Heavy Strategy

To understand how much to spend on cybersecurity, you have to accurately assess or quantify your risks. Too many people still peg their cybersecurity spend to their IT budget; that is, they’ll look at what they’re spending on IT, and then allocate a percentage of that to cybersecurity. That may have made some sense when... Read more »

In times of major change–whether in IT or the economy–organizations should take a fresh look at their sourcing strategy. Companies outsourcing key functions need to re-examine the reasoning and scrutinize the results. The same goes for in-house functions. IT leaders need to ask: is our sourcing strategy in line with our current corporate and IT... Read more »

Sandy Miller, a pseudonymous CIO, shares her insights on identifying toxic IT work environments. She highlights five signs of an abusive IT relationship, including the dreaded 'Sunday scaries' and stalled promotions. Sandy shares personal experiences of fear and distrust stemming from manipulation of information and siloed cultures. The discussion dives into recognizing hostile workplaces, the impact of bad leadership versus toxic company intentions, and the importance of aligning personal values with corporate missions. A candid exploration of workplace dynamics!

Network-as-a-Service (NaaS) promises enterprises the ability to set up and configure connectivity and network security with a couple of clicks. But for NaaS to truly transform enterprise networking, one thing has been missing: standards. Enter Mplify (formerly the Metro Ethernet Forum), a non-profit focused on standardizing NaaS service definitions. Mplify’s CTO, Pascal Menezes, joins Johna... Read more »

The discussion highlights the risks of losing cloud services amidst geopolitical tensions, illustrated by a case of an Indian energy company cut off from Microsoft. It’s crucial for organizations to rethink their risk management strategies and incorporate contingency plans. The impacts of legal changes on corporate structures are explored, emphasizing communication between departments. The hosts advocate for diversifying service providers and preparing for unexpected disruptions, likening it to buying insurance against unpredictability in an unstable global landscape.

Experts discuss the rapidly approaching threat of quantum computing capable of breaking traditional encryption. Recent estimates show this technology could arrive years sooner than expected. Organizations must act fast, particularly in finance, to adopt quantum-resistant cryptography. The conversation dives into evaluating vendor strategies for data protection and the importance of proactive cybersecurity measures. With cryptographic vulnerabilities on the rise, there's an urgent need for reassessing security practices to safeguard communications in our tech-driven world.

Is adding AI to your environment a software purchase? Or is it more like hiring an employee? Heavy Strategy’s John Burke and Johna Johnson debate whether AI should be treated as just another application you buy and use, or be handled like an employee you’re bringing on staff (complete with background and reference checks, training... Read more »

Whether it’s CNAME records pointing to dead endpoints or abandoned cloud storage buckets still mentioned in the makefile or Chef recipe, seemingly innocuous bits of infrastructure that don’t get cleaned up can turn into serious security threats. (Both of these examples are taken from real-life attacks, BTW). When and how and who within IT should... Read more »

Here we are, a bit more than halfway through the year. How’s your execution against your strategy going? Roiled by the economy? Disrupted by tariffs? Thrown off by staff retirements? If you built a proper technology strategy in the first place, driven by the business strategy, then no matter what is happening don’t ignore it,... Read more »

IT teams deal with technology lifecycle issues all the time–including Y2K, which enterprises across the world grappled with for years. The Epochalypse, or Year 2038 Problem, is similar. Specifically, some Linux systems’ date-time counters will go from positive to negative at a specific date in 2038, potentially wreaking havoc on embedded systems and any other... Read more »