CSC World November 2015 [PDF]

NOVEMBER 2015

WORLD Connected Cars DRIVE VALUE The new wave of telematics delivers benefits throughout the automotive value chain

INSIDE Under the Hood with Ford Insurance’s Perfect Storm Enterprise IT Gets Lean The Matrix Is Here

YOUR AGENTS AND CUSTOMERS ARE MOBILE. IS YOUR POINT OF SALE SYSTEM?

Imagine the power to quote, propose and process from tablets and mobile devices, all integrated with your core policy administration systems. The new CSC IntegralTM Point of Sale solution gives insurers out-of-the-box flexibility to quickly launch products and perform end-to-end point of sale and service functions. The next-generation system is mobile-ready for agents and customers, and it includes offline capabilities so insurers can continue working even without Internet access. In the new world of Digital Insurance, mobile sales and service solutions are within reach FOR THOSE WHO SOLVE.

csc.com/integral

WORLD CHIEF MARKETING & COMMUNICATIONS OFFICER Gary Stockman EDITORIAL DIRECTOR Patricia Brown SENIOR MANAGING EDITOR Jeff Caruso CONTENT MARKETING EDITOR Lucy Nolan CONTRIBUTING WRITERS Jim Battey, Nathan Conz, Dale Coyner, Cal Harrison, Peter Krass, Jenny Mangelsdorf ART DIRECTOR Deric Luong DESIGN & PRODUCTION Creative Services CSC csc.com THE AMERICAS 3170 Fairview Park Drive Falls Church, Virginia 22042 United States +1.703.876.1000 ASIA, MIDDLE EAST, AFRICA Level 9, UE BizHub East 6 Changi Business Park Avenue 1 Singapore 468017 Republic of Singapore +65.6809.9000 AUSTRALIA 26 Talavera Road Macquarie Park, NSW 2113 Australia +61(2)9034.3000 CENTRAL AND EASTERN EUROPE Abraham-Lincoln-Park 1 65189 Wiesbaden Germany +49.611.1420 NORDIC AND BALTIC REGION Retortvej 8 DK-2500 Valby Denmark +45.36.14.4000 SOUTH AND WEST EUROPE Immeuble Balzac 10 place des Vosges 92072 Paris la Défense Cedex France +33.1.55.707070 UK, IRELAND AND NETHERLANDS Floor 4 One Pancras Square London N1C 4AG United Kingdom +44.020.3696.3000 CSC WORLD (ISSN 1534-5831) is a publication of Computer Sciences Corporation. Copyright ©2015 Computer Sciences Corporation All rights reserved. Reproduction without permission is prohibited.

Inside CSC World This edition of CSC World marks an important milestone, as we complete the separation of our company into two global leaders: CSC, serving global commercial and international public sector clients; and a new enterprise, CSRA, which combines our U.S. public sector business with SRA International to become the largest IT services company focused on the U.S. government. This is another exciting chapter in our journey, and I’m grateful for the role that everyone at CSC has played in bringing our transformation to this stage. When you consider the scope and speed of the transformation we have undertaken, it’s fair to say that we’ve made remarkable progress. Since 2012, we have focused on providing leadership and value to our clients. We’ve grown relationships with our strategic partners. We’ve improved our financial and operational performance. We have a clear strategy that streamlines our offerings and aligns with key industries. And — most importantly — we have become a more relevant and competitive player in the global technology ecosystem. The improvements we have made to date are being recognized by everyone — partners, investors, financial and industry analysts, and especially our customers and employees. So, what does that success mean as we turn to CSC’s next chapter? We hear from clients throughout the world that they need to transform their legacy systems, applications and workloads. For many of these clients, IT no longer just supports the business, it is the business. But with so many competing priorities, they just aren’t sure where and how to begin. We have reinvented CSC so we can lead our clients on their own digital transformation journey. The offerings we’re developing today build on a new generation of technologies to address the major business shifts our clients are encountering today. As a global leader in delivering next-generation solutions, we know that today’s challenges can’t be solved by only one source. Our partners are key to accomplishing our goals and those of our clients. That’s why we’re developing products and capabilities within a robust alliance ecosystem. Working with other industry leaders makes our R&D investments and expertise go further and enables us to offer end-to-end solutions that best address client needs. We’re also making better use of our own domain expertise and intellectual property. Large segments of the insurance, banking, and healthcare and life sciences industries rely on CSC products and services. And we’re developing new solutions, making new investments to maintain our leading position and continually innovating to keep ahead of change. This truly is a remarkable time in CSC’s journey. With approximately 56,000 employees serving clients in more than 60 countries, we’re in an excellent position to help clients succeed, build exciting new offerings, develop the next-generation skills of our employees and return greater value to our shareholders. Now, more than ever, we’re poised to help clients navigate their own digital transformation — to better serve their customers, maintain competitiveness and forge into the future. We have great reason to be excited about what’s ahead — for CSC, our clients, employees and all of our stakeholders. Enjoy the issue. MIKE LAWRIE President and CEO, CSC

csc.com/cscworld

NOVEMBER 2015 | CSC WORLD

1

CSC WORLD | NOVEMBER 2015 | VOLUME 13 | NUMBER 2

14

22

18

24

8 4

NEWS

CSC acquires two leading IT providers, forms a joint venture to focus on banking modernization, introduces new cloud solutions and reports on corporate responsibility.

6

HEARD ON CSC.COM

Experts are coming to CSC.com’s blogs and Town Halls to give their insights on industry developments and technology trends.

Drive Value

Connectivity enables exciting innovations that can attract new buyers. But the true value of connected cars extends much further.

LIFE SCIENCES

12 5 Things CIOs Need to Know About Capital-Efficient Innovation

CIOs facing the dual challenge of innovating to grow while reducing costs should focus their attention on five main areas.

14 The Questions Life Sciences Firms Ask About Cloud Before rushing into the cloud, companies should first address two important issues: compliance and disentanglement.

2

16 Reaching the Full Potential of Healthcare IT As the healthcare industry undergoes widespread disruption, CIOs might do well to revisit Maslow’s theory on the hierarchy of needs.

18 NHS Trafford CCG: Setting a New Standard in Patient Care Coordination The innovative Trafford Care Co-ordination Centre could evolve into a model for the provision and management of population health.

COVER STORY

8 Connected Cars

HEALTHCARE

CSC WORLD | NOVEMBER 2015

INSURANCE

20 Improving Speed to Market In a consumer-driven environment, insurers can achieve better speed to market by following these six strategies.

22 Digital Insurance: How to Compete in the New Digital Economy To succeed in the digital age, an insurer’s relationship with its customers needs to be more holistic and experiential.

24 All About Scale In an informative Q&A, executive Karen Johnston explains how insurer MEMIC dramatically expanded its business.

26 4 Factors Creating a Perfect Storm in the Insurance Industry Four major market forces are on the verge of changing the way the entire industry works, and may even change the players.

28

38

ON CSC.COM INFOGRAPHICS CENTRAL Explore key trends and data in visual and interactive ways with a collection of CSC infographics on emerging technologies. csc.com/Infographics.

32

CSC TOWN HALLS Join a continuing series of online conferences on IT topics that matter to you, featuring CSC experts and special guest speakers ready to answer your questions. csc.com/TownHall.

42

SUCCESS STORY BRIEFING CENTER View video success stories featuring CSC subject matter experts, clients and global partners. csc.com/Success_Stories.

TRANSPORTATION

28 Turning Anonymous Riders into Connected Consumers Scandinavia’s largest public-transportation agency replaces paper tickets with a digital system that offers truly personalized customer service.

MANUFACTURING

30 Reinvesting in the Right Stuff for Aerospace and Defense The 2015 A&D Market Survey reveals the top two priorities of execs: product innovation and lower costs.

RETAIL

INFRASTRUCTURE

38 Modern IT Architecture in One Word: Shared

An increasing shift toward “sharing” — sharing services, data, code and more — is causing IT architects to look at systems in new ways.

APPLICATIONS

Enterprise IT executives are adopting tried and true manufacturing concepts targeting waste and complexity.

RESEARCH

An emerging set of digital services is radically transforming many aspects of business and society, and will only grow stronger over time.

LAST WORD

As 2016 approaches, a few trends stand out as catalysts of change. Developing strategies around these trends could give enterprises a competitive edge.

40 Enterprise IT Gets Lean

42 The Matrix Is Here

32 3 Steps to Seasonal Readiness Preparing for seasonal spikes is far from simple. Retailers can benefit by proactively adopting three smart approaches.

CYBERSECURITY

34 Hiding in Plain Sight

If today’s advanced persistent threats have not yet penetrated your systems and data, you can be certain they will.

44 IT Trends to Watch in 2016

CLOUD

36 The DevOps Disruption DevOps transformation can not only lead to competitive advantage, but under the right conditions, it can also create market disruption.

37 Lessons Learned from the DevOps Front Lines A panel of experts weighs in on how DevOps can accelerate the application development, testing and release process.


3

NEWS

FIXNETIX AND FRUITION JOIN CSC CSC in September completed acquisitions of two key technology providers: Fruition Partners and Fixnetix. Chicago-based Fruition Partners is a leading provider of technology solutions for the service management sector. Founded in 2001, Fruition is also the world’s largest ServiceNow exclusive service management consulting firm.

Marc Talluto, Fruition’s co-founder and CEO, says the combined business “marries CSC’s global strength with Fruition Partners’ service management expertise to bring existing and new clients even greater results as they continue to be challenged in the constantly evolving digital world.” Talluto will now lead CSC’s global ServiceNow organization.

With the addition of Fruition, CSC bolsters its ability to offer both enterprise and emerging clients an expanded range of cloud-based service management solutions. These new solutions help businesses improve organizational efficiency while lowering their operating costs. Also, CSC now delivers the world’s only fully managed ServiceNow application service offering.

Fixnetix, based in London, was founded in 2005 and quickly became a leading provider of front-office managed trading solutions in capital markets. CSC will combine Fixnetix with its own nextgeneration IT platforms and IT utility services. As a result, CSC can now offer capital market companies an expanded range of as-a-service front-office capabilities. CSC can also address the market’s growing demand for greater efficiency and innovation. Steve Hilton, executive vice president and general manager of CSC’s Global Infrastructure Services, says CSC and Fixnetix have a “unique opportunity to provide clients worldclass global managed services for low-latency trading, market data, hosting, connectivity and risk management solutions.”

JOINT VENTURE TO MODERNIZE BANKS CSC and HCL Technologies this summer formed a banking software and services joint venture called CeleritiFinTech. Banks desperately need IT innovation to keep pace in a fast-changing industry. Yet many banks still spend up to 80 percent of their technology budgets on mundane “keep the lights on” activities. To help, the jointly owned company will invest in platform modernization and product functionality enhancement, and it will capitalize on the proven capabilities of both companies in addressing the multibillion-dollar, global core banking software market.

4


HCL, founded in 1976, describes itself as one of India’s first garage start-ups. Since then, the company has grown dramatically. It now has more than 105,000 employees, offices in 31 countries and annual revenue in excess of US$6 billion. CeleritiFinTech will help banks extend the useful life of and investment in their current platforms, enhance and expand CSC’s core banking and cards platforms into modernized end-to-end solutions under the Celeriti suite, and advance digital banking transformation solutions in conjunction with other partners.

“Many of our banking clients are looking for modernization of their legacy platforms while simultaneously managing the increasing demands for data analytics services, multichannel deployments and increasing regulatory compliance requirements,” says Anant Gupta, HCL’s president and CEO. “The joint entity is designed to meet those critical demands with new and innovative solutions, and to expedite the modernization transformation journey of our banking clients.”

MAKING HYBRID CLOUDS EASIER TO MANAGE WITH AT&T Managing workloads across hybrid cloud networks just got a whole lot easier and more secure. That’s because CSC and AT&T have jointly announced a solution to help businesses become more flexible and lower their costs by moving key business applications to the cloud. The new solution, called AT&T NetBond with CSC Agility Platform, is itself something of a hybrid. The joint solution empowers developers to rapidly and consistently provision applications onto cloud and network services using automation. This, in turn, means that enterprises can now safely transform to a highly secure hybrid cloud environment. “This is a step forward for enterprise

cloud service,” says Dan Hushon, CSC’s chief technology officer. “End-to-end control helps the most complex environments work better.” Here’s an example of how it works: Imagine a business struggling to meet IT demand. The company could use the new AT&T–CSC solution to boost computing power, storage and network capacities. It could then access multiple cloud providers from a CSC Agility PlatformTM single control plane over AT&T’s virtual private network. This could improve security and resource management, while also reducing audit burdens. Learn more at csc.com/harnessthecloud.

CSC SHOWS STRONG GAINS IN CORPORATE RESPONSIBILITY CSC remains strongly committed to corporate responsibility and environmental sustainability — and the company has the facts and figures to prove it. CSC recently released its latest Corporate Responsibility and Sustainability Report, which details all global, social and environmental sustainability achievements for the latest fiscal year. As the report shows, CSC has:

ADDING ON-DEMAND WORKLOAD PROTECTION FOR CLOUD SECURITY CSC recently unveiled an enhanced, pay-as-you-go cloud security services solution. It enables enterprise clients to scale their cloud-workload security functionality up — or down — as required by their business, technical or financial needs. On-Demand Workload Protection, the new solution, was developed by CSC with technology partner CloudPassage. It’s designed to help clients protect their cloud workloads and consume cloud-based security services using the same attributes that have made public cloud computing services so popular.

In the past, many organizations had to cobble together cloud solutions based on multiple technologies and legacy licenses. But now, CSC’s new Security as a Service capability lets companies use flexible, consumption-based security models instead. These can flex in concert with a company’s business and operational requirements. The new solution offers an affordable alternative that gives enterprises clear visibility into all their platforms and workloads. Eliminating the need for dedicated staff to manage and monitor multiple security services internally will also free up resources that can be invested elsewhere in the business.

• Created a 3-year Global Environmental Strategy reaching across all of the company’s data centers and offices worldwide. The goal: drive compliance with energy and e-waste reduction targets, achieve international certifications, and meet green-building standards. • Achieved a 15+ percent absolute energy reduction against the 2012 baseline, exceeding the original 10 percent reduction target in just 2 years. • Realized a 13 percent global greenhouse-gas reduction against the 2012 baseline, remaining on track for an 18 percent reduction by 2018. “As we move forward with our transformation agenda,” says Mike Lawrie, CSC’s president and CEO, “our commitment to corporate responsibility remains a crucial pillar of our business success.”


5

Heard on CSC.COM

Experts inside and outside of CSC are coming to csc.com to make their voices heard, in CSC Town Hall webcasts and our blogs. Here are some highlights.

IT skills in demand

We look for people who have the skill to acquire new skills. We look for people who understand models. Whether those are programming models or financial models, or data models — they’re able to take those models and translate those into slightly novel situations.

Daniel Angelucci Chief Technology Officer, Asia, Middle East and Africa, CSC Town Hall, “Hottest IT Job Skills” csc.com/ITjobs

Power struggle In the technology world we are used to raw performance doubling every 12 to 18 months under Moore’s law. That’s our expectation, but it’s not been true for battery technology. The lithium-ion battery has been a workhorse for nearly 25 years now; in that time there have been a number of incremental improvements in capacity, but nothing approaching Moore’s law. In many ways Moore’s law makes the lack of progress in battery technology even more striking as the devices that we carry around get increasingly powerful, leading to higher power expectations.

Graham Chastney Principal Solution Architect, CSC CSC Blog, “Batteries: The unsolved problem in our mobile world” csc.com/batteries

6


Send in the maverick

Where telematics and big data meet

To be successful in providing next-gen mobile solutions to your workforce, you need a next-gen mobile maverick. Some weird guy who’s not afraid to break with habits which ruled IT for the last three decades. A brave enthusiast whose mission will be to bring a fresh breeze of Silicon Valley-like paradigms into your IT department. A strong believer in Steve Jobs’ 3-tap mantra or Amazon’s 2-pizza rule.

In many cases, we can incentivize customers to play an active part by sharing data and, based on the insights from that data, modify their behavior to reduce risk. It’s a fantastic model for the insurance industry, one that offers greater transparency and value for all stakeholders.

Christian Klöppel

Andrew Dart

Head of Global Mobility Consulting

Insurance Industry Strategist, CSC

CSC Blog, “Why a Mobile Maverick is Mission Critical to

CSC Blog, “IoT: Where Telematics and Big Data meet to

Your Mobile Strategy”

create huge opportunities”

csc.com/maverick

csc.com/telematics-bigdata

Please do not feed the zombies Unused apps forgotten on smartphones and tablets could contain vulnerabilities which can be exploited through permissions granted to an unrelated app that hackers can leverage to turn the dead app into a zombie. In addition to a backdoor approach, hackers often will trick users with bogus updates for the app which, if approved, enables the hackers to grab personal (and maybe enterprise) information from mobile devices.

Chris Nerney

A tool for our time No matter how groundbreaking we think our new technology tools are, they are only tools. They fit into a long history of tools designed to improve the practice of medicine and, in a nicely Darwinian turn, only the fittest will survive. Will the smartphone be one of those tools that stand the test of time? Well, I’d confidently predict that some kind of personally owned health and well-being management device will certainly become ubiquitous.

Technology Journalist CSC Blog, “Are ‘zombie apps’ stalking your mobile users?” csc.com/zombie-apps

Phil Hemmings Director, Global Industry Marketing, CSC Healthcare and Life Sciences CSC Blog, “In the 21st Century Medicine Will Be Different, and This Time It’s Personal” csc.com/tools-medicine


7

COVER STORY

Connected Cars DRIVE VALUE by Dale Coyner

The new wave of telematics delivers benefits throughout the automotive value chain

Learn more about CSC’s connected car solutions at csc.com/connectedcar.

8


Autonomous driving and electric cars may dominate headlines about the future of the automobile, but the era of the connected car has already arrived. Fueled by demands from an always-connected mobile society, millions of cars equipped with built-in connectivity are driving off dealership lots every year. Connected vehicles enable a host of innovations that add convenience, comfort and safety, says Chris Fangmann, CTO, global manufacturing industry at CSC. “Connectivity enhances safety features such as parking assistance, adaptive cruise control, blind spot assistance, collision avoidance and improved night vision, to name just a few,” he says. “While those features are important to attract new buyers, the value of connected cars to automotive and other industries, such as insurance, extends much further.” Let’s stay in touch Data generated by connected vehicles has inherent value, whether it’s used to study the reliability and service life of a power window relay, analyze and automatically optimize engine performance in a wide range of environments, understand driver habits, communicate with other vehicles, predict failures, report an accident, or track and predict any of a vast range of specific vehicle metrics. Ford Motor Company will be using the data to customize maintenance and services, improve safety and enhance the driving experience. “With connected vehicles, we can create a custom maintenance schedule for the customer,” says Roopak Verma, Ford’s CIO for Europe, the Middle East and Africa. “Today, we might tell a customer to change the oil every 10,000 miles, but in reality the schedule should be based on the customer’s driving habits. With connected capabilities, you can know it’s OK to wait until 11,500 miles, and the same applies to every component in the car.” Connectivity also enables Ford vehicles to automatically reconfigure driving characteristics based on weather and road conditions. In a pilot project in London, Fords are even tapping into data from parking lots. “You enter an address into the GPS, and you can see in real time where the parking spaces are — and in London, that’s a big deal,” Verma says. Ford is conducting pilot projects for car sharing, which is made easier with connected cars. Rather than exchanging keys, drivers can simply send a code to unlock the vehicle over a mobile phone. Settings for the seat, radio, rearview mirror and more can be activated with the touch of a button on a smartphone.

“I believe the biggest impact is going to be to the fleet business, because you can really optimize your costs,” Verma says. Larry Stolle, global automotive marketing director at SAP, says advancements like these are changing the fundamental makeup of cars. “I like the contrast Dr. Lawrence Burns from the University of Michigan makes: When you look at the old DNA of the industry, the automobile was fossil-fuel powered, mechanical, owned and operated by a person, and built to suit many purposes,” Stolle says. “The DNA of the car is changing — self-driving, shareable and more types built for specific uses. That future is here, now.” The power of data The collected data has great potential value beyond manufacturers, for example to third-party service providers such as auto insurance companies. Vehicle information can help insurers adjust rates based on driver performance, leading to more efficient risk-pricing models, lower claims and faster claims processing. Marketers would pay for that data, too, because they would have yet another channel to reach customers. Plus, new services could be offered based on the data — imagine drivers entering a route into their GPS and receiving a proposal for trip-dedicated roadside assistance due to road and weather conditions. Governments have begun to grasp the significance of connected vehicle data. Proposals by federal regulators in the United States, the European Union and Brazil are targeted at either encouraging or requiring manufacturers to include telematics to improve safety, report crashes and reduce incidents of vehicle theft. The U.S. National Transportation Safety Board is creating standards to promote connected technologies, predicting that crashes may be reduced by more than 75 percent. The European Union in 2013 called for the inclusion of crash alert devices, estimating that this action could save 2,500 lives annually. Governments, as well as private companies, can also use data about road conditions to focus their investments on road repairs or route planning. Retailers are eager to tap into the personal data collected, including location, but the challenge is finding services that both benefit the customer and address privacy concerns, Ford’s Verma says. “We have so many legal constraints, data privacy constraints. How do we ensure the user’s ownership of data is taken into account?” Verma says. “That is slowing us down a little because everybody wants to be extremely careful in complying with the law.” (For more insight from Ford’s Verma, see sidebar, page 11.) One solution is to give drivers the right incentives, according to Fangmann. “Most people are willing to give up some data privacy for a 5 to 10 percent better deal on services or products,” he says.


9

COVER STORY

Car Hacking from the Couch Imagine driving along the highway at 70 mph. Suddenly, the air conditioner begins blasting cold air, the radio switches stations and the volume jumps. Cruising toward an overpass with no shoulder, you lose control of the accelerator. RPMs climb and speed drops as the transmission is disabled. Ten miles away, a hacker sits comfortably on his couch while he wreaks havoc with your car’s systems. This scenario may seem like the stuff of science fiction, but it has already been demonstrated by security researchers looking to show vulnerabilities in connected cars. And while it’s a frightening prospect, it should hardly be surprising. Consumers value bandwidth, apps and connectivity in the way previous generations compared horsepower and torque, and manufacturers have rushed new features to market faster than they’ve been able to secure them. With up to 100 million lines of code, today’s vehicle is a rolling, ragtag collection of industrial-era technologies and outdated, poorly tested code. Industry initiatives such as the Automotive Open System Architecture (AUTOSAR) and the Japan Automotive Software Platform and Architecture (JasPar) were developed to standardize vehicle control systems. In the United States, the Security and Privacy in Your Car (SPY Car) Act introduced in July 2015 would direct U.S. federal agencies to create standards requiring automakers to secure cars and protect drivers’ privacy. Suresh Mandava, associate partner for Internet of Things and big data security at CSC, says the industry should learn from aerospace and defense manufacturers and invest in quality coding and stringent testing to reduce the code footprint and standardize hardware components and software platforms. “Security needs to be baked into the engineering and architecture of the connected car platform — not be an aftermarket fix,” Mandava says.

Staying connected in the aftermarket Still, connected cars offer manufacturers an important avenue for developing stronger, longer-lasting ties to customers. “Manufacturers have a reasonable chance of generating revenue from an owner during the duration of a vehicle’s full warranty, a window of about 3 to 5 years. Once that period ends, things change,” Fangmann says. Owners soon begin making greater use of aftermarket service and independent parts providers. Compounding the problem is the fact that cars are staying on the road longer, with the average age of vehicle registrations creeping up to 11 years. IDC reported in 2014, citing survey data and registration statistics, that 71 percent of the U.S. driving population will likely not upgrade their vehicle for 2 to 7 years — or longer. Connected cars alter that equation by offering manufacturers an effective way to stay in touch with vehicle owners over a vehicle’s entire life cycle. Manufacturers would have a much greater chance of maintaining service revenue and a stronger brand-building channel to drive repeat sales. And that always-on connectivity can help automakers notify drivers about recalls and address security threats more effectively by issuing over-the-air software updates to critical systems. Not too late for older models The number of new vehicles shipping with telematics systems accounts for only a small percentage of vehicles on the road today. For vehicles that predate the connected car revolution, CSC offers hardware, services and an online platform that can collect and report performance data from a car’s controller area network (CAN) bus port, used for diagnostics. Data is displayed in a dashboard on a variety of mobile devices for the driver, owner or fleet manager, as well as the manufacturer. “Car makers, rental agencies and enterprise fleet managers have the opportunity to bring millions of vehicles online,” Fangmann says. Despite the challenges in ramping up quickly, automakers need to continue to push ahead with connected capabilities, as competitors who already understand the value of large data pools are nipping at their heels. A few well-known Silicon Valley enterprises with large connected customer bases, such as Google, have been experimenting with their own mobility services and connection technologies. “These companies are making rapid progress, and they’ve already connected customers,” Fangmann says. “This could allow them to become the owners of the connected car space before manufacturers realize they’ve been overtaken.” DALE COYNER is a writer with CSC’s digital marketing team.

10


Q&A

Under the Hood with Ford Roopak Verma — Ford CIO, Europe, the Middle East and Africa

Ford Motor Company was among the first in the industry to offer connected car services through the driver’s cell phone. This year, all new models released by Ford in North America have a built-in modem for connectivity, with European cars to follow in 2016. For more on the key considerations raised by connected cars, CSC World recently spoke with Roopak Verma, Ford’s CIO for the Europe, Middle East and Africa region. How is Ford helping to secure the connected car? How can OEMs work together to address this threat? Recent security demonstrations [see sidebar, page 10] have really prompted all of the OEMs to take a hard look at vehicle security. We have the capability today to remotely unlock a vehicle, and if someone can hack into it, that’s the first thing he or she will do. If someone can control the functionality of the vehicle remotely, that’s dangerous.

What role is data analytics playing at Ford in supporting automotive sales, production and services? Data analytics and intelligence can give us a single, integrated view of people who are researching a car on the Web, linking them with the people who may come in and visit the dealer, and linking them with the people who might actually buy a car and then come back to Ford for the servicing. It can help us change the whole marketing paradigm. It’s also going to help us make a connection with the customer to design the next-generation car. We won’t need hundreds of hours of research to find out where the next trends in car designs are going. We’ll be talking to our customers. Organizations are under constant pressure to step up their rate of innovation. How are you nurturing innovation at Ford?

A Fusion Hybrid, for example, is generating 25 gigabytes of data per hour. A hacker would love to get access to the functionality of the car, your location data, your contact data, even your credit card data. At Ford, we realize you have to have the fundamental security architecture built into the vehicle. The architecture that controls the vehicle functionality needs to be isolated from the connected vehicle architecture, and you need encryption between every component.

One of the things we’ve been doing in Europe is looking for a way to really democratize innovation. What we used to always see is that you could come up with a great idea, it worked well, but there was always a challenge in the implementation and getting the business value out of it.

Everybody’s facing a common challenge. A lot of the safety features we expect are going to require vehicles to talk to each other, so if a Ford car is not talking to a GM car, it’s not going to know the car is stopped ahead just around a blind curve. That type of connectivity is going to require us to work together on the protocols and the security architecture.

We had a semifinal event to select the top 12 ideas, and now the business owns these ideas, and we are going to provide them time, funding and resources to take them forward. Then we’ll come back in January and see who has been able to make enough progress so that they can become part of our business plan. It’s exciting.

So we started the Ford Innovation Challenge. The idea is that anybody in Ford with an innovative idea can put it forward. We opened it for 2 weeks and we had 415 ideas.


11

LIFE SCIENCES

5 THINGS CIOs NEED TO KNOW

ABOUT CAPITAL-EFFICIENT

INNOVATION by Steve Andrade

Changing market dynamics are forcing companies to innovate to grow while reducing costs, so life sciences companies need to adopt a Capital-Efficient Innovation approach. Here are five areas where CIOs should focus their attention. 1. Capital-Efficient Innovation is about agility To drive innovation, you need to have the elasticity within your infrastructure to support existing and new business objectives. Agility means putting the right platform, processes and discipline in place to be able to quickly respond to market opportunities, regulatory challenges, changes in the supply chain, and so forth. Flexibility is enabled via an IT platform through which you can embrace and support new services, products and capabilities. Having an agile and consistent IT platform allows companies to derive value from integrating systems used by different functions in the business. So, for example, a company’s regulatory information management (RIM) platform can be integrated with content management solutions and master data management activities. But to derive the greatest benefit, the IT platform needs to be easy to use, so you need to build the right platform to enable agility. One way to achieve platform simplicity is through a trusted cloud service, which opens up the opportunity to build a more agile and interconnected architecture. Adopting cloud is beneficial at both economic and business-value levels, because it reduces the cost of infrastructure while accelerating time to market by making it easier to deliver services in a consistent and repeatable way. In addition, as CIOs increasingly focus on what systems and processes they need to run the business, an agile IT platform, enabled through the cloud, creates an environment for lowcost prototyping of alternative solutions, allowing ongoing innovation without additional cost.

12


2. Capital-Efficient Innovation is about compliance and security Progressive CIOs need to drive toward architectural simplicity to improve regulatory compliance. While companies understand that RIM is integral to managing the regulatory submission process, for RIM to provide the level of compliance and business value that the enterprise requires, regulatory rich information should be leveraged more extensively across the organization and supported by a more agile and integrated platform. The broader benefit of an integrated approach to compliance is that it helps you bring products to market faster, and enables a smarter and lower-cost way of managing regulated activities. The challenge in most organizations is that data is dispersed across numerous legacy systems that run globally within a complicated and outdated IT architecture. In addition, you need to ensure a clear, streamlined security strategy to protect the enterprise’s assets and minimize the risk — and cost — of security breaches. CIOs are tasked with helping achieve these goals without additional cost burdens to the business, and with the right infrastructure it’s now easier and less resource-intensive to make use of capabilities such as radio-frequency identification (RFID), data leakage protection, identity and access management, application security, network security, and single sign-on. 3. Capital-Efficient Innovation is about governance and portfolio management As organizations have moved away from vertical integration to orchestrating a complex network of suppliers and partners, it has become even more important to have a clear governance and portfolio management structure in place. To manage those many relationships and activities effectively and efficiently, you need to be able to ensure that every relationship is governed in a structured and repeatable way. Governance also encompasses portfolio management; an efficient governance structure allows you to look at the cost base around your portfolio of activities and determine the most efficient way to manage those activities. The question becomes, are the tools and processes in place to activate and manage governance and the portfolio, in order to work more efficiently? Companies can’t govern without portfolio management, without effective supplier management, or without adopting architectural simplicity. This is relevant across all functions within the business: Without architectural simplicity, businesses can’t optimize the supply chain or enhance how they collaborate with R&D partners, or manage global regulatory information. 4. Capital-Efficient Innovation is about talent optimization Today’s life sciences organizations face ongoing transformation, in particular as a result of mergers and

acquisitions, divestments, and the increasing dependence on external partners. But to make best use of the global skills and knowledge these new or supplemental team members and partners bring, you need to become more comfortable leading and working with co-located and distributed teams across the globe and across organizations. To make best use of talent, you need to put in place processes that enable you to identify and source the right skills, both inside and outside the business, not just at an operational level but also at a strategic level. At the same time, you need to seek out the right resources to help your company develop and train its own people in order to respond to rapidly changing market dynamics and trends. 5. Capital-Efficient Innovation is about collaboration At all levels — R&D, clinical, infrastructure and supply chain — life sciences companies are collaborating with many different stakeholders, both internally beyond their functional walls and outside the organization with business partners. The need to innovate at an R&D level has led once-insular companies to work with academic institutions, start-ups, biotechs, technology companies and former competitors. Collaboration means that you need to be able to share information and intellectual property securely, through flexible cloud-based or as-a-service platforms that can be scaled up during the collaborative process, allowing rules-based access, and scaled down when not required, without residual cost. It’s about having an agile platform that lets the enterprise work across multiple clouds and organizations, and securely access different applications, as well as the information within those applications. Mobility is also an important enabler of collaboration, because today’s workforce not only is geographically spread out, but increasingly needs access to information while working beyond the corporate walls. Connecting the dots Capital-Efficient Innovation responds to the industry’s dual challenge of innovating to grow while reducing costs. And the industry is trying to achieve this while staying true to its purpose: bringing life-saving products to market faster for patients across the globe. As CIOs increasingly take the lead in delivering the innovation needed to enable the objectives set out by the stakeholders, their priority must become to create a business model that best optimizes the value chain to meet the needs of the patient through Capital-Efficient Innovation. STEVE ANDRADE is vice president and general manager of life sciences at CSC.

Learn more about Capital-Efficient Innovation in life sciences at csc.com/CEI.


13

LIFE SCIENCES

THE QUESTIONS LIFE SCIENCES FIRMS

ASK ABOUT

CLOUD by Dawn Waite

14


As life sciences companies come under pressure to cut costs and simplify how data is shared, they are seeing the cloud as an opportunity to manage enterprisewide information. The industry, however, has been reluctant to move to the cloud, for both IT and business reasons. There are benefits to both sides of the enterprise in moving to the cloud. The business case is well understood: having clear, consistent information available in a way that simplifies data exchange. For IT, it means removing day-to-day management of solution tool sets, allowing IT to focus on other valuable tasks, such as delivering desktop consistency to the users. That’s not to say companies should rush blindly into the cloud; there are some important issues to address first. Here are two common questions companies have when considering a cloud solution. How will validation and compliance be handled? Compliance is almost always one of the top concerns for life sciences companies. Invariably, life sciences business and IT leaders want to know how, given the regulated nature of the industry, they can move to the cloud comfortably and ensure they are compliant. This is a valid question. While there are no formal FDA guidelines on cloud, companies should adhere to 21 Code of Federal Regulations (CFR) Part 11 requirements and ensure that both qualification and validation are of the highest standards, such as with a GAMP 5 approach. You need to qualify your infrastructure to ensure it’s doing what it says it is. So the question is: Does your vendor have a process in place to be able to handle that compliance? Are there clear documented processes and deliverables for system validation and infrastructure qualification? While most people are aware of this necessity, companies are often nervous about handing off responsibility for the infrastructure piece to a cloud vendor. And it’s fair to say that not all cloud vendors understand it. You might be attracted to what appear to be quick and easy cloud solutions. However, if there aren’t the necessary processes and documentation to support the whole qualification and validation process, this puts you at risk, since your regulatory solutions will be sitting on infrastructure that could potentially fail an audit. Other considerations include processes concerning change management. While the system might be set up in a compliant solution to begin with, if you’re in the cloud, you need that compliance to be maintained throughout the system’s life, and if anything changes, you need to ensure those changes

meet compliance requirements. My advice to clients is that whenever there is a formal change control, a process should be followed with an assessment of whether that change needs to go through any sort of validation. That way, if an audit takes place, you’re assured of being completely compliant. When entering a cloud contract, it is the client that needs to ensure that the vendor can demonstrate they have an effective process; hence, regular audits will be required. It will also need to be established whether this will require additional costs or whether an audit process is included in the service. What I recommend to clients is to determine what your vendor offers in terms of handling annual audits, as well as whether they engage independent auditors to assess their data centers. What happens if I want to move my system? One issue I consider to be crucial, but that people don’t always think about, is disentanglement. Let’s face it: In today’s businesses, things change, and you should be prepared for all eventualities. The problem is, if this isn’t part of an agreement with your vendor, you could end up unable to extricate yourself, or you might be unable to get your data out. In that case, you might be forced to undertake a manual process to get your data out, which is extremely costly. When you are looking to move to the cloud or an IT managed service environment, it’s important to understand that things can change. To use a specific example, recently a client went through an acquisition, and the decision was made to go to an on-premises solution. As it happened, both the companies were CSC clients, but one had an on-premises solution and the other had a cloud solution. Because we have agile systems and processes in place, the job of moving data to an on-premises solution was quick and straightforward. But that wouldn’t necessarily be the case with every cloud vendor. The approach we recommend is inclusion of a Provision of Disentanglement. That’s a framework of “what happens if,” and it defines where the responsibilities lie, what the vendor would need to do to extract a client’s data, who needs to be involved, and what the timescale is. While this can’t be definitively stated, simply because you don’t have that information in advance, you should find out what the options are, the types of personnel that would be needed, and the likely daily rate involved. It’s really about having an understanding of what needs to happen to get your data out, and most importantly, that you can get your data out. DAWN WAITE is manager, Life Sciences in the Cloud, CSC.

Learn more at csc.com/life_sciences. Waite will continue her look at cloud considerations in CSC’s life sciences blog at blogs.csc.com/category/ life-sciences.


15

HEALTHCARE

THE FULL POTENTIAL

REACHING

OF HEALTHCARE IT by Lisa Pettigrew

Does your bimodal strategy stack up against the CSC Hierarchy of Healthcare IT?

16


Healthcare organizations are under intense pressure to shift their organizations faster than ever. It’s imperative that they invest in their digital futures to prepare for new models of care, new patient-centric engagement frameworks, and the new technologies expected by clinicians, caregivers, consumers and payers. But how can they do this while also maintaining legacy operating systems, existing models of care, and traditional reimbursement and funding arrangements? Healthcare CIOs can be crucial in helping organizations navigate this bimodal challenge. As the healthcare industry undergoes widespread disruption, CIOs might do well to take a second look at Maslow’s classic theory on the hierarchy of needs. According to this theory, self-actualization, or the fulfillment of potential, is the highest level of psychological development — but it can be achieved only after all basic needs have first been met. For the healthcare industry, the ultimate objective — a focus on patient-centered care, care management and population health — can be achieved only when the potential of digital technology has been fully realized. To support the dialogue about digital technologies among CIOs, physicians and healthcare business leaders, we’ve created the CSC Hierarchy of Healthcare IT. This hierarchy can help organizations understand the right approach for their bimodal strategy. Patient Engagement Care Management

Population Health Enablement

Population Health Management Health Information Exchange

eHealth Optimization

EMRs/EHRs Core Financial & Administrative Systems

Agile IT as a Service

Infrastructure

CSC Hierarchy of Healthcare IT Start with the basics The basic layers in healthcare IT — which correspond to Maslow’s basic needs of shelter, food and water — represent all the infrastructure and corporate back-office systems necessary for a healthcare organization to exist. These include networks, WiFi, storage and compute power, cybersecurity, identity and access tools, operating systems, as well as financial, payroll, administrative and logistics applications. In healthcare, these technology services together serve as the crucial infrastructure that no one sees, yet everyone relies on to do their jobs effectively. These functions can be effectively managed with CSC’s Agile IT as a Service solution.

Work with the middle layers The middle layers include Health Information Exchanges (HIEs), which securely exchange health information across settings and among stakeholders, as well as the core electronic health records (EHRs) that physicians typically associate with IT. EHRs include all the clinical data, tests and orders, pathology, radiology, surgical and procedural notes, and patient information. The technology here serves as the physician’s core working system. These middle layers, which support eHealth Optimization, are highly visible to physicians, nurses and clinical workforces, yet are not typically seen or accessed by patients. Use digital technologies to support patient care and more At the peak of the hierarchy, we reach the ultimate objective of Population Health Enablement, where we focus on using digital technologies to support patient-centered care, care management and population health. This is the area of the hierarchy that directly engages with and is visible to patients. This hierarchy can assist healthcare technologists and physicians in understanding each other’s frustrations and challenges. For example, even after years of energy and effort, clinicians still cite frustrations with EHRs. But it’s difficult to expect optimal results when making investments in something significant such as EHRs without first fortifying the foundation. An investment in an expensive EHR is not always matched with sufficient investment in the core infrastructure required to support the entirely new models of care, increased data capture obligations and workflow changes embodied in an EHR. New smart device access needs, new WiFi requirements, increased cybersecurity obligations from networked EHRs, and increased storage requirements — all of these require investment to get the most out of an EHR. Optimize your investments Bottom line, healthcare organizations need to optimize investments across the hierarchy to suit the organizations’ objectives. For example, rather than continually spending money on the same infrastructure, it’s time to embrace innovative, agile infrastructure arrangements such as cloud technology and service models that shrink spending at the bottom of the pyramid to improve spending in the middle and the top. These investments are important because the model of care is changing as medicine itself continues to evolve. With a bimodal approach to IT, healthcare providers can create offerings focused on changing patient needs. When CIOs, clinicians and patients understand how interrelated their needs are in the hierarchy, this can ultimately help bring stakeholders together to customize, optimize and

Disruption Hits Health Insurance Market Progressive CIOs use the opportunity for digital transformation. Health insurance is going through a significant evolution. Consumers have increasing choice, and insurers are looking for ways to engage differently and meaningfully with their members. Insurers no longer want to consider their members as part of a large, faceless risk pool, but rather see them as consumers trying to navigate the complex healthcare delivery marketplace. Insurers are aiming to reduce costs and improve coordination with providers as the industry moves toward member-centric models. New, well-funded digital health insurance companies such as Oscar are shaking up the market with digital engagement models and low overhead costs. What can incumbent health insurers do to survive? Using new digital technologies to their full potential — and embracing the use of analytics — could be the answer. Incumbent insurers have the advantage of the insights they can draw from their massive stores of data — that is, if they can liberate their data from functionally isolated silos often housed in legacy applications and managed with old-world technologies. There is a pressing need for incumbents to invest in data analytics to leverage value and insight from existing data stores and ingest new data to enable more compelling interactions with members. Through analytics, insurers can use member information to predict what might happen next in the patient journey; hence, payers and their provider networks can start to offer alternative care models to minimize expensive medical care and intervention, and help consumers take control of their own healthcare. Ultimately there are three forms of healthcare data — systems of record data (claims data, electronic health records), genomic and genetic data, and patientgenerated data (biometrics, qualitative data). Healthcare CIOs need to ensure that they have future-proofed strategies for all three forms of data and their linkages so they can generate insights, develop new products and channels, and address new models of member loyalty and expectation. A sound strategy for next-generation analytics could provide just the key health insurers need to unlock the potential of their data and fulfill their goal of providing patient-centric service.

maximize investments. LISA PETTIGREW is general manager for healthcare and life sciences in the Americas at CSC.


17

HEALTHCARE

NHS Trafford CCG Setting a New Standard in Patient Care Coordination

by Jim Battey Providing a diverse range of patients with a single point of contact for comprehensive health services, CSC is working with Trafford Clinical Commissioning Group (CCG) in Greater Manchester, England, on a first-of-its-kind care center. The innovative Trafford Care Co-ordination Centre (TCCC) aims to provide patients, families and care providers with significantly improved patient experience and efficiency across Trafford’s healthcare system. A part of the National Health Service (NHS), Trafford CCG is responsible for ensuring that health services for the people of Trafford are provided at the right place and right time, and that services are safe, of high quality and offer value for money. The CCG is also part of the broader health system in Greater Manchester, which recently became England’s first region to have healthcare funding devolved to local government. The CSC-Trafford CCG partnership to develop and manage the TCCC is the first of its type in the United Kingdom. Delivering quality and value A contemporary challenge for Trafford CCG, as with healthcare organizations globally, is to find new ways to deliver quality healthcare in a coordinated, integrated manner. “Our vision for the health economy in Trafford is to create a healthcare system that’s proactive and high-quality, with excellent clinical outcomes and ease of access,” says Trafford CCG Chief Operating Officer Gina Lawrence. “This will be achieved by designing services that are delivered in an integrated way, so that patients can expect health and social care to work together to offer the best possible holistic advice and support for their needs.”

As healthcare becomes more focused on the patient, Trafford CCG is taking a more personal, caring approach. Trafford CCG has already begun to build integrated services in the community. However, Lawrence points out, “Unless you have a coordination center, people don’t access those services very well.”

Like clinical entities in many regions, Trafford CCG serves a diverse population with a wide range of healthcare needs. As the comprehensive NHS care system can be complex to navigate, the TCCC aims to provide a complete offering that sets a new standard for quality in care coordination. Trafford CCG engaged CSC to co-create and co-manage the TCCC with the goal of improving coordination and integration across boundaries of primary, acute, community and mental

18


health sectors — to deliver a significantly improved experience for patients and care providers. “The TCCC is designed to make getting services as simple as possible with a single access to it, but it also helps general practitioners and acute trusts navigate through what can be a very complex NHS system,” Lawrence says. A new care model The TCCC is based on a new care model that works like an air traffic control system, tracking patients as they move through the system and efficiently guiding them to different services. The patient’s journey begins with a referral from their general practitioner (doctor). Their care pathway is then mapped out using recognized clinical tools and protocols — such as Map of Medicine, a clinical tool that lets physicians plan care according to the best information available. Each patient is assigned a designated care coordinator who has a host of resources and interfaces available to make practical arrangements such as booking appointments or arranging transportation to and from a hospital. “It is very patient-centric. The system considers the best options and the best care for you,” Lawrence says. Continuous tracking of patients allows Trafford CCG to understand what kind of services patients access and what kind of services they need to access, “which really helps us to manage our budgets and commissioning correctly,” Lawrence continues. “We call that ‘intelligent commissioning,’ and we believe that’s the way forward for CCGs in the future.” Services range from initial patient communications via a unified communications system, to clinical workflow based on a catalog of services, to back-end analysis of the effectiveness and efficiency of care delivery. CSC is also providing innovative business process services and working with partners to deliver clinical services. Family-friendly approach Dr. Nigel Guest, chief clinical officer at Trafford CCG, notes that healthcare services are shifting to delivering care at the most efficient location. “We should center services for patients around them, providing the services preferably out in the community, not in hospital, unless that’s absolutely necessary,” he says. As part of the innovative TCCC model, the patient and family’s situation and transportation needs are taken into consideration when making care decisions. Guest says the service can evaluate factors such as, “Is there an appropriate time for them, and how will that work with the members of their family? It’s very much more about coordination, and not just coordination for the patients, but for the family as well.”

The TCCC approach can evolve into a model for the provision and management of population health, says Philippe Houssiau, CSC’s vice president, healthcare and life sciences, UK. The TCCC model, for example, serves as an excellent means for establishing care pathways for diabetes management. “By keeping those patients in the preclinical stages of their lives, [we are] dramatically reducing the burden of the healthcare system and dramatically increasing the quality of their life,” Houssiau says. Houssiau adds that he sees the TCCC model expanding well beyond Trafford. “We will be delivering high-quality, value-for-money services which could lead the way for how care is delivered across England,” he says. “This is a really phenomenal opportunity for co-creation, not just at a regional or a country level, but to have a dynamic global activity going, taking place around one common point of view of changing care models globally.” JIM BATTEY is a writer with CSC’s digital marketing team.

Client: NHS Trafford Clinical Commissioning Group Challenge: • Deliver high-quality healthcare to more than 220,000 citizens of Trafford, England • Provide patients with simplified services, beginning with a single point of contact • Create an integrated solution that involves patients, their families and care providers Solution: • Form a unique, first-of-its-kind partnership between CSC and Trafford CCG • Develop an innovative Patient Care Co-ordination Centre • Direct patients, their families and care providers to relevant services through defined clinical pathways Results: • Improved patient experience and enhanced system efficiency • Better coordination of services across primary, secondary and tertiary care settings • Cost savings, reduced bureaucracy and improved value for money

In the new model, another key aspect is streamlining the system so that the amount of bureaucracy and paperwork is reduced. Guest says that by making the system more efficient, “We’ll derive cost benefits from it, and we can invest further into integrated care.”


19

INSURANCE

IMPROVING SPEED TO MARKET Six Strategies for Achieving Better Speed to Market in a ConsumerDriven Insurance Environment

What does speed to market mean in today’s world? For insurers today, the concept of speed to market has come to represent more than just how quickly they can develop a product. To succeed going forward, insurers need to define speed to market in broader terms — ones that encompass: • • • •

Product development Geographic expansion Distribution channel diversification Customer service (perhaps most important of all)

In today’s consumer-driven marketplace, insurance companies must fundamentally change how they differentiate themselves. In the past, insurance companies used product features to differentiate themselves. Now, having too many features can be a liability. Consumers expect to quickly understand the products and features available to them. Once they make a choice, they expect to initiate and complete an insurance purchase in a matter of minutes, especially when interacting in an online or mobile environment. To offer customers and potential customers that kind of experience, insurers need products in their portfolios that are intuitive — quickly understood at the point of sale — and simple — enabling an automated underwriting and issuance process. With the complex products of the past now difficult to market, distribute and underwrite, insurers can no longer rely on uniqueness for market differentiation. Products must go beyond the basics of indemnification to deliver continuous value. This is at the heart of speed to market’s evolution. As the very idea of the product has expanded, so too must the concept of how an insurer can speed that product’s delivery to market and, later in the process, accelerate rate refreshes and other adjustments. For an insurance professional, there are more ways than ever to improve speed to market — and offer better speed to value.

20


Here are six strategies insurers can leverage: 1. Empower the product owner Successful product development requires both speed and the ability to tailor a product to the right market segments. The inability to accomplish these two tasks concurrently leaves most insurers with no choice but to follow, rather than innovate, as they attempt to grow geographically or break into new distribution channels. From this perspective, speed to market and product configuration are inextricably linked. So improving speed to market is an exercise in limiting IT involvement in the product configuration process. This can be accomplished by externalizing rules and calculations from administration systems. By empowering the business owner with as much control as possible over product configuration, insurers can reduce reliance on IT and make it easier to quickly tailor products for particular market segments. 2. Embrace an as-a-service mentality Often, the biggest drag on speed to market is the upfront time associated with establishing and customizing a system for practical use. As-a-service solutions, by their very nature, do not require the kinds of large upfront investments that often cause those delays. Insurers can shave months off of the typical implementation timeline associated with more traditional, labor-intensive approaches — by exploring a combination of Infrastructure as a Service, Platform as a Service and Software as a Service solutions available in the marketplace. By leveraging the right mix of these managed services, insurers can transform their go-to-market strategy and free themselves to seize emerging market opportunities. 3. Consider human capital as part of your managed services Deploying a full BPO solution represents perhaps the highest order of managed services, encapsulating all the benefits of other as-a-service solutions, but with the addition of human capital. That’s no small difference. In many ways, insurance is a unique and complex industry: It can be difficult to quickly find or develop workers who understand the business. Effective use of business process services (BPS) couples industry-experienced service professionals with advanced technology to provide a continuum of service options, from standardized to highly customized. This approach gives companies of all sizes the ability to quickly access the same robust functions used by the industry’s top tier insurers.

4. Introduce Lean start-up principles The advantages of an as-a-service approach are increased if an insurer introduces cultural and strategic changes that complement it. With an eye on maximizing returns with minimal risk, Lean start-up theory suggests going to market with a minimum viable product (MVP) that has no more than the core features necessary for deployment, then iterating until the product finds a foothold in the market, or becomes unviable. When applied to the insurance industry, this strategy allows a carrier to quickly test if there is an appetite for a product — without incurring the large expenses associated with a full product launch. For new products, this limits exposure and lets an insurer test more products in a shorter period of time — increasing the chances that a new product will be successfully introduced. Beyond that, it also establishes a culture and a set of business processes optimized to quickly and effectively respond to customer needs. Then the existing product can be fined tuned, accordingly. 5. Leverage partnerships Many insurers make the mistake of only looking internally for reuse opportunities. Now more than ever, however, insurers can leverage the institutional knowledge of their partners to improve speed to market — through business process improvement and a more componentized approach to product life-cycle management. CSC’s Global Insurance Centers, for example, support approximately $7.6 billion in premiums with a technologyenabled BPS framework. A pre-built, insurance-centric BPS framework enables a CSC client to immediately “reuse” an extensive inventory of best practices and business guidelines, without having to acquire or develop the necessary institutional knowledge internally. 6. See the forest, not just the trees New products, applications and services can often be developed and run more quickly using new methodologies and platforms. However, no single product, application or service within an insurance company runs in a vacuum. To achieve true speed to value, an insurer must take advantage of new technologies within the context of their legacy environment, which can still provide a lot of value. To accomplish this, it is important to focus on integration and the entire product life cycle as a whole, rather than its discrete parts. Software is important. Infrastructure is important. Ultimate success today, however, is predicated on the shift to an outsidein business and technology environment. By focusing on the entire product life cycle, insurers can ensure they are absolutely committed to understanding their own products through the eyes of the consumer.


21

INSURANCE Demographic behavior has shifted, and many consumers who are not digital natives are beginning to behave as if they were. Consumers of all ages are becoming more comfortable not only with tablets and smartphones, but with electronic transactions in general. They seek out new apps, new ideas and new experiences that can help them make healthier choices and work more effectively. And, in many ways, they’re finding what they’re looking for. Big data, cloud computing, mobility, social networking and the “Internet of Things” (IoT) have converged to enable a new digital economy that places greater value on the needs of these consumers. In the not-so-distant future, the insurance marketplace will exist largely within this digital economy. Insurance companies, with their policy-centric approach and siloed operations, are ill suited to compete in this new reality. They need to embrace the concept of digital insurance and take action, or risk being marginalized. A digital insurer should offer a richer set of datadriven, customer-facing services, enabled by:

by Brian Wallace

• A customer-centric approach to doing business • An omnichannel buying journey that augments traditional channels with robust self-service options, direct purchasing and a single customer experience across online, mobile and social channels • The ability to leverage data and analytics across the value chain, including product innovation, marketing and sales, new business, servicing, claims and operations • Straight-through processing (STP) made possible through simplified products, automated underwriting for new business, first notice of loss (FNOL) automation and self-service options for claims Data as the new differentiator Perhaps the most significant implication of this new digital reality is the increasing importance of data. In this new landscape, data will emerge as the digital insurer’s primary competitive weapon.

DIGITAL INSURANCE: HOW TO COMPETE IN THE NEW DIGITAL ECONOMY

The traditional insurance company is set up to best serve a type of customer that, in the very near future, may no longer exist.

22


Insurers have traditionally competed on product features, where uniqueness sets a product apart. In today’s consumerdriven marketplace, however, an excessive feature set can be a detriment. A truly digital customer experience requires products that are easy to comprehend and simple enough to enable e-applications, automated underwriting and direct issuance — all to deliver the instant gratification consumers now expect. Unable to differentiate solely on uniqueness, a digital insurer will instead seek to differentiate based on added value. Such a shift will require insurers to reconsider how they design new products, go to market, and interface with agents and customers. Data becomes increasingly important because digital insurance is not about dictating an experience to customers, but about anticipating the customers’ needs and providing them with the experience and value they want, when they want it. To increase relevance, insurers need to offer real value-added services that are fueled by data and analytics.

This is crucial as digital insurers shift from an indemnificationbased value proposition to one of continuous value. The concept of a core protection product has largely become commoditized, which has in turn lowered the barrier to entry for new competitors. Leveraged correctly, new sources of data will enable insurers to provide customers with useful information, opportunities and solutions. This kind of consistent customer engagement goes a long way toward warding off competitive threats.

Think in terms of a lifetime customer relationship that begins with brand awareness and is nurtured through an ongoing set of positive brand experiences. Better data, from more sources, can lead to improved underwriting and pricing, but it can also lead to insights delivered back to customers, allowing them to make real decisions: How can I lead a healthier lifestyle? Where can I find the best car repair shop? How should I prepare for approaching weather?

Use more data, better data, new tools Insurers aren’t starting from scratch when it comes to data and analytics sophistication. Instead, this is a matter of insurers equipping themselves with more data, better data and new tools to accept, manage and analyze it. It’s about taking a core competency the insurance industry already has and applying it to every element of the insurance value chain.

• Business: Determine how to effectively leverage various streams of data from systems of record, CRM systems and external sources. • Technology: Go beyond existing business intelligence data warehousing tools. Establish a consolidated and integrated view. Procure a big data platform and the related tools and technology. There are many choices — managed services, in-house assembly and so forth.

Insurers maintain a competitive advantage in the risk management game only if they control, or at least have access to, the most insightful types of data. Previously, the best data was proxy data — where data about one thing (your credit score, your age, your gender) provides insight into another (your driving habits). Now, however, new sources of true behavioral data can get right to the heart of the matter. A car manufacturer, for example, might have telematics data that’s more valuable than credit scores to underwriting car insurance. Accepting the value of this kind of data conceptually is one thing. Accepting it technologically is another. Often delivered in real time, by the terabyte and in unstructured form, it’s a significant departure from the more static, structured data insurers largely work with today. Handling it requires an insurer to develop an entirely new set of digital skills. Become a master of consumption, understanding and engagement To wield data as a competitive weapon, an insurer needs to master three core competencies — consumption, understanding and engagement. Mastering these skills will separate truly digital insurers from the rest. Master of consumption. A master of consumption embraces the service-enabled enterprise and the API economy. This is about an enterprise getting better at both consuming and becoming more consumable, developing a true omnichannel experience for customers, agents, brokers and even internal stakeholders. • Business: Focus on making the company easier to do business with. Envision a customer’s buying journey that spans channels — education on the Web, specific questions asked through a call center, a Web chat or maybe a call to a broker. • Technology: Move away from an in-house mentality and embrace external infrastructure, cloud computing, as-aservice options and mobility. Implement an IT-centric set of initiatives to make the enterprise more open and agile. Master of understanding. Develop the capacity for meaningful data and analytics work by implementing a big data platform. Then, explore both what’s possible and how business value might be generated. In other words, improve data availability and then make that data actionable.

Master of engagement. This final skill is about executing on the overall strategic vision of digital insurance. Set ambitions to move the basic value proposition from indemnification to continuous value, and then actually become more digital. Currently, the relationship between an insurer and a customer lies dormant except during three basic interactions: new business acquisition; billing and payment of premium; and claims filing and adjudication. But what about the vast amounts of time before and after those traditional interactions? If insurers do not attain better relevance in this white space, some other entity will. • Business: Determine how to continually engage with customers on a daily, weekly or even hourly basis. • Technology: Sustain this level of engagement by facilitating rapid and dynamic interactions across partner ecosystems, leveraging the API economy. • Both a technology and business issue, mastering engagement is about an insurer combining its newly developed analytical capabilities with its newfound ability to interact with customers across channels. In the end, delivering continuous value and maintaining relevance with customers comes down to enabling a symbiotic relationship between insurer and insured. That’s true engagement. A usage-based auto insurance program, for example, leverages a single data set to both improve underwriting and provide the driver with useful information about his or her driving habits. A health insurer’s wellness initiative, coupled with wearable device technology, meanwhile, leads to fewer claims paid, reduced premiums and a healthier life for the customer. The same information that allows insurers to better price risk also allows customers to live safer, healthier, more productive lives. This data is too valuable not to be used by the customer in some way. The question is whether insurers will put themselves in a position to provide this value to the consumer — or whether someone else will take their place. BRIAN WALLACE is global technologist, insurance, at CSC.


23

INSURANCE

ALL ABOUT

SCALE by Nathan Conz

How Insurer MEMIC Dramatically Expanded Its Business Over the past 20 years, Maine Employers’ Mutual Insurance Company (MEMIC) has grown considerably — from a small, single-state insurer to one licensed in 47 jurisdictions across the country, with offices in eight states and assets of more than $1 billion. In 2013, MEMIC grew group-wide premium by nearly 15 percent and doubled its writings in Florida, one of its newly targeted marketing territories. In New York, meanwhile, the company has become the state’s fastest-growing writer of workers’ compensation insurance. CSC, which administers all MEMIC policies outside of Maine, has seen this growth firsthand. Last year, for example, CSC processed six times more business for MEMIC than it did 10 years earlier.

24

CSC WORLD | NOVEMBER CLIENT CONFERENCE 2015 2015

Karen Johnston is a 21-year veteran of MEMIC and has spent the past 15 of those years as the insurer’s director of underwriting operations. Johnston recently sat down with CSC to discuss the company’s impressive record of sustained, intelligent growth, technology’s role in that effort and what lies ahead for the Portland, Maine-based mutual company. MEMIC is relatively young for an insurance company. How did it get started? MEMIC was formed in 1993 after the Maine legislature reformed its workers’ compensation laws. We serve as the guaranteed market for Maine, but our founding board and management were not satisfied with just acting like a state fund. They wanted us to compete like any other private carrier, which is what we do. And we do it well. So well, in fact, that we are the leading workers’ compensation insurer, not only in our home state but also among the top five carriers in New England, and gaining significant market share in territories down the Atlantic Seaboard.

We started this diversification strategy in 2000, when we opened up a subsidiary called the MEMIC Indemnity Company. We quickly found we were able to take our successful underwriting discipline, outstanding safety and claims services, and expand that into other states and other markets. At first, we were licensed only in New Hampshire, but we spent the next 10 years expanding MEMIC Indemnity. We now have licenses to write workers’ compensation in 47 jurisdictions. What kind of approach has MEMIC taken as it looked to grow? We have been very specific about our growth. In Maine, as the guaranteed market, we take any who come to us. In these other markets though, we write what we choose. We didn’t want to start writing just any policy that came across our desk just because we wanted to book premium. We wanted to make sure we were being smart. We do not sacrifice our bottom line for top-line growth. We never have and never will. So, as we look at potential growth areas, we do our research. We seek out markets where we see good opportunities and agents who we feel would be good partners. Then we capitalize on the lessons we’ve learned in Maine by identifying the kinds of businesses that we like to work with and that we’re successful working with. How was MEMIC able to expand so quickly? One of the primary reasons we were able to do that was because we kept all the support and operational functions here in Portland. We hire underwriters in the territories where we want to expand — really good people with strong backgrounds — but all the operations work happens here. Underwriting, sales support, accounting, billing, policy administration and processing — everything happens in Portland. That has really helped us with our growth, especially over the past 5 years. We were able to maintain service and support levels for the underwriters and grow as the business expanded. The second reason is demand. We’ve clearly found that there is demand in the marketplace for a carrier that offers the specialized, high-touch service that we do. We’re not for everyone, but there is a definite segment of the market that can use our expertise to their great benefit. How closely intertwined is all this with the concept of operational efficiency? Keeping all the “behind the scenes” operations here in Portland was definitely the first step in acknowledging that, in order to make this work, we have to be operating efficiently. It certainly wouldn’t have made sense, from an operational standpoint, to open entire offices in other states. Part of my job, in fact, is to look at everything we do to see if there is any improvement in efficiency that can be made — whether it’s through technology or staffing or training or whatever the case may be. That’s a constant process. Just when you think you’ve got something licked, the needs change or the system changes or a rule changes.

Efficiency has been the key to success. We couldn’t have done it and been successful any other way than to keep everything housed in Portland and running smoothly and efficiently. How does MEMIC’s approach to technology speak to those efficiency goals? By the late 1990s we had gotten very used to being a pretty simple technology company. We had our Maine policies and we had an in-house policy administration system that did a solid job. As we started expanding, though, we had to do a lot of things manually for the MEMIC Indemnity business because we didn’t have the infrastructure in place. There were challenges in adding more jurisdictions and more offices. Underwriters working in new regions in our other offices needed to have access to all the same systems that everyone here in Portland had access to. We’ve had a business process outsourcing relationship with CSC for all these years. They’ve physically been issuing our policies for us outside of Maine. CSC has a staff of people to issue, produce and mail out policies to our policyholders. It’s a lot about the economy of scale. They’ve got these processes in place for not just MEMIC, but for all their clients. Having them perform a lot of the functions that we needed was very much part of our success. For example, anytime you’re adding other jurisdictions, compliance becomes a major consideration. CSC has very strong compliance services. They have a system built. It already exists. They have the infrastructure and the processes in place to track compliance issues and law changes. If MEMIC had to do that — we have 250 employees here that run the whole company — we would potentially need 10 to 15 people just to keep track of every legislation or regulation change that could happen in 47 jurisdictions. What does the next phase of growth look like for MEMIC? Where do you go from here? We have offices in Connecticut, Pennsylvania, New Jersey, Virginia, Florida, New York and New Hampshire. So those are really the regions where we’re focusing our efforts. We are a national carrier and we do write national accounts, but we have targeted those states as growth areas specifically. So now our growth strategy becomes a question of: “Where do we want to focus our efforts next?” CEO John Leonard has been pretty consistent about this. He wants MEMIC to continue growing but in the same controlled manner as in the past 15 years. So, we’re going to do our due diligence. We’re going to do our research and we’re going to see in which territories we think we can be successful. We have the luxury of being able to control that carefully. NATHAN CONZ is a manager with CSC’s content marketing team.


25

INSURANCE

4 FACTORS CREATING

A PERFECT STORM

IN THE INSURANCE INDUSTRY by Phil Ratcliff

With the insurance industry’s tendency toward hyperbole, it seems as if we are perpetually on the verge of revolution, disruption or upheaval. I joined the industry back in the early ’90s, when “the CRM revolution” was being discussed as a major inflection point. Nothing really ended up changing, and most of the insurers that were large and successful then are still large and successful. Today, however, four major market forces are in play — and this time, I believe we really are on the cusp of something substantial and fundamental. It will change the way the entire industry works, and may even change a lot of the players.

1

New entrants Historically, the insurance industry has remained relatively constant, with most companies having been in business for a good hundred years. Recently, however, there has been a rise in the number of new entrants marketing, selling or servicing insurance products or providing new capital. Many of these new entrants are interesting organizations with great capabilities. Google, which entered the UK market in 2011 as an insurance aggregator, is perhaps the most formidable. The technology giant joined the emerging insurance aggregation market, disrupting competitive market conditions and, by some accounts, subsequently helping lower insurance premiums by roughly 30 percent over the past 5 years. Introducing that sort of intense price competition into an industry that is not overly profitable to begin with, has changed market dynamics substantially. Other companies are also entering the fray, including retailers with strong brand names, and telecommunications companies boasting telematics capabilities. Even car manufacturers are starting to embed telematics capability into vehicles and, in some cases, to sell insurance directly.

26


2

Social and economic dynamics We’re currently in a very low interest rate period, which is putting pressure on profitability. Insurance is an industry that, essentially, takes in money and invests it before subsequently paying claims. So, with lower investment returns, there’s less profit being generated. Over the past 30 years, many U.S.-based insurance companies have failed to return their cost of capital. There has also been a lot of volatility in investment returns, especially since the financial crash of 2007 and 2008. This market volatility makes it harder for insurers to run their business. For example, it’s more difficult to find stable, growing assets to match against long-term liabilities. The most obvious societal shift in developed countries is the retirement of baby boomers. As they retire, they are taking money out of their accumulation products to provide ongoing income; trillions of dollars will flow out of these products over the next 5 to 10 years. On the other hand, baby boomers have more wealth than people who retired previously, and they’re also living longer. That means they’re generating new insurance needs, necessitating different types of insurance products — particularly around payouts and long-term care.

Of course, there’s also growth related to Generation Y — consumers who are unlikely to go to the local broker and have a discussion over a cup of coffee to buy what is, in essence, a commodity product. Instead, they want everything now, everything mobile, everything available by text. Meanwhile, we see most of the growth in developing countries. A growing move toward urbanization is creating a much larger and more affluent middle class, and these families are creating a market for insurance products. Domestic companies are seeing growth, but global insurers such as AXA, MAPFRE and Prudential UK have also moved aggressively into the Asian and Latin American markets.

3

The data revolution Insurers have always made use of substantial amounts of data, but how they leverage data is changing. It used to be that if an insurer had a large volume of risk data, it could find success by comparing, pooling and underwriting similar risks. Now, data is everywhere, and it’s immediately available. The whole concept of pooling risks may end up disappearing because, in effect, the data revolution will enable insurers to underwrite down to the individual level. Historically, insurance has been about pricing risk. Now the industry might be moving toward placing more value on managing risk. For example, telematics can be leveraged to give people driving scores — getting them to drive more

slowly, brake more effectively and corner less aggressively. On the life side, wearable technology and analytics can create compelling wellness programs for clients. These programs are enabling insurers to manage the risks they are writing by rewarding good behavior and penalizing bad.

4

The digital mandate The convenience and efficiency of online and mobile channels, coupled with the commoditization of the core insurance product, has led insurance customers to seek a new experience. The digital insurance trend, then, is really about the way consumers will choose to interact with an insurance company, as opposed to insurance companies trying to dictate interactions with consumers. Insurers will need to focus far more on the consumer as an individual. An effective omnichannel strategy will be key, as will an insurer’s selfservice capabilities. The case for transformation Together, these four factors are creating a compelling case for digital insurance transformation. If traditional insurers expect to remain competitive, they must become more: • Agile, to respond to new and increasing competitive threats • Efficient, to address profitability challenges • Customer-centric, to respond to social changes and increasing consumer expectations • Advanced in terms of data and analytics, to move from merely pricing and pooling risks to truly managing individual risks

Addressing these business imperatives will require insurers to both transform their legacy operations and build out new operations. Insurers need to ask themselves: How do we reduce our “run and maintain” costs in order to build the new capabilities necessary to stay competitive? How do we evolve our legacy systems to support today’s digital imperatives? How do we accept new sources of data and analyze that data properly? And, perhaps most importantly, how do we do it all simultaneously? At CSC, we believe the future lies in strong partnerships. Partners with deep industry expertise and knowledge of back-office systems can help insurers move to a more agile service-enabled environment, bringing new capabilities while significantly lowering costs. Insurers can then invest more heavily in creating the customized user experiences that will lead to future success. PHIL RATCLIFF is insurance industry general manager at CSC.


27

TRANSPORTATION

Turning Anonymous Riders into

CONNECTED CONSUMERS by Peter Krass

Scandinavia’s largest public-transportation agency replaces paper tickets with a digital system that offers truly personalized customer service. Getting around a big city isn’t always easy. There are routes to determine. Connections to be made. Tickets to purchase and, if lost or stolen, replace. The City of Stockholm, Sweden, wanted to make getting around easier and more efficient. It also wanted to turn its millions of anonymous riders into personalized customers. With CSC’s help, that’s exactly what it’s done. Helping citizens and visitors get around the greater Stockholm area is the job of the city’s public transit agency, Storstockholms Lokaltrafik, better known by its initials, SL. It’s a big job. Stockholm is not only Sweden’s capital, but also — with some 1.4 million people — the largest city in the entire Nordic region. Every day, SL conducts some 800,000 trips across its 100 subway stations, 50 rail stations, 450 bus lines and 60 boats. Until recently, SL’s job was also unnecessarily costly, due to an old, paper-based ticketing system. Established in the 1970s, the system was a relic of that pre-Internet, pre-mobile era. Tickets for all buses, trains and rail were printed at a central location, then shipped to SL’s retail partners and stations. If a customer lost a ticket, they had to buy another. And when tickets were stolen en route to non-SL ticket sellers — including selected retail stores — it was SL’s loss. Bus drivers were also frequent crime targets, as they had to carry cash from customers buying tickets on board. Even when everything in the process went as planned, it could be slow. Tickets had to be manually presented to an SL ticketing agent. The agent would inspect the ticket and hand-stamp the slip of paper. The customer then had to carefully retain the verified ticket for the remainder of the journey. So, starting in the early 2000s, SL began to augment its paper tickets with smartcards, giving riders a new choice. However, the new smartcard system did not provide links to the Internet, and acceptance of the new system was only lukewarm.

28


From riders to customers In early 2013, SL enlisted CSC and other partners to make both the paper and smartcard tickets obsolete by converting to a completely digital travel-card system. “We wanted to get away from the manual handling of tickets,” says Stefan Torpman, operational manager for e-commerce and customer service at SL. CSC’s contribution to the SL solution is Boomerang, the firm’s customer-relations system for public transportation. Currently used by transit agencies in Denmark, Norway and Sweden, CSC Boomerang provides a 360-degree view of customers. The software suite includes claims management, sales, billing, e-commerce and a customerrelationship management (CRM) solution. All its components have been designed to help public-transportation organizations improve customer satisfaction, grow revenue and add new routes and services.

“Everything the customer does is recorded in Boomerang,” Torpman says. “So we can see if they buy tickets, or if they have an open ticket with customer service. Every interaction is recorded.”

The Travel Guarantee, also enhanced by CSC Boomerang, refunds holders of registered SL travel cards for taxi fare if their desired bus or train runs more than 20 minutes behind schedule.

One challenge of the project was integrating CSC Boomerang with nine back-end systems operated by SL. These included systems for ticketing, Web hosting, billing, payment verification, travel-card manufacturing and distribution, and route timetables. The CSC team had to configure Boomerang to not only bind these back-end services together, but also provide end-to-end process support and customer self-service capabilities.

SL’s job is easier, too, with a full audit trail; comprehensive claims management for all services; a customer Web portal; a single application programming interface (API) to use in all presentation layers of the digital channels; and the ability to add new services quickly and easily.

Guarantees for transit riders Today, riders of Stockholm’s public transit can buy travel cards from retailers and ticket kiosks located at bus and train stations, or order them from SL’s website. Either way, there are essentially two steps. First, the rider loads value (money) into the travel card’s digital purse. Second, they specify what kind of ticket they want. Tickets can be purchased for a specific trip, or for a specified period of time, such as a day, a week or a month. Riders who register their card can also enjoy two powerful features. The Loss Guarantee allows a rider to protect the value on their travel card if the card is lost or stolen. With Boomerang’s help, once a rider reports the card as missing, SL electronically blocks the original card from further use, and generates a new card, complete with the missing value.

A cardless future? Looking ahead, SL could move to a completely card-free system. With some 5 million travel cards in circulation, eliminating their manufacture, shipping and distribution could substantially lower SL’s costs. “Our vision,” Torpman says, “is that a ticket is a cloud service.” This means that SL buses, trains and boats would always be connected to the cloud. That way, instead of presenting a travel card, a rider would simply identify themselves, perhaps with their smartphone. The onboard system would then connect via the cloud to a back-end ticketing system that would search the rider’s file to determine how much value they had in their account and which tickets they currently hold. It’s a vision that Torpman admits is probably years away. But getting from Point A to Point B? That’s something SL — with help from CSC — has gotten pretty good at. “CSC is very solutions-oriented,” Torpman says. “They’re quite driven.” PETER KRASS is a writer with CSC’s digital marketing team.

Client: Storstockholms Lokaltrafik (Stockholm Public Transit) Challenge: • Replace costly, insecure paper-ticketing system • Dramatically improve customer service • Modernize the IT infrastructure with Web services Solution: • Boomerang, CSC’s customer engagement management platform • Integration of nine legacy systems • End-to-end process for customer self-service Results: • Paper tickets phased out; 5 million digital travel cards issued • Website lets customers load value from credit cards to travel cards • Auto top-up feature added so travel cards need never run out of value • Claim and dispute-management features implemented


29

MANUFACTURING

REINVESTING IN THE RIGHT STUFF FOR AEROSPACE AND DEFENSE by Roblyn Theodorou

SURVEY: A&D Execs Want Product Innovation — and Lower Costs Since we first conducted the Aerospace & Defense Market Survey in 2000, the industry has seen some turbulent times: post-September 11, 2001, impacts on both the commercial and defense sectors, the global recession, budget sequestration, and new competitors entering the marketplace. Meanwhile, technology change has been rampant, with the emergence of integrated sensors, unmanned aerial vehicles (UAVs), mobile apps and WiFi — to name just a few. The most recent survey depicts a tale of two industries. The commercial sector is seeing steady demand for new aircraft, while the government sector is still wracked by uncertainty over defense spending (50 percent of respondents reported that they declined to bid on defense projects). Growth vs. costs The survey, sponsored jointly by CSC and the Aerospace Industries Association (AIA), takes the pulse of approximately 100 executives and senior leaders at global aerospace and defense (A&D) companies. This year, the industry’s top business priorities were aimed at growth — improving product innovation and upselling and cross-selling more to the customer base — and expense reduction through improved internal efficiencies and lower costs.

64.5%

of respondents blamed “federal budget uncertainty” for decreased R&D spending

29% 30

of respondents spent at least 25% more on cybersecurity in the past year


A&D companies have just come through a period of unprecedented cuts, so why are they still focused on costs? How can you invest in research and development (R&D) and innovation while you’re still in costcontainment mode? The answer is twofold. First, organizations are already making more targeted investments in R&D. The danger is that with fewer new programs coming along and traditional A&D players struggling to replace their graying workforce, the R&D function will erode and create openings for emerging competitors in China, Russia and elsewhere. Second, these legacy players in A&D are behind the modernization curve. They face fundamental challenges with legacy costs associated with hardware, maintenance and support, as well as a lack of agility that puts a drag on operations.

Top 3 Defense Projects: • Cybersecurity • UAVs • Electronic warfare

Building the case for modernization The good news is that through modernization, companies are seeing significant savings and reinvesting in the business to support innovation. The first step toward modernization is to address the core applications supporting production, supply chains and product development. Some of our clients have critical pieces of their build process that are written in COBOL from the 1970s. The challenge is building a business case for code refactoring or system replacement. For some production-related applications, it’s akin to changing the wheels on a moving car. The industry has been putting this off for some time, but now companies have to address modernization to keep up with emerging competitors that aren’t saddled with legacy systems. Shifting from COBOL to Java offers more than just a technological advantage: It frees organizations to run applications on lower-cost platforms or move them to a private cloud or hybrid cloud environment. Suddenly, you’ve shifted your business model to IT as a Service, and your costs are based on demand, rather than on maximum capacity. Need a new environment to support a new program? You can spin it up in a few minutes with appropriate security — compared to weeks or even months in a traditional data center. This year’s survey cited the cloud as a priority for modernization (41%), but nearly one-fourth (24.6%) said there are still too many barriers to cloud adoption. Predictive and proactive steps The next big factor affecting both innovation and costs is the data itself. A&D companies collect a huge amount of data about products, production, maintenance, supply chains and more, but they’re really only just now tapping into what that data can do for them. Consider the issue of product quality. Most companies spend a great deal of time on manual inspection and generate large numbers of scrap components, which can be a huge expense if you’re talking about an airfoil or a turbine fan blade. Predictive analytics streamlines the inspection process by using data to identify quality issues and ultimately reduce scrap.

Top 3 Modernization Strategies: • Application modernization • IT infrastructure modernization • Improved integration and data sharing The industry can move to a more proactive model by applying predictive analytics to the data it already has related to production-to-spec measurements, machine tool wear, temperature, humidity, product performance, supplier data and more. Predictive analytics — as well as basic insights and data sharing — can benefit every part of the business, from production to product engineering to aftersales services. Coupled with the Internet of Things and cybersecurity controls, this level of digital transformation can really help A&D companies differentiate themselves in the market. In many ways, the step-change improvement that big data affords is analogous to the dramatic improvements brought about by the move from manned assembly lines to automated lines staffed by robots. As today’s smart machines near the intelligence of a human operator, they are able to address issues, make decisions and use data in ways that accelerate production as never before. We’re at the early stages, but 10 years from now we’ll ask: How did we do it when machines couldn’t interpret data to accelerate production? Competing with Google and Facebook Finally, this year’s survey shows that the industry needs to change its relationship with its employees. A good example is the bringyour-own-device (BYOD) trend. Survey respondents clearly still struggle with balancing BYOD with security, with 41 percent requiring separation between work and personal devices. But to attract and retain a new generation of workers skilled in science, technology, engineering and mathematics (STEM), organizations must find a way to accommodate more flexibility. College graduates today have lived their adult lives in a connected world. They’re setting their sights on technology firms such as Google, so the byzantine rules in place at many A&D firms are completely foreign to them. Many organizations tend to view security as either black or white. The reality is that there’s a lot of gray out there already, and firms must find a way to balance demands for access and control, to create an environment that enables employees rather than restricts them — while also protecting the enterprise. Can A&D companies increase innovation and lower costs? We’ve seen the industry overcome incredible challenges before. With the right investments, it can happen again. ROBLYN THEODOROU is industry general manager for manufacturing in the Americas at CSC. A version of this article originally appeared in CIOReview magazine, and it is reprinted here with permission. Get the full survey results at csc.com/2015A&DSurvey.


31

RETAIL

3 Steps to Seasonal Readiness

by John Blackburn and Michael Deittrick

Retailers are always busy preparing for the next seasonal spike. Approximately 20 percent of annual retail sales in the United States occur during these short periods, often around national holidays; to manage the onslaught, retailers hire hundreds of thousands of seasonal employees. This jump in transaction traffic, logistics and supporting resources brings an increased risk for IT. Retail and security systems must support and protect brand, customer experience and critical transactional data while remaining competitive. Throughout the year, retail customers — whether traditional or omnichannel shoppers — expect a consistent and seamless user experience in traditional stores, as well as through distribution centers, mobile apps, e-commerce, social media,

32


call centers — even third-party partner networks. During peak shopping times and holidays, their demands only increase. Notable cyber intrusions targeting major retailers such as, in the United States, Target, Neiman Marcus and others have shown that the dangers of a malicious attack are now all too real. Cyberattacks and breaches can disrupt retail operations, slow down and even prevent sales, and seriously damage a brand’s reputation.

Preparing for seasonal spikes is far from simple. However, retailers can benefit by proactively adopting the three following approaches: • Be responsive • Be elastic • Be secure These three approaches, described in this article, can help retailers gather the technology and business-focused capabilities that have become necessary for a successful season. They can also help increase customer satisfaction, protect the brand’s reputation, ensure that systems remain up during peak traffic periods, and maximize revenue and conversions. Be responsive While customers may always expect your e-commerce systems to be fast, smooth and easy to use, during seasonal spikes, customers demand it. Anything less, and they’re likely to defect. After all, competing retailers are only a few clicks away. To achieve greater responsiveness and retain valuable customers, consider taking these steps: • Test, test and test again. While most retailers commonly test end-user touchpoints, they often overlook the testing of their supporting systems. So, be sure to examine your entire IT architecture from end to end, including your application, data, network and cloud platforms. But don’t stop there. You also need to test your competing workflows. For example, if your forecasting system wants to grab computing resources, what happens to online orders? Thankfully, your engineers can use automated tools to test and simulate real-world scenarios. • Look deep for performance issues. Drags on performance can easily hide within interoperating systems. Don’t let them stay that way. Make sure your store systems can run offline — at least for a few hours — thereby allowing failover systems to take over, in the event of a failure. Ensure your databases are correctly tuned and your networks tested. Also consider if you have enough data storage. • Remember your external services. External systems can form the weakest link in your chain because they’re not directly in your control. With the growth of Web services and the cloud, many retailers use more of these services than ever before. These services have become more important than ever, too. For example, a sluggish addressverification system can bring your checkout process to a crawl. Your goal? Make sure that it won’t happen. Be elastic How scalable do your systems need to be to cope with the holiday shopping rush? The right answer: very scalable. Peak shopping cycles create dramatically increased demands. To keep up, you need enough data storage, networking capacity and raw compute power — and the ability to quickly allocate more as needed. Sure, you will forecast your seasonal capacity needs. However, what if actual demand greatly exceeds your forecasts? Consider these tips for greater elasticity:

• Design software to scale. This is an architecting task. Place workloads on systems that can be scaled quickly, and ensure that network bandwidth can scale, too. This may require moving to a cloud model — private, public or hybrid — that best supports your particular workloads. As for large batch processes — the real enemies of scalability — also consider moving them to the cloud, which enables them to run in highly elastic virtual-server farms. • Run your run-book. Here’s where your data center can optimize all batch-process schedules. Make sure your batch jobs run at times that do not interfere with your transactional systems. Consider rescheduling some jobs to run either before or after seasonal spikes, rather than during them. • Refactor your workload. Many batch processes are essential. It’s not an option to skip this task. However, there’s still enough time to refactor your workloads and run them in the cloud. Rather than revamping your entire system, focus on the resource hogs and aim for a point solution. Be secure One “seasonal event” that no one wants to experience is a data breach. The period during and right after a seasonal spike has become prime time for data thefts, system intrusions, malware incursions and other criminal activities. The following steps can help keep your systems and customers safe: • Guard the last mile. Your endpoints are where an overwhelming majority of data breaches occur. To be sure, smart payment cards help. However, by themselves, they’re not the complete solution. • Get holistic. Far too many retailers take a fragmented approach to security. Take an omnichannel approach and apply tokenization, which protects sensitive data with substitutes; also, consider fraud detection and other security best practices. • Audit early and often. Conduct a full intrusion-detection audit to ensure that you are fully protecting your customers’ payment and personal information. Ensure that vital data is encrypted end to end. Leverage a vault system to tokenize credit cards; then isolate the system in a highly secure zone. • Stay current. Ensure that all of your systems continue to have the latest security patches and fixes. With cybercriminals constantly launching new, sophisticated attacks, you simply cannot afford to fall behind. Also remember to conduct regular and timely maintenance on your entire IT environment, including Web and application servers, databases and firewalls. Your systems’ seasonal readiness has become vital to your success, more than ever before. By ensuring they are responsive, elastic and secure, the next season will be, as the saying goes, in the bag. JOHN BLACKBURN is CSC’s global industry general manager, and MICHAEL DEITTRICK is CTO for consumer, retail, travel and transportation industries at CSC.


33

CYBERSECURITY

Hiding in Plain Sight by Nicholas Handy

If today’s advanced persistent threats (APTs) have not yet penetrated your systems and data, you can be certain they will. Criminals design these modern, sophisticated hacking processes to gain unauthorized, undetected access to public and private networks. Sponsored by nation-states, organized crime, terror organizations and hacktivists, APT developers are well funded and patient, continuously evolving their hacking tactics, tools and techniques until they successfully penetrate their targeted systems and data. To counter such threats, organizations need a multidisciplinary defense that delivers continuous intelligence and awareness, responds rapidly to disrupt APTs that already have penetrated their systems, and proactively anticipates and responds to these threats as they rapidly evolve. An APT’s goal is to hide within normal network traffic to gain access to highvalue information over an extended period. Once it gains a foothold, it can expand across an organization’s infrastructure and introduce further malware attacks. Successful attacks can cause embarrassing public breaches that tarnish an organization’s image, alienate customers because their personal information has been compromised, result in the theft of valuable data and intellectual property, or shut down global networks and supply chains. Notable APT-caused breaches in 2015 include those announced by health insurance provider Anthem and the U.S. Office of Personnel Management. The costs resulting from successful APT breaches continue to grow. According to the Ponemon Institute’s 2015 Cost of Data Breach Study, which surveyed 350 companies in 11 countries, the average total cost of a data breach today is $3.79 million — up 23 percent in the past 2 years.

34


With highly sophisticated APTs entering systems and networks, the focus on cybersecurity has changed from solely protecting equipment, people and data. Today, organizations must broaden their approach to security and must counter APTs on a global scale to protect both traditional and cloud-based environments.

Organizations should perform internal and external vulnerability assessments, and perform analyses ranging from nonintrusive compliance scans to full-scale penetration tests. These assessments should also identify areas where organizations fall short of emerging regulatory compliance.

From perimeter defense to actionable intelligence The cloud, social media, smart devices and other technology innovations give new opportunities to collaborate with customers and partners, expand into new markets and reduce costs. They also give today’s determined, well-funded adversaries new avenues for success.

Once all the vulnerabilities are understood, organizations can develop comprehensive incident response plans, implement and test those plans, and prepare to respond to APTs with welltrained responders, investigators and forensic-data collectors.

In the past, it was possible to protect against these adversaries by locking down networks with perimeter defenses and signature-based tools, such as antivirus, firewall and intrusion prevention systems. These still remain necessary to protect data from a variety of threats, but they are no match for today’s APTs — because APTs constantly morph to identify and exploit vulnerabilities. Skilled adversaries diligently work to develop techniques specifically designed to penetrate an individual organization. For instance, an APT might identify a “zero-day” vulnerability — an unaddressed and previously unknown vulnerability. The APT would attempt to trick an employee into clicking on an infected Web link in a spear-phishing email that would introduce malware onto that employee’s computer. Since the malware is designed to exploit a specific zero-day flaw of the application, it could successfully evade antivirus detection and other traditional perimeter defenses. The APT adversary would then gain remote access to the network via the employee’s computer and spread across the enterprise to access servers containing highly sensitive data. Organizations need 24x7 monitoring and analysis platforms that use analytical techniques, such as heuristics and behaviors, and internal and external sensors to detect the most nuanced anomalies. Successfully defending against APTs also requires that organizations develop a comprehensive detect-analyzeadapt-respond life cycle based on their unique risk profiles. This type of monitoring and analysis extends dynamic protection across an environment where traditional antivirus software typically does not inspect for advanced threats. By attaining real-time visibility into all adversarial activity across every endpoint, organizations can dramatically shorten the time between an APT compromise and its detection. Proactive defense To respond rapidly and aggressively also requires preparation. Having and executing a plan can make the difference between weathering an APT or watching it destroy consumer confidence, brand and share price, or negatively affect compliance with contracts, laws and regulations.

As organizations produce actionable intelligence and respond to incidents, they also need to collect this information so they can understand the nature, motives and patterns of their adversaries. Who are they and what do they want? What organizational assets are they after? APTs can be tracked by their behavior, methods and tactics. Some leave signatures. Some have well-established profiles that can be mined for information. As organizations gain knowledge about each APT’s operating style, they will improve their ability to predict, anticipate and disrupt future attacks. Besides monitoring for APTs, organizations also need access to global threat intelligence. Security specialists create actionable intelligence by collecting, correlating, categorizing and attributing information from various sources. This type of intelligence helps organizations more easily spot and correlate anomalies, and gain visibility into breaking events that may have an impact on their industry, brand, infrastructure, users and customers. By understanding the motives of evolving adversaries, organizations also can better anticipate their actions and prevent them from causing damage. Conducting business with confidence Cybersecurity has changed from being a mere compliance matter or the “cost of doing business.” It has become a primary business challenge that industries and governments must address. To properly counter APTs, organizations need a nextgeneration approach that continually integrates threat intelligence-based security services to track threat actors and threat groups, and determines their tactics, techniques and procedures so the business can properly secure its infrastructure and sensitive data. When organizations incorporate an effective counter-APT approach into their cybersecurity program, they’ll be able to conduct business with confidence and assurance that their brand, shareholders and business are resistant to today’s rapidly evolving APTs. NICHOLAS HANDY is global product manager for cybersecurity at CSC.


35

CLOUD

DevOps DISRUPTION

Simulation shows how a DevOps strategy can lead to competitive advantage. Why invest in DevOps? Can a DevOps transformation lead to competitive advantage — or even market disruption? We sought to answer those questions by simulating DevOps transformation scenarios and comparing them to known business innovation patterns. Our key finding was that DevOps transformation can not only lead to competitive advantage, but under the right conditions, it can also create market disruption. In other words, when we can convert our systems of innovation into systems of disruption, the value of DevOps may be far greater than we previously thought. Simulation modeling is the basis of our latest report on DevOps. We have also published this model as an interactive Web application (csc.com/devopsmodel) for companies that would like to run their own simulations. We simulated two business models under the same conditions — an experimental model and a control model. The simulator allows us to plug in different values for factors such as innovation, efficiency in execution, and number of potential consumers.

THE

Long-term advantage in market competition Efficiency in execution is based on the time it takes to get through a production cycle and how much is learned in each cycle. The shorter the cycle times, the faster that learning occurs. Flickr’s DevOps transformation led to a 10x decrease in development cycle time. Following that example, we assume that DevOps transformation in the experimental model reduces the production cycle of a working prototype from 30 days to 3 days. The IT development benefit from DevOps is shorter development cycle times; the operations benefit is greater productivity at larger scales. We model this in our simulation. The simulation predicts a slightly higher ROI at most levels of investment, and a stable, long-term competitive advantage. Suppose we introduce a more innovative product into our simulation. Although the same change applies to both business models, the shift to a more innovative market disproportionately benefits the experimental model, increasing its ability to learn and produce new features. This makes a big difference in markets more sensitive to new features. In fact, the simulations tell us that, under these conditions, a successful DevOps transformation introduces disruption — a new competitive environment where the control model cannot survive.

by Jerry Overton and Gene Kim

Creating systems of disruption A successful DevOps transformation is expected to provide a competitive advantage. However, when it is aligned with a strategy of market innovation, we find that the result is potential market disruption. A strategy of innovation changes buyer behavior, and customers place a premium on new features. Under those conditions, companies capable of learning fast and releasing new features quickly can dominate their market. A DevOps transformation allows an enterprise to produce features faster as the enterprise scales. When competing on innovation, new features strongly affect customer adoption. This increases the enterprise’s ability to scale and creates a virtuous cycle where the winners win more. JERRY OVERTON is a data scientist and distinguished engineer with CSC’s ResearchNetwork. GENE KIM is co-author of The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win and the upcoming DevOps Cookbook. For more details and references, go to csc.com/devopsdisruption.

36


FROM THE

DevOps FRONT LINES

LESSONS LEARNED

CSC is using DevOps to implement innovative solutions for clients in an agile hybrid cloud environment, improving integration and collaboration among development, operations and business teams. In a recent CSC Town Hall, experts discussed how DevOps accelerates the application development, testing and release process. Colin Eby, a solution architect at CSC, says DevOps erases boundaries between application development and the business. “The core principle is the shared ownership of product objectives and outcomes. Eliminating hand-offs between teams reduces the need for queues and schedulers, and improves product quality and outcomes,” Eby says. For example, CSC’s development team reduced its cycle time — from starting a new software feature through deployment — from 50 days to 6 days. Instead of deploying one release a year, the team could therefore deploy 42 times. “We expect even more improvements,” adds Paula Thrasher, an application delivery lead for CSC. Agile development delivers small units of value more frequently with CSC Agility Platform™, a hybrid cloud management solution that enables software managers to continuously deliver and test code, and move it into production. This allows the other teams involved to monitor an application to ensure it meets business and customer requirements. Process automation helped CSC reduce time spent on rework from 12 hours to 15 minutes per cycle. Ben Anderson, installation services lead at CSC, says DevOps is guiding the implementation of Lorenzo, CSC’s next-gen electronic patient record system, for a UK-based client. “DevOps eliminates what was once a two-stage process between development and packaging,” Anderson says. “It offers a fully automated, continuous integration tool chain with built-in governance. That eliminates most manual hand-offs like code check-in, compilation and authority to promote. DevOps also allows us to shift our focus from the tactical to the strategic. This lets us focus on the application of best practices in our development.” Damon Edwards, co-founder of DTO Solutions, points out a number of reasons why DevOps is gaining popularity. “Companies recognize now that IT is the heart of the business, it’s the factory floor. And they understand how the performance of that affects the bottom line,” Edwards says. “Likewise, IT now sees and understands that same valuechain approach. Historically, it has optimized for specific areas. But now IT realizes it needs to step back and optimize the whole end-to-end life cycle.” Darryl Cauldwell, a senior platform engineer at CSC, says tools like CSC’s BizCloudTM HC (hyper-converged) and VMware’s Integrated Open Stack (VIO) environment are key elements to making DevOps possible. “Providing software-defined networks, storage and applications over a cloud infrastructure helps developers get going quickly,” Cauldwell says. “These technologies allow developers and architects to bring together pieces of automation to define application blueprints. This offloads a great deal of complexity and allows the developer to focus on the application itself.” Better still, DevOps principles apply to any platform or technical environment, notes CSC’s Thrasher. “Our project currently has 28 agile teams, including five mainframe teams, who are also looking at DevOps processes,” she says. “It’s not just for the shiny new stuff or your mobile app.” DALE COYNER is a writer with CSC’s digital marketing team.

by Dale Coyner NOVEMBER 2015 | CSC WORLD

37

INFRASTRUCTURE

Modern IT Architecture in One Word: Shared

by Bob Donnelly

Social, mobile, analytics and cloud drive today’s business. by Bob Donnelly Social involves shared consciousness. Mobile involves shared services provided to individual devices. Analytics are run on data shared from multiple sources. And cloud deals with the sharing of resources, such as compute, storage, platform, software and so forth. The common theme, of course, is sharing — and this shift toward sharing is causing IT architects to look at systems in new ways. 38


We’ve already touched on several different meanings of sharing. People voluntarily share things online. Some companies actively mine data based on information consciously shared or via actions such as buying something, typing something into a search engine, or visiting a website. While analytics are based on data “shared” or gathered from multiple sources, this does not necessarily involve a shared component in the architecture.

requirements. If there is any “distance” (network latency or limited bandwidth) between data users, a local copy may be needed, but systems on a fast, local network can share this one store. The net result is a migration from independent, vertical stacks, each acting as its own system, to shared, horizontal services that enable each “system” to concentrate on its independent function. The concept of “system” begins to morph.

Shared source code, or binaries, is another context. Architecture is influenced by the tools available to implement it. Many projects use trade studies to consider the appropriate tools, and reusing existing tools that fit saves time versus creating something new. Shared can mean open source, inner source (shared source among a closed community), closed source development libraries, or licensed commercial software.

Yes, there is work to enable this: agreeing on a common data model; defining an API that meets the combined access needs; designing the data services to meet the combined performance needs. Potential gains include reduction in hardware (since one shared data store replaces many) and enhanced capabilities from having the aggregate data (versus a subset) to work from.

While this context of sharing influences architecture, the resulting architecture stack may not have any external dependencies. You may run a database used by many others, but it can be a separate instance run on your hardware. You may utilize user interface libraries used by many others, but they are compiled into your executable code. So, how do we define a truly shared architecture? It’s one where one or more layers of the architecture are shared with others during runtime. Certainly, Anything as a Service (XaaS) involves using shared resources for certain layers of the architecture. Hardware and virtualization layers are provided in Infrastructure as a Service (IaaS). Platform as a Service (PaaS) and Software as a Service (SaaS) provide application hosting or applications themselves. Boundaries between the shared resource and the customer-specific application are well defined and may be formalized in an SLA. As a system/software architect dealing with system-of-systemslevel integration, I see sharing that does not have as clean a boundary or interface. Instead of a well-defined hosting environment, services are truly shared among multiple stakeholders. The next step Recently, there has been a marked change in approach as we transition from services moving data between systems to systems truly sharing the same data services. Let me explain. Previously, in a layered architecture, a single supplier would provide every layer in the entire stack. Systems may have run a common service that moved data, but these focused on exchanges between systems. Once data hit a particular system, it would be independently stored, manipulated and viewed.

Sharing is not always easy Getting varied, interested parties to agree on the form of these shared services requires combining technical skill with organizational and leadership skills. Aligning product release schedules is a challenge, as is handling legacy integration and interoperability. In short, success depends on agreeing to shared requirements, shared schedules and shared technical solutions. The system of systems transitions into a system of services. Services replace systems as the primary component. A given function becomes an application running on top of these services versus a system with its own vertical stack. Companies such as CSC morph from system integrators to service integrators. We’ve looked at various meanings of sharing: an XaaS model with a defined boundary involving payment for services; shared contribution to a data stream; shared source through both open and inner sourcing; shared requirements implemented in common services used by multiple users to implement various functions. A modern architecture has some combination of these features. “Modern” is possibly best defined by what it is not — namely, a full stack, or “system,” owned by one provider. IT architects need to figure out how to create shared ingredients that can be combined to meet different technical requirements. These become the basis of a microservice architecture. Over time, single ingredients may be swapped to insert new technology and improve performance. This may be harder than creating a single product, but it enables the provider to keep fewer solutions on its shelf, meet customer needs quickly, and reduce costs across product life cycles. BOB DONNELLY is a distinguished engineer at CSC.

Recently, there has emerged a concept of storing data once for all “systems” to access. A common data store is now fast enough so that data can be created, read, updated and deleted (CRUD) by multiple systems at once and still meet performance


39

APPLICATIONS

ENTERPRISE IT

Gets Lean Manufacturing concepts targeting waste and complexity are being adopted by enterprise IT.

by Neil Gatenby and Albert Verhoeven

In today’s enterprise, IT systems have become a primary source of either growth or decline. That’s been a blessing and a curse. Technology-driven change is creating opportunity, but it’s also creating competitors, complexity, exponential data growth and the need to invest in more IT. Companies that seek more effective ways to manage IT systems are exploring the principles of Lean, a concept developed years ago by automobile manufacturers to respond to market changes and customer behaviors. Today, the same types of changes are affecting IT and the business. And, just as automakers did, IT managers can adopt Lean principles to answer the rapidly changing needs of the business. Lean defined and applied The Lean approach is about delivering maximum value to customers by reducing waste in business processes. It eliminates anything a customer would not be prepared to pay for, such as defects, downtime, slow application response times or even underutilized hardware. Lean calls out systems that don’t deliver value. IT systems are primarily built to help organizations execute business processes. Do the systems make it easier or harder for employees to do their jobs? A reliable indicator for determining system value is whether people find ways to work around it. The rise of “shadow IT” — processes and systems commissioned by business units without direction or management from the IT organization — is an indication that systems don’t meet the needs of the business. Lean embraces efficient development methods. Emerging methodologies such as DevOps involve the business and users throughout the development process. Instead of waiting to deliver a finished application, components of a solution

LEAN IT 40


are continuously rolled out for testing and user acceptance, resulting in fewer steps, fewer bottlenecks, lower cost, a reduced risk of user rejection and faster time to value. The ability to respond rapidly to requirement changes with an approach such as DevOps is vital when other parts of the organization are undergoing their own Lean initiatives. Lean encourages new technologies to tame complexity. Backoffice technologies such as cloud infrastructure can contribute a great deal toward making an IT system more efficient. The use of a cloud architecture for development is far more cost-effective than standing up new servers, purchasing software licenses and commissioning more data center space. Development tools that are cloud enabled encourage collaborative development and automated testing, as well as version control and release management. Front-end technologies such as mobility and social media offer users more control, fast access to data, frequent updates and a more engaging experience, all of which add up to more value for the user. Lean concepts in IT Lean concepts can be applied throughout today’s IT organization to dramatically improve business outcomes. In fact, many IT shops already embrace Lean principles, but by different names. For example, value stream mapping is a common starting point in Lean. The method analyzes a current state and designs a future state for the series of events and processes that take a product or service from its beginning through to the customer — focusing on activities a customer would be prepared to pay for, and eliminating waste. Similarly, business process management (BPM) is a methodology that allows organizations to define, model and execute activities in clear and efficient processes. In many organizations a disconnect exists between business operations and IT. BPM is the place where these two worlds collide. It involves elements of people, process, tools and data. BPM can be described as the tools that help people execute business processes to achieve business goals and objectives. DevOps is the practice of operations and development teams participating together in the entire service life cycle, from design through the development process to production support. There are a lot of opinions on what DevOps is and isn’t. However, it has some common themes, tools and ideas that have many parallels with Lean. Quick changeovers between development and test cycles resonate with Lean’s idea about the “single-minute exchange of dies,” a reference to quick changes in manufacturing equipment. Lean also espouses the concept of doing the right activities at the right time to minimize wait times and (in the case of manufacturing) reduce unnecessary inventories, a concept called “just-in-time.” Similarly, DevOps seeks to reduce delays and bottlenecks that lead to stacks of code queuing up for review, in a kind of just-in-time development.

A significant Lean concept is the idea that demand pulls tasks through a system, replacing what has been consumed, rather than building inventory to meet predicted needs. This is a role being filled increasingly by the service-enabled enterprise (or SEE, also called as-a-service). It provides an organization with any type of IT resource — network, computing, big data, storage — on a consumption basis, rather than requiring that massive infrastructure be built to meet potential peak resource demands. This gives customers a real choice about what IT services they need, and how much they need to use. Automation is king in the Lean system, performing tasks via a machine rather than a person, with a heavy focus on repeatability and efficiency. Likewise, in IT, integration services provide the automated glue between systems. Most business processes are supported by multiple systems. In many cases, people copy and paste data from one system to another. Integration services create ecosystems that allow people to do what they need to do without being constrained by systems, and vice versa. Following the Lean path The kind of transformation that takes place under Lean principles can’t be considered a minor change because it completely alters the operating model of an organization. It affects every facet of an organization’s construct: people, process and tools. The journey to a truly Lean, as-a-service enterprise starts with a cultural change that must be led from the top. The benefits of such a change are profound. The transformation of the automotive industry and many other manufacturers has proven that continuously optimizing systems that create value for customers also creates value for the organization. Lean has changed the way consumers and manufacturers interact. The same thing is happening in IT. Advances in technology have changed what users value and expect from IT systems; Lean offers many of the principles we need to meet these expectations. Shortening delivery cycles, driving efficiencies in the supply chain, giving customers choices — these are just some of the benefits of this transformation. NEIL GATENBY is business process and tools manager at Thales Australia. ALBERT VERHOEVEN is digital transformation director at CSC.


41

RESEARCH Like roads, telephones and electricity were to the 20th century, an ever-more capable digital ecosystem is becoming the underlying business infrastructure of our time. Whereas in the past each major industry sector relied on its own vertical stack of systems and processes, firms must now leverage powerful “horizontal” capabilities — computing, messaging, GPS, maps, payment systems, social reputations and more — that are used across all industries. These new capabilities are radically transforming many aspects of business and society, and will only grow stronger over time. At CSC’s Leading Edge Forum, we refer to this emerging set of digital services as “the matrix.” While we could have easily used existing terms such as the Internet, the Web or the cloud, we believe that the metaphor of a matrix best captures both the friction and synergies between these traditional vertical and emerging horizontal worlds.

MATRIX THE

IS HERE by David Moschella

42


Clearly, the term is also a direct reference to the 1999 science fiction movie The Matrix. As in the film, our metaphorical matrix is a world where computers talk directly to one another, often with little human involvement. While the cloud suggests something “out there,” like it or not, we are all part of the matrix — a place where 3D goggles can immerse us in digital worlds, and where our virtual identities increasingly have a life of their own. Of course, the creators of the movie imagined a deeply dystopian future, where humans are used merely to provide energy to the machines that are really in charge. But despite the recent warnings regarding the rise of machine intelligence and the risk of human obsolescence — warnings from innovators no less than Stephen Hawking, Bill Gates, Steve Wozniak and Elon Musk, as well as creators of more recent movies such as Her and Ex Machina — as of now, digital innovations have been overwhelmingly positive in nature.

You don’t have to take the red pill to understand the digital economic ecosystem.

From vertical stacks to horizontal services In the past, most company business models were based on their own functional and process stacks. For example, major banks would have their own branches, data centers, credit cards, cash machines, call center systems, loan approval processes, investment advisors and so on. But increasingly the most interesting new businesses come from leveraging “horizontal” digital capabilities. Consider the way the ride-sharing app Uber takes advantage of public infrastructure — smartphones, cloud computing, GPS, mapping software and Internet payment mechanisms — to increasingly dominate the taxi industry. These and other public infrastructure capabilities will continue to emerge, even though you didn’t ask for them. They are not there waiting to be sourced as alternatives to in-house provision. They are primarily there as components that enable your firm to develop new products, services and business models, and they cost you nothing until they are used. Even more powerful components are on the way. These include smart sensors, the Internet of Things (IoT), and machine-to-machine (M2M) communications, often combined with algorithms, artificial intelligence and vast knowledge bases such as Google and IBM’s Watson. It is this emerging layer of awareness, intelligence and virtual operations that will make the matrix metaphor even more apt, while also triggering many future market disruptions. The role of digital leaders With new capabilities appearing virtually every day, ignoring the matrix is not an option. Today’s leaders need to embrace the fact that the matrix is a powerful, unruly force they cannot control and whose movements cannot be predicted. The required management posture is more akin

to journalism, wargaming and storytelling than traditional business planning and strategy development, which presumes more control than the matrix allows. Executives should ask the big, simple questions: What is the future situation likely to be if we do nothing? Who are the new disruptors, and where will they seek to enter our markets? What are the major scenarios that might become reality? What are the emerging capabilities in the matrix that should most interest or concern us? What sort of experimental experiences, learning and talent development do we need? Most of all, management needs to develop an intuitive feel for the matrix. This can only be done by getting out of the office and engaging with key matrix players. Executives should be spending more time networking in digital circles and seeking to understand their industry as Silicon Valley would see it. They should also be trying to hire digital leaders who have lived in and absorbed the matrix culture. The 1920s and 1930s were also a time of great technological change — electrification and refrigeration, telephones and radio, automobiles and air travel, and, of course, movies. Information technology has not yet matched the transformative societal impact of that great wave of scientific progress — but we are still early in the game. The ability of the matrix to support advances such as robotics, 3D printing, human/machine integration, autonomous vehicles, biotechnology, machine intelligence and all manner of virtual worlds suggests that change on an even greater economic and social scale is likely. For better or worse, the matrix is here. DAVID MOSCHELLA is research director at the Leading Edge Forum. Learn more about the Leading Edge Forum at lef.csc.com.

The matrix is the economic infrastructure of our time.

Next-generation disruptors?

Cars

Health

Manufacturing

Media

Energy

Education

Banking

Selfdriving

Quantified self

Robots/ MI

Immersive/ 3D

Smart grid

Flipped classes

Cryptocurrency

MOOCs

Kickstarter

Intelligence Today’s disruptors

Analytics, Google, Watson, sensors, IoT, AI, M2M

Uber

iHealth

3DP

Netflix

Nest

Social/crowd

Facebook, Twitter, user content, open source

www

Publishing, e-commerce, payment, encryption

Infrastructure

Computing, storage, bandwidth, mobility, GPS


43

LAST WORD

IT TRENDS TO WATCH IN 2016

by Dan Hushon

Five IT trends will help usher in the next generation of global productivity. Enterprises that develop strategies around these trends will have an opportunity to gain a competitive edge. Value of contextual data escalates Building on the growth of digital platforms and the volume of data supplied by “Internet of Things” (IoT) devices, contextual data will be a prevailing force in 2016. In a novel, context describes the setting and the scene where characters act. In an enterprise, contextual data provides the same type of broader picture. Data points such as device, location, language, social network and influencers help enterprises develop better insights, personalize products or services, or even suggest specific actions. More context will allow enterprises to create a more integrated and valuable information experience for clients, employees, partners and citizens. Demand for cybercontrols grows As data becomes more contextually rich, it becomes more valuable to the firm — and to cybercriminals as well. The growing risk of attack will require next-generation techniques for network defense, identity access management, risk management and now information management. Public clouds will play a role in the integration of contextual data, so these will need to be included in security system architectures. Context-rich environments will force enterprises to give significant thought to acceptable risk levels and controls as they share a growing range of information. APIs enable business strategies Enterprises have discovered the power of APIs and will continue to build on them. APIs are the key to information access and exchange between systems, often acting as a wrapper around older systems. This enables organizations to combine data from legacy applications and new applications. APIs are more than a development tool; they create new channels for service integration, information coordination, ecosystems of information sharing and economies around information derivatives. The core of a digital strategy depends on democratizing information access, and APIs play a central role in that process.

The CIO’s role continues to evolve, focusing on an information-driven business The CIO’s role will include partnering with the business to drive information and technology value. This partnership is part of what’s called business relationship management (BRM), and it will help the enterprise gain access to the right information and technology to make better decisions and introduce competitive products, quickly and at scale. As owner of the organization’s information and technology, the CIO is uniquely positioned to lead the development of digital business innovations. Enterprise infrastructure players consolidate to provide agility Another trend is the ongoing convergence and consolidation of enterprise infrastructure players. This consolidation answers the market’s demand for more standardized, agile and complete solutions out of the box. Converged infrastructure is moving toward public cloud styles, which extend purchasing and operating leverage, enable agility and improve self-service for IT. Look for greater specialization of these platforms in future products and services to create IT leverage at the pace of business. Finally, if there’s anything that’s certain about the future, it’s that some new innovative technology or application will surface in 2016 that will change our thinking. This continuing change and renewal is what makes IT such an exciting field to be a part of today, and I can’t wait to see what else 2016 will bring. DAN HUSHON is chief technology officer at CSC. Thanks to CSC’s Leading Edge Forum, ResearchNetwork and CTO Office for input. CSC’s Leading Edge Forum is a sponsor of the Business Relationship Management Institute, the premier organization dedicated to serving the global BRM community.

Learn more at csc.com/lef-brm.

44


DISEASE TO DATA:

FOR THOSE

WHO SOLVE

HEALTH CHALLENGES

Sixty-four percent of CIOs in the healthcare and life sciences sector call modernizing legacy applications a high or critical priority, and it’s no surprise that they feel that way. Shifting consumer expectations and changes in regulations, as well as global pressure to deliver better care for individuals and better health for populations, have the entire industry in need of innovation that can be implemented quickly. CSC can help you increase flexibility, responsiveness and reliability, while lowering per-capita costs with Agile IT as a Service. Innovation is never a roadblock For Those Who Solve. Learn more at csc.com/solve.


45

Regional CSC Headquarters

csc.com/cscworld

The Americas 3170 Fairview Park Drive Falls Church, Virginia 22042 United States +1.703.876.1000 Asia, Middle East, Africa Level 9, UE BizHub East 6 Changi Business Park Avenue 1 Singapore 468017 Republic of Singapore +65.6809.9000 Australia 26 Talavera Road Macquarie Park, NSW 2113 Australia +61(2)9034.3000 Central and Eastern Europe Abraham-Lincoln-Park 1 65189 Wiesbaden Germany +49.611.1420 Nordic and Baltic Region Retortvej 8 DK-2500 Valby Denmark +45.36.14.4000 South and West Europe Immeuble Balzac 10 place des Vosges 92072 Paris la Défense Cedex France +33.1.55.707070 UK, Ireland and Netherlands Floor 4 One Pancras Square London N1C 4AG United Kingdom +44.020.3696.3000

About CSC CSC is a global leader in next-generation IT services and solutions. The company’s mission is to enable superior returns on our clients’ technology investments through best-in-class industry solutions, domain expertise and global scale. For more information, visit us at csc.com.

© 2015 Computer Sciences Corporation. All rights reserved.