Wednesday, July 21, 2010

Enterprise Architects Increasingly Join in Common Defense Against Cyber Security Threats

Transcript of a sponsored podcast on how private enterprises and government agencies can combat the growing threat of cyber crime and the looming threat of cyber terrorism.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: The Open Group.

Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions, and you're listening to BriefingsDirect. Today, we present a sponsored podcast discussion, coming to you from The Open Group Conference in Boston, the week of July 19, 2010.

We’ve assembled a panel to examine the need for improved common defenses -- including advancing cooperation between enterprise architects and chief security officers -- to jointly defend against burgeoning cyber security threats. The risks are coming from inside enterprises, as well as myriad external sources.

We’ll learn more about the nature of these borderless, external, cyber security threats, as they emerge from criminal enterprises, globally competitive business sources, even state-based threats, and sometimes a combination of these. We’ll also hear recommendations on developing smarter processes for cyber security based on proven methods and pervasive policies.

To help broaden the scope of enterprise architecture, and to develop a leverage point for "mission architecture"-levels of security and defenses, please join me in welcoming a security executive from The Open Group, as well as two cyber security experts who are presenting here at the conference.

Allow me to introduce you to retired Air Force Lt. Gen. Harry D. Raduege Jr., chairman of the Deloitte Center for Cyber Innovation, and who co-chairs a cybersecurity commission under President Obama. Welcome.

Gen. Harry Raduege: Thank you very much, Dana. It’s good to be here with you.

Gardner: We’re also here with Usman Sindhu, researcher at Forrester Research.

Usman Sindhu: Thank you, Dana. Good to be here.

Gardner: And Jim Hietala, Vice President of Security at the Open Group.

Jim Hietala: Hi, Dana.

Gardner: Let’s start with you, Harry. Tell us about the nature of the threat. Perhaps there's a level of the intensity about these external threats that the enterprise practitioners, the architects, don’t perhaps quite appreciate yet.

Raduege: Thank you very much. At this conference, we've put a few of these areas that you’ve mentioned into perspective. As far as cyberspace, it’s a tremendous opportunity for us to gain the benefits of being able to communicate, not only nationally, but also internationally, and across all borders, in the area of cyber security.

But, with that openness, come these new threats. The vulnerabilities that we have of operating in cyberspace are magnified by the threats. These threats are in the areas of identity theft, information manipulation, information theft, cyber crime, and insider threats that are prevalent in many of our organizations and companies today. Also, the threat of espionage, of losing lots of intellectual property from our businesses, and the cyber attacks that are taking place, the denial-of-service (DOS), and also the threat that we see on the horizon -- cyberterrorism.

Gardner: If you're a business or a government agency, perhaps a multinational corporation, is there a commonality, or is everyone getting hit the same by these sorts of things? Who's vulnerable, who isn’t?

International problem

Raduege: The Internet and all of our connections in cyberspace are across all nations of the world. In fact, this is an international problem, and so an opportunity for us to take advantage of it. Basically, Dana, we’re all in this together.

This is the significance of this type of a gathering, to talk about the real benefits of cyberspace, but also to talk about the issues of cyber security that are facing us all. The importance of the underlying foundational aspects of having a great enterprise architecture is pointing more toward a mission architecture for business success.

Gardner: Are there standards, practical ways that cut across the different types of organizations that perhaps are in the works, but that other people aren’t aware of? And how important is education toward moving against some of these common threats?

Raduege: A number of organizations like The Open Group are working on the common standards that are so important for the international community to comply with and to have as guiding factors. Education is very important, developing a cyber mindset across all people of the world, not only in the government organizations, but for industry, and also the individual users at home.

The aspects of education and training and awareness of what’s going on there in cyber is paramount for proper operation, but also for the protection of your critical information.



The aspects of education and training and awareness of what’s going on there in cyber is paramount for proper operation, but also for the protection of your critical information.

Gardner: Harry, are there things that are going on within governments, and not just in the US, that are buttressing the protections and reducing the risk for enterprises and that maybe enterprises aren’t aware of? How could that cooperation between public and private perhaps improve?

Raduege: Since everyone is member of this international community in cyberspace, everyone’s trying to address the issues that are so common to each one of us. Many people are bringing best practices to the table. We’re learning from each other’s experiences. As I mentioned earlier, we’re all in this together.

The international cooperation and collaboration, and the opportunity to meet and discuss these areas, are very valuable to all of us individually, and to our companies and to our nations.

Gardner: Usman, you had an interesting presentation. Tell us about this notion of "smarter" organizations. How is it that organizations, particularly enterprises, need to adjust their thinking in order to better protect themselves?

Sindhu: We’re living in a very exciting time in terms of the innovation, as well as the adoption of technology. Inventor Ray Kurzweil talks about the law of accelerating returns. He says that we're experiencing 20,000 years of adoption and technology growth. In the 21st Century we'll have a lot of innovations and more technology adoption in a much more accelerated fashion.

The smart concept

That’s where the smart concept comes in. This entails smartening our physical infrastructure, our critical infrastructures like utility, healthcare, financial services, transportation, public safety, and also city administrations, down to the IT system itself.

It will use of lot of IT enablement from either the cloud or communication infrastructure, things like RFID technologies, 4G technologies, and solar technologies, to embed lot of situational awareness, analytics, and locationing into the systems.

The need for this is present, if you look across the board at some of the incidents or some of the events. The BP incident shows us that the inefficiency, the number of physical infrastructures that are siloed, present a huge opportunity for technology growth.

This is a smart kind of a concept that embeds itself into smart city infrastructure where all the different components embed all the IT technologies together. There are other initiatives like smart grid or smart healthcare that are embedding these IT technologies as well.

That's a great way to start the 21st Century with this innovation, but the need for security arises at the same time. As Gen. Raduege mentioned, cyberspace is a new frontier, or information security in the cyber world, is a new frontier.

Today, many organizations, including the public and private sector, are waking up to the fact that technology alone is not the answer.



That’s where we have to address lot of different issues and problems around policy, architecture, and best practices. It’s only going to get more serious, as we connect a lot of different systems that were not connected in the past.

Gardner: So, from Forrester Research’s perspective, this smartness isn’t just a technical smartness, but it’s also the policies, the methods, and best practices. Tell me why best practices fit into this notion of smartness, and then maybe revisit how the threat increases with that interconnectivity.

Sindhu: Traditionally, security has been a point technology. Even in the government space, there has been a lot of focus around just technologies. Earlier today, in other sessions, we saw how the importance of point technologies has been overemphasized, rather than risk analysis and the process.

Today, many organizations, including the public and private sector, are waking up to the fact that technology alone is not the answer. It’s the process and people as well. That’s where deriving these best practices would be a key in collaborating with the private and public sector and bringing in an architecture that supports all three silos.

As far as this interconnectivity is concerned, you'll see lot of different business-to-business (B2B) and business-to-consumer (B2C) interactions. It happens today. Today, business partners and distributors do business on the go, on social media, either Twitter feeds or Facebook, or something I call ad-hoc communication through their mobile devices. This is the nature of today’s interaction. This is the nature of B2C and B2B interactions.

Perimeter notion

With that, threats increase manifold, because we tend to look at more of a perimeter notion of security. If you look out there, we're actually in a stock market situation, where information is flowing all over the place and we have no perimeters, so to speak. We need to understand this re-perimeterization, rather than de-perimeterization. How do we put security control at proper threat levels?

Gardner: One area where increased connectivity is not a threat is in connecting more of the enterprise stakeholders who perhaps have a role or a piece of the security puzzle, for them to be a bit more cooperative and coordinated. Tell me how smartness fits into collaboration between architects, chief security officers, and other stakeholders?

Sindhu: It’s a great question. One of the key aspects of smartness is cross-industry and cross-team collaboration. Today, when we start to look at some of the smart deployments, either in the vertical sectors like utilities, healthcare, or even other private-sector industries, we see more and more that security is getting attention from the board-level and C-level executive.

Similarly, enterprise architecture is getting its attention as well. Going forward, we see a great emphasis on combining these two initiatives, even though it’s still a very nascent stage at the board-level talks and C-level talks. We're not seeing a huge focus on cyber security in some instances, but of course it’s changing. It’s increasing.

It's fair to say that the security and enterprise architecture will play a key role, as both concepts mingle together to bring about best practices in architecture in the early phases into planning, deployment, and delivery of the smart services.

Gardner: How about that, Jim Hietala at The Open Group? You're all working with framework certification, defining and professionalizing the role of the enterprise architect. How well are we doing with imbuing security into that larger picture of enterprise architecture, as well as technology and process?

Hietala: I'd echo what Usman said. It’s early in the process of really bringing enhanced security into the professional enterprise architecture. So, in The Open Group Architecture Framework (TOGAF), three of the nine iterations of it, we've added significant security information and content that enterprise architecture need to bear in mind in developing architectures.

But that work is ongoing. We have a couple of projects both to enhance the security of TOGAF, and also to work to collaborate with the Sherwood Applied Business Security Architecture (SABSA) folks, another security architecture development methodology, to harmonize those two approaches.

There's a lot of work ongoing there, and there's a lot of work needed in developing reference architectures outside of purely IT. We have a document that we are updating called Enterprise Security Architecture. It will be published this fall, and updates some work that was done five or six years ago, sort of an IT reference architecture.

We see a need, as you start to look at cyber security and the different kinds of architectures, to develop new reference architectures to address some of these new applications of IT technology to everyday life. If you think about networks in cars or networks of smart devices comprising the power grid, what does security look like for those things? Our membership is starting to look at some of those and trying to determine where we can add some value for the industry.

Gardner: Let’s think a little bit more now about this notion of mission architecture. The Open Group and many organizations are involved with enterprise architecture. Harry, what do we mean by mission architecture? What does that mean and how does it relate to the concept of enterprise architecture?

Changing world

Raduege: The Internet has changed our world and the way we operate. For years, we've had enterprise architects who have been working down the hall or in the basements of organizations, and who have been trying to figure out the best way of technically aligning the Internet and all of the interconnected networks to make it work as best it could.

Now that this world of cyber has really come upon us, it has really elevated the importance of the enterprise architect into the higher levels of an organization, just because of the threats that are constantly coming upon us in our business operations and our mission success.

The enterprise architect has now gotten the attention of the C-suite executives and organization leadership. But, they don’t like to think as much about enterprise architecture, because it really has that technical connotation as my colleagues here have mentioned, we're really talking and focusing more now on the people and the process aspects of running the business properly.

The front-office people, the C-suite executives and leaders of organizations, instead of thinking about enterprise architecture from a technical aspect, are becoming much more interested in a mission architecture.

In other words, what's the architecture needed to complete my mission so that I can have success -- whatever your mission is, if it’s government activity or whether it’s industry. Mission architecture has taken on new meaning that takes into account the technical architecture, but also adds the workforce domain and the process elements of the organization.

Architecture is important, but there is no silver bullet to it. Since the smart concept is industry-wide and is global, there could be many references to architectures that could go in.



So, mission architecture is really pointing toward business success, whatever your business is, whether it’s government operations or industry.

Gardner: Usman, how do you relate mission architecture to your discussion about being smart?

Sindhu: A couple of things that come from a mission architecture perspective and a smart aspect in general, is what we're seeing in the industry as the IT risk baseline. There has been a lot of work done, and it gets even more important. How do you derive an IT risk baseline?

Architecture is important, but there is no silver bullet to it. Since the smart concept is industry-wide and is global, there could be many references to architectures that could go in. Some things have started to happen. For example, the Department of Homeland Security came over to IT risk baseline about a year-and-a-half ago. It collaborated with the IT vendors and IT sector in general and started to create this risk baseline, which comes about in the earlier phases of architecture.

As you develop a framework, you take feeds from the various industry standards and regulatory compliance mandates and you start to create a risk baseline, a risk profile that touches every single silo of people, process, and technology. Over the time, you do the collaboration, internally, but externally as well.

Also, you market the risk baseline component so that you are complying with it, but you're also educating this to your peers and your other adjacent industries. The smart concept, at its heart, would require a lot of collaboration among the public and private sectors. I see a lot of this is being driven by the government. The Department of Homeland Security is actually working on coming with the next iteration of this baseline, maybe next year.

I see a more cohesive approach, even though a lot of work needs to be done here, and in distinct industries like smart grid. There has been a lot of focus around standards. The National Institute of Standards and Technology (NIST) is working on creating a cyber security baseline and framework that touches interoperability as well as the security standards. A lot of work needs to be done. We're still at a very early stage.

Gardner: As we elevate from IT concerns to architecture and enterprise concerns -- and now we're talking at the mission architecture level -- do we run the risk of this becoming a hot potato? That is to say, no one really owns it, but it gets handed around. How do we organize an approach to a mission architecture in such a way that it's got the right level of command and control and yet is inclusive? Any thoughts around the organizational imperative, Harry?

Organizational concepts

Raduege: Maybe we can take a page from what the United States government has just recently gone through with organizational concepts, because we knew that many different activities across the federal government had a big part to play in securing cyberspace. The Department of Homeland Security, Department of Defense, the Intelligence Community, Department of Interior, Department of Commerce, Department of State, every one of those federal government activities had a specific role to play in securing cyberspace.

However, we found out that there was no one totally in-charge of orchestrating the elements and activities of our federal government. So with the President’s Cyberspace Policy Review, he decided to appoint the first ever White House Cybersecurity Coordinator, Howard Schmidt. Howard is the overarching orchestrator for all of our federal government activities, all the state and local and interfaces with industry, and also the international community.

If we're going to think about an organizational construct, our nation is led with that kind of an example of an individual at the top who provides the oversight, is also responsible and accountable for the proper operation of cyberspace and the cyber security elements.

Gardner: Jim Hietala at The Open Group, any thoughts about this organizational angle in terms of the personnel, their roles, and a rethinking of how these categories have so far been structured?

Hietala: From an enterprise perspective, looking at mission success and thinking about cyber security really is the Chief Information Security Officer (CISO) role inside a given enterprise. That probably is most relevant to address the issues. The interesting thing is that many of the new developments that we’re looking at -- whether it's smarter hospitals, smarter medical devices, smarter electrical grid -- are industry specific and they require a lot of cooperation between organizations in an industry.

There's a role for standards and industry organizations to pull together and come up with some common standards to facilitate better security.



There's a role for standards and industry organizations to pull together and come up with some common standards to facilitate better security, maybe better frameworks or things like that, that can be leveraged across an entire industry.

Gardner: Any thoughts about getting started? Where do you get traction on a problem like this? Again, we’ve got a lot of different stakeholders and many different siloed types of activities and technologies. Where do you begin to actually get a hold on this and make some impact?

Hietala: It depends on the industry, but you get started just getting smart people in a room and trying to find consensus around the problems and potential solution. We do a lot of that here at The Open Group in different areas. We have a lot of defense work that we’re doing with the suppliers to the military and those sorts of things. We get them in a room, drive consensus, and develop standards and best practices that all of them can leverage and that help their business be more secure.

Gardner: As Harry mentioned, there are some examples in the US government. There are governments, I imagine, as well where they’ve attacked this problem. They’ve made some strides, developed some approaches and methods. Is there an opportunity for increased public-to-private cooperation and standardization and can you think of any examples of how that's working?

Hietala: Definitely there is a need for increased public-sector and private-industry cooperation. We have an initiative here, The Open Group's Acquisition Cybersecurity (ACS) Initiative. It was brought to us by the Department of Defense as a consulting effort. They wanted an organization to pull together private industry and try to drive some standards looking at the supply chains to the major IT suppliers. That work is ongoing and that would be a good reference of an initiative like that.

Gardner: Harry, how about from your perspective on getting started? Where do you get a handle on this beast?

Specific areas of expertise

Raduege: As my colleagues here have mentioned, a lot of times in private industry, there is a number of individuals who, just like in the federal government, have specific areas of expertise and responsibilities in the organization. From the boardroom perspective, this could be a little confusing. You’ll have a Chief Information Officer, a Chief Information Security Officer, a Chief Privacy Officer, a Chief Management Officer, a Chief Financial Officer, and a Chief Operations Officer.

Doesn’t this sound kind of familiar to what our federal government looked like? ... Everybody has a specific role that is very, very important, but then, who is the one person then who talks to the CEO or the board? I know a lot of organizations wrestle with that concept.

In 1996, there was actually legislation, the Clinger–Cohen Act, which was officially called the Information Technology Management Reform Act. It said that across the entire federal government, there would be CIOs appointed, and they would report directly to agency heads. That has guided our federal government for quite some time, but these aspects of all the different areas need to be brought together and focused within organizations. We really have our work cut out for us.

Gardner: To you, Usman, perhaps some thoughts about getting started on the process of getting smarter?

Sindhu: One thing I'd like to echo from the previous question as well is that it's interesting to see how long it took security to get the attention it needed. Finally, it's getting the attention at the C-level. Then, from a budget perspective as well, they're getting a much better share of the IT budgets that they had before. So, there is a good momentum around understanding security early in the development phase of a project, a product, or any other deployment.

There is still a ramp to cross at getting attention at the earlier phase from a security professional’s perspective. Cyber has to be on that agenda as a top priority.



Now, when cyber security is talked about, this is another new beast for many organizations to deal with. In fact, I was speaking to one of our utility clients, and the cyber security lead mentioned that he has no approach or visibility into the earlier phases of when the vendors are selected or when the RFPs are made. He only comes in a second tier, when he has to accredit all the different vendors.

So, there is still a ramp to cross at getting attention at the earlier phase from a security professional’s perspective. Cyber has to be on that agenda as a top priority.

As far as smart initiatives, you need to get security involved and architecture involved earlier in the phase. I normally use a three-level or a three-phased approach, when we talk about the planning.

Many of the smart initiators today -- smart city, smart grid, or smart healthcare -- are mostly in the planning phase. In a year or two, we’ll see a lot more deployments. Deployments are happening today as well, but we’ll see a lot more deployments in a year or two. Then, the delivery phase will come when the smart services will be delivered to the consumers and businesses.

The role of the architecture and security has to be involved right from the planning phase, where you manifest the value of security being built in, either to the products or in general to the architecture? That has to be the first step -- that we acknowledge the need to embed that into the overall process.

Gardner: Thanks so much. We’ve been discussing the need for improved common defenses including advancing cooperation between enterprise architects and security officers, and to jointly defend against burgeoning cyber security threats.

This sponsored podcast discussion is coming to you from The Open Group Conference in Boston the week of July 19, 2010. I’d like to thank our guests. We’ve been here with retired Air Force Lt. Gen. Harry D. Raduege Jr., chairman of the Deloitte Center for Cyber Innovation, and who co-chairs a cybersecurity commission under President Obama. Thank you.

Raduege: Thank you very much.

Gardner: Usman Sindhu, researcher at Forrester Research. Thanks for the input.

Sindhu: Thank you. It's been a pleasure.

Gardner: And, Jim Hietala, Vice President of Security for The Open Group. Thank you, Jim.

Hietala: Thank you, Dana.

Gardner: This is Dana Gardner, Principal Analyst at Interarbor Solutions. You’ve been listening to BriefingsDirect. Thanks for joining and come back next time.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: The Open Group.

Transcript of a sponsored podcast on how private enterprises and government agencies can combat the growing threat of cyber crime and the looming threat of cyber terrorism. Copyright Interarbor Solutions, LLC, 2005-2010. All rights reserved.

You may also be interested in:

Monday, June 28, 2010

Ariba Live Discussion: How Cloud Alters Landscape for eCommerce, Procurement and Supply Chain Management

Transcript of a BriefingsDirect podcast from a live Ariba panel discussion on how cloud-based models offer new benefits and efficiencies to B2B commerce.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: Ariba.

Dana Gardner: Hello, and welcome to a special BriefingsDirect podcast, coming to you on-location from the Ariba LIVE 2010 Conference in Orlando. I'm Dana Gardner, Principal Analyst at Interarbor Solutions.

This podcast is a presentation of a May 25 stage-based panel event on the implications of cloud computing for procurement, supply-chain management, and a host of other business functions. For those of you unable to attend the actual conference, please now listen to this lively and informative panel by a group of noted industry analysts.

Here is the moderator of our discussion, Tim Minahan, Chief Marketing Officer at Ariba.

Tim Minahan: When discussing heady topics like the cloud, procurement, and finance, and looking at the future of business-to-business (B2B) commerce, we thought it important for you to hear from the experts. So, we have assembled a panel of the leading analysts, folks that you turn to to benchmark your performance, uncover best practices, and make IT buying decisions.

I'd like to welcome our panelists now: Mickey North Rizza from AMR Research (a Gartner company), Chris Sawchuk from The Hackett Group, Robert Mahowald from IDC, and Bruce Guptill from Saugatuck Technology. Welcome, all.

Let's spend a little more time introducing ourselves. We'll start down here, ladies first. Mickey North Rizza of AMR Research, tell everyone a little bit about yourself and what areas you cover at AMR.

Mickey North Rizza: Hi, everybody, thanks for attending today. We're looking forward to this panel discussion with you. I cover the sourcing and procurement area from the AMR Research, or what we call the AMR Supply Chain Leader, side of Gartner. I've been there four-and-a-half years, almost five, and prior to that, I spent 23 years in the line of business of sourcing and procurement across many industries. So thanks, Tim, for having me today.

Minahan: Thanks for being here. Robert.

Robert Mahowald: I'm Robert Mahowald from IDC and I'm happy to be here today. I've been at IDC for about 12 years. Before that, I worked for the federal government, doing sourcing of applications and building technology simulations for the Department of Defense.

At IDC, most analysts are functional analysts. They do collaboration, supply chain, or enterprise resource planning (ERP). I am part of a group at IDC that does software business solutions. We look across the board at pricing, licensing, delivery models, and other aspects of operationalizing software for customers.

Minahan: Chris.

Chris Sawchuk: I'm Chris Sawchuk. Good morning. I'm a managing director and Global Procurement Practice Leader at The Hackett Group, a strategic advisory firm. We do a lot of work around research and advisory services, as well as benchmarking of functional performance, not only in procurement, but other areas as well.

Minahan: Bruce, welcome.

Disruptive technology

Bruce Guptill: Thank you, Tim. Good morning, everybody. I'm glad to be here. Saugatuck Technology is a research consultancy that looks only at disruptive technology influence and how it changes the way vendors and user companies do business. I've been with the company for about eight years. Prior to that, I was a VP and research director at Gartner with electronic commerce, benchmarking, looking at the return on IT, and of course total cost of ownership (TCO) -- all the fun financial things.

I go back in the business to a different century, an earlier decade, where I started out in the channel, trying to help people find out how to buy and sell technology and get the most value out of it.

Minahan: The global economy really does seem to be finally emerging from this recession. I know it's a bit slower in Europe, but companies have really taken a lot of costs out of their business. They're taking cost out in the form of reducing infrastructure, letting headcount go, and reducing IT investments. Many CEOs and CIOs have signaled, "We're not going to hire a lot of that back. We're really focused on automating our processes and driving up productivity."

As we enter this "new normal," how do you see operating IT models changing over the next few years? Bruce, maybe we'll start with you.

Guptill: The first thing is to figure out how to handle this cloud thing. It's the single most disruptive influence that we've seen in not just IT, but how IT is bought, used, paid for, and how that affects how everybody does business. So how is it accounted for? Who has responsibility for managing what aspects?

If you have some of it on-premise and some of it out in the cloud, who is responsible? How is it managed? How is that budgeted for?


If you have some of it on-premise and some of it out in the cloud, who is responsible? How is it managed? How is that budgeted for? It changes the way we operate as a business, because it changes the way we spend, the way we buy, and the way we manage. It's very, very disruptive, and policies and practices really haven’t caught up yet to the reality, and we're not getting a breather. The change is accelerating.

Minahan: True, very true. Chris, what are you seeing out there?

Sawchuk: Well, there are a couple of things. I'm going to answer the question from two perspectives and I'm going to share some insights with you from some key issue studies that we've done, both with procurement executives as well as IT executives.

From an IT standpoint, when we look at what has happened to operating budgets over the last year, the IT budget has been cut pretty significantly. As we look further, the expectation is that it will come back slightly. So, there is a real cost control focus from an IT perspective.

The other thing is that we asked these IT executives, "What's top of mind as you are looking out into 2010 and a bit beyond?" They told us two things. Number one, in a most cited area. was that they were going to manage demand and dealing with the demand for IT services within their organizations better.

Second, was driving more agility into the way they actually deliver those services back to the organization. So, from an IT standpoint, it's around continued cost control, demand, and agility.

Declining costs

When you look at it from a procurement standpoint and you look at operating budgets, over the last 15 years, the cost of procurement as a percent of spend, which you can relate to the operating budget, has declined about 23 percent overall. It's even a little bit greater for world class organizations.

More importantly, when you look at these world-class organizations, they actually invest in technology 29 percent more on a per procurement full-time equivalent (FTE) basis. This has actually been one of the drivers of the efficiency gains that they have been able to deliver over the last decade and a half.

Now, when we ask the procurement executives what are they focused on going into 2010 from a technology standpoint, the number one area is just utilizing better the technology investments that they have already made -- digesting them. So, it's a lot of the basics -- cleaning up our master data and just getting more utilization on our eProcurement, eSourcing types of tools in the organization.

But there are a couple of emerging trends that are occurring in the most progressive procurement organizations, in three areas. One is around collaborative technologies. Why is it so difficult to do this in business, when it's so easy with Facebook and all that type of stuff in the non-business type of world? It's not just externally that this applies, but internally as well.

The cloud offers a way to do that a lot more quickly, for less cost, in a way that is still as secure and authenticated as it would be in my IT shop.



Number two, around better management of the knowledge and intelligence across the organization, structured, unstructured, internal, and external types of information.

And lastly, driving more agility into the procurement service delivery model, which includes the technology tools.

Minahan: So, new operating models would be more agile and operate and generate more productivity?

Sawchuk: Absolutely. Yeah.

Minahan: Robert.

Mahowald: We can see that, for the last 10 years or so, we have seen lines of business start to get more acclimated using software-as-a-service (SaaS) services. Some of those lessons are how those services are delivered and filtered back to IT.

Virtualization, automation, and standardization are finding their ways into our IT departments and they're finding ways to do things like reduce the number of physical assets they spend their time counting, and keep them up and running, and rely more and more on external services that can safely provide the functionality that their users require.

And the typical scenario is that, if I am in the line of business and I want to build an application, or I need to have access to an IT service, I've got to go to my IT team. It can often be long and time-consuming to get that thing spun up and tested, kick all the tires, and get it up and running in the environment that is being used.

The cloud offers a way to do that a lot more quickly, for less cost, in a way that is still as secure and authenticated as it would be in my IT shop, and probably done in a way that is much, much more service enabled, for the ultimate constituency I want to serve, my user, the internal user. So, it's a big opportunity.

Minahan: So, looking at alternative delivery models to drive better results at a lower cost. Mickey.

Pent up demand

North Rizza: Basically, what we're seeing is that companies have a lot of pent up demand over the last couple of years. They haven't been able to change some of their business processes and automate them the way they would like to. What they've been doing is standing back, trying to get more out of their ERP systems or basic business processes. They've had to make a lot of cuts and they're not getting everything they need. What we're finding now is that spending is starting to pick up.

We're also finding that companies are looking for alternative deployment models. They're starting to say, "What can I do above and beyond just the technology application? Where else can I look for services and other opportunities that are, one, going to quickly drive value to my line of business buyer, because those are the folks that do the business day in and day out? They're the ones that need to make a difference. And finally, how do I do it quickly, without a lot of disruption, very flexible, and a great investment, but a really quick return on that investment?"

Minahan: So, real value. Chris, let's go back to you. One of the areas that you focus on quite a bit is connecting that physical supply chain to the financial supply chain. So, in aligning procurement and finance, what good examples have you seen where, not only are the functions of procurement in accounts payable (AP) being better aligned, but the concept of developing a strategy around working capital management being applied as well?

Sawchuk: Tim, one of the best ways to answer this question is first to understand that as procurement organizations, we need to evolve our value proposition back to the organizations that we support. And, evolve it past the spend cost savings, our traditional value that we've been delivering, to such things as total cost, shaping the demand, which we have been involved with quite a bit over the last 24 months, and ultimately, value management, and getting ourselves much better aligned with the overall top-line objectives of the enterprise itself.

That traditional value proposition has been challenged over the last several years. We see that spend cost savings as a percent of spend have been declining across the board, with the exception of the last year, where most of us have record returns in terms of our savings back to the organizations. But there is a maturing of the sourcing execution processes. We can’t save ourselves to zero. So, we have to evolve. And, one of the ways we evolve is to augment the value that we're delivering back to organizations, with such things as working capital and getting ourselves to support those types of objectives.

So the question is, are we misaligned or do we feel that we have done everything we can over the last 18-24 months and there’s nothing more to do?



Over the last 18-24 months, most of us have been involved in that kind of thing. We pushed out our terms with the suppliers. We have freed up some cash for our organizations. But, the real question is, did you actually do this in a way and build capabilities in your organizations to sustain those working capital improvements in the long-term?

Why we ask this question and what’s alarming to us is that when we asked CFOs in the broader enterprise, coming into 2010, what was the number one area of focus for them, it was cash. When we asked the same question to the procurement executives and community, it was cost. Cash was number 10. So the question is, are we misaligned or do we feel that we have done everything we can over the last 18-24 months and there’s nothing more to do?

When you look at this, procurement and the data as just being cost focused are fading. We've got to get much more balanced in the way we actually deliver our value, not just cost, but also working capital and other areas as well.

You wanted some examples of what these world-class organizations do around working capital and how they do it well. Number one, they measure it. They bring visibility to it. They put it on their scorecards. They have cash conversions, cycle time matrix, DPO, DIO, etc.

Number two, they manage it and the source-to-settle, purchase-to-pay process.

Number three, they create collaborative communities with procurement, with the business, finance, and treasury, around working capital strategies and objectives.

And, fourth, they actually compensate. We see organizations out there where some of the procurement folks and these folks on these collaborative communities are compensating. Up to one-third of their compensation is based on their achievement of working capital objectives.

Minahan: So, getting better aligned, collaborating better, and then, obviously, that important one of aligning incentives to make sure everyone is growing.

Robert, we talked a little bit before about this new normal, with folks operating leaner and looking at more variable operating models, and this has carried through to IT decisions and how companies are making that. How are companies leveraging the cloud to drive maximum efficiency and effectiveness across all business processes?

Reducing fixed costs

Mahowald: It’s true. If you look at your typical organization and the task of IT portfolio management, all of us, in the last couple of years especially, have been struggling to reduce fixed costs as much as possible, just like we do in our government and in our families. If we could take some of those fixed costs out of our budget and introduce some variables that are based on choices that we can make, that ultimately helps us out as organizations and helps us control our spend.

In many IT organizations, as much as 55 percent of the budget is spent on keeping systems running, and that involves paying for the ongoing license and maintenance and support of software and hardware and all the power pipe cost that it takes to run an IT center.

The ability to reduce some of those costs by outsourcing them in lower-cost subscription models that are operating costs is an enormously helpful transition for many customers. CIOs that we talk to are excited about introducing cloud services and also what we call naked compute services or offsite storage to improve the efficiency of certain applications that are widely used in the organization or offsite development platforms, where they can actually build applications.

It’s a major activity for many IT organizations to build new applications, objects, and customizations on-site. If they can offshore that and not have to pay application licenses or infrastructure cost, that’s a big help to them in lowering their fixed-cost structure. Ultimately, it's a big help to make IT organizations much more lean and responsive to their needs.

Minahan: Let's shift gears a little bit. With all due respect to the technology analysts on the panel, the cloud is not all about technology. It's about a new way of operating. We're seeing more and more organizations embrace what you at Saugatuck call "business process utility." Can you define this term a little bit for us, Bruce, and explain how solutions are helping businesses, not only lower their technology cost, but manage their business process?

Why can’t that be delivered and used as a service, as a utility, cloud-based or otherwise?



Guptill: There are a lot of problems that we have to solve by hiring or by buying and adding to what we have. That’s the traditional way we've done it. If we have a new line of business, if we have new regulatory requirements, if we have new reporting needs, we buy something to address that need. We buy people, technology, or services, or we train somebody to put everything together.

Business process utilities is actually a term that’s been around for quite a while. We started using it internally about six, seven, eight years ago as part of a series of projects to help some of the larger IT providers understand what could we do with this whole idea of what used to be called utility computing and what we now know as the cloud.

Our idea was that if you can take the software and put it in the cloud, and if you can take the hardware and the infrastructure service, the IT, and put it in the cloud and take advantage of that, we have all these vendors -- let's take Ariba for an example -- that have these terrific technologies, applications, and the expertise to use them. Why can’t that be delivered and used as a service, as a utility, cloud-based or otherwise?

Then, we have the business logic, we have the software, the applications, the functionality, and the technology, to make it happen. We can do that as an as-needed, on-demand, or subscription basis. It removes a lot of the fixed cost that we've been talking about. It reduces our reliance on fixed assets or fixed cost for what could be cyclical or temporary needs in terms of functionality. It's basically outsourcing business tasks, business functions, or business processes to the cloud. It's "cloud temping" basically.

Over time, these things start from very simple, straightforward, and standardized capabilities, similar to what SaaS, or infrastructure as a service (IaaS) started as, but we are seeing them start to evolve into more configurable or more customizable capabilities.

Pool of functionality

S
o that we can now -- it's just starting now, but will be much more over the course of the next four or five years -- take advantage of a large pool of business functionality that we don’t want to buy. It's not just a technology. It's not just a software. But it's the business tasks that we don’t want to buy, we don’t want to train, and we don’t want on our books. We can rent those as we need them, and when the work is done, they retire back to the cloud.

Minahan: It's not just about business application delivery, but business-process transformation. Raise your hands. Who here still gets paid by paper check? That's a type of service. It's great to see that trend going on in the market.

Now, Mickey, you recently conducted a study of companies that are using cloud-based solutions to improve collaboration and efficiency across their supply chain. What were some of the key findings from that study?

North Rizza: We found that 96 percent of those in the study are using cloud-based solutions, but out of that 96 percent, 46 percent are geared into a hybrid cloud solution. And by hybrid we mean that they're actually using cloud technology applications. They're optimizing those against their IT on-premise investments, and further, they're extending the capabilities into cloud services technology. So they're looking at the whole gamut.

When it's executed well and done well, it allows you to execute on your working capital and supplier payment types of strategies.



The second part of that is the next leading area, and that’s 41 percent around a private cloud. The difference there is that they're looking at technology capabilities from the cloud and they're putting that with their ERP or on-premise IT investments, but they're not necessarily extending those capabilities.

So, while we see this as a big area, and companies keep going down this path, one of the things we also find is that it really means a sharper focus on master data management (MDM), your business process, how that’s orchestrated, both inside the enterprise and externally into your trading partners, and understanding your governance structure. We'll see more and more of that come out, as time goes on here.

Minahan: There's that issue of master data management yet again.

Chris, let's shift to you again. Considering what Mickey said and what Bruce said, how are companies considering cloud and network-based solutions to apply to their collaborative finance areas? How are they using it to speed invoicing and payment and even help in their working capital management strategies?

Sawchuk: The first thing, and you've heard a lot of it, is that technology is an enabler. It enables a purchase-to-pay process to be more efficient and more effective, and along with some other practices around process design and then process management. But, when it's executed well and done well, it allows you to execute on your working capital and supplier payment types of strategies.

Faster, easier access

We've been talking about the cloud. How does it help here? First of all, and you've heard a lot about this, cloud gives you much faster, easier, and more economical access to technology solutions. Now that you're connected, you can -- to your point Tim -- speed the transactions across your supply base, etc.

More importantly, it gives you much more predictability in your ability to execute. For example, a lot of us say we moved our terms. We moved our terms from 45 to 60 days. When we do that, the suppliers say, "When we were on 45, you couldn't pay me on time. You moved it to 60. Can you pay me now on time?" It gives you some predictability in the execution. That's important to them.

Number two is, if you negotiate early pay discounts, you have the ability to execute and take advantage of those kinds of things that you have in your commercial agreement.

The cloud also does a couple of things. It certainly brings much more visibility to the overall activities that are occurring across the entire source-to-settle process. But also, once you are connected in this whole cloud environment, it certainly gives you access to intelligent services that exist out there. I'm talking about working capital, things like information about the financial health of your suppliers, their historical performance, the cost of capital, etc.

That kind of collision between outside the cloud and inside the organization is going to change and it could change business pretty dramatically.



Minahan: So getting the paper out, improving the visibility, automating that process, gives you the ability now to make intelligent decisions about how to manage your cash?

Sawchuk: Absolutely.

Minahan: Robert, we heard a little bit about this today. In the personal commerce world, companies like Amazon and eBay have really begun to blur those lines between applications and community. This seems to be continuing into the business world.

IDC has been looking at network-based models and solutions and applications for a while. Where are these models most appropriate -- for internal applications and business processes, for external -- and how do you see companies evolving their use of these network-based models?

Mahowald: It's a good question. We've been seeing blurring for a long time. If we think about what we do as business users, when we go into the office, we sit down at our desk and we have got a combination of IT-delivered applications and services on the one side. Then, we can turn the to other side, go to the web, and get the other things that we need most often -- search, consumer commerce, buying, and all kinds of things that aren't given to us by IT. At some point, cloud forces the way we have always been doing things to collide with the way things perhaps should be done.

We talked about lower cost, leaner IT organizations, because they are able to source outside of the organization, and get lower cost services. We think that kind of collision between outside the cloud and inside the organization is going to change and it could change business pretty dramatically.

Where business happens

A
nother thing is that, when you've got solutions that are brought in by business users -- maybe it's a salesforce.com or some other SaaS application -- it's important to them, and it's important for them, to get agility and speed to that functionality, but there are going to be many places where you are going to be brought outside of your organization, because that's where business happens.

Whether it's in a commerce cloud or another forum or marketplace for the exchange of products, you will be forced there essentially to do business, to maintain your presence in the game, see that transparency, and have it help your business. We think that's probably the most likely place for that collision to occur.

Minahan: So, possibly you need to collaborate with folks outside your company, predominantly.

Speaking of outside your company, Mickey, in your study around how supply chain organizations are using the cloud, you really had some very interesting findings about perception or perceived benefits versus actual benefits. In fact, what was interesting about it is that folks were achieving greater benefits than they initially expected. Can you discuss some of the major areas where they were getting the most value?

There are going to be many places where you are going to be brought outside of your organization, because that's where business happens.



North Rizza: Absolutely. One of the things we're finding is that companies really want some great benefits from these investments, but because of the last 30 years of not achieving everything that they really set their sights on, they have really stood back and said, "You know what? I'm not going to achieve everything that I need."

When we did our study, we looked across between 12 and 15 categories. We found that those that actually deployed cloud solutions, technologies, and services and put them out there, found anywhere from 5-7 percent difference in greater value, just by deploying, versus those that are thinking about it or trying to get into the mode of, "We want to go down that path and we are thinking about that investment process."

What were the benefits? It's really interesting. The first is that they were able to drive more revenue. Understandably, if we get those cloud-based solutions, we're going to drive more revenue. If you think about that gap from 5-9 percent, that’s huge, on a revenue standpoint.

Two other points: the cost-to-serve model. They're able to look at what their costs are, what are costing to serve from the enterprise, all the way through their trading partners, all the way back out into where the demand cycle begins, from a supply chain perspective. They get more savings, and those two go hand in hand. Then lastly, it's around that business cycle time improvement aspect.

Minahan: So, increasing revenues, reducing operating cost, and speeding the whole process overall. That’s great.

Different reality

Bruce, let's end with you. There's been a lot of talk about the cloud today, and lot of perceptions out there, that it's an all or nothing, it's a rip and replace. This makes companies somewhat nervous, but your research, as you stated before, shows a different reality going on out there, where the folks are looking at cloud-based solutions.

Guptill: If we wrap up what everybody on the panel has been talking about, let me take it from this angle. We've researched, interviewed, and surveyed a little over 7,000 executives worldwide -- finance, procurement, HR, IT, line of business -- over the last six or seven years about what it is that they want to do with cloud IT, whether it's SaaS or IaaS, platform as a service (PaaS) or whatever. In every single case so far, they're using it to add to what they have. It's filling in the gaps. It's enabling better efficiencies, better cost. It's delivering benefits that they could not get earlier cost effectively.

When you think about it, that’s the pattern of IT investment over the last 50- 60 years. It's very, very rare that we replace what we have with whatever new is coming in. There's all this hype about new stuff is coming and it's going to change everything. It's going to get rid of this. We are going to dump that.

Within four to five years, by year end 2015, more than 50 percent of new IT spending will be in the cloud for the first time.



In reality, almost every new IT that comes in, works inside, next to, or on top of what we already have. And as we learn how to use it over time, it may slowly displace some of what we have, but there is a tremendous amount of COBOL still out there, for example.

Minahan: On the green screen.

Guptill: Oh, there are [plenty] working in back rooms. The net of it is that is that we get more benefit. So we have to decide what we want to get from the cloud, versus what we get and what we have on-premise?

Our latest survey research, which we are just in the process of publishing right now, very strongly indicates that within four to five years, by year end 2015, more than 50 percent of new IT spending will be in the cloud for the first time. That’s within four or five years. But, that means that about 50 percent, or a little less than half, is still going to be on-premise, so that stuff is not going away.

So, over time, what's going to happen is that we have a series of decisions to make. What costs are we trying to control? How are we going to change our purchasing, procurement, management, payment, relationship management, and so on?

Then, as our traditional on-premise systems, not all of them, but as each one comes up, as they reach the end of their useful life, what do we do? Because traditionally, we would add to them, we would just build out around them, until they take over the entire data center, or we would outsource. Now, we have a combination. We can put some in the cloud and some on-premise.

Those are the decisions that we're going to have to face, as we go ahead. What goes out there? What stays in here? What goes in between? The stuff has to be made to work together. Who has that responsibility? What's it going to cost? How is that going to be budgeted? And how are we going to manage all this?

Minahan: So, governance is going to become increasingly important. Well, good. We heard a lot of great things today, challenging you to extend your physical supply chain and your management of that, to leverage and improve your financial supply chain, and improve your working capital management.

We heard about the benefits that you can get through improved business processes, efficiency, and lower cost structures to the cloud, and then most importantly, we also just heard that it's not an all or nothing. It's an extension of your existing IT investments.

Gardner: And thanks to Tim Minahan, Chief Marketing Officer at Ariba. You've been listening to a May 25, stage-based panel event on the implications of cloud computing for procurement and supply chain management and other business functions.

Thanks to this panel of analysts for sharing their recent research findings. This discussion comes to you as a special sponsored BriefingsDirect podcast from the Ariba LIVE 2010 Conference in Orlando.

Thanks for listening, and come back next time.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: Ariba.

Transcript of a BriefingsDirect podcast from a live Ariba panel discussion on how cloud-based models offer new benefits and efficiencies to B2B commerce. Copyright Interarbor Solutions, LLC, 2005-2010. All rights reserved.

You may also be interested in:

Wednesday, June 23, 2010

HP's Anton Knolmar Recaps Highlights of Software Universe Conference, Looks to Future

Transcript of a BriefingsDirect podcast with HP's Anton Knolmar on HP announcements and customer reaction from Software Universe conference in Washington, DC.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: HP.

Dana Gardner: Hello, and welcome to a special BriefingsDirect podcast series, coming to you from the HP Software Universe 2010 Conference in Washington D.C. We're here the week of June 14, 2010, to explore some major enterprise software and solutions trends and innovations making news across HP’s ecosystem of customers, partners, and developers.

I'm Dana Gardner, Principal Analyst at Interarbor Solutions and I'll be your host throughout this series of HP sponsored Software Universe Live discussions.

We're here again with Anton Knolmar, Vice President of Marketing for HP Software & Solutions. Welcome back. How is the show going for you, Anton?

Anton Knolmar: Thank you, Dana. It’s going very well. I'm really excited about having so many customers here. We've been sold out, which is a good sign. Customers are also really interested about sharing their solutions and sharing their information with us. At the end of the day, where we are totally committed is providing value to those customers.

We kicked it off the first day on the main stage, with our new Executive Vice President, Bill Veghte, talking about IT as an inflection point and how, with our solution portfolio, can help our customers provide even greater value for their organizations. That was a good lead-in.

I was even more excited, when we had customers on stage. Delta Air Lines’ Theresa Wise did a fantastic job explaining the challenges they were facing with integrating and acquiring Northwest Airlines, and getting those two companies together using our portfolio.

We got compliments and feedback about Dara Torres and what she was showing on stage here, on how you can compete, independent of what age, if you try to give your best in your personal, private, and business life. This was a good learning experience for all of our customers.

Then, we moved to the next event, our blockbuster product announcement, BSM 9.0, rolling this one out across the world, with different solutions in a single pane of glass, with the automation, and simplification.

It’s not "one solution fits all," and that’s what we are trying to do with our customers as well -- a really customized solution approach.



The feedback we received from our customers is that this is exactly what they've been looking for. And, they are even looking forward to more simplification. The simpler we can make it for them in their complex life, in their complex environment, whatever comes in from cloud, from virtualization, from new technologies, the better they all feel and the better we can serve them.

Gardner: We heard, of course, about the inflection point that you and Bill Veghte referred to -- lots more virtualization, cloud permutations, different types of use, thinking about sourcing, and the the mobility factor. When these come together, it seems to be almost a black hole for some folks. They're a little bit worried about how to deal with it, but they know that they can’t avoid it.

What have you been hearing from the participants in some of the panels and the executive tracks? How are people approaching some of these inflection points?

Knolmar: It wasn't just one customer who had one story to tell. We had to set aside an executive track, where we had a different levels of customers, talking about the problems and how they're facing problems. It’s not "one solution fits all," and that’s what we are trying to do with our customers as well -- a really customized solution approach.

What they're telling us in terms of this broad range of delivery is that it's a huge opportunity for everyone in the cloud. Also, everyone is saying, "We hate the word cloud," but that’s the word everyone uses. The delivery models that are out there at the moment, the new technology, the mobility factor, the growth of the smartphones, the mobile devices, is a big thing, and will be more in the future.

Being future-ready

Our customers are still challenged with their current environment, with their legacy environment. They say, "We still have mainframes to manage and all this new technology is coming in here." What they're trying to do is, and what we are trying to equip them with the current portfolio that we have, is to manage, monitor, and make the best out of the current investments, but also with our solutions portfolio, to be future ready.

So whatever new technology comes out, they're equipped and they can adopt this immediately in their current environment. They should be really happy with what we announced this week to be future ready for their future investments, as well whatever comes up.

Gardner: And, we're here in Washington D.C. with a very large public-sector crowd, as you pointed out earlier, a record-breaking attendance for you. Is there anything in particular from the public sector that you have found here as a takeaway?

Knolmar: A public sector track naturally combines nicely with being in Washington, and I hope we can continue this, even moving a little bit forward for next year. The public sector has similar problems, not too much different from what you hear from our other customers. Naturally there's more governmental, federal interest, in terms of how the budget process works in these areas.

Everyone wants to get the latest technologies deployed and get the best out of them, maximize, be cost efficient, and be effective, as well as serve their business and their lines of business.



But, from the overall topics and overall themes, everyone wants to get the latest technologies deployed and get the best out of them, maximize, be cost-efficient, and be effective, as well as serve their business and their lines of business. We hear similar stories from the public sector customers.

Gardner: As we wrap up Software Universe 2010, where are we going next? Are there some initiatives we should look forward to? It seems that folks are energized. Where can we lead them next in terms of anticipating some new solutions to their problems?

Knolmar: As you said, this was an exciting moment for us, getting our blockbuster out. A new blockbuster is coming, so stay tuned for that. That happens in September. We will also take Software Universe on the road. The next event is happening in Israel in a few weeks. We have a big crowd coming in, 1,500 customers, which is a huge gathering for Israelis.

The other piece is that we have HP TechForum, which is our sister conference, where we get the enterprise business, going on in Las Vegas this week. We're definitely excited. Stay tuned here. We're in Europe, in Barcelona, at the end of November, with our next Software Universe event. Hopefully, we can transmit and tell a bit more stories with you, Dana, from Software Universe, Barcelona. Thank you.

Gardner: Very good. We've been discussing the excitement at Software Universe in Washington and looking forward to some additional rollouts, news, and solutions from the software community at HP.

We've been joined by Anton Knolmar, Vice President of Marketing at HP Software & Solutions. Thanks again for joining.

Knolmar: Thank you.

Gardner: And thanks to our audience for joining this special BriefingsDirect podcast, coming to you from the HP Software Universe 2010 Conference in Washington D.C. Look for other podcasts from this HP event on the hp.com website, as well as via the BriefingsDirect Network.

I'm Dana Gardner, Principal Analyst at Interarbor Solutions, your host for this series of Software Universe Live discussions. Thanks again for listening, and come back next time.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: HP.

Transcript of a BriefingsDirect podcast with HP's Anton Knolmar on HP announcements and customer reaction from Software Universe conference in Washington, DC. Copyright Interarbor Solutions, LLC, 2005-2010. All rights reserved.

You may also be interested in: