Center for Strategic Decision Research



Information Technology: Trends, Opportunities and Challen

Mr. Jonas Persson
Chief Technology Officer, Microsoft EMEA

I am going to speak about trends, possibilities, and challenges related to information technology, both now and in the future. I am also going to tell you about how a global security incident changed the way my company thinks about architecture, organization, and strategy.


Let me first set the stage by describing the current situation in the IT products mass market. The pace of innovation for IT technologies has been amazing the last couple of years, although I am aware this is not true for every country on earth. It is clear that Internet-connected software is starting to play a bigger and bigger role—for example, the next-generation telecommunications networks, the so-called 3D and 4D networks—are very much about software and not so much about hardware. In addition, traditional industries such as mining see a growing opportunity to compete using software.

Modern software and systems allow us to communicate, search for information, and make informed decisions in a way that previously was completely impossible. The amount of information collected about customers, competitors, and markets is unprecedented. Today, we communicate and collaborate instantly with colleagues, customers, and partners around the world, and global supply chains speed the flow of products from factory floor to store shelf. Cell phones are ubiquitous, mobile access to email is rapidly becoming the norm. In Sweden, where I live, the mobile phone penetration is higher than two, which means that most people have more than two devices. The vast majority of these devices connect to email, business applications, and sensitive corporate data, which is both good and bad.


The impact of IT on the work force is remarkable. Sellers now have access to markets that were once beyond reach. Productivity is higher than it has ever been and buyers can shop the entire world without leaving their desk. I sold a home kitchen appliance over the Internet a couple of days ago in about four hours. From my desk outside Stockholm I can make a high-quality phone call to my friend in Japan without it costing me anything, just a fixed fee of about 20 euros a month, and we can talk the whole night. I can share documents, pictures, videos, any type of information. Except for being able to shake hands and physically exchange things I can share just about anything with my friend in real time across the globe. There is no limit to what I can do collaboratively with him and the cost is virtually zero.

The same should be possible for our defense forces. My son, who is eight, checks every morning when he gets up, through the web camera installed at his school, to learn if friends arrived there early or if the condition of the soccer field is okay. He can be alerted if the temperature of the aquarium at his school, part of a science experiment, has gone below a certain level. He is connected at no cost to sensors at his school that tell him about certain things that are happening. He can also search for information on the Internet, read, and create applications that run freely. All of this is possible using commercially available software that anyone can buy and use.

Although I am the CTO of Microsoft, I have no idea what my son will be able to do in a few years. I just know that I will have to be ready for all the good things that he will do with this technology and make sure that he does not do any bad things!

When my son gets his first job, he will have high expectations of the tools he will be provided with. In the same way, the new generation of commanders will have high expectations of the information technologies they will be working with to achieve their objectives. The challenge here, though, is that access to the net and the virtually unlimited possibilities to collect and act on information and use technologies are also available to the wrong people. If my eight-year old son knew how to do it, he could design applications and scenarios from his desk, never leaving the room, never giving his name, never needing a dollar, never needing a driver’s license, and have the potential to create havoc among millions of people. The opportunities but also the challenges are tremendous.


I would like to spend the remainder of this short talk telling you what happened a few years ago with the virus called Slammer and how it impacted our company. The vulnerability to the virus was discovered in a piece of software in a patch that was issued to solve a problem. Organizations around the world had been informed about this problem and the solution was available, so everything seemed fine. But we discovered in early 2003 through our early warning systems that problems were beginning to be exploited. Based on that information we rallied our organization and issued communications to customers around the world about how to protect their computers. But Slammer was the fastest virus ever created. It doubled in size every 8.5 seconds across the world. Within 10 minutes of the time it began to infect hosts, around 5:30 on Saturday, January 25, 2003, it infected more than 90% of the vulnerable computers. It traveled from the U.S. to Australia to Sweden in less than two minutes. It was like somebody was running around the world with a bomb and managed to deploy it worldwide. Slammer eventually infected more than 75.000 computers, flooded networks all over the world, caused destruction to financial institutions, and even disturbed a country’s elections.

I do not believe we will see the same thing again. I believe that these kinds of attacks will be much more focused, much more vertical, and much more targeted. But they will continue. While we will not see Slammer again, we hope, the challenge has not gone away.

We did learn a lot from this experience, however, about where we had to improve as a company. We also learned that issues such as these should no longer be handled by technical people but by the top leadership. It also became clear that while the solution for the problem existed before Slammer hit the world, a number of organizations were not ready to act on that new type of threat. Processes were not in place, governance models were lacking, and senior leadership teams were not engaged until it was too late—responsibility was delegated to technical people.

But technology is not the solution to everything. Technology must not lead us; we must lead and have technology support us. My company came out of the Slammer crisis looking at the design of our organization and how we design our systems and we began designing them around core capabilities in our organization. By mapping capabilities and then processes and not vice versa, we found we could quickly respond to fast-moving threats and opportunities. Acquisition is much easier if an infrastructure is agile and design is based on the organization’s capabilities, not its processes. So industry and government must work together to seize opportunities that IT gives us but also help each other become more agile so that we can respond to the unforeseen.

I am from a small country, Sweden, and although I am not a spokesperson for the government I do think that the Swedish defense forces and police have managed to utilize state-of-the-art IT for greater impact and to scale our scarce resources in an economically good way. We have little money and we have few people, so we must make our resources effective and scalable. All of Swedish military operations are international, but it is imperative that our systems become integrated or interoperable so that we can effectively work together. This is one of the most important areas in which industry and government can work together to ensure not only integration but independence and innovation in each country.


Top of page | Home | ©2007 Center for Strategic Decision Research