IT Events Blog 2020-22
Privacy and Data Security is key to everythingelse!
IDC's Privacy & Data Security conference at IDA Conference in Copenhagen on February 4, 2020 gave good learning about GDPR and insight into where some of the larger companies in Denmark are on their implementation. GDPR is also an idea, which have since it became law in the EU about two years ago, have spread across the world.
Trust is a core issue
Research manager Ralf Helkenberg from IDC opened the conference by talking about "The Future of Trust: Adapting to the Privacy Imperative". Ralf told us, that within the past two years GDPR have become the template for global data privacy laws worldwide, and have already been implemented as law in countries on all continents. He also told us to expect more regulations in the areas of cybersecurity, artificial intelligence and block-chain within the EU.
Since the GDPR came into effect in 2018 it has resulted in 183 fines. The largest so far went to Google. But currently everyone is watching the Irish authorities, since Ireland is the legal home of most larges IT companies European operations. In Denmark there have been two fines. The latest a fine of 150,000 € to the Municipality of Hjørring in Jutland for overlooking, that a Dutch subcontractor in certain situations could allow Indian collaborator access to the municipalty's data. However, generally the implementation of GDPR is more mature in the Nordics than the rest of the EU.
The Panthastic Dangerous Cloud
CEO and founder Frederik Schouboe from Keepit followed with the talk "The cloud is panthastic - but also panthastic dangerous" in which made a good effort not to turn the whole thing into a sales. Nonetheless, the talk pointed to the many situations in which it would be nice to have a good oldfashioned backup of the stuff you store in the cloud, whether it is Google Cloud, Microsoft Azure or Amazon Cloud. For example, when a co-worked called to say, that he had accidentially deleted a large part of his mail archieve or an important spreadsheet, which several people had worked on over the past two months. That is the situations, where you need Keepit: when you experience a data loss caused by human error. He showcased Danish Refugee Council with 15,000 volunteers and employees distributed around the globe at many destination. The NGO decided they needed the services, which Keepit provide to eliminate data loss due to human error. Naturally Keepti offered the NGO a discounted price. Keepit use blockchain technology to ensure, that what is being restored is exactly what was backed up. Since the backup is also cloud based, then restore just require you to find the missing folder or file in the cloud store and choose restore. Strangely some of Keepit's slides were labelled "Strictly Confidential".
POL-INTEL: A graphic search front to a collection of legacy systems
CISO Christian Wiese Svanberg from Danish Police explained data stored in a large number of legacy systems are being equipped with a modern integrated user interphase, which allow police investigators to search transparently across many legacy systems form a single new graphical interface and get a GPS based visual view of the information. Danish Police had decided, that replacing the legacy systems was not an option, and hence focused on improving accessibility. At Safepark we believe, that many other public entities in Denmark and other places around the world are faced with deciding what to do about access to legacy systems today. It is many years since we first heard about this approach to data in legacy systems from IBM, and we are certain IBM can help you on this journey. The Danish Police system is called POL-INTEL and is an analysis platform on top of legacy systems.
Slides should not use the same template
We were a bit bored by Anish Hindocha's presentation "10 Steps to GDPR" or "Transitioning GDPR from a Compliance Checklist to "Business as Usual", primarily because the 10 steps were communicated using a series of slide using the exact same template. The reason we often get inspired by the IDC presentations, is that they don't fall in that trap. However, OneTrust also pointed to GDPR workshop you can sign up for at PrivacyConnect.com. But why 10 steps, when on their website they only list 8 steps?
A family company with culture and tradition is a special challenge for GDPR implementation
Semler is company, which import most of the cars sold in Denmark. It is a family company with a culture and traditions. Their chief privacy officer Tom John Fischer Jensen talked about "Importance of ankering the responsibility and compliance in the business" by finding common elements between the silos, which make up the group, so IT became a motor for learning from other parts of the business for the benefit of all. Tom stated, that Semler have not here two years after GDPR coming into effect reached their goal.
Crowdsourced Security from Synack
Synack have a crowdsourced security platform, which there red teams used to attempt breakin in customer systems. Naturally, when you hire people for such work, then their background need to be checked as well as their skills. Rijk Vonk talked under the title "Can’t change the Cybersecurity Game? Change Its Structure", and we got insight into:
- How Synack used an elite army of global ethical hackers with infinite creativity and tools can help you overcome these challenges.
- How these vetted hackers could support you in your fight against hackers with malicious intentions.
- How to let them help you win the infinite game you are up against.
Synack can put a red team together in just 48 hours to test your systems.
GDPR i Danske Bank - status 2 år efter 25. maj 2018
Niels Enggaard Lindstrøm guided us through the implementation of GDPR at Danske Bank, and the result is shown on the picture to the right. This picture show all the steps from start of the GDPR program until today. Focus in the first steps was on privacy notices, and establishment of an organisation to ensure compliance after closing the GDPR project.
At the end Niels Lindstrøm also showed us what he eventually would like to end up with. So even Danske Bank after 3 years have not reached its goal.
Some legal advice at the end of the day
Lawyer Peter Lind Nielsen from Bech-Bruun rounded off the day with some tips on what to when The Danish Data Protection Agency showed up at your door. What you do depends on the opening letter from the Agency. If the Agency opening letter indicated that they suspect something illegal has happened with respect to your data, then you don't need to collaborate with them, and you can refuse to give them documents. However, the Agency could then turn to the courts to get the documents.
Peter Lind Nielsen also told us, that they did not think the fine of 150,000 € given to the Municipality of Hjørring for a very small omission in their disclosure about a subcontractor was reasonable. In that case no access had been provided to the subcontactor in India, and hence no personal data had been seen by the Indian subcontractor. Safepark look forward to hearing about the end of this case.
Good inspiration at IDC CxO Directions in Copenhagen
IDC's CxO Directions conference at IDA Conference in Copenhagen on January 22, 2020 included good inspiration from several practising CxO's in different companies as well as news from vendors like Nutanix, who basically deliver cloud services as a plug an play solution.
Frank Gens from IDC US opened the event by telling us, that the leaders are moving from being digital natives to digital first. Did you know, that a quarter of the 38,000 employees of Goldman Sachs are software engineers, and this makes Goldman Sachs a large technology company, which happens to deliver banking services. Also the CEO of Walmart envison deploying edge cloud computing nodes at their mega stores to deliver services to their customers within the next three years.
Stig Lundbech, the CIO of the year 2019, from Copenhagen Municipality, was the second speaker and talked about about the challenges of digital transformation in an organisation, where most services, i.e. child care in kinder gardens, teaching in schools and care of the elderly, is delivered face to face by hand-on employees, who have limited understanding of technology beyond their smartphone. He told us, that in order to be successful with the digital transformation it was necessary to make the local leaders of care institutions, schools and homes for the elderly more aware of the possibilities with a little IT technology. At the Copenhagen Municipality the digital transformation started in 2014 with focus of user satisfaction and culture in the IT-group. This two years later created room for providing IT-support for business functions of the municipality, which after further two years opened up for proposing solutions to the business function, and today opens up for partnering, education and centre of competence in the business functions.
This years IDC CxO Directions was hosted at IDA Conference, which is a modern conference facility on the sunny side of the Copenhagen Harbor, which attempt to make the conference experience more sustainable. For example have the traditional water bottles been replaced with a water cooler and small reusable glass carafes, which the attendees fill themself. Also the lunch buffet have been replaced with a 3 courses served at preassigned tables. With the many choices of a buffet many of us have a tendency to get to much on our plate in to avoid another trip to the buffet. That was completely eliminated. The pre-assignment of tables for lunch resulted in the small talk during lunch starting as soon as one reached the table. So a more sustainable lunch with less food waste, but also a more productive lunch with good conversations.
Peer Omann from Bunker Holding talked about starting a transformation over the part years from ground zero with a five time increase in IT-staff over those years, and clear expectations about further increase. Currently they have several open IT-positions. Thomas Åstin Jensen from Nutanix followed up by talking about the value of a true smart cloud strategy. Nutanix count among their customers some of the most security conscious institutions in the world, such as NSA, and have almost 50 Danish customers. They are the leader within hyperconverged infrastructure according to Gartner. At Nutanix you can even test drive the community version of their software or download and run it on your our hardware.
Arne Henningsen from Saxo Bank talked about the agile organisation being the new normal. At Saxo Bank you can read about their award winning trading platform SaxoTraderGO or SaxoTraderPRO. The home page itself is available in more than 20 regions including 11 countries in Europe. By using AI/ML Saxo Bank have increased conversion of sales leads from below 10% to above 50%. They have also digitized their onboarding process with a reduction from more than 5 days to less than an hour.
From a conversion of less than 10% using selection by sales reps to more than 50% using AI/ML to select leads.
Increased onboarding capaticy by digitizing the onboarding process and reducing it from a duration of more than 5 days to less than 1 hour per customer.
Tom Schröder from Serviceware talked about the power of transparency. Not certain the point of his presentation, which appeared somewhat academic, and removed from practice every got across to us. Neither from the presentation nor from reading on their homepage is it clear to us, what problem they are solving. Also vurdering why there is a "se" after serviceware in the URL.
Salling Group have replaced most of their systems
Alan Jensen from Salling Group talked about their transformation over the past years, which have left only two systems untouched: their locally developed Viking sales terminal system, and their employee payment system. Most everything-else revolve around SAP with thin customer interfaces, which are easily changed to create a new experience.
A key to success to such a transformation, which have also included co-development with SAP-US is top management commitment including the availabilty of the best people from the business side to make the IT projects successful.
As usual in any change project a key to success is top management commitment to the process and to solving problems a long the way.
Christ Weston from IDC UK rounded off the day by listing six predictions for the coming months: Innovation will remain vital, Clouds are becoming connected, We are all software companies, Everything wil be AI enabled, Trust on the Board, and Every enterprise a platform. The predictions are
- By 2022, 60% of European enterprises will integrate cloud management — across their public and private clouds — by deploying unified hybrid/multicloud management technologies, tools, and processes.
- By 2023, over 50% of all ICT spending will be directly for digital transformation and innovation (up from 31% in 2018)
- By mid-2023, 50% of the largest 500 European enterprises will name a chief trust officer, who orchestrates trust across functions including security, finance, HR, risk, sales, production, and legal.
- By 2023, 50% of the European G2000 - European companies of Forbes 2000 largest corporations globally - will have a digital developer ecosystem with thousands of developers; half of those enterprises will drive 20%+ of digital revenue through their digital ecosystem/platform.
- By 2025, 60% of enterprises will be prolific software producers, with code deployed daily (10% of European organisations do this now)
- By 2025, at least 80% of new enterprise apps will embed AI and over 50% of user interface interactions will use AI-enabled computer vision, speech, natural language processing (NLP), and AR/VR.
All in all this years IDC CxO provided must information directly from talented CIO's in large Danish companies, that we believe many other smaller companies could benefit from. You can read more about this edition of CxO Directions here.