The CIO’s priorities for purchasing services and applications in 2015

This is a transcript of The Axway Podcast of the same name.

ANNOUNCER: From Phoenix, Arizona, this is The Axway Podcast. Here’s your host, Mike Pallagi.

PALLAGI: In November, CIO.com published an article by Kevin Corbin that reviewed a survey of the members The National Association of State CIOs (NASCIO). The survey aimed to identify the goals of the CIOs for the coming year and their priorities for purchasing services and applications. The three priorities: cybersecurity, adopting cloud services, and optimizing and consolidating resources and services. So I asked Rob Meyer, Axway’s vice president of the API Management Business Line, to tell me a little about their significance.

YouTube Preview Image

MEYER: Regarding the first priority around cybersecurity: if you look at SafeNet or other sites that track the number of breaches, we’ll probably end up close to two billion records breached this year. And it’s going to continue to get worse. Most of the systems — and this is really what’s behind it — that most of the systems were designed assuming they were behind a firewall.

PALLAGI: But a lot of the initiatives that are taking state and federal agencies toward digital business — meaning becoming digital agencies — like the cloud, like adopting mobile devices, or even just integrating more with other agencies and companies — they all break that assumption.

MEYER: It’s like trying to defend against modern bombers and paratroopers and helicopters or bridges with a moat. It just doesn’t work. And so, what companies have to do to deal with cybersecurity today, what agencies have to do, or state and local organizations… They have to build up a new layer, really — the people, the processes, the technology that replace the traditional firewall, the moat — with the right approaches, the best practices, for cybersecurity today.

PALLAGI: Then there’s the second priority, adopting cloud services. Corbin writes that, “State CIOs named the adoption of cloud services their second priority for 2015, with survey respondents identifying strategy, provider selection and governance models, among others, as key areas of focus. Unsurprisingly, CIOs said that security is also a top concern as they consider moving services and applications to the cloud.”

MEYER: If you do anything with cloud, something needs to ground the cloud. It needs to connect it to all the on-premise systems. And that layer just doesn’t exist. If it did, it really wouldn’t be a priority today. People would be able to just hook up their on-premise applications and systems with cloud services. So there needs to be a secure integration layer — some people even call this a “service virtualization layer” or a “service control layer” — that surfaces up, that exposes the inside services in the systems, turns them into outside secure APIs or web services or even files that are hardened, that are auditable, that are secure and documented, and can be discovered and consumed through some self-service techniques by people outside the firewall.

PALLAGI: In short, Rob said, that’s what’s truly needed if people are going to be successful with cloud today. To optimize, they need something that grounds it. And that brings us to the last priority: optimizing and consolidating resources and services. What was Rob’s take?

MEYER: Regarding the last priority around optimizing and consolidating resources and services: it’s important to consolidate the hardware and software and all the boxes being used at what many thought was about ten percent utilization. And so, you saw a lot of data center consolidation initiatives at the federal, state, and local levels. But these CIOs do have bigger issues that come out once they start consolidating.

PALLAGI: So when CIOs start putting up all these applications, whether they’re legacy or packaged or custom, they start to realize that the hardware and the software was only about 25 percent of the cost of the app.

MEYER: And when you end up with several of the same types of apps running in the same data center, you might ask, “Should I consolidate these and how?” Or the executives outside of IT, they ask for improving the processes that we have, “What kinds of changes should we do to the business processes we have in place that are going to make the agency, the government, more efficient?” That triggers bigger changes. That triggers any kind of business process improvement or some other kind of consolidation.

PALLAGI: And what you don’t want to do after all of this work is end up making the same integration mistakes all over again, just under the covers, so to speak.

MEYER: If you do what you did on premise in the cloud, you could call it spaghetti as a service. And that’s not where you want to end up. You want to invest now in a center of excellence, exactly the way we did it with SOA to help govern these end-to-end flows and integrations between the agencies involved or the outside corporations involved between the agencies that are crossing the firewall, and to reuse the work, to monitor and manage all these integrations, and to avoid having another integration nightmare.

To read Kevin Corbin’s article, please click here.

To learn more about cloud integration, please click here.

The Rise of the API Product Manager
Kevin Kohut presents.At the API workshop event in Dallas last Friday, Kevin Kohut from Accenture gave a fascinating talk to a packed room about how to embrace the API economy.

Kevin focused on what it means to be “API first.” He explained how it’s different than “SOA first.” In the world of SOA, the WSDL was the “contact,” but not managed as a product. In “API first,” the API is the “contract” but is also the product. Kevin quantified this in his “API first equation,” which is:

                           ”The API is the contract” + “APIs are a product” = “API first”

Products need a product manager, and APIs are no different. We are starting to see the role of “API Product Manager” emerge. Innovators like Citi now have job postings for an API Product Manager. This person would, using API management, manage the API lifecycle, calibrate rate plans and monetization, and ensure that APIs are aligned with clients.

There is another chance to hear Kevin speak about being “API first” at the API workshop in Atlanta this Thursday, 20 November. All are welcome, and I look forward to some great discussion on the new role of the API Product Manager in the “API first” world.

(Originally posted in slightly different form at soatothecloud.com.)