CIO Profiles: Marty Colburn, Executive VP And CTO At The Financial Industry Regulatory Authority
Offshore outsourcing makes sense if the right work and skill sets are supported, he says.
MARTY COLBURN Executive VP and CTO, Financial Industry Regulatory Authority
How long at current company: I joined the National Association of Securities Dealers in August 2001. The Financial Industry Regulatory Authority was formed in 2007 when NASD and New York Stock Exchange Regulation merged.
Career accomplishment I'm most proud of: From a technology perspective, I'm proud of the progress that we've made in leading the integration efforts of the NASD and NYSE regulatory consolidation. While not completely finished, it has moved at a remarkable pace and involved the merging of two complex application portfolios.
Most important career influencer: A former boss, Erskine Bowles. He taught me the importance of building a strong network and that having a team of dedicated individuals working toward a common goal are vital for success.
Decision I wish I could do over: The biggest one was taking on leadership of an Internet startup. It was almost impossible to turn around.
Advice for future CIOs: New CIOs need to understand how the business functions and build strong relationships with their business partners.
The next big thing for my industry will be: regulatory reform. Technology is a critical part of accomplishing FINRA's regulatory mission. We stand ready to support the organization as changes come about.
View on offshore outsourcing: If the right work and skill sets are supported offshore, it makes good business sense.
On The Job
IT budget (approximate): $153.5 million baseline budget for 2009
Size of IT team: More than 150 on staff and around 400 consultants
Complete the regulatory consolidation of the NASD and NYSE Regulation legacy application portfolios. This is a multiyear effort, which will be completed in 2009.
Continue to drive down our operating costs by using various technologies, including virtualization and cloud computing.
Improve and continually enhance our regulatory technology in support of our regulatory mission.
How I measure IT effectiveness: ROI is a key metric for technology initiatives, and the business case needs to include both initial development costs and subsequent maintenance costs.
For operations, we measure reliability, serviceability, and availability of our business-critical applications. For development projects, we measure cost, schedule, and risks--tracking metrics that help us measure quality.
Our development methodology is very iterative and automated. For example, we typically deliver code weekly through automated deployments and testing. That way, we don't get to the end of the project with missed expectations or a high number of software defects.
Colleges/degrees: Bachelor of science in finance from the University of Maryland, a degree in electrical engineering from Montgomery College, and an advanced business management certificate from Harvard Business School
Favorite leisure activity: Playing Frisbee with my dogs
Best book read recently: Divine Justice, by David Baldacci
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.