May 29, 2012

A Unique Opportunity For IT Leaders

So much of what I blog about revolves around IT leadership -- how I see people being successful in these -- errr, interesting -- times.

SanjayEMC is wonderfully fortunate to be able to draw from the practical experiences of our own EMC IT organization, led by our CIO Sanjay Mirchandani.  

Sanjay's story around how he is leading a continual transformation of our IT function has proven to be deeply productive for EMC's customers and partners.  

And it just gets better over time.

At EMC World 2012, Sanjay took the stage for an hour.  He not only recapped the highlights of the journey so far, but laid out the next few years of IT evolution at EMC.

I'm watching it, and going through the companion slides.  It's compelling content for *anyone* interested in strategic IT transformation at any level.  Yes, it's an hour long -- but it's probably the most compelling hour on the topic I've ever seen anywhere.  Highly recommended.

Find the video here.  Download his powerpoint slides and click along here.

Posted at 01:23 PM in Big Data, EMC World 2012, IT Leadership, security, the new user | | Comments (1) | TrackBack (0)

|

March 05, 2012

Trust In IT: The Business Perspective

CyberpasswordIt's the week after the landmark RSA Security Conference, and cyber security is justifiably very much on everyone's mind.

The picture today is not pretty: the bad guys appear to be organized for success, and their intended victims are generally not.

For me, the RSA Conference gave me a good overview of where we are towards closing the currently wide gap -- and a sobering reminder of the work that lies ahead.

Continue reading "Trust In IT: The Business Perspective" »

Posted at 01:23 PM in Big Ideas (hopefully ...), EMC Viewpoint, IT Leadership, security | | Comments (0) | TrackBack (0)

|

January 17, 2012

Creating Actionable Intelligence: The Brave New World Of Information Security


CloudsIf you've been paying attention in the security world, you'll probably sense that a sea-change is well underway. The forces behind the "perfect storm" are assembled and quickly gathering strength.

More information in more places. Higher-value information targets.  And an increasingly sophisticated and well-funded set of opponents using APT techniques to secure their prize. 

Most people chartered with responding are very much aware of the new challenges -- but what to do?   

While there are no simplistic answers, there is a clear consensus emerging that this is no mere matter of better technology; it requires a deep and thoughtful organizational response -- a new way of doing things in the new world. 

The latest evidence comes from the SBIC -- the Security for Business Innovation Council --  in their new report "Getting Ahead Of Advanced Threats: Achieving Intelligence-Driven Information Security". The SBIC is a subset of very bright and passionate security leaders in Fortune 1000 settings that regularly gather to make strategic recommendations for the community at large.  

Sponsored by RSA, we've seen a number of useful reports on relevant and topical corporate information security subjects. This one is worth reading -- simply because it sketches out a roadmap of how security leaders will need to go about building their new organizational response in this new world. 

Like anything else, the challenge essentially boils down to organizing for success around a few new principles.

Continue reading "Creating Actionable Intelligence: The Brave New World Of Information Security " »

Posted at 09:14 AM in Big Data, Big Ideas (hopefully ...), EMC Viewpoint, IT Leadership, security | | Comments (1) | TrackBack (0)

|

November 17, 2011

Worker Safety In The Information Age

Information_workerThe modern economy is increasingly built on a cadre of knowledge workers who consume and process enormous amounts of information. 

But these information-intense models are not without their risks, as we are continually reminded.

One of the big stories of 2011 was the rise of APTs -- advanced persistent threats -- that are causing us to re-think many long-held precepts around information security.  There are new security philosophies emerging; new process and tools -- and new focus areas to consider

As Art Coviello put it so eloquently in his RSA keynote -- "people are the new perimeter".  But how do we arm our knowledge workers to handle information -- in all its forms -- safely?

Rather than scratch our heads and wonder how best to close this seemingly brand-new proficiency gap, I think it's useful to review how earlier "trade" industries -- manufacturing, construction, shipbuilding, etc. -- identified this particular problem, and created the foundational methodologies to manage worker safety in an earlier age.

We often forget than seemingly new problems have sometimes been solved before, just in a different context.  

And this might be just such an example.

Continue reading "Worker Safety In The Information Age" »

Posted at 02:01 PM in Big Ideas (hopefully ...), IT Leadership, security | | Comments (0) | TrackBack (0)

|

September 13, 2011

New Security Thinking For A New World

Steps As an armchair student of the big transitions that happen in the IT industry, I've learned that the hard part is getting your mind wrapped around a relatively new perspective.  We, as technologists, tend to focus on how things work, rather than what they might mean. 

For example, the internet isn't really about packets and DNS so much; it's about what can happen when connectivity becomes ubiquitous.   Tablets and smartphones are really about when consumption becomes ubiquitous as well.

Cloud isn't about sterile NIST definitions, it's what happens when IT organizations realize they're no longer a monopoly and have to compete for the business.  

Big data isn't a capacity problem; it's really about learning a new form of creating value from massive amounts of information. 

Get the right perspective on a specific transition, the rest becomes mostly a matter of evangelism  and execution.  Fail to get the right perspective, and you won't make much progress at all.

And so I enjoyed reading the recent findings of the RSA-sponsored Advanced Threat Summit.  

Continue reading "New Security Thinking For A New World" »

Posted at 10:35 AM in Big Data, EMC Viewpoint, security | | Comments (1) | TrackBack (0)

|

August 03, 2011

When Big Data Met Security: Is The New Era Beginning?

Two powerful IT mega-trends appear to be combining in an interesting and powerful way.

One highly visible trend is the rise of APTs: advanced persistent threats.  These newer attacks have routinely defeated traditional approaches to information security, and show no sign of abatement.

The other power trend is the amazing power of analytics-at-scale in the hands of data scientists.  I continue to be fascinated by the dazzling potential here.

Could the stunning power of big data be part of the answer to the new class of advanced threats?

Continue reading "When Big Data Met Security: Is The New Era Beginning?" »

Posted at 10:33 AM in Big Data, Big Ideas (hopefully ...), EMC Viewpoint, Information Infrastructure, IT Leadership, security | | Comments (1) | TrackBack (0)

|

August 02, 2011

APTs: Assume You Are Compromised

APT_checklist Today's must-read gem is the latest report from the SBIC -- the Security for Business Innovation Council.  

If you're not familiar, the SBIC is an RSA-sponsored group of information security leaders spanning the Global 1000.  Periodically, they issue far-reaching perspectives on the state of information security in corporate environments.

This is the eighth report in the series, and the topic is undoubtedly the one that's on everyone's minds: When Advanced Persistent Threats Go Mainstream

I got my hands on a review copy.  It's more than a good read -- it's an essential read.

To be clear, this is not your typical vendor "white paper" that ends up being a thinly-veiled pitch for whatever they're selling; by comparison, this document is a hard-hitting and sobering 25-page study of the new threat profile, and -- more importantly -- what needs to be done organizationally to compensate.

The headline from the press release gets right to the point -- assuming that you are compromised already, how do you minimize the damage?  

APT_chart Although I'm not a fan of the-world-is-ending headlines (especially when it comes to security), it might be somewhat justified in this case. 

From my perspective, APTs and the related discussion represents perhaps the single most important shift in information security thinking in the last few decades.  

As such, this ends up on my "must-read" list for just about everyone.

Many of the recommendations here stretch far outside the traditional security domain -- affecting existing functions and making a strong case for investment in new ones.  It's a brave new world.

What I found especially fascinating was the real-world color from the people in charge of securing information assets at some of the largest organizations in the world.  It's obvious -- they're concerned.  As perhaps you should be as well.

This is not light summer reading -- but it is important.  

I hope you can find some time to read it.

Posted at 09:09 AM in IT Leadership, security | | Comments (0) | TrackBack (0)

|

June 22, 2011

Harris: What It Takes To Build A Trusted Cloud

If you've been following the whole VCE-enabled service provider story, you'll recall that Harris Corporation was one of first (and perhaps most enthusiastic) Vblock adopters.

Slide8 They've built on Vblocks -- and other technologies from V,C and E -- to offer up an extremely well-positioned service: the Harris Trusted Enterprise Cloud.  Their proposition was simple: the Harris cloud has the foundation to be more secure and more trusted than anything most enterprise IT organizations could do themselves.

Since its announcement, I've always wanted to know more about the details: what made it different, and who were the key people behind the offering.  

This week, I was fortunate enough to have an extended conversation with Wyatt Starnes, VP of Advanced Concepts at Harris' Cyber Integrated Solutions division.  

By the way, I think Wyatt has me beat in the Cool Job Title competition.

Wyatt is not only one of the lead actors in this story, he's a wealth of compelling insight.  

Fasten your seatbelts and hang on ...

Continue reading "Harris: What It Takes To Build A Trusted Cloud" »

Posted at 12:37 PM in Big Ideas (hopefully ...), Customer Engagements, EMC Viewpoint, IT Leadership, Private Clouds, security | | Comments (1) | TrackBack (0)

|

April 04, 2011

RSA Acquires NetWitness

Newer forms of advanced persistent threats (APTs) are very much on my mind these days.  Maybe they should be on your mind, too.

Over the weekend, RSA's Uri Rivner posted some very sobering details ("Anatomy Of An Attack") regarding EMC's recent experience.  I don't often do this, but -- please -- go read this post.

I'd encourage you to resist the usual human tendency to assume that someone made a huge mistake (not true), or the people involved might be incompetent (they most definitely aren't) or that -- somehow -- the circumstances don't apply to you or your organization. .

I am told that one of the key actors in this episode was EMC IT's use of NetWitness to detect and isolate the attack while it was occurring.  Lest you assume this was some sort of cause-and-effect scenario, the business discussions were well advanced at the time of the event.

From an IT security perspective, I think we live in a new era.  And anyone who purports to have a simplistic answer really doesn't understand the magnitude of the challenge.

You can learn more here.

Posted at 09:17 AM in EMC Viewpoint, security | | Comments (0) | TrackBack (0)

|

February 14, 2011

Enabling Trust In The Cloud

Frequently, I have the privilege of writing about big ideas -- and big announcements.  

Today's post worries me a bit.  Frankly, I'm concerned I won't be able to do full justice to the topic at hand.

At its essence, today's post is about three things: a big trend, a big challenge -- and a big solution.

Continue reading "Enabling Trust In The Cloud" »

Posted at 02:02 PM in Big Ideas (hopefully ...), EMC Viewpoint, Private Clouds, security | | Comments (7) | TrackBack (0)

|

Next »

Chuck Hollis


  • Chuck Hollis
    VP -- Global Marketing CTO
    EMC Corporation
    @chuckhollis

    Chuck has been with EMC for 17 years, most of them great.

    He enjoys speaking to customer and industry audiences about a variety of technology topics, and -- of course -- enjoys blogging.

    He lives in Holliston, MA with his wife, three kids and four dogs when he's not travelling. In his spare time, Chuck is working on his second career as an aging rock musician.

    Warning: do not buy him a drink when there is a piano nearby.

Search

Useful Pages

Recent Comments

Categories

Archives

More...

Subscribe to this blog's feed

General Housekeeping

  • Frequency of Updates
    I try and write something new 1-2 times per week; less if I'm travelling, more if I'm in the office. Hopefully you'll find the frequency about right!
  • Comments and Feedback
    I'm going to be approving comments before they get posted here. Any information you can share about who you are, how to contact you, what you do for a living, etc. would very much be appreciated.

Interesting books for the cognoscenti

Twitter Updates

    follow me on Twitter