BPM Conference Portugal 2016

This is the transcript of my opening act as Chair of the conference. In this edition, the event attracted on average 200 attendees, a breakthrough and important milestone.

This years edition theme is about Digital Transformation. I am not here to bring definitions about what Digital Transformation is. Definitions are, by definition, pretty useless, incomplete and valueless, hence, let me bring you real world examples what digital transformation is all about.

Let’s start by the banking industry

Some banks, there are some good examples just on the other side of the border, are leveraging on the power of Fintechs to expand the value chain. Fintechs are tech startups that are bridging the gaps, for example in trading operations and loan provisioning.

Today some banks are offering real end to end transactions, starting from the manufacturer that wants to collect the money as soon as possible, the transport companies and the manufacturer’s customer that wants to chase and track,
in order to prevent disruption in the supply chain. Today it is possible to share all the documents involved in transaction, that will determine if payment can be processed, broadcast merchandise tracking and predict delivery.

In loans the market is experiencing the loom of new business models like hybrid lending. Imagine your company needs equity and the bank does not to be exposed to risk. The bank can provide you, let’s say, 60% of the required equity and the company trough a network of venture capitalists, or equity firms can get the remaining 40%.

There is also Blockchain. Blockchain is changing the way we execute transactions in a way we do not need banks anymore. You can just wire money to other person. No one needs to have a bank account. Just Imagine the possibilities on how easy it is to process payments.

Let’s shift industry sector, like Oil and Gas or Utilities.

For reasons that I do not understand (I assume it is related with lack of industry knowledge) we constantly read articles in reference magazines about the power of digital business in retail leveraged on big data. Well, let me tell you are being deceived. The real power of big data is in manufacturing, utilities and oil and gas. Let me put you into perspective. People say Portugal have a population of 11 million. In Lagos, in Nigeria, live 25 million people, it fits twice the size of Portugal and some change. Now imagine in countries that produce oil, the thousands and thousands of kilometers of pipelines with thousands and thousands of pumps and other equipment and on each pump you can
control in real time the temperature, the pressure, the velocity, whatever. Now imagine you can predict based on operating conditions when the pump it is going to fail and you can prevent expensive repair cost (just think that most of this equipment is made to order and when it fails, it fails in the middle of nowhere) and the cost of non productive time.

This is what digital business is all about. This drives us to insurgency spot and asset  protection. Oil & Gas companies are very keen on militia do not blow up their pipelines.

Cyber-security

This leads to the development and implementation a new IT capability, context-awareness, by the realization of a Context Awareness System, a sophisticated surveillance technology solution that aggregates and analyses public safety data in real time, providing security investigators and analysts with a comprehensive view of potential threats and criminal activity.

To put you on perspective, I need to borrow this quote from Frances Stonor Saunders at a London Review of Books talk.

On the evening of 3rd of October of 2013 a boat carrying more than 500 Eritreans and Somalis founded out the tiny island of Lampedusa, in the darkness, locals mistook the desperate cries for help from the sounds of seagulls, the boat sunk within minutes, survivors were in the water for five hours, some of them close the bodies of the dead
companions at float. Many of 368 people who drowned never made off the capsizing boat and were drowned to the sea floor still on board. Among of the 108 people trapped inside the bow was an Eritrean woman thought to have 20 years old were, as she given birth as she drowned, her waters have been broken in the water, rescue drivers found the dead infant still attached by the umbilical cord

We are facing a dilemma on how cyber-security should be used for. On one hand these systems are used to fight and eliminate terror, protecting innocent lives to be taken, to protect company assets from being attacked and looted by contemporary pirates. We cannot make a so selfish decision about abandon and condemning thousands of refugees to death, because the same kind of Context Awareness System cannot be used in preventing people to die. The political discussion about where the refugees should be steered to Europe of send back to their failed state countries, it not an argument about the responsibility of protecting human life only in the case where terror is being perpetrated, except when people are escaping and running away from the same terror source.

Privacy

Once upon a time autonomy and anonymity were part of our self.

It is very interesting to analyze from a societal point of view, is how some people are deeply concerned with personal data access from 3rd parties, when such concern does not exist about how a bank account manager can understand our lifestyle just looking to the bank statement entries. Even so, many people are not particularly bothered by what faceless corporations or even governments can learn about them from our own data exhale. However, there is not a black or white resolution because today there are two kinds of people: the ones that have two selfs and the one that have three selfs. The first self is related with our personality, who we are, our outer self is our attitude that changes according to the behavior with whom we interact and our virtual self is a a wishful thinking what we want to be normally expressed in social networks which most of these faceless companies invest every bit of information we broadcast. Still, the lines start to blur when the virtual self blends with our attitude and we start to expose parts of our real behavior and thoughts. And still, you think you are protected, do you? By those smartphones with bio-metric authentication, like the San Bernardino phone John Macfee (from Mcafee anti virus) told he would break the phone for free and would last long. Well, you known how the story ended, the FBI handed over the device to an Israeli company that broke it.

This poses the challenge which is privacy by design. Is this new digital world how do you balance the trade off between learn from what your customers do and how do you protect their privacy. Do we own your data? Our we will give up our privacy and become transparent?

Advertisements

Machines are taking over me – II – cybersecurity

During last week I’ve been working in Nigeria with an Oil & Gas Company on defining an IT Strategy program to move to the cloud. One of the key topics of designing the IT strategy is related with the countries societal impact, that needs to fight with terror, insurgency, wash away corruption and institutionalized informal economy. For those that are not familiar with the country environment, it is commonly accepted under such an inequality standard, you can take loot or steal other’s assets, because the others, cannot live so large and leave so little to the rest of population. Hence, I am helping the organization I am working with to either establish or reengineer security command centres to consolidate their security programs, detect insurgency, theft, improve their risk management and loss of primary containment. Accomplishing these goals requires that the security command centre perform these key IT functions: have access to massive information sources, ingesting and processing such data in real time making sense of it; summarizing and presenting key data in a meaningful way that supports quick and effective responses to events as they happen in real time. To implement these functions, the organization must not only have subject matter expertise in security and a deep partnership with security forces (local law does not allow a company to have private security), but it must also have a technology foundation to support decision management, workflow orchestration, communication and collaboration, and data management and protection―all anchored on a secured hybrid cloud architecture.

The field threat environment continues to grow more dangerous like for example attacking pipelines, stealing crude oil or refined products, creating a twofold challenge for Oil & Gas companies and the Nigerian government. Not only must these organizations continually strengthen their protection of the data and systems they manage, but they also do not face stricter requirements to demonstrate that they have done so in accordance with the appropriate laws, regulations because simply they do not exist or are not properly designed, once the new government that took power on May 2015 is “putting the house in order” dealing with more important matters for the population, like end the fuel scarcity – currently in Nigeria, you need to wait on average 2 to 3 hours to fill up your car’s tank in what is the biggest African oil producer.
Anyway, from an architecture design perspective you need to define the particulars and complements the about data protection and security, among others, setting-up specific rules concerning the processing of personal data in the electronic communication sector – in the context of spotting insurgency, one of the data sources is text messages that the population can send, informing the oil & gas company and the military that there are signals that indicate a possible or the perpetration of an attack, as other approaches like live video surveillance feed is not available. As a result, by default, listening, tapping, storage or other kinds of interception or surveillance of communications and the related traffic data by persons other than users without the consent of the citizen concerned, except when legally authorized, is prohibited. The requirement for prior consent is extended to cover the information stored in users’ terminal, given that users have very sensitive information in their computers, smartphones and similar devices. Nevertheless,

How do you deal with the trade-off of enforcing data privacy and putting the population to abdicate from it for the benefit of the Oil & Gas company?

And from a change management perspective,

How do you convince the population to help you fight asset attacks, in a country where everyone is desperate to make its cut on a non-structured economy?

This is because, contrary of designing an advanced IoT business model, in let’s assume, a supply chain, in which truck drivers are rewarded – with airlines miles or discounts in retail shops- by contributing to fuel consumption decrease and safe driving, such kind of gamification strategy must be adapted to social programs to eradicate poverty, providing social services like education and health car of building basic infrastructures. Such gamification strategy, should part of the illusionary, misguided and wrong doing social responsibility corporate programs, meaning that in the end, it is the Oil & Gas company that must share a part of the profits for the IT Strategy work and be effective.

Enter into cybersecurity

This leads to the development and implementation a new IT capability, context-awareness, by the realization of a Context Awareness System, a sophisticated surveillance technology solution that aggregates and analyses public safety data in real time, providing security investigators and analysts with a comprehensive view of potential threats and criminal activity. Such a system protects population sensitive information by designing a series of internal security recommended practices and proprietary and advanced security tooling and technologies for monitoring and detecting advanced asset attacks and related intelligence.
This leaves me as an architect with a challenge in my consciousness, and as such, I would like to invoke one of the most magnificent quote from William Shakespeare’s – Macbeth

“Oh, full of scorpions is my mind, dear wife!”

For that explanation I need to borrow this quote from Frances Stonor Saunders at a London Review of Books talk.

“On the evening of 3rd of October of 2013 a boat carrying more than 500 Eritreans and Somalis founded out the tiny island of Lampedusa, in the darkness, locals mistook the desperate cries for help from the sounds of seagulls, the boat sunk within minutes, survivors were in the water for five hours, some of them close the bodies of the dead companions at float. Many of 368 people who drowned never made off the capsizing boat and were drowned to the sea floor still on board. Among of the 108 people trapped inside the bow was an Eritrean woman thought to have 20 years old were, as she given birth as she drowned, her waters have been broken in the water, rescue drivers found the dead infant still attached by the umbilical cord.”

We are facing a dilemma on how cybersecurity should be used for. On one hand these systems are used to fight and eliminate terror, protecting innocent lives to be taken, to protect company assets from being atacked and looted by contemporary pirates, but one the other hand, like in play, when Macbeth is explaining to his wife about the need to taking life to Banquo, and his son, Fleance, we cannot make a so selfish decision about abandon and condemning thousands of refugees to death, because the same kind of Context Awareness System cannot be used in preventing people to die. The political discussion about where the refugees should be steered to Europe of send back to their failed state countries, it not an argument about the responsibility of protecting human life only in the case where terror is being perpetrated, except when people are escaping and running away from the same terror source.
This something worth thinking about.