How businesses can support citizen developers towards success

It is estimated that by 2030, there could be a shortage of 10 million developers in the U.S., according to Forrester Research. This shortcoming, coupled with the proliferation of automation tools, is sprouting an army of citizen developers: professionals who aren't trained in computer science but are becoming de facto programmers through the influx software available to them.

While some employees eagerly jump at the opportunity to become citizen developers, others have held back from embracing this title, notes Justin Donato, vice president of information technology at Nintex.

Heading into 2020, which is primed to be the automation decade, enterprises need to work to qualm employee anxieties (job security, ageism, bandwidth, etc.) associated with becoming a citizen developer, Donato says. Information Management spoke with Donato about the growing need for citizen developers and how organizations can build a culture that fosters citizen developers.

Information Management: How can enterprises build a culture that encourages citizen developers?

Justin Donato: The most important things enterprises can do to encourage citizen developers are to give them the right tools and empower them to use those tools within a data culture. One of the major success criteria for a citizen developer is a no-code solution. Unfortunately, in many organizations, IT departments keep these solutions from the business or citizen developer types.

IM: What will citizen developers look like in the next year? Can anyone be a citizen developer?

Donato: Citizen developers are on the rise. Anyone in the organization who really understands a process and how it works is a great candidate to build and manage their own solutions. Typically they start with a system of record like SharePoint, Salesforce or other repository of data and quickly start automating processes around those systems.

IM: How can employers ease employee anxieties often connected to the rise of automation?

Donato: In a wide variety of scenarios, automation is making processes much more efficient and accurate. Employers are seeing that the employees involved in these processes are reducing inefficiency and adding more value.

Smart managers are recognizing and rewarding employees for automating processes that help the business run better. Those employees are being great stewards of the company time and resources that they have been entrusted with.

IM: What are the key steps in implementing a successful automation strategy?

Donato: Executive support is often the key to driving success. I personally have found it very helpful to have a tool that allows me to start by documenting the process I want to automate.

Keep that documentation up to date and leverage it as the foundation for the next step, the actual automation. This provides a great working copy of processes that you are automating.

On the automation side, giving citizen developers no-code solutions that are fast and easy to use is the key to long-term sustainability.

Author: David Weldon

Source: Information Management

The Benefits of Establishing a Data Culture

Building a data culture isn’t just about having more people access data and making smarter decisions. A strong data culture is directly linked to a company’s revenue, as Ashley Womack, director of corporate marketing at Alation, explains.

Alation recently released the results of its Q1 2022 State of Data Culture Report. The company says the report “provides a regular assessment of the progress enterprises have made in establishing a data culture within their organizations, the challenges they face in embracing data-driven decision making, and key drivers for data and analytics.” We explore some of the report’s findings with Ashley Womack, director of corporate marketing at Alation.

Upside: Your research has found a correlation between a “strong data culture and an organization’s ability to achieve or exceed revenue goals.” You’ve pointed out the bottom-line benefits of creating a data culture. Do C-suite managers see this connection?

Ashley Womack: Most organizations fall into one of two categories: one side believes they have already successfully built a data culture, and the other side barely acknowledges that their lack of data culture is a problem. The latest Alation State of Data Culture Report confirms that organizations with a top-tier data culture continue to meet or exceed their revenue goals.

However, the research also shows a disconnect when it comes to fulfilling funding promises dedicated to creating a data culture that drives revenue and operational efficiency. Executives know they have a bigger hill to climb, but there appears to be a lack of action to meet these goals.

The report mentions that 98 percent of data leaders said they need additional investments in their enterprise’s data analytics, but 51 percent expect they’ll only get half (or less) of the amount they say they need. “Just 18 percent of data leaders expect to receive the full amount they say is necessary.” What accounts for this funding gap? What competing demands are siphoning away money, according to your survey?

For organizations to reap the benefits of data, the C-suite must understand the direct correlation between investing in data and staying ahead of the competition. This latest Alation research shows that only 29 percent of data leaders are very confident that their CEO understands this link. This points to a strategy gap where C-level executives effectively pay lip service to the benefits of investing in data and analytics but don’t make it a priority, leaving organizations vulnerable to disruption.

Executives need to stop relying on their intuition to make decisions and instead leverage the data at their disposal to develop a sound strategy that moves the needle. If they don’t, they’ll hold their organization back and give competitors an advantage. The responsibility falls on data leaders to help their C-suite recognize the power of data-driven decision making and secure dedicated funding to create a data culture.

Your survey mentions that two-thirds (65 percent) of data owners are technical C-level positions (such as CIO or CTO) and a third (31 percent) are business executives. Why is this distinction important? What does it have to do with building a data culture?

Not everyone involved with the data strategy plays a day-to-day role in implementation, which leads to the disparity between promised funds and actual budget we spoke about. Executive ownership of data is more likely to result in business metrics such as cost savings and revenue being used to measure the impact of data initiatives. However, tech owners of data are more likely to focus on efficiency and internal processes. This is reflected in the survey data, which confirms that the ultimate owner has an impact on how companies measure the success of data initiatives and how funds are disbursed.

Where do data leaders feel the greatest need and where do they think they’ll get the biggest ROI?

The report found that data leaders overwhelmingly feel the need to improve customer experience, propel digital transformation to drive greater business efficiency, and increase profitability, which is no surprise as these areas have historically had the greatest ROI.

These efforts are often spearheaded by finance, sales, and operations teams to drive the adoption of data-driven decision making inside companies. These leaders must be diligent in their efforts to prioritize a data strategy and as a result drive ROI. It’s important to have someone at the highest level of your organization champion the goal of getting the most ROI from their organization’s data rather than just a select few advocating for the strategy.

Data catalogs not only came out on top of a list of core areas for investment to improve their organization’s data culture, but the percent of data leaders putting this on their list jumped to 87 percent from just 68 percent six months ago. Why do you think data catalogs came out on top -- and rose so fast on their list? What benefits do data leaders see in having one?

Although awareness about data culture continues to grow, the problem that many executives and their organizations are now tackling is determining how to implement a solid foundation for it. The benefits to implementing a data catalog include improved data efficiency, improved data context, reduced risk of error, improved data analysis and more. Data leaders who see the benefits of data catalogs avoid introducing significant risk to their organizations or being disrupted by competitors.

What other needs were high on data leaders’ list?

Research showed that data leaders believe that the first steps to building a data culture include constructing step-by-step processes to sort data (44 percent), creating an inventory of existing data (43 percent), and fixing existing data quality issues (38 percent). This was even higher among top-tier companies, with 94 percent of data leaders at these organizations noting data catalogs were important, and 39 percent calling them "essential.”

Source: TDWI Upside

The issue of employee reluctance when it comes to cybersecurity training

Although 75% of all US and UK companies were exposed to cyber incidents in the past year, employees still hate cybersecurity training sessions. Considering most cyberattacks capitalize on human error, employee reluctance continues to play into the hands of malicious actors in the shadow of this avalanche of cyber attacks.

Despite the overwhelming belief of cyber executives that their organizations have a solid security culture, recent data gathered by email security expert Tessian suggests that these leaders may be deluding themselves, revealing an unsettling gap between security experts and the rest of the business.

Cybersecurity training is boring to most employees

While 85% of employees participate in cybersecurity training or awareness programs, “How Security Cultures Impact Employee Behaviour” research revealed that 64% do not pay full attention, and 36% find their organization’s training about cybersecurity uninteresting. Do you know how businesses could utilize AI in security systems?

The survey found that security leaders generally agreed on the recipe of good security culture, but Tessian said it was evident that those at the top still had a lot of work to do, given the stubbornly high incident counts.

“Everyone in an organization needs to understand how their work helps keep their co-workers and company secure. To get people better engaged with the security needs of the business, education should be specific and actionable to an individual’s work,” said Kim Burton, Head of Trust and Compliance at Tessian.

“It is the security team’s responsibility to create a culture of empathy and care. They should back up their education with tools and procedures that make secure practices easy to integrate into people’s everyday workflows. Secure practices should be seen as part of productivity. When people can trust that security teams have their best interest at heart, they can create true partnerships that strengthen security culture.” she added.

The study demonstrated how cybersecurity training exercises, which frequently consist of brief PowerPoint presentations created by legal and compliance professionals without a true grasp of how people interact with instructional materials, have no overall positive effect on employees.

For instance, only one in three respondents said they were satisfied with the communications from their IT or security team, and 30% of respondents said they didn’t think they had a personal role to play in keeping their company secure. Similarly, 45% of respondents didn’t know how to report a security incident or who to report it to.

Over half of those surveyed claimed that behaviors including downloading apps to work devices, transmitting private information to personal email addresses, exchanging passwords among coworkers, and connecting to open or public Wi-Fi networks on work devices are not caused concerns.

Over 40% of respondents said they didn’t see an issue with blatantly hazardous behaviors, such as reusing passwords, leaving business devices unattended or unlocked, downloading unsolicited attachments, or clicking links in emails from unfamiliar sources.

Scaring people with cybersecurity risks doesn't solve anything

The leadership’s propensity to utilize cybersecurity training to spread fear and uncertainty as a motivation appeared to be a significant source of estrangement.

For instance, according to Tessian’s survey, 50% of participants reported having a “bad experience” with a phishing simulation, as shown by the 2021 account of a phishing test that went horribly wrong at West Midlands Trains.

Many others clicked on the link in what appeared to be an email from corporate leadership explaining a thank-you bonus for workers who had endured the pandemic, only to be reprimanded for not being vigilant enough about security. Officials from the union called the stunt “crass and reprehensible.”

Such strategies can “cripple employee decision-making, creative thought processes, and the speed and agility that businesses need to operate in today’s demanding world,” according to Marc Dupuis, assistant professor at the University of Washington Bothell, and Karen Renaud, chancellor’s fellow at the University of Strathclyde.

Tessian listed five actions security leaders should do to improve employee understanding of cybersecurity protocols.

For instance, security leaders must take a more active part in important touchpoints like onboarding, position or office changes, and offboarding during an employee’s “journey” with the company. According to Tessian, the onboarding of new employees offers a fantastic opportunity to grab people’s interest before they grow weary and bored, while more thorough and careful offboarding procedures can assist in preventing the loss of crucial data when a person departs.

Establishing open lines of communication throughout the entire organization and paying close attention to how much information is shared, who it comes from, via what channels, and how frequently are other things that any security leader should be doing.

Tessian provided four essential guidelines for accomplishing this successfully (page 28):

• You must speak the same language as your employees to communicate effectively. That means stripping out the jargon, technical terms, and acronyms and only providing need-to-know information.
• Tailor communications to specific people, teams, or departments to help everyone understand threats, consequences, and solutions. Data, real-world examples, and specific “what-if” scenarios can help you paint a clear picture.
• Security teams should choose a cybersecurity awareness champion to deliver updates or requests and be the point of contact for all questions.
• Develop a consistent format and cadence (for example, a monthly bulletin) to streamline communication and ensure employees have a source of truth to reference.

Finally, there are technology solutions that, when wisely implemented, can support the organization’s development of cyber “self-efficacy.”

Tessian’s research was created by OnePoll, which surveyed 2,000 US and UK-based employees, along with 500 IT security leaders.

The research we examined today revealed why some cybersecurity training and awareness initiatives are far from being effective. However, none of this changes the fact that cyber attacks can bring a company down. 

Author: Kerem Gülen

Source: Dataconomy

Using data successfully: the role of data democratization

An effective culture to underpin your strategy

A business that looks to become truly data-driven knows that employees are more likely to back the wider strategy if they have access to data that helps them do their jobs better. Data democratization and the positive culture it can create is, therefore, critical to the long-term success of any organization.

According to a recent report, Data Strategy and Culture: Paving the Way to the Cloud, senior decision-makers are confident that they’re opening up access to data sufficiently.

So do your employees at all levels actually have adequate access to data to boost their decision-making? Does the data at their disposal and how they work with it turn employees into strong advocates for your organization’s data strategy? I seek to address these questions.

This blog focuses on the crossover between data strategy and deployment decisions. It covers:

• Why data democratization is critical to developing a positive data culture
• What are the main barriers to this
• What else you can learn?

Data democratization: room for improvement

Successful organizations identify the key capabilities that are required to execute their data strategy effectively. Infrastructure decisions are an important part of this as any limitations can cause frustration and poor engagement — ultimately, the wrong choice can restrict how well an employee can perform in their role.

Almost four out of five respondents to our survey say their current IT infrastructure makes it challenging to democratize data in their organization. This is a significant obstacle to be overcome. There are additional barriers, too, such as a lack of relevant data skills or too many new data sources.

At this point, businesses have to focus on which deployment model best meets their needs. On the topic of data democratization, many will naturally think of the benefits the cloud can bring. The right deployment model allows for data sharing in a secure and cost-effective manner across all levels and departments. It allows people, and therefore the company, to perform at their best.

Don’t limit your potential

Despite the importance of this, almost half (46%) of respondents to our latest research believe that the democratization of data isn’t feasible for them.

This could be a big risk. If your technology infrastructure doesn’t allow you to open up access to data across the whole business, you’re stopping your organization from becoming truly data-driven. This could ultimately mean that insights can’t be gathered quickly enough, projects could be stalled, and a competitive edge on competitors can be lost.

Make the data work

There is a clear need for organizations to carefully consider which deployment option gives them the freedom needed to effectively open up access to data. Yet, the story doesn’t end once a decision has been made.

Teams must constantly monitor whether employees are able to work with the data at their disposal effectively. Can they get the insights they need from the data? Is there an ambition to increase the spread of data democratization within the organization?

So when it comes to optimizing the success of your data strategy, data democratization is an important and key step in the process — and your company needs to get it right.

The report investigates all of the key points raised in this blog and explains how developing a positive data culture starts with data democratization. This is the point when you secure your employees’ backing of the project. Only then are you truly ready to choose the right deployment model.

Author: Mathias Golombek

Source: Dataversity

Why it is key to teach your organization about data integrity

Are you prepared for an attack on your data environment? A data integrity drill can determine the readiness of your enterprise to respond and recover.

A lot has changed in the world of IT over the past decade. We have seen digital services move from being an important aspect of an organization’s operations to being fundamental to its business success. The scalability, flexibility, and other capabilities of cloud services have made these digital services (and the digital economy they have created) possible. We have also witnessed a massive rise in the number of ransomware and other types of cyberattacks -- attacks that exploit the growing value of data in this digital economy.

These changes have made it more complex and more important than ever for IT to make their data environments resilient. In the past, IT could ensure their data environments were resilient if existing processes and technologies were sufficient to restore the enterprise’s on-premises infrastructure after a cyberattack.

However, today IT needs to ensure that their sprawling, business-critical, hybrid-cloud data environments -- that now include dozens of SaaS applications and multiple cloud services as well as on-premises infrastructure and employee endpoints -- are protected against these threats as well as a growing number of increasingly sophisticated attacks.

Practice to Play

The technologies organizations need to ensure their IT is resilient -- strong perimeter security systems, high-availability cloud services, and robust data backup and recovery solutions -- are available. However, despite intuitive interfaces and automation features, using these technologies can be complicated and takes practice. IT teams that have not practiced using these technologies in response to simulated disasters are likely to find that when a real-world disaster does occur, it takes longer than expected to restore their data environment -- assuming they can restore it at all.

Today, many organizations still practice for disasters as if all their applications were on site or that a natural disaster was the greatest possible threat to their data environment. Given the changes to their data environments and the types of disasters that threaten them, organizations need to rethink their preparations. One way is to implement regularly scheduled “data integrity drills.”

During a data integrity drill, an organization simulates how it would use its data security, data protection, and other technologies to restore the integrity of its data environment after a data disaster. To properly implement such drills, organizations need to:

• Build a data integrity team that includes everyone involved in addressing data disasters
• Surprise these teams with a variety of data integrity drills
• Create a culture that values data integrity so both the data integrity team and larger organization understand why they are investing significant time and other resources into these drills

Data integrity drills enable organizations to confirm they have the skills, processes, and technologies in place to prevent or recover from the data threats or attacks they face today and gain the “muscle memory” they need to efficiently and effectively respond when a data disaster does occur.

Building Your Data Integrity Team

When a data disaster hits, your IT team members are not the only people called on to address it.

For example, if the disaster is a cyberattack, your legal team will need to inform customers quickly if their data has been exposed by the breach or your business risks stiff regulatory fines. Human resources will need to communicate the implications of the disaster to your employees (and possibly your partners). Your IT team’s security and data protection professionals will need support from those on your IT team responsible for SaaS applications, cloud services, on-premises infrastructure, and other aspects of the data environment affected by the disaster to bring that environment back online.

Before implementing data integrity drills, create a data integrity team that includes the IT, legal, HR, and operations teams as well as any other professionals who are responsible during an actual disaster. At the same time, the responsibilities for each of these consolidated team members need to be specified. In other words, you need to recruit your data integrity team and assign them their positions before you start the practice for the “big game.”

Surprise Your Data Integrity Team with a Variety of Disasters

When a real-world data disaster occurs, your data integrity team is not likely to be aware of the timing or nature of the disaster beforehand. Given this, although you might not want to schedule a data integrity drill for an extremely busy day or time for the company (such as the end of a quarter), the timing of the drill should remain a surprise to most of the data integrity team.

Such drills should also vary so team members can practice responding to different kinds of disasters involving different aspects of their organization’s data environments -- everything from a natural disaster damaging a data center or a ransomware attack to a disgruntled employee destroying files on the way out. By mixing up the types of drills and making them a surprise, the drills will stress the organization’s existing disaster remediation and recovery processes and technologies as they would in a real disaster.

This “surprise approach” will challenge your team’s skills, sharpening them and revealing where additional skills are needed. Such drills will also reveal if growing data sprawl has created weak spots or other cracks in your organization’s data integrity strategy, where certain applications, infrastructure, or other parts of the data environment are more vulnerable than others.

Create a Culture That Values Data Integrity

Your organization is likely to see pushback on the implementation of data integrity drills. Preparing to be on the data integrity team and conducting data integrity drills takes people away from their day-to-day responsibilities and reduces the time they can spend on other strategic projects.

This is precisely why your enterprise needs to create a culture that sees data integrity as a core strategy, fundamental to the success of its business. This will require communicating to employees that the time they spend preparing for and conducting data integrity drills pales in comparison to the time they are likely to spend remediating a cyberattack or other disaster if they are unprepared.

Take the Data Integrity Challenge

Data environments today do not just serve as the nervous system for most companies’ daily operations. These environments also provide the data needed to predict customer behavior, improve operational efficiency, set corporate strategy, and improve business outcomes.

This is why I would encourage all organizations to challenge themselves by testing their IT resiliency with at least one data integrity drill. Maybe your drill will reveal that you already have in place all the skills, processes, and technologies needed to protect your data crown jewels from any threat. More likely, the drill will expose skills you need, processes that can be improved, and technologies that need to be upgraded -- so you can fix these problems before a real disaster strikes.

Author:

Source: TDWI