Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »

CIO Executive Council

A Peer-Advisory Service and Professional Association for CIOs

Webcast: In the Google Apps Cloud: How to Achieve Your Business Objectives

Dec 3rd, '09, 1 - 2 pm US/Eastern (GMT-5)

Join Council member Brent Hoag, Director, Global IT, at JohnsonDiversey, as he discusses the adoption of Google Apps which has helped meet four corporate goals; sustainability, simplification, increased employee productivity and global collaboration.

Webcast: Collaboration Initiatives: Benchmarks & Best Practices

Dec 15th, '09, 4 - 5 pm US/Eastern (GMT-5)

Join Council members Ruth Thorpe, VP & CIO at the U.S. Pharmaceutical Operations of Sanofi-Aventis, and Gary Kuyper, CIO at Bethany Christian Services, as they speak about their collaboration initiatives and experiences in how and why they chose the social networking and collaboration tools they are using and their business goals for collaboration, and facing culture change challenges.

Data Overview: Collaboration Initiatives Field Guide: Benchmarks & Best Practices

This appendix to the Council Field Guide provides an analysis which discusses benchmarks for collaboration IT implementation costs, adoption rates and payoffs. The overview identifies top IT and business goals and satisfaction rates for collaboration initiatives as well as best practices and lessons learned for implementing collaboration IT.

More / Register »

Learn more about the CIO Executive Council »

RESOURCE CENTER

buy a link »

5 Things I've Learned

Five Things Tom Ridge Has Learned About Risk

Tom Ridge, former Department of Homeland Security chief, on the importance of disaster preparedness and battling complacency

Leave a comment

By Katherine Walsh

October 29, 2007 — CIO —

Tom Ridge is the two-term governor of Pennsylvania and first U.S. secretary of homeland security. He recently launched Ridge Global, an advisory firm based in Washington, D.C. Ridge believes another terrorist attack is likely.

Complacency is what keeps me awake at night. It's predictable in human terms, but unacceptable as well. We just don't seem to have that same sense of urgency that we did in the first years after 9/11. The professionals have it: the police, firefighters, emergency service personnel and the military. But in the corporate world, and even to a certain extent, the political world, there isn't that same sense of urgency.

We can't secure the country from inside Washington, D.C. We should look to the private sector for best practices to respond to disaster. That will take a major upheaval, but I strongly believe in it. We've got the talent and interest and commitment in the private sector. There are so many things the private sector could help us do more effectively. At the end of the day, collaboration is critically important. The federal government, as big as it is, needs to work with the private sector.

You can't prepare for everything. So you have to be prepared for the unpredictable. There is a certain element of surprise associated with every crisis and challenge you face. I served in Vietnam; most people in the military will tell you that you reduce losses and enhance odds for success by having the right equipment, training and the right people. And it applies to the corporate world, too. Have you empowered your CIO or CSO to look critically at your entire infrastructure and make specific requests? Do you have a business continuity plan and do you exercise it? Have you tried it out? There are basic lessons in regard to planning and training that are helpful because sometimes you don't have time to think; you just have time to react. But if you've trained a certain way and planned a certain way, chances are pretty good you will react the right way.

I have a lot of empathy for CIOs and the CSOs. When they would like to beef up their IT systems and embed preparedness and recovery plans into their networks, they have to go to the CFO and CEO and say "I need X number of dollars to do this." And the first response they get is, "What's the risk? That's a big expense. Where's the ROI?" But I think in a more globally competitive and interdependent marketplace, a post-9/11 Sarbanes-Oxley world, there are far greater vulnerabilities to a commercial enterprise today than ever before. It's not just about profitability. It's about the intangible asset—your brand—that's at risk. I would hope CFOs and CEOs and boards of directors pay more attention to the risk assessment rendered by security officers or information officers when parceling out annual budgets. You have to manage the risks, and there are certain ones that need to be managed, regardless of ROI.