Month: July 2023

The Northwest Tech Leaders Forum Thought Leadership Piece

Posted on by Josh Mantle

The Northwest Tech Leaders Forum brings together a select group of industry experts and visionaries and provides a unique opportunity to delve into the key technology topics with global tech companies. The goal is to foster pragmatic discussions and offer valuable feedback, shaping the direction of the industry. With a history of successful technology leadership events, Gardner’s aims to regularly host these forums.  

In this year’s first forum, our leaders were joined by Lenovo to discuss pressing IT issues, to share their strategy for addressing them and hear from our forum guests about the issues they are facing and whether Lenovo’s strategy can help. 

Session Highlights 

Sustainability: Nurturing a Greener Future 

The session began with a focus on sustainability, where the prominence of Lenovo, a tech leader in this domain, became evident. Lenovo’s relentless innovation was evident in their commitment to using 75% recycled leather, recycled aluminum, and their journey towards net-zero emissions. Their dedication to sustainability extended to their global supply chain, making it easier for procurement to gauge their energy consumption. Notably, Lenovo had transitioned to plastic-free bamboo packaging that was easier to recycle, and they emphasized bulk packaging to minimize waste. Furthermore, it offers asset recovery services, facilitating the responsible disposal and recycling of equipment like printers and servers. They also provided a CO2 offset service, allowing customers to pay a levy for offsetting their carbon emissions. It also enabled customers to obtain a certificate from their website to highlight their commitment to sustainability. 

During the discussion, it was highlighted the significance of baseline sustainability and the positive impact of Lenovo’s CO2 offset initiative. One of our leaders agree, saying “that while sustainability might increase costs, Lenovo had re-invested these costs to develop industry leadership” and “as more modern machines became recycled, the industry would benefit.” The group agreed that no one wanted the technology sector to become the “Volkswagen” of sustainability, acknowledging that ESG credentials were becoming increasingly important, it had to be a real and measurable benefit. Interestingly one of our attendees pointed out how they were seeing new hires inquiring about sustainability, and how providing a sustainability certificate in their welcome pack offered a competitive edge in attracting top talent. Furthermore, it was noted that sustainability now factored into procurement decisions, emphasizing a cultural shift towards carbon neutrality by 2030 or 2035. 

Device as a Service (DaaS): Unleashing Flexibility and Sustainability 

The discussion transitioned to Device as a Service (DaaS), a concept that offered hardware, software, and services for a predictable periodic fee, reducing Total Cost of Ownership (TCO) by up to 20%. The global DaaS market was projected to grow from £50 billion £202 billion within the next five years.  

Feedback on DaaS was mixed, with some expressing uncertainty due to their existing capex-based purchasing approach. One speaker highlighted the challenge of dealing with device disposal at the end of their lifecycle. However, another suggested that offloading this responsibility to HR could be beneficial, allowing the IT team to focus on strategic initiatives rather than day-to-day operations. One speaker shared that his organisation had already implemented DaaS successfully, with devices financed over a longer period and ordering devices in advance without immediate payment being hugely beneficial. This then posed a question about the specifics of the DaaS financial model. While DaaS is a leasing model it is important to understand its additional benefits such as scalability and the ability to return unused devices, providing a more flexible model than existing leases. 

Modern Workplace: Empowering Collaboration and Efficiency 

The concept of the Modern Workplace, highlighting the license-based model of Microsoft’s Asure, Dynamics 365, and Mobility solutions was also explored. Lenovo’s Cloud Market Place, offering self-service capabilities, was also discussed. The group acknowledged the benefits of the Modern Workplace, including cost savings and the convenience of three-year licenses. 

Concluding Remarks 

The session was fascinating, and the attendees appreciated Lenovo’s involvement and honesty in sharing their initiatives and strategic ideas.  

Key Takeaways 

1.Sustainability: A Shift in Priorities 

Sustainability is now a key focus area, driven by internal governance, compliance requirements, supply chain considerations, and employee expectations. The days of choosing suppliers solely based on price competitiveness are waning, and organisations are realising that embracing sustainability can lead to a competitive advantage, attract talent, and secure funding. 

2. Device as a Service: Redefining Technology Procurement 

DaaS offers a more flexible and sustainable approach to technology procurement, reducing TCO while allowing for scalability. This model addresses the challenge of responsibly disposing of devices at the end of their lifecycle. 

3. Local Community Engagement: Repurposing Devices for Digital Inclusion 

The importance of collaboration between tech companies and local communities can be extremely valuable, particularly in repurposing devices to enhance digital inclusion initiatives. Partnerships with large organisations and the creation of national device banks can foster digital empowerment and enable access to technology for underprivileged communities. 

4. Modern Workplace: Streamlining Operations with Licensing Models 

The Modern Workplace, powered by license-based models such as Microsoft Azure, Dynamics 365, and Mobility, offers organisations the opportunity to streamline operations and leverage self-service capabilities. 

The Northwest Tech Leaders Forum aims to be a catalyst for thought-provoking discussions, setting the stage for continued progress in sustainability, technology procurement, community engagement, and workplace efficiency. By embracing these key takeaways, organisations can position themselves as leaders in their respective fields and contribute to a brighter and more sustainable future. 

See our full range of blogs and thought pieces here

More of a listener? Check out the Tech Takeaways Podcast here

CTO Insights Newsletter Edition 1

Posted on by Josh Mantle

Welcome to our first CTO Insights newsletter. The aim is to provide you with some insights into what I’m seeing from our customers, vendors and the general IT trends in the key technology areas that are challenging us all as CTOs in our businesses. 

In this first newsletter, I thought I’d go obvious with a couple of interesting articles and information across two of the hottest technology topics cybersecurity and generative AI (and I promise ChatGPT is not writing this newsletter). 

Generative AI 

The incredible popularity of ChatGPT (until the recent release of Threads, the quickest consumer technology to reach 100 million users, taking just two months, seven quicker than Tik Tok (Incredibly Threads did this in just six days!)) has taken the AI conversation from academic to one right into the heart of day-to-day use and of course day to day business. 

I recently recorded a Tech Takeaways podcast with our COO, Jason Fitzgerald, on this very topic as we discussed the ins and outs of the technology. What it means and importantly what the risks and potential rewards are, feel free to watch or listen here 

What does all this mean for us as a CTO and our business? 

When preparing for the podcast, I found a couple of useful resources that I wanted to share that provides a good overview into the rapidly evolving world of GenAI 

Firstly, is this article for McKinsey What every CEO should know about generative AI | McKinsey. The article discusses what we mean by Gen AI specifically. Some of the use cases you will see across an organisation and some of the responsibilities, this is particularly useful for a CTO, we have before introducing such tech to our business. 

For those who’d rather listen than read, I also find this podcast from an old friend of mine Yadin Porter de Leon who is at VMware, where he talks with Paul Roetzer, CEO of Marketing AI Institute, again, about the possibilities and potential risk. Including an interesting discussion on the impact on people. Find it here Generative AI: What CIOs Need to Know – with Paul Roetzer, CEO of Marketing AI Institute – CIO Exchange (vmware.com). They should provide you with a good overview of the space and what to consider. 

Gen AI is not going to go away; this is going to become an integral part of day-to-day business and life. As CTOs, it’s important to develop a position on the topic for our organisations, that doesn’t necessarily mean being an expert, but it is important to understand how we can use this to drive our business better and what we should be wary of. 

Cyber Security 

Always at the top of the priority list is cybersecurity, it’s of course a problem that continues to evolve, with threats and attack approaches continually changing (see above!) Tackling cybersecurity requires us to continually evolve our understanding of the problem and our approach to tackling it. 

With that in mind, I recently presented alongside Sophos at an event in Liverpool where we were outlining the latest trends. I Was joined by Sophos Technologist Jon Hope who also shared the latest Sophos Ransomware report (you can get a copy of that here – 2023 Ransomware Report: Sophos State of Ransomware).  

I also put together a blog post sharing some thoughts from the event you’ll find it here. 

While we are talking about events. I also attended Infosec Europe in London at the end of June. These are always interesting events and chances to hear from subject experts and by chatting with vendors to gain an understanding of strategic direction and trends in the cybersecurity space.  

It’s a big event and even across the two days I was there it was impossible to visit everyone, but I was lucky enough to get personal briefings from 8 different vendors as well. If you went to Infosec I’d like to hear your thoughts on what you saw, but if not – here’s a blog post I wrote with some of my key takeaways 

Cybersecurity is a multi-layered complex problem and needs us to consider security implications from core to edge. It’s about people, process and technology and balancing those three elements to ensure our security posture is strong and meets the needs of our organization. There’s no surprise that it’s likely to be a regular feature of future newsletters. 

And Finally 

Two bits of Microsoft news. Firstly, it recently made a number of announcements regarding its Entra platform. Entra is the name for Microsoft’s Identity security and access control tools. I’ll share more about this in the next newsletter, as there’s some interesting things in there. One thing I did want to share was the rebranding of Azure Active Directory to Entra ID. It does make sense in terms of the bigger picture of what they are doing, but thought It was worth giving a heads up, so if you see the name Entra ID and wonder what it is, then now you know. (BTW this does not impact Active Directory, just its Azure equivalent). 

Secondly, is the impending end of support coming on Windows 2012 R2, October 10th is the end data and then it will no longer receive updates, including security, bug fixes or technical support. So, if you are still running Windows 2012R2 in your environment, now’s the time to change. More details here from Microsoft.

For now, thanks for taking the time to read this. If there is anything you’d like me to cover, you can drop me a note at cto@gardnersystems.co.uk find me on LinkedIn or Twitter and Threads  @techstringy. 

If you’d like to book in a call, you can also do this here

CTO Insights Newsletter: Intro

Posted on by Josh Mantle

Welcome to the Gardner CTO Insights Newsletter

Welcome to our new CTO Newsletter, straight from the desk of our CTO, Paul Stringfellow, to yours. We aim to bring you concise summaries, expert opinions, and thought-provoking articles covering emerging technologies, industry trends, and best practices. And to provide you with a go-to source for the latest updates in enterprise IT.

Why a newsletter and why now?

Gardner Systems has been going through some rapid changes this year and one of those has been the evolution of roles for some of our team. This has included Paul’s move to CTO. Paul is well placed amongst the Gardner team with his experience and a broad range of industry contacts to help Gardner stay on the leading edge of technology and our customers understand how technology can help them in these challenging business times.

One of the things he has been keen to do is start to develop our CTO and IT leader community. This newsletter is part of that move, finding a way to efficiently keep our customers informed of technology trends, innovations, and best practices, as well as ways to engage and keep in touch.

What it will include?

As a CTO, your role demands staying on top of the latest technological advancements that can drive digital transformation, enhance operational efficiency, and enable business growth. Whether it’s cloud computing, artificial intelligence, cybersecurity, data analytics, or any other crucial aspect of enterprise technology we want to provide you with insights and analysis that can help you make informed decisions, identify opportunities, and overcome challenges.

An Intro to our CTO

Many of you would have met Paul during his time at Gardner’s. But for those that haven’t here’s a little about our new CTO. Paul studied Computing at Liverpool John Moore’s University. He got his first IT role at a pharmaceutical company in Liverpool, where he first met the Gardner Systems Team. He joined Gardner’s not long after and has worked across the business, from technical support to systems architect and today as CTO.

Paul has been one of the public faces of Gardner for some time, presenting at many of our events as well as at local and national business community and vendor events. In recent years, Paul’s experience also attracted U.S. IT analyst firm GigaOm with whom he now consults and carries out research, mainly focused on people-centric and data-centric security. These offer further Insights and relationships that can Paul can use to bring more value to Gardner customers.

These are exciting times at Gardner and Paul and the team is looking forward to continuing to offer great service to our customers, but also to be a local trusted source of advice and help for anyone who needs it. We hope you’ll find our newsletter a useful and valuable resource to help you in your role as a local IT leader. Alongside our newsletter, Gardner offers a range of other resources that can help you, including events and the Tech Takeaways podcast.

Also, If you’d like to meet with Paul to understand more about his role and what is happening at Gardner’s, book a call with him here.

Sign up for the CTO weekly newsletter right here

Unlocking the Secrets of Cybersecurity: Insights from our Cybersecurity Preparedness Event

Posted on by Josh Mantle

Unlocking the Secrets of Cybersecurity: Insights from our Cybersecurity Preparedness Event

Recently, alongside our colleagues at Pro Liverpool and Sophos we brought together two industry experts to share their cybersecurity insights and help our attendees unlock some of the secrets of effective cybersecurity. Gardner CTO Paul Stringfellow and Sophos’s Jon Hope shared their knowledge on the changing landscape, the latest data from Sophos’s annual State of Ransomware report and what you can do to prepare your business. 

The changing landscape 

Cybersecurity threats continue to evolve.  

Unlocking the Secrets of Cybersecurity  

The way we work 

Our workforce is more mobile, no longer just confined to the relative safety of our business IT infrastructure. It is mobile and wants to work from anywhere, with continuous access. These changes alone has altered the way we operate and introduce new opportunities for cybercriminals.  

Change in infrastructure 

To meet the needs of the changing workforce organizations have changed infrastructure. No longer is it just in the data centre. Now it incorporates SaaS solutions, the public cloud, co-location facilities and services delivered by third parties. Bringing more complex environments to manage and secure. 

Attack Service has Grown 

This changing environment and supporting infrastructure present new attack surfaces. Cybercriminals no longer need to try to target well secure enterprise data centres. Instead, they are looking for insecure devices, user credentials, poorly protected third-party services as much easier ways of breaching security for malicious purposes. 

New Technology 

Technology does not stand still; organizations are embracing operational tech such as IoT and increasingly generative AI like ChatGPT. All of which has changed and broadened the places a cyber attacker can target. 

The changing attacker 

It is not only us that has changed, but cyber-attackers have also changed with us. Attackers are professional criminal organisation who operate like any large money-making business. They sell their services to any bidder lowering the barrier to entry to build a cyber-attack.  Just like any growing business, they are also exploiting technology to be more efficient and effective. Using long-term reconnaissance to feed their own analytics engines to better understand how to craft attacks against targets. 

The Target 

Unlocking the Secrets of Cybersecurity

People: They target our people to steal credentials. Because as a way to gain access into an organisations system is so much easier than “hacking” their way in. 

Data: In most cases our data is the target. This maybe to make it inaccessible (Ransomware), to steal it (so it can be sold) or to do both.  

Money: the goal is often financial. Looking at ways to extort or “con” money from victims. 

The research  

The trends that were discussed are not hypothetical as we saw from Sophos’s research in their State of Ransomware report (you can request a copy from here).   

We can see that ransomware remains a huge issue, with all key numbers continuing to rise including the average incident recovery cost, now at $1.82m.  

Ransomware stats

Am I a Target?

In terms of targets criminals were indiscriminate in their attacks, with company size having little impact on whether organizations are hit or not. Although education did stand out with an increased level of targeting, this is mainly in recognition of the amount of “interesting data” that education holds and the reality that their cybersecurity funding and protection maybe less effective than the commercial sector.  

While organization size and industry made little difference, turnover did play a part in the likelihood of an attack. Companies with the highest turnovers (+$5bn) were more likely to be hit, with 72% of companies that size having had a ransomware attack, than those with lower turnovers. This did not mean there was no chance of being attacked in fact over half (58%) of those with turnover of less than $10m had seen at least one attack.  

Time to recover

Another interesting stat from Sophos’s research was how long it took to recover from an attack and whether recovering from backup or paying a ransom had much impact. For those who recovered in the first month after an attack, there was little difference in method used.  However, where companies tool longer than this to recovery, it was more likely they were having to recover through paying the ransom. 

 Unlocking the Secrets of Cybersecurity

It should also be noted however, that while backup versus ransom didn’t make a huge difference in time. It did make a difference in quality. Those paying ransoms were not guaranteed to recover all data and were more likely to suffer further attacks.  

Another concerning stat was that recovering from an attack did not mean the end of the incident. Sophos reported that 30% of attacks in 2022 were “double jeopardy” attacks, where not only was data encrypted it was also stolen. The logic here was that even if an organisation didn’t pay to decrypt data, that data could be either sold or ransomed again with the threat of leaking that data if ransoms were not paid. 

What to do 

Knowing the size of the problem is helpful, but steps can we take to reduce the cybersecurity threat. 

People, process, technology 

Unlocking the Secrets of Cybersecurity

There is no one magic button that fixes all cybersecurity issues. Rather to effectively deal with the challenge requires focus on three key areas. 

Process 

Having good processes around areas from acceptable use policies to cyber incident response will make a significant difference. For companies who have not worked through Cyber Essentials, this is a great starting point to help build some basic processes to improve security posture. 

People 

Not only are our people a risk but if we educate them and give them the right security focussed environment, they can become our most powerful defence. Educating users about threats, creating a supporting security environment and a security culture will help engage your people and significantly improve your cybersecurity defence. 

Technology 

This is probably the least important part of an effective cybersecurity posture because if the people and processes are wrong, technology can only do so much.  The right tools do play a part and will help identify risks and potentially stop threats before they cause to much damage. When choosing security technology organisations should consider. 

  • Tools that offer broad security coverage. 
  • That use intelligence and analytics to provide proactive protection and rapid response. 
  • If you don’t have internal security skills look at managed services. 

Be Prepared 

The cybersecurity threat is evolving as rapidly as ever, threats are constant and complex. But as Paul and Jon shared you can take steps to better prepare your business to deal with it and reduce the risk and impact of any potential cybersecurity attack. 

Want to learn more about cybersecurity and ever evolving world of technology? Checkout the tech takeaways podcast – Podcasts – Gardner Systems

Need some more information on if what you’re doing is keeping you safe online? Message us for a free audit call! – About Us – Gardner Systems

Free Security Audit

Get a 1 hour FREE security audit!

Get in touch