The new wave of telematics delivers
benefits throughout the automotive
Under the Hood with Ford
Insurance’s Perfect Storm
Enterprise IT Gets Lean
The Matrix Is Here
IS YOUR POINT
OF SALE SYSTEM?
Imagine the power to quote, propose and process
from tablets and mobile devices, all integrated
with your core policy administration systems.
The new CSC Integral TM Point of Sale solution
gives insurers out-of-the-box flexibility to quickly
launch products and perform end-to-end point of
sale and service functions. The next-generation
system is mobile-ready for agents and customers,
and it includes offline capabilities so insurers can
continue working even without Internet access.
In the new world of Digital Insurance, mobile
sales and service solutions are within reach
FOR THOSE WHO SOLVE.
Inside CSC World
CHIEF MARKETING & COMMUNICATIONS OFFICER
SENIOR MANAGING EDITOR
CONTENT MARKETING EDITOR
Jim Battey, Nathan Conz, Dale Coyner, Cal Harrison,
Peter Krass, Jenny Mangelsdorf
DESIGN & PRODUCTION
3170 Fairview Park Drive
Falls Church, Virginia 22042
ASIA, MIDDLE EAST, AFRICA
Level 9, UE BizHub East
6 Changi Business Park Avenue 1
Republic of Singapore
26 Talavera Road
Macquarie Park, NSW 2113
CENTRAL AND EASTERN EUROPE
NORDIC AND BALTIC REGION
SOUTH AND WEST EUROPE
10 place des Vosges
92072 Paris la Défense Cedex
UK, IRELAND AND NETHERLANDS
One Pancras Square
CSC WORLD (ISSN 1534-5831)
is a publication of
Computer Sciences Corporation.
Computer Sciences Corporation
All rights reserved.
Reproduction without permission
This edition of CSC World marks an important milestone, as we
complete the separation of our company into two global leaders:
CSC, serving global commercial and international public sector
clients; and a new enterprise, CSRA, which combines our U.S.
public sector business with SRA International to become the
largest IT services company focused on the U.S. government.
This is another exciting chapter in our journey, and I’m grateful
for the role that everyone at CSC has played in bringing our
transformation to this stage.
When you consider the scope and speed of the transformation we have
undertaken, it’s fair to say that we’ve made remarkable progress. Since 2012,
we have focused on providing leadership and value to our clients. We’ve grown
relationships with our strategic partners. We’ve improved our financial and
operational performance. We have a clear strategy that streamlines our offerings
and aligns with key industries. And — most importantly — we have become a more
relevant and competitive player in the global technology ecosystem.
The improvements we have made to date are being recognized by everyone — partners,
investors, financial and industry analysts, and especially our customers and employees.
So, what does that success mean as we turn to CSC’s next chapter?
We hear from clients throughout the world that they need to transform their legacy
systems, applications and workloads. For many of these clients, IT no longer just
supports the business, it is the business. But with so many competing priorities,
they just aren’t sure where and how to begin.
We have reinvented CSC so we can lead our clients on their own digital transformation
journey. The offerings we’re developing today build on a new generation of technologies
to address the major business shifts our clients are encountering today.
As a global leader in delivering next-generation solutions, we know that today’s
challenges can’t be solved by only one source. Our partners are key to accomplishing
our goals and those of our clients. That’s why we’re developing products and
capabilities within a robust alliance ecosystem. Working with other industry leaders
makes our R&D investments and expertise go further and enables us to offer
end-to-end solutions that best address client needs.
We’re also making better use of our own domain expertise and intellectual property.
Large segments of the insurance, banking, and healthcare and life sciences industries
rely on CSC products and services. And we’re developing new solutions, making
new investments to maintain our leading position and continually innovating to
keep ahead of change.
This truly is a remarkable time in CSC’s journey. With approximately 56,000 employees
serving clients in more than 60 countries, we’re in an excellent position to help clients
succeed, build exciting new offerings, develop the next-generation skills
of our employees and return greater value to our shareholders.
Now, more than ever, we’re poised to help clients navigate their own digital
transformation — to better serve their customers, maintain
competitiveness and forge into the future.
We have great reason to be excited about what’s ahead — for
CSC, our clients, employees and all of our stakeholders.
Enjoy the issue.
President and CEO, CSC
NOVEMBER 2015 | CSC WORLD
CSC WORLD | NOVEMBER 2015 | VOLUME 13 | NUMBER 2
CSC acquires two leading IT providers, forms a joint
venture to focus on banking modernization, introduces new
cloud solutions and reports on corporate responsibility.
6 HEARD ON CSC.COM
Experts are coming to CSC.com’s blogs and Town
Halls to give their insights on industry developments
and technology trends.
Connectivity enables exciting innovations that can
attract new buyers. But the true value of connected
cars extends much further.
12 5 Things CIOs Need to Know About
CIOs facing the dual challenge of innovating to grow while
reducing costs should focus their attention on five main areas.
14 The Questions Life Sciences Firms Ask
Before rushing into the cloud, companies should first
address two important issues: compliance
16 Reaching the Full Potential of Healthcare IT
As the healthcare industry undergoes widespread
disruption, CIOs might do well to revisit Maslow’s
theory on the hierarchy of needs.
18 NHS Trafford CCG: Setting a New Standard in
Patient Care Coordination
The innovative Trafford Care Co-ordination Centre could
evolve into a model for the provision and management
of population health.
20 Improving Speed to Market
In a consumer-driven environment, insurers can achieve
better speed to market by following these six strategies.
22 Digital Insurance: How to Compete in the
New Digital Economy
To succeed in the digital age, an insurer’s relationship with
its customers needs to be more holistic and experiential.
24 All About Scale
In an informative Q&A, executive Karen Johnston explains
how insurer MEMIC dramatically expanded its business.
26 4 Factors Creating a Perfect Storm in the
Four major market forces are on the verge of changing
the way the entire industry works, and may even
change the players.
2 CSC WORLD | NOVEMBER 2015
Explore key trends and data in visual and interactive
ways with a collection of CSC infographics on emerging
CSC TOWN HALLS
Join a continuing series of online conferences on
IT topics that matter to you, featuring CSC experts and
special guest speakers ready to answer your questions.
SUCCESS STORY BRIEFING CENTER
View video success stories featuring CSC subject matter
experts, clients and global partners.
28 Turning Anonymous Riders into
Scandinavia’s largest public-transportation agency
replaces paper tickets with a digital system that offers
truly personalized customer service.
30 Reinvesting in the Right Stuff for
Aerospace and Defense
The 2015 A&D Market Survey reveals the top two priorities
of execs: product innovation and lower costs.
32 3 Steps to Seasonal Readiness
Preparing for seasonal spikes is far from simple.
Retailers can benefit by proactively adopting three
34 Hiding in Plain Sight
If today’s advanced persistent threats have not yet penetrated
your systems and data, you can be certain they will.
38 Modern IT Architecture in One Word: Shared
An increasing shift toward “sharing” — sharing services,
data, code and more — is causing IT architects to look
at systems in new ways.
40 Enterprise IT Gets Lean
Enterprise IT executives are adopting tried and true manufacturing
concepts targeting waste and complexity.
42 The Matrix Is Here
An emerging set of digital services is radically transforming
many aspects of business and society, and will only grow
stronger over time.
44 IT Trends to Watch in 2016
As 2016 approaches, a few trends stand out as catalysts of
change. Developing strategies around these trends could
give enterprises a competitive edge.
36 The DevOps Disruption
DevOps transformation can not only lead to competitive
advantage, but under the right conditions, it can also
create market disruption.
37 Lessons Learned from the DevOps Front Lines
A panel of experts weighs in on how DevOps can accelerate
the application development, testing and release process.
NOVEMBER 2015 | CSC WORLD
FIXNETIX AND FRUITION JOIN CSC
CSC in September completed acquisitions
of two key technology providers: Fruition
Partners and Fixnetix.
Chicago-based Fruition Partners is a
leading provider of technology solutions
for the service management sector.
Founded in 2001, Fruition is also the
world’s largest ServiceNow exclusive
service management consulting firm.
With the addition of Fruition, CSC
bolsters its ability to offer both
enterprise and emerging
clients an expanded
range of cloud-based
solutions. These new
solutions help businesses
efficiency while lowering
their operating costs. Also,
CSC now delivers the world’s
only fully managed ServiceNow
application service offering.
Marc Talluto, Fruition’s co-founder
and CEO, says the combined business
“marries CSC’s global strength with
Fruition Partners’ service management
expertise to bring existing and new clients
even greater results as they continue to
be challenged in the constantly evolving
digital world.” Talluto will now lead CSC’s
global ServiceNow organization.
Fixnetix, based in London, was founded
in 2005 and quickly became a leading
provider of front-office managed trading
solutions in capital markets. CSC will
combine Fixnetix with its own nextgeneration
IT platforms and IT utility
services. As a result, CSC can now offer
capital market companies an expanded
range of as-a-service front-office
capabilities. CSC can also address the
market’s growing demand for greater
efficiency and innovation.
Steve Hilton, executive
vice president and
of CSC’s Global
Services, says CSC
and Fixnetix have a
to provide clients worldclass
services for low-latency trading,
market data, hosting, connectivity
and risk management solutions.”
TO MODERNIZE BANKS
CSC and HCL Technologies this summer
formed a banking software and services
joint venture called CeleritiFinTech.
Banks desperately need IT innovation to
keep pace in a fast-changing industry.
Yet many banks still spend up to 80
percent of their technology budgets on
mundane “keep the lights on” activities.
To help, the jointly owned company will
invest in platform modernization and
product functionality enhancement, and
it will capitalize on the proven capabilities
of both companies in addressing the
multibillion-dollar, global core banking
HCL, founded in 1976, describes itself as
one of India’s first garage start-ups. Since
then, the company has grown dramatically.
It now has more than 105,000 employees,
offices in 31 countries and annual revenue
in excess of US$6 billion.
CeleritiFinTech will help banks extend
the useful life of and investment in their
current platforms, enhance and expand
CSC’s core banking and cards platforms
into modernized end-to-end solutions
under the Celeriti suite, and advance
digital banking transformation solutions
in conjunction with other partners.
“Many of our banking clients are looking
for modernization of their legacy platforms
while simultaneously managing the
increasing demands for data analytics
services, multichannel deployments
and increasing regulatory compliance
requirements,” says Anant Gupta, HCL’s
president and CEO. “The joint entity is
designed to meet those critical demands
with new and innovative solutions, and to
expedite the modernization transformation
journey of our banking clients.”
4 CSC WORLD | NOVEMBER 2015
MAKING HYBRID CLOUDS EASIER
TO MANAGE WITH AT&T
Managing workloads across hybrid cloud
networks just got a whole lot easier and
more secure. That’s because CSC and
AT&T have jointly announced a solution
to help businesses become more flexible
and lower their costs by moving key
business applications to the cloud.
The new solution, called AT&T NetBond
with CSC Agility Platform, is itself
something of a hybrid. The joint solution
empowers developers to rapidly
and consistently provision applications
onto cloud and network services using
automation. This, in turn, means that
enterprises can now safely transform to a
highly secure hybrid cloud environment.
“This is a step forward for enterprise
cloud service,” says Dan Hushon, CSC’s
chief technology officer. “End-to-end
control helps the most complex environments
Here’s an example of how it works:
Imagine a business struggling to meet
IT demand. The company could use
the new AT&T–CSC solution to boost
computing power, storage and network
capacities. It could then access multiple
cloud providers from a CSC Agility
Platform TM single control plane over
AT&T’s virtual private network. This could
improve security and resource management,
while also reducing audit burdens.
Learn more at
CSC remains strongly committed to
corporate responsibility and environmental
sustainability — and the company has the
facts and figures to prove it.
CSC recently released its latest Corporate
Responsibility and Sustainability
Report, which details all global, social
and environmental sustainability
achievements for the latest fiscal year.
As the report shows, CSC has:
ADDING ON-DEMAND WORKLOAD
PROTECTION FOR CLOUD SECURITY
CSC recently unveiled an enhanced,
pay-as-you-go cloud security services
solution. It enables enterprise clients
to scale their cloud-workload security
functionality up — or down — as
required by their business, technical
or financial needs.
On-Demand Workload Protection, the
new solution, was developed by CSC
with technology partner CloudPassage.
It’s designed to help clients protect
their cloud workloads and consume
cloud-based security services using
the same attributes that have made
public cloud computing services
In the past, many organizations had to
cobble together cloud solutions based
on multiple technologies and legacy
licenses. But now, CSC’s new Security as
a Service capability lets companies use
flexible, consumption-based security
models instead. These can flex in
concert with a company’s business
and operational requirements.
The new solution offers an affordable
alternative that gives enterprises clear
visibility into all their platforms and
workloads. Eliminating the need for
dedicated staff to manage and monitor
multiple security services internally
will also free up resources that can be
invested elsewhere in the business.
• Created a 3-year Global
Environmental Strategy reaching
across all of the company’s data
centers and offices worldwide. The
goal: drive compliance with energy
and e-waste reduction targets,
achieve international certifications,
and meet green-building standards.
• Achieved a 15+ percent absolute energy
reduction against the 2012 baseline,
exceeding the original 10 percent
reduction target in just 2 years.
• Realized a 13 percent global greenhouse-gas
reduction against the 2012
baseline, remaining on track for an
18 percent reduction by 2018.
“As we move forward with our transformation
agenda,” says Mike Lawrie, CSC’s
president and CEO, “our commitment to
corporate responsibility remains a crucial
pillar of our business success.”
NOVEMBER 2015 | CSC WORLD
Experts inside and outside of CSC are coming to csc.com to make
their voices heard, in CSC Town Hall webcasts and our blogs. Here
are some highlights.
We look for people who have the skill to acquire new
skills. We look for people who understand models.
Whether those are programming models or financial
models, or data models — they’re able to take those
models and translate those into slightly novel situations.
Chief Technology Officer, Asia, Middle East and Africa, CSC
Town Hall, “Hottest IT Job Skills”
In the technology world we are used to raw performance
doubling every 12 to 18 months under Moore’s law. That’s our
expectation, but it’s not been true for battery technology. The
lithium-ion battery has been a workhorse for nearly 25 years
now; in that time there have been a number of incremental
improvements in capacity, but nothing approaching Moore’s
law. In many ways Moore’s law makes the lack of progress in
battery technology even more striking as the devices that
we carry around get increasingly powerful, leading to higher
Principal Solution Architect, CSC
CSC Blog, “Batteries: The unsolved problem in our mobile world”
6 CSC WORLD | NOVEMBER 2015
Send in the
To be successful in providing
next-gen mobile solutions to your
workforce, you need a next-gen
mobile maverick. Some weird guy
who’s not afraid to break with habits which ruled IT for the
last three decades. A brave enthusiast whose mission will
be to bring a fresh breeze of Silicon Valley-like paradigms
into your IT department. A strong believer in Steve Jobs’
3-tap mantra or Amazon’s 2-pizza rule.
Head of Global Mobility Consulting
CSC Blog, “Why a Mobile Maverick is Mission Critical to
Your Mobile Strategy”
big data meet
In many cases, we can incentivize customers to play an active
part by sharing data and, based on the insights from that data,
modify their behavior to reduce risk. It’s a fantastic model for
the insurance industry, one that offers greater transparency
and value for all stakeholders.
Insurance Industry Strategist, CSC
CSC Blog, “IoT: Where Telematics and Big Data meet to
create huge opportunities”
not feed the
Unused apps forgotten on smartphones and tablets could
contain vulnerabilities which can be exploited through
permissions granted to an unrelated app that hackers can
leverage to turn the dead app into a zombie. In addition to a
backdoor approach, hackers often will trick users with bogus
updates for the app which, if approved, enables the hackers
to grab personal (and maybe enterprise) information from
CSC Blog, “Are ‘zombie apps’ stalking your mobile users?”
A tool for our time
No matter how groundbreaking we think
our new technology tools are, they are
only tools. They fit into a long history of
tools designed to improve the practice
of medicine and, in a nicely Darwinian
turn, only the fittest will survive. Will
the smartphone be one of those tools that stand the test
of time? Well, I’d confidently predict that some kind of
personally owned health and well-being management
device will certainly become ubiquitous.
Director, Global Industry Marketing, CSC Healthcare
and Life Sciences
CSC Blog, “In the 21st Century Medicine Will Be Different,
and This Time It’s Personal”
NOVEMBER 2015 | CSC WORLD
by Dale Coyner
The new wave of
Learn more about CSC’s
connected car solutions at
8 CSC WORLD | NOVEMBER 2015
Autonomous driving and electric cars may dominate
headlines about the future of the automobile, but the era of
the connected car has already arrived. Fueled by demands
from an always-connected mobile society, millions of cars
equipped with built-in connectivity are driving off dealership
lots every year.
Connected vehicles enable a host of innovations that add
convenience, comfort and safety, says Chris Fangmann,
CTO, global manufacturing industry at CSC.
“Connectivity enhances safety features such as parking
assistance, adaptive cruise control, blind spot assistance,
collision avoidance and improved night vision, to name just a
few,” he says. “While those features are important to attract
new buyers, the value of connected cars to automotive and
other industries, such as insurance, extends much further.”
Let’s stay in touch
Data generated by connected vehicles has inherent value,
whether it’s used to study the reliability and service life of a
power window relay, analyze and automatically optimize engine
performance in a wide range of environments, understand
driver habits, communicate with other vehicles, predict failures,
report an accident, or track and predict any of a vast range of
specific vehicle metrics.
Ford Motor Company will be using the data to customize
maintenance and services, improve safety and enhance
the driving experience.
“With connected vehicles, we can create a custom
maintenance schedule for the customer,” says Roopak Verma,
Ford’s CIO for Europe, the Middle East and Africa. “Today, we
might tell a customer to change the oil every 10,000 miles,
but in reality the schedule should be based on the customer’s
driving habits. With connected capabilities, you can know it’s
OK to wait until 11,500 miles, and the same applies to every
component in the car.”
Connectivity also enables Ford vehicles to automatically
reconfigure driving characteristics based on weather and
In a pilot project in London, Fords are even tapping into data
from parking lots. “You enter an address into the GPS, and you
can see in real time where the parking spaces are — and
in London, that’s a big deal,” Verma says.
Ford is conducting pilot projects for car sharing, which is
made easier with connected cars. Rather than exchanging
keys, drivers can simply send a code to unlock the vehicle
over a mobile phone. Settings for the seat, radio, rearview
mirror and more can be activated with the touch of a button
on a smartphone.
“I believe the biggest impact is going to be to the fleet business,
because you can really optimize your costs,” Verma says.
Larry Stolle, global automotive marketing director at SAP,
says advancements like these are changing the fundamental
makeup of cars. “I like the contrast Dr. Lawrence Burns from
the University of Michigan makes: When you look at the old
DNA of the industry, the automobile was fossil-fuel powered,
mechanical, owned and operated by a person, and built to
suit many purposes,” Stolle says. “The DNA of the car is
changing — self-driving, shareable and more types built for
specific uses. That future is here, now.”
The power of data
The collected data has great potential value beyond
manufacturers, for example to third-party service providers
such as auto insurance companies. Vehicle information can
help insurers adjust rates based on driver performance,
leading to more efficient risk-pricing models, lower claims and
faster claims processing. Marketers would pay for that data,
too, because they would have yet another channel to reach
customers. Plus, new services could be offered based on the
data — imagine drivers entering a route into their GPS and
receiving a proposal for trip-dedicated roadside assistance
due to road and weather conditions.
Governments have begun to grasp the significance of connected
vehicle data. Proposals by federal regulators in the United
States, the European Union and Brazil are targeted at either
encouraging or requiring manufacturers to include telematics to
improve safety, report crashes and reduce incidents of vehicle
theft. The U.S. National Transportation Safety Board is creating
standards to promote connected technologies, predicting that
crashes may be reduced by more than 75 percent. The European
Union in 2013 called for the inclusion of crash alert devices,
estimating that this action could save 2,500 lives annually.
Governments, as well as private companies, can also use data
about road conditions to focus their investments on road repairs
or route planning.
Retailers are eager to tap into the personal data collected,
including location, but the challenge is finding services that
both benefit the customer and address privacy concerns,
Ford’s Verma says.
“We have so many legal constraints, data privacy constraints.
How do we ensure the user’s ownership of data is taken
into account?” Verma says. “That is slowing us down a
little because everybody wants to be extremely careful in
complying with the law.” (For more insight from Ford’s Verma,
see sidebar, page 11.)
One solution is to give drivers the right incentives, according
to Fangmann. “Most people are willing to give up some data
privacy for a 5 to 10 percent better deal on services or
products,” he says.
NOVEMBER 2015 | CSC WORLD
Car Hacking from the Couch
Imagine driving along the highway at 70 mph.
Suddenly, the air conditioner begins blasting
cold air, the radio switches stations and the
Cruising toward an overpass with no shoulder, you
lose control of the accelerator. RPMs climb and
speed drops as the transmission is disabled.
Ten miles away, a hacker sits comfortably on
his couch while he wreaks havoc with your
This scenario may seem like the stuff of science
fiction, but it has already been demonstrated by
security researchers looking to show vulnerabilities
in connected cars. And while it’s a frightening
prospect, it should hardly be surprising.
Consumers value bandwidth, apps and connectivity
in the way previous generations compared
horsepower and torque, and manufacturers have
rushed new features to market faster than they’ve
been able to secure them. With up to 100 million
lines of code, today’s vehicle is a rolling, ragtag
collection of industrial-era technologies and
outdated, poorly tested code.
Industry initiatives such as the Automotive Open
System Architecture (AUTOSAR) and the Japan
Automotive Software Platform and Architecture
(JasPar) were developed to standardize vehicle
control systems. In the United States, the Security
and Privacy in Your Car (SPY Car) Act introduced
in July 2015 would direct U.S. federal agencies to
create standards requiring automakers to secure
cars and protect drivers’ privacy.
Suresh Mandava, associate partner for Internet
of Things and big data security at CSC, says the
industry should learn from aerospace and defense
manufacturers and invest in quality coding and
stringent testing to reduce the code footprint
and standardize hardware components and
“Security needs to be baked into the engineering
and architecture of the connected car platform —
not be an aftermarket fix,” Mandava says.
Staying connected in the aftermarket
Still, connected cars offer manufacturers an important avenue
for developing stronger, longer-lasting ties to customers.
“Manufacturers have a reasonable chance of generating
revenue from an owner during the duration of a vehicle’s full
warranty, a window of about 3 to 5 years. Once that period
ends, things change,” Fangmann says. Owners soon begin
making greater use of aftermarket service and independent
Compounding the problem is the fact that cars are staying on
the road longer, with the average age of vehicle registrations
creeping up to 11 years. IDC reported in 2014, citing survey
data and registration statistics, that 71 percent of the U.S.
driving population will likely not upgrade their vehicle for 2 to
7 years — or longer.
Connected cars alter that equation by offering manufacturers
an effective way to stay in touch with vehicle owners over a
vehicle’s entire life cycle. Manufacturers would have a much
greater chance of maintaining service revenue and a stronger
brand-building channel to drive repeat sales. And that
always-on connectivity can help automakers notify drivers
about recalls and address security threats more effectively
by issuing over-the-air software updates to critical systems.
Not too late for older models
The number of new vehicles shipping with telematics systems
accounts for only a small percentage of vehicles on the road
today. For vehicles that predate the connected car revolution,
CSC offers hardware, services and an online platform that can
collect and report performance data from a car’s controller
area network (CAN) bus port, used for diagnostics.
Data is displayed in a dashboard on a variety of mobile
devices for the driver, owner or fleet manager, as well as the
manufacturer. “Car makers, rental agencies and enterprise fleet
managers have the opportunity to bring millions of vehicles
online,” Fangmann says.
Despite the challenges in ramping up quickly, automakers
need to continue to push ahead with connected capabilities,
as competitors who already understand the value of large
data pools are nipping at their heels. A few well-known Silicon
Valley enterprises with large connected customer bases, such
as Google, have been experimenting with their own mobility
services and connection technologies.
“These companies are making rapid
progress, and they’ve already connected
customers,” Fangmann says. “This could
allow them to become the owners of the
connected car space before manufacturers
realize they’ve been overtaken.”
DALE COYNER is a writer with CSC’s
digital marketing team.
10 CSC WORLD | NOVEMBER 2015
Under the Hood with Ford
— Ford CIO,
Europe, the Middle East
Ford Motor Company was among the first in the industry
to offer connected car services through the driver’s cell
phone. This year, all new models released by Ford in
North America have a built-in modem for connectivity,
with European cars to follow in 2016. For more on the
key considerations raised by connected cars, CSC World
recently spoke with Roopak Verma, Ford’s CIO for the
Europe, Middle East and Africa region.
How is Ford helping to secure the connected car?
How can OEMs work together to address this threat?
Recent security demonstrations [see sidebar, page 10]
have really prompted all of the OEMs to take a hard look at
vehicle security. We have the capability today to remotely
unlock a vehicle, and if someone can hack into it, that’s
the first thing he or she will do. If someone can control the
functionality of the vehicle remotely, that’s dangerous.
What role is data analytics playing at Ford in supporting
automotive sales, production and services?
Data analytics and intelligence can give us a single, integrated
view of people who are researching a car on the Web, linking
them with the people who may come in and visit the dealer,
and linking them with the people who might actually buy a
car and then come back to Ford for the servicing. It can help
us change the whole marketing paradigm.
It’s also going to help us make a connection with the
customer to design the next-generation car. We won’t
need hundreds of hours of research to find out where
the next trends in car designs are going. We’ll be talking
to our customers.
Organizations are under constant pressure to step up their
rate of innovation. How are you nurturing innovation at Ford?
A Fusion Hybrid, for example, is generating 25 gigabytes
of data per hour. A hacker would love to get access to the
functionality of the car, your location data, your contact
data, even your credit card data. At Ford, we realize you
have to have the fundamental security architecture built
into the vehicle. The architecture that controls the vehicle
functionality needs to be isolated from the connected
vehicle architecture, and you need encryption between
One of the things we’ve been doing in Europe is looking
for a way to really democratize innovation. What we used
to always see is that you could come up with a great idea,
it worked well, but there was always a challenge in the
implementation and getting the business value out of it.
So we started the Ford Innovation Challenge. The idea is
that anybody in Ford with an innovative idea can put it
forward. We opened it for 2 weeks and we had 415 ideas.
Everybody’s facing a common challenge. A lot of the safety
features we expect are going to require vehicles to talk to
each other, so if a Ford car is not talking to a GM car, it’s not
going to know the car is stopped ahead just around a blind
curve. That type of connectivity is going to require us to work
together on the protocols and the security architecture.
We had a semifinal event to select the top 12 ideas, and now
the business owns these ideas, and we are going to provide
them time, funding and resources to take them forward.
Then we’ll come back in January and see who has been
able to make enough progress so that they can become
part of our business plan. It’s exciting.
NOVEMBER 2015 | CSC WORLD
5 THINGS CIOs NEED TO KNOW
by Steve Andrade
Changing market dynamics are forcing
companies to innovate to grow while
reducing costs, so life sciences companies
need to adopt a Capital-Efficient
Innovation approach. Here are five areas
where CIOs should focus their attention.
1. Capital-Efficient Innovation is about agility
To drive innovation, you need to have the elasticity within
your infrastructure to support existing and new business
objectives. Agility means putting the right platform, processes
and discipline in place to be able to quickly respond to market
opportunities, regulatory challenges, changes in the supply
chain, and so forth. Flexibility is enabled via an IT platform
through which you can embrace and support new services,
products and capabilities.
Having an agile and consistent IT platform allows companies
to derive value from integrating systems used by different
functions in the business. So, for example, a company’s
regulatory information management (RIM) platform can be
integrated with content management solutions and master
data management activities. But to derive the greatest benefit,
the IT platform needs to be easy to use, so you need to build
the right platform to enable agility.
One way to achieve platform simplicity is through a trusted
cloud service, which opens up the opportunity to build a
more agile and interconnected architecture. Adopting cloud is
beneficial at both economic and business-value levels, because
it reduces the cost of infrastructure while accelerating time to
market by making it easier to deliver services in a consistent
and repeatable way.
In addition, as CIOs increasingly focus on what systems and
processes they need to run the business, an agile IT platform,
enabled through the cloud, creates an environment for lowcost
prototyping of alternative solutions, allowing ongoing
innovation without additional cost.
12 CSC WORLD | NOVEMBER 2015
2. Capital-Efficient Innovation is about compliance and security
Progressive CIOs need to drive toward architectural simplicity
to improve regulatory compliance. While companies
understand that RIM is integral to managing the regulatory
submission process, for RIM to provide the level of compliance
and business value that the enterprise requires, regulatory
rich information should be leveraged more extensively
across the organization and supported by a more agile
and integrated platform.
The broader benefit of an integrated approach to compliance
is that it helps you bring products to market faster, and enables
a smarter and lower-cost way of managing regulated activities.
The challenge in most organizations is that data is dispersed
across numerous legacy systems that run globally within a
complicated and outdated IT architecture.
In addition, you need to ensure a clear, streamlined security
strategy to protect the enterprise’s assets and minimize
the risk — and cost — of security breaches.
CIOs are tasked with helping achieve these goals without
additional cost burdens to the business, and with the right
infrastructure it’s now easier and less resource-intensive
to make use of capabilities such as radio-frequency
identification (RFID), data leakage protection, identity
and access management, application security, network
security, and single sign-on.
3. Capital-Efficient Innovation is about governance and
As organizations have moved away from vertical integration to
orchestrating a complex network of suppliers and partners, it
has become even more important to have a clear governance
and portfolio management structure in place. To manage those
many relationships and activities effectively and efficiently, you
need to be able to ensure that every relationship is governed
in a structured and repeatable way.
Governance also encompasses portfolio management; an
efficient governance structure allows you to look at the cost
base around your portfolio of activities and determine the
most efficient way to manage those activities.
acquisitions, divestments, and the increasing dependence on
external partners. But to make best use of the global skills and
knowledge these new or supplemental team members and
partners bring, you need to become more comfortable leading
and working with co-located and distributed teams across
the globe and across organizations.
To make best use of talent, you need to put in place processes
that enable you to identify and source the right skills, both
inside and outside the business, not just at an operational level
but also at a strategic level. At the same time, you need to seek
out the right resources to help your company develop and train
its own people in order to respond to rapidly changing market
dynamics and trends.
5. Capital-Efficient Innovation is about collaboration
At all levels — R&D, clinical, infrastructure and supply chain —
life sciences companies are collaborating with many different
stakeholders, both internally beyond their functional walls and
outside the organization with business partners. The need to
innovate at an R&D level has led once-insular companies to
work with academic institutions, start-ups, biotechs,
technology companies and former competitors.
Collaboration means that you need to be able to share
information and intellectual property securely, through flexible
cloud-based or as-a-service platforms that can be scaled up
during the collaborative process, allowing rules-based access,
and scaled down when not required, without residual cost.
It’s about having an agile platform that lets the enterprise
work across multiple clouds and organizations, and securely
access different applications, as well as the information within
those applications. Mobility is also an important enabler
of collaboration, because today’s workforce not only is
geographically spread out, but increasingly needs access
to information while working beyond the corporate walls.
Connecting the dots
Capital-Efficient Innovation responds to the industry’s dual
challenge of innovating to grow while reducing costs. And
the industry is trying to achieve this while staying true to its
purpose: bringing life-saving products to market faster for
patients across the globe.
The question becomes, are the tools and processes in place
to activate and manage governance and the portfolio, in order
to work more efficiently? Companies can’t govern without
portfolio management, without effective supplier management,
or without adopting architectural simplicity. This is relevant
across all functions within the business: Without architectural
simplicity, businesses can’t optimize the supply chain or
enhance how they collaborate with R&D partners, or
manage global regulatory information.
As CIOs increasingly take the lead in delivering the innovation
needed to enable the objectives set out by the stakeholders,
their priority must become to create a business model that
best optimizes the value chain to meet the needs of the
patient through Capital-Efficient Innovation.
STEVE ANDRADE is vice president and general manager
of life sciences at CSC.
4. Capital-Efficient Innovation is about talent optimization
Today’s life sciences organizations face ongoing
transformation, in particular as a result of mergers and
Learn more about Capital-Efficient Innovation in
life sciences at csc.com/CEI.
NOVEMBER 2015 | CSC WORLD
THE QUESTIONS LIFE SCIENCES FIRMS
by Dawn Waite
14 CSC WORLD | NOVEMBER 2015
As life sciences companies come under
pressure to cut costs and simplify how
data is shared, they are seeing the cloud
as an opportunity to manage enterprisewide
information. The industry, however,
has been reluctant to move to the cloud,
for both IT and business reasons.
There are benefits to both sides of the enterprise in moving to
the cloud. The business case is well understood: having clear,
consistent information available in a way that simplifies data
exchange. For IT, it means removing day-to-day management
of solution tool sets, allowing IT to focus on other valuable
tasks, such as delivering desktop consistency to the users.
That’s not to say companies should rush blindly into the cloud;
there are some important issues to address first. Here are
two common questions companies have when considering
a cloud solution.
How will validation and compliance be handled?
Compliance is almost always one of the top concerns for life
sciences companies. Invariably, life sciences business and IT
leaders want to know how, given the regulated nature of the
industry, they can move to the cloud comfortably and ensure
they are compliant. This is a valid question. While there are no
formal FDA guidelines on cloud, companies should adhere to
21 Code of Federal Regulations (CFR) Part 11 requirements and
ensure that both qualification and validation are of the highest
standards, such as with a GAMP 5 approach.
You need to qualify your infrastructure to ensure it’s doing
what it says it is. So the question is: Does your vendor have
a process in place to be able to handle that compliance? Are
there clear documented processes and deliverables for system
validation and infrastructure qualification? While most people
are aware of this necessity, companies are often nervous
about handing off responsibility for the infrastructure piece
to a cloud vendor. And it’s fair to say that not all cloud
vendors understand it.
You might be attracted to what appear to be quick and easy
cloud solutions. However, if there aren’t the necessary
processes and documentation to support the whole
qualification and validation process, this puts you at
risk, since your regulatory solutions will be sitting on
infrastructure that could potentially fail an audit.
meet compliance requirements. My advice to clients is that
whenever there is a formal change control, a process should
be followed with an assessment of whether that change needs
to go through any sort of validation. That way, if an audit takes
place, you’re assured of being completely compliant.
When entering a cloud contract, it is the client that needs to
ensure that the vendor can demonstrate they have an effective
process; hence, regular audits will be required. It will also need
to be established whether this will require additional costs or
whether an audit process is included in the service. What I
recommend to clients is to determine what your vendor offers
in terms of handling annual audits, as well as whether they
engage independent auditors to assess their data centers.
What happens if I want to move my system?
One issue I consider to be crucial, but that people don’t
always think about, is disentanglement. Let’s face it: In today’s
businesses, things change, and you should be prepared for all
eventualities. The problem is, if this isn’t part of an agreement
with your vendor, you could end up unable to extricate
yourself, or you might be unable to get your data out. In
that case, you might be forced to undertake a manual
process to get your data out, which is extremely costly.
When you are looking to move to the cloud or an IT managed
service environment, it’s important to understand that things
can change. To use a specific example, recently a client went
through an acquisition, and the decision was made to go to
an on-premises solution. As it happened, both the companies
were CSC clients, but one had an on-premises solution and the
other had a cloud solution. Because we have agile systems and
processes in place, the job of moving data to an on-premises
solution was quick and straightforward. But that wouldn’t
necessarily be the case with every cloud vendor.
The approach we recommend is inclusion of a Provision of
Disentanglement. That’s a framework of “what happens if,” and
it defines where the responsibilities lie, what the vendor would
need to do to extract a client’s data, who needs to be involved,
and what the timescale is. While this can’t be definitively
stated, simply because you don’t have that information in
advance, you should find out what the options are, the types
of personnel that would be needed, and the likely daily rate
involved. It’s really about having an understanding of what
needs to happen to get your data out, and most importantly,
that you can get your data out.
DAWN WAITE is manager, Life Sciences in the Cloud, CSC.
Other considerations include processes concerning change
management. While the system might be set up in a compliant
solution to begin with, if you’re in the cloud, you need that
compliance to be maintained throughout the system’s life,
and if anything changes, you need to ensure those changes
Learn more at csc.com/life_sciences.
Waite will continue her look at cloud considerations
in CSC’s life sciences blog at blogs.csc.com/category/
NOVEMBER 2015 | CSC WORLD
THE FULL POTENTIAL
OF HEALTHCARE IT
by Lisa Pettigrew
stack up against the
CSC Hierarchy of
Healthcare organizations are under intense pressure to shift
their organizations faster than ever. It’s imperative that they
invest in their digital futures to prepare for new models of
care, new patient-centric engagement frameworks, and
the new technologies expected by clinicians, caregivers,
consumers and payers. But how can they do this while also
maintaining legacy operating systems, existing models of care,
and traditional reimbursement and funding arrangements?
Healthcare CIOs can be crucial in helping organizations
navigate this bimodal challenge.
As the healthcare industry undergoes widespread disruption,
CIOs might do well to take a second look at Maslow’s classic
theory on the hierarchy of needs. According to this theory,
self-actualization, or the fulfillment of potential, is the
highest level of psychological development — but it can be
achieved only after all basic needs have first been met. For
the healthcare industry, the ultimate objective — a focus on
patient-centered care, care management and population
health — can be achieved only when the potential of digital
technology has been fully realized.
To support the dialogue about digital technologies among
CIOs, physicians and healthcare business leaders, we’ve
created the CSC Hierarchy of Healthcare IT. This hierarchy
can help organizations understand the right approach
for their bimodal strategy.
as a Service
CSC Hierarchy of Healthcare IT
Population Health Management
Health Information Exchange
Core Financial & Administrative Systems
Start with the basics
The basic layers in healthcare IT — which correspond to
Maslow’s basic needs of shelter, food and water — represent
all the infrastructure and corporate back-office systems
necessary for a healthcare organization to exist. These include
networks, WiFi, storage and compute power, cybersecurity,
identity and access tools, operating systems, as well as
financial, payroll, administrative and logistics applications.
In healthcare, these technology services together serve as the
crucial infrastructure that no one sees, yet everyone relies on
to do their jobs effectively. These functions can be effectively
managed with CSC’s Agile IT as a Service solution.
16 CSC WORLD | NOVEMBER 2015
Work with the middle layers
The middle layers include Health Information Exchanges
(HIEs), which securely exchange health information across
settings and among stakeholders, as well as the core
electronic health records (EHRs) that physicians typically
associate with IT. EHRs include all the clinical data, tests and
orders, pathology, radiology, surgical and procedural notes,
and patient information. The technology here serves as the
physician’s core working system.
These middle layers, which support eHealth Optimization,
are highly visible to physicians, nurses and clinical workforces,
yet are not typically seen or accessed by patients.
Use digital technologies to support patient care and more
At the peak of the hierarchy, we reach the ultimate objective
of Population Health Enablement, where we focus on using
digital technologies to support patient-centered care, care
management and population health. This is the area of the
hierarchy that directly engages with and is visible to patients.
This hierarchy can assist healthcare technologists and
physicians in understanding each other’s frustrations
For example, even after years of energy and effort, clinicians
still cite frustrations with EHRs. But it’s difficult to expect
optimal results when making investments in something
significant such as EHRs without first fortifying the foundation.
An investment in an expensive EHR is not always matched
with sufficient investment in the core infrastructure required
to support the entirely new models of care, increased data
capture obligations and workflow changes embodied in an
EHR. New smart device access needs, new WiFi requirements,
increased cybersecurity obligations from networked EHRs,
and increased storage requirements — all of these require
investment to get the most out of an EHR.
Optimize your investments
Bottom line, healthcare organizations need to optimize
investments across the hierarchy to suit the organizations’
objectives. For example, rather than continually spending
money on the same infrastructure, it’s time to embrace
innovative, agile infrastructure arrangements such as cloud
technology and service models that shrink spending at the
bottom of the pyramid to improve spending in the middle and
the top. These investments are important because the model
of care is changing as medicine itself continues to evolve. With
a bimodal approach to IT, healthcare providers can create
offerings focused on changing patient needs.
When CIOs, clinicians and patients understand how
interrelated their needs are in the hierarchy, this can ultimately
help bring stakeholders together to customize, optimize and
Disruption Hits Health Insurance Market
Progressive CIOs use the opportunity for
Health insurance is going through a significant evolution.
Consumers have increasing choice, and insurers are looking
for ways to engage differently and meaningfully with
their members. Insurers no longer want to consider their
members as part of a large, faceless risk pool, but rather
see them as consumers trying to navigate the complex
healthcare delivery marketplace. Insurers are aiming to
reduce costs and improve coordination with providers as
the industry moves toward member-centric models.
New, well-funded digital health insurance companies
such as Oscar are shaking up the market with digital
engagement models and low overhead costs. What
can incumbent health insurers do to survive? Using
new digital technologies to their full potential — and
embracing the use of analytics — could be the answer.
Incumbent insurers have the advantage of the insights
they can draw from their massive stores of data — that
is, if they can liberate their data from functionally
isolated silos often housed in legacy applications
and managed with old-world technologies. There is a
pressing need for incumbents to invest in data analytics
to leverage value and insight from existing data stores
and ingest new data to enable more compelling
interactions with members.
Through analytics, insurers can use member information
to predict what might happen next in the patient
journey; hence, payers and their provider networks
can start to offer alternative care models to minimize
expensive medical care and intervention, and help
consumers take control of their own healthcare.
Ultimately there are three forms of healthcare data —
systems of record data (claims data, electronic health
records), genomic and genetic data, and patientgenerated
data (biometrics, qualitative data). Healthcare
CIOs need to ensure that they have future-proofed
strategies for all three forms of data and their linkages
so they can generate insights, develop new products and
channels, and address new models of member loyalty
A sound strategy for next-generation analytics could
provide just the key health insurers need to unlock the
potential of their data and fulfill their goal of providing
LISA PETTIGREW is general manager for healthcare and life
sciences in the Americas at CSC.
NOVEMBER 2015 | CSC WORLD
NHS Trafford CCG
Setting a New Standard
in Patient Care Coordination
by Jim Battey
Providing a diverse range of patients with a single point of
contact for comprehensive health services, CSC is working
with Trafford Clinical Commissioning Group (CCG) in Greater
Manchester, England, on a first-of-its-kind care center. The
innovative Trafford Care Co-ordination Centre (TCCC) aims to
provide patients, families and care providers with significantly
improved patient experience and efficiency across Trafford’s
A part of the National Health Service (NHS), Trafford CCG is
responsible for ensuring that health services for the people
of Trafford are provided at the right place and right time, and
that services are safe, of high quality and offer value for money.
The CCG is also part of the broader health system in Greater
Manchester, which recently became England’s first region to
have healthcare funding devolved to local government. The
CSC-Trafford CCG partnership to develop and manage the
TCCC is the first of its type in the United Kingdom.
Delivering quality and value
A contemporary challenge for Trafford CCG, as with healthcare
organizations globally, is to find new ways to deliver quality
healthcare in a coordinated, integrated manner. “Our vision
for the health economy in Trafford is to create a healthcare
system that’s proactive and high-quality, with excellent clinical
outcomes and ease of access,” says Trafford CCG Chief
Operating Officer Gina Lawrence. “This will be achieved by
designing services that are delivered in an integrated way,
so that patients can expect health and social care to work
together to offer the best possible holistic advice and support
for their needs.”
As healthcare becomes more
focused on the patient, Trafford CCG
is taking a more personal, caring approach.
Trafford CCG has already begun to build integrated
services in the community. However, Lawrence points
out, “Unless you have a coordination center, people don’t
access those services very well.”
Like clinical entities in many regions, Trafford CCG serves a
diverse population with a wide range of healthcare needs.
As the comprehensive NHS care system can be complex to
navigate, the TCCC aims to provide a complete offering that
sets a new standard for quality in care coordination.
Trafford CCG engaged CSC to co-create and co-manage the
TCCC with the goal of improving coordination and integration
across boundaries of primary, acute, community and mental
18 CSC WORLD | NOVEMBER 2015
health sectors — to deliver a significantly improved experience
for patients and care providers. “The TCCC is designed to
make getting services as simple as possible with a single
access to it, but it also helps general practitioners and acute
trusts navigate through what can be a very complex NHS
system,” Lawrence says.
A new care model
The TCCC is based on a new care model that works like an air
traffic control system, tracking patients as they move through
the system and efficiently guiding them to different services.
The patient’s journey begins with a referral from their general
practitioner (doctor). Their care pathway is then mapped
out using recognized clinical tools and protocols — such as
Map of Medicine, a clinical tool that lets physicians plan care
according to the best information available.
Each patient is assigned a designated care coordinator who
has a host of resources and interfaces available to make
practical arrangements such as booking appointments or
arranging transportation to and from a hospital. “It is very
patient-centric. The system considers the best options and the
best care for you,” Lawrence says.
The TCCC approach can evolve into a model for the provision
and management of population health, says Philippe Houssiau,
CSC’s vice president, healthcare and life sciences, UK.
The TCCC model, for example, serves as an excellent means
for establishing care pathways for diabetes management.
“By keeping those patients in the preclinical stages of their
lives, [we are] dramatically reducing the burden of the
healthcare system and dramatically increasing the quality
of their life,” Houssiau says.
Houssiau adds that he sees the TCCC model expanding
well beyond Trafford. “We will be delivering high-quality,
value-for-money services which could lead the way for how
care is delivered across England,” he says. “This is a really
phenomenal opportunity for co-creation, not just at a regional
or a country level, but to have a dynamic global activity
going, taking place around one common point of view of
changing care models globally.”
JIM BATTEY is a writer with CSC’s digital marketing team.
Continuous tracking of patients allows Trafford CCG to
understand what kind of services patients access and what
kind of services they need to access, “which really helps us to
manage our budgets and commissioning correctly,” Lawrence
continues. “We call that ‘intelligent commissioning,’ and we
believe that’s the way forward for CCGs in the future.”
Services range from initial patient communications via a
unified communications system, to clinical workflow based on
a catalog of services, to back-end analysis of the effectiveness
and efficiency of care delivery. CSC is also providing innovative
business process services and working with partners to deliver
Dr. Nigel Guest, chief clinical officer at Trafford CCG, notes that
healthcare services are shifting to delivering care at the most
efficient location. “We should center services for patients around
them, providing the services preferably out in the community, not
in hospital, unless that’s absolutely necessary,” he says.
As part of the innovative TCCC model, the patient and family’s
situation and transportation needs are taken into consideration
when making care decisions. Guest says the service can evaluate
factors such as, “Is there an appropriate time for them, and how
will that work with the members of their family? It’s very much
more about coordination, and not just coordination for the
patients, but for the family as well.”
Client: NHS Trafford Clinical Commissioning Group
• Deliver high-quality healthcare to more than
220,000 citizens of Trafford, England
• Provide patients with simplified services,
beginning with a single point of contact
• Create an integrated solution that involves
patients, their families and care providers
• Form a unique, first-of-its-kind partnership
between CSC and Trafford CCG
• Develop an innovative Patient Care
• Direct patients, their families and care providers
to relevant services through defined clinical
• Improved patient experience and enhanced
• Better coordination of services across primary,
secondary and tertiary care settings
• Cost savings, reduced bureaucracy and improved
value for money
In the new model, another key aspect is streamlining the
system so that the amount of bureaucracy and paperwork is
reduced. Guest says that by making the system more efficient,
“We’ll derive cost benefits from it, and we can invest further
into integrated care.”
NOVEMBER 2015 | CSC WORLD
SPEED TO MARKET
Six Strategies for
Speed to Market
in a Consumer-
What does speed to market mean in today’s world? For
insurers today, the concept of speed to market has come to
represent more than just how quickly they can develop a
product. To succeed going forward, insurers need to define
speed to market in broader terms — ones that encompass:
• Product development
• Geographic expansion
• Distribution channel diversification
• Customer service (perhaps most important of all)
In today’s consumer-driven marketplace, insurance companies
must fundamentally change how they differentiate themselves.
In the past, insurance companies used product features to
differentiate themselves. Now, having too many features
can be a liability.
Consumers expect to quickly understand the products and
features available to them. Once they make a choice, they
expect to initiate and complete an insurance purchase in a
matter of minutes, especially when interacting in an online or
To offer customers and potential customers that kind of
experience, insurers need products in their portfolios that are
intuitive — quickly understood at the point of sale — and simple —
enabling an automated underwriting and issuance process.
With the complex products of the past now difficult to market,
distribute and underwrite, insurers can no longer rely on
uniqueness for market differentiation. Products must go beyond
the basics of indemnification to deliver continuous value.
This is at the heart of speed to market’s evolution. As the very
idea of the product has expanded, so too must the concept of
how an insurer can speed that product’s delivery to market and,
later in the process, accelerate rate refreshes and other
adjustments. For an insurance professional, there are more
ways than ever to improve speed to market — and offer
better speed to value.
20 CSC WORLD | NOVEMBER 2015
Here are six strategies insurers can leverage:
1. Empower the product owner
Successful product development requires both speed and the
ability to tailor a product to the right market segments. The
inability to accomplish these two tasks concurrently leaves
most insurers with no choice but to follow, rather than innovate,
as they attempt to grow geographically or break into new
From this perspective, speed to market and product
configuration are inextricably linked. So improving speed to
market is an exercise in limiting IT involvement in the product
This can be accomplished by externalizing rules and calculations
from administration systems. By empowering the business
owner with as much control as possible over product configuration,
insurers can reduce reliance on IT and make it easier to
quickly tailor products for particular market segments.
2. Embrace an as-a-service mentality
Often, the biggest drag on speed to market is the upfront time
associated with establishing and customizing a system for
practical use. As-a-service solutions, by their very nature, do not
require the kinds of large upfront investments that often cause
4. Introduce Lean start-up principles
The advantages of an as-a-service approach are increased if an
insurer introduces cultural and strategic changes that complement
it. With an eye on maximizing returns with minimal risk,
Lean start-up theory suggests going to market with a minimum
viable product (MVP) that has no more than the core features
necessary for deployment, then iterating until the product finds
a foothold in the market, or becomes unviable.
When applied to the insurance industry, this strategy allows
a carrier to quickly test if there is an appetite for a product —
without incurring the large expenses associated with a full
product launch. For new products, this limits exposure and lets
an insurer test more products in a shorter period of time —
increasing the chances that a new product will be successfully
introduced. Beyond that, it also establishes a culture and a
set of business processes optimized to quickly and effectively
respond to customer needs. Then the existing product can be
fined tuned, accordingly.
5. Leverage partnerships
Many insurers make the mistake of only looking internally for
reuse opportunities. Now more than ever, however, insurers
can leverage the institutional knowledge of their partners to
improve speed to market — through business process
improvement and a more componentized approach to product
Insurers can shave months off of the typical implementation
timeline associated with more traditional, labor-intensive
approaches — by exploring a combination of Infrastructure as
a Service, Platform as a Service and Software as a Service
solutions available in the marketplace. By leveraging the right
mix of these managed services, insurers can transform their
go-to-market strategy and free themselves to seize emerging
3. Consider human capital as part of your managed services
Deploying a full BPO solution represents perhaps the highest
order of managed services, encapsulating all the benefits of
other as-a-service solutions, but with the addition of human
capital. That’s no small difference. In many ways, insurance is a
unique and complex industry: It can be difficult to quickly find
or develop workers who understand the business.
CSC’s Global Insurance Centers, for example, support
approximately $7.6 billion in premiums with a technologyenabled
BPS framework. A pre-built, insurance-centric BPS
framework enables a CSC client to immediately “reuse” an
extensive inventory of best practices and business guidelines,
without having to acquire or develop the necessary institutional
6. See the forest, not just the trees
New products, applications and services can often be developed
and run more quickly using new methodologies and platforms.
However, no single product, application or service within an
insurance company runs in a vacuum. To achieve true speed to
value, an insurer must take advantage of new technologies
within the context of their legacy environment, which can still
provide a lot of value.
Effective use of business process services (BPS) couples
industry-experienced service professionals with advanced
technology to provide a continuum of service options, from
standardized to highly customized. This approach gives
companies of all sizes the ability to quickly access the same
robust functions used by the industry’s top tier insurers.
To accomplish this, it is important to focus on integration
and the entire product life cycle as a whole, rather than its
Software is important. Infrastructure is important. Ultimate
success today, however, is predicated on the shift to an outsidein
business and technology environment. By focusing on the
entire product life cycle, insurers can ensure they are absolutely
committed to understanding their own products through the
eyes of the consumer.
NOVEMBER 2015 | CSC WORLD
Demographic behavior has shifted, and many consumers who
are not digital natives are beginning to behave as if they were.
Consumers of all ages are becoming more comfortable not only
with tablets and smartphones, but with electronic transactions
in general. They seek out new apps, new ideas and new
experiences that can help them make healthier choices and
work more effectively. And, in many ways, they’re finding what
they’re looking for. Big data, cloud computing, mobility, social
networking and the “Internet of Things” (IoT) have converged
to enable a new digital economy that places greater value on
the needs of these consumers.
In the not-so-distant future, the insurance marketplace will
exist largely within this digital economy. Insurance companies,
with their policy-centric approach and siloed operations, are
ill suited to compete in this new reality. They need to embrace
the concept of digital insurance and take action, or risk being
marginalized. A digital insurer should offer a richer set of datadriven,
customer-facing services, enabled by:
by Brian Wallace
• A customer-centric approach to doing business
• An omnichannel buying journey that augments traditional
channels with robust self-service options, direct purchasing
and a single customer experience across online, mobile
and social channels
• The ability to leverage data and analytics across the value
chain, including product innovation, marketing and sales,
new business, servicing, claims and operations
• Straight-through processing (STP) made possible through
simplified products, automated underwriting for new
business, first notice of loss (FNOL) automation and
self-service options for claims
Data as the new differentiator
Perhaps the most significant implication of this new digital
reality is the increasing importance of data. In this new
landscape, data will emerge as the digital insurer’s primary
HOW TO COMPETE
IN THE NEW DIGITAL
The traditional insurance company
is set up to best serve a type of
customer that, in the very near
future, may no longer exist.
Insurers have traditionally competed on product features,
where uniqueness sets a product apart. In today’s consumerdriven
marketplace, however, an excessive feature set can be a
detriment. A truly digital customer experience requires products
that are easy to comprehend and simple enough to enable
e-applications, automated underwriting and direct issuance —
all to deliver the instant gratification consumers now expect.
Unable to differentiate solely on uniqueness, a digital insurer
will instead seek to differentiate based on added value. Such
a shift will require insurers to reconsider how they design
new products, go to market, and interface with agents
Data becomes increasingly important because digital insurance
is not about dictating an experience to customers, but about
anticipating the customers’ needs and providing them with the
experience and value they want, when they want it. To increase
relevance, insurers need to offer real value-added services that
are fueled by data and analytics.
22 CSC WORLD | NOVEMBER 2015
This is crucial as digital insurers shift from an indemnificationbased
value proposition to one of continuous value. The concept
of a core protection product has largely become commoditized,
which has in turn lowered the barrier to entry for new competitors.
Leveraged correctly, new sources of data will enable insurers
to provide customers with useful information, opportunities and
solutions. This kind of consistent customer engagement goes a
long way toward warding off competitive threats.
Use more data, better data, new tools
Insurers aren’t starting from scratch when it comes to data and
analytics sophistication. Instead, this is a matter of insurers
equipping themselves with more data, better data and new
tools to accept, manage and analyze it. It’s about taking a core
competency the insurance industry already has and applying it
to every element of the insurance value chain.
Insurers maintain a competitive advantage in the risk
management game only if they control, or at least have access
to, the most insightful types of data. Previously, the best data
was proxy data — where data about one thing (your credit
score, your age, your gender) provides insight into another (your
driving habits). Now, however, new sources of true behavioral
data can get right to the heart of the matter. A car manufacturer,
for example, might have telematics data that’s more valuable
than credit scores to underwriting car insurance.
Accepting the value of this kind of data conceptually is one
thing. Accepting it technologically is another. Often delivered
in real time, by the terabyte and in unstructured form, it’s a
significant departure from the more static, structured data
insurers largely work with today. Handling it requires an insurer
to develop an entirely new set of digital skills.
Become a master of consumption, understanding and engagement
To wield data as a competitive weapon, an insurer needs to
master three core competencies — consumption, understanding
and engagement. Mastering these skills will separate truly digital
insurers from the rest.
Master of consumption. A master of consumption embraces the
service-enabled enterprise and the API economy. This is about
an enterprise getting better at both consuming and becoming
more consumable, developing a true omnichannel experience for
customers, agents, brokers and even internal stakeholders.
• Business: Focus on making the company easier to do business
with. Envision a customer’s buying journey that spans
channels — education on the Web, specific questions asked
through a call center, a Web chat or maybe a call to a broker.
• Technology: Move away from an in-house mentality and
embrace external infrastructure, cloud computing, as-aservice
options and mobility. Implement an IT-centric set
of initiatives to make the enterprise more open and agile.
Master of understanding. Develop the capacity for meaningful
data and analytics work by implementing a big data platform.
Then, explore both what’s possible and how business value might
be generated. In other words, improve data availability and then
make that data actionable.
Think in terms of a lifetime customer relationship that begins
with brand awareness and is nurtured through an ongoing set
of positive brand experiences. Better data, from more sources,
can lead to improved underwriting and pricing, but it can also
lead to insights delivered back to customers, allowing them to
make real decisions: How can I lead a healthier lifestyle? Where
can I find the best car repair shop? How should I prepare for
• Business: Determine how to effectively leverage various
streams of data from systems of record, CRM systems
and external sources.
• Technology: Go beyond existing business intelligence data
warehousing tools. Establish a consolidated and integrated
view. Procure a big data platform and the related tools and
technology. There are many choices — managed services,
in-house assembly and so forth.
Master of engagement. This final skill is about executing on the
overall strategic vision of digital insurance. Set ambitions to
move the basic value proposition from indemnification to continuous
value, and then actually become more digital.
Currently, the relationship between an insurer and a customer
lies dormant except during three basic interactions: new business
acquisition; billing and payment of premium; and claims filing and
adjudication. But what about the vast amounts of time before
and after those traditional interactions? If insurers do not attain
better relevance in this white space, some other entity will.
• Business: Determine how to continually engage with
customers on a daily, weekly or even hourly basis.
• Technology: Sustain this level of engagement by facilitating
rapid and dynamic interactions across partner ecosystems,
leveraging the API economy.
• Both a technology and business issue, mastering engagement
is about an insurer combining its newly developed
analytical capabilities with its newfound ability to interact
with customers across channels.
In the end, delivering continuous value and maintaining relevance
with customers comes down to enabling a symbiotic relationship
between insurer and insured. That’s true engagement.
A usage-based auto insurance program, for example, leverages
a single data set to both improve underwriting and provide the
driver with useful information about his or her driving habits.
A health insurer’s wellness initiative, coupled with wearable
device technology, meanwhile, leads to fewer claims paid,
reduced premiums and a healthier life for the customer.
The same information that allows insurers to better price risk
also allows customers to live safer, healthier, more productive
lives. This data is too valuable not to be used by the customer in
some way. The question is whether insurers will put themselves
in a position to provide this value to the consumer — or whether
someone else will take their place.
BRIAN WALLACE is global technologist, insurance, at CSC.
NOVEMBER 2015 | CSC WORLD
by Nathan Conz
Expanded Its Business
Over the past 20 years, Maine Employers’
Mutual Insurance Company (MEMIC) has grown
considerably — from a small, single-state insurer
to one licensed in 47 jurisdictions across the
country, with offices in eight states and assets
of more than $1 billion.
In 2013, MEMIC grew group-wide premium by
nearly 15 percent and doubled its writings in
Florida, one of its newly targeted marketing
territories. In New York, meanwhile, the company
has become the state’s fastest-growing writer
of workers’ compensation insurance. CSC, which
administers all MEMIC policies outside of Maine,
has seen this growth firsthand. Last year, for
example, CSC processed six times more business
for MEMIC than it did 10 years earlier.
Karen Johnston is a 21-year veteran
of MEMIC and has spent the past
15 of those years as the insurer’s
director of underwriting operations.
Johnston recently sat down with
CSC to discuss the company’s impressive record
of sustained, intelligent growth, technology’s
role in that effort and what lies ahead for the
Portland, Maine-based mutual company.
MEMIC is relatively young for an insurance company.
How did it get started?
MEMIC was formed in 1993 after the Maine legislature reformed
its workers’ compensation laws. We serve as the guaranteed
market for Maine, but our founding board and management were
not satisfied with just acting like a state fund. They wanted us to
compete like any other private carrier, which is what we do. And
we do it well. So well, in fact, that we are the leading workers’
compensation insurer, not only in our home state but also among
the top five carriers in New England, and gaining significant
market share in territories down the Atlantic Seaboard.
24 CSC WORLD | CLIENT NOVEMBER CONFERENCE 2015
We started this diversification strategy in 2000, when we opened
up a subsidiary called the MEMIC Indemnity Company. We
quickly found we were able to take our successful underwriting
discipline, outstanding safety and claims services, and expand
that into other states and other markets.
At first, we were licensed only in New Hampshire, but we spent
the next 10 years expanding MEMIC Indemnity. We now have
licenses to write workers’ compensation in 47 jurisdictions.
Efficiency has been the key to success. We couldn’t have done
it and been successful any other way than to keep everything
housed in Portland and running smoothly and efficiently.
How does MEMIC’s approach to technology speak to
those efficiency goals?
By the late 1990s we had gotten very used to being a pretty
simple technology company. We had our Maine policies and we
had an in-house policy administration system that did a solid job.
What kind of approach has MEMIC taken as it looked to grow?
We have been very specific about our growth. In Maine, as the
guaranteed market, we take any who come to us. In these other
markets though, we write what we choose. We didn’t want
to start writing just any policy that came across our desk just
because we wanted to book premium. We wanted to make sure
we were being smart. We do not sacrifice our bottom line for
top-line growth. We never have and never will.
So, as we look at potential growth areas, we do our research.
We seek out markets where we see good opportunities and
agents who we feel would be good partners. Then we capitalize
on the lessons we’ve learned in Maine by identifying the kinds of
businesses that we like to work with and that we’re successful
How was MEMIC able to expand so quickly?
One of the primary reasons we were able to do that was
because we kept all the support and operational functions here
in Portland. We hire underwriters in the territories where we want
to expand — really good people with strong backgrounds — but all
the operations work happens here. Underwriting, sales support,
accounting, billing, policy administration and processing —
everything happens in Portland. That has really helped us with
our growth, especially over the past 5 years. We were able to
maintain service and support levels for the underwriters and
grow as the business expanded.
As we started expanding, though, we had to do a lot of things
manually for the MEMIC Indemnity business because we didn’t
have the infrastructure in place. There were challenges in adding
more jurisdictions and more offices. Underwriters working in new
regions in our other offices needed to have access to all the same
systems that everyone here in Portland had access to.
We’ve had a business process outsourcing relationship with CSC
for all these years. They’ve physically been issuing our policies for
us outside of Maine. CSC has a staff of people to issue, produce
and mail out policies to our policyholders.
It’s a lot about the economy of scale. They’ve got these processes
in place for not just MEMIC, but for all their clients. Having them
perform a lot of the functions that we needed was very much
part of our success.
For example, anytime you’re adding other jurisdictions,
compliance becomes a major consideration. CSC has very strong
compliance services. They have a system built. It already exists.
They have the infrastructure and the processes in place to track
compliance issues and law changes.
If MEMIC had to do that — we have 250 employees here that run
the whole company — we would potentially need 10 to 15 people
just to keep track of every legislation or regulation change that
could happen in 47 jurisdictions.
The second reason is demand. We’ve clearly found that
there is demand in the marketplace for a carrier that offers
the specialized, high-touch service that we do. We’re not for
everyone, but there is a definite segment of the market that
can use our expertise to their great benefit.
How closely intertwined is all this with the concept of
Keeping all the “behind the scenes” operations here in Portland
was definitely the first step in acknowledging that, in order to
make this work, we have to be operating efficiently. It certainly
wouldn’t have made sense, from an operational standpoint, to
open entire offices in other states.
Part of my job, in fact, is to look at everything we do to
see if there is any improvement in efficiency that can be
made — whether it’s through technology or staffing or training
or whatever the case may be. That’s a constant process. Just
when you think you’ve got something licked, the needs change
or the system changes or a rule changes.
What does the next phase of growth look like for MEMIC?
Where do you go from here?
We have offices in Connecticut, Pennsylvania, New Jersey,
Virginia, Florida, New York and New Hampshire. So those are
really the regions where we’re focusing our efforts. We are
a national carrier and we do write national accounts, but we
have targeted those states as growth areas specifically.
So now our growth strategy becomes a question of: “Where do
we want to focus our efforts next?” CEO John Leonard has been
pretty consistent about this. He wants MEMIC to continue growing
but in the same controlled manner as in the past 15 years.
So, we’re going to do our due diligence. We’re going to do our
research and we’re going to see in which territories we think
we can be successful. We have the luxury of being able to
control that carefully.
NATHAN CONZ is a manager with CSC’s content
NOVEMBER 2015 | CSC WORLD
4 FACTORS CREATING
A PERFECT STORM
IN THE INSURANCE INDUSTRY
by Phil Ratcliff
With the insurance industry’s tendency toward
hyperbole, it seems as if we are perpetually on the
verge of revolution, disruption or upheaval. I joined
the industry back in the early ’90s, when “the CRM
revolution” was being discussed as a major inflection
point. Nothing really ended up changing, and most of
the insurers that were large and successful then are
still large and successful. Today, however, four major
market forces are in play — and this time, I believe we
really are on the cusp of something substantial and
fundamental. It will change the way the entire industry
works, and may even change a lot of the players.
Historically, the insurance industry has remained
relatively constant, with most companies having
been in business for a good hundred years. Recently,
however, there has been a rise in the number of new entrants
marketing, selling or servicing insurance products or
providing new capital.
Many of these new entrants are interesting organizations with
great capabilities. Google, which entered the UK market in 2011
as an insurance aggregator, is perhaps the most formidable.
The technology giant joined the emerging insurance
aggregation market, disrupting competitive market
conditions and, by some accounts, subsequently
helping lower insurance premiums by roughly
30 percent over the past 5 years. Introducing that
sort of intense price competition into an industry
that is not overly profitable to begin with, has
changed market dynamics substantially.
Other companies are also entering
the fray, including retailers
with strong brand names, and
boasting telematics capabilities.
Even car manufacturers are starting
to embed telematics capability into
vehicles and, in some cases, to sell
26 CSC WORLD | NOVEMBER 2015
Social and economic dynamics
We’re currently in a very low interest rate period,
which is putting pressure on profitability. Insurance
is an industry that, essentially, takes in money and
invests it before subsequently paying claims. So, with lower
investment returns, there’s less profit being generated. Over
the past 30 years, many U.S.-based insurance companies
have failed to return their cost of capital.
There has also been a lot of volatility in investment returns,
especially since the financial crash of 2007 and 2008. This
market volatility makes it harder for insurers to run their
business. For example, it’s more difficult to find stable,
growing assets to match against long-term liabilities.
The most obvious societal shift in developed countries is the
retirement of baby boomers. As they retire, they are taking
money out of their accumulation products to provide ongoing
income; trillions of dollars will flow out of these products over
the next 5 to 10 years.
On the other hand, baby boomers have more wealth than
people who retired previously, and they’re also living
longer. That means they’re generating new insurance needs,
necessitating different types of insurance products —
particularly around payouts and long-term care.
Of course, there’s also growth related to Generation Y —
consumers who are unlikely to go to the local broker and have
a discussion over a cup of coffee to buy what is, in essence,
a commodity product. Instead, they want everything now,
everything mobile, everything available by text.
Meanwhile, we see most of the growth in developing countries.
A growing move toward urbanization is creating a much larger
and more affluent middle class, and these families are creating
a market for insurance products. Domestic companies are
seeing growth, but global insurers such as AXA, MAPFRE and
Prudential UK have also moved aggressively into the Asian
and Latin American markets.
The data revolution
Insurers have always made use of substantial amounts
of data, but how they leverage data is changing. It
used to be that if an insurer had a large volume of
risk data, it could find success by comparing, pooling and
underwriting similar risks. Now, data is everywhere, and it’s
immediately available. The whole concept of pooling risks may
end up disappearing because, in effect, the data revolution will
enable insurers to underwrite down to the individual level.
Historically, insurance has been about pricing risk. Now the
industry might be moving toward placing more value on
managing risk. For example, telematics can be leveraged
to give people driving scores — getting them to drive more
slowly, brake more effectively and corner less aggressively.
On the life side, wearable technology and analytics can create
compelling wellness programs for clients. These programs
are enabling insurers to manage the risks they are writing by
rewarding good behavior and penalizing bad.
The digital mandate
The convenience and efficiency of online and mobile
channels, coupled with the commoditization of the
core insurance product, has led insurance customers
to seek a new experience. The digital insurance trend, then, is
really about the way consumers will choose to interact with an
insurance company, as opposed to insurance companies trying
to dictate interactions with consumers. Insurers will need to
focus far more on the consumer as an individual. An effective
omnichannel strategy will be key, as will an insurer’s selfservice
The case for transformation
Together, these four factors are creating a compelling case
for digital insurance transformation. If traditional insurers
expect to remain competitive, they must become more:
• Agile, to respond to new and increasing competitive threats
• Efficient, to address profitability challenges
• Customer-centric, to respond to social changes and
increasing consumer expectations
• Advanced in terms of data and analytics, to move from merely
pricing and pooling risks to truly managing individual risks
Addressing these business imperatives will require insurers
to both transform their legacy operations and build out new
operations. Insurers need to ask themselves: How do we
reduce our “run and maintain” costs in order to build the new
capabilities necessary to stay competitive? How do we evolve
our legacy systems to support today’s digital imperatives?
How do we accept new sources of data and analyze that
data properly? And, perhaps most importantly, how do
we do it all simultaneously?
At CSC, we believe the future lies
in strong partnerships. Partners
with deep industry expertise and
knowledge of back-office systems
can help insurers move to a more
agile service-enabled environment,
bringing new capabilities while
significantly lowering costs. Insurers
can then invest more heavily in creating
the customized user experiences that will
lead to future success.
PHIL RATCLIFF is insurance industry
general manager at CSC.
NOVEMBER 2015 | CSC WORLD
Turning Anonymous Riders into
by Peter Krass
Scandinavia’s largest public-transportation agency replaces paper tickets
with a digital system that offers truly personalized customer service.
Getting around a big city isn’t always easy. There are routes
to determine. Connections to be made. Tickets to purchase
and, if lost or stolen, replace.
The City of Stockholm, Sweden, wanted to make getting
around easier and more efficient. It also wanted to turn its
millions of anonymous riders into personalized customers.
With CSC’s help, that’s exactly what it’s done.
Helping citizens and visitors get around the greater
Stockholm area is the job of the city’s public transit agency,
Storstockholms Lokaltrafik, better known by its initials, SL. It’s
a big job. Stockholm is not only Sweden’s capital, but also —
with some 1.4 million people — the largest city in the entire
Nordic region. Every day, SL conducts some 800,000 trips
across its 100 subway stations, 50 rail stations, 450 bus lines
and 60 boats.
Until recently, SL’s job was also unnecessarily costly, due to an
old, paper-based ticketing system. Established in the 1970s,
the system was a relic of that pre-Internet, pre-mobile era.
Tickets for all buses, trains and rail were printed at a central
location, then shipped to SL’s retail partners and stations.
If a customer lost a ticket, they had to buy another. And
when tickets were stolen en route to non-SL ticket sellers —
including selected retail stores — it was SL’s loss. Bus drivers
were also frequent crime targets, as they had to carry cash
from customers buying tickets on board.
From riders to customers
In early 2013, SL enlisted CSC and other partners to make both
the paper and smartcard tickets obsolete by converting to a
completely digital travel-card system. “We wanted to get away
from the manual handling of tickets,” says Stefan Torpman,
operational manager for e-commerce and customer service at SL.
CSC’s contribution to the SL solution is Boomerang, the
firm’s customer-relations system for public transportation.
Currently used by transit agencies in Denmark,
Norway and Sweden, CSC Boomerang
provides a 360-degree view of
customers. The software suite includes
claims management, sales, billing,
e-commerce and a customerrelationship
solution. All its components
have been designed to help
grow revenue and
add new routes
Even when everything in the process went as planned, it
could be slow. Tickets had to be manually presented to an
SL ticketing agent. The agent would inspect the ticket and
hand-stamp the slip of paper. The customer then had to
carefully retain the verified ticket for the remainder
of the journey.
So, starting in the early 2000s, SL began to augment
its paper tickets with smartcards, giving riders a new
choice. However, the new smartcard system did not
provide links to the Internet, and acceptance of
the new system was only lukewarm.
28 CSC WORLD | NOVEMBER 2015
“Everything the customer does is recorded in Boomerang,”
Torpman says. “So we can see if they buy tickets, or if they have an
open ticket with customer service. Every interaction is recorded.”
The Travel Guarantee, also enhanced by CSC Boomerang, refunds
holders of registered SL travel cards for taxi fare if their desired
bus or train runs more than 20 minutes behind schedule.
One challenge of the project was integrating CSC Boomerang
with nine back-end systems operated by SL. These included
systems for ticketing, Web hosting, billing, payment verification,
travel-card manufacturing and distribution, and route timetables.
The CSC team had to configure Boomerang to not only bind
these back-end services together, but also provide end-to-end
process support and customer self-service capabilities.
Guarantees for transit riders
Today, riders of Stockholm’s public transit can buy travel cards
from retailers and ticket kiosks located at bus and train stations,
or order them from SL’s website. Either way, there are essentially
two steps. First, the rider loads value (money) into the travel
card’s digital purse. Second, they specify what kind of ticket
they want. Tickets can be purchased for a specific trip, or for a
specified period of time, such as a day, a week or a month.
Riders who register their card can also
enjoy two powerful features. The
Loss Guarantee allows a rider to
protect the value on their travel
card if the card is lost or stolen.
With Boomerang’s help, once
a rider reports the card as
missing, SL electronically
blocks the original card
from further use, and
generates a new card,
complete with the
SL’s job is easier, too, with a full audit trail; comprehensive
claims management for all services; a customer Web portal;
a single application programming interface (API) to use in all
presentation layers of the digital channels; and the ability to
add new services quickly and easily.
A cardless future?
Looking ahead, SL could move to a completely card-free
system. With some 5 million travel cards in circulation,
eliminating their manufacture, shipping and distribution could
substantially lower SL’s costs. “Our vision,” Torpman says, “is
that a ticket is a cloud service.”
This means that SL buses, trains and boats would always be
connected to the cloud. That way, instead of presenting a travel
card, a rider would simply identify themselves, perhaps with
their smartphone. The onboard system would then connect via
the cloud to a back-end ticketing system that would search
the rider’s file to determine how much value they had in their
account and which tickets they currently hold.
It’s a vision that Torpman admits is probably years away. But
getting from Point A to Point B? That’s something SL — with
help from CSC — has gotten pretty good at. “CSC is very
solutions-oriented,” Torpman says. “They’re quite driven.”
PETER KRASS is a writer with CSC’s digital marketing team.
Client: Storstockholms Lokaltrafik
(Stockholm Public Transit)
• Replace costly, insecure paper-ticketing system
• Dramatically improve customer service
• Modernize the IT infrastructure with
• Boomerang, CSC’s customer engagement
• Integration of nine legacy systems
• End-to-end process for customer self-service
• Paper tickets phased out; 5 million digital travel
• Website lets customers load value from credit
cards to travel cards
• Auto top-up feature added so travel cards need
never run out of value
• Claim and dispute-management features
NOVEMBER 2015 | CSC WORLD
IN THE RIGHT STUFF
FOR AEROSPACE AND DEFENSE
by Roblyn Theodorou
A&D Execs Want Product Innovation — and Lower Costs
Since we first conducted the Aerospace & Defense Market
Survey in 2000, the industry has seen some turbulent times:
post-September 11, 2001, impacts on both the commercial and
defense sectors, the global recession, budget sequestration,
and new competitors entering the marketplace. Meanwhile,
technology change has been rampant, with the emergence of
integrated sensors, unmanned aerial vehicles (UAVs), mobile
apps and WiFi — to name just a few.
The most recent survey depicts a tale of two industries. The
commercial sector is seeing steady demand for new aircraft,
while the government sector is still wracked by uncertainty
over defense spending (50 percent of respondents reported
that they declined to bid on defense projects).
Growth vs. costs
The survey, sponsored jointly by CSC and the Aerospace
Industries Association (AIA), takes the pulse of approximately
100 executives and senior leaders at global aerospace and
defense (A&D) companies. This year, the industry’s top business
priorities were aimed at growth — improving product innovation
and upselling and cross-selling more to the customer base —
and expense reduction through improved
internal efficiencies and lower costs.
A&D companies have just come through a period of
unprecedented cuts, so why are they still focused on
costs? How can you invest in research and development
(R&D) and innovation while you’re still in costcontainment
mode? The answer is twofold.
First, organizations are already making more
targeted investments in R&D. The danger is that
with fewer new programs coming along and
traditional A&D players struggling to replace
their graying workforce, the R&D function
will erode and create openings for
emerging competitors in China,
Russia and elsewhere.
Second, these legacy players in A&D
are behind the modernization curve.
They face fundamental challenges
with legacy costs associated with
hardware, maintenance and
support, as well as a lack of
agility that puts a drag on
of respondents blamed
“federal budget uncertainty”
for decreased R&D spending
Top 3 Defense Projects:
• Electronic warfare
of respondents spent at least
25% more on cybersecurity
the past year
30 CSC WORLD | NOVEMBER 2015
Building the case for modernization
The good news is that through modernization, companies are
seeing significant savings and reinvesting in the business to
The first step toward modernization is to address the core
applications supporting production, supply chains and product
development. Some of our clients have critical pieces of their
build process that are written in COBOL from the 1970s. The
challenge is building a business case for code refactoring
or system replacement. For some production-related
applications, it’s akin to changing the wheels on a moving car.
The industry has been putting this off for some time, but now
companies have to address modernization to keep up with
emerging competitors that aren’t saddled with legacy systems.
Shifting from COBOL to Java offers more than just a
technological advantage: It frees organizations to run
applications on lower-cost platforms or move them to a private
cloud or hybrid cloud environment. Suddenly, you’ve shifted
your business model to IT as a Service, and your costs are based
on demand, rather than on maximum capacity. Need a new
environment to support a new program? You can spin it up in a
few minutes with appropriate security — compared to weeks
or even months in a traditional data center. This year’s
survey cited the cloud as a priority for modernization
(41%), but nearly one-fourth (24.6%) said there are
still too many barriers to cloud adoption.
Predictive and proactive steps
The next big factor affecting both
innovation and costs is the data itself.
A&D companies collect a huge amount
of data about products, production,
maintenance, supply chains and
more, but they’re really only just
now tapping into what that data
can do for them. Consider the
issue of product quality. Most
companies spend a great deal
of time on manual inspection
and generate large numbers
of scrap components,
which can be a huge
expense if you’re talking
about an airfoil or a
turbine fan blade.
by using data to
Top 3 Modernization Strategies:
• Application modernization
• IT infrastructure modernization
• Improved integration and data sharing
The industry can move to a more proactive model by applying
predictive analytics to the data it already has related to
production-to-spec measurements, machine tool wear,
temperature, humidity, product performance, supplier data and
more. Predictive analytics — as well as basic insights and data
sharing — can benefit every part of the business, from production
to product engineering to aftersales services. Coupled with the
Internet of Things and cybersecurity controls, this level of digital
transformation can really help A&D companies differentiate
themselves in the market.
In many ways, the step-change improvement that big data
affords is analogous to the dramatic improvements brought
about by the move from manned assembly lines to automated
lines staffed by robots. As today’s smart machines near the
intelligence of a human operator, they are able to address
issues, make decisions and use data in ways that accelerate
production as never before. We’re at the early stages, but 10
years from now we’ll ask: How did we do it when machines
couldn’t interpret data to accelerate production?
Competing with Google and Facebook
Finally, this year’s survey shows that the industry needs to change
its relationship with its employees. A good example is the bringyour-own-device
(BYOD) trend. Survey respondents clearly still
struggle with balancing BYOD with security, with 41 percent
requiring separation between work and personal devices. But
to attract and retain a new generation of workers skilled in
science, technology, engineering and mathematics (STEM),
organizations must find a way to accommodate more flexibility.
College graduates today have lived their adult lives in a
connected world. They’re setting their sights on technology
firms such as Google, so the byzantine rules in place at many
A&D firms are completely foreign to them. Many organizations
tend to view security as either black or white. The reality is
that there’s a lot of gray out there already, and firms must find
a way to balance demands for access and control, to create
an environment that enables employees rather than restricts
them — while also protecting the enterprise.
Can A&D companies increase innovation and lower costs?
We’ve seen the industry overcome incredible challenges
before. With the right investments, it can happen again.
ROBLYN THEODOROU is industry general manager for
manufacturing in the Americas at CSC.
A version of this article originally appeared in CIOReview
magazine, and it is reprinted here with permission.
Get the full survey results at csc.com/2015A&DSurvey.
NOVEMBER 2015 | CSC WORLD
by John Blackburn and Michael Deittrick
Retailers are always busy preparing for the next seasonal spike.
Approximately 20 percent of annual retail sales in the United States occur
during these short periods, often around national holidays; to manage the
onslaught, retailers hire hundreds of thousands of seasonal employees.
This jump in transaction traffic, logistics and supporting
resources brings an increased risk for IT. Retail and security
systems must support and protect brand, customer experience
and critical transactional data while remaining competitive.
Throughout the year, retail customers — whether traditional
or omnichannel shoppers — expect a consistent and seamless
user experience in traditional stores, as well as through
distribution centers, mobile apps, e-commerce, social media,
call centers — even third-party partner networks. During peak
shopping times and holidays, their demands only increase.
Notable cyber intrusions targeting major retailers such as,
in the United States, Target, Neiman Marcus and others have
shown that the dangers of a malicious attack are now all too
real. Cyberattacks and breaches can disrupt retail operations,
slow down and even prevent sales, and seriously damage a
32 CSC WORLD | NOVEMBER 2015
Preparing for seasonal spikes is far from simple. However,
retailers can benefit by proactively adopting the three
• Be responsive
• Be elastic
• Be secure
These three approaches, described in this article, can help
retailers gather the technology and business-focused
capabilities that have become necessary for a successful
season. They can also help increase customer satisfaction,
protect the brand’s reputation, ensure that systems remain
up during peak traffic periods, and maximize revenue
While customers may always expect your e-commerce
systems to be fast, smooth and easy to use, during seasonal
spikes, customers demand it. Anything less, and they’re likely
to defect. After all, competing retailers are only a few clicks
away. To achieve greater responsiveness and retain valuable
customers, consider taking these steps:
• Test, test and test again. While most retailers commonly
test end-user touchpoints, they often overlook the testing
of their supporting systems. So, be sure to examine your
entire IT architecture from end to end, including your
application, data, network and cloud platforms. But don’t
stop there. You also need to test your competing workflows.
For example, if your forecasting system wants to grab
computing resources, what happens to online orders?
Thankfully, your engineers can use automated tools to test
and simulate real-world scenarios.
• Look deep for performance issues. Drags on performance
can easily hide within interoperating systems. Don’t let
them stay that way. Make sure your store systems can run
offline — at least for a few hours — thereby allowing failover
systems to take over, in the event of a failure. Ensure your
databases are correctly tuned and your networks tested.
Also consider if you have enough data storage.
• Remember your external services. External systems can
form the weakest link in your chain because they’re not
directly in your control. With the growth of Web services
and the cloud, many retailers use more of these services
than ever before. These services have become more
important than ever, too. For example, a sluggish addressverification
system can bring your checkout process to a
crawl. Your goal? Make sure that it won’t happen.
• Design software to scale. This is an architecting task. Place
workloads on systems that can be scaled quickly, and
ensure that network bandwidth can scale, too. This may
require moving to a cloud model — private, public or hybrid —
that best supports your particular workloads. As for large
batch processes — the real enemies of scalability — also
consider moving them to the cloud, which enables them to
run in highly elastic virtual-server farms.
• Run your run-book. Here’s where your data center can
optimize all batch-process schedules. Make sure your batch
jobs run at times that do not interfere with your transactional
systems. Consider rescheduling some jobs to run either before
or after seasonal spikes, rather than during them.
• Refactor your workload. Many batch processes are essential.
It’s not an option to skip this task. However, there’s still
enough time to refactor your workloads and run them in the
cloud. Rather than revamping your entire system, focus on
the resource hogs and aim for a point solution.
One “seasonal event” that no one wants to experience is a data
breach. The period during and right after a seasonal spike has
become prime time for data thefts, system intrusions, malware
incursions and other criminal activities. The following steps can
help keep your systems and customers safe:
• Guard the last mile. Your endpoints are where an
overwhelming majority of data breaches occur. To be sure,
smart payment cards help. However, by themselves, they’re
not the complete solution.
• Get holistic. Far too many retailers take a fragmented
approach to security. Take an omnichannel approach
and apply tokenization, which protects sensitive data
with substitutes; also, consider fraud detection and other
security best practices.
• Audit early and often. Conduct a full intrusion-detection
audit to ensure that you are fully protecting your
customers’ payment and personal information. Ensure that
vital data is encrypted end to end. Leverage a vault system
to tokenize credit cards; then isolate the system in a highly
• Stay current. Ensure that all of your systems continue
to have the latest security patches and fixes. With
cybercriminals constantly launching new, sophisticated
attacks, you simply cannot afford to fall behind. Also
remember to conduct regular and timely maintenance on
your entire IT environment, including Web and application
servers, databases and firewalls.
How scalable do your systems need to be to cope with the
holiday shopping rush? The right answer: very scalable. Peak
shopping cycles create dramatically increased demands. To
keep up, you need enough data storage, networking capacity
and raw compute power — and the ability to quickly allocate
more as needed. Sure, you will forecast your seasonal capacity
needs. However, what if actual demand greatly exceeds your
forecasts? Consider these tips for greater elasticity:
Your systems’ seasonal readiness has become vital to your success,
more than ever before. By ensuring they are responsive, elastic and
secure, the next season will be, as the saying goes, in the bag.
JOHN BLACKBURN is CSC’s global industry general manager,
and MICHAEL DEITTRICK is CTO for consumer, retail, travel
and transportation industries at CSC.
NOVEMBER 2015 | CSC WORLD
in Plain Sight
by Nicholas Handy
If today’s advanced persistent
threats (APTs) have not yet
penetrated your systems
and data, you can be
certain they will.
Criminals design these modern, sophisticated hacking
processes to gain unauthorized, undetected access to public
and private networks. Sponsored by nation-states, organized
crime, terror organizations and hacktivists, APT developers
are well funded and patient, continuously evolving their
hacking tactics, tools and techniques until they successfully
penetrate their targeted systems and data.
To counter such threats, organizations need a
multidisciplinary defense that delivers continuous
intelligence and awareness, responds rapidly to disrupt
APTs that already have penetrated their systems, and
proactively anticipates and responds to these threats as
they rapidly evolve.
An APT’s goal is to hide within normal
network traffic to gain access to highvalue
information over an extended period.
Once it gains a foothold, it can expand across
an organization’s infrastructure and introduce
further malware attacks. Successful attacks can
cause embarrassing public breaches that tarnish an
organization’s image, alienate customers because their
personal information has been compromised, result in
the theft of valuable data and intellectual property, or
shut down global networks and supply chains.
Notable APT-caused breaches in 2015 include those
announced by health insurance provider Anthem and the
U.S. Office of Personnel Management. The costs resulting
from successful APT breaches continue to grow. According
to the Ponemon Institute’s 2015 Cost of Data Breach Study,
which surveyed 350 companies in 11 countries, the average
total cost of a data breach today is $3.79 million — up
23 percent in the past 2 years.
34 CSC WORLD | NOVEMBER 2015
With highly sophisticated APTs entering systems and networks,
the focus on cybersecurity has changed from solely protecting
equipment, people and data. Today, organizations must broaden
their approach to security and must counter APTs on a global
scale to protect both traditional and cloud-based environments.
Organizations should perform internal and external
vulnerability assessments, and perform analyses ranging
from nonintrusive compliance scans to full-scale penetration
tests. These assessments should also identify areas where
organizations fall short of emerging regulatory compliance.
From perimeter defense to actionable intelligence
The cloud, social media, smart devices and other technology
innovations give new opportunities to collaborate with
customers and partners, expand into new markets and
reduce costs. They also give today’s determined, well-funded
adversaries new avenues for success.
In the past, it was possible to protect against these adversaries
by locking down networks with perimeter defenses and
signature-based tools, such as antivirus, firewall and
intrusion prevention systems.
These still remain necessary to protect data from a variety of
threats, but they are no match for today’s APTs — because
APTs constantly morph to identify and exploit vulnerabilities.
Skilled adversaries diligently work to develop techniques
specifically designed to penetrate an individual organization.
For instance, an APT might identify a “zero-day” vulnerability —
an unaddressed and previously unknown vulnerability. The
APT would attempt to trick an employee into clicking on
an infected Web link in a spear-phishing email that would
introduce malware onto that employee’s computer. Since the
malware is designed to exploit a specific zero-day flaw of the
application, it could successfully evade antivirus detection and
other traditional perimeter defenses. The APT adversary would
then gain remote access to the network via the employee’s
computer and spread across the enterprise to access servers
containing highly sensitive data.
Once all the vulnerabilities are understood, organizations can
develop comprehensive incident response plans, implement and
test those plans, and prepare to respond to APTs with welltrained
responders, investigators and forensic-data collectors.
As organizations produce actionable intelligence and respond
to incidents, they also need to collect this information so
they can understand the nature, motives and patterns of
their adversaries. Who are they and what do they want?
What organizational assets are they after?
APTs can be tracked by their behavior, methods and tactics.
Some leave signatures. Some have well-established profiles
that can be mined for information. As organizations gain
knowledge about each APT’s operating style, they will improve
their ability to predict, anticipate and disrupt future attacks.
Besides monitoring for APTs, organizations also need access
to global threat intelligence. Security specialists create
actionable intelligence by collecting, correlating, categorizing
and attributing information from various sources. This type of
intelligence helps organizations more easily spot and correlate
anomalies, and gain visibility into breaking events that may
have an impact on their industry, brand, infrastructure, users
By understanding the motives of evolving adversaries,
organizations also can better anticipate their actions and
prevent them from causing damage.
Organizations need 24x7 monitoring and analysis platforms
that use analytical techniques, such as heuristics and behaviors,
and internal and external sensors to detect the most nuanced
anomalies. Successfully defending against APTs also requires
that organizations develop a comprehensive detect-analyzeadapt-respond
life cycle based on their unique risk profiles.
This type of monitoring and analysis extends dynamic protection
across an environment where traditional antivirus software
typically does not inspect for advanced threats. By attaining
real-time visibility into all adversarial activity across every
endpoint, organizations can dramatically shorten the time
between an APT compromise and its detection.
To respond rapidly and aggressively also requires preparation.
Having and executing a plan can make the difference between
weathering an APT or watching it destroy consumer confidence,
brand and share price, or negatively affect compliance with
contracts, laws and regulations.
Conducting business with confidence
Cybersecurity has changed from being a mere compliance
matter or the “cost of doing business.” It has become a
primary business challenge that industries and governments
To properly counter APTs, organizations need a nextgeneration
approach that continually integrates threat
intelligence-based security services to track threat actors
and threat groups, and determines their tactics, techniques
and procedures so the business can properly secure its
infrastructure and sensitive data. When organizations
incorporate an effective counter-APT approach into their
cybersecurity program, they’ll be able to conduct business
with confidence and assurance that their brand, shareholders
and business are resistant to today’s rapidly evolving APTs.
NICHOLAS HANDY is global product manager for
cybersecurity at CSC.
NOVEMBER 2015 | CSC WORLD
Simulation shows how a DevOps strategy
can lead to competitive advantage.
by Jerry Overton
and Gene Kim
Why invest in DevOps? Can a DevOps transformation lead to competitive advantage —
or even market disruption? We sought to answer those questions by simulating DevOps
transformation scenarios and comparing them to known business innovation patterns.
Our key finding was that DevOps transformation can not only lead to competitive
advantage, but under the right conditions, it can also create market disruption.
In other words, when we can convert our systems of innovation into systems of disruption,
the value of DevOps may be far greater than we previously thought.
Simulation modeling is the basis of our latest report on DevOps. We have also published this
model as an interactive Web application (csc.com/devopsmodel) for companies that would
like to run their own simulations.
We simulated two business models under the same conditions — an experimental model
and a control model. The simulator allows us to plug in different values for factors such
as innovation, efficiency in execution, and number of potential consumers.
Long-term advantage in market competition
Efficiency in execution is based on the time it takes to get through a production cycle and
how much is learned in each cycle. The shorter the cycle times, the faster that learning occurs.
Flickr’s DevOps transformation led to a 10x decrease in development cycle time. Following
that example, we assume that DevOps transformation in the experimental model reduces
the production cycle of a working prototype from 30 days to 3 days. The IT development
benefit from DevOps is shorter development cycle times; the operations benefit is greater
productivity at larger scales.
We model this in our simulation. The simulation predicts a slightly higher ROI at most levels
of investment, and a stable, long-term competitive advantage.
Suppose we introduce a more innovative product into our simulation. Although the same
change applies to both business models, the shift to a more innovative market disproportionately
benefits the experimental model, increasing its ability to learn and produce new features.
This makes a big difference in markets more sensitive to new features. In fact, the simulations
tell us that, under these conditions, a successful DevOps transformation introduces
disruption — a new competitive environment where the control model cannot survive.
Creating systems of disruption
A successful DevOps transformation is expected to provide a competitive advantage.
However, when it is aligned with a strategy of market innovation, we find that the result
is potential market disruption. A strategy of innovation changes buyer behavior, and
customers place a premium on new features. Under those conditions, companies capable
of learning fast and releasing new features quickly can dominate their market.
A DevOps transformation allows an enterprise to produce features faster as the enterprise
scales. When competing on innovation, new features strongly affect customer adoption.
This increases the enterprise’s ability to scale and creates a virtuous cycle where the
winners win more.
JERRY OVERTON is a data scientist and distinguished engineer with CSC’s ResearchNetwork.
GENE KIM is co-author of The Phoenix Project: A Novel About IT, DevOps, and Helping Your
Business Win and the upcoming DevOps Cookbook.
For more details and references, go to
36 CSC WORLD | NOVEMBER 2015
DevOps FRONT LINES
CSC is using DevOps to implement innovative solutions for clients in an agile hybrid cloud
environment, improving integration and collaboration among development, operations
and business teams. In a recent CSC Town Hall, experts discussed how DevOps
accelerates the application development, testing and release process.
Colin Eby, a solution architect at CSC, says DevOps erases boundaries between
application development and the business. “The core principle is the shared ownership of
product objectives and outcomes. Eliminating hand-offs between teams reduces the need
for queues and schedulers, and improves product quality and outcomes,” Eby says.
For example, CSC’s development team reduced its cycle time — from starting a new
software feature through deployment — from 50 days to 6 days. Instead of deploying
one release a year, the team could therefore deploy 42 times. “We expect even more
improvements,” adds Paula Thrasher, an application delivery lead for CSC.
Agile development delivers small units of value more frequently with CSC Agility
Platform, a hybrid cloud management solution that enables software managers to
continuously deliver and test code, and move it into production. This allows the other
teams involved to monitor an application to ensure it meets business and customer
requirements. Process automation helped CSC reduce time spent on rework from
12 hours to 15 minutes per cycle.
Ben Anderson, installation services lead at CSC, says DevOps is guiding the
implementation of Lorenzo, CSC’s next-gen electronic patient record system, for
a UK-based client.
“DevOps eliminates what was once a two-stage process between development and
packaging,” Anderson says. “It offers a fully automated, continuous integration tool
chain with built-in governance. That eliminates most manual hand-offs like code
check-in, compilation and authority to promote. DevOps also allows us to shift our
focus from the tactical to the strategic. This lets us focus on the application of best
practices in our development.”
Damon Edwards, co-founder of DTO Solutions, points out a number of reasons why
DevOps is gaining popularity. “Companies recognize now that IT is the heart of the
business, it’s the factory floor. And they understand how the performance of that affects
the bottom line,” Edwards says. “Likewise, IT now sees and understands that same valuechain
approach. Historically, it has optimized for specific areas. But now IT realizes it
needs to step back and optimize the whole end-to-end life cycle.”
Darryl Cauldwell, a senior platform engineer at CSC, says tools like CSC’s BizCloud TM
HC (hyper-converged) and VMware’s Integrated Open Stack (VIO) environment are key
elements to making DevOps possible. “Providing software-defined networks, storage and
applications over a cloud infrastructure helps developers get going quickly,” Cauldwell
says. “These technologies allow developers and architects to bring together pieces of
automation to define application blueprints. This offloads a great deal of complexity
and allows the developer to focus on the application itself.”
Better still, DevOps principles apply to any platform or technical environment, notes
CSC’s Thrasher. “Our project currently has 28 agile teams, including five mainframe
teams, who are also looking at DevOps processes,” she says. “It’s not just for the shiny
new stuff or your mobile app.”
DALE COYNER is a writer with CSC’s digital marketing team.
by Dale Coyner
NOVEMBER 2015 | CSC WORLD
Modern IT Architecture
in One Word: Shared
by Bob Donnelly
Social, mobile, analytics and
cloud drive today’s business.
by Social Bob Donnelly involves shared
consciousness. Mobile involves
shared services provided to
individual devices. Analytics
are run on data shared from
multiple sources. And cloud
deals with the sharing of
resources, such as compute,
storage, platform, software
and so forth.
The common theme, of
course, is sharing — and
this shift toward sharing
is causing IT architects
to look at systems in
38 CSC WORLD | NOVEMBER 2015
We’ve already touched on several different meanings of
sharing. People voluntarily share things online. Some companies
actively mine data based on information consciously shared or
via actions such as buying something, typing something into a
search engine, or visiting a website. While analytics are based
on data “shared” or gathered from multiple sources, this does
not necessarily involve a shared component in the architecture.
requirements. If there is any “distance” (network latency or limited
bandwidth) between data users, a local copy may be needed, but
systems on a fast, local network can share this one store. The net
result is a migration from independent, vertical stacks, each acting
as its own system, to shared, horizontal services that enable each
“system” to concentrate on its independent function. The concept
of “system” begins to morph.
Shared source code, or binaries, is another context. Architecture
is influenced by the tools available to implement it. Many projects
use trade studies to consider the appropriate tools, and reusing
existing tools that fit saves time versus creating something
new. Shared can mean open source, inner source (shared source
among a closed community), closed source development libraries,
or licensed commercial software.
While this context of sharing influences architecture, the resulting
architecture stack may not have any external dependencies. You
may run a database used by many others, but it can be a separate
instance run on your hardware. You may utilize user interface
libraries used by many others, but they are compiled into your
Yes, there is work to enable this: agreeing on a common data
model; defining an API that meets the combined access needs;
designing the data services to meet the combined performance
needs. Potential gains include reduction in hardware (since one
shared data store replaces many) and enhanced capabilities from
having the aggregate data (versus a subset) to work from.
Sharing is not always easy
Getting varied, interested parties to agree on the form of these
shared services requires combining technical skill with organizational
and leadership skills. Aligning product release schedules is
a challenge, as is handling legacy integration and interoperability.
In short, success depends on agreeing to shared requirements,
shared schedules and shared technical solutions.
So, how do we define a truly shared architecture? It’s one where
one or more layers of the architecture are shared with others during
runtime. Certainly, Anything as a Service (XaaS) involves using
shared resources for certain layers of the architecture. Hardware
and virtualization layers are provided in Infrastructure as a Service
(IaaS). Platform as a Service (PaaS) and Software as a Service
(SaaS) provide application hosting or applications themselves.
Boundaries between the shared resource and the customer-specific
application are well defined and may be formalized in an SLA.
As a system/software architect dealing with system-of-systemslevel
integration, I see sharing that does not have as clean a boundary
or interface. Instead of a well-defined hosting environment,
services are truly shared among multiple stakeholders.
The next step
Recently, there has been a marked change in approach as we
transition from services moving data between systems to systems
truly sharing the same data services. Let me explain.
Previously, in a layered architecture, a single supplier would provide
every layer in the entire stack. Systems may have run a common
service that moved data, but these focused on exchanges between
systems. Once data hit a particular system, it would be independently
stored, manipulated and viewed.
Recently, there has emerged a concept of storing data once
for all “systems” to access. A common data store is now fast
enough so that data can be created, read, updated and deleted
(CRUD) by multiple systems at once and still meet performance
The system of systems transitions into a system of services.
Services replace systems as the primary component. A given
function becomes an application running on top of these services
versus a system with its own vertical stack. Companies such as
CSC morph from system integrators to service integrators.
We’ve looked at various meanings of sharing: an XaaS model
with a defined boundary involving payment for services; shared
contribution to a data stream; shared source through both open
and inner sourcing; shared requirements implemented in common
services used by multiple users to implement various functions.
A modern architecture has some combination of these features.
“Modern” is possibly best defined by what it is not — namely, a full
stack, or “system,” owned by one provider.
IT architects need to figure out how to create shared ingredients
that can be combined to meet different technical requirements.
These become the basis of a microservice architecture. Over time,
single ingredients may be swapped to insert new technology and
improve performance. This may be harder than creating a single
product, but it enables the provider to keep fewer solutions on
its shelf, meet customer needs quickly, and reduce costs across
product life cycles.
BOB DONNELLY is a distinguished engineer at CSC.
NOVEMBER 2015 | CSC WORLD
Gets Lean by Neil Gatenby and Albert Verhoeven
Manufacturing concepts targeting
waste and complexity are being
adopted by enterprise IT.
In today’s enterprise, IT systems have become a primary source
of either growth or decline. That’s been a blessing and a curse.
Technology-driven change is creating opportunity, but it’s also
creating competitors, complexity, exponential data growth and
the need to invest in more IT.
Companies that seek more effective ways to manage IT
systems are exploring the principles of Lean, a concept
developed years ago by automobile manufacturers to respond
to market changes and customer behaviors. Today, the
same types of changes are affecting IT and the business.
And, just as automakers did, IT managers can
adopt Lean principles to answer the rapidly
changing needs of the business.
Lean defined and applied
The Lean approach is about delivering
maximum value to customers by
reducing waste in business
processes. It eliminates
anything a customer would
not be prepared to pay for,
such as defects, downtime,
slow application response
times or even underutilized
Lean calls out systems
that don’t deliver value. IT
systems are primarily built
to help organizations execute
business processes. Do the
systems make it easier or harder
for employees to do their jobs? A reliable indicator
for determining system value is whether people find ways
to work around it. The rise of “shadow IT” — processes and
systems commissioned by business units without direction or
management from the IT organization — is an indication that
systems don’t meet the needs of the business.
Lean embraces efficient development methods. Emerging
methodologies such as DevOps involve the business and
users throughout the development process. Instead of waiting
to deliver a finished application, components of a solution
40 CSC WORLD | NOVEMBER 2015
are continuously rolled out for testing and user acceptance,
resulting in fewer steps, fewer bottlenecks, lower cost, a
reduced risk of user rejection and faster time to value. The
ability to respond rapidly to requirement changes with an
approach such as DevOps is vital when other parts of the
organization are undergoing their own Lean initiatives.
Lean encourages new technologies to tame complexity. Backoffice
technologies such as cloud infrastructure can contribute a
great deal toward making an IT system more efficient. The use of
a cloud architecture for development is far more cost-effective
than standing up new servers, purchasing software licenses and
commissioning more data center space. Development tools
that are cloud enabled encourage collaborative development
and automated testing, as well as version control and release
management. Front-end technologies such as mobility and social
media offer users more control, fast access to data, frequent
updates and a more engaging experience, all of which add up
to more value for the user.
Lean concepts in IT
Lean concepts can be applied throughout today’s IT organization
to dramatically improve business outcomes. In fact, many IT
shops already embrace Lean principles, but by different names.
For example, value stream mapping is a common starting
point in Lean. The method analyzes a current state and
designs a future state for the series of events and processes
that take a product or service from its beginning through to
the customer — focusing on activities a customer would be
prepared to pay for, and eliminating waste.
Similarly, business process management (BPM) is a
methodology that allows organizations to define, model and
execute activities in clear and efficient processes. In many
organizations a disconnect exists between business operations
and IT. BPM is the place where these two worlds collide. It
involves elements of people, process, tools and data. BPM can
be described as the tools that help people execute business
processes to achieve business goals and objectives.
DevOps is the practice of operations and development teams
participating together in the entire service life cycle, from design
through the development process to production support. There
are a lot of opinions on what DevOps is and isn’t. However, it has
some common themes, tools and ideas that have many parallels
with Lean. Quick changeovers between development and
test cycles resonate with Lean’s idea about the “single-minute
exchange of dies,” a reference to quick changes in manufacturing
equipment. Lean also espouses the concept of doing the right
activities at the right time to minimize wait times and (in the case
of manufacturing) reduce unnecessary inventories, a concept
called “just-in-time.” Similarly, DevOps seeks to reduce delays
and bottlenecks that lead to stacks of code queuing up for
review, in a kind of just-in-time development.
A significant Lean concept is the idea that demand pulls
tasks through a system, replacing what has been consumed,
rather than building inventory to meet predicted needs.
This is a role being filled increasingly by the service-enabled
enterprise (or SEE, also called as-a-service). It provides
an organization with any type of IT resource — network,
computing, big data, storage — on a consumption basis,
rather than requiring that massive infrastructure be built to
meet potential peak resource demands. This gives customers
a real choice about what IT services they need, and how
much they need to use.
Automation is king in the Lean system, performing tasks
via a machine rather than a person, with a heavy focus on
repeatability and efficiency. Likewise, in IT, integration services
provide the automated glue between systems. Most business
processes are supported by multiple systems. In many cases,
people copy and paste data from one system to another.
Integration services create ecosystems that allow people to do
what they need to do without being constrained by systems,
and vice versa.
Following the Lean path
The kind of transformation that takes place under Lean
principles can’t be considered a minor change because it
completely alters the operating model of an organization.
It affects every facet of an organization’s construct: people,
process and tools.
The journey to a truly Lean, as-a-service enterprise starts
with a cultural change that must be led from the top. The
benefits of such a change are profound. The transformation
of the automotive industry and many other manufacturers
has proven that continuously optimizing systems that
create value for customers also creates value for the
organization. Lean has changed the way consumers and
The same thing is happening in IT. Advances in technology
have changed what users value and expect from IT systems;
Lean offers many of the principles we need to meet these
expectations. Shortening delivery cycles, driving efficiencies
in the supply chain, giving customers choices — these are
just some of the benefits of this transformation.
NEIL GATENBY is business process and tools manager
at Thales Australia.
ALBERT VERHOEVEN is digital transformation director
NOVEMBER 2015 | CSC WORLD
Like roads, telephones and electricity were to the
20th century, an ever-more capable digital ecosystem
is becoming the underlying business infrastructure of
Whereas in the past each major industry sector relied on its
own vertical stack of systems and processes, firms must now
leverage powerful “horizontal” capabilities — computing,
messaging, GPS, maps, payment systems, social reputations
and more — that are used across all industries. These new
capabilities are radically transforming many aspects of
business and society, and will only grow stronger over time.
At CSC’s Leading Edge Forum, we refer to this emerging
set of digital services as “the matrix.” While we could have
easily used existing terms such as the Internet, the Web or
the cloud, we believe that the metaphor of a matrix best
captures both the friction and synergies between these
traditional vertical and emerging horizontal worlds.
Clearly, the term is also a direct reference to the 1999
science fiction movie The Matrix. As in the film, our
metaphorical matrix is a world where computers talk directly
to one another, often with little human involvement. While
the cloud suggests something “out there,” like it or not, we
are all part of the matrix — a place where 3D goggles can
immerse us in digital worlds, and where our virtual identities
increasingly have a life of their own.
Of course, the creators of the movie imagined a deeply
dystopian future, where humans are used merely to provide
energy to the machines that are really in charge. But
despite the recent warnings regarding the rise of machine
intelligence and the risk of human obsolescence — warnings
from innovators no less than Stephen Hawking, Bill Gates,
Steve Wozniak and Elon Musk, as well as creators of more
recent movies such as Her and Ex Machina — as of now,
digital innovations have been overwhelmingly positive
by David Moschella
You don’t have to take the
red pill to understand the
digital economic ecosystem.
42 CSC WORLD | NOVEMBER 2015
From vertical stacks to horizontal services
In the past, most company business models were based on
their own functional and process stacks. For example, major
banks would have their own branches, data centers, credit
cards, cash machines, call center systems, loan approval
processes, investment advisors and so on.
But increasingly the most interesting new businesses come
from leveraging “horizontal” digital capabilities. Consider
the way the ride-sharing app Uber takes advantage of
public infrastructure — smartphones, cloud computing, GPS,
mapping software and Internet payment mechanisms —
to increasingly dominate the taxi industry.
These and other public infrastructure capabilities will
continue to emerge, even though you didn’t ask for them.
They are not there waiting to be sourced as alternatives to
in-house provision. They are primarily there as components
that enable your firm to develop new products, services
and business models, and they cost you nothing until
they are used.
Even more powerful components are on the way. These
include smart sensors, the Internet of Things (IoT), and
machine-to-machine (M2M) communications, often
combined with algorithms, artificial intelligence and vast
knowledge bases such as Google and IBM’s Watson. It is
this emerging layer of awareness, intelligence and virtual
operations that will make the matrix metaphor even more
apt, while also triggering many future market disruptions.
The role of digital leaders
With new capabilities appearing virtually every day,
ignoring the matrix is not an option. Today’s leaders need
to embrace the fact that the matrix is a powerful, unruly
force they cannot control and whose movements cannot be
predicted. The required management posture is more akin
The matrix is the economic infrastructure of our time.
to journalism, wargaming and storytelling than traditional
business planning and strategy development, which
presumes more control than the matrix allows.
Executives should ask the big, simple questions: What is
the future situation likely to be if we do nothing? Who are
the new disruptors, and where will they seek to enter our
markets? What are the major scenarios that might become
reality? What are the emerging capabilities in the matrix
that should most interest or concern us? What sort of
experimental experiences, learning and talent development
do we need?
Most of all, management needs to develop an intuitive feel for
the matrix. This can only be done by getting out of the office
and engaging with key matrix players. Executives should be
spending more time networking in digital circles and seeking
to understand their industry as Silicon Valley would see it.
They should also be trying to hire digital leaders who have
lived in and absorbed the matrix culture.
The 1920s and 1930s were also a time of great technological
change — electrification and refrigeration, telephones
and radio, automobiles and air travel, and, of course,
movies. Information technology has not yet matched
the transformative societal impact of that great wave of
scientific progress — but we are still early in the game. The
ability of the matrix to support advances such as robotics,
3D printing, human/machine integration, autonomous
vehicles, biotechnology, machine intelligence and all manner
of virtual worlds suggests that change on an even greater
economic and social scale is likely. For better or worse,
the matrix is here.
DAVID MOSCHELLA is research director at the
Leading Edge Forum.
Learn more about the Leading Edge Forum at
Cars Health Manufacturing Media Energy Education Banking
Analytics, Google, Watson, sensors, IoT, AI, M2M
Uber iHealth 3DP Netflix Nest MOOCs Kickstarter
Facebook, Twitter, user content, open source
Publishing, e-commerce, payment, encryption
Computing, storage, bandwidth, mobility, GPS
NOVEMBER 2015 | CSC WORLD
TO WATCH IN 2016
by Dan Hushon
Five IT trends will help usher in the next generation of global productivity.
Enterprises that develop strategies around these trends will have an
opportunity to gain a competitive edge.
Value of contextual data escalates
Building on the growth of digital platforms and the volume of
data supplied by “Internet of Things” (IoT) devices, contextual
data will be a prevailing force in 2016. In a novel, context
describes the setting and the scene where characters act.
In an enterprise, contextual data provides the same type of
broader picture. Data points such as device, location, language,
social network and influencers help enterprises develop better
insights, personalize products or services, or even suggest
specific actions. More context will allow enterprises to create
a more integrated and valuable information experience for
clients, employees, partners and citizens.
Demand for cybercontrols grows
As data becomes more contextually rich, it becomes more
valuable to the firm — and to cybercriminals as well. The
growing risk of attack will require next-generation techniques
for network defense, identity access management, risk
management and now information management. Public
clouds will play a role in the integration of contextual
data, so these will need to be included in security system
architectures. Context-rich environments will force
enterprises to give significant thought to acceptable
risk levels and controls as they share a growing range of
APIs enable business strategies
Enterprises have discovered the power of APIs and will
continue to build on them. APIs are the key to information
access and exchange between systems, often acting as a
wrapper around older systems. This enables organizations to
combine data from legacy applications and new applications.
APIs are more than a development tool; they create new
channels for service integration, information coordination,
ecosystems of information sharing and economies around
information derivatives. The core of a digital strategy
depends on democratizing information access, and APIs play
a central role in that process.
The CIO’s role continues to evolve, focusing on an
The CIO’s role will include partnering with the business to
drive information and technology value. This partnership
is part of what’s called business relationship management
(BRM), and it will help the enterprise gain access to the right
information and technology to make better decisions and
introduce competitive products, quickly and at scale. As
owner of the organization’s information and technology,
the CIO is uniquely positioned to lead the development
of digital business innovations.
Enterprise infrastructure players consolidate to provide agility
Another trend is the ongoing convergence and consolidation
of enterprise infrastructure players. This consolidation
answers the market’s demand for more standardized,
agile and complete solutions out of the box. Converged
infrastructure is moving toward public cloud styles, which
extend purchasing and operating leverage, enable agility and
improve self-service for IT. Look for greater specialization of
these platforms in future products and services to create IT
leverage at the pace of business.
Finally, if there’s anything that’s certain about the future,
it’s that some new innovative technology or application will
surface in 2016 that will change our thinking. This continuing
change and renewal is what makes IT such an exciting field
to be a part of today, and I can’t wait to see what else 2016
DAN HUSHON is chief technology officer at CSC.
Thanks to CSC’s Leading Edge Forum, ResearchNetwork
and CTO Office for input.
CSC’s Leading Edge Forum is a sponsor of the Business
Relationship Management Institute, the premier organization
dedicated to serving the global BRM community.
Learn more at csc.com/lef-brm.
44 CSC WORLD | NOVEMBER 2015
DISEASE TO DATA:
Sixty-four percent of CIOs in the healthcare and life sciences sector call modernizing
legacy applications a high or critical priority, and it’s no surprise that they feel that
way. Shifting consumer expectations and changes in regulations, as well as global
pressure to deliver better care for individuals and better health for populations, have
the entire industry in need of innovation that can be implemented quickly. CSC can
help you increase flexibility, responsiveness and reliability, while lowering per-capita
costs with Agile IT as a Service.
Innovation is never a roadblock For Those Who Solve.
Learn more at csc.com/solve.
NOVEMBER 2015 | CSC WORLD
Regional CSC Headquarters
3170 Fairview Park Drive
Falls Church, Virginia 22042
Asia, Middle East, Africa
Level 9, UE BizHub East
6 Changi Business Park Avenue 1
Republic of Singapore
26 Talavera Road
Macquarie Park, NSW 2113
Central and Eastern Europe
Nordic and Baltic Region
South and West Europe
10 place des Vosges
92072 Paris la Défense Cedex
UK, Ireland and Netherlands
One Pancras Square
CSC is a global leader in next-generation IT services and solutions. The
company’s mission is to enable superior returns on our clients’ technology
investments through best-in-class industry solutions, domain expertise
and global scale. For more information, visit us at csc.com.
© 2015 Computer Sciences Corporation. All rights reserved.