News Stay informed about the latest enterprise technology news and product updates.

Expert predictions: It's all about compliance, security and outsourcing in 2004

Experts agree that 2004 will bring (some) more money to IT budgets. But how much more and what will it be spent on? We asked these questions to various industry experts. Most of our sources agreed that outsourcing, security and compliance would be among the major IT themes for 2004. Find out what else our experts predict will dominate IT trends and investments this year.

Experts agree that 2004 will bring (some) more money to IT budgets. But how much more and what will it be spent on? We asked these questions to various industry experts. Most of our sources agreed that outsourcing, security and compliance would be among the major IT themes for 2004. Find out what else our experts predict will dominate IT trends and investments this year.



By Tom Pisello, ROI expert


  • 2004 IT "taxes" will consume expanded IT budgets: While IT budgets are expected to rise an estimated 5-8 percent, much of the increase will go towards three initiatives:

    Sarbanes-Oxley Compliance: The June 2004 deadline is fast approaching, and many organizations still face significant work. Investment in these projects was grossly underestimated in 2003, leaving a large unexpected burden for 2004.

    Enterprise security: Because of successful cyber attacks in 2003, funding will substantially increase to bolster security tools, policies and procedures. Many remedies will fix platform-inherent issues, but provide little 'real value' to organizations' market share or business.

    PC upgrades: Many organizations invested in PC and other infrastructure upgrades to prepare for Y2K, and those four-year-old investments are showing signs of old age. This will force many organizations to dig deep and perform wholesale infrastructure upgrades. There is a solid ROI for these upgrades, particularly if organizations take advantage of new mobile/wireless solutions.


  • Growth of "rogue" or "shadow" IT budgets: To circumvent tight IT budgets, business leaders needing technology have been gaining stealth approval for spending by wrapping IT initiatives within other business investments. These shadow budgets have risen from 10 percent to 20 percent of IT spending in most organizations over the past three years, and will continue to rise in 2004 unless C-level executives and CIOs implement IT governance plans.
  • Increased use of the ROI service level agreement (SLA): With the majority of new technology investments over-budget, over-schedule or failing to deliver the expected ROI, IT purchasers will offload some of the inherent project risk to vendors. One way to accomplish this is through an ROI service level agreement (SLA). Under this model, customers and vendors partner to ensure ROI goals are realized, and tie some of the project's financial compensation to the achievement of key benefits within established deadlines. The ROI SLA requires that vendors and CIOs perform pre-project benchmarking and post-implementation auditing to ensure fair and credible evaluation of project success or failure.

Tom Pisello is president and founder of Orlando, Fla.-based Alinean. He helped created the first automated ROI and TCO analysis tools for CIOs and IT vendors. Prior to founding Alinean, Pisello was a former managing VP for Gartner. 



By Stuart McClure, security expert

If 2002 was the year of the worm (with the advent of Code Red and Nimda), then 2003 was the year of the vicious worm (with the likes of Slammer and Blaster). Slammer by itself was the quickest spreading worm on record, breaking into more than 100,000 computers within the first 24 hours. And while its payload was innocuous, its consequences were debilitating, and it left the security industry reeling with the thought of what "could" have happened. The lesson learned in 2003 is that we are all vulnerable. Very vulnerable.

As we look into the security crystal ball, we must draw attention to a few key aspects of security (or lack thereof) that will indubitably rear their ugly little heads in 2004 and beyond.

  • Worms – Look to emerging vectors like RPC (a.k.a. Blaster) combining with heterogeneous worms utilizing multiple vectors at multiple layers to truly cause chaos on the wire. In 2004 expect more of the same, and worms with the virulence to rival anything previously.
  • Web Vulnerabilities – The underpinnings of nearly every Web services application being created today utilizes some form of XML-RPC. This is the same RPC functionality that made the Blaster worm famous, except XML-RPC works over XML. Expect this vector to rear its ugly head and perhaps a worm to accompany it.
  • Vulnerability Management – Organizations will begin to figure out that too much data is not a good thing. They will want to correlate asset criticality, threat severity, and vulnerability ranking to track a true security metric. And they will demand products that accurately assess the problems on the network; definitively fix them; and measure the effectiveness of the staff doing it all. With vulnerability management, CISOs will finally be able to answer the board's question "Are we getting better as it relates to security?"

Overall, we have much to look forward to in 2004. Here's hoping you can prevent the next security tsunami at your company.

Stuart McClure is president and chief technology officer of Foundstone, experts in strategic security. Widely recognized for his extensive and in-depth knowledge of security products, McClure is considered one of the industry's leading authorities in information security today. 



By Jeff Kaplan, outsourcing expert

All indications show that the economy will continue to improve in 2004. Unfortunately, the IT/telecom industries will not enjoy a proportional share of that prosperity. And, enterprise IT organizations will also fail to see a comparable increase in spending power as a result of the upturn in the economy.

Instead, general dissatisfaction with IT ROI and end-user disenchantment with the quality of internal and external IT/telecom services will result in static budgets and greater outsourcing.

Outsourcing will continue on three fronts. First, general IT outsourcing in the form of desktop, application and managed services will continue to rise. Second, business process outsourcing (BPO) will continue to replace in-house business functions. And third, offshore outsourcing will continue to accelerate as more offshore alternatives emerge.

The IT/telecom industries will also experience a broad-based shift from technology-driven to services-led businesses. As a result, enterprise IT organizations, technology suppliers and telecom carriers will have to redefine how they deliver value to their end users and customers, respectively.

The industry transformation or "inversion" will require IT and telecom organizations to restructure their operations from end-to-end. For instance, enterprise IT organizations will need to better define their IT services to the business units within their enterprises: how to provision those services; how to manage and track their performance levels; and how to charge for those services.

Defining, delivering and managing these services as a business rather than as a cost-center will require more skills and tools than many IT organizations will be able to deploy. Those who can't make this transition on their own will need to hand this responsibility to an outsourcer.

Smart CIOs will not simply give away their IT operations to an outsourcer, but will take advantage of today's "buyer's market" and the rapid advancements in on-demand computing technologies and services to contract for utility computing services that can fundamentally transform the way they deliver computing power and application capabilities to their end-users. On-demand and utility computing adoption will become mainstream in 2004 rather than the exception.

IT/telecom professionals will need to convert their old technical skills into new business competencies to survive. These skills include business analysis, project and relationship management. These skills will be essential to evaluate which IT and business functions should be outsourced; whether to utilize offshore outsourcers; and how to establish meaningful and measurable service level criteria to properly manage these outsourcing relationships.

Jeff Kaplan founded Think Strategies in 2001, to help IT solutions companies, IT executives, and IT venture capital firms re-think their IT strategies and redeploy their limited resources to meet their corporate objectives. Prior to this, Kaplan spent thirteen years as a leading industry analyst and market research consultant. 



By Fred Held, e-commerce/e-business expert

  • Wi-fi will become necessary for those who use laptops. It will also penetrate municipalities that are poorly served by DSL or cable suppliers. It is already happening in Cerritos, Calif. and four other cities. Look for all forms of payment plans for wi-fi, including an advertising-based model that reduces the costs and might even be free.

  • eCrimes will become more visible and the laws to protect the consumer for them will be vigorously enforced. There will be at least three major stunning eCrimes that are international and extremely costly. Spammers and virus developers will become a major threat choking the Internet with trillions of unwanted e-mail. There will be at least three major events caused by mal-code that costs billions in damages to clean up.

  • The University of the Internet is here already. Watch for an online global MBA program that one can take that is rated higher than any single university can provide.

  • The first retailer to allow customers to check out -- using a registered credit or debit card -- their purchases without having to go to a cash register or other device will happen in 2004. The product will have tiny chips that communicate to a device as the consumer approaches. By the time the consumer is there, they will have a choice to get a printed receipt or not.

  • In combination with wi-fi, location-based marketing and one-to-one marketing will start taking off very fast. This is because nearby businesses can make offers to consumers who are within walking distance. The offers will be personal, thus the one-to-one marketing. Of course, consumers will opt in for such a service since the discounts will be substantial. In addition, the use of business intelligence will be used to make thoughtful offers based on the consumers' wants and needs.

  • The first automobiles to communicate with the dealers' service network and the consumer are on the CAD systems now. They may be released in the 2005 models. This system will tell the consumer that either a recall or a warranty problem is about to happen and will make an appointment for drop off at the service center.

Fred Held is the founder and CEO of Site-Tuners, Inc., a company dedicated to improving the effectiveness of customers' Web-enabled processes. He has also served as an active speaker for many companies on topics like e-business transformation trends, globalization, mobile working, VPNs and a number of other topics. 



By David Bashford, business/IT alignment expert

As the year closes, many of us breathe a sigh of relief. Signs are that 2004 will be a better year for most businesses and 2003 will be a year we choose to forget. At this point in time, you might be inclined to muse on exactly how things could be better in the coming months. What is your New Year's business wish for 2004?

Double your budget?
Armed with a magic wand, perhaps the best thing would be a transformation of the numbers for 2004. You might want to double your budget -- with appropriate adjustments elsewhere to keep revenues and earnings in line. Sounds good, but what would you spend it on? You've proved you can run IT services on a tighter budget and squeezed extra discounts from your suppliers. It would be great to upgrade some hardware; improve the infrastructure; and migrate to the latest software version. However, you've already agreed they can wait and negotiated your budget to include all the essential investments. Fact is, when you sit down with your CFO you know he's going to ask you to do the right thing: keep your costs at the minimum and give the money back. This will boost the bottom line and make your shareholders even happier.

"Un-Scrooge" the CFO
Take two: the CFO overdosed on Christmas spirit and came back a changed man. As revenues increase, there's now more for everyone: shareholders AND cost centers. It's back to the good times. Time to get back on with the investment program. Marketing can buy that CRM tool they've heard about -- it's bound to improve revenues in the end. HR will implement that employee portal to boost productivity. Great ideas, you say. Let's make a plan. But the purchase orders are already signed and the consultants are on their way. The CFO forgot to ask for a business case. It's full steam ahead -- in different directions!

Delight the CEO
Take three: this time it's straight to the top. You arrive back after the New Year to find your boss transformed into your number one fan. Everything you say is held up as a pearl of wisdom and your suggestions are immediately acted upon. No problem now to get approval for the strategic projects you know are right for the business -- innovation, integration and transformation to make your firm the market leader. However, your VP colleagues don't seem too interested. They haven't voiced their opposition, but seem strangely disinterested. In addition, your team is hearing all sorts of reasons why the master plan won't work. You know this isn't going to work without full support from the top.

First among equals
Now it's clear what you need to do to succeed. You'll need to get around all of your VP colleagues early in the year and find out what it's going to take to get them on board. What are their big hopes for the future? Do they have any major hassles right now? What do they think of your ideas? In your mind you imagine chatting with each one. You find they are pleased to have someone to talk to; interested to hear your thoughts; and enthusiastic about your plans. They agree it's time to pull together to get things moving forward for the firm. That's the answer: I would use my magic wand to transform my role. I would build my relationship with the other VPs to become a real player in the management team.

David Bashford is the founder of myITdirector, a strategic advisory service for business and IT leaders.


By Gates Ouimette, IT investment expert

While there have been upbeat analyst predictions in terms of IT spend increasing this year, one of the recent CIO surveys noted a downshift in anticipated 2004 budget increases. In addition, 2004 seems to bear some resemblance to what occurred in 1999, pre-Y2K.

More specifically, although the ability to measure IT investment return continues to improve, the compliancy issues (GLB, HIPAA, Basel II, Sarbanes-Oxley, et al) will dramatically shape IT spend. For publicly traded firms, there is nothing more important to CFOs than visibility into their organization, from a business process and financial reporting perspective. Any IT expenditures that can help them feel more comfortable with this will get primary mindshare.

Since compliancy is all about "infrastructure," with infrastructure defined as corporate business processes and associated technology foundation, technology helping to support this will warrant investment by market leaders. Rather than making a point investment, executives in these firms will realize that they can maximize their IT return by a well-defined compliancy scope, which can help them improve their business process infrastructure, and its supporting technology.

Publicly traded-firms of $1B and below will be more significantly impacted by these compliancy issues since the financial investment required is not solely relative, and will use more of their variable technology budget. Private firms will not have the exact same compliancy concerns (e.g. criminal prosecution) but will have a heightened sensitivity to technology investments helping in this area.

What this all means regarding specific 2004 IT predictions is:

  • BAM, BPM and BI firms will continue their growth of the past few years, especially those firms having products that "integrate" into corporate technology "back-ends" (e.g. ERP systems) and into corporate technology "front-ends" (e.g. financial reporting systems).
  • As more senior executives grasp the importance of a technology security foundation in supporting multiple compliancy initiatives (e.g. Sarbanes-Oxley data validity, HIPAA/GLB privacy, etc.), the investments in technology security for public firms will increase.
  • The impact to IT spend in private firms may be more in terms of "following the leaders," dependent upon the importance of compliancy to their customers (e.g. consumer vs. business).

Gates Ouimette is a CIO advocate. He has more than 20 years experience in management solutions, network integration, application development with focus on the B2B, manufacturing, banking and insurance industries. 


By Richard Sneider, outsourcing expert

The U.S. enterprise IT outsourcing market will grow 20%, from $46.3B to $55.5B in the next two years. While the onshore market will grow by 5%, the offshore market will grow 11 times faster at 55%. A total of $7.8B will be shifted offshore increasing the offshore total to $21.7B in 2005. Enterprises will shift $930 Million of this growth to wholly owned offshore subsidiaries.

Overall outsourcing growth will slow from 13% in 2004 to 7% in 2005. The slowdown in IT outsourcing growth is due to rapid market penetration and saturation. The market for onshore outsourcing from companies that currently outsource will decline by $3B from 2003 to 2005. This will be off set by $4.6B growth in On-shore outsourcing from companies that do not currently outsource. Combined net growth will be 5% in the domestic outsourcing market.

The $21.7B growth in offshore outsourcing will come from enterprises Currently outsourcing in US migrating offshore (40%) and from enterprises that do not currently outsource (60%) but plan to in the next 24 months.

Richard is the managing director of the InterUnity Group, a technology intelligence consulting firm based in Concord, Mass. He has 25 years of experience improving business performance by increasing the effectiveness of information technology investments. 

For more information:

The great CIO challenge of 2004

CIO priorities for 2004

IT moves up and out in 2004

2004 outlook: VoIP to rise, Sun to set

Dig Deeper on IT compliance and governance strategies

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.