CIO & LEADER-Issue-12-March 2018

Face Off
Should Digital Budget Be A Part Of
Enterprise IT Budget? Pg 24
Insight
What Does Hyper-Consolidation
Mean For Enterprise CIOs? Pg 26
Volume 06
Issue 12
March 2018
150
TRACK TECHNOLOGY BUILD BUSINESS SHAPE SELF
Decoding
Digital
Transformation
India, Circa 2018
What the journeys of selected businesses in three of
India's top business groups, Tata, Mahindra&Mahindra &
Vedanta/Sterlite, tell us about big transformation Pg 12
A 9.9 Group Publication

EDITORIAL
Shyamanuja Das
shyamanuja.das@9dot9.in
The great
question that
has never been
answered...…
T
“If you think
you will be
asked to drive
transformation
in a large
company while
keeping nuts
and bolts of
IT, you are
mistaken"
“The great question that has never been answered,
and which I have not yet been able to answer,
despite my thirty years of research,” confided
Sigmund Freud, is ‘What does a woman want?’
The big question of business today—what
exactly is digital transformation?—may not be as
challenging as Freud’s ‘great question’ (maybe,
one of the ultimate great questions of human
civilization) but in many ways, they are similar.
It is not that answer to these questions have not
been attempted. In fact, they have probably been
attempted by more people than any other comparable
questions of their time and arguably that
is exactly what makes them great.
So, here’s one more shot at explaining what
digital transformation means—the great question
of business, circa 2018.
The reason I started with Freud is that I can
make the confession with a straight
face—that what I have done is grossly
inadequate to define what digital transformation
means. Yet, if it can help you
gauge the direction of the digital journey
of some of the largest core sector companies
in India a little better, I think my goal
would be achieved to a great extent.
Trying to define what digital transformation
is not the job of editors like me.
All we do is observe and report; maybe
try to connect some dots at best.
So, take it for what it is. It is a report on
what is happening on the ground, with an
attempt to identify some common trends.
For CIOs, there are a couple of big messages.
First and foremost, a CIO cannot drive digital
transformation. Please read it completely before
shooting me. All it means is a real transformation
needs a dedicated driver. If you think you will be
asked to drive transformation in a large company
while keeping the nuts and bolts of IT (your current
CIO role), you are mistaken. As you can make out, it
has nothing to do with your competence or your professional
background. It is everything to do about
your letting go the past.
Secondly, in the digital era, all that brought you
here won’t take you there. You are probably here
because you understand your business so well and
you are a great problem solver. But for transformation,
you may not be given a problem. Today, a good
transformationist would look for all new technologies
and should be able to quickly identify which
one out of them can add great value to their business.
You do not need to be apologetic about being a
techie as long as you are comfortable with the landscape
and do not get caught up with one.
We will get into greater detail on what would
make a CIO a great digital leader soon, in one of the
next issues
March 2018 | CIO&LEADER
1

Face Off
Should Digital Budget Be A Part Of
Enterprise IT Budget? Pg 24
TRACK TECHNOLOGY BUILD BUSINESS SHAPE SELF
A 9.9 Group Publication
Insight Volume 06
What Does Hyper-Consolidation Issue 12
March 2018
Mean For Enterprise CIOs? Pg 26
150
India, Circa 2018
What the journeys of selected businesses in three of
India's top business groups, Tata, Mahindra&Mahindra &
Vedanta/Sterlite, tell us about big transformation Pg 12
CONTENT
MARCH 2018
COVER STORY
12-23 | Decoding Digital
Transformation - India,
Circa 2018
Decoding
Digital
Transformation
Cover Design by:
Shokeen Saifi
Please Recycle
This Magazine
And Remove
Inserts Before
Recycling
COPYRIGHT, All rights reserved: Reproduction in whole or in part without written permission from
Nine Dot Nine Interactive Pvt Ltd. is prohibited. Printed and published by Vikas Gupta for Nine Dot Nine
Mediaworx Pvt Ltd, 121, Patparganj, Mayur Vihar, Phase - I, Near Mandir Masjid, Delhi-110091. Printed at
Tara Art Printers Pvt ltd. A-46-47, Sector-5, NOIDA (U.P.) 2013011
advertisers ’ index
Seagate
Netmatic
IFC
BC
This index is provided as an
additional service.The publisher
does not assume any liabilities
for errors or omissions.
2 CIO&LEADER | March 2018

AROUND THE TECH
04-07
CIOs Think Of Themselves
As Technology Visionaries
www.cioandleader.com
COLUMN
08-09
Why New Age BI
Systems Are Better
Than Traditional MIS?
By Anshul Rai
10-11
Securing The Digital
Supply Chain
By Rahul Kumar
INSIGHT
28-29
India Is Among Bottom
Five Countries In Global
Cloud Study
34-35
Cloud Apps And
Web Portals Are
The Biggest Targets
For Attackers
SECURITY
36-37
The Case of Rising
Cyberattacks
LEADERSHIP
38-39
Ten Ways Business
Leaders Can Improve
Gender Diversity
MANAGEMENT
Managing Director: Dr Pramath Raj Sinha
Printer & Publisher: Vikas Gupta
EDITORIAL
Managing Editor: Shyamanuja Das
Associate Editor: Shubhra Rishi
Content Executive-Enterprise Technology:
Dipanjan Mitra
DESIGN
Sr Art Director: Anil VK
Art Director: Shokeen Saifi
Visualisers: NV Baiju & Manoj Kumar VP
Lead UI/UX Designer: Shri Hari Tiwari
Sr Designers: Charu Dwivedi, Haridas Balan & Peterson PJ
SALES & MARKETING
Director-Community Engagement
for Enterprise Technology Business:
Sachin Mhashilkar (+91 99203 48755)
Brand Head: Vandana Chauhan (+91 99589 84581)
Assistant Product Manager-Digital: Manan Mushtaq
Community Manager-B2B Tech: Megha Bhardwaj
Community Manager-B2B Tech: Renuka Deopa
Associate-Enterprise Technology: Abhishek Jain
Assistant Brand Manager-B2B Tech: Mallika Khosla
Regional Sales Managers
South: Ashish Kumar (+91 97407 61921)
North: Deepak Sharma (+91 98117 91110)
West: Prashant Amin (+91 98205 75282)
Ad Co-ordination/Scheduling: Kishan Singh
PRODUCTION & LOGISTICS
Manager Operations: Rakesh Upadhyay
Asst. Manager - Logistics: Vijay Menon
Executive Logistics: Nilesh Shiravadekar
Logistics: MP Singh & Mohd. Ansari
OFFICE ADDRESS
9.9 Group Pvt. Ltd.
(Formerly known as Nine Dot Nine Mediaworx Pvt. Ltd.)
121, Patparganj, Mayur Vihar, Phase - I
Near Mandir Masjid, Delhi-110091
Published, Printed and Owned by 9.9 Group Pvt. Ltd.
(Formerly known as Nine Dot Nine Mediaworx Pvt. Ltd.)
Published and printed on their behalf by
Vikas Gupta. Published at 121, Patparganj,
Mayur Vihar, Phase - I, Near Mandir Masjid, Delhi-110091,
India. Printed at Tara Art Printers Pvt Ltd., A-46-47, Sector-5,
NOIDA (U.P.) 201301.
Editor: Vikas Gupta
March 2018 | CIO&LEADER
3

around
thetech
WHAT
CIOs ARE
TIRED OF
HEARING...
“CIOs lack
the strategic
vision to see the
big picture.”
LEADERSHIP
CIOs think of themselves
as technology visionaries
In a recent Global C-suite Study, IBM
interviewed over 2,100 CIOs to better
understand how the CIO function
is evolving. The study reveals that
CIOs have long moved beyond the
original intention of the “I” in their
title – Information – to a myriad
of other foci. The new-age CIO is
doing everything from helping to
drive business strategy to enabling
the creation of new products and
services, to improving the customer
experience and empowering their
organizations.
Interestingly, the critical issues CIOs
used to face have changed over the
years. The number of CIOs earlier
were pressured to transform their
organizations wasn’t that high, but
there was a significant gap between
CIOs’ responses and those of the rest
of the C-suite.
CIOs see themselves today as
technology visionaries (24%) and
transformational business leaders
(21%). These are the foundational
competencies of the contemporary
CIO. Some continue to play more
traditional roles – IT coordinator and
manager (13%) and trusted business
advisor (12 %).
In the next two to three
years, CIOs see the job
shifting to areas much
closer to the business. "The
roles of transformational
business leader and
technology visionary
still top the list, but
IT coordinator
and manager
has dropped
significantly," notes
the study.
4 CIO&LEADER | March 2018

Around The Tech
BY THE BOOK
The most driven leaders are those who
dare to be their true-selves. Have you
ever attempted that at the workplace? In
a business world that is so competitive
and uncertain, how do you interact with
other people more authentically to tap
into their illusive want?
Brave Leadership by Kimberly Davis
is the essential guide for leaders in
today's ever-shifting world. Wherever
you are in your leadership journey—
new, seasoned, young, or old—if you
aspire to be the best leader you can be,
then this book is for you. It gives you
perspective into overcoming barriers to
become brave, learn to manage stress
and anxiety, and prepare for highstakes
meetings and conversations
Do you have the influence you want
to have? Are you able to set the direction
of your career, connect powerfully,
and feel more confident, courageous,
satisfied, and purposeful? This book
promises to help you tap into the want
of the people you lead to get the results
you need.
This alluring and inspiring book
bridges traditional business how-to
with a personal development approach
to demystify what it takes to be the
brave leader you were born to be.
makingheadlines
#DeleteFacebook hashtag has been doing the rounds on Twitter. As if to add
insult to the injury, users are now deleting their Facebook accounts. Tesla's
CEO, Elon Musk is the latest to join the bandwagon. He deleted his verified
Facebook pages for SpaceX and Tesla.
However, the #DeleteFacebook issue is a bit of a deja vu moment for the company,
which has been embroiled in a series of controversies for the last decade.
Almost eight years ago, an online event christened 'Quit Facebook Day' was
started by a group of dissatisfied Facebook users. The reason was identical -
most users were concerned about their data's privacy. The boycott was a major
flop after just over 30,000 of the site's 500 million users deleted their Facebook
accounts.
As more users get conscious about privacy, the more bad news it will be for online
businesses such as Facebook. Will 2018 serve as an end of the road for Facebook?
Iceland is a tiny country, with a population of 336,483.
But it is a heavyweight in gender equality. It has had
the closest gender gap of any country for nine years
in a row. According to European Union data, Iceland
is the world leader at including women in the labour
force: Participation was over 80% in 2017. Since the
1970s, more and more Icelandic women have entered
the workforce, thanks to several political decisions,
such as a legal right for parents to return to their job
after childbirth.
Iceland has had an equal pay law in effect since
1961. However, the icing on the cake was when the
Iceland Parliament in January this year, banned pay
discrimination in the workplace. In 2017, the then government
of Iceland made this standard not a voluntary
one. Every company with 25 or more employees needs
to undergo audit to using the standard to prove that
they are actually not discriminating in the workplace
against men and women.
gender
bender
March 2018 | CIO&LEADER
5

Around The Tech
AUTO-NOMOUS
matter of
twitter
Sixty-three percent of consumers are more likely to ride in an
autonomous vehicle if it was offered by a brand they trust, a Deloitte
survey has confirmed. Brand trust, however, is becoming more
important, the type of company consumers would most trust to bring
fully self-driving technology to market has not changed over last
year. Consumers in Japan, Germany, and the United States still favor
traditional vehicle manufacturers; this is in contrast to consumers in
South Korea, India, and China, who would most favor new autonomous
vehicle manufacturers or existing tech companies.
So how do you make consumers feel more comfortable riding in
self-driving vehicles? Deloitte reports that over 71% of US consumers
fell that they would be more likely to ride in an autonomous
vehicle if it had an established safety record (up from 68% last
year). Howver, it only takes one negative incident to destroy much
of the goodwill, faith, and interest built up around these long-term
R&D experiments.
VITAL
STATISTICS
Hit by
ransomware,
by country
India
Mexico
U.S.
Canada
South Africa
Germany
France
Australia
U.K.
Japan
Hit by ransomware, by country
48%
48%
45%
41%
54%
51%
67%
65%
60%
59%
% of
organizations hit
by ransomware
in the previous
12 months
Source: Sophos’ The State of Endpoint Security Today
6 CIO&LEADER | March 2018

Around The Tech
And the award for
THE BEST WORKPLACE IN INDIA
goes to…
#1
#2
#3
#4
#5
As competition for jobseekers intensifies,
Linkedin’s 2018 Top Companies report
haw actively deployed employee-first
strategies such as flexible hours, a good
parental leave policy, and time-off to do
more than work. Some of the emerging
themes this year are:
• Unconventional hiring methods: The
top companies in India are looking
beyond the grades and college rankings
to recruit new talent. Directi (#1) cherrypicks
talent using unconventional
techniques such as case studies, tasks
like app development and solving the
Rubik’s cube.
• Flexibility first: With job seekers
increasingly demanding a work-life balance,
these top companies have chalked
out flexible parental leave policies and
programs for planned time-off to recuperate
or even pick up a new hobby.
Amazon (#4) has a Ramp Back program
that offers new parents eight weeks of
flexibility and partial work hours, so
they can acclimatize to their new schedules.
At McKinsey & Company (#6),
under ‘Take Time’, employees can take
five to 10 extra weeks off to pursue their
passion – get a pilot’s licence, write a
book – or attend to family matters.
• Wellness at work: Wellness and fitness
facilities continue to be the top draw for
employees while choosing a company
to work for. Alphabet (#7) is known for
its gourmet meals, fitness facilities, and
on-site childcare services, whereas Ola
has on offer multiple clubs for activities
ranging from music to sports — where
employees can mingle with other teams.
• Democratizing power: From office interiors
to policy creation, top companies
are ensuring its employees have a say in
how things are done. For instance, PwC's
NextGen Sounding Board comprises
200 millennial employees who participate
in policy creation for the company.
All new and revised people policies are
first taken to this group.
• Learn to lead: The top companies have
made in talent growth and development
an in-house responsibility. EY (#9) last
year rolled out a program called EY
Badges that allows employees to earn
digital certificates for skills like artificial
intelligence, data science and data
visualization. MakeMyTrip (#18) offers
a bevy of free courses for its employees,
ranging from customized behavioral
programmes to study tours to Europe
and Southeast Asia.
March 2018 | CIO&LEADER
7

COLUMN
By Anshul Rai
Why New Age
BI Systems Are
Better Than
Traditional
MIS?
How new-age BI systems can create
value for Indian businesses
T
The author is the CEO and Co-founder
of Happay, a business management
company that caters to various business
spends; the article was first published in
cfo-india.in, our sister website
The role of today’s CFO extends way
beyond the mandate of traditional
financial management into more
strategic areas of business. The new
responsibilities make it crucial for
CFOs to have meaningful data at their
fingertips to support and develop strategic
business initiatives.
However, the problem is with getting
the right data, in the right format
and at the right time. Traditional MIS
systems, especially those used for revenue
and expense reporting, are saddled
with inaccuracy, inconsistency
and unmanageable complexity.
The way the data is collected, stored,
compiled and presented to CFOs
makes it unfit for analysis and decision-making.
For department heads and finance
teams, data management is an arduous
and time-consuming process.
Why is this the case?
1. The data extracted from
the traditional MIS systems
is aggregate data.
In any organization, department or
product heads are given budgets at the
start of every month or quarter, and
their performance is gauged against
this budget. To view their individual
performance against budgets, department
heads resort to the canned
reports from the General Ledger (GL)
generated by the finance teams. They
view the report data, look for variances
and take corrective measures to
eliminate cost overruns and maximize
budget efficiency.
Seems pretty straightforward till
this point, doesn’t it? Well, it’s not,
especially when there are deviations
in data. Aggregate data is not enough
to understand the root cause of budget
deviations.
The GL reports show aggregate
data for spends vs. budget. This
data output has none of the rich
transaction details that are necessary
for investigating the root causes that
trigger a budget deviation or an unexpected
increase in a particular expense
category.
8 CIO&LEADER | March 2018

Column
In this case, the departmental managers
go back to the finance teams for
the underlying details behind the GL
data — the individual transactions
that caused them to exceed their budget.
This triggers a spurt of activity
within the finance department, causing
workload to shoot up immediately
during the month or quarter end.
The finance departments run additional
reports to find out the required
information for managers. The process
doesn’t stop there. The departmental
heads often have questions on the new
reports generated. Once they receive
the answers, they have follow-up questions
and the cycle continues. It sometimes
takes weeks for the issue to get
resolved satisfactorily from both ends.
2. The data is stored in
multiple systems managed
by different teams.
The GL summary report contains
transaction data that is extracted from
different systems like HRM & Payroll,
Accounts Payable and Inventory Management
– each of them managed by
different teams.
People other than finance also gets
tasked with requests for data extracts.
This makes the entire process even
more complex and time-consuming.
No wonder it takes weeks on end to
solve one issue.
3. The data does not
facilitate easy comparison
of different departments or
cost centers.
The reports generated by the finance
department for comparison are
income statements and balance sheets.
They show profits against losses and
performance vs. budget for an individual
manager, department or product
and are definitely useful.
So what is the way out for
CFOs and finance teams?
Alternative #1: Replace their legacy
GL system.
One way is to replace their current GL
system with the latest ERP or accounting
software. However, this might
involve substantial cost and resource
commitment.
Alternative #2: Adopt a self-service,
business intelligence system.
A smarter way out is to adopt selfservice,
business intelligence (BI)
systems that give CFOs the analytics
they need while leaving their existing
GL in place.
Let us look at how
automated BI tools provide
their users an edge over
traditional MIS:
Consistent, secure and error-free
reports: Rather than generate aggregate
reports, BI solutions help finance
teams generate role-specific reports.
Such reports enable managers to
easily view revenues and spends of
their direct reportees or their area
of responsibility. Finance teams can
enable managers to view these reports
via web-based dashboards, rather
than sending the reports via email
in the form of spreadsheets. Emailing
reports can expose the company’s
financial data to unauthorized
individuals.
Spreadsheets can be easily altered
and the resulting conflicting data takes
weeks to investigate and reconcile.
BI systems help managers view the
reports they need in the most secure
environment.
BI systems also help finance teams
automate the data-reporting process.
Finance representatives can set rules
and alerts within the system to notify
managers of budget overruns and help
them take action immediately.
All data on one system: BI systems
easily integrate with other systems
like accounts payables, inventory
management and payroll. Such integrations
help finance teams to map GL
codes with transactional data, invoices,
purchase orders, etc. What was initially
stored in a maze of spreadsheets
cannot be brought onto the same platform
and viewed together with a click
of a button.
Easy comparison: BI tools make
comparisons across departments,
across different data types and across
different users easier to access as
well as to visualize. Apart from
addressing the key gaps of traditional
MIS, BI systems help finance teams
gain a lot more.
Centralized visibility and accountability:
Since departmental managers
can easily identify budget variances
and the underlying reasons behind
them, they can manage expenses in
a better way. They can spend more
time understanding what triggers
budget overruns, rather than running
behind finance teams asking
for details behind the aggregate summaries.
They also have centralized
visibility over all data and can take
decisions in a prompt and efficient
manner.
More efficient work allocation:
A significant amount of time and
effort of finance teams goes into backtracking
bugs, errors and outliers in
the data and reporting them back to
the department that pointed them out.
BI tools eliminate these low-value,
cumbersome tasks, allowing finance to
focus on core job responsibilities, such
as identifying new revenue generating
opportunities or mitigating risks.
Powerful feedback tool: BI systems
can serve as a good coaching and feedback
tools for management since they
facilitate easy peer-to-peer comparisons.
With access to the comparison data,
VPs and directors can evaluate performance
of different managers, understand
why certain managers are able
to meet budgets and help the ones who
don’t create more realistic budgets and
decrease their budget overruns.
As big data and analytics become
a priority, CFOs have to be prepared
to take strides forward and bag the
best business intelligence systems for
their companies
March 2018 | CIO&LEADER
9

COLUMN
By Rahul Kumar
Securing The
Digital Supply
Chain
It is a favored arena for malicious actors
to plant malware, to devastating effect
D
Authored article by Rahul Kumar,
Country Manager, WinMagic
Ensuring a secure supply chain is a necessary
precondition in today’s world of
commerce. The digital supply chain has
emerged as the weakest link for the potential
insertion of malware backdoors. Governments
and industry are just getting
around to addressing the various concerns
relating to supply-chain security.
When it comes to data security challenges,
human and technological influences
can be amongst the most difficult
to manage, seriously exacerbating cyber
risk to IT-enabled supply chain management
(SCM). It is quite common to find
SCM software running on top of business
software, exposing organisations to
myriad risks and attacks. In fact, digital
supply chain risks keep evolving with
technological advancements and there is
no end in sight for a definitive solution to
address them. Merely determining the
authenticity of various hardware, firmware
and software components does not
guarantee a secure system.
80% of data breaches
begin here
It is common knowledge that most of the
companies do not have full visibility into
their supply chain. In fact, the potential
risk exposure of a company increases
with the number of unmanaged suppliers.
It is quite normal for even a midsized
firm to be part of a complex web
of global inter-dependencies that are
driving synchronized commerce today.
Technological disruption has made the
digital supply chain the prime source of
risks, although there are several other
ways that an organization could suffer a
compromise leading to information theft
or a service outage.
With organizations relying on software
and services from third-party providers,
the risk of exposure to cybercrime gets
only higher and supply chain disruptions
are becoming costlier. It is estimated that
80% of all information breaches originate
in the supply chain, with manufacturers
facing the brunt of all attacks—mostly
from unplanned IT or communication
outage, followed by cyberattacks and
data breaches. The digital supply chain
is also the favored arena for malicious
10 CIO&LEADER | March 2018

Column
The continued
ascendency of
supply chain risks
has led to the
evolution of new
risk management
approaches,
focusing on
cybersecurity
practices
actors to plant malware, to devastating
effect. Remember what happened
when several Chrome extensions
were compromised? It resulted in
hijacking of traffic and exposing users
to potentially malicious popups and
credential theft.
Risks exist at every stage
Cyber supply chain risks may originate
at the suppliers’ end (inclusion of
unwanted functionality, data or network
breaches, insider threats); at the
place of business operation (data theft
or alteration of data, insertion of malicious
software and hardware, outages,
etc.); or at the distribution end (theft,
tampering, counterfeiting, etc.). Many
functions, departments and roles in an
organisation own the risks affecting
supply chain security. Risk blind spots
in the supply chain occur only when
little or no communication or cooperation
takes place—both inside and outside
of an organization.
It is, therefore, important to formulate
a strategy for end-to-end risk
management in the supply chain,
ensuring its integrity, security, and
resilience. A successful strategy
should outline ways to secure the
organization and its dependencies,
covering all tiers in the chain. The
continued ascendancy of supply chain
risks has led to the evolution of new
risk management approaches, which
focus on existing cybersecurity and
supply chain practices for building an
effective digital supply-chain.
By identifying vulnerable systems
and components, businesses can formulate
risk mitigation measures that
are cost-effective and efficient. Organisations
can keep information assets
secure by adopting and applying standards
such as ISO 27000 and 31000,
and recommending the same to all
the players in the supply chain. This
would require the implementation
of technology and process upgrades,
encryption, access policies, intrusion
prevention systems, and other key
best practices. It also makes sense to
have a core group of risk owners collaborate
on administrative and operational
affairs, which also have a direct
or indirect bearing on supply chain
security. For instance, it is particularly
important to immediately communicate
any personnel changes to supply
chain partners so that account profiles
can be updated.
Businesses can change for the better
when they realize that the cyber-security
of any one organisation within
the chain is only as strong as that of
the weakest member. With information
and security practices shared
across a supply chain, continued
effort on the part of all stakeholders
can convert their weakest link into
an asset. Encryption of data and endpoint
devices provides the last line
of defense in a digital supply chain.
Of what use is the best technology or
practice if an organization’s staff or
those in supplier organizations still
are fooled by phishing attacks? Just
one misplaced click could affect millions
of consumers, bring down the
organization’s reputation, impact
revenues, and even risk business
continuity. Securing data and devices
with encryption across the enterprise
and supply chain networks is a great
means of protecting the enterprise
against attacks, threats, and other
risks—whether malicious or
unintentional
https://www.rsaconference.com/writable/presentations/
file_upload/grcw03_integrating_cybersecurity_into_
supply_chain_risk_management.pdf
https://www.proofpoint.com/us/threat-insight/post/threatactor-goes-chrome-extension-hijacking-spree
March 2018 | CIO&LEADER
11

Cover Story
Decoding
Digital
Transformation
India, Circa 2018
What the journeys of selected businesses in three of India's top
business groups, Tata, Mahindra&Mahindra & Vedanta/Sterlite, tell
us about big transformation
By Shyamanuja Das
12 CIO&LEADER | March 2018

Cover Story
transform. verb trans•form \ tran(t)s-ˈfȯrm \
a: to change in composition or structure
b: to change the outward form or appearance of
c: to change in character or condition
transformation. noun trans•for•ma•tion \ ˌtran(t)s-fər-
ˈmā-shən , -fȯr- an act, process, or instance of transforming
or being transformed
First things first. Why another story on digital
transformation?
After all, isn’t it the most used (abuse is also a use)
catch-phrase of our times? Don’t all vendors—selling
connectivity to anti-virus and all things in between—
promise to enable, nay ‘power’ your digital transformation
journey, adding their bit of definition of ‘real’
digital transformation?
That is the very reason this story was
conceptualized.
Paradoxical as it may sound, but this continuous
sermonizing on transformation—coming right from
global think tanks to your local recruitment agency—
inspired us to look beyond those gems of wisdom
and get to the bottom of it, asking a simple question.
What exactly is happening in India as far as digital
transformation is concerned?
However, that sounded fairly large in scope for us
to handle. We further trimmed it down to focus only
on core sectors—where the need for big scale transformation
is more acute.
To ensure that we get into the depth, we decided
to cut down on the breadth. We decided to restrict
ourselves to just three of the large business groups in
India who are strong players in businesses that have
crying needs for technology-enabled transformation.
Those groups are Tata, Mahindra&Mahindra &
Vedanta/Sterlite—three of the largest, most forwardlooking
organizations who have strong play in businesses
that need significant transformation.
How we selected these three is also fascinating.
This writer was working on a story on India’s chief
digital officers/heads of transformation. Keeping
out too small companies and those for whom digital
is a line of business (such as online media, agencies
etc), we figured out that India has just a little over 40
such designated people.
More than a third of them work for one of
these groups.
What it means is not only are these companies
serious about their transformation journey, they are
a good representative sample to study if one wants to
understand the course that digital transformation is
taking in India.
Within these groups too, we selected only those
businesses that have a dire need for transformation.
So, instead of a TCS or a Mahindra Holidays, we
wanted to focus on the journeys at Tata Steel, a large
manufacturing company and Mahindra Finance,
which primarily operates in rural areas of India.
What you will get from this story are a set of
observations—occasionally pieces of wisdom too,
but from the practitioners directly—and analysis
based on those observations.
Much like the digital transformationists themselves,
we have taken a bottom-up approach, in sharp
contrast to the ‘framework approach’ you have listened
largely so far. So, we have spoken to the heads of
transformations at these companies to understand the
journey. Roughly, this is what you will get
March 2018 | CIO&LEADER
13

Cover Story
• Why digital transformation?
• What are the specific outcomes
they are looking for?
• What are the models of carrying it
out?
• How is tech impacting it?
• And finally, the learning from all
this: What does digital transformation
entail?
One big piece is missing—what
have they achieved? We realized it is
still too soon; you may notice glimpses
of it in the story, however.
One danger, though, is that a bottom-up
study could tend to become a
blind-men-and-elephant proposition.
Being sensitized to that, we will not
draw a model transformation dos-anddon’ts
but will present common observations
and their stories individually
too, so that you can apply your filter
on what is relevant for you and what
is not.
We will be tangible, and specific, as
much as possible.
Applying
technology to business
needs has been done
since ever…but what is
happening today is –
you can impact all the
three layers, strategy,
product and processes
which was not possible
earlier.
Sarajit Jha, Chief Digital Value
Accelerator, Tata Steel
Last point…this story is not a status
report on digital transformation in
India…e.g it does not even get into the
macro picture. It means you will not
find what is the percentage of companies
that have chosen the path. It seeks
to find what digital transformation
means, from a micro perspective.
The Imperatives
Why was this transformation necessary?
And how is this round different
from the past changes? After all,
changing business processes is something
businesses are not trying out for
the first time!
“Applying technology to business
needs has been done since ever…but
what is happening today is – you can
impact all the three layers, strategy,
product and processes today which
was not possible earlier,” says Sarajit
Jha, Chief, Digital Value Acceleration
at Tata Steel, one of the largest manufacturing
companies in India and a
leading steel company globally
Newer companies are, of course,
in better positions to take full advantage
of the new regime. And they are
disrupting age-old business models.
Earlier, an aggressive new challenger
would look at taking away your market
share; now, it can make your business
irrelevant.
Adds Jha, “You rework your products/processes/strategy
to remain
relevant. If you don’t, there is a
large price to be paid. “Yesterday, it
was excellence that was driving the
change; today, it is survival.”
These are the companies that have
taken a proactive stance to be on top of
that change, rather than being pushed
to act.
That is what Dr Anand Agarwal,
CEO, Sterlite Tech says quite unequivocally.
“We are dealing with telecom companies,
social media companies, cities.
And we see each of them is itching to
transform—to become significantly
different from what they are,” he says.
“We clearly realized that if we
Why Digital
Transformation
in a
nutshell
1. New digital technologies have gone
beyond information flows and are
now impacting hitherto untouched
areas in business: manufacturing on
one hand and decision making on the
other—in the process not just creating
tremendous low hanging fruits which
are acting as hooks for companies
but also blurring the boundaries
between these layers in a business
2. Newer challengers are in a better
position to take advantage of this
new proposition and are creating
alternate business models (like
platform-based businesses) that are
shaking established models. The
large companies need to transform to
effectively thwart this challenge. It is
a question of survival.
3. The global economy becoming
increasingly collaborative and
connected; it is difficult to remain
isolated. Some have decided to be
more proactive than others.
4. Rapid penetration of digital
technologies among consumers is
increasing expectation to be served
across digital channels (even more
important in a demographically
young country like India.
need to continue to be relevant in this
ecosystem, for us to rapidly transform
and create a lead and enable our
ecosystem to transform is an obvious
requirement. We have to transform
and we have to drive this transformation
that is taking place,” he adds.
Sterlite itself is changing its positioning
from a cable manufacturer to
an integrated telecom products and
services company rapidly.
“To enable external transformation,
we have to do a lot of internal transformation.
And that is what we are driving,”
he adds.
It was similar environmental
changes that made Mahindra Finance
take up transformation significantly.
The company, that operates in rural
14 CIO&LEADER | March 2018

Cover Story
India, was finding that the world was
digitalizing and there was need for it
to better customer experience not just
by providing information and interactions
over mobile phone, which by
now has become ubiquitous, but also
by bettering customer experience by
cutting down on decision cycle time.
Clear, measurable
business goals
When survival—of even a market
leader—is threatened, you go back
to the basics. And that is what businesses
are doing with digital transformation—they
are trying to DIRECTLY
impact one of the three fundamental
parameters for any business—growth
(scalability), profitability and sustainability
of that profitable growth.
“It is simple. it was to maintain and
retain our market leadership,” says
Tina Singh, Chief Digital Officer at
Mahindra & Mahindra, pointing to
the desired outcome of the company’s
digital transformation journey.
In Tata Steel, the identification of
digital as the means is a little more
explicit. “By 2020, we need to be an
industry leader in manufacturing in
the use of digital technology,” says Jha
of Tata Steel.
But it does not always have to be
#THEJOURNEY
Mahindra Finance
MAHINDRA GROUP is one that started
the digital journey at the group level when
it hired an SVP, Digital Transformation
in mid-2015. The mandate for Jaspreet
Bindra was to explore how digital can add
value to the business at the group level
and help the individual group companies
kickstart their digital journey.
“My and my small team’s role is to work
with a bunch of companies and chart
out their roadmap,” Bindra had told us in
late 2016. Their mandate is to look for
new technologies and figure out how the
technology can add value to an existing
business or create a new revenue stream.
One of the key technologies they selected
was blockchain. And the group company
that they selected was Mahindra Finance.
And the use case was invoice discounting,
often called bill discounting.
Invoice discounting, the process of
bundling and selling invoices at a
discount, is a major source of working
capital finance for many suppliers. Invoice
discounting processes have traditionally
been difficult, slow and risky, requiring
each party to maintain and manually
update separate ledgers. The application
of blockchain to this process to test how it
works successfully ended in end 2016.
Having tries a cutting-edge technology—
the trial made international headlines—the
expectation was huge. That is when the
current CDO, Tina Singh took charge.
Her immediate task was to set a digital
roadmap to ‘maintain and retain our
market leadership.’
There were three explicit expectations.
1. Streamlining by digitizing processes:
efficiency/turnaround time leading t
better customer experience
2. Being able to use data to make better
decisions; better respond to change
and create new products and services
3. Harness new tech at sector level (four
companies in Mahindra in finance)
complete new models – new revenue
streams
One of the challenges for Mahindra
Finance was absence of a basic digital
infrastructure. The company works
primarily in rural India. In many cases,
the branches had no connectivity; so the
model was that they were working as silos
and taking decisions independently. With
new requirements like Aadhaar, that was
not an option. So, building that is a priority
before anything else can be done.
In terms of customer facing functions,
there was a need to reach out to the
customers using mobile; but being in rural
areas, it had to be done through SMS or
through assisted mobile apps.
At the same time, the company was
trying out cutting-edge technologies like
blockchain.
These three belong to sort of three
different generations. Few good
businesses lack basic ICT infra; that is
very clearly the past. Mobile apps is the
current technology; while blockchain is
clearly a future technology. The company
was doing everything at the same time,
not an easy challenge.
Building the right data architecture is
what the company is doing now. That
means first they must bring all data to
one platform—customer data that the
company has (and that is really unique),
alternate data available about individuals
like that of census data. The next step
is to use publicly available data such
as weather and crop production to
triangulate. And all that data has to be
analyzed using appropriate analytics.
Apart from blockchain which is moving
From PoC to commercial even while
being considered for other use cases,
the company is looking at using AI & ML
algorithms and is working actively with
fintech partners.
After the first phase of automation,
Mahindra Finance wants to go for
Robotics Process Automation.
The approach in Mahindra Group’s digital
transformation is to try doing things such
as data architecture not just at company
level but at the sectoral level. The CDO is
responsible for the sector.
Singh does not have any doubt about
the important role played by Enterprise
IT “We are a small team that works with
Enterprise IT; give them the roadmap. I
cannot do it without enterprise IT”
And this is how she summarizes the
raison d’ etre of the digital team.
“We are creating a new sense of urgency
which will not happen in a business as
usual scenario,” she says.
March 2018 | CIO&LEADER
15

Cover Story
#THEJOURNEY
Sterlite Copper
THE STORY digital transformation
journey of Vedanta Resources is not
too old. The company took help of
consultants to figure out if it could drive
transformation but ultimately settled
for hiring internal drivers of digital
transformation.
In June-July 2017, executive search firm
Russel Reynolds helped the group hire
three chief digital officers for its three
business units – Aluminium, Sterlite
Copper and Sesa Goa.
While it is too early to talk about the
journey in past tense, there are some
initiatives that the company, Sterlite
Copper is trying.
“For large manufacturing companies
like ours, the expectations from digital
is around operations, maintenance
and cost. If you reduce operations and
maintenance cost by 10% or production
cost by 5%, it is significant business
value,” says CDO Amitabh Mishra.
So, big efficiency gains are very much
part of its transformation. But it is how
it is planning to achieve that is what tells
its transformation focus.
“You can use digital to improve visibility
of different components of production
cost, such as manufacturing cost,
cost of raw materials, cost of power
and so on. Once you understand what
contributes to cost, you can start
reducing,” says Mishra.
But one of the areas that the company is
trying to leverage digital is in eliminating
fatality. “It is very important to us. Digital
goes a long way in improving health and
safety environment,” says Mishra
The company, where the Head of IT
reports to the CDO, implementing tech
is not a challenge. For the time being,
apart from large scale industrial
automation, the company is looking at
building a data platform that can support
the journey.
eliminate fatality. It is very important
to us,” says Mishra, explaining the
outcomes expected from digital
journey.
Even for Mahindra Finance, CDO
Tina Singh spells out the specific
impact areas. They are:
a. Streamlining by digitizing processes:
efficiency/turnaround time
leading to better customer experience
b. Being able to use data to make better
decisions; better respond to
change and create new products
and services
c. Harness new tech at sector level
(four companies in finance sector)
for complete new models for new
revenue streams
In Sterlite Technologies, which is
going through a change in its positioning
from a product manufacturer to a
solution provider, the person driving
the transformation is not called CDO.
Nischal Gupta, who reports to CEO Dr
Anand Agarwal, is the Chief Transformation
Officer.
a long-term change. In most manufacturing
businesses, for example,
application of digital can bring about
some disruptive efficiency gains to
processes hitherto untouched by IT—
delivering two distinct immediate benefits—the
stated objective of cost and
the unstated (but often an important)
objective of bringing in credibility
of the exercise and buy-in from the
old-timers. The latter could otherwise
become the most daunting task in any
change management program.
In addition to this immediately
delivered benefit, digital enables clear
visibility into areas that had relied on
gut-feel often euphemistically called
‘experience’ of people. By collecting
and analyzing data, digital converts
that to a pure science from guess work.
In short, this is the essential of the
famed industry 4.0 or 4th industrial
revolution.
In Sterlite Copper—a group company
of Vedanta Resources, which has
initiated digital transformation in all
its group companies—huge cost gains
are a stated outcome.
“For large manufacturing companies
like ours, the expectations
from digital is around operations,
maintenance and cost. If you reduce
operations and maintenance cost
by 10% or production cost by 5%, it
is significant business value,” says
Amitabh Mishra, Chief Digital Officer
at Sterlite Copper.
“You can use digital to improve
visibility of different components of
production cost, such as manufacturing
cost, cost of raw materials, cost
of power and so on. Once you understand
what contributes to cost, you
can start reducing,” he adds.
In addition to cost gains, Sterlite
Copper is looking at significant
improvements in “health, safety and
environment. “We want to absolutely
We are dealing with
telecom companies,
social media
companies, cities.
And we see each of
them is itching to
transform—to become
significantly different
from what they are.
Dr Anand P Agarwal, CEO,
Sterlite Tech
16 CIO&LEADER | March 2018

Cover Story
Desired Outcomes
in a
nutshell
1. Digital transformation is invariably
driven by one or more company-level
strategic goals, which roll into one
or more of the three fundamentals
of business: growth, profitability
and sustainability of that profitable
growth.
2. The specific objectives—and even
the mission statements—sound very
different for companies because
strategic priorities are different for
each company
3. Different companies are at
different stages of journey. For
some manufacturing companies,
the desired outcome is to simply
achieve those cost/efficiency gains
in manufacturing through digital
technology that IT has already
achieved in service functions such as
finance, HR, supply chain etc.
4. For some companies, digital is part
of a larger transformation initiative
5. One commonality is that everyone
agrees at the end, the business gain
(even if it is efficiency) will come from
analyzing data and not just simple
automation of tasks.
Companies
realize that you
cannot transform by
help of an external
consultant without
the commitment of
a full-time employee
driving it.
Amitabh Mishra, Chief Digital
Officer, Sterlite Copper
Obviously, the transformation
agenda for Sterlite Tech is broader and
bigger. It starts with basic automation
of hitherto non-automated processes
to “building a sustainable way of
doing business so that it can scale,” as
Gupta puts it.
Some of the changes needed to
achieve are
• To free up the minds of every leader
to focus on value addition rather
than getting stuck in the business
as usual in the day to day basis
• To enable every leader to speak
freely for desired outcomes
• To have a collaborative goal setting
in the organization rather than a
directive goal setting
• To ‘absorb’ the latest technologies
to leverage them better
• Bringing in a process based
thinking (“don’t postpone problems;
balance the short term and
the long term”)
Choosing the Right Model
Digital transformation is not Newton’s
Law. What I mean to each company
may be very different
“Transformation,” says Nischal
Gupta of Sterlite, “is a customized
recipe for each organization.”
While there is a broad super list
of common ingredients to choose
from, the process of putting them
all together could be very different.
That is because there are so many
business variables—the nature of
business, the size of business, the
starting point in terms of culture, the
starting point in terms of technology,
the outcomes expected…
Hence, the models could vary
significantly.
Tata Steel, for example, looked at
digital transformation as something
that will change the way the company
works. It was not about a quick of
couple of big impact projects in lowhanging
areas. So, it decided to do two
things simultaneously – on one hand,
it slowly changed the DNA of the company
to a digital DNA by a variety of
initiatives and on the other, created
exemplars by trying things out on the
ground. This balanced the short term
and the long term.
And the exemplars were not pilots.
They were full-fledged transformation,
albeit in a section of the business.
On the other hand, Mahindra
Finance had to focus on building basic
technology infrastructure in rural
areas so that processes could be automated.
That was too a company-wide
change like Tata Steel, albeit the actual
tasks were completely different. While
Tata Steel focused right away on
people and culture, Mahindra Finance
had to build some of the fundamental
building blocks.
In Sterlite Technologies, a larger
transformation is underway with specifically
identified components—IT,
data science, process transformation—
March 2018 | CIO&LEADER
17

Cover Story
#THEJOURNEY
Tata Steel
TATA STEEL’S digital journey is about
three years old.
It is in early 2015 that Sarajit Jha, who
was running Tata Business Support
Services as its COO moved to Tata Steel
as Chief of Corporate Strategy.
Till 2012, Jha had worked in Tata Global
Beverages. Harish Bhatt, the then CEO of
Tata Global Beverages was one of the first
senior executives within Tata Group to talk
about digital.
When Jha moved in, not surprisingly,
there was little awareness about digital
in the company. In May 2015, Tata Steel
formed a digital cross-functional team
of youngsters; the logic was: they know
more about the subject.
In August 2015, the company hired
Accenture as the consultant and started
the first program called Digital Awareness
Program for senior leadership on what
is happening around digital and what is
the potential impact. This was followed
by a program called Digital Immersion
Program which was followed by a
program called Digital Darshan in
January 2016.
In August 2015, it had launched a
reverse mentoring program for which 16
senior people volunteered to be reversementored
by younger employees. This got
a mention by the World Economic Forum.
This was followed by some pilots.
That is when the company decided to
go for a digital exemplar. The Tubes
plant was chosen for that. The idea was
how would a digital company look in
2020. Based on that, identified some 50
dimensions corresponding to 50 projects.
Those were then prioritized based on
feasibility and impact and they were
piloted in an agile fashion.
FAMD (Ferro Alloys and Minerals Division)
followed Tubes as a digital exemplar.
Exactly a year after the first steps
were taken on digital, in May 2016,
the company created the Digital Value
Acceleration team. That is when Jha’s
designation too changed to Chief, Digital
Value Acceleration.
Prioritizing the Objectives
“We knew where the money was.
Upstream was more money than
downstream and some amount in
marketing. We set up small teams to
go and figure out where the money was
and we crafted it into projects,” says Jha
explaining how they prioritized.
The approach helped the company to
channelize the resources better. But
some challenges remain. For example,
the company is now realizing that it
has probably too many point solutions.
Sometimes, the actual value of many of
these projects are not as much as it was
through to be initially.
Keeping Focus
To keep its focus, the company launched
its marquee program, MARVEL (Making
Analytics Real Valuable Efficient and
Logical) in September 2017. It is moving
from MARVEL 1.0 to MARVEL 2.0 shortly.
MARVEL 1.0 has 20-25 algorithms out of
which 12 are close to completion. “The
program should give us close to INR
200-250 crore of value. The company is
creating an analytics centre of excellence
with close to 200 people.
Probed on IoT, Jha explains that it is
part of analytics. “To us, industrial IoT is
the ability to increase, inject intelligence
through the power of sensing into any
discreet mobile or asset people and
process – actually it is a subset of
analytics.”
The company is using MARVEL 2.0
as the umbrella program for digital
transformation.
Making it Tangible
The company uses a filter called SCRIPT—
Scalable, Connected, Rapid, Intelligent,
Personalized, Technology-leveraged—to
decide its agenda. For the company,
anything that is not on SCRIPT is not
digital.
In addition to serving as a filter, it makes
digital transformation more tangible for
everyone.
The company intends to be an industry
leader in manufacturing in the use of
digital technology. The current focus is
to deliver INR 500 corer EBIDTA impact
through digital and establish a value
pipeline of INR 2500 crore.
By 2020, the company intends to be an
industry leader in manufacturing in the
use of digital technology.
being driven by individuals but as
part of a transformation team headed
by a senior executive into which all
these specific functions report to.
Another hotly debated issue when
it comes to models is centralized versus
decentralized models—whether
to drive digital at the group level or at
the individual company level. This is
especially relevant in India (and much
of Asia), because there are large number
of conglomerates with diversified
businesses.
Sudhir Singh Dungarpur, Partner
and Leader Digital at PwC that consults
many Indian conglomerates on
their digital transformation, points
to the model shifting to the decentralized
model.
“In large groups, the Group Chief
Digital Officer role has become more
of a ceremonial position,” he says.
“In a conglomerate, each of the
business is different and it is difficult
to create a centralized strategy.”
“Some of these companies have
already taken quite a few digital initiatives,
while at the group level, it is still
being defined,” says Dungarpur.
Agrees Maneesh Dube, Consultants
at executive search and corporate
advisory group Russel Reynolds,
“Digital transformation is a hands-on
18 CIO&LEADER | March 2018

Cover Story
Approaches
1. Most companies have a dedicated,
senior person reporting to CEO
driving the change. So, it is not an
extra KRA for some executive.
2. In all cases, there is a team
dedicated to the CDO/Head of
transformation, but it is small.
The idea is to change the way
organization is working and not do
things in a closed lab.
3. There is a clear move towards
decentralized model.
in a
nutshell
4. A consultant can help but cannot
do it for you.
job, not a hands-off one. So, doing it at
group level is fairly difficult.”
The biggest testimony to the
change is from Jaspreet Bindra, one
of the first Group CDOs in India, who
joined as SVP Digital Transformation
at Mahindra & Mahindra way back in
2015 and helped the group companies
in setting up their
own digital teams and
carry some pilots.
“Ultimately, it
has to be done at the
company level,” he
agrees. Though he
refused to confirm it,
sources say he is moving
on from the role.
While Bindra
moves out, Tata
sons appointed
a group CDO,
Aarthi Subramanian,
a business
person with
a tech background,
who comes from TCS, less
than a year back. We could not speak
to her for the story.
Vedanta, the last of the three
groups we cover, despite a having a
mandate at a group level to go for large
scale digital transformation, never
went for a group CDO. It appointed
CDOs for each of the companies,
almost at the same time frame. They
do share some of the best practices
and talk to each other, but work separately,
closely with the respective business
heads.
Another thing that we hear from
mid-sized companies is appointing a
consultant to transform the company
digitally. Larger companies have
already learnt—some of them the
hard way—that that is a impractical
expectation.
“Companies realize that you cannot
transform by help of an external
consultant without the commitment of
a full-time employee driving it,” says
Amitabh Mishra of Sterlite Copper.
In case of Tata Steel, Accenture
was a consultant but an internal
person has been driving it.
Tech First
Tech is to digital transformation
what the mantras are
to a Hindu puja. Without it,
the rest of the components not
possible; that explains why digital
always precedes transformation, notwithstanding
how much pains people
take to explain that it is less about digital
and more about transformation.
In short, these two mantras together
sum up the role of tech in the digital
transformation journey.
Transformation is a
customized recipe for
each organization.
Nischal Gupta,
Chief Transformation Officer,
Sterlite Tech
It (the
objective of digital
transformation) is
simple – to maintain
and retain our market
leadership.
Tina Singh, Chief Digital Officer,
Mahindra Finance
Mantra 1: Do not underestimate the
value of tech
Mantra 2: Do not overestimate the
value of tech
You cannot start with tech; tech
cannot be your ultimate outcome. But
it is the most crucial thing in between.
Let us put it this way. This is not
March 2018 | CIO&LEADER
19

Cover Story
Sterlite Technologies
“We have decided to lead the change.”
Dr Anand Agarwal has been heading Sterlite Tech for last one and a half decade. Today, he is driving the change
of the company from a cable and fiber manufacturer to an integrated telecom products and solutions player. He
shares his perspectives on his company’s transformation leveraging digital.
What necessitated the
transformation? And how is it
different from changes that you
have seen/driven earlier?
The thought of course came from
what we are seeing in the overall
marketplace; the opportunity frame
that we have seen around us. We see
the ecosystem around us on the verge
of transformation. We are dealing with
telecom companies, social media
companies, cities. And we see each
of them is itching to transform—to
become significantly different from
what they are.
Transformation is a strong word; it is not
an improvement. It is a transformation
of the revenue and business models of
all our customers. We clearly realized
that if we need to continue to be
relevant in this ecosystem, for us to
rapidly transform and create a lead and
enable our ecosystem to transform is
an obvious requirement. We have to
transform and we have to drive this
transformation that is taking place. You
can either wait for the ecosystem to
transform when you are compelled to
change, or you can transform before the
ecosystem and enable and drive that
transformation. We chose the latter.
What it means is a shift in the offerings
that we do. For example, if I sold a
product, now I am selling the product
as part of a solution enabling the
transformation.
What are the measurables?
For everything, there are clear
measurables. On the external side,
the measurable is how am I able to do
more for my customers at the same
level of cost.
For instance, I am providing my
customer 100 capacity at 100 cost.
Can I provide them 100 capacity at 120
You can either wait
for the ecosystem to
transform when you are
compelled to change,
or you can transform
before the ecosystem
and enable and drive that
transformation. We chose
the latter.
cost? For me, it is a revenue increase of
20%; for them, it is doubling their capacity
at 20% extra cost. If I have a manufacturing
plant where 300 different designs are
being churned out, how do I optimize
those designs to 40-50? Same with tome
for RFQs – how can I bring them down
significantly? All these programs have
clear measurables.
One of the key components of the
transformation journey seems to be
data. Your take?
For most of the companies, data is a
byproduct. We are moving data. Our
customers are in the business of carrying
data, storing it and processing it. For us,
hence, the question is a little different.
How do we handle that data—do we keep
it close to the end customer? How fast can
it move between one center to another?
What kind of compression technologies
you must apply?
We are not thinking of creating a new
revenue model from the data; we are
focusing on making these processes—
transporting data, storing data,
processing data—better.
As someone who has been in
manufacturing industry for long,
how do you see the phenomenon
called industry 4.0?
The best thing about all these is that
it has created a sense of urgency in
everyone. Now, people are compelled
to know about it. For me, that is the
big shift. But the danger is people get
fascinated by a tool and say I must
use it. I must do industry 4.0, I must do
blockchain…
For us, it is a natural progression. For
example, the new factories that we are
making now have much more sensing;
much more robotics-enabled material
movement; they have much better
communication channels. It is leading to
better decision making.
But it is all powered by our 25 years of
experience as well.
The tools and the expertise need to
marry. If you use the tool for sake of a
tool, I do not think it is a great thing.
But we have seen companies
coming from nowhere and
shaking markets, just because
the existing leaders did not
change fast enough….
Yes, you need to do both. If you do
not change, you will die. You must be
willing to change, must know about all
the tools available out there but must
have the expertise to use them most
appropriately to create business value
for yourself and your customers.
As I said, it should be a marriage.
And it is that marriage you need
to manage.
20 CIO&LEADER | March 2018

Cover Story
the first-time businesses are going
through a change. It has happened in
the past, many times. But this time’s
change is not just powered, but to a
great extent, initiated by tech.
When Klaus Schwab talks about
the Fourth Industrial Revolution, he
defines it as the fusion of physical,
digital and biological. So, tech is fundamental
to this round of changes.
The only thing that some experts—
like Sudhir Singh Dungarpur of
PwC—worry about is that much of
the talk in many enterprises are still
focused around tech. That is going to
take you nowhere.
Nischal Gupta, Head of Transformation
at Sterlite Tech, while putting
tech as a major factor, however, clarifies
that it is probably the easiest part
of the entire set of things that you need
to do—starting with culture.
What gives a clue to the importance
of tech is how the lingo has changed.
Earlier tech was being ‘applied’ to
solve business problems, implying
Role of Tech
in a
nutshell
1. The round of change called
digital transformation is initiated by
technology.
2. Tech is very crucial but should not
hijack your digital transformation
discourse—seems to be the most
common message from both
practitioners and advisors
3. There’s a definite shift from an
inside-out to an outside-in approach
in application of technology. You
now need to scan the tech landscape
to proactively figure out what
technologies can potentially add
value to your business
4. AI/ML, IoT, analytics/Big Data
and Blockchain are the technologies
most referred to; usually applied in an
integrated manner
5. However, digital transformation
may need any tech—from basic
process automation to collaborative
tools
you had a business requirement which
tech helped fulfil. Today’s common
phrase is ‘use case’. That implies that
you need to continuously watch technology
landscape to scan for new technologies
that can ‘potentially’ impact
the business and find use cases for
them. This means technology first. To
be sure, this must be part of a broader
transformation journey.
Call it the outside-in regime, as
opposed to the inside-out approach
that we have traditionally seen.
So, what are the specific technologies?
Well, depending on where you
are, it could be any information technology,
starting with basic process
automation but newer technologies
that are specifically referred to in the
context of digital transformation are
the usual suspects: Artificial Intelligence/Machine
Learning, Analytics,
IoT, Blockchain…and they are not
always independent of each other. You
never know where your IoT ends and
analytics begins or machine learning
takes over.
Sarajit Jha of Tata Steel simplifies it.
“You need a very strong sensing layer;
you need a data platform on top of
that; you need analytics and then the
decision on which products you want
to change which is the business layer.”
What does Digital
Transformation entail?
Based on the research, these are
some of the top-level trends that we
could figure out. Some of them may
have been discussed in the above sections
but have been listed here again
because we believe they are important
trends that meaningfully define a contour
of digital transformation in India,
circa 2018.
1. Digital transformation is
essentially an organizational
change.
In all organizations, digital transformation
is a mandate from the top and
aims to transform the entire organization.
If it does not, it is not digital
In a
conglomerate, each
of the business is
different and it is
difficult to create a
centralized strategy.
Sudhir Singh Dungarpur,
Partner, Digital Services, PwC
transformation. You may find people
holding Chief Digital Officer designation
who focus only on customer
facing aspect (i.e digital marketing,
customer service etc) or technology
(process automation). They do not
drive digital transformation of an
organization. They just drive one digital
initiative. Summary: not all CDOs
drive digital transformation. How is
that for a beginning?
2. Digital transformation rolls back
into basic business metrics.
All outcomes (often integrated into
a mission statement) must have a
direct path into one of the basic business
metric—growth, profit, sustainability—and
hence are measurable.
Of course, there may be intermediate
measures to track progress, but
they are more of milestones than the
destination. For example, in Sterlite
Tech, one of the objectives is to “free
up the minds of every leader to focus
on value addition rather than getting
March 2018 | CIO&LEADER
21

Cover Story
stuck in the business as usual in the
day to day basis”—and the objective is
faster growth.
3. Digital transformation typically
follows a cycle.
Typically, digital transformation
components follow a sequential
pattern
a. significant (often disruptive) efficiency
improvement
b. better customer experience
c. newer products/services and
d. better business decision making
leading to agility and scalability.
e. Creating new business models/
platforms and ecosysteme
Often (b) is a direct result of (a)
and sometimes, they are independent
initiatives. In many services firms and
newer companies, the first is already
achieved by It and hence the journey
begins at (b). Usually, (c) and (d) follow
(a) and (b). For large companies—and
not just in India—(e) is often a distant
goalpost. Few have even gone to a
stage where they can start planning
for it seriousy.
4. A top-level dedicated person
must drive digital transformation.
Design thinking
is a must for
organizations.
Jaspreet Bindra, SVP, Digital
Transformation, Mahindra &
Mahindra
That is the current thinking. A digitalization
initiative which delivers
significant value to the company may
be driven by a non-C-level person but
a transformation cannot be achieved
that way. Some argue that the role of
CDO, head transformation is temporary.
The jury is out on that one.
But that debate can wait. The current
thinking is you need a dedicated person.
That is about it. It cannot be an
added KRA for someone.
5. Shifting to the decentralized
model.
In most large conglomerates, the digital
transformation initiatives are at the
individual company level. (See Choosing
the Right Model)
6. It is a culture shift.
“60-70% is actually bringing a culture
shift,” says Nischal Gupta, Head
of transformation of Sterlite Tech.
“Shifting the mindset without replacing
everyone,” is how he explains it.
The Tata Steel journey shows what
it involves – right from branded programs
to reverse mentoring.
7. At the end, it is a change
management.
People, Process, Technology—any
change management has these three
leavers and so has digital transformation.
The prefix digital just emphasizes
the fact that it has been initiated by a
fundamental change in technology’s
capability.

Cover Story
8. It is not enough to do good work;
one must talk about it.
That is a mantra that iconic chairman
of American ICT regulator FCC Reed
Hundt often repeated. Communications
is an important aspect of any
transformation journey and digital
transformation is no exception. Branded
programs do help. Tata Steel had
every aspect of it branded, including
the key program and even filters.
9. Technology’s impact this time is
beyond processes.
Technology has been applied to
achieve dramatic gains in efficiency.
This time, it is impacting changes to
all the three layers, strategy, process
and product.
10. Some technologies are more
equal than others.
Thanks to the buzz around sensing
(IoT) in the context of the Fourth
Industrial Revolution and the sci-fi
kind of stories around AI/Machine
Learning, they may be getting all the
limelight as far as tech is concerned,
but it is the good old cloud model that
started this change becoming a reality
in many ways.
11. It is essentially a game of data.
Take out data out of it—it will look
like another automation exercise.
In manufacturing, for example,
SCADA and other ICT-based systems
in an isolated manner have been there
since long, delivering great functionality.
But now, they feed data into the
enterprise systems and that makes all
the difference. From customer experience
to new efficiency, from better
planning to risk management…it is
data that is crucial to a digital transformation.
Without a solid data
and analytics strategy, digital change
is tactical.
12. Design thinking is the emerging
catch phrase.
In the context of digital transformation,
design thinking is emerging as an
essential requirement. Most of the digital
leaders we spoke to mentioned it
either in the context of organizational
requirement or as one of the essential
capabilities of an executive driving
digital transformation.
13. Culture change top challenge,
tech is the easiest.
Almost everyone agrees that culture
shift is the biggest challenge; technology
is the easiest one to tame.
14. Use-case, not application of tech:
the shift to Outside-in.
Traditionally, tech has been applied
to solve an existing business problem/
requirement. In the digital era, where
the transformation is essentially
digital leveraged, it is the other
way around. Look for new tech,
quickly gauge if it has a scope to
make big changes to your business,
articulate that and convince the top
management of the value that it can
add to your business. ‘How’ has a
fancy name: use case. So, in that sense,
it is technology first. You can call it an
outside-in regime. What it also means
is tech becomes one more thing that
any senior executive (not just one
Digital
transformation is a
hands-on job, not a
hands-off one. So,
doing it at group level
is fairly difficult.
Maneesh Dube, Consultant,
Russell Reynolds Associates
person) must follow in a transformed
organization and continuously
think of how it can improve the
company, the function, the business
unit.
15. The role of enterprise IT is
important but rarely does it drive
transformation.
Why do so few CIOs drive digital
transformation? This question often
is interpreted as: what do CIOs lack?
While the second question can be
answered, that is a smaller reason, if at
all. For example, their way of looking
inside-out: too much focus on problem
solving (the problem must be stated by
someone else) than the ability to draw
on blank canvas. That may be true
to some extent but the big reason is
something else.
That is the unwillingness of the
CIOs themselves. Sounds strange.
Here is how it pans out. Most CIOs,
who are otherwise quite capable of
driving digital transformation are
denied that opportunity are keen to do
so without giving up their CIO’s role,
which includes everything from infrastructure
(the big-budget technology)
to applications.
That is a clear no-no for any
organization serious about digital
transformation. Digital transformation
is not a KRA. It is the singlemost
important initiative for an organization
choosing that path. It cannot
be handled along with data center
rollout.
In some organizations, CIOs are
given this designation. They are either
just fancy designation or are in techmature
organizations like IT-ITES or
other B2B services where transformation
is around a specific aspect. More
importantly, culture change is not part
of the transformation journey.
In many organizations (like
most Vedanta companies), the CDOs
are techies but do not directly look
after traditional IT. In Sterlite Copper,
for example, Head of IT reports to
the CDO
March 2018 | CIO&LEADER
23

FACE OFF
//SHOULD DIGITAL BUDGET
BE SEPARATE FROM
ENTERPRISE IT BUDGET?
If you keep digital budget as part of
IT budget, there is a high possibility
that it might be reused in some form
that is not digital spend. However,
every executive must understand why
digital budget shouldn't be a part of
enterprise IT budget. Today digital
transformation is not just IT Transformation
– but is made up of business
transformation (BT), IT, culture and IT
security as well. Out of these four, only
two directly concern the IT department.
The other two, BT and culture,
make up digital creation --which may
or may not be IT's responsibility.
Therefore, if companies are to allocate
digital and enterprise IT budgets
separately, it may vary, depending on
the industry, organization, and demographics.
Typically, digital budget is a
measure of the percentage of a company's
IT budget while ideally it should
be of the percentage of revenue of a
company. IT budgets are in tune 0.6%
to 4.2% of the company's ROI, digital
budgets should be at least 50 % of IT
budget if not more or 0.3 to 2.1% of the
company's revenue.
Quick View
Anjani Kumar, Global
CDO, Collabera, says
digital budget should be a
percentage of the revenue of a
company.
Historically, the enterprise
IT budget used to account
for a lot of infrastructure
and a little for applications.
Slowly it has changed.
Today, in many organizations
budget costing for
applications outweighs
infrastructure. Specially
with SaaS subscription,
IT infra gets hidden under
application subscription.
A lot of organizations still
grapple with 30-50% of this
ANJANI
KUMAR
Global CDO,
Collabera
budget being used for IT
operations - keeping the lights on - but
true DT can help optimize the same
over a period of time.
Today, every company embarking
on a DT initiative realizes that digital
tech is more expensive than traditional
technologies. For instance, if your company
wants to invest in any technology,
you must chart a clear roadmap, and
explain how you plan to use the digital
budget and timeline in a manner that
will help realize the ROI. It is because
your business may know how the IT
budget is consumed, but accounting
for digital budget is fairly new to business
execs and finance, and therefore,
the buy-in for such projects can be difficult.
One way to overcome this complexity
is by explaining business how
a small portion of this budget will be
allocated for POC and a working prototype,
and the rest of the budget will
be released only after weighing in the
pros and cons of the initiative.
"Accounting
for digital
budget is
fairly new
to business
execs and
finance"
24 CIO&LEADER | March 2018

Face Off
ANIL KUMAR
SINGH
Former GM &
CIO, KRIBHCO,
Noida
"Keeping
separate
budgets in
the name
of digital is
demanding
extra fund
allocation"
In my view, there is no need to keep
separate budget allocation in the
name of digital.
When we talk about enterprise
IT, we always talk about a larger
frame of IT implementation in any
enterprise IT environment, it is
required to keep business running.
To do that, one need to budget for
all activities —from data preparation
to application development
to users training— and provide
all necessary information relating
to business. We have to understand
the concept of allocating
IT budget. Keeping in view of the
type of business, we prepare the
IT budget based on the business
requirements and business plan of
an enterprise. The company’s management
is only concerned about
their ROI and it is the responsibility
of CIO to plan and distribute
the allocated budget into various
activities. There are three types of
transformation to be activated in
any organization:
Digital transformation
IT Ttransformation
Workforce transformation
Enterprise IT transformation
encompasses all of the above. While
considering the business plan of
an enterprise, one should always
consider all three activities in order
to achieve a successful IT implementation.
This means that while
preparing an IT budget, CIOs should
always think of an end
to end solution for an enterprise so that
at any stage of implementation - from
data preparation to digital transformation,
security implementation and
users training - it is enough to propel
Quick View
Former General Manager
(Management Services &
CIO) - KRIBHCO, says that
no separate budget allocation
is necessary
the business in a stable manner with
the help of adequate IT infrastructure.
Digital transformation is an integral
part of IT transformation. But yes, if
digitization requires more effort, one
can plan accordingly during the implementation
stage. Keeping separate
budgets just in the name of digital is
demanding an extra fund allocation for
IT activities.
The expenditure for digitization and
digital transformation can be met within
your enterprise IT budget, which
must project a clear picture of your
enterprise IT spending across infra,
digital and business as usual. In view of
the above, keep the enterprise IT budget
as a whole and then implement the various
activities in different phases.
March 2018 | CIO&LEADER
25

INSIGHT
What Does Hyper-
Consolidation Mean
For Enterprise CIOs?
The Rule of Three framework may give some ideas on
what to expect
By CIO&Leader
26 CIO&LEADER | March 2018

Insight
RRecently, market research firm Synergy
Research Group published its
2017 market data for telepresence
market. The specialized research firm
said while the market is showing signs
of revival, two companies—Cisco and
Polycom—together account for 78% of
the market share.
Just a few days prior to this
announcement, Synergy had released
the data for the cloud infrastructure
services market. There too, the top
four—Amazon, Microsoft, IBM and
Google—together hold 60% of the market
share. But the big news is not that;
it is that they are continuously gaining
market share. In Q4 2017, data for
which was released, they have taken
away 3% market share from the rest.
So, not only are these four dominating
the market, they are further strengthening
that dominance.
The research firm has also released
the Unified Communications as a Service
(UCaaS) market data for Q4 last
week. Though it did not explicitly indicate
revenue market share available Q3
data suggests that three companies—
RingCentral, Mitel and 8x8—accounted
for close to 55% market share.
The story is similar in hyper-converged
infrastructure (HCI) market.
IDC’s Q3 2017 data shows that two
companies—Dell EMC and Nutanix—
accounted for more than 51% market
share.
These are just four segments for
illustration purpose. One can go on
illustrating the points further by citing
more examples of markets where the
top 2-4 players account for more than
half the market share.
In short, we are seeing a sort of
hyper-consolidation—far more concentrated
than even what Prof Jagdish
Sheth and Rajendra Sisodia predicted
for free, mature B2C market segments
in their famous 2002 book, The Rule
of Three.
There is little common to the type of
companies who hold the dominant positions
in these markets. Some of them are
IT giants (Cisco, Microsoft), some are
well-established niche players (Nutanix)
and some are unknown names even to
enterprise IT community.
Also, in terms of size, there is little
commonality among these markets.
Cloud infrastructure services is a USD
45 billion plus market while telepresence
is less than USD 2 billion in size.
Yet, there is one thing that is common
to all of these: these are all mature
horizontal enterprise technologies—
areas where CIOs are still the undisputed
decision makers, in contrast
to the vertical-specific solutions or
emerging technologies like AI, IoT and
Analytics, where other business and
operational managers could be calling
the shots.
What does it mean?
Of course, lesser number of vendors
invariably suggests that power shifts
to the vendors from the buyers. Or the
vendor becomes more powerful. This
has prompted many to raise the possibility
of vendor lock-in.
Though the traditional vendor lockin
of the 90s and prior may not become
a reality, it may make cost of switching
a bit higher. While the technologies are
open and hence no vendor can blackmail
a user, today barriers are created
by nurturing the ecosystem. So, even
if switching may be theoretically possible,
every step from finding an integrator
to get skilled people to hire may
be challenges.
And it is already happening. The
cloud players are today projecting the
size of their ecosystem more than the
services metrics when selling their
value proposition. However, it may
also mean that from the skill standpoint,
things may be less challenging.
However, it may be a worthwhile idea
to look at the market through
the framework of Sheth and Sisodia’s
Rule of Three model. What it says is
that free markets often lead to a situation
where equilibrium is attained
eventually by two kinds of competitors:
full-service generalists and
specialists who could focus on a submarket
(either products or vertical/
horizontal segments).
While full-service companies want
to grab market share, specialists’ financial
performance deteriorates as they
gain market share and they play a margin
game—thus driving innovation.
While the leaders—the generalists—
try to compete by offering price advantages,
specialists try to innovate. The
middle guys are in disadvantage positions.
Often, the model is explained by
illustrating the shopping mall analogy.
While a few large general stores
anchor the malls, high value niche
players go there to tap top customers.
Of course, IT markets are still not the
ideal candidate (thanks to multiple factors
including the non-independence
of markets segments from each other)
for conforming to the rule of three.
Specialists are often forced to be
super-niche players creating and commanding
dominant position in those
super-niches. While no framework or
rule can help you manage your challenges,
it may be worthwhile to look
at the market proactively through this
framework to understand how they
may evolve
March 2018 | CIO&LEADER
27

Insight
India Is Among
Bottom Five
Countries In Global
Cloud Study
India ranks 20th out of 24 leading IT economies,
compared to its ranking of 18th in 2016, a sign that the
legal and regulatory environment for cloud computing in
India is restricting innovation
By CIO&Leader
28 CIO&LEADER | March 2018

Insight
BSA Global Cloud Computing Scorecard
AAs per BSA 2018 Global Cloud Computing
Scorecard, a flagship study that
assesses cloud computing policies
around the globe, India ranks 20th out
of 24 leading IT economies, compared
to its ranking of 18th in 2016, a sign
that the legal and regulatory environment
for cloud computing in India is
restricting cloud innovation.
The study reflects an updated methodology
that better reflects the policies
that have helped cloud computing’s
exponential growth over the past five
years, putting additional emphasis on
countries’ privacy and cybersecurity
laws and broadband infrastructure.
In 2018, most countries continue
to make improvements, but some
markets are falling further behind.
Germany scored the highest on the
Scorecard – due to its national cybersecurity
policies and promotion of
free trade – followed closely by Japan
and the United States. Bringing up
the rear are a small group of nations
that have failed to embrace the international
approach: Russia, China,
Indonesia, and Vietnam. The following
Chart shows that Germany to Korea
maintained a consistent score before
a sudden drop to 60.6 by Mexico. The
downfall continues upto Vietnam with
a lowly score of 36.4 while India ranks
20th with a score of 48.4.
As per the study, the low score and
ranking of India is because of its poor
Germany
Japan
US
UK
Australia
Singapore
Canada
France
Italy
Spain
Poland
Korea
Mexico
Malaysia
South Africa
Turkey
Argentina
Brazil
Thailand
India
Russia
China
Indonesia
Vietnam
results in Data Privacy (Score: 4/12.5
and Rank: 20/24) and IT Readiness
and Broadband Deployment (Score:
6.9/25 and Rank: 24/24).
The Scorecard’s key findings include:
Advanced privacy and security
policies set leading countries apart
from lagging markets. Countries
continue to update and refine their
data protection regimes, most often
in a way that enables cross-border
data flows. Several countries, however,
still have not adopted adequate
privacy laws.
Emerging markets continue to lag
in the adoption of cloud-friendly
policies, hindering their growth.
Examples include regulations that
impose significant barriers for cloud
service providers, data localization
requirements, and a lack of cybersecurity
protections.
Deviations from widely adopted
regimes and international agreements
hold back key markets.
Internationally accepted standards,
certifications, and testing help
improve the security environment
for cloud computing, but not every
country recognizes such best practices
as meeting local standards.
60.6
59.3
57.3
54.3
51.8
50.3
48.4
48.4
45
43.7
40.7
36.4
84
82.1
82
81.8
80.6
80.2
80
79.6
79
78.4
77
72.2
Source: BSA 2018 Global Cloud Computing Scorecard
Those few countries that have
embraced localization policies
pay a heavy price. Data localization
requirements act as a barrier to cloud
computing, causing negative financial
impacts for local markets.
Increased emphasis on IT readiness
and broadband deployment
leads to interesting results. The
ability of countries and companies to
leverage cloud computing for growth
requires access to a powerful network.
While almost all countries continue
to work to improve broadband
access, the success of those efforts
remains very inconsistent.
By examining the legal and regulatory
framework of 24 countries, the
Scorecard aims to provide a platform
for discussion between policymakers
and cloud service providers. This
dialogue can help develop an internationally
harmonized regime of laws
and regulations that facilitate cloud
computing.
“The Scorecard is a tool that can help
countries constructively self-evaluate
their policies and determine next steps
to increase adoption of cloud computing,”
said Victoria Espinel, President
and CEO of BSA
March 2018 | CIO&LEADER
29

Insight
Artificial Intelligence
WIll Take Care Of
Your Baggage
Every mishandled bag is one too many for airlines and airports
By CIO&Leader
TThe smart use of technologies such as artificial
intelligence is expected to revolutionize the management
of baggage over the next decade, promising
to make mishandled bags an increasingly rare
event for passengers globally. This is according to
SITA’s Intelligent Tracking: A Baggage Management
Revolution paper published recently.
The paper notes that more than 4.5 billion bags
are handled by industry baggage systems each
year but airlines and airports will have to cope
with twice that number with passenger numbers
set to double over the next 20 years. Already,
through improvements to technology and processes,
the air transport industry has halved its
annual mishandling cost over the past decade from
USD 4.22bn to USD 2.1billion. However, every mishandled
bag is one too many and the industry continues
to seek ways to reduce the number further.
30 CIO&LEADER | March 2018

Insight
Ilya Gutlin, President of SITA Air
Travel Solutions, said: “We at SITA
believe that harnessing data and AI in a
meaningful way will revolutionize how
we manage the air transport industry in
the next decade. SITA has a unique role
to play in realizing the potential of data
andbaggage management is one area that
will benefit. It is an area we are strongly
focused on, collaborating across the
industry to innovate.”
The industry’s immediate focus is on
implementing the International Air
Transport Association’s Resolution 753.
The resolution requires member airlines
keep track of each bag and share that
tracking information with all involved in
delivering those bags back to passengers
at their destination. While the resolution
will deliver accurate data on the journey
undertaken by each and every bag, the
industry is already looking beyond the
resolution to develop an even more accurate
model for baggage operations.
Ilya Gutlin, said: “The bag tracking
data that will be generated and collected
under Resolution 753 will provide the air
transport industry with a rich stream of
data. This can be enhanced with AI tools
to create greater efficiencies in baggage
operations and, ultimately, to improve
our experience as passengers.”
From an operations point of view, AI will
allow airports and airlines to learn what
baggage routes cause the most stress on
their systems and what factors are most
likely to cause them. These systems could
also generate insight into the patterns of
baggage movements that would enable airlines
to deliver bags more effectively.
Using AI, intelligent machines will
enable baggage to be autonomously
managed from the moment a passenger
checks in their bag to when it arrives
at the destination – all without human
intervention. For example, in this vision
of the future, autonomous loaders could
be used to transport bags between the
terminal and aircraft. Baggage data will
also allow airlines and airports to provide
passengers more relevant information on
their baggage as it makes its journey from
departure to destination
Form IV
Statement of ownership and other particulars about the
publication CIO & LEADER as per Rule 8
1. Place of Publication Nine Dot Nine Mediaworx Private Ltd.
121, Patparganj, Mayur Vihar Ph. I,
Near Mandir Masjid, Delhi-110091.
2. Periodicity of Publication Monthly
3. Printer's Name Anuradha Das Mathur
Nationality
Indian
(a) Whether a citizen of India? Yes
(b) If a foreigner, the country of origin N/A
Address
C-144, Sarvodaya Enclave
New Delhi-110017
4. Publisher’s Name Anuradha Das Mathur
Nationality
Indian
(a) Whether a citizen of India? Yes
(b) If a foreigner, the country of origin N/A
Address
C-144, Sarvodaya Enclave
New Delhi-110017
5. Editor’s Name Anuradha Das Mathur
Nationality
Indian
(a) Whether a citizen of India? Yes
(b) If a foreigner, the country of origin N/A
Address
C-144, Sarvodaya Enclave
New Delhi-110017
6. Names and addresses of
individuals who own the newspaper
and partners or shareholders
holding more than one per cent
of the total capital
I, Anuradha Das Mathur, here by declare that the particulars given above are true to
the best of my knowledge and belief.
Dated: 1st March, 2018
1. Dr. Pramath Raj Sinha
N-154, Panchsheel Park
New Delhi, 110024
2. Mr. Asheesh Kumar Gupta
103, Tower II, The Palms
South City-1, Gurgaon-122001
3. Mr. Vikas Gupta
C-5/10, Safarjung Developmement
Area, New Delhi-110016
4. Ms. Anuradha Das Mathur
C-144, Sarvodaya Enclave
New Delhi-110017
5. Mr. Kanak Ghosh
BH-44, Sector-II
Salt lake City, Kolkata 700091
And Others
Sd/-
Signature of Publisher
March 2018 | CIO&LEADER
31

Insight
Indian Businesses
Increase Spend
On Enterprise
Applications
Increased competition, alignment of IT to business and
rate of technology change are some of the reasons
By CIO&Leader
32 CIO&LEADER | March 2018

Insight
EEnterprise application software
spending in India will reach USD 2.5
billion in 2018, a 19.8% increase from
2017, according to Gartner. In China,
2018 enterprise application software
spending will reach USD 5.1 billion, a
18.9% rise from 2017.
While both countries are poised
for continued growth, organizations
have different criteria for selecting
the vendors they use. For example,
a recent end-user survey by Gartner
showed that corporate branding is
an important software selection criterion
in China, while organizations in
India focus more on pricing and contract
flexibility.
“China’s and India’s enterprise application
software spending has grown
at double-digit rates historically, and
they will continue to be hot spots,” said
Keith Guttridge, research director at
Garner. “To be competitive in those
countries, technology business unit
leaders in technology providers must
understand software adoption dynamics
and spending intentions.”
Hot spots for growth
Survey respondents were asked how
they anticipate that spending on enterprise
applications will change in 2018.
The survey found that India’s spend-
ing intention is more aggressive than
China’s. In all categories, India has a
higher percentage of respondents who
want to increase spending across all
enterprise applications. Enterprise
content management (ECM), business
intelligence (BI), customer relationship
management (CRM) and open source
(enterprise edition) were the most
popular in India. In China, the most
popular were open source, ECM
and CRM.
“Although ECM is considered a hot
market, it remains small in terms
of share. However, as organizations
in emerging countries are growing
rapidly and business requirements
becoming increasingly complex, there
is increasing demand for solutions to
digitalize content to support business
processes as part of digital workplace
initiatives,” said Guttridge. “CRM is
claiming some budget spending intention
from other major applications,
such as ERP, while open-source applications
continue to have a good proportion
of increased spending intentions.”
Looking at data
from decades,
China's
and India's
enterprise
app spend
has grown at
double-digit
rates
Reasons for increased
spending
Although transforming to digital business
is an important reason to increase
software spending, other factors take
precedence in the survey results.
Respondents suggested practical reasons
for increasing software spending
in 2018, including increased competition,
alignment of IT to business and
rate of technology change. In India,
increased competition and availability
of skills are other top reasons for
increased spending. In China, many
end-user organizations are struggling
to keep up with fast-growing customer
requirements, and must invest in their
rapidly expanding customer bases.
Key initiatives for software
spending
In India, increased software spending
is being strongly influenced by overarching
digital transformation (chosen
by 91% of respondents), followed by
mobile (88%) and artificial intelligence
(AI — 88%). In China, cloud/SaaS
offerings lead as the top influencer
(chosen by 63% of respondents), followed
by Internet of Things (IoT —
62%) and mobile (60%).
IoT is particularly significant in
China due to the large manufacturing
base, and the fact that “smart manufacturing”
is an official initiative in
the country’s 13th Five-Year Plan.
However, adoption of emerging initiatives
such as IoT, AI and digital transformation
will largely vary. Some enduser
organizations are still piloting,
experimenting with and trialing their
own resources in order to implement
these initiatives.
“Despite moderate economic growth,
technology and service providers
(TSPs) should craft a go-to-market
strategy that assumes that China and
India will continue to be fast-growth
markets in the region and the world,”
said Guttridge. “TSPs can differentiate
their offerings by providing ‘handholding’
mini-consultations for key
initiatives, such as IoT (especially in
China), AI and digital transformation
(especially in India). They can also
deliver use-case scenarios that demonstrate
the value of products and services
to these emerging technologies.”
March 2018 | CIO&LEADER
33

Insight
Cloud Apps And
Web Portals Are The
Biggest Targets For
Attackers
Gemalto’s 2018 Identity and Access Management
Index Survey indicates that the role of a dedicated Chief
Information Security Officer within organizations has
increased by a quarter in the last year
By CIO&Leader
34 CIO&LEADER | March 2018

Insight
AThe mainstreaming of cloud and the
use of a disparate range of devices
within businesses has led to nearly twothirds
of IT decision makers admitting
that their security teams are considering
implementing consumer-grade
access to cloud services for employees.
Gemalto’s 2018 Identity and Access
Management Index Survey interviewed
more than 1,000 IT decision makers
globally and found that a majority of
them believe that the authentication
methods they implement in their businesses
are not as good compared to
those found on popular sites including
Amazon and Facebook.
Nine in ten IT decision maker
respondents state that their organization’s
security policies around access
management have been influenced by
breaches of consumer services, which
shows how powerful these breaches
can be.
Most vulnerable to attacks
Around 50% of respondents highlight
web portals as one of the biggest targets,
around two in five say the same
for cloud applications (SaaS, PaaS,
IaaS), 39% mobile applications, 37%
local network access and just under
three in ten say so for VPN. In addition,
two fifths of respondents consider
unprotected infrastructure such as IoT
to be a big target for cyber-attacks.
Over four in ten respondents see
cloud applications as one of the biggest
targets for cyber-attacks. Of these
respondents, 71% indicate the reason
behind this may be the increasing
volume of cloud applications in use,
and 55% say that the lack of strong
cyber security solutions to implement
appropriate solutions. Over two fifths
also indicate cloud applications may
be targeted for cyber attacks because
access management solutions are currently
in place for the cloud are poor,
which is something that organizations
could improve.
Two-factor authentication
is gaining adoption
The vast majority of respondents’
organizations are now using twofactor
authentication for at least one
application. For instance, eight in ten
respondents report that their organization
has at least one application that
is currently protected by two-factor
authentication for cloud applications
(SaaS, PaaS, IaaS), 78% for local network
access and web portals, with 77%
for VPN and enterprise applications.
9 in 10 IT
decision makers
feel that their
org's security
policies around
access mgmt
is influenced
by persistent
breaches
Spend more on security
A total of 45% respondents agree that
their companies have started spending
spending on access management
(45%), staff being trained on security
and access management (44%), and
more resources being allocated to
access management (42%). In addition,
around two in five say that secure
access management is now a priority
for the board, rising slightly from 34%
in 2016.
The impact of social media
The survey also highlights the extent
to which social media platforms play a
role in marketing. Interestingly, despite
social platforms having been used in
the past as an attack route for malicious
actors to breach organizations,
it seems IT departments fall short in
being able to apply cohesive access
security for social platforms. For
example, over two fifths indicate that
employees use a company-approved
individual account when using social
media for work. According to the survey,
50% of respondents report that
their organization secures access to its
social media accounts via a relatively
simplistic method of username and
password, a slight drop from the 65%
who reported doing so in 2016. There
are of course, those who say that their
organizations use native two-factor
authentication provided by social
media sites.
Compliance and auditing
Nearly all respondents think that twofactor
authentication will be able to
contribute towards their organization’s
ability to comply with data protection
regulations and pass security
audits, with over half believing that
this is definitely the case. Similarly, the
majority of respondents believe that it
is important that their organization is
able to produce a single audit trail of
access events taking place throughout
different resources used by the organization,
with nearly three in ten viewing
this as extremely important. The
ability to encourage better compliance
and easier auditing may not often be
the primary reason to implement twofactor
authentication, but is certainly
an added bonus
March 2018 | CIO&LEADER
35

SECURITY
The Case of Rising
Cyberattacks
Automated and sophisticated swarm attacks are making it difficult
for organizations to protect users, applications, and devices
By CIO&Leader
A
A latest Fortinet Global Threat Landscape Report
reveals that attacks per firm increased over the
previous quarter. In addition, automated and
sophisticated swarm attacks are accelerating making
it increasingly difficult for organizations to
protect users, applications, and devices. Some of
the highlights of the report are:
Swarm Cyberattacks Increase in
Volume, Variety, and Velocity
The sophistication of attacks targeting organizations
is accelerating at an unprecedented rate.
Digital transformation isn’t just reshaping business,
cybercriminals are leveraging the expanding
attack surface it creates for new disruptive opportunities
to attack. They are implementing newer
swarm-like capabilities while simultaneously targeting
multiple vulnerabilities, devices, and access
points. The combination of rapid threat development
combined with the increased propagation of
36 CIO&LEADER | March 2018

Security
new variants is increasingly difficult
for many organizations to combat.
Unprecedented Volume: An average
of 274 exploit detections per firm
were detected, which is a significant
increase of 82% over the previous
quarter. The number of malware
families also increased by 25% and
unique variants grew by 19%. The
data not only indicates growth in
volume, but also an evolution of
the malware as well. In addition,
encrypted traffic using HTTPS and
SSL grew as a percentage of total
network traffic to a high of nearly
60% on average. While encryption
can certainly help protect data in
motion as it moves between core,
cloud, and endpoint environments,
it also represents a real challenge for
traditional security solutions.
IoT Attack Intensity: Three of the
top twenty attacks identified targeted
IoT devices and exploit activity
quadrupled against devices like
Wi-Fi cameras. None of these detections
were associated with a known
or named CVE, which is one of the
troubling aspects of vulnerable IoT
devices. In addition, unlike previous
attacks, which focused on exploiting
a single vulnerability, new IoT
botnets, such as Reaper and Hajime
can target multiple vulnerabilities
simultaneously. This multi-vector
approach is much harder to combat.
Reaper’s flexible framework
means that, rather than the static,
pre-programmed attacks of previous
IoT exploits, Reaper’s code is easily
updated to swarm faster by running
new and more malicious attacks
as they become available. Demonstrating
its swarm abilities, exploit
volume associated with Reaper
exhibited a jump from 50,000 to
2.7 million over a few days before
dropping back to normal. In Asia
Pacific, the top prevalent exploits
detected exhibits a similar pattern.
For example, exploits targeting the
Apache Struts and IP camera/DVR
vulnerabilities make up some of the
top exploits detected in APAC for
Q4, 2017 as well. IP camera/DVR
vulnerabilities in APAC are quite
prevalent as these devices are popular,
available at low cost, but do not
have sufficient security designed
into them.
Ransomware Still Prevalent: Several
strains of ransomware topped
the list of malware variants. Locky
was the most widespread malware
variant and Globe Imposter followed
as the second. A new strain of Locky
emerged, tricking recipients with
spam before requesting a ransom.
In addition, there was a shift on the
darknet from only accepting Bitcoin
for payment to other forms of digital
currency such as Monero. In APAC,
new malware variants and ransomware
droppers account for the top
prevalent malware seen in Q4, 2017.
Cryptocurrency Mining on the
Rise: Cryptomining malware
increased globally and in APAC,
which seems to be intertwined with
the changing price of Bitcoin. Cybercriminals
recognize the growth in
digital currencies and are using a
trick called cryptojacking to mine
cryptocurrencies on computers
using CPU resources in the background
without a user knowing.
Cryptojacking involves loading a
script into a web browser, nothing is
installed or stored on the computer.
Security should
operate at
digital speeds
by automating
responses as
well as applying
intelligence and
self-learning
Sophisticated Industrial Malware:
An uptick in exploit activity against
industrial control systems (ICS) and
safety instrumental systems (SIS)
suggests these under-the-radar
attacks might be climbing higher
on attackers’ radar. An example is
an attack codenamed Triton. It is
sophisticated in nature and has the
ability to cover its tracks by overwriting
the malware itself with garbage
data to thwart forensic analysis.
Because these platforms affect vital
critical infrastructures, they are
enticing for threat actors. Successful
attacks can cause significant damage
with far-reaching impact.
Attack Variety: Steganography is an
attack that embeds malicious code
in images. It’s an attack vector that
has not had much visibility over the
past several years, but it appears to
be on the resurgence. The Sundown
exploit kit uses steganography to
steal information, and while it has
been around for some time, it was
reported by more organizations
than any other exploit kit. It was
found dropping multiple ransomware
variants.
Fighting Swarm Attacks
Requires Integrated
Security
The threat data in this quarter’s report
reinforces many of the predictions
unveiled by the Fortinet FortiGuard
Labs global research team for 2018,
which predicted the rise of selflearning
hivenets and swarmbots on
the horizon. Over the next couple of
years, the attack surface will continue
to expand while visibility and control
over today’s infrastructures diminish.
To address the problems of speed and
scale by adversaries, organizations
need to adopt strategies based on
automation and integration. Security
should operate at digital speeds
by automating responses as well as
applying intelligence and self-learning
so that networks can make effective
and autonomous decisions
March 2018 | CIO&LEADER
37

LEADERSHIP
Ten Ways Business
Leaders Can
Improve Gender
Diversity
Grant Thornton has tracked the progress of women in
business for the last 14 years
By CIO&Leader
38 CIO&LEADER | March 2018

Leadership
AAccording to Grant Thornton, the professional
services company, that has tracked the progress
of women in business around the globe for
14 years, explores how business leaders think
and feel, and outlines practical steps that can
create change.
Creating an
inclusive
workplace
that
supports
gender
diversity
won't be
easy
1. Champion the cause
To create change, senior leadership need to take
the issue seriously and lead from the top.
2. Make diversity and inclusion a
core value
Organisational values drive behaviour, so it’s
important that the whole business is signed up
to diversity and inclusion.Our research shows
that translating good intentions into practice is
an ongoing challenge for businesses.
3. Set goals
Making gender diversity a core value is
not enough in itself; business leaders should
set clear goals by which they will measure
progress.
4. Link progress to pay
They say that what gets measured gets managed,
so business leaders should make diversity
and inclusion goals part of the leadership team’s
compensation packages to encourage change.
5. Avoid tokenism
Simply putting one woman on the senior management
team is not enough to ensure a range of
voices is heard and for the business to reap the
rewards of diversity. The issue is not only about
whether there are women present but also whether
women feel their perspectives are valued.
6. Reduce ‘mini me’ recruitment
and promotion
Providing support to understand why this
happens and how it can be avoided will forge
a better process. Unconscious bias training
can help people at all levels of the business
avoid the temptation to hire and promote
employees who look, speak and think in the
same ways.
7. Introduce sponsorship
Sponsorship can have a significantly greater
impact on gender diversity in leadership than
simple mentoring schemes.
8. Investigate the benefits
Evidence of the commercial gains brought by
gender diversity will help convince sceptics of
the need for change and provide justification for
investment in new initiatives.
9. Be comfortable with
discomfort
Creating an inclusive business environment
that supports gender diversity in leadership
will not be easy, so leaders need to be in it for the
long term.
10. Share your story
Business leaders who are open about what is
driving change in their own companies can
encourage others and help them overcome the
complexity of turning theory into action. It can
be challenging for business leaders to feel able
to be transparent about internal ways of working,
and particularly about mistakes they’ve
made, but without this we are unlikely to see
widespread progress
March 2018 | CIO&LEADER
39