Brave New World

It’s difficult to remember what life was like without the ubiquitous presence of the Internet in our daily lives. Remember that it’s only been 25 years since concepts such as e-Business, Chief Information Officers and the Internet began to emerge.  I was thinking about how new all of this digital technology is to the human race as I took the trash out this morning. One bag was a corn-based bag distributed by the city of London full of compost. Another was a paper bag full of a wide variety of cardboard, paper and recyclable plastics, and the third was a typical trash bag full of everything else. I deposited each bag in the appropriate colour bin, each destined for a different process.

A clear, easy and government-supported process for separating and routing different types of trash reminds me that people are capable of changing individual behaviour for the sake of collective long term health and security. But it also reminds me that a behaviour change on this scale takes generations. In the 1970’s, my family had our own compost pile in the back yard and we’d have to pile cardboard and empty soda cans into the back of our car and drive 30 minutes to find a recycling centre. Forty years later government has finally made it easy for me to do my part.

In comparison to the recycling movement, the Internet is relatively young. And yet we are rushing to embed it into every corner of our lives. “The Internet of things,” has become a common buzz phrase now that TVs, cars and refrigerators can provide information about themselves via a network connection. The benefits of a network connection seem clear. TVs that can access the Internet can provide a wider range of programming. Cars can notify owners and dealers of problems, and refrigerators can suggest a shopping list. But the risks associated with so many things connected to the Internet are much less clear.

Whether the technical details of these risks seem confusing or it’s all still too new, most people, and in particular most business and government leaders, are way behind the curve. This means that products and services being marketed to you are not adequately designed to keep your information, your transactions or you safe and governments have yet to devise strategies to regulate on your behalf.

After over 20 years in IT I can say definitively no-one yet can see the full picture of cyber security.  As with the recycling movement, you can bet it’s going to take decades before we truly understand the scope of these problems and design appropriate solutions. So what to do in the mean time? Educate and protect yourself. What’s more, just like my parents had to drive 30 minutes to dispose of our recyclables back in the 70’s, you are going to have to go the extra mile yourself for a while too. 

There are two web sites I highly recommend to help defend yourself against those capable of stealing your identity, your credit card information or worse. The first is KrebsOnSecurity.com where Brian Krebs, a former Washington Post journalist, keeps an eye on major cyber security breaches. In the last few months he’s featured stories on breaches at the California DMV, Target, Experian as well as vulnerabilities discovered in Microsoft and Android products. Following this blog will keep you up to date on major events and breaches that threaten your privacy and financial health. 

I also recommend Consumer Report's pages dedicated to Internet security. (http://www.consumerreports.org/cro/electronics-computers/guide-to-internet-security/index.htm) There are literally dozens of topics to browse with tips to keep your devices and personal information secure while navigating the Internet. Unfortunately, there are literally hundreds of ways that we are exposed by simply engaging in activities that have become an integral part of daily life for many of us. Until big companies and the government catch up, it is critical to be proactive and safeguard yourself and your family. 

Paper of the Year Award - Aligning IT with Business Strategy

I am delighted to be awarded Paper of the Year from Business Information Review (BIR) for my 2013 effort on aligning IT project spend with business alignment. BIR have been kind enough to make the article available for free via their publisher’s website, which you can find here. In the paper, which I wrote with teammates of mine from the IT team at Tullow Oil*, we highlight the importance of allowing people’s judgement back into the equation when considering IT project Return on Investment. I think this is one of the most important implications of Peter Drucker’s writings on the knowledge worker and the knowledge economy. Essentially, there is value to be gained by trusting the judgement of the experts you hire and in building systems that allow them to influence business decisions.

It is folly to chase a scientific calculation of return on investment too far, particularly in the IT world. IT is changing so fast with risks and opportunities not only appearing and disappearing at lightning speed, but also often switching places suddenly. Perhaps ironically, in the incredibly fluid world of IT, human judgement is critical with every step.

The paper led me to a series of conversations with the project management team at PA Consulting here in London and in those conversations we talked about the importance of human judgement in the context of project benefit realisation. Some business benefits can be measured directly, such as when an IT project automates a previously manual and time consuming process. But other projects deliver systems which are designed to improve decision making. Sometimes this can be incredibly hard to observe directly and quantify. But it’s easy to simply trust your experts and ask them the question: does this system make your decision making better? If you’ve spent a load of money recruiting and hiring these people, surely their subjective opinions are worth something? You can see a write up here reflecting one of the conversations we had in which the consensus was that you absolutely should accept subjective input as at least part of the overall benefits-realised assessment.

*It's important to note that the opinions and attitudes expressed in this blog are my own and do not reflect the views and opinions of Tullow Oil. 

In Defense of Micromanagement

In 2009, I was leading a company-wide Knowledge Management (KM) program for a global, civil engineering and consulting firm. During that time, I became increasingly aware of how dependent successful KM is on basic, long-standing business management best practices. Things like good performance metrics, experienced managers and a culture which supports process discipline are essential underpinnings for any successful KM initiative or system. In good times, sexy ideas like innovation management and knowledge management seem like good foundations for competitive advantage. But when conditions start to go sour, you begin to see where good times have led to complacency, where corners were cut and where best practices were ignored. And in the cold light of difficult business conditions, it becomes clear that without basic best practices being embraced, investment in what we've come to know as knowledge management is actually a dramatic waste of energy. 

As these thoughts began to crystalize for me, I wrote an article called Ignorance Management which was published in Business Information Review Journal (BIR). The article encourages companies to swtich from thinking about knowledge management to investing in uncovering pockets of ignorance amongst their management team. Response to the article was mixed. Some liked it, some thought it was pessimistic. 

But with permission from BIR, I've re-published the article here. Because as uncomfortable as the article makes some feel, nowhere is the reality check that it encourages more critical than in managment of IT functions today. Technology changes so fast and in so many different directions that its very difficult to have an accurate understanding of what a piece of software does or doesn't do, or how a device acheives what the sales person promises it will. Accordingly a company hires technologists to handle these things, from our e-mail systems to our security systems. But managing teams of technologists is incredibly tricky as you can't simply take their word for it that everything is OK. You've got to develop a management team that is educated enough to understand what "good" looks like and what risk looks like at a fairly granular level. That management layer has got to delve into what the technologists are doing enough to be able to draw straight lines between their daily activities and the value that the technology they oversee should be bringing to your company's bottom line. 

I know micromanagement has gotten a bad rap for good reasons. But don't throw the baby out with the bathwater. Insisting you should do or re-do your employee's work or even insist that it be done exactly the way you want it done is going too far and will ultimately cause serious problems in your team, granted. But taking your hands off the wheel and letting go of insisting that you understand what your employees do or of evaluating their results through reviews and audits in the name of trusting them is 180 degrees from wrong.