Thursday, March 4, 2021

How to gain advanced cyber resilience and recovery across the IT ops and SecOps divide

 

Cyber attacks are on the rise, harming brands and supply chains while fomenting consumer and employee distrust -- as well as leading to costly interruptions and service blackouts.

At the same time, more remote workers and extended-enterprise processes due to the pandemic demand higher levels of security across all kinds of business workflows.

Stay with us now as the next BriefingsDirect discussion explores why comprehensive cloud security solutions need to go beyond on-premises threat detection and remediation to significantly strengthen extended digital business workflows.

Listen to the podcast. Find it on iTunes. Read a full transcript or download a copy.

To learn more about ways to shrink the attack surface and dynamically isolate process security breaches, please join Karl Klaessig, Director of Product Marketing for Security Operations, at ServiceNow, and E.G. Pearson, Security Architect at Unisys. The discussion is moderated by Dana Gardner, Principal Analyst at Interarbor Solution.

Here are some excerpts:

Gardner: Karl, why are digital workflows so essential now for modern enterprises, and why are better security solutions needed to strengthen digital businesses?

Klaessig: Dana, you touched on cyber attacks being on the rise. It’s a really scary time if you think about MGM Resorts and some of the really big attacks in 2020 that took us all by surprise. And 23 percent of consumers have had their email or social media accounts hacked, taken over, or used. These are all huge threats to our everyday life as businesses and consumers.

Klaessig
And when we look at so many of us now working from home, this huge new attack surface space is going to continue. In a recent Gartner chief financial officer (CFO) survey, 74 percent of companies have the intent to shift employees to work from home (WFH) permanently.

These are huge numbers indicating a mad dash to build and scale remote worker infrastructures. At the end of the day, the teams that E.G. and I represent, as vendors, we strive hard to support these businesses as they seek to scale and address an explosive impact for cyber resilience and cyber operations in their enterprises.

Gardner: E.G., we have these new, rapidly evolving adoption patterns around extended digital businesses and workflows. Do the IT and security personnel, who perhaps cut their teeth in legacy security requirements, need to think differently? Do they have different security requirements now?

IT security requirements rise

Pearson: As someone who did cut their teeth in the legacy parts, I say, “Yes,” because things are new. Things are different.

Pearson
The legacy IT world was all about protecting what they know about, and it’s hard to change. The new world is all about automation, right? It impacts everything we want to do and everything that we can do. Why wouldn’t we try to make our jobs as simple and easy as possible?

When I first got into IT, one of my friends told me that the easiest thing you can do is script everything that you possibly can, just to make your life simpler. Nowadays, with the way digital workflows are going, it’s not just automating the simple things -- now we’re able to easily to automate the complex ones, too. We’re making it so anybody can jump in and get this automation going as quickly as possible.

Gardner: Karl, now that we’re dealing with extended digital workflows and expanded workplaces, how has the security challenge changed? What are we up against?

Klaessig: The security challenge has changed dramatically. What’s the impact of Internet of things (IoT) and edge computing? We’ve essentially created a much larger attack surface area, right?

What’s changed in a very positive way is that this expanded surface has driven automation and the capability to not only secure workflows but to collaborate on those workflows.

We have to have the capability to quickly detect, respond, and remediate. Let’s be honest, we need automated security for all of the remote solutions now being utilized – virtually overnight – by hundreds of thousands of people. Automation is going to be the driver. It’s what’s really rises to the top to help in this.

Gardner: E.G., one of the good things with the modern IT landscape is that we can do remote access for security in ways that we couldn’t before. So, for IoT, as Karl mentioned, we’re talking about branch offices -- not just sensors or machines.

We increasingly have a very distributed environment, and we can get in there with our security teams in a virtual sense. We have automation, but we also have the virtual capability to reach just about everywhere.

Pearson: Nowadays, IoT is huge. Operational technology (OT) is huge. Data is huge. Take your pick, it’s all massive in scope nowadays. Branch offices? Nowadays, all of us are our own branch office sitting at our homes.

Now, everybody is a field employee. The world changed overnight. And the biggest concern is how do we protect every branch office and every individual who’s out there? It used to be simpler, you used to create a site-to-site virtual private network (VPN) or you had communications that could be easily taken care of.

Everybody is now a field employee. The world changed overnight. And the biggest concern is how do we protect every branch office and every individual who's out there? The world is different.

Now the communication is open to everybody because your kids want to watch Disney in the living room while you’re trying to work in your office while your wife is doing work for her job three rooms down. The world is different.

The networks that we have to work through are different. Now, instead of trying to protect an all-encompassing environment, it’s about moving to more individual or granular levels of security, of protecting individual endpoints or systems.

I now have smart thermostats and a smart doorbell. I don’t want anybody attaching to those. I don’t need somebody talking to my kids through those things. In the same vein, I don’t need somebody attaching to my company’s OT environment and doing something silly inside of there. So, in my opinion, it’s less about the overarching IT environment, and more about how to protect the individuals.

Gardner: To protect all of those vulnerable individuals then, what are the new solutions? How are the Unisys Stealth and ServiceNow Platform coming together to help solve these issues?

Collaborate to protect individuals

Klaessig: Well, there are a couple of areas I’ll touch on. One is that Unisys has an uncanny capability to do isolation and initially contain a breach or threat. That is absolutely paramount for our customers. We need to get a very quick handle on how to investigate and respond. Our teams are all struggling to scale faster and faster with higher volume. So, every minute bought is a huge minute gained. Right out of the gate, between Unisys and ServiceNow, that buys us time -- and every second counts. It’s invaluable.

Another thing that's driving our solutions are the better ties between IT and security; there’s much more collaboration. For a long time they tended to be in separate towers, so to speak. But the codependences and collaborative drivers between Unisys and ServiceNow mean that those groups are so much more effective. The IT and security teams collaborate thanks to the things we do in the workloads and the automation between both of our solutions. It becomes extremely efficient and effective.

Gardner: E.G., why is your technology, Unisys Stealth for Dynamic Isolation a good fit with ServiceNow? Why is that a powerful part of this automation drive?

Pearson: The nice part about dynamic isolation is it’s just a piece of what we can do as a whole with Unisys Stealth. Our Stealth core product is doing identity-based microsegmentation. And, by nature, it flows into software-defined networking, and it's based on a zero trust model.

The reason that's important is, in software-defined networking, we're gathering tons of information about what's happening across your network. So, in addition to what’s happening at the perimeter with firewalls, you are able to get really good, granular information about what's happening inside of your environment, too.

We're able to gather that and send all of that fantastic information over the ServiceNow Platform to your source, whatever it may be. ServiceNow is a fantastic jumping point for us to be able to get all that information into what would have been separate systems. Now they can all talk together through the ServiceNow Platform.

Klaessig: To add to that, this partnership solves the issues around security data volume so you can prioritize accurately because you’re not inundated. E.G. just described the perfect scenario, which is that the right data gets into the right solution to enable effective assessment and understanding to make prioritizations on threat responses and threat actions based on business impact.

That huge but managed amount of data that comes in is invaluable. It’s what drives everything to get to prioritizing the right incidents.

Gardner: The way you're describing how the solutions work together, it sounds like the IT people can get better awareness about security priorities. And the security people can perhaps get insights into making sure that the business-wide processes remain safe.

Critical care for large communities

Klaessig: You’re absolutely right because the continuous threat prioritization and breach protection means that the protective measures have to go through both IT and security. That collaboration and automation enables not just the operational resilience that IT is driving for, but also the cyber resilience that the security teams want. It is a handshake.

That shared data and workloads are part of security but they reflect actual IT processes, and vice versa. It makes both more effective.  

Gardner: E.G., anything more to offer on this idea of roles, automation, and how your products come together?

Pearson: I wholeheartedly agree with Karl. IT and security can’t be siloed anymore. They can't be separate organizations.

IT relies on what security operations puts in play, and security operations can't do anything unless IT mitigates what security finds. So they can't act individually any more. Otherwise, it's like telling a football player to lace up their ice skates and go score a couple of goals.

IT relies on what security operations puts in play, and security operations can't do anything unless IT mitigates what security finds. So they can’t act individually any more. Otherwise, it’s like telling a football player to lace up their ice skates and go score a couple of goals.

Gardner: As we use microsegmentation and zero trust to attend to individual devices and users, can we provide a safer environment for sets of users or applications?

Pearson: Yes, we have to do this in smaller and smaller groups. It’s about being able to understand what those communities need and how to dynamically protect them. 

As we adjust to the pandemic and the humungous security breaches like we found at the end of 2020, protecting large communities can't be done as easily. It’s so much easier to break those down into smaller chunks that can be best protected.

Klaessig: It’s also around protecting best based on the applications. I think that has a big impact because you can say, “Hey, these are the applications critical for our customers and our organization.”  Therefore, anyone who has access to those, we monitor that much more closely, or they are automatically prioritized at the top of the queue if there's an incident.

We can group things out based on use and the impact to the business. And again, this all contributes to the prioritization and the response when we coordinate between the two solutions, Unisys and ServiceNow.

Gardner: So it’s an identity-driven model but on steroids. It's not just individual people. It's critical groups.

Klaessig: Well said.

Pearson: Yes.

Gardner: How can people consume this, whether you’re in IT, security personnel, or even an end user? If you're trying to protect yourself, how do you avail yourself of what ServiceNow and Unisys have put together?

Speed for bad-to-worse scenarios

Klaessig: The key is we target enterprises. That's where we work together and that's where ServiceNow workflows go. But to your point, nowadays I'm essentially a lone, solo office person, right? With that in mind, we need to remember those new best practices.

The appropriate workflows and processes within our collective solutions must reflect the actual individual users and processes. It goes back to our comments a couple of minutes ago, which is what do you use most? How often do you use it? When do you use it, and how critical is it? Also, who else is involved?

That’s something we haven’t touched on up until now -- who else will be impacted? At the end of the day, what is the impact? In other words, if someone just had a credential stolen, I need the quick isolation from Unisys based on the areas of IT impacted. I can do that in ServiceNow, and then the appropriate response puts a workflow out and it’s automated into IT and security. That’s critical. And that’s the starting point for the other processes and workflows.

Gardner: We now need to consider what happens when you inevitably face some security issues. How does the ServiceNow Security Incident Response Platform and Unisys Stealth come together to help isolate, reduce, and stifle a threat rapidly?

Pearson: The reason such speed is important is that many of you all have already been impacted by ransomware. How many of you all have actually seen what ransomware will do if left unchecked for even just 30 minutes inside of a network? It’s horrible. That to me, that is your biggest need.

Whether it is just a regular end-user or if it’s a full-scale, enterprise-level-type workflow, speed is a huge reason that we need a solution to work and to work well. You have to be fast to keep bad things from going really, really wrong.

One of the biggest reasons we have come together with Stealth doing microsegmentation and building small communities and protecting them is to watch the flow of what happens with whom across ports and protocols because it is identity based. Who’s trying to access certain systems? We’re able to watch those things.

As we’re seeing that information, we’re able to say if something bad is happening on a specific system. We’re able to show that weird or bad traffic flow is occurring, send that to ServiceNow and allow the automated operations to protect an end point or a server.

Because the process is automated, it brings the response down to less than 10 seconds, using automated workflows within ServiceNow. With dynamic isolation, we’re able to isolate that specific system and cut if off from doing anything else bad within a larger network.

That’s huge. That gives us the capability to take on something fast that could bring down an entire system. I have seen ransomware go 30 minutes unchecked, and it will completely ravage an entire file server, which brings down an entire company for three days until everything can be brought back up from the backups. Nobody has time for that. Nobody has time for the 30 minutes it took to do something silly to cost you three days of extra work, not to mention what else may come from that.

With our combined capabilities, Unisys Stealth provides the information we’re able send to the ServiceNow platform to have protection put in place to isolate and start to remediate within 10 seconds. That’s best for everybody because 10 seconds worth of damage is a whole lot easier to mitigate than 30 minutes’ worth.

Klaessig: Really well-said, E.G.

Gardner: I can see why 2+2=6 when it comes to putting your solutions together. ServiceNow gets the information from Stealth that something is wrong, but then you could put the best of what you do together to work.

Resolve to scale with automation

Klaessig: We do. And this leads us to do even more automation. How can you get to that discovery point faster, and what does that mean to resolve the problem?

And there’s another angle to this. Our listeners and readers are probably saying, “I know we need to respond quickly, and, yes, you’re enabling me to do so. And, yes, you’re enabling me to isolate and do some orchestration that ties things up to buy me time. But how do I scale the teams that are already buried beyond belief today to go ahead and address that?”

That’s a bit overwhelming. And here’s another added wrinkle. E.G. mentioned ransomware, and the scary part is in 2020 ransomware was paid 50 percent of the time versus one-third of the time in 2019. Even putting aside the pandemic and natural disasters, this is what our teams our facing.

It again goes back to what you heard E.G. and I touch on, which is automation of security and IT is what’s critical here. Not only can you respond consistently quicker, but you’ll be able to scale your teams and skills -- and that’s where the automation further kicks in.

Businesses can't take on this type of volume around security management with the teams they have in place today. That's why automation is so critical. As attacks escalate, they can't just go and add more people in time, right?

In other words, businesses can't take on this type of volume around security management with the teams they have in place today. That’s why automation is so critical. Comprehensive tooling increases detection on the Unisys side, and that gives them not only more time to respond but allows them to be more effective as well. As attacks escalate, they can’t just go ahead and add more people in time, right? This is where they need that automation to be able to scale with what they have.

It really pays off. We’ve seen customers benefit from a dollars and cents prospective, where they saw a 74 percent improvement in time-to-identify. And now 46 percent of their incidents are handled by automation, saving more than 8,700 hours annually for their teams. Just wrap your head around that. I mean, that’s just a huge advantage from putting these pieces together and automating and orchestration like E.G. has been talking about.

Gardner: Is it too soon, Karl, to talk about bots and more automation where the automation is a bit more proactive? What’s going to happen when the data and the speed get even more useful, but more compressed when it comes to the response time? How smart are these systems going to get?

Get people to do the right thing

Klaessig: The reality is, we’re already going there. When you think of machine learning (ML) and artificial intelligence (AI), we’re already doing a certain amount of that in the products.

As we leverage more of the great data from Unisys, it drives who can resolve those vulnerabilities because they have a predetermined history of dealing with those types of vulnerabilities. That’s just an example of being able to use ML to align the right people to the right resolution. Because, at the end of the day, it still comes down to certain people doing certain things and it always will. But we can use that ML and AI to put those together very quickly, very accurately, and very efficiently. So, again, it takes that time to respond down to seconds, as E.G. mentioned.

Gardner: Are we going to get to a point where we simply say, “J.A.R.V.I.S., clean up the network”?

Pearson: I hope so! Going back to my old days of being an admin, I was an extremely lazy admin. If I could have just said, “J.A.R.V.I.S., remediate my servers,” I would have been all over it.

I don’t think there’s any way we can’t move toward more automation and ML. I don’t necessarily want us to get to the point where Skynet is not going to delete the virus, saying, “I am the virus.” We don’t need that.

But being able to automate helps overcome the mundane, such as resetting somebody’s password and being able to pull a system offline that’s experiencing some sort of weird whatever it may be. Automating those types of things helps everybody go faster through their day because if you’re working a helpdesk, you’ve already gotten 19 people with their hair on fire begging for your attention.

If you could cut off five of those people by automating and very easily allowing some AI to do the work for you, why wouldn’t you? I think their time is more valuable than the few dollars it’s going to cost to automate those processes.

Klaessig: That's going to be the secret to success in 2021 and going forward. You can scale, and the way you're going to scale is to take out those mundane tasks and automate all of those different things that can be automated.

As I mentioned, 46 percent of the security incidents became automated for our customer. That's a huge advantage. And at the end of the day, putting J.A.R.V.I.S. aside, the more ML we can get into it, the better and more repeatable the processes and the workflows will be -- and that much faster. That's ultimately what we're driving toward as well.

Gardner: Now that we understand the context of the problem, the challenges organizations face, and how these solutions come together, I'm curious at how this actually gets embedded into organizations? Is this something that security people do, that the IT people do, that the helpdesk people do? Is it all of the above?

Everybody has role to reap benefits

Pearson: The way we usually get this going is there needs to be buy-in from everybody because it's going to touch a lot of folks. I'm willing to bet Karl's going to say similar things. It's nice to have everybody involved and to have everybody's buy-in on this.

It usually starts for us at Unisys with what we're doing with microsegmentation and with a networking and security group. They need to talk to be able to get this rolled out. We also need the general IT folks because they're going to have to install and get this rolled out to endpoints. And we need the server admins involved as well.

At the end of the day, this goes back to being a collaborative opportunity ... for IT and security to join together. These solutions benefit both teams and can piggyback on investments they have already made elsewhere.

When it comes down to it, everybody's going to have to be involved a little bit. But it generally starts with the security folks and the networking folks, saying, “How can I protect my environment just a little bit more than I was before?” And then it rolls from there.
 

Klaessig: I agree. At the end of the day, this goes back being a collaborative opportunity. In other words, when we look at this, this is the opportunity for IT and security to join together. These solutions really benefit both teams. And oftentimes, it actually can piggyback on investments they've already made elsewhere.

And that's a big advantage as well. Going forward, I strongly believe in -- and I've seen the results of this -- being a driver toward greater collaboration. It is that type of deployment and should be done in that manner. And then quite frankly, both organizations reap the benefits.

Thursday, February 18, 2021

How HPE Pointnext ‘Moments' provide a proven critical approach to digital business transformation


T
he next edition of the BriefingsDirect Voice of Innovation video podcast series explores new and innovative paths for businesses to attain digital transformation.

Even as a vast majority of companies profess to be seeking digital business transformation, few proven standards or broadly accepted methods stand out as the best paths to take.

And now, the COVID-19 pandemic has accelerated the need for bold initiatives to make customer engagement and experience optimization an increasingly data-driven and wholly digital affair. 

Listen to the podcast. Find it on iTunes. Read a full transcript or download a copy. View the video.


S
tay with us here to welcome a panel of experts as they detail a multi-step series of “Moments” that guide organizations on their transformations. Here to share the Hewlett Packard Enterprise (HPE) view on helping businesses effectively innovate for a new era of pervasive digital business are our panelists:

The discussion is moderated by Dana Gardner, Principal Analyst at Interarbor Solutions.

Here are some excerpts:

Gardner: Craig, while some 80 percent of CEOs say that digital transformation initiatives are under way, and they’re actively involved, how much actual standardization -- or proven methods -- are available to them? Is everyone going at this completely differently? Or is there some way that we can help people attain a more consistent level of success?

Partridge: A few things have emerged that are becoming commonly agreed upon, if not commonly executed upon. So, let’s look at those things that have been commonly agreed-upon and that we see consistently in most of our customers’ digital transformation agendas.

Partridge
The first principle would be – and no shock here -- focusing on data and moving toward being a data-driven organization to gain insights and intelligence. That leads to being able to act upon those insights for differentiation and innovation.

It’s true to say that data is the currency of the digital economy. Such a hyper-focus on data implies all sorts of things, not least of all, making sure you’re trusted to handle that data securely, with cybersecurity for all of the good things come that out of that data. 

Another thing we’re seeing now as common in the way people think about digital transformation is that it’s a lot more about being at the edge. It’s about using technology to create an exchange value as they transact value from business-to-business (B2B) or business-to-consumer (B2C) activities in a variety of different environments. Sometimes those environments can be digitized themselves, the idea of physical digitization and using technology to address people and personalities as well. So edge-centric thinking is another common ingredient.

The third element that’s becoming increasingly common and which underpins digital ambition is the need for greater agility in the way technology is brought into organizations and assembled to build new digital products and experiences. That means shifting organizations rapidly into a cloud-enabled future. Not just establishing the right cloud-use baseline, in terms of platforms and services that IT run, but also increasingly bringing in the development community as well.  And that requires making sure that they’re all coordinated strategically to leverage the cloud in a way that benefits the agility agenda of the organization.


These may not form an exact science, in terms of a standardized method or industry standard benchmark, but we are seeing these common themes now iterate as customers go through digital transformation.

Gardner: It certainly seems that if you want to scale digital transformation across organizations that there needs to be consistency, structure, and common understanding. On the other hand, if everyone does it the same way, you don’t necessarily generate differentiation.

How do you best attain a balance between standardization and innovation?

Partridge: It’s a really good question because there are components of what I just described that can be much more standardized to deliver the desired outcomes from these three pillars. If you look, for example, at cloud-use-enablement, increasingly there are ways to become highly standardized and mobilized around a cloud agenda.

Moving toward containerization and leveraging microservices, or developing with an open API mindset, these are now pervasive principles in almost every industry. IT has to bring its legacy environment to play in all of that at high velocity and high agility.

And that doesn’t vary much from industry to industry. Moving toward containerization, for example, and leveraging microservices or developing with an open API mindset -- these principles are pervasive in almost every industry. IT has to bring its legacy environment to play in that discussion at high velocity and high agility. So there is standardized on that side of it.

The variation kicks in as you pivot toward the edge and in thinking about how to create differentiated digital products and services, as well as how you generate new digital revenue streams and how you use digital channels to reach your customers, citizens, and partners. That’s where we’re seeing a high degree of variability. A lot of that is driven by the industry. For example, if you’re in manufacturing you’re probably looking at how technology can help pinpoint pain or constraints in key performance indicators (KPIs), like overall equipment effectiveness, and in addressing technology use across the manufacturing floor.

If you’re in retail, however, you might be looking at how digital channels can accelerate and outpace the four-walled retail experiences that companies may have relied on pre-pandemic.

Gardner: Craig, before we drill down into the actual Moments, were there any visuals that you wanted to share to help us appreciate the bigger picture of a digital transformation journey?

Partridge: Yes, let me share a couple of observations. As a team, we engage in thousands of customer conversations around the world. And what we’re hearing is exactly what we saw from a recent McKinsey report.

There are number of reasons why seven out of 10 respondents in this particular survey say they are stalled in attaining digital execution and gaining digital business value. Those are centered around four key areas. First of all, communication. It sounds like such a simple problem statement, but it is so hard to sometimes communicate what is a quite complex agenda in a way that is simple enough for as many people as possible -- key stakeholders – to rally behind and to make real inside the organization. Sometimes it’s a simple thing of, “How do I visualize and communicate my digital vision?” If you can’t communicate really clearly, then you can’t build that guiding coalition behind you to help execute. 

A second barrier to progress centers on complexity, so having a lot of suspended, spinning plates at the same time and trying to figure out what’s the relationship and dependencies between all of the initiatives that are running. Can I de-duplicate or de-risk some of what I’m doing to get that done quicker? That tends to be major barrier.

The third one you mentioned, Dana, which is, “Am I doing something different? Am I really trying to unlock the business models and value that are uniquely mine? Am I changing or reshaping my business and my market norms?” The differentiation challenge is really hard.

The fourth barrier is when you do have an idea or initiative agenda, then how to lay out the key building blocks in a way that’s going to get results quickly. That’s a prioritization question. Customers can get stuck in a paralysis-by-analysis mode. They’re not quite sure what to establish first in order to make progress and get to that minimum valuable product as quickly as possible. Those are the top four things we see.

To get over those things, you need a clear transformation strategy and clarity on what it is you’re trying to do. As I always say before the digital transformation -- everything from edge, business model, how to engage with customers and clients, and through to a technology-as-assembly -- to deliver those experiences and differentiation you have to have a distinctive transformation strategy. It leads to an acceleration capability, getting beyond the barriers, and planning the digital capabilities in the right sequence.

You asked, Dana, at the opening if there are emerging models to accomplish all of this. We have established at HPE something called Digital Next Advisory. That’s our joined customer engagement framework, through which we diagnose and pivot beyond the barriers that we commonly see in the customer digital ambitions. So that’s a high-level view of where we see things going, Dana. 

Gardner: Why do you call your advisory service subsets “Moments,” and why have you ordered them the way you did?

Moments create momentum for digital

Partridge: We called them Moments because in our industry if you start calling things services then people believe, “Oh, well, that sounds like just a workshop that I’ll pay for.” It doesn’t sound very differentiated.

We also like the way it expresses co-innovation and co-engagement. A moment is something to be experienced with someone else. So there are two sides to that equation.

In terms of how we sequence them, actually they’re not sequenced. And that’s key. One of the things we do as a team across the world is to work out where the constraint points and barriers are. So think of it as a methodology.

And as with any good methodology, there are a lot of tools in the toolkit. The key for us as practitioners in the Digital Next Advisory service is to know what tool to bring at the right point to the customer.

As with any good methodology, there are a lot of tools in the toolkit. The key for us as practitioners in the Digital Next Advisory service is to know what tool to bring at the right point to the customer.

Sometimes that’s going to mean a communication issue, so let’s go solve for that particular problem first. Or, in some cases, it’s needing a differentiated technology partner, like HPE, to come in and create a vision, or a value proposition, that’s going to be different and unique. And so we would engage more specifically around that differentiation agenda.

There’s no sequencing; the sequencing is unique to each customer. And the right Moment is to make sure that the customer understands it is bidirectional. This is a co-engagement framework between two parties.

Gardner: All right, very good. Let’s welcome back Yara.

Schuetz: To reiterate what Craig mentioned, when we engage with a customer in a complex phenomenon such as digital transformation, it’s important to find common ground where we can and then move forward in the digital transformation journey specific to each of our customers.

Common core beliefs drive outcomes

We have three core beliefs. One is being edge-centric. And on the edge-centric core belief we believe that there are two business goals and business outcomes that our customers are trying to achieve.

In the top left, we have the human edge-centric journey, which is all about redefining customer experiences. In this journey, for example, the corporate initiative could mean the experiences of two personas. It could be the customer or the employees.

These initiatives are designed to increase revenues and productivity via such digital engagements as new services, such as mobile apps. And also to complement this human-to-edge journey we have the physical journey, or the physical edge. To gain insight and control means dealing with the physical edge. It’s about using, for example, Internet of things (IoT) technology for the environment the organization works in, operates in, or provide services in. So the business objective here in this journey consists of improving efficiency by means of digitizing the edge.

Complementary to the edge-centric side, we also have the core belief that the enterprise of the future will be cloud-enabled. By being cloud-enabled, we again separate the cloud-enabled capabilities into two distinct journeys.

The bottom right-hand journey is about modernizing and optimization. In this journey, initiatives address how IT can modernize its legacy environment with, for example, multi-cloud agility. It also includes, for example, optimization and management of services delivery, where different workloads should be best hosted. We’re talking about on-premises as well as different cloud models to focus the IT journey. That also includes software development, especially accelerating development. 

Schuetz

This journey also involves the development improvement around personas. The aim is to speed up time-to-value with cloud-native adoption. For example, calling out microservices or containerization to shift innovation quickly over to the edge, using certain platforms, cloud platforms, and APIs.

The third core belief that the enterprise of the future should strive for is the data-driven, intelligence journey, which is all about analyzing and using data to create intelligence to innovate and differentiate from competitors. As a result, they can better target, for example, business analytics and insights using machine learning (ML) or artificial intelligence (AI). Those initiatives generate or consume data from the other journeys.

And complementary to this aspect is bringing trust to all of the digital initiatives. It’s directly linked to the intelligence journey because the data generated or consumed by the four journeys needs to be dealt with in a connected organization with resiliency and cybersecurity playing leading roles resulting in interest to internal as well as external stakeholders. 

At the center is the operating model. And that journey really builds the center of the framework because skills, metrics, practices, and governance models have to be reshaped, since they dictate the outcomes of all digital transformation efforts.

So, the value chain in the heart of an organization needs to evolve in order to optimize existing offerings and to create new digital ones. And as you’ve probably already observed, by now, the four outside business journeys, they overlap in the middle, which I’ve just described as the intelligence operating model and trust piece.


These components build the enabling considerations that one must consider when you’re pursuing different business goals such as driving revenues, building productivity, or modernizing existing environments via multi-cloud agility. To put that all in the context of what many companies are really asking for right now is to put it in the context of everything-as-a-service. 

Everything-as-a-service does not just belong to, for example, the cloud-enabled side. It’s not only about how you’re consuming technology. It also applies to the edge side for our customers, and in how they deliver, create, and monetize their services to their customers.

Gardner: Yara, please tell us how organizations are using all of this in practice. What are people actually doing?

Communicate clearly with Activate

Schuetz: One of the core challenges we’ve experienced together with customers is that they have trouble framing and communicating their transformation efforts in an easily understandable way across their entire organizations. That’s not an easy task for them.

Communication tension points tend to be, for example, how to really describe digital transformation. Is there any definition that really suits my business? And how can I visualize, easily communicate, and articulate that to my entire organization? How does what I’m trying to do with technology make sense in a broader context within my company?

So within the Activate Moment, we familiarize them with the digital journey map. This captures their digital ambition and communicates a clear transformation and execution strategy. The digital journey map is used as a model throughout the conversations. This tends to improve how an abstract and complex phenomenon like digital transformation can be delivered as something visual and simple to communicate.

Besides simplification, the digital journey map in the Activate Moment also helps describe an overview and gives a structure of various influencing categories and variables, as well as their relationship with each other, in the context of digital transformation.

Besides simplification, the digital journey map in the Activate Moment also helps describe an overview and gives a structure of various influencing categories and variables, as well as their relationship with each other in the context of digital transformation. It provides our customers guidance on certain considerations, and, of course, all the various possibilities of the application of technology in their business. 

For example, at the edge, when we bring the digital journey map into the customer conversation in our Activate Moment, we don’t just talk about the edge generally. We refer to specific customer needs and what their edge might be.

In the financial industry, for example, we talk about branch offices as their edge. In manufacturing, we’re talking about production lines as their edges. If in retail, you have public customers, we talk about the venues as the edge and how – in times like this and the new normal – they can redefine experience and drive value there for their customers there.

Of course, this also serves as inspiration for internal stakeholders. They might say, “Okay, if I link these initiatives, or if I’m talking about this topic in the intelligence space, [how does that impact] the digitization of research and development? What does that mean in that context? And what else do I need to consider?”


Such inspiration means they can tie all of that together into a holistic and effective digital transformation strategy. The Activate Moment engages more innovation on the customer-centric side, too, by bringing insights into the different and various personas at a customer’s edge. They can have different digital ambitions and different digital aspirations that they want to prosper from and bring into the conversation.

Gardner: Thanks again, Yara. On the thinking around personas and the people, how does the issue of defining a new digital corporate culture fit into the Activate Moment?

Schuetz: It fits in pretty well because we are addressing various personas with our Activate Moment. For the chief digital officer (CDO), for example, the impact of the digital initiatives on the digital backbone are really key. She might ask, “Okay, what data will be captured and processed? And which insights will we drive? And how do we make these initiatives trusted?”

Gardner: We’re going to move on now to the next Moment, Align, and orchestrating initiatives with Aviviere. Tell us more about the orchestrating initiatives and the Align Moment, please.

Align with the new normal and beyond

Telang: The Align Moment is designed to help organizations orchestrate their broad catalog of digital transformation initiatives. These are the core initiatives that drive the digital agenda. Over the last few years, as we’ve engaged with customers in various industries, we have found that one of the most common challenges they encounter in this transformation journey is a lack of coordination and alignment between their most critical digital initiatives.


And, frankly, that slows their time-to-market and reduces the value realized from their transformation efforts. Especially now, with the new normal that we find ourselves in, organizations are rapidly scaling up and broadening out that their digital agenda.

As these organizations rapidly pivot to launching new digital experiences and business models, they need to rapidly coordinate their transformation agenda against an ever-increasing set of stakeholders -- who sometimes have competing priorities. These stakeholders can be the various technology teams siting in an IT or digital office, or perhaps the business units responsible for delivering these new experience models to market. Or they can be the internal functions that support internal operations and supply chains of the organizations.

We have found that these groups are not always well-aligned to the digital agenda. They are not operating as a well-oiled machine in their pursuit of that singular digital vision. In this new normal, speed is critical. Organizations have to get aligned to the conversation and execute on all of the digital agenda quickly. That’s where the Align Moment comes in. It is designed to generate deep insights that help organizations evaluate a catalog of digital initiatives across organizational silos and to identify an execution strategy that speeds up their time-to-market. 

Telang
So what does that actually look like? During the Align Moment, we bring together a diverse set of stakeholders that own or contribute to the digital agenda. Some of the stakeholders may sit in the business units, some may sit in internal functions, or maybe even on the digital office. But we bring them together to jointly capture and evaluate the most critical initiatives that drive the core of the digital agenda.

The objective is to jointly blend our own expertise and experience with that of our customers to jointly investigate and uncover the prerequisites and interdependencies that so often exist between these complex sets of enterprise-scale digital initiatives.

During the Align Moment, you might realize that the business units need to quickly recalibrate their business processes in order to meet the data security requirements coming in from the business unit or the digital team. For example, one of our customers found out during their own Align Moment that before they got too far down the path of developing their next generation of digital product, they needed to first build in data transparency and accessibility as a core design principle in their global data hub.

The methodology in the Align Moment significantly reduces execution risk as organizations embark on their multi-year transformation agendas. Quite frankly, these agendas are constantly evolving because the speed of the market today is so fast.

Our goal here is to drive a faster time-to-value for the entire digital agenda by coordinating the digital execution strategy across the organization. That’s what the Align Moment helps our customers with. That value has been brought to different stakeholders that we’ve engaged with.

The Align Moment has brought tremendous value to the CDO, for example. The CDO now has the ability to quickly make sense and -- even in some cases -- coordinate the complex web of digital initiatives running across their organizations, regardless of which silos they may be owned within. They can identify a path to execution that speeds up the realization of the entire digital agenda. I think of it as giving the CDO a dashboard through which they can now see their entire transformation on a singular framework.

We have found that the Align Moment delivers a lot of value for digital initiative owners. Because we work jointly across silos to de-risk, the execution pass implements that initiative whether it's technology risk, process risk, or governance risk.

We’ve also found that the Align Moment delivers a lot of value for digital initiative owners. Because we jointly work across silos to de-risk, the execution pass implements that initiative whether it’s a technology risk, process risk, or governance risk. That helps to highlight the dependencies between these competing initiatives and competing priorities. And then, sequencing the work streams and efforts minimizes the risk of delays or mismatched deliverables, or mismatched outputs, between teams. 

And then there is the chief information officer (CIO). This is a great tool for the CIO to take IT to the next level. They can elevate the impact of IT in the business, and in the various functions in the organization, by establishing agile, cross-functional work streams that can speed up the execution of the digital initiatives.

That’s in a nutshell what the Align Moment is about, helping our customers rapidly generate deep insights to help them orchestrate their digital agenda across silos, or break down silos, with the goal to speed up execution of their agendas.

Advance to the next big thing 

Gardner: We’re now moving on to our next Moment, around stimulating differentiation, among other things. We now welcome back Christian to tell us about the Advance Moment.

Reichenbach: The train-of-thought here is that digital transformation is not only to optimize businesses by using technology. We also want to emphasize that technology is used to transform businesses by leveraging digital technology.

Reichenbach

That means that we are using technology to differentiate the value propositions of our customers. And differentiation means, for example, new experiences for the customers of our customers, as well as new interactions with digital technology.

Further, it’s about establishing new digital business models, gaining new revenue streams, and expanding the ecosystem in a much broader sense. We want to leverage technology to differentiate the value propositions of our customers, and differentiation means you can’t do whatever one is doing by just copycatting, looking to your peers, and replicating what others are doing. That will not differentiate the value proposition.

Therefore, we specifically designed the Advance Moment where we co-innovate and co-ideate together with our customers to find their next big thing and driving technology to a much more differentiated value proposition.

Gardner: Christian, tell us more about the discreet steps that people need to do in order to get through that stimulating of differentiation.

Reichenbach: Differentiation comes from having new ideas and doing something different than in the past. That’s why we designed the Advance Moment to help our customers differentiate their unique value proposition.

The Advance Moment is designed as a thinking exercise that we do together with our customers across their diverse teams, meaning product owners, technology designers, engineers, and the CDO. This is a diverse team thinking about a specific problem they want to solve, but they shouldn’t think about it in isolation. They should think about what they do differently in the future to establish new revenue streams with maybe a new digital ecosystem to generate the new digital business models that we see all over the place in the annual reports from our customers.

Everyone is in the race to find the next big thing. We want to help them because we have the technology capabilities and experience to explain and discuss with our customers what is possible today with such leading technology as from HPE.

We can prove that we’ve done that. For example, we sit down with Continental, the second largest automotive part supplier in the world, and ideate about how we can redefine the experience of a driver who is driving along the road. We came up with a data exchange platform that helps our co-manufacturers to exchange data between each other so that the driver who’s sitting in the car gets new entertainment services that were not possible without a data exchange platform.

Our ideation and our Advance Moment are focused on redefining the experience and stimulating new ideas that are groundbreaking -- and are not just copycatting what their peers are doing. And that, of course, will differentiate the value propositions from our customers in a unique way so that they can create new experiences and ultimately new revenue streams.

We're addressing particular personas within our customer's organization. That's because today we see that the product owners in a company are powerful and are always asking themselves, "How can I bring my product to the next level?"

We’re addressing particular personas within our customer’s organization. That’s because today we see that the product owners in a company are powerful and are always asking themselves, “How can I bring my product to the next level? How can I differentiate my product so that it is not easily comparable with my peers?" 

And, of course, the CDO in the customer organizations are looking to orchestrate these initiatives and support the product owners and engineers and build up the innovation engine with the right initiatives and right ideas. And, of course, when we’re talking about digital business transformation, we end up in the IT department because it has to operate somewhere.

So we bring in the experts from the IT department as well as the CIO to turn ideas quickly into realization. And for turning ideas quickly into something meaningful for our customers is what we designed the Accelerate Moment for.

Gardner: We will move on next to the Moment with Amos and learn about the Accelerate Moment, of moving toward the larger digital transformation value.

Accelerate from ideas into value

Ferrari: When it comes to realizing digital transformation, let me ask you a question, Dana. What do you think is the key problem our customers have?

Gardner: Probably finding ways to get started and then finding realization of value and benefits so that they can prove their initiative is worthwhile.

Ferrari: Yes. Absolutely. It’s a problem of prioritization of investment. They know that they need to invest, they need to do something, and they ask, “Where should I invest first? Should I invest in the big infrastructure first?”

But these decisions can slow things down. Yet time-to-market and speed are the keys today. We all know that this is what is driving the behavior of the people in their transformations. And so the key thing is the Accelerate Moment. It’s the Moment where we engage with our customers via workshops with them.

We enable them to extrapolate from their digital ambition and identify what will enable them to move into the realization of their digital transformation. “Where should I start? What is my journey’s path? What is my path to value?” These are the main questions that the Accelerate Moment answers.

As you can see, this is a part of the entire HPE Digital Next Advisory services, and it’s enabling the customer to move critically to the realization of benefits. In this engagement, you start with the decision about the use cases and the technology. There are a number of key elements and decisions that the customer is making. And this is where we’re helping them with the Accelerate Moment.

To deliver an Accelerate Moment, we use a number of steps. First, we frame the initiative by having a good discussion about their KPIs. How are you going to measure them? What are the benefits? Because the business is what is thriving. We know that. And we understand how the technology is the link to the business use case. So we frame the initiative and understand the use cases and scope out the use cases that advance the key KPIs that are the essential platform for the customer. That is a key step into the Moment.

Another important thing to understand is that in a digital transformation, a customer is not alone. No customer is really alone in that. It’s not successful if they don’t think holistically about their digital ecosystems. A customer is successful when they think about the complete ecosystem, including not only the key internal stakeholders but the other stakeholders surrounding them. Together they can enable them to build a new digital value and enable customer differentiation.

The next step is understanding the depth of technology across our digital journey map. And the digital journey map helps customers to see beyond just one angle. They may have started only from the IT point of view, or only from the developer point of view, or just the end user point of view. The reality is that IT now is becoming the value creator. But to be the value creator, they need to consider the entire technology of the entire company.

Ferrari
They need to consider edge-to-cloud, and data, as a full picture. This is where we can help them through a discussion about seeing the full technology that supports the value. How can you bring value to your full digital transformation?

The last step that we consider in the Accelerate Moment is to identify the elements surrounding your digital transformation that are the key building blocks and that will enable you to execute immediately. Those building blocks are key because they create what we call the minimal value product.

They should build up a minimum value product and surround it with the execution to realize the value immediately. They should do that without thinking, “Oh, maybe I need two or three years before realize that value.” They need to change to asking, “How can I do that in a very short time by creating something that is simple and straightforward to create by putting the key building blocks in place.”

This shows how everything is linked and how we need to best link them together. How? We link everything together with stories. And the stories are what help our key stakeholders realize what they needed to create. The stories are about the different stakeholders and how the different stakeholders see themselves in the future of digital transformation. This is the way we show them how this is going to be realized.

The end result is that we will deliver a number of stories that are used to assemble the key building blocks. We create a narrative to enable them to see how the applied technology enables them to create value for their company and achieve the key growth. This is the Accelerate Moment.

Gardner: Craig, as we’ve been discussing differentiation for your customers, what differentiates HPE Pointnext Services? Why are these four Moments the best way to obtain digital transformation?

Partridge: Differentiation is key for us, as well as for our customers across a complex and congested landscape of partners that the customers can choose. Some of the differentiation we’ve touched on here. There is no one else in the market, as far as I’m aware, that has the edge-to-cloud digital journey map, which is HPE’s fundamental model and allows us then to holistically paint the story of not only digital transformation and digital ambition -- but also shows you how to do that at the initiative level and to how plug in those building blocks.

I’m not saying that anybody with just the maturity of an edge-to-cloud model can bring digital ambition to life, to visualize it through the Activate Moment, orchestrate it through the Align Moment, create differentiation through the Advance Moment, and then get to quicker value with the Accelerate Moment.

Gardner: Craig, for those organizations interested in learning more, how do they get started? Where can they go for resources to gain the ability to innovate and be differentiated?

Partridge: If anybody viewing this has seen something that they want to grab on to, that they think can accelerate their own digital ambition, then simply pick up the phone and call HPE and your sales rep. We have sales organizations from dedicated enterprise managers at some of that biggest customers around the world, on through to small- to medium-sized businesses with our inside-sales organization. Call your HPE sales rep and say the magic words “I want to engage with a digital adviser and I’m interested in Digital Next Advisory.” And that should be the flag that triggers a conversation with one of our digital advisers around the world.


Finally, there’s an email address,
digitaladviser@hpe.com. If worse comes to worst, throw an email to that address and then we’d be able to get straight back to you. So, it should make it as easy as possible and just reach out to HPE advisors in advance.


Listen
to the podcast.
Find it on
iTunes. Read a full transcript or download a copy. View the video. Sponsor: Hewlett Packard Enterprise.

You may also be interested in: