A good way to make predictions is to recognize current trends and then extrapolate them into the future. The longer the trends, the more confident you can be about the predictions. Thinking about software development processes, we see two long-term paths that software development has taken. These paths are the basis of both our joint prediction for the coming year and the kind of holistic consulting we will focus on in 2015.

The path some have taken has been moving from one lifecycle process to another, each containing a set of prescribed practices. These, in rough order, are waterfall, spiral, controlled iteration/RUP, Xtreme Programing, Agile, and DevOps. We may have missed one or two, plus some of these have several flavors. It is fair to say that in some ways each process has emerged based on lessons learned — what works and what doesn’t — from its predecessors and so there has been evolution of sorts. What these processes have in common is that they have or had a set of adamant practitioners whose mantra is “Trust the process. If you follow it correctly it just works. If you are not getting good outcomes, you are not doing it right.”

There is another, parallel path some in our field have been taking: The borrowing of operational and management techniques from adjacent fields. These include standard project management (critical path analysis, earned value management) from civil engineering; system thinking from system engineering; lean (Kanban, value stream mapping) from factory operations; measurement from 6-sigma; predictive analytics from decision analysis; and software economics (capitalization, cost/benefit analysis) from economics. And recently, Donald Reinertsen has continued this trend by comparing development to both the Internet and autonomous military teams to develop 175 principles.  Over the years we have been learning how software differs and how it is similar to the adjacent fields from which these techniques have been borrowed. The mantra of the people who promote these principles is “Understand and internalize the principles and apply them intelligently to software.”

One disadvantage of the first path is that it is too prescriptive. There is enough variation in software development that blindly following even a sound process will often, but not always work. A weakness of the second is that it asks too much of the practitioners. Software developers want to develop software, not become experts in all these fields so they can pick and apply the right principle.

So now the prediction: We predict these two paths will converge. As our field matures, we will have to adopt and apply the lessons learned from the adjacencies. There is too much wisdom there to ignore. At the same time the need for prescriptive guidance will not go away. So a new kind of prescriptive framework will evolve, one that is more menu-driven, reflecting the variations of software development. This framework, a mashup of the lessons learned from the adjacencies, will provide a way to input the characteristics and challenges of your development effort and provide guidance on which practices to consider and how to apply them. This framework might not be fully in place by the end of 2015, but we will see an acceleration of the confluence already taking place. For example, in 2014 we have seen some movement in applying lean techniques to agile and devops. There are other examples involving systems thinking and analytics filling in the gaps of agile. These convergences will continue in 2015, setting the groundwork for a fully integrative framework to emerge in 2016.

Words shape thoughts. The word “requirements” has limited software professionals to a very narrow set of information about the value they produce. In the end, we’re supposed to be delivering software value, which is a much broader, more ongoing conversation than the content you create just before working on the code.

While a switch to user stories helps start this transition away from traditional requirements, that’s only a step. How do we understand what capabilities will help the customer? Do we understand the customer at all? What hypotheses are we posing about the value of adopted software? How do we test these hypotheses, so we can make adjustments, if the software isn’t providing perceived value, or people aren’t adopting it (two sides of the same proverbial coin)? “Requirements” provide a very small view of this very large canvas of software value.

So, instead of sticking with “requirements”, a word with some baggage, teams are already talking about customer insights, which take a variety of forms. Personas, user stories, story maps, wireframes — these and other types of content fit into the toolkit that team will use to guide their efforts to delivering software value.

The appetite for risk is all but gone. Enterprises aren’t allowing the luxury of “seeing where the chips fall”. The need for predictability will dominate over some of the agile idealism of allowing things to emerge. Balancing this insatiable need for predictability with the agile culture will require enterprises to become much more self-critical about how they operate.  2015 will be about alignment.

Users of agile practices are maturing. Enterprises are learning more and more that agile practices aren’t just for development teams alone. In 2014 we saw a broader shift among large enterprises’ thinking about how they’re going about taking advantage of agile. Many more of these companies realized that agile practices at the team level will only get them so far. Which is to say that team-level agile practices will not naturally scale to the enterprise.

In particular, organizational and operational structures need to be aligned with the inputs and outputs of agile practices. These inputs and outputs are not inherent to agile practices. They must be put into place by the enterprise; they cannot be put in place by product, project or services teams. Further alignment is needed so that the work of product, project and services teams can move at the speed of agile. Again, these are management responsibilities; they are not inherently found among the agile practices.

Finally, enterprises need to adjust how they measure progress in order to be aligned with the agile teams’ efforts. Enterprises are finding that governing and measuring the work in progress must also support agile practices. Allowing governance, metrics, structure, and practices to remain incongruent has been preventing true agile benefits to be realized.

In 2015 enterprises will begin to look at their entire operation including priorities, decision-making, communication and technical practices so that confidence in predictions, not just products, will emerge.

I predict that more software companies will adapt and adopt the vocational training model that’s used successfully in Germany. The idea is to directly connect software education to a job. German companies hire students right out of high school for work-study programs. Those apprenticeships often lead to full-time positions with the company once the student graduates.

In the U.S., carpenters and a number of other important craftsman trades have used an apprenticeship system to teach and build expertise for hundreds of years. So far, few U.S. companies are even familiar with such a system for software professionals. With more press attention, we’ll see a tailored German model gain momentum in the U.S.  Once employers gain a better understanding, they’ll be lining up for apprenticeship programs.

While businesses are just beginning to grasp the program, a growing portion of the academic community is already pulling together. A number of community colleges have lined up to offer software courses as part of trailblazer apprenticeship programs. More and more software education will be geared toward applied subjects, which have a direct bearing on the career being pursued by the apprenticeship. New partnerships will be established between universities, schools, and business which will enable U.S. citizens to be more successful, especially in their early formative and competitive ages of 16 to 23, an age that for many presents a prolonged and problematic transition from school to career.

The Internet of Things was much in the news in 2014, and will continue to develop. In the last months of 2014, the emphasis seems to have shifted toward wearable devices for health and fitness improvement. These devices are particularly intrusive into our personal lives, yet the sensing and communication capabilities, as well as the analytics provided in the cloud for the data being gathered, are not being matched by an equal emphasis on information security and privacy. Will we see leaks and a backlash? Will the security part of the IoT architecture catch up, or will it just muddle along?

Makers of devices and apps: take care of this before it hurts you.

 2015 will be the year that agile data warehouse (DW)/business intelligence (BI) takes off.  Traditional strategies for DW/BI have been challenged at best, with the running joke being that a DW/BI team will build the first release and nobody will come. On average, Agile strategies provide better time to market, improved stakeholder satisfaction, greater levels of quality, and better return on investment (ROI) than do traditional strategies. The DW/BI community has finally started to accept this reality, and it is now starting to shift gears and adopt agile ways of working. My expectation is that 2015 will see a plethora of books, case studies, and blog postings describing people’s experiences in this area.

There are several key differences with an agile approach over a traditional one. First, agile teams will follow a usage-based strategy, often via user stories or light-weight use cases, instead of a data-driven approach. By focusing on how people will use the data warehouse, agile DW/BI teams are able to deliver valuable functionality that addresses the actual needs of end users, thus avoiding the “build it and nobody comes” problem. Second, agile DW/BI teams deliver incrementally, thereby avoiding the risks associated with a big-bang release strategy. The first release may take a bit of time due to the need to get the fundamental DW infrastructure in place, but after that, new functionality can be released monthly if not weekly. Third, disciplined agile DW/BI teams take a test-driven approach that leads to greater quality and dependability.

Cutter consultants have led the way in this field. Lynn Winterboer, Ken Collier, and Ralph Hughes have all done excellent work over the years describing how to apply agile strategies in the DW/BI space. Pramod Sadalage and I have published seminal work in agile database techniques such as agile data modeling, agile database testing, database refactoring, and continuous database integration.

As you can imagine, transitioning to an agile DW/BI approach requires a cultural shift, a paradigm shift, learning new skills, and adopting new tools. 2015 will prove to be a very exciting year for the data community.

 In 2015, almost every CIO will be tasked with assessing their organizations and technology to ensure data and confidential information is protected.

Current Situation

Target, Home Depot, Staples, who’s next? These are just the most recent retail outlets that made the news. What is not making the headlines are the multitude of private- and public-sector organizations that have been hacked and lost data and information — many times totally unaware until after the fact.

Pain

Why is security so important for IT leaders in 2015? Because it cost a LOT of money once you have your network and systems breached!

South Carolina recently lost large and significant quantities of data from its Department of Revenue systems in a massive data breach that involved over 3 million taxpayers. No CIO or IT leader wants to see the headlines such as those extolled in South Carolina news reports: “Director of South Carolina Department of Revenue Resigns, Breach Costs Over $14M.”

In terms of cost, we can start with the loss of a number of job positions and the cost to find and replace those with more expensive personnel. In terms of real and tangible financial cost, the State spent large sums of money (unplanned and not budgeted) with the initial focus on financial credit monitoring and reporting for over 3 million taxpayers. Related costs include:

• $500,000 for a state-commissioned analysis from security firm Mandiant
• $12 million for credit monitoring services from Experian
• $800,000 for improved information security capabilities
• $100,000 for outside legal help
• $150,000 for a related public relations campaign, as well as
• $740,000 that will likely be spent to notify the estimated 1.3 million out-of-state taxpayers who were affected by the breach.

These are just the current bills. It does not include additional programs to supplement data and information protection. The real cost will continue from this attack and include the potential future loss of jobs by a number of IT personnel, replacement searches for personnel, learning curve timeframes and loss of productivity from turbulence within IT and departmental organizations across the state, to name a few.

Implications

From an IT Organizational (ITO) standpoint, every IT department across the private and public sector will be expected to become expert in Information and Data Security within the year. Outliers author Malcolm Gladwell asserts that it takes 10,000 hours of practice to achieve mastery in a field. That’s almost 5 years of 40-hour weeks. I actually think it takes longer, much longer in the current IT environment. Regardless, those who work smarter will get to mastery faster.

The true implications of Gladwell’s 10,000 hours will shift resources, training, and strategy in a new direction not planned for in prior years simply due to the recent number of breaches in both public and private sector organizations.

Next Steps

Corporations and public sector organizations will expect and yes, demand, their IT organizations to be the protector of its data and information.  Organizations that already have experience and expertise in security management maturity (policies, procedures and practice) will certainly be ahead of the wave. Organizations that are ad hoc or have a low level of security management maturity must reach out to and build solid relationships with professional security vendors and consultants to develop effective strategies for improving the protection now expected of IT leaders.

The only thing that seems larger than the recent enthusiasm over scaled Agile frameworks is the vitriolic arguments over what they really do. The confusion lies in the word “framework,” which is a much looser concept than “methodology.” While there are significant differences among teams (for example, in how co-located all the members are), it’s easy to imagine them cleaving to roughly the same set of principles and practices. The differences among organizations — their size, culture, history, types of projects or products, governance rules, relations with the business, etc. — are too great to impose anything nearly as formulaic as the disciplines adopted at a team level. (And, of course, the variances among teams are already significant.) In the next year, some of the rancor should disappear, as more people come to understand that any organization-level framework (SAFe, DAD, etc.) is more a toolkit, less a martial art.

The “Internet of Things” will take further hold and become more fully embedded as a reality in our society. However, a tipping point is likely to be reached in 2015 as public awareness of the potential for these technologies to violate personal privacy increases. This will lead to an associated public outcry for stricter controls and government legislation regarding how people, organizations and government collect and use this information. The public will no longer be satisfied to leave technology companies and users to self-police their uses of their personal data.

Surveillance and other technologies that permit the collection of data about people will continue to proliferate. Analytical tools are emerging to interpret this information, and to merge and use it in an increasingly integrated fashion to permit continuous monitoring of locational and other information about specific people and groups. Drones that are freely available in the open marketplace can be programmed to follow people and objects using GSM and other technologies as tracking beacons. Miniature homing devices that will facilitate tracking of locational information of objects and people are also freely available. Phone companies routinely collect data from everyone making cell calls on their networks. Because many phones have chips that stay on even after a battery has been removed, tracking powered-down phones is within the realm of possibility.

Massive amounts of geospatial information are now being collected from a myriad of Internet-enabled devices and stored in “big data” repositories. At the same time, the techniques for mining this information are constantly being refined and improved. Researchers have found ways to capture this data for use in determining people’s locations and estimating their movements.  While this can be useful in the case of natural disasters, we’ve now seen how companies like Uber can also use the information that they gather from their client’s phones in a way that negatively impacts their privacy.

We have only seen the beginning of many revelations that will continue to emerge as more geospatial information about individuals becomes readily available without associated controls and legislation to guard against misuse. Government agencies and private companies have the ability to regularly track people without warrants or court orders. In a world where it is increasingly obvious that information can be used for either good or evil, and is being used in both ways, it is highly unlikely that the status quo will prevail for much longer without associated controls.

The adoption of cloud-based solutions for document sharing and collaboration has been increasing. The myth that there is absolute security inside the firewall and absolute chaos outside is crumbling. And in an age of mobile workforces and fuzzy enterprise boundaries, it makes little sense to continue to believe in the “walled fortress” model of security. This means that the market for content management systems is going to change dramatically.

Many organizations will have a harder time justifying the license and support cost of a solution like SharePoint. Google, Dropbox and others are becoming more credible as enterprise solutions in the cloud. The established vendors need to offer cloud solutions, while their sales of on-premise suites will suffer.

Advice to customers: dust off your IT sourcing guidelines and don’t assume that because you are managing confidential information, it is necessarily best to manage it in-house.

The 21^st Century was introduced by the tumultuous climax of the dot-com boom on March 20, 2000 when the NASDAQ peaked at 5,132. Since then modern corporations marched on to become the majority of the 100 largest organizations in the world (in terms of revenue/budgets and employed people) surpassing the size of many sovereign national governmental organizations. And this phenomenon happened fast. In 1954, the Boeing Corporations became just the 23^rd corporation to exceed $1 billion dollars in annual revenue. By the end of the 20^th century, hundreds of corporations exceeded multi-billion dollars in annual revenue.

I rejoined the University of Washington faculty in 2003 to research one of the hotbeds of corporate foundings and growth.¹ The Puget Sound Region’s eco-system has spawned a rather extraordinary number of diverse and successful organizations: University of Washington (1861), Nordstrom (1901), PACCAR (1905), UPS (1907), Boeing (1916), REI (1938), Starbucks (1971), Microsoft (1975), COSCO (1993), Amazon (1994), and the University of Washington research spin-outs like the Fred Hutchinson Cancer Research Center (1975), and a record setting 14 spin-outs in 2014.²

Based upon my research, my predictions for 2015 include predictions from increased globalization and transformational initiatives important to leveraging enabling information technologies. In addition, I believe that entrepreneurial start-ups and university spin outs will increasingly challenge the viability of current corporation industry leaders.

During my consulting career at Nolan and Norton, I continually impressed on our senior executive corporate clients as well upon myself, that to “go to the future”, you had to not only distance yourself from the “old” but you had to do more, you had to “live in the future.”

During 2015, I predict that we will see eight kinds of transformational corporate initiatives moving away from the “old” 20^th century ways to the future ways of 21^st century leadership and corporate structures.

From overly decentralized organizational structures…
to virtually IT-enabled extended network organizational structures.

From punctuated innovation…
to sustained innovation.

From preoccupation with internal financial engineering…
to drive for external customer value-added engineering.

From steward-dominated “command and control” cultures…
to balanced creator/steward “collaboration” cultures.

From “make and sell” product/service decision-making…
to IT-enabled “sense and respond” decision-making.

From non-integrated products and services strategies…
to highly integrated systems of products and services strategies (“works-out-of-the box”).

From benign acceptance of high risks as inevitable…
to proactive abatement programs for high risks.

From weak corporate performance oversight…
to reinvention of boards of directors for stronger corporate performance oversight.

1 This research was supported by funds from my Boeing endowed professorship as well as continued research support from the Harvard Business School upon my becoming a Harvard University Emeritus professor in 2003 continuing to the present.

2 The results of my research are published in Richard L. Nolan, Executive Team Leadership in the Global Economic and Competitive Environment (New York: Routledge Publishers, 2015).

2015 is an anniversary year for Enterprise Architecture. It is 40 years since Richard Saul Wurman coined the phrase “Information Architecture” — in 1975. Information Architecture became Information Systems Architecture, and then Enterprise Architecture. I predict that enterprise architects will use this anniversary to reflect on the history of our discipline and its position within the organization structure.

For a long time, EA was firmly part of the IT department. More recently the EA team has been found as a stand-alone unit, independent of IT or business. 40 years on, EA will increasingly establish its role as a key member of strategic decision making, capability evolution and organizational change management.

To a certain extent, Enterprise Architects have operated in a silo, independent from other areas of the organization. Those other areas could both benefit from architectural insight and contribute to architectural understanding. In addition, EA teams have failed to reuse the analysis and outputs from other teams, such as business and process analysts, or ideas from organizational, business and operating models. I see that 2015 will bring the EA team into closer contact and greater collaboration with people from business analysis, strategy planning, business operations, and business value teams.

At first, most people didn’t know what we meant by “business architecture.” And when they did, the fact that, while business architecture should be the responsibility of the business (doh!) the business didn’t seem to care, left us spinning our wheels. But now the ground is becoming firmer and we’re gaining some traction. The Business Architecture Guild and the Object Management Group share the credit for giving the discipline an underpinning of standards and concrete best practices for the modeling of an organization’s strategy, its value chains, its capability map, and its business processes.

In 2015, business architecture will still be mostly done by IT for the business – because even if the business doesn’t really want to do it, IT needs to understand the business in order to deploy the right systems. Leading enterprises will start doing business architecture as a matter of executive guidance outside of IT, but it will take longer to generalize the adoption at that level.

The message to CIOs: learn about this and get started. It will reinforce your credibility as a trusted adviser rather than just a suited technology pusher.

In the next three years, more enterprises will reposition their Enterprise Architecture practices to become architecture truly at the Enterprise level, going beyond using “Enterprise” as a mere prefix to what, in reality, has been an IT-centric architecture. There will be a critical mass of enterprises doing this — enough to make Enterprise Architecture understood as what it should have been in the first place.

What are some of the changes we will see in Enterprise Architecture (EA) as this trend goes mainstream?

1. More Business and IT collaboration in the activities of Enterprise Architecture
2. More Enterprise Architects with skills that are enterprise-grade skills
3. Enterprise Architecture that includes Business Architecture as the frame within which the other domains of Enterprise Architecture fill in the picture
4. Business-Technology Roadmapping as a way to align an enterprise’s technology future with its business future

The SaaS model may begin to lose some luster as enterprises begin feel the effects of IT playing a secondary role in implementations.  SaaS suppliers and integrators often try to push IT to the side as they sell their “new and improved” approach which speeds up projects and empowers business process owners and subject matter experts.  However, the dirty little secret is that the value of traditional IT disciplines transcends the hosting mechanism and the mantra of “configuration, not customization”.  The subjugation of IT can result in significant gaps in process and data analysis, planning for ongoing development and support, project management discipline, quality assurance, technical change management, environment management, and effective vendor relationship management, to name a few.  Although there are considerable legitimate benefits to the SaaS model, there is no magic.  The cloud pendulum is clearly on the upswing.  Be sure to duck when the laws of physics kick in!

I predict there will be a major hack to a connected devices, causing havoc and putting a temporary damper on the stampede towards the Internet of Things. It will be widespread, as the hackers will want to show just how vulnerable we are. This will be a temporary setback, and the precise impact will depend on the severity of the damage done — but the Internet of Things development will continue.

In a related note, it will be revealed that the government has experimenting with novel ways to conduct surveillance using these connected devices. My biggest bet is that LEDs used to light public areas will be the first discovered, but there may be even more zany or creative approaches.

These issues will create a groundswell of public support for greater security and controls on the use of connected devices and IoT.

Presuming the economic forecast provided by the Beaulieu brothers holds and we have a growth expansion through 2017 with a hard recession in 2018, I predict the following:

• Companies will continue to build up technical debt at a dizzying pace to stay competitive
• In 2018, those with cash and an elegant code base will be able to charge lower prices due to their response efficiencies
• In 2019, companies dependent on software will not be purchased (too much financial and technical debt) – they will just go out of business.

The keys are to focus on competitive advantage, reduce technical and financial debt, and be ready to outcompete on price, delivery and customer expectations.

In other words, stop being faster, better and cheaper in building your company into its own form of Hell.

Historically, IT’s role has been to ensure that hardware systems and software applications properly support the day-to-day needs of an organization’s executives, end-users and business processes. More recently, IT has been asked to help business users more effectively gather and interpret an escalating volume of data from internal and external sources. The end result was adopting better analytics systems for internal purposes. The Internet of Things (IoT) will push IT to become a part of the company’s product development and support processes as hardware and software become embedded into the products and services companies manufacturer and deliver. In many ways, this new role will really be a fulfillment of the past promises that IT become more closely aligned with the business functions it supports. But, in reality this will be a very big leap for most IT organizations, as they are still struggling to keep pace with their traditional responsibilities and lack the skills or tools to play a role in the rapidly evolving IoT marketplace.

Last year, I predicted the work force would continue to shrink. I was right. Relative to the population, the work force continued to dwindle, and it will continue to do so in 2015. The percentage values will become even more dramatic when considering the migrant workforce (legal and otherwise). As such, it’s still a good year ahead for those who can find ways to leverage smaller staffs in 2015. Tragically, this will lead to a greater divide between the rich and the poor. Any industries marketing with a “we care” strategy that applies across the “have/have-not” divide will be seen as philanthropic and societally beneficial (in a time of increased political turmoil).

Turmoil bodes well for me and my peers in the risk community. Some organizations will make the mistake of centralizing their risk management, for which they’ll pay a price when risks come to roost in obscure components of their organizations. Those components will blame the central office. The central office will blame the components for not being risk-aware. How do you win? Spread risk management responsibility across the organization. Make every staffer a risk manager, and you build the infrastructure you need to get through 2015.

Oh, and yes, we’ll have flying cars…