Craig Rhinehart, IBM Director of Enterprise Content Management Strategy and Market Development. The U.S. spends $750 billion on health care every year, said Rhinehart, Yet in global rankings, the country�s quality of care sits 37th, barely ahead of Slovenia, a country of two million people.
A substantial percentage of that $750 is due to unnecessary or inefficient treatments, process errors such as duplicate lab tests and outdated manual processes. This �trial and error healthcare system� sees patients continually readmitted for recurring or chronic problems that in many cases never get better. The solution isn�t more money, said Rhinehart. With 83 percent of healthcare costs deemed avoidable, the solution is a move from a reactive system to a predictive and preventative one.
Rhinehart then walked attendees through a new product, IBM Patient Care and insights. This new product sources hidden opportunities to improve patient care by integrating, analyzing and liberating the valuable patient information in doctors� notes, hospital files, lab reports and other sources that remain trapped in information silos.
With IBM Patient Care and Insights, healthcare professionals can analyze both structured and unstructured data using some of the same foundational natural processing language technology as IBM Watson to understand text-based information and present it for analysis.
The predictive analysis capabilities enable healthcare organizations to identify patients at risk for developing illnesses or needing additional interventions. Providers can use predictive modeling, trending and scoring to anticipate patient outcomes and evaluate the potential effects of interventions.
Drawing on the insights gained from analytics, care teams can then use the care management capabilities in IBM Patient Care and Insights to create personalized, coordinated treatment plans for patients that span multiple physicians, specialists, hospitals, clinics and home care environments. IBM Patient Care and Insights eliminates paper-based processes and automates care delivery mechanics such as managing workflow tasks and providing ongoing patient assessments.
This post is courtesy of Ronnie Shelley, IAM Segment Manager for IBM Security.
Here�s a quick survey for you. What threat do you consider the greatest security risk to your organization�s data? Botnets? Malware? Would you believe your own employees? According to an April 2012 PriceWaterhouse study, eight out of 10 enterprise data breaches are caused by employee errors. The study points out that several worker-related factors, including employee ignorance, the burgeoning use of personal mobile devices in corporate settings, and successful phishing attacks can cause security breakdowns in any organization. Attackers are looking for the weak links, hoping to exploit user interactions across all security domains, including cloud and mobile.
Is employee negligence the greatest "insider" threat?
While it�s tempting to blame most insider security breaches on the disgruntled employee bent on stealing data or creating havoc, the truth is often much simpler. Insider negligence, rather than malicious behavior, is often the culprit. Careless insiders can jeopardize your data security by mismanaging passwords, opening an infected document, forgetting to log off a shared workstation, or failing to encrypt their mobile devices.
Protecting data is no longer just a matter of regulatory compliance � it�s become a business imperative. An IBM/Ponemon study of C-level executives identifies negligent insiders as the #1 greatest risk to sensitive data. In the study, those surveyed consider data breaches to be the top risk to their corporate reputations.
The "people" side of security
With insider incidents on the rise, and their corporate reputation at stake, organizations are taking a closer look at the �people� side of security. The business challenge is clear; insiders must be managed but not hampered from performing their necessary work, wherever they are located. Identity and access management solutions (IAM) can help enterprises protect sensitive assets from inappropriate access and demonstrate compliance with security regulations, while still providing employees, partners, and consumers with ready access to the information they need, even in cloud and mobile environments.
Even though IAM products have been around for over a decade, their functionality is keeping step with the latest security demands. Today�s IAM solutions offer a lot more than just user provisioning, single sign on and password management. They can provide role based user entitlements, safeguard user access to cloud/virtualized environments, and protect online transactions in web, cloud or mobile environments. For example, IBM Security IAM solutions can help secure shared accounts used by privileged users, provide single sign-on and strong authentication to the virtual desktop, ensure compliance with regulations, and enable secure business collaboration in the cloud and on the mainframe. These products draw on the strengths of other products in the IBM Security portfolio to help our clients cope with today�s advanced security threats.
Identity and Access Management is key
In summary, whether you�re trying to protect corporate data stored in the cloud, rein in application use in mobile environments, or prevent embarrassing security leaks, identity and access management solutions offer the tangible, operational benefits of improved user productivity while also reducing the risk of security breaches. Don�t let your trusted insiders ruin your day. Download this white paper to learn more about how IBM IAM solutions can help improve security and control access to protected resources.
I spent an hour yesterday at one of two Influencer Roundtables. The topic was "A closer look at the CMO: Social and Predictive Analytics, How Sports is Becoming a Metaphor for Business." On-stage to discuss the ways professional sports are becoming a "living laboratory" and the lessons they could teach CMOs were:
Leslie Ament: Vice President and Senior Analyst, Hypatia Research (Moderator)
Rod Smith, IBM Fellow and Vice President, Emerging Technologies
Deepak Advani, Vice President, IBM Business Analytics
Andrew Shelton, Head of Sports and Science, Leicester Tigers
Mark Wyllie, CEO, Flagship
Here's what they said:
Leslie Ament: Social media analytics is the "flavor du jour." Are we getting a tangible return on our investment?
Deepak Advani: Marketing is evolving from an art to a science. The proliferation of channels is making it increasingly complex. We're not where we need to be but we're making tremendous progress. For example: we can now do better targeting. We can run social media data through predictive models to understand which kinds of messages will improve the sentiment toward products. Of course, CEOs will say �positive sentiment doesn't pay the bills.� That�s true, but we�re also starting to model the correlations between sentiment and purchasing behavior.
Rod Smith: We�re part of the way there. Putting analytics in the hands of the business professionals will be the next trick. When Tiger Woods makes a great shot, fan reaction will spike on Twitter and CBS will get a massive influx of viewers for the replays for half an hour. That dynamic can impact advertising. Opportunistic marketers will know how to take advantage of those opportunities.
Leslie Ament: Do organizations understand the difference between simple social media monitoring and using social analytics for business purposes?
Mark Willie: They�re getting there. The Miami Dolphins, for example, look at their media strategy across Paid, Earned and Owned media channels. That used to be all Paid. Now they�re looking at new projects that can take fan content on Facebook and Twitter and present it on the Jumbotron during games. When Chipper Jones tweets about a problem with his bathroom at a Holiday Inn, there�s someone at his door 10 minutes later. But there�s no call to the front desk.
Leslie Ament: What are the biggest challenges to implementing social analytics in sports organizations? How do you overcome them? What results have you seen?
Andrew Shelton: We�re also in the early stages. We started by collecting player data from the past few seasons and doing some basic reporting, but we didn�t take a lot of action. In sports, injuries drive performance outcomes, so we want to make more confident predictions. We�re starting to look at modeling all of our player injury data from the past few seasons � that includes training, treatment and recovery data, even collision data from sensors the players wear. From there, we're building a model to predict if they�ll be injured again.
Deepak Advani: This is the same approach that oil companies and power plants are applying to their maintenance schedules. Whether it�s player injuries or mechanical breakdowns, it�s more effective to predict and prevent failures before they happen.
Leslie Ament: So where do you start? Which variables matter?
Rod Smith: It�s easy to look at the structured information and start there, but you really need a discovery model. Sometimes structured data doesn�t reveal anything useful. So you need to pull in other data and combine it to see if the new combination has value. Also, factors are going to change over time. Predictive analytics can help you manage uncertainty over time, but it's also an iterative process. You need to look at different indicators that you think will be useful at different times.
Deepak Advani: Sometimes you don�t know which variables will impact outcomes. But if the data is there, you should try it. A perfect example of this is the Memphis Police Department. They looked to see if there was a correlation between crime rates and phases of the moon, and the changes they made because of this insight helped reduce violent crime by 28 percent.
Andrew Shelton: Our focus is to prevent injuries and protect our players� physical welfare. So we look at every kind of variable � that adds up to 1,500 data points per player per day. It comes from GPS data collected during training, recovery from various therapies, game data and a lot more.
Leslie Ament: What steps do you take to help clients choose variables and get started?
Mark Wyllie: Every assessment begins with the same question: What are you trying to achieve? The Miami Dolphins were looking to optimize the fan experience. So we walked around the stadium for three games, one of which was a WrestleMania. We didn�t have any predefined ideas when we went in. We toured back of house operations, we talked to ushers, we simply paid attention to what was going on and took a lot of notes. Then we came up with recommendations for new signage and improving ingress/egress. The fan response was positive because they got into the stadium more quickly and team owners were happy because it meant fans bought concessions sooner, which meant they�d have more time to go back and buy more.
The challenge in sports is to keep fans coming back to the stadium. Teams need to preserve the value of their offering and offer fans experiences that they can�t get at home. In Miami, the Dolphins just rolled out a discount and loyalty card for season ticket holders. This gives them things like access to the field before the games, opportunities to meet the players, and a �Rookie Zone� that puts new fans closer to the field. All of these new new programs were driven by survey data.
Leslie Ament: Using social analytics and big data together can be very powerful. Can you cite some examples?
Deepak Advani: Remember, unstructured data isn�t just from social media. Consider call center records. Service providers have massive volumes of service records that have never been analyzed. But I know of one provider that cut customer churn from 90 percent to two percent. They did this by putting their unstructured customer data and churn data into a predictive model that connected the two data sets through customer ID numbers.
Rod Smith: Real-time data lets you �freshen up� your customer insights on a regular basis. You can monitor the performance of your messaging and stories. What are the latest things on your customers� minds? Those will change over time. The cost of doing this has dropped dramatically.
Leslie Ament: Where are social analytics and predictive technologies going? What should best practices be five years from now?
Rod Smith: Privacy is going to be an increasingly large concern. Companies can tap into what people are saying about their products, but the rules on acting on those insights are still unclear. This is a grey area; businesses don�t want to cross that line.
Deepak Advani: Consumers will exert increasingly more control over how they engage with companies. They�re going to engage with companies on their own terms, so companies will need to pay more attention to advocates and near-advocates, as well as to detractors and near-detractors. The marketing function will change � we used to spend our time getting people to buy products or handing off leads to sales. Now, though, customers say when they�re ready to buy. The new role for marketing will be to ensure customers get the experience they expected. Customer delight can fuel a cycle of advocacy. It�s a shift from customer acquisition to customer attraction.
Leslie Ament: How do organizations tackle the cultural challenges in making this big a change?
Deepak Advani: The value of predictive analytics resonates more with the business managers, but they can also be skeptical. Will this new tool take my job? Also, they�re not terribly interested in learning about linear regressions. You need to speak in their language.
Rod Smith: You need to find a believer and do a proof of concept. You need to present it as �informed intuition.� IT also needs to rethink its role. There�s a rebalancing of the relationship between business and IT going on. There are also new delivery methodologies to consider. Take cloud, for example. Sports teams don�t want to spend on IT infrastructure, they want to spend on things that help the team win and keep the fans coming back. Cloud capabilities take control out of IT�s hands.
Mobile discussions were ubiquitous in yesterday's IBM Information on Demand General Session--often focusing on the future of big data in the context of unstructured and mobile data combined with smarter analytics. The second half of the session focused on the "art of the possible" where big data and mobile meet in the context of a customer service scenario for a telecommunications company. I encourage you to check it out in the video below. Start around the 54 minute marker. It really inspires business and technology leaders to consider ways of improving value through customer-centric experiences. And it provides an example dashboard for a "Smart Call Center." See photo further below.
Also, I want to thank everyone who attended the Big data meets Mobile meetup yesterday in the IOD Connect Lounge. We discussed where the group was at in their big data and mobile strategies, biggest challenges, and most important priorities. Most of the discussion focused on:
The art of the possible when intersecting big data and mobile and existing client case studies
Developing a business case for how big data and mobile strategies can provide ROI for companies
Identifying the best opportunities for a big data and mobile strategy that makes sense for where their companies are at and want to be
Intersections between big data, mobile, and social media and how to convert this information into value for our customers
How to use big data and mobile in B2B contexts to bring value in a partner ecosystem model
We also discussed how we'd like to see even more and better focus on Mobile at IOD 2013. The group expressed the desire for more:
Sessions on developing business cases for big data and mobile strategies
Sessions for using mobile and big data in multi-channel delivery contexts where we can write once and deploy on Web, desktops, mobile, and beyond
Hands on labs for using features and functions available in analytics tools in mobile contexts
Sessions for best practices in managing client experiences across Mobile using analytics and insights
This feedback was great for making IOD even bigger and better next year! Look for exciting things to come! For now, if you're looking for more information on Big data and Mobile, try these sites:
This post was contributed by Luis Casco-Arias, Senior Market Manager for IBM Security.
In case you missed it, the culmination of the evolution of IT security is �Security Intelligence�. In this era of rapid data explosion, consumerization of IT, IT perimeter openness and expansion, and attack sophistication, IT organizations will not be able to keep up with the growing security and compliance requirements by using traditional approaches. The idea is that IT organizations have to partner with the Lines of Business to control security and compliance in a more automated, business context centric, holistic, and proactive manner. To address this goal, the industry is adopting the power of analytic engines, such as the ones provided by Security Information and Event Management (SIEM) solutions, to not only react quickly to incoming attacks, but also to predict and stop potential threats. These solutions analyze and correlate security and audit events from a myriad diverse systems and applications to come up with the relevant insights to protect against advanced threats. In doing so, they centralize, automate, and integrate a lot of the work that would have to be done by armies of highly skilled security engineers. However, their analysis is as good as the data that they are able to collect. When it comes to data access activity, the traditional sources tend to be database audit logs. Unfortunately, not only are these logs not real-time events, but they are highly susceptible to tampering. You need to enter the realm of data activity monitoring!
With data activity monitoring you get real-time alerts on relevant insights from data access. These solutions monitor all inbound and outbound traffic from any data source, including the metadata (such as session IDs, time, source and target IP addresses, etc) and the context (including the data itself or error return codes). The alerts are driven by preset policies and analysis, and can even proceed to blocking unwanted or suspicious traffic. These alerts can be sent to SIEM solutions for further correlation with other security alert sources across the enterprise. Some common use cases that generate data activity alerts include: failed logins to the data server, unauthorized access by privileged users, and SQL error codes due to SQL injection attack attempts or users trying to escalate privilege. This ensures that companies can react quickly to possible external or internal threats, preventing valuable sensitive data loss from breaches.
Companies also get additional benefits such as:
Centralized data activity auditing that does not affect the data source performance;
Reduced burden on performance, network bandwidth, and storage costs from off-loading in-depth data activity analysis and audit out of band from SIEM and data servers;
Additional scope for their SIEM implementation by leveraging the data activity monitoring solution�s range (caveat: look for one that expands beyond database support into unstructured data sources, like data warehouses, enterprise content management systems, file shares, and Big Data);
Key asset information that can also help SIEM systems make better policies and decisions with up to date information. (A good data activity monitoring and vulnerability assessment solution has a wealth of inside information about the data environment, including where the sensitive data is, who has access to it, and how susceptible the servers are).
As companies deal with data explosion and the extension of the perimeter beyond the enterprise boundaries, we will see an increased focus to protect data closer to the source. Complementing SIEM solutions with in-depth data activity monitoring will provide customers with a seamless extension of scope into data sources, benefiting customers not only with exceptionable accurate and actionable insight, but also with the cost benefits from off-loading the analysis to specialized tools. A vendor making this synergy a reality is IBM. Take note of our Security Intelligence vision with data activity monitoring.
Big opportunities for better outcomes dominated the opening general session as Information On Demand 2012 moved on to day two.
A kickoff video showcasing successful IBM customers Dillard's, Moneygram and Del Monte opened attendees' eyes to the transformative power of big data harnessed and acted upon.
First, attendees heard how retailer Dillard's improved customer relationships through a more effective CRM system and improved productivity across its multiple lines of business.
Next, they heard how money transfer leader Moneygram cut fraudulent transactions by 72 percent to save more than $62 million.
They also learned how Del Monte reduces risk and increases efficiency by applying predictive analytics to weather patterns and global trends.
Video concluded, host Jason Silva took the stage and once again provided a thoughtful, near-philosophical context to help attendees orient and attune themselves to the discussions to come throughout the day.
�We're living in a new cosmology,� he said. �A new computational universe of big data in which our thoughts, genes and behavior are reduced to bits churning through algorithmic computes. It's circuits and information flows, signal and noise.�
�When information is everything, we can understand how things really work.�
Hence, Big Opportunities.
Very little - perhaps none of this, though � would be possible without the precipitous drop in the cost of computing overall.
Thus began the presentation by Steve Mills, IBM Software & Systems Senior Vice President and Group Executive.
Mills proceeded to highlight some of the latest and biggest numbers from the big data universe. For example:
An expected 1.3 zettabytes of internet traffic by 2016.
500 terabytes processed by Facebook each day; 12 terabytes daily processed by Twitter.
40 terabytes per day generated by the large hadron collider at CERN.
24 terabytes crunched every day by Google.
From here, Mills furthered Robert Leblanc�s illustration of the resulting pressures on IT. Consider, for example:
The six billion mobile phones in the world (half of which are used by people with no access to electricity).
The 1 million wireless sensors for each 10 square kilometers of Shell Oil exploration projects.
An expected 420 million wearable or wireless health monitors in use by 2014, up from 12 million in 2012.
To make sense of such a maelstrom of machine and mobile data, Mills said organizations need multiple platform capabilities such as data visualization and discovery. Further, he said, they must be delivered from a flexible, adaptable platform built on open standards.
Mills went on to explain how though the challenges of big data may be new, the tools and techniques organizations can use to resolve them are not. Rather, he said, organizations will capitalize on the big opportunities by rethinking the things they�ve already done. Opportunities to increase efficiency, reduce waste, eliminate fraud and increase customer loyalty abound, as does the data. Mills even made the bold claim that U.S. national debt could be eliminated within a decade by applying better analytics to its myriad disbursement processes.
�To every challenge the data is there,� he said. �All that's required is for organizations to grasp the opportunity. Capitalizing on big data doesn�t require us to do anything other than raise our game in the things we�ve been doing for a long time. We�re not constrained by cost or technology.�
Drawing on IBM�s now 100-plus years in business, Mills left attendees with an encouraging thought: �We�ve been through these transitions before. This is right in our wheelhouse."
Mills then gave way to Fred Balboni, Global Leader for Business Analytics and Optimization, IBM Global Business Services, who both stressed the importance of acting on the new insights they gain from big data.
�Insight will be the next commodity,� he said. �All competitive enterprises will find new insights in their data.�
�The difference will be in acting on those insights. Once you know, what can you do, and how fast?�
Balboni previewed a world remade by big data and analytics in which no profession, industry or business function will be untouched. For example: no longer will CMOs simply manage agency relationships. They�ll be called upon to provide hard numbers. CFOs will cease to be scoreboard operators and assume the role of coach calling in the plays that move their organizations forward. CIOs will continue to obsess over technology, but will also need to change the way they interact with the business to ensure all functions can benefit from big data and analytics.
These transitions are shifting organzations' mindsets from focusing on tackling their biggest problems to seeking out their biggest opportunities.
"It's a very optimistic mindset," he said.
To demonstrate what's possible, Balboni welcomed to the stage two IBM customers who had taken these words very seriously indeed.
From JP Morgan Chase, Senior Vice President of Customer Analytics Adam Braff explained how big data and analytics are helping what is America�s largest bank better understand its customer interactions across its multiple channels. From information brokers Thompson Reuters, CIO Jerry Hope explained how a new analytics program was helping the company better integrate and leverage customer data and relationships and develop new products based on a 360-degree analysis of its 100 most important customers.
The session concluded with IBM Business Analytics General Manger Les Rechan taking the stage. The always energetic Rechan began his talk by calling attention to a recent Harvard Business Review article declaring data scientist as �the sexiest job of the 21st century.�
Rechan proceeded to explain how analytics is simply the starting point for organizations and that a strong IT-business partnership is essential to weaving analytics into every business process. �Data is the new oil,� he said. �Our job is to drill into an refine it, to turn insight into action. We need to move from data-rich, information-poor to data-rich, insight-pervasive.�
At the IBM Information on Demand (IOD) Conference in Las Vegas this week, I'm attending sessions focused on the growing trend of Mobile. One of the main gurus in this space is Tracy Hutcheson, IBM Client Architect for User Experience and User Interface Technology. As a Senior Technical Staff Member at IBM, Tracy works with a very intelligent team of IBMers to set strategy on how to manage heterogeneity across Web, Mobile, desktop platforms and more.
Our team interviewed him last night in the IOD Expo to hear more about some of the unique challenges and opportunities his team faces in the UI space today. See video below. An interesting point of discussion is how IBM is using Worklight to help with the "write once, deploy everywhere" goal in a way that allows developers to tap more deeply into device features such as Android, iOS, and Windows.
This post is written by John Burnham, Strategic Communications for IBM Security.
Last week, IBM Security announced the release 10 new products designed to help customers resolve security challenges as they leverage cloud services, mobility, and Big Data analytics. This is a major milestone, as it is the largest release of new and improved products since the Security Systems division was created just one year ago.
At the risk of sounding like I�m bragging, I wanted to share with you what some leading analysts have said about our news:
"Within relatively few years compared to some security leaders, IBM has built a remarkably comprehensive portfolio of security products and services. Its longstanding leadership in identity and access management and landmark research in areas such as cryptography was significantly augmented in network security, threat research and security services. The company has added market-leading assets in application security, highly flexible endpoint management and, most recently, security information and event management (SIEM). When security intelligence is combined with resources from Cognos and InfoSphere Streams in information management, to assets such as Algorithmics, SRD and i2 in risk management and intelligence, the IBM portfolio is both one of the most dominant, as well as one of the most forward-looking, in the industry." --Scott Crawford, Enterprise Management Associates
�With the formation of divisions focused on security software and services, IBM now provides an end-to-end product and services portfolio and is quickly establishing a position of security technology leadership.� --Jon Oltsik, Enterprise Strategy Group
�Since the formation of IBM�s new Security Systems division late in 2011, IBM has moved with alacrity to integrate its once dispersed and highly fragmented security portfolio and to create greater value for its customers through that integration.� --Paula Musich, principal analyst, Enterprise Security at Current Analysis
As perimeters become optimized for data security the need for integrated analytics becomes paramount due to the massive amounts of data being collected. Whether for compliance, defending against APTs, data loss, fraud, or all of the above, applying security intelligence to what could be the security industry�s largest portfolio of products, services and solutions, is gaining traction. Stay tuned for more, a lot more!
Watch this video to learn more about "Security without Boundaries".