Cognitive CISO and Legacy

For starters, many may think “cognitive systems” and “legacy systems” is an oxymoron. Cognitive Systems should be the mantra of every CISO.

Cognitive systems involve self-learning attributes within the application that uses data mining, pattern recognition, and natural language processing to mimic the way we as humans think, work and act.

Most “legacy systems” especially those in the financial industries and have been around for decades and were “homegrown” were not designed to “think.” They were designed to compute. To add, subtract, delete, change or inform points of data or transactions in rapid time, and often are error-prone and suffer from abends and batch computing errors.

It is time to move beyond our grammar school applications and graduate from college.

The internet changed all of the business strategies in every company. The legacy systems did not improve with the internet. What we did was build three-tiered systems with web interfaces to solve what we believed was the problem at hand. We keep doing this for the last thirty years, and now the business world is faced with mounds of technical debt.

One way to fix the legacy problem is to “fix” it the same way we fixed the Y2K problem. If you recall from about 1995 on all the major ERP vendors were singing “Happy days are here again” because the fastest and easiest way to fix was to replace. And that is what most in the world of ERP did. The Y2K era ushered in a new world of applications that incorporated the internet as vendors understood the internet at the time and brought about a new level of standardization of processes. Processes that would hopefully make companies more productive.

The year is 2019, and we are in a new world of technology that is driving business not just on the back-office side as did the old ERP systems but, in the market-place expanding our touch of the world and interacting with customers with a new level of sophistication. This means re-architecting your technology. You must plan to extend your legacy systems with the cognitive tools of the Fourth Industrial Evolution. All applications today should address privacy and cyber concerns. Start by engaging a “technology risk assessment” and “privacy at risk assessment.” These are TWO must for any organization.

As in all technology especially applications built by vendors they all contain the same “best practices,” that is what drives productivity. No company ever gained a competitive advantage using the same ERP systems. What the technologies of the Fourth and Fifth Industrial Evolutions bring to the table is the ability to reach customers and prospects anywhere in the world and interact with them not just regarding performing a transaction but in a more “human-like” manner. Think conversational interaction.

You need to start by asking yourself “If I could buy an application that would do this for me, what competitive advantage would I have?” The technologies of the Fourth and Fifth Industrial evolutions are the technologies that will provide you with the means to the goal. But you must extend those technologies even through your legacy systems to your customers, prospects, suppliers, and also your partners, and offer a tremendous strategic advantage to them before your competitors jump on the same bandwagon. Remember followers will be eaten for lunch by their competitors.

Start by validating your business and technology strategy in light of the technologies of the Fourth and Fifth Industrial Evolutions. Gather together your organizational “facts” that drive your current reality. Examine your goals in light of the technology and say to yourself where does IoT fit in making customer satisfaction a reality? Where does AI play in increasing my market share and where does RPA drive top quality service which is fast and efficient? How do the technologies collaborate with my legacy systems to gain a better knowledge of my customer’s needs and wants?

Next, build your operational analysis case and drive home the measurements. Every person, act, and an element of technology can be measured. Demonstrate the cause/effect and don’t forget the cybersecurity aspects. All cyber security can be regulated so build that into your analysis.

Take the business/technology validation coupled with the operational analysis and build for financial cost models. Keep in mind before you implement be sure you develop your prototype model. A real working model with all the technology in place. The investment will pay tenfold because in the prototype is where the buy-in process occurs in real terms. “Buy-in” at the strategy level, the operational analysis level and even at the cost model levels are “cerebral,” the prototype is buy-in from the “gut.”

A hint on development/implementation: Time boxes your phases in eighty-day phases. That will give you almost four successful rollouts in a year. Each deployment should be a working roll out not entirely dependent on the future ones and let the follow-on phases build on the previous ones. You will see more success in this fashion.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s