While all the program content was well worthwhile, there can be little doubt that the biggest draw and the most valuable aspect of this event is the networking among peers and sharing of ideas, experiences and best practices that take place when these CIOs have a chance to interact with each other away from their offices and chaotic work schedules. It’s no wonder that attendance has continued to grow.
The event kicked off with a Golf Scramble on Wednesday morning with 23 willing participants who were undeterred by the 104-degree weather. The winning team was comprised of Glenn Bonner of MGM Mirage, Bill Oates of Starwood, Marshall Andrew of Station Casinos and Ron Tarro of SDD/telemanager.net. (Can it be true that gaming CIOs get in more rounds of golf a year than non-gaming CIOs?) The Closest to the Pin award went to Gary Thomson of Choice Hotels and the Longest Drive award went to John Novak of La Quinta. The unofficial winner of the Most Water Consumed without a Restroom Stop award was Rodney Thiel of Benchmark Hospitality.
The 2004 CIO Summit officially commenced on Wednesday afternoon when event architect and Hospitality Upgrade Publisher Richard Siegel welcomed the sizeable group. There was a palpable buzz in the room, as seldom before had so many prominent industry IT professionals gathered together in a single room. Sally Kelly of BearingPoint explained that the program content was built around the Summit theme “Strategy, Innovation, Leadership” and previewed what the next few days had in store.
Wednesday afternoon’s session, Evolving IT Security Best Practices, was led by Matt Miller, senior manager at BearingPoint. Miller, a former teenage hacker, walked the CIOs through a process designed to help them develop and implement a comprehensive information security program that balances theoretical perfection with real-world business requirements. He identified a noticeable shift in many corporations from a purely compliance-based focus to one based on assessing acceptable levels of risk. The key is to formally determine the enterprise’s tolerance for risk and to build a “security posture” appropriate to that tolerance level. This raises the challenge of establishing proper metrics to use when determining how much to spend and where to spend it on IT security.
Risk can be reduced through any or all of the following mechanisms: decreasing the threat involved, decreasing vulnerability, quantifying the value of stored data and/or increasing countermeasures.
Web application security was explored in great detail, and the audience came away with specific recommendations on techniques and components developers can use to safeguard data.
The componentized nature of service-based architectures requires a stronger focus on identity management, data validation and monitoring. CIOs were advised to reduce server and application access to defined user communities. Time after time BearingPoint sees security violations that did not occur through the company’s primary Web servers (that are open to the entire world), but rather through some secondary server set up for an outside vendor to access on an occasional basis.
The first afternoon ended with some off-beat fun. A special CIO Summit Edition of the $25,000 Pyramid game was put on for the audience with Rich serving as the game show host, this writer as the clue-giver and willing accomplice Charlotte Somers (who was set up as a “randomly chosen” contestant) providing the guesses. While this segment clearly falls into the “you-had-to-be-there” realm, highlights included the following:
- After successfully getting the answer to the previous category, which was “Famous College Dropouts” (the clues had been Bill Gates, Steve Jobs, Larry Ellison and Michael Dell), Charlotte, upon hearing the new clues “Mike Kistner” and “Glenn Bonner” guessed “Famous High School Dropouts!” which brought a chorus of belly laughs from the crowd.
- The next category was “HFTP Hall of Fame Inductees at the CIO Summit.” After hearing the clues “Rich Siegel” and “Jules Sieburgh” Charlotte responded with the guess, “Heavy Drinkers?” After receiving two more clues (“Bob Bennett” and “Bill Oates”) she asked, “Are you sure it’s not heavy drinkers?” It took one more clue, “Scott Heintzeman,” for her to guess the correct answer.
At the cocktail reception Wednesday evening, attendees were handed a card with the name of another attendee on it. Each card contained five questions, which varied from card to card. The assignment was to seek out the individual whose name was on your card, introduce yourself to them and obtain answers to all of the questions. This proved to be an effective ice breaker.
Dinner, a Southwestern BBQ, started off with a welcome from the event sponsors. Ron Tarro of SDD, Tracy Flynn of NCR/Teradata and Karl Willig of InfoGenesis thanked the attendees for coming and encouraged them to make the most of the event. Each of these generous companies has consistently demonstrated long-term commitment to this industry and their participation contributed to the sessions and the overall value of the event.
Thursday morning started off with the attendees standing up, one after the other, to introduce their assigned colleague to the rest of the group. Jules Sieburgh, CIO of Host Marriott, was among a handful of CIOs who were subjected to some good-natured (but devious) editorial license when the responses were read.
Thursday’s sessions began with Demystifying CISP, a presentation by Mary Gerdts, CEO and president of POST Integrations, Inc. By show of hands, only about half of the CIOs in the room responded that they knew much about CISP coming into the session.
Visa’s CISP (Cardholder Information Security Program) is an in-depth data management/data security program that was first introduced in April 2000. Initially its primary focus was on Internet transactions, however, several incidents over the past few years have caused Visa to focus the program on the hospitality industry specifically.
While compliance is difficult and even painful at times, Gerdts argued that it makes good business sense. In addition to protecting your guests’ data you are protecting your brand image and value. CISP certification gets you the benefit of Visa’s “safe harbor” in the event of a serious data compromise. And Gerdts warned the group that the sensitive data they store is under attack from well-organized hacker groups around the globe – including a notorious group of ex-KGB operatives working out of Germany. It is imperative (and a strict requirement of CISP) that merchants and vendors not store any mag stripe 2 data anywhere on their systems.
Gerdts cautioned that any third-party system (such as PMS, POS, etc.) that processes or stores transactional data is defined as a third-party agent and that their vendors should be held to the same compliance standards as the merchant. She warned that the merchant can be held liable in the event the agent’s system is hacked. The group benefited from a walk-through of exactly what to do if their systems are hacked. For more information on CISP visit www.usa.visa.com and click on the CISP link under the business heading.
The premise for Next Generation Customer Experience – Marrying Kiosk and RFID Technologies was intriguing. What if travel was simple, safe, hassle-free and possibly even fun? BearingPoint Managing Director Jim May and Manger Attilio Bellman teamed up to explore the existing and emerging technologies that might be combined to make this a reality.
Bellman, who has a doctorate from the University of Milan and has done significant research on RFID technology at MIT, kicked things off with a comprehensive overview of RFID. He and May then launched into a fascinating step-by-step description of the RFID-enhanced travel experience we might someday experience.
Picking up the scenario after the booking of all travel segments and accommodations, we learned how RFID tags on luggage and on our personal “all access” identification cards would facilitate a quick and unobtrusive baggage check in. Airline check in could be as simple as walking close enough to a kiosk for our RFID card to be read, and there would be no need to produce an ID or boarding pass at the security checkpoint as their RFID readers could pick up our “all access” card signal, positively identify us through biometric recognition technologies and confirm that we had a valid reservation for that day. Similarly, we would board the plane without having to pull out any documents. Upon arrival at our destination city, our ground transportation company could be automatically advised of our presence in the terminal. At the hotel, front desk staff would be alerted to our arrival through readers at the front entrance and we could easily be greeted by name and seamlessly checked in, with our “all access” card serving as the room key.
While it came off sounding a bit futuristic and idealistic, May and Bellman reminded the group that every technology they had described exists and is operational in the marketplace today.
Dori Overby, senior manager at BearingPoint, opened the Effective Program Management session with some sobering statistics: According to Aberdeen Group, 30 percent of all projects are cancelled prior to completion and 90 percent of the remaining projects are completed late. Gartner Group reports that a full 50 percent of all projects are over budget and 50 percent fail to meet their objectives.
]
While CIOs in our industry have always had to deal with multiple property locations and business functions that are widely disbursed geographically, they are increasingly having to cope with numerous business partners and vendors, the integration of new technologies with legacy systems and project teams with varying technical, business process and management skills. Layered over this complex landscape are a multitude of stakeholders with varying expectations including increased revenue, cost reduction, process improvement and/or cycle time reduction.
To succeed in this environment, Overby maintained, corporations need to create a single function responsible for overseeing all corporate projects. To support this claim she quoted Gartner Group’s findings. Overby said, “IS organizations that establish enterprise standards for project management, including a program office with suitable governance, will experience half the major project cost overruns, delays and cancellations of those that fail to do so.”
Following a break for lunch, the sessions resumed with a presentation on sharing intellectual property rights. This innovative concept grew out of the shared frustration among several Fortune 500 CIOs over the vast sums of money they were spending developing and supporting systems that did not necessarily give them a competitive advantage. Jay Hansen, the CEO of the Avalanche Corporate Technology Cooperative, explained that these CIOs wondered if they would be better sharing this intellectual property with each other for their mutual benefit.
In March 2004 Project Avalanche was created as a gated community that enables its members to contribute, collaborate and legally distribute intellectual property with other members. The Avalanche vision is one in which hundreds of corporations, consultants and vendors cooperate to develop a large repository of shared business applications that members can download, modify and distribute.
The Avalanche story appeared to intrigue many CIOs in the room, and it will be interesting to see if companies in our industry are able to benefit from this novel concept. For more information please visit www.avalanche.coop.
More and more CIOs are opting for, or being forced into adopting, a more business-like approach to running their IT operations. As AMR Research puts it, “CIOs are continually looking for ways to better align with the business… effectively conveying IT value requires consistent communication and the right metrics, but it also requires a fundamental change in the way that IT manages itself as a business.” BearingPoint Managing Director Brian Robertson started his session, Running IT Like a Business, by walking the CIOs through a multitude of pressures fueling this fundamental shift.
Robertson led the group through a set of best practices geared to help them transform their IT operations. One key, he said, is to ensure that the overall strategic IT plan is fully integrated with the company’s strategic business plan. Other key elements of a successfully aligned IT organization include knowing your customers (both internal and external), consistently producing quality results or products, knowing your competition within the organization and understanding how to manage them, streamlining operations by continuously improving IT efficiency and effectiveness. All of this must be done with a single focus – to consistently deliver value to all stakeholders through measurable results. He suggested that the CIOs in the room should execute on a phased approach using a two-to-three year prioritized roadmap of IT projects that will help them achieve a more efficient and effective IT organization.
Focusing on Project ROI and Benefits Realization was presented by Dave Narramore, managing director at BearingPoint. Narramore stressed that achieving ROI on a project is driven by focusing on true costs and benefits throughout the entire lifecycle of a project – including the operational phase. He outlined a 12-step framework that helps maintain that focus while establishing appropriate buy in, accountability and responsibility among all parties involved in the project.
Narramore strongly recommended the creation and use of a “strategy articulation map” to clarify the vision, strategy and objectives of an enterprise. Cast from the perspectives of the individual corporation’s vision, mission and value system, it identifies market differentiators, strategic objectives, critical processes and performance measurements. None of these are trivial considerations and Narramore spent time drilling down to each component – with particular emphasis on the ROI measurement tools and methods to be employed through any project. The group was alerted to a valuable resource for information on process and performance improvement – The American Productivity and Quality Center (www.apqc.org).
Thursday’s final session was highly entertaining. Demonstrating a combination of deep technical knowledge and polished presentation skills, Union Pacific Railroad’s Senior Director of Information Technology Marty Malley gave the group an in-depth look at Union Pacific’s (UP) very complex operational environment.
Proving that everything is relative, Malley was able to make the audience feel that our industry’s IT environment may not be so complex after all. UP laid its first track in 1862 and now has over 33,000 miles of track, carrying over 14,000 trains and 180,000 car loads per week. Layer 48,000 employees across that grid and then consider that some of UP’s core operational systems handling transportation control date back to the 1960s. Factor in a large portfolio of client/server applications running on over 700 servers (a combination of Netware, UNIX and NT) with many of these systems interacting with a 5+ terabyte Teradata Data Warehouse and you have nothing short of a logistical buzz kill.
The major theme of Malley’s presentation, and of the entire IT function within UP, is integration. The company is laser-focused on reducing the amount of time that actionable information exists somewhere in the organization but is inaccessible to any individual who needs it to make a decision. The organization’s mantra appears to be “a single version of the truth” – meaning that there be a single instance of each data element that can be accessed or viewed by every application that needs it.
But the most important aspect of the UP system architecture is the presentation layer – where they have built a dynamic portal that each user can personalize to get at the critical information they need for their job function. Starting with high-level intuitive, graphical representations of their key performance indicators, each user can then drill down to the specific details needed to make effective decisions. The CIOs appeared to be pumped up by UP’s impressive display of technology applied to great advantage in such a highly complex environment.
Thursday night’s cocktails and dinner were served in a majestic outdoor locale called the Oasis Spiral, which bordered Pointe South’s water park and was nestled among large boulder formations. Following an exquisite meal Chris Thomas, chief strategist of Intel’s Solutions Group, addressed the group with a peek into Intel’s Strategic Vision. He began by issuing a challenge to the CIOs to constantly be looking at ways to create sustainable revenue growth rather than at ways to save money. Thomas then led the group on an extended voyage through the cutting edges of service-oriented architecture (SOA) and the mobilized software initiative (MSI), which has held much of his focus lately. MSI’s mission is to change software so that it really works in today’s mobile computing environments, for instance ensuring that applications won’t crash when you ride in an elevator or drive through a tunnel.
Thomas is very excited about the new “active documents” capability and believes it holds the answer to what should be a burning question for every company in our industry, “How do I create a persistent relationship with my customer if the customer has to remember to call me or visit my Web site?” Adobe 6 allows you to embed Web services into a document. Why not send the registration card to a guest electronically on their day of arrival and let them click on a box to check in? Or if the guest is flying from the West Coast to the East Coast and will check in late at night when the kitchen is closed, why not send the menu in advance to a mobile computing device so they can order something to be waiting for them when they get to their room?
As the evening drew to a close and the last after-dinner drinks were poured, Tim Rand, CIO of Adam’s Mark Hotels, was the lucky winner of the drawing for a fabulous Kentucky Derby Experience for two. BearingPoint generously donated the Derby tickets and Hospitality Upgrade donated roundtrip airfare. Our Publisher Richard Siegel was relieved that Nick Price (Hong Kong) and Wibecke Vinke (Switzerland) did not win the drawing.
The final morning held what promised to be a remarkable session, and it lived up to the hype. By far the most interactive and popular event on the program, the Ask The Experts panel discussion featured Intel’s Chris Thomas, Associate Dean at NYU Dr. Lalia Rach and Kapila Anand, partner at KPMG. Lee Gomes, popular technology columnist for The Wall Street Journal, served as moderator and kept the panel and audience engaged.
Each panelist took a few minutes to offer a perspective on the current state of the industry. Rach offered three key thoughts for the audience to contemplate. She first asked the group to consider whether or not their systems build confidence among guests and suggested that the loyalty of guests needs to be justified and rewarded through efficient and effective technology. For her second question she asked, “Who is training your employees?” She offered examples of misused or underutilized technology effecting a poor guest experience. Lastly, she contemplated the issue of CapX expenditures on rapidly evolving guestroom technology and asked how budgets could ever keep up.
Anand, an expert on the Sarbanes-Oxley Act, explained that she used to spend her time speaking with CEOs and their boards about market studies, strategic planning and emerging technologies but that about a year ago the specter of Sarbanes-Oxley loomed over everyone’s head and forever changed the nature of those conversations. Now executives are struggling with the expense of compliance and its direct impact on technology expenditures. She suggested that our industry has some unique dynamics that make compliance and the whole issue of corporate governance even more complex: the management company/owner relationship layered over a franchisee/franchisor relationship, the large number of employees and the significant number of manual processes.
Thomas suggested that the software industry is undergoing a massive metamorphosis to service-oriented architectures and the whole way that IT works and the way information flows will change dramatically. He believes our industry is well positioned to take advantage of that transformation.
What followed these opening comments was a highly entertaining and interactive session that left the audience pleading for more. Rest assured that this session will be expanded and moved to a prominent spot in the schedule next year.
Speaking of next year, the search is already underway for a host site for the CIO Summit 2005. With attendance expanding each year and participants flying in from Mexico, Hong Kong and Switzerland, it’s not hard to imagine this event achieving must-attend status in every CIO’s calendar.
Special thanks go to the event sponsors InfoGenesis, NCR/Teradata and SDD/Telemanager.net, as well as founding association HFTP for making the event possible. Kudos and sincere thanks to Charlotte Somers, whose meticulous planning and tireless onsite efforts made things run like clockwork and Sally Kelly of BearingPoint who put together another solid program.