Trends Aug2007

Embed Doc
Copy Link
Readcast
Collections

CommentGo Back

Download

Introduction

Each year The Standish Group determines the Top 10 trends/ issues for CIOs. We start with calls to CIOs and IT executivesto compile a list of possible subjects. We then execute ourmonthly Demand Assessment Requirements Tracking Studies(DARTS). We review the DARTS results and further considerour list. We make some more calls and then we brainstorm.Finally, as we do with all Standish research, we then formour educated opinion. The end result is this report, Trends inIT 2007/2008.The research unveiled in this report is based on our DARTSsurveys and other research instruments. All DARTS par

ticipants must satisfy a qualification process and join ourStandish User Research Forum (SURF). All data and informa

tion in this report should be considered Standish opinion,and the reader bears all risk in the use of this opinion.The first trend IT organizations and CIOs are facing issecurity – protecting the corporation against danger or loss.Trend two is readiness – ensuring that the corporate computingassets are available, and preparations are in place in caseof disaster. Trend three is investment – making use of the ITbudget in ways that are most beneficial to the business.The fourth trend is compliance – meeting government orindustry-mandated regulations, whether they are verticalor horizontal initiatives. Trend five is project managementleadership – guarding against CHAOS. Trend six is servicedelivery – finding the best ways to deliver services to thecustomer, which may mean augmenting in-house staff withoutside resources.Trend seven is optimization (the Holy Grail of IT) - ensuringthat the whole organization functions at its highest level of service and productivity. Trend eight is standard infrastructure– driving faster delivery of services through standard com

ponents. This leads right into trend nine, service-orientedarchitecture (SOA) -- loosely coupling software componentsto avoid dependencies on underlying technology platforms.Trend 10 is green computing – reaching a higher level of social consciousness and responsibility to the environment.

The Trends in IT 2007/2008 report is based on theDARTS (Demand Assessment Requirements TrackingStudies) and other research instruments. All DARTSparticipants must satisfy a qualication process and join our Standish User Research Forum (SURF). Alldata and information in this report should beconsidered Standish opinion and the reader bears allrisk in the use of this opinion.

Trends in IT 2007/2008

Trend 1: Security Trend 2: ReadinessTrend 3: Investment Trend 4: ComplianceTrend 5: Project Management LeadershipTrend 6: Service Delivery Trend 7: OptimizationTrend 8: Standard InfrastructureTrend 9: Service Oriented Architecture (SOA)Trend 10: Green Computing

A U G U S T 2 0 0 7

A trend is a general direction or movement tonew technologies, standards methodologies, processes, and/or performance. Trends result from one or more drivers. A “driver,” the way Standish defines it, could be a government mandate, market-driven events, business fads, anew discovery, or vendor-led initiatives.

“There is no security on this earth, there is only opportunity.” ~ General Douglas MacArthur

IT assets are critical to business success and they must be secured.Assets can be physical, such as servers, PCs, and storage subsys

tems, or intellectual property, such as customer information, pat

ents, formulations, etc. Intellectual property is, of course, muchmore essential than the physical assets.One of the major security drivers is the need to maintain criti

cal information electronically, often in multiple physical locations.Another driver is the need to secure information that commonlymoves across networks via e-mail, backups, transactions, and otherinteractions, thus complicating security. In implementing a securitypolicy, organizations must rst prioritize the assets’ required secu

rity level. They must also determine the current risk exposure forhigh-priority assets. Then, solutions and processes that reduce therisk should be implemented. The process can be very complex asorganizations commonly deploy hundreds of assets.About one-third of companies this year plan to increase their invest

ment in security-related services and technologies. The StandishGroup’s latest research shows the biggest area of spending is onskills, where 59% will spend heavily to moderately. Services comein at a close second (58%). Fifty-six percent of companies plan tospend heavily to moderately on security-related software, and 43%plan to invest similarly in hardware.The latest gures on skills spending make sense when we takeinto account our further ndings showing that most securityservices are performed by internal personnel (81%). These g

ures additionally coincide with an industry-wide trend towardskills improvement across several technology areas.Despite the focus on internal staff with respect to security, theoutsourcing trend has also affected the security environmentLast year’s research results found that 57% of companies out

sourced at least some of their security activity (an average 7% of security activity). This year that number has increased to 68%, withthe average service usage per company at around 12% of securityactivity. For those companies that do outsource a portion of theirsecurity services, domestic offerings are favored at a ratio of 3:1over international services.

Trend 1: Security

cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.Although these two charts may seem contradictory,they are in actuality very supportive of each other.While 81% of security services are performed byinternal personal, more than 50% of the organiza

tions outsource some aspect of security. However,of the 75% of the rms that outsource some secu

rity services, more than 75% of that activity is doneinternally. This is in part due to internal corporateIT staffs handling most of the applications security,while a high degree of WAN management, intrusiondetection and rewall security is being outsourced,particularly by those organizations that have manyglobal locations.

T h eT r en d s i nI T 2 0 0 7 / 2 0 0 8

A U G U S T 2 0 0 7

Standish Denition

“Security” is the condition of being protected against dan

ger or loss. This means IT assets that are critical to businesssuccess, both physical and intellectual property, must besecured. In the general sense, security is a concept similar to safety. IT is generally responsible for preventing breach

es of computer security.

Percent of Security Services Performed By…Internal Personnel 81%External Service Provider 17%Software as a Service (SaaS) Provider 2%

Domestic

49% 21% 16% 12% 2%

International

84% 7% 6% 4% 0%

26% to50%Over50%NoneLess than10%10% to25%

Percent of Security Activity Being Outsourced

Domestic = within your country International = Outside your country

T h eT r en d s i nI T 2 0 0 7 / 2 0 0 8

A U G U S T 2 0 0 7

“Doubt is not a pleasant condition, but certainty is absurd.” ~ Voltaire

The most challenging transformation taking place during the lastfew years is the movement to uninterrupted business operations. Alarge part of the burden in making readiness possible falls on theshoulders of the IT organization. Today’s IT organizations are look

ing to be more fault-preventive and agile in their responses to prob

lems. Uninterrupted operations means that the organization mustalways be in a state of readiness in order to deal with a network,application, or infrastructure failure, or a natural or man-made di

saster. Most organizations have implemented some level of disasterrecovery and high availability for one or more critical applications.The current challenge is to act with an enterprise view.A readiness program is based on a comprehensive approach. Whenfully implemented, a readiness program covers systems, people,processes, applications, data, and interdependencies.Standish Group research tells us that most IT executives feel fairlycondent about their organization’s ability to maintain critical sys

tems for high availability and disaster recovery. Twenty percent of companies categorize themselves as “highly skilled” in this regard,with another 73% considering themselves as skilled to moderatelyskilled.Given this, it’s not surprising that 55% of IT executives surveyedrate internal operations as offering the highest level of applicationavailability. We do nd, however, that 26% of companies rate Soft

ware as a Service (SaaS) providers as offering ahigher level of readiness, and 13% give externalservice providers the crown.When it comes to disaster, the answers were notquite as certain. Over half of our respondentsindicted their IT organization is not ready tosomewhat ready to deal with incidents of disas

ter. Numbers are slightly better when it comes tospecics such as networks.In focus groups we often nd that for many busi

ness executives, disaster considerations onlybecome a priority once a catastrophe has oc

curred. And at that point, there is typically muchhead scratching and amazement at how they were not better pre

pared. Like life insurance, it’s something many would rather notthink about, hoping that death, or in this case information disaster,never occurs.

Trend 2: Readiness

cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.With all the money and effort going into disasterrecovery and business continuity planning, youwould think that our SURF members would ratethemselves highly, but only 7% said their IT or

ganization is extremely ready for a disaster, while56% said they are not ready to somewhat ready.Couple that with the 45% who think that someoneelse can provide greater availability. We saw themost dramatic increase in general disaster recoverynumbers in 2002/2003. These numbers are steadilyincreasing each year, but the increase is slowerthan expected as we move away from the impactof 9/11.

Standish Denition

“Readiness” programs are based on a comprehensive ap

proach to uninterrupted operations and “never having tonever say you’re sorry.” When fully implemented, the pro

gram covers systems, people, processes, applications, data,and interdependencies (such as vendors). It is enterprise-wide, including not only IT, but also business operations. A readiness program should cover natural disasters, man-made disasters, and run-of-the-mill mishaps and mischief.

Who Offers the Highest Availability?Internal Operations 55%Software as a Service (SaaS) Provider 26%External Service Provider 13%Other 5%Readiness in Case of Disaster

of 00

Category:	How-To Guides/Manuals
Rating:
Upload Date:	01/29/2009
Copyright:	Attribution Non-commercial
Tags:	testing Product Manuals testing Product Manuals (fewer)

Documents

People