As of February 12, my Research Central blog is moving to a new URL: http://blog.cioinsight.com/research_central/
Please click there for my latest entries.
A paper from the Federal Reserve Bank of Philadelphia says that micropayments -- using debit or credit cards and other electronic means for payments of less than $5 -- are reaching "critical mass" and will soon be routine.
Small payments of less than $5 have resisted the wave of electronification that has swept consumer payments in recent years. However, a number of innovations - both new technologies and new ways of doing business - have done much to make such electronic "micropayments" less expensive and more convenient. Now, having proven themselves in several online markets, micropayments are poised to make inroads at the physical point of sale. ... Despite challenges, innovative products and approaches from card networks and issuers and payments processors, as well as from some unexpected quarters such as transit companies and online media, have moved beyond the proof-of-concept phase.
"Micropayments: The Final Frontier for Electronic Consumer Payments" by James McGrath, Federal Reserve Bank of Philadelphia.
For more on micropayments, see Debra D'Agostino's article:
"In E-commerce, Small is the New Big."
Here's a rare note of optimism in the ever-gloomy world of IT security: A new study by Javelin Research finds that losses due to identity theft have dropped from 2005 to 2006 by 11.5 percent. Fewer Americans have been hit, too: down to 8.4 million American adults in 2006, from 8.9 million in 2005 and 10.1 million in 2003. There have been fewer fake account openings, too.
Still, with 2006 losses pegged at $49.3 billion, identity theft remains a massive problem. The worst hit, it seems, are young adults--college students and young twenty-somethings who haven't learned to use security software or shred documents.
This looks like a credible study: It's based on 5,000 telephone interviews. Yes, the study was co-sponsored by financial institutions--Wells Fargo, Visa, CheckFree--and data protection and screening by organizations like theirs is one of the reasons Javelin says losses are down. But the real reason isn't that financial security technology has become invincible, but that more people are learning to take basic precautions. Security breaches are as or more likely to be caused by bad habits than weak technology.
You know they’re coming--new data security regulations. It’s one of the five-year trends IT executives predict in our soon-to-be-released 2007 Future of IT Survey. But what are those new laws likely to be? Thomas J. Smedinghoff, one of the leading lights in the field of privacy and security law, is publishing an analysis in the January 2007 issue of the Privacy & Data Security Law Journal. He’s posted a version at his law firm’s Web site, and I recommend that every IT executive involved with legal issues and security look it over.
Smedinghoff sees three trends that will affect most companies:
- Continuing expansion of the duty to provide security: Recent developments support the notion that almost all businesses today have a legal obligation to provide security for their own information and communications. And satisfying that obligation is critical, especially in this highly charged environment where a failure to do so is likely to bring on significant public relations problems as well as legal risk.
- The emergence of … a definition of “reasonable security.” All of the major security-related statutes, regulations and government enforcement actions of the past few years show an amazing consistency in approach. When viewed as a group, they set forth a rather clearly defined standard for legal compliance--one that requires a risk-based, process-oriented approach to the development and maintenance of a comprehensive security program. Moreover, evidence suggests that even in cases not subject to such laws, this process-oriented approach is likely to be the standard against which legal compliance is measured.
- Imposition of a duty to warn. Finally, as a direct result of the highly publicized security breaches over the past two years, a legal corollary to the obligation to provide security has also received extensive legislative support. This is the duty to disclose security breaches to those who may be adversely affected by such breaches. That duty, which is focused primarily on personal information, is now law in a majority of states, may soon be federal law, and will likely soon become law in many other countries as well.
Smedinghoff bases these predictions on developments at the FTC, new state laws and recent court decisions, and a ton of experience: He’s a member of the U.S. Delegation to the United Nations Commission on International Trade Law, former chairman of the American Bar Association’s Section of Science and Technology Law, and chairman of the Illinois Commission on Electronic Commerce and Crime.
Seperately, Gartner’s Ken McGee predicts in the Winter 2007 MIT Sloan Management Review that during the next 10 years, new regulations aimed at protecting users will force IT vendors to improve software quality and security. “Calls for regulation will gather momentum as financial losses, injuries or deaths create public relations disasters. When major disruptions combine with episodes of widespread privacy invasions and total financial ruin of individuals, the march to IT regulation will be unstoppable.”
Open source isn't just common or even mainstream in business computing; it's becoming a dominant force. That's what I make of a new report from the Advanced Practices Council, the research arm of the Society for Information Management. The report, entitled “The Business of Open Source,” is now being shared with nonmembers. (The report’s two lead researchers are professor Richard Watson and associate professor Marie-Claude Boudreau of the University of Georgia; the other researchers are U. Georgia Ph.D. candidates Martina Greiner, Donald Wynn and Paul York.)
Madeline Weiss, the program director of the Advanced Practices Council (and head of Weiss Associates Inc. of Bethesda, Md.), sent me her own analysis of the results, an analysis well worth sharing here:
- The key messages are: open source cannot be ignored; professional open source is a viable business model; open source usage goes well beyond infrastructure software; some benefits cited by users are surprising (one would expect them to be cited as risks).
- In a survey of 124 active open-source software users, several factors that our researchers originally considered as risks of open source were viewed rather as benefits. For example:
- The viability of the supplier’s business model was considered by 52 percent of the respondents to be a benefit rather than a risk.
- 56 percent of the respondents perceived the availability of support to be better for open-source products.
- These may be explained by the fact that most of the respondents were already quite experienced with open source (i.e., most had over one year of experience with the selected product). When our researchers later interviewed some of these respondents, several mentioned that once the open-source product was introduced in the company, many initial risks and concerns disappeared.
- Other benefits of open source noted in the survey were ease of administration, simplicity of deployment, opportunity to have influence on the direction of the product, and quick troubleshooting and bug fixes.
- Gartner claims that “by 2010, IT organizations in Global 2000 companies will consider open-source products in 80 percent of their infrastructure-focused software investments and 25 percent of their business software investments.”
- These estimates are low, according to a survey conducted by our researchers for Cutter Benchmark Review, which shows that that among 148 organizations having adopted open-source products, the average open-source software composition targeted to applications was estimated to be 20.5 percent. Even more interestingly, about a third of these open-source applications are implemented in mission-critical production environments. These figures corroborate the assertions made by different thought leaders, such as [VA Software founder-AA] Dr. Larry Augustin... In Dr. Augustin’s keynote presentation at the 2005 Open Source Business Conference in San Francisco, he claimed that the next wave of open source would be applications, and that open-source applications were here to stay.
- Peter Kronowitt, a strategic planner for Intel, asserts “there is an open source application that is maturing in every software category that exists … Open source is poised to commoditize those segments. We’re already poised to commoditize those segments. We’re already seeing it.”
- The New York Times reported “…13 countries will urge nations to adopt open-information technology standards as a vital step to accelerate economic growth, efficiency and innovation.” This group includes China, India and Brazil--three of the most populous countries on earth.
- POS (professional open source) firms have found a competitive approach to addressing the development and marketing of software. Consequently, the POS business model has attracted considerable interest and, in the last year, venture capital has flowed into a number of these businesses. This means that enterprises will need to get used to dealing with POS and develop a strategy for integrating POS into their business setting. There are five key elements of a POS strategy:
- Determine benefits and risks of POS
- Determine total costs, including switching and ongoing costs
- Analyze internal and external support resources
- Assess the impact on the enterprise’s performance
- Assess the health of a POS product’s ecosystem (on vigor, organization and resilience)
- POS offers considerable prospects of reducing operational costs and potentially affecting competitive advantage.
For examples of how companies are using open source, see CIO Insight's recent profiles of online shoe retailer Zappos.com and sporting goods merchandizer Backcountry.com.
The
Washington Post is reporting that one in four tech startups in the past 10 years has a foreign-born founder. The source is a new study from Duke University and U.California-Berkeley of over 2,000 companies. The study is already a hot potato--organizations that favor or oppose expanding H-1B visas are already weighing in.
The consultants at Deloitte's Technology, Media & Telecommunications practice have sent along their 2007 predictions in advance of Deloitte's mid-January "Prediction Report." The telecommunications predictions strike me as more significant and original than the technology predictions, but I don't know whether their predictions are based on research. Here's what they say:
Telecommunications Predictions:
- Cells as Primary Phones. Demands for indoor call quality of cell phones increase as more and more users move to cell phones as their primary phones, impacting operators in terms of everything from infrastructure to tariffs.
- Free Telecom! Free telecom services, including the continuation of free mobile phones and free broadband, may well be seen in 2007, but with limits to hinder potentially negative implications. This strategy would help drive accelerated commoditization of broadband on a global basis.
- Plug in Without a PC. Broadband appliances that allow users to plug into the Internet for specific uses are expected to take off and bring the Internet to a greater audience. Appliance costs are significantly less than a PC, so it will help bridge the digital divide.
- Internet Capacity Woes. With the Internet reaching capacity, investment in laying new cable or lighting existing fiber may be needed -- but they may be stifled by continuing declines in wholesale capacity prices. Solutions will be found when Web surfers rebel after quality of service declines.
- The Next Killer App. Mobile TV may be the next killer application, taking video content off the phone and onto a device with a better screen.
- Reinvention of TV. IPTV is poised to launch as a reinvention of television, rather than a pale imitation of current services. Operators could position the service as an affordable way for all content providers to deliver niche media to a growing mass audience, without the commission costs of broadcast-network middlemen.
- Small Apps Deliver Revenues. Moneymaking applications are those with smallest files and narrowest bandwidth requirements, such as ring tones and text messaging. New, narrow-band applications will drive new revenues for operators.
- Net Neutrality Issues Persist. Net neutrality issues will impact the need for improved infrastructure. Legislation seems unlikely to resolve the two sides, so alternative solutions may be needed.
- Triple Play Options. Operators should evaluate their triple play options carefully to ensure that bundled services satisfy customers as well as shareholders. Portfolio expansion may be one of the best options for growth and churn management.
- Connectivity Chasm Deepens. The chasm between have and have nots, both in terms of voice and connectivity, will deepen. Solutions include simplified tax structures for phones and services as well as fractional ownership of PCs.
Technology Predictions:
- Social Networking Evolves. Social networks will continue to expand, creating a need for identification improvements and the ability to remove copyrighted material quickly, and making downloads as instantaneous as possible.
- Tech Goes Green. Portable power needs will explode with solutions including power-scavenging technologies that draw energy from around them -- from body heat, ambient light, vibrations or movement -- to provide supplementary battery charge.
- Biometrics on the Cusp. With security continuing to be a concern, the use of biometric data (iris, fingerprint and palm geometry) for access control is on the rise.
- Digital Storage Expansion Driven by Laws. Digital storage needs will be impacted by companies’ legal obligations to keep years and petabytes’ worth of data, with costs passed on to the user.
- Evolution of Evolution. Artificial exoskeletons can create enhanced versions of the human being. For example, artificial red blood cells, up to 200 times more efficient, could allow humans to hold their breath underwater for hours.
- Complexity Minimizes. The quality of design will increase to minimize product complexity. Intuitivity rules with increasing use of new technologies from artificial intelligence to accelerometers to help reduce product returns.
- The Last Days of Free. With SPAM and SPIT (SPAM over Internet Telephony) on the rise, companies may have to start charging for services that were formerly free, giving the tech sector a new opportunity for revenues.
Need further evidence that SOA is hot? The member version of The McKinsey Quarterly’s Web site has just posted a “Web exclusive" about two IT trends they foresee for 2007. The article states:
- Sixty-four percent of the respondents to an October 2006 survey [of 72 senior IT executives] told us they plan to implement service-oriented architectures in the coming year.
- 48 percent of the CIOs we surveyed in 2006 said that they plan to implement service-oriented architectures for integration with external trading partners in 2007.
I have no argument for either trend; our own research has turned up plenty of signs in recent years that SOA is being widely adopted. (What's new here is how many are using SOA to integrate their systems with their partners.) But the authors make a much less convincing case for their other trend: Companies are applying “lean-manufacturing principles” to their data centers. Just 28 percent of CIOs in their study say they are applying or plan to apply lean principles to their data center operations. The article, “What’s on CIO Agendas in 2007: A McKinsey Survey” by Janaki Akella, Kishore Kanakamedala and Roger P. Roberts, also do not define what they mean by applying lean manufacturing principles to data centers. They only list the reasons those consolidated data centers are so expensive to operate (labor, electricity and waste). Are "lean data centers" an emerging trend or just another label for the decades old pursuit of efficiency?
Between the Vendor Value Survey, the Top 30 Trends, and a trip to Beijing for the launch of CIO Insight China, there's not been much time to dig into the new research. And with the Christmas break approaching, I'm looking forward to catching up with an old friend--my pillow. But there are a few items I want to post.
Besides predicting trends, resolutions and priorities (our own list comes out next month), the end of the old year/beginning of the new year is also the time for IT spending predictions. Three organizations have come out with their own. Gartner, it's being reported, has revised its worldwide IT spending figures for 2007 downward to a 2.8 percent increase for companies over $1 billion in revenues. (Click here to hear Gartner's Jed Rubin discuss the findings of the company's Worldwide IT Spending Benchmark report.) Meanwhile, IDC is predicting a "modest" increase of 6.6 percent globally, and Forrester a 5 percent rise in new IT purchases globally, and a 6 percent increase in total IT spending. The articles and press releases I'm reading portray these numbers as a slower rate of growth than the previous year. Of course, the rate of growth varies depending on the vertical industry or region, and the category of spending. Gartner says spending will increase the most in media, health care, pharmaceuticals and chemicals, and will drop(!) 5.6 percent in consumer products. The U.S. growth rate is "solid" according to Forrester, but not as fast (says IDC) as Latin America, the Middle East, eastern Europe, China and India.
So what does it all mean? It tells me that even at a time when companies seek growth and are investing in new applications, IT executives are taking advantage of open source, competition, and alternatives (such as services) to keep costs down. The spending discipline learned earlier in the decade lives on.
As for our own predictions, stay tuned: Our annual report on IT spending comes out in February. (You can see last year's report
here.)
There’s one last data point from CIO Insight’s Customer Strategies Survey that I want to share:
One of our findings was that on average, only 43% of customer data that is collected by companies is actually analyzed and used to better understand customers. That’s a lot of data that’s left fallow. But the ability to use customer data is very unevenly distributed.
It turns out that 18 percent of companies are able to use over three quarters of the customer data they collect, while twice that number – 36 percent – use less than 25% of their customer data. That has to give that 18 percent a big leg up on customer service, sales and product development.
Dwight D. Eisenhower once famously
said, "Plans are nothing; planning is everything." It's much the same with top trend lists: The list is nothing. Listing is everything. Because only the process of thinking about lists and comparing it with your own experience translates a list into any sort of useful action. So be sure to read "
Experts Weigh In on 2007 IT Trends" to see how experts like Jerry Luftman, Howard Rubin, John Parkinson and Chuck Martin reacted to our report on the
30 Most Important Trends in IT, and what they think should have been on our list. And let us know what you think, whether you agree or disagree.
If holiday decorations can go up in November, why not our end-of-year look at next year's
top 30 trends in IT strategy, management, security/risk and technology? Click here to see our predictions, and come back to the blog to jot down your comments.
What software and systems are walking around with a big fat target on their backs? The SANS Institute, one of the top security watchdog groups sleuthing around, has just published its annual Top 20 Internet Security Attack Targets list. Five of the targets are Microsoft software: Internet Explorer, Microsoft Office, and three weaknesses in Windows. But SANS also lists Apple's Mac OS X and eight kinds of cross-platform applications. SANS is good enough to not just describe the risks but suggest ways to ameliorate them.
UPDATE: For more details on the SANS report and what it means for Microsoft and Microsoft customers, see Dan Briody's article, Microsoft's Security Problems Multiply.
A study of online education in the United States shows online learning is growing at an incredible rate. The 2006 Sloan Survey of Online Learning finds 3.2 million students are taking at least one college course online, up from 2.3 million in 2005. That's more than one American in 100.
But here's the kicker: Not only does online learning reach people who otherwise would be unable to take these courses, but the quality of education is good. Sixty-two percent of chief academic officers say "the learning outcomes in online education are now as good or as superior to face-to-face instruction, and 57 percent say it is critical to their institution’s long-term strategy."
Still, I wouldn't say that all doubts about online education have been put to rest by this study. It doesn't break out online education by course topics. Are computer science, engineering and information systems students as well served by online courses as traditional, classroom instruction? Unless I missed it, the report doesn't say.
Click here to download the study (entitled Making the Grade: Online Education in the United States, 2006.)
IT's agenda isn't determined by IT alone; it's often determined by the agendas of other departments. That's why I pay close attention to the research agenda of the Marketing Science Institute, an association of marketing executives at major companies. It's a way to keep track of the priorities of chief marketing officers. Often, IT plays a big part of it.
MSI recently came out with its research agenda for 2006-2008. Check it out. The top three issues include: capturing customer insights, and using them to drive innovation and product and service design; finding new ways to engage and connect customers with the company as a way to build brand loyalty; and marketing metrics.
The MSI's site provides the full list of priorities, broken into about half a dozen categories. Customer loyalty is one of the most prominent ones. (See our package of stories on customer loyalty for more on the subject.)
MSI's research agenda maps closely to our own customer strategies survey. We also found gathering and sharing customer feedback to be the most common customer initiative, and that finding new ways to engage with customers is a high priority for 38 percent of respondents, and a moderate priority for 47 percent.
