IT Professional

Is IT for Geeks Only?

For the IT profession to truly excel and flourish, IT professionals must understand how to present information in both technical and nontechnical terms. Editorial board member Wes Chou describes how to move beyond "geek think" and truly excel at serving the overall organization, from users to customers.

Virtual Service Grids: Integrating IT with Business Processes

The alignment of information technology and business has shifted significantly since computing's mainframe era. The high costs of mainframe technology meant that only the largest organizations could afford it, and applications were relatively few. Business was expected to adapt to the technology. This all changed in the 1990s. Industry's widespread adoption of PCs, especially Intel x86-based systems, radically reduced computing costs. The benefits of IT spread to much smaller organizations worldwide, and a large market for hardware, software, and business services emerged. As system integrators began using components from diverse suppliers to build standards-based computers, system costs dropped two orders of magnitude from those of comparably powered mainframes. Many large deployments moved from mainframes to client-server distributed systems. The three-tier computing architecture came to dominate this era, and it introduced a separation between hardware and software. The authors describe how we got to this point and what direction we're headed in for the future.

Guest Editor's Introduction: Cybersecurity in a Falling Economy

As organizations suffer through a declining economy, many will be forced to make security cutbacks they wouldn't ordinarily consider to be acceptable. IT leaders and managers making security cuts must ensure that their cyberdefense continues to meet organizational obligations to protect enterprise cyberspace and corporate assets. This special issue looks at the various trade-offs involved.

Cyberattacks: Why, What, Who, and How

Enterprises rely extensively on computerized information systems and electronic data in cyberspace to perform their daily activities and business. Today, virtually all public and private organizations connect to and live in cyberspace. As computers, information systems, and networking have become more ubiquitous, cybersecurity has become more critical for the continuity of business operations. To better understand cybersecurity, this article discusses the four "W's" of cyberattacks. It starts with an overview of the cause of cybersecurity problems, analyzes the challenges associated with it, outlines the cyberattacker profile, discusses cyberattack patterns, and finally summarizes recent cyberattack trends.

From Ancient Fortress to Modern Cyberdefense

Establishing an effective enterprise cyberdefense mechanism is conceptually similar to building a fortress city in ancient times. The authors describe the parallels by comparing observation towers, fortified walls, gates, alarms, guards, and cyberdefense.

Evaluating the Security of Enterprise VoIP Networks

The deployment of unified communications in enterprises has become increasingly common in the past few years, but as organizations invest resources to ensure quality of service and meet delivery schedules, they often overlook security.

Useful Cybersecurity Metrics

Measuring cybersecurity is difficult, but other disciplines can offer important lessons and techniques for building a system that can help test hypotheses about system security.

Critical Characteristics of Metasystems: Toward Defining Metasystems' Governance Mechanism

To effectively design, integrate, and understand the functional operations of metasystems, researchers and practitioners need a standard definition and common understanding of metasystems as an extended system-of-systems.

Certification: Who Dares?

The authors discuss the pros and cons of IT certification by exploring why so much attention is focused on it, as well as the different kinds of certifications that are available, current changes in requirements, and where IT professionals can get certified.

Professional Essence

The IT profession might need to commit itself to protecting the public interest, and members of the profession might need to accept this ethical obligation as a requirement of belonging to the profession. But the key to being accepted as a professional by the public is to consistently demonstrate your trustworthy nature, and that requires a commitment to acting with trustworthy intentions and working with trustworthy competence.

Understanding Insecure IT: Practical Risk Assessment

Risk assessment involves gathering and evaluating risk information so that enterprise stakeholders can make mitigation decisions. Once we identify the risks, we can rank the probability of each one's occurrence and its impact on the organization. Some risks are more likely to occur than others, and different risks can affect an organization in different ways, so a practical risk assessment can help ensure that enterprises identify the most significant risks and determine the best actions for mitigating them.

Secure Cyberspace: Answering the Call for Intelligent Action

As information technology permeates all societal layers and its use crosses increasingly national boundaries, information security has become of paramount importance. Understanding what motivates information security is part of the hard work in planning the mechanisms that will assure it. Arguably, ubiquitous networking—for a wide range of personal, commerce, enterprise, and national purposes—is responsible for many recent productivity gains. But with this convenience has come vulnerability to those who seek to do damage or benefit illegally. Today's dynamic technology marketplace—with product generations now measured in months—gives increased choice of functionality and style to millions of potential buyers and their escalating expectations. However, with every new device comes at least some segment of the user population that doesn't understand new functionality and, consequently, experiences decreased reliability and reduced privacy.

People Smart

To truly succeed in our careers, we must go beyond just being accepted and knowing how to interface—we need people to like us and be willing to help us, and we need to build a successful network of professional contacts. To achieve these goals, we shouldn't outwardly appear to be aggressive, even if we're aggressive in our objective—rather, we should be generous and magnanimous. We must also have a sense of humor and humility. In this installment of our series about the "soft skills" all IT professionals must master to advance their careers, the author focuses on how to be people smart.

Never Let a Serious Crisis Go to Waste

Right now CEOs and board members are under the microscope. The typical CIO, usually struggling for higher visibility and true C-level status, is now in the enviable position of being just outside the scope of C-level witch hunts. At present, the CIO is a functionary—the plumber-in-chief! Previously, we would have cringed at these characterizations, but when there are water shortages, the plumber has great power. The authors describe the new role CIOs will increasingly find themselves in and how to navigate it.