What is driving these shifts? In a January 28, 2012 New York Times Op-Ed piece Made
in the World , Thomas Friedman argues, “Many CEOs, …increasingly see the world as a place where their products can be made anywhere through global supply chains (often assembled with nonunion-protected labor) and sold everywhere.” Globally integrated supply chains are transforming traditional business models and shifting yesterday’s outsourcing choices and trade-offs.
Mr. Friedman provides a provocative perspective. But, is this really happening?
The transfer of control of a process, product, or service to an external provider can take a variety of forms. The value in strategic outsourcing can include an organization’s ability to:
Improve services delivery
Engage in strategic partnerships that enable innovation, growth, and desired business outcomes
Traditional strategic outsourcing has often centered on transferring services to an external services provider with a focus on cost reduction. Outsourcing models are changing in new ways - why? What is driving these shifts and what can an organization do to capitalize on these changes?
Our team at the IBM Center for Applied Insights set out earlier this year to investigate market changes, identify emerging trends, and develop evidence-based research that explores how forward-thinking companies are responding to these trends.
Our premise is that the changing global dynamic, combined with technology-driven market shifts, is creating an opportunity for organizations to move beyond sourcing primarily for cost advantage to partnering for competitive advantage and desired business outcomes. Some of the technology-fueled market shifts reshaping the outsourcing landscape include:
New and disruptive business models are changing how business is done
Empowered consumers are driving companies to deliver customized client experiences to build enduring loyalty
Big data generated from multiple sources is changing how organizations make decisions and leverage predictive insights for competitive advantage
Recently, IBM conducted a survey of 97 C-Suite Sourcing executives and found that seven out of ten plan to outsource for strategic reasons like driving growth and innovation. Based on their chief motivation, we categorized these organizations as:
Cost-cutters–27 percent outsource their IT infrastructure to reduce operations costs
Growth-seekers–37 percent outsource IT infrastructure, application management or business processes to achieve operational efficiencies and revenue growth
Innovators–36 percent outsource multiple parts of the business to enable transformation and innovation
What we found most interesting was the progression of objectives across these three groups. Cost-cutters indicate they want one primary outcome from their sourcing relationships: cost savings. The majority of growth-seekers want to reduce costs, but also faster time to market for new products and services, and increased efficiency and effectiveness across the entire value chain. Innovators expect all of the above–and more. In addition to cost reduction, speed-to-market, and value chain efficiency, the majority of innovators want providers to help them:
Drive front-office effectiveness (not just back-office)
Better anticipate and respond to disruptive technological changes or market forces
Proactively manage risk, compliance and security via technologies like predictive analytics
Share risks and rewards based on business outcomes
Susanne Hupfer Client Insights, Consultant IBM Center for Applied Insights
Ever wonder what makes one infographic hit the mark and another one miss? There's more science to it than you might think.
Information graphics – visual representations of information, data,
knowledge, or concepts – have been around for millennia, and humans have
long mapped data in order to organize what they see, filter out
extraneous details, reveal patterns, suggest further exploration, and
ultimately better understand the world around them.
"Why should we be interested in visualization? Because the human visual system is a pattern seeker of enormous power and subtlety. The eye and the visual cortex of the brain form a massively parallel processor that provides the highest-bandwidth channel into human cognitive centers. At higher levels of processing, perception and cognition are closely interrelated, which is the reason why the words ‘understanding’ and ‘seeing’ are synonymous.” (Colin Ware, Information Visualization: Perception for Design, Academic Press, 2000)
Anyone responsible for creating infographics in order to communicate complex information effectively can benefit by taking advantage of lessons from visual perception research.
Prof. Colin Ware, of the Data Visualization Research Lab at the University of New Hampshire, explains:
“… the visual system has its own rules. We can easily see patterns presented in certain ways, but if they are presented in other ways, they become invisible. … The more general point is that when data is presented in certain ways, the patterns can be readily perceived. If we can understand how perception works, our knowledge can be translated into rules for displaying information. Following perception-based rules, we can present our data in such a way that the important and informative patterns stand out. If we disobey the rules, our data will be incomprehensible or misleading.”
One important lesson we can leverage from vision science is an understanding of which elements will prominently “pop out” of an image – thanks to a mechanism known as “pre-attentive processing.” As our brains start to process an image, massively parallel processes detect image elements that are differentiated by low-level characteristics such as form, color, motion, and spatial position. The principles of pre-attentive processing govern which visual elements grab our attention first, before we’ve even begun to consciously process the image.
Here’s a simple example to illustrate the point. Count the number of 9’s appearing in this set of digits:
This time was a lot easier and quicker, thanks to the fact that our brains process lightness pre-attentively.
Some features that are pre-attentively processed include: color (hue and intensity), form (line orientation, line length and width, size, shape, curvature), motion (flicker, direction), and spatial position (2D position, spatial grouping).
For some more pre-attentive fun, visit the demo at this site, choose a feature, and see how immediately and easily your visual system is able to process it.
Understanding what kinds of features are pre-attentively processed has important implications for visual displays. When designing for critical situations such as air traffic control, flight display, or clinical care dashboards, it’s crucial to understand how to make certain symbols or elements stand out from others so they can be interpreted and acted upon immediately.
Likewise, if you’re designing infographics, it’s also important to understand which elements will be seen at first glance – they’re your first chance to grab your reader’s attention, even before conscious processing. Using color, size, shape, orientation, and other pre-attentive attributes, you’ll need to carefully craft which are the most important elements that should “pop out” first.
But choose carefully; not every element of your infographic can stand out. Vision science tells us that pre-attentive elements become less distinct as the assortment of patterns increases. Imagine a bumblebee swarming among flies; the bee is easy to pick out. Now imagine wasps, hornets, and yellowjackets joining the swarm, and the bumblebee will get lost in the mix. So it is with an infographic: As the multitude of competing pre-attentive elements increases, their “power to pop” will be diminished.
David Jarvis Senior Consultant, IBM Center for Applied Insights
In a world of increasing and varying information security threats, academic initiatives focused on cybersecurity are proliferating - yet, there is still the danger of falling short in addressing the long-term threat. To avoid becoming too focused on near-term issues, programs must be more collaborative across their own institutions, with industry, government, and among the global academic community. Only by working in concert can we meet today’s demand while educating the next generation to create a more secure future.
There have been a lot of recent reports, blog posts and news articles discussing the cybersecurity skills gap. It has been an ongoing issue for a while, and will continue into the future. We wanted to tackle this problem, not from the demand side, but from the supply side. So, the IBM Center for Applied Insights and IBM’s Cyber Security Innovation team selected 15 academic programs in 6 different countries from the over 200 institutions we monitor and work with. We conducted interviews with faculty members, department chairs and others. This week, we released a synthesis of those interviews in our latest security insights paper,“Cybersecurity education for the next generation: Advancing a collaborative approach” .
Through our interviews it was confirmed that cybersecurity is top of mind for students, educators, industry and government. Industry and government are currently facing a significant skills gap and this is causing the programs we interviewed see extremely high demand for their students, both undergraduate and graduate.
But, not all is rosy with the increased demand and attention. Programs are expected to provide more of everything – courses, graduates, opportunities, research – which has caused programs to face a number of organizational and technology challenges. Stained programs are addressing these challenges in different ways, taking different approaches to cybersecurity education, but still sharing similar common principles.
The trends, challenges, issues and differing perspectives cannot be fully addressed by each academic program on its own; cybersecurity is a global problem and should have global solutions. A set of leading practices promoting a longer-term and more collaborative approach is needed. We identified three general areas that the leading programs we talked to excelled at, all dealing with collaboration and connection.
1. Collaborate within your own institution – Cybersecurity programs should embed security practices and principles in computer science and engineering courses and take a holistic technical approach. They should work with other disciplines and schools in the university (e.g., business, law, ethics, medicine, policy). They should offer diverse education options for students and professionals (graduate, undergraduate, professional development, etc.).
2. Co-evolve with industry and government – Academic programs should have deep ties with industry and government – partnering and collaborating on research, curriculum development, and opportunities for students. A hands-on, practical, approach is also extremely important. Laboratory work, projects, special-interest groups, and internships should all be cultivated.
3. Connect across the global academic community – A number of the programs we talked with discussed the need for building a “science of security” to anticipate security problems and a cross-discipline lingua franca among scientists, engineers and policy makers. Fundamental concepts and common vocabulary can only be developed with participation of the entire global cybersecurity community.
David Jarvis & Susanne Hupfer IBM Center for Applied Insights
There are four pivotal information technologies that are rapidly reshaping how enterprises operate: mobile technology, business analytics, cloud computing, and social business. All four of these technologies are potentially disruptive, and they also come with unique security concerns. Many people fear the security implications of employees bringing their own mobile devices to work, or storing mission critical databases in public cloud environments. Fear shouldn’t drive organizations away from these potentially transformative technologies. How are organizations overcoming their fears? How are they breaking though the “security wall”?
Recently IBM released the results of its 2012 Tech Trends Report, which looks at the adoption patterns of these four technologies. It is based on a survey of over 1,200 professionals who make technology decisions – the respondents came from 16 industries and 13 countries. As part of the analysis, three different types of organizations were identified:
Pacesetters (20%) believe emerging technologies are critical to their business success and are using them to enable new operating/business models. They’re also adopting ahead of their competition.
Followers (55%) agree that these technologies are important and can provide critical capabilities and differentiation, but they generally trail Pacesetters in adoption.
Dabblers (25%) are generally behind or, at best, on par with competitors in terms of adoption. They’re less strategic in their use of emerging technologies, namely citing greater efficiency or new capabilities in selected areas.
One common thread across all three of the identified groups is that security is a significant area of importance and concern. In fact, 62% of respondents cite security as one of the three most important areas facing their organization over the next two years, with 27% rating it number one. One interesting aspect is that, the less mature an organization is with respect to the four strategic technology areas, the more security rates as an area of importance and focus. Seventy-seven percent of the Dabblers cited security as a top-three area of importance, versus only 49% of the more mature Pacesetters. Why is that? Perhaps the Dabblers don’t fully understand, or trust, that there are security technologies, policies and practices that can ensure a more secure approach overall. Or perhaps they lack the experience the Pacesetters have.
“Security and privacy are not always treated as first-order problems. Things are deployed and made widely available without regard for security and privacy. In a best-case scenario, security and privacy are thought of as add-ons. Worst case, they’re ignored completely.” – Dr. Eugene Spafford, Professor and Executive Director of the Center for Education and Research in Information Assurance and Security, Purdue University
Besides being an area of significant importance, security is also seen as a significant barrier to technology adoption by the survey respondents. Information security is ranked as one of the top two barriers to adoption across the four technology areas – more than integration, inadequate skills or regulation and compliance. Overall, security is the biggest barrier for a majority of respondents for mobile (61%) and cloud (56%) adoption. Security is cited less often as the top adoption barrier in social (47%) and analytics (31%). As shown by the dark blue bars in the graph below, there isn’t a huge gap between the groups (9-11%) when it comes to security concerns, but, in general, less mature Dabblers see security as more of a barrier than the more mature Pacesetters. The exception is analytics, which has the lowest adoption barrier. Perhaps Pacesetters better understand the potential risks in implementing advanced analytic systems.
Another part of the security wall blocking the full realization of the benefits of the four technologies is that organizations’ current IT security policies aren’t sufficient. The figure above generally shows correlations between viewing security as a barrier to adoption (dark blue bars) and inadequate security policies (light blue bars). The Pacesetters are more confident across the board, with a majority saying that their security policies are adequate. The “adequate policies gap” between the Pacesetters and Dabblers ranges from 13% to 32%, a fairly wide margin. This tells us that organizations that have the right security policies in place are more confident, and less likely to see security as a barrier. For the others, there is a gap between their fears and taking the steps needed to address those fears.
Another tool organizations are using to attack the security wall is skills development. A majority of the respondents know that security is an issue and are working hard to boost their confidence. Overall, 70% of organizations are planning to develop or acquire skills in “mobile security and privacy” and “cloud security” – the two technology areas where security is seen as the biggest barrier.
Security is tightly intertwined with the four technology areas discussed. You shouldn’t pursue cloud, mobile, social or analytics endeavors without also focusing on needed security technologies, skills, policies and practices. The more you focus on policies and skills, the less likely you will see security as an impediment. Treat security as a business imperative and make it a priority. Design security in from the start of any project. Doing this will increase confidence and help to tear down the walls that are slowing the adoption of important, transformative technologies.
In this post, I shall try to have a closer look at some of the important questions pertaining to interoperability: what do we mean by mobile money interoperability, what are the arguments for and against interoperability, and what practical steps can be taken to achieve it?
The mobile money industry has witnessed a remarkable activity in the recent years. There are more than 165 pilots in the mobile money segment in emerging economies, mostly being run by MNOs, banks and other financial institutions. It is now possible to find two or more deployments in many Sub-Saharan African and South Asian countries. Yet, only a very few of these deployments have been able to achieve significant scale. In a recent survey of 52 mobile money service providers, the GSM (Groupe Spéciale Mobile) Association identified 11 service providers that have more than 1 million registered customers. This has led many to make a case for implementation of interoperability in mobile money ecosystems so that customers are more inclined to use mobile money and the deployments can achieve scale by increased customer adoption. Let’s try to explore this important concept further.
Defining mobile money interoperability: Interoperability occurs if different systems are technically able to work together. For mobile money, interoperability can happen between handsets, networks, financial processes and retail processes etc. The Consultative Group to Assist the Poor. (CGAP) has proposed a framework that categorizes interoperability in three levels: platform, customer, and agent levels.
Platform level interoperability – It permits customers of provider A to make payments to customers of provider B. They may also transact via any mobile network operator channel and switch operators without having to switch banks. For example, M-PESA allows consumers to send money to any phone. In South Africa, MTN offers subscribers not only MTN Banking’s application but also access to their First National Bank, ABSA, Standard Bank and NedBank accounts. WIZZIT works across all mobile networks in South Africa.
Agent level interoperability - It permits agents of one mobile money service to also serve customers of another service, in other words, agents having non-exclusive partnership with operators.
Customer level interoperability - It permits the customers to access different mobile money operators from one SIM. Also, it permits the customers to access mobile money account from same handset, regardless of SIM
The debate around interoperability: Market participants and regulators have not reached a consensus about the need and benefits of interoperability. Some regulators believe that interoperability is the way to go as the market matures and operators try to scale up. For example, governments of Ghana and India have mandated interoperability in their countries. Some regulators have taken a neutral position and have allowed market forces to decide the course. The Bank of Zambia prefers, but has not mandated, that mobile money solutions be interoperable. It is encouraging interoperability through the development of a national switch. Others feel that interoperability will erode the competitive advantage of market leaders and its implementation may not result in sufficient addition in subscribers to justify the investment required. For example, a report by GSM (Groupe Spéciale Mobile) Association suggests that the business case for implementing interoperability is unlikely to justify the initial investments of implementing it.
How to achieve interoperability: Though industry leaders seem to agree that interoperability is a key issue, they have different views on how it can be achieved. There are two broad approaches to achieving interoperability:
Standards – In global mobile telecommunications industry, Global System for Mobile Communications (GSM) has played a key role in setting up the standards and allowing the users to roam freely across various markets. Another example of common standards aiding the development of industry relates to SMS, where standard development in Europe led to a huge growth in SMS usage. Mobile money industry is still in its early stages and has not agreed to a set of common standards across all the elements described above. I believe it is unrealistic to take an entirely standards-based approach to interoperability. Standards are consensus based and take a long time to develop. Since a number of standards exist, it is unclear whether common standards can also impede the fast growth of mobile money industry; some of the players would have to wait before launching their services and many might have to migrate to common standards with significant costs and time. As the industry develops, a flexible approach based on experimentation would be needed. It will take time but governments & industry players should do what they can to monitor & promote standards,without holding back growth.
Bilateral Agreements – Bilateral agreements, both commercial and technical, have become quite common. To develop compelling product offerings and to scale up, the market participants are experimenting with various business models and forging partnerships with other MNOs and financial institutions. For example, MasterCard and Telefonica announced a joint venture using the MasterCard Mobile Payments Gateway to lead the development of mobile financial solutions in 12 countries within Latin America where Telefonica’s Movistar® brand is present.
With respect to the timing and extent of interoperability, maybe the real answer lies somewhere in between. The timing and extent of interoperability needs to be specific to the state of market and needs to be continuously assessed. A report by Mobile Money for the Unbanked (MMU), suggests some valuable recommendations:
Regulators should carefully consider the costs and benefits of implementing interoperability at an early stage of market development.
Even when the enabling regulatory framework is in place, market should be monitored on a continuous basis to assess the need of further intervention.
In the absence of interoperability regulations, monopolies and competition should be assessed periodically.
Regulations should focus on ensuring that interoperability remains feasible at low cost to provide appropriate incentive to service providers and benefit users.
Have you ever been blocked by interoperability issues? What steps are your companies taking? I look forward to your comments and observations. Please click “Add a Comment” below or “More Actions” to share this with others.
Client Insights, Consultant, IBM Center for Applied Insights
In this post, I will explore some interesting facets of the mobile money market in India such as market opportunity, regulatory environment, market participants, and the way ahead for the market.
Market Opportunity: The Indian economy has shown strong growth in the recent years, making it a USD 1.3 trillion economy. It is predominantly a cash economy with more than 65% of all retail transactions (total transactions are estimated as USD 410 billion per year) being conducted in cash. According to Reserve Bank of India(RBI), the central bank of India, more than 57% of the electronic transactions happen through credit and debit cards and the rest through Electronic Clearing Service (ECS) and Funds Transfer.
In India, 40% of the population remains unbanked. In contrast, it is estimated that more than 70% of the 1.17 billion people in India own a mobile phone. Moreover, this subscriber base has been increasing by 20 million customers per quarter. Hence, with a huge mobile subscriber base and a very small percentage of the transactions taking place over mobile, the potential for mobile money to take off and replace cash is immense.
Regulatory Environment: Government and the Reserve Bank of India are the nodal agencies which formulate regulations pertaining to mobile money. The Indian regulatory system has been gradually allowing the expansion of new products and solutions aimed to take advantage of the vast opportunities in this space.
RBI recognizes that individual banks need to work in conjunction with operators, mobile devices and payment technologies. In 2009, it mandated that a bank account is needed to send money but in 2010, it allowed ‘Other Persons’ (non-banks/NBFCs) to issue m-based semi-closed instruments with certain conditions and caps on transfer amounts. As a result, banks started offering mobile banking services. Further in 2010, it allowed semi-closed instruments to be used for bill payments and ticketing services, also, and permitted issue of co-branded instruments.
In late 2010, an interbank system had been set up in India enabling instant money transfers between bank accounts via mobile phones. NPCI's Interbank Mobile Payment Services (IMPS) is India's first instant fund transfer facility in the retail payment sector. It provides an inter-operable infrastructure for the banks and facilitates real time money transfer facility to their customers through the mobile channel. The unique feature of this system is that banks can choose any mobile banking application of their choice. Interestingly, IMPS can be made available in all forms (SMS, USSD, thin client, thick client) and hence it can support the transactions directly from low end mobiles to high end mobiles.
Market Participants: As compared to mobile money deployments in other emerging economies like Kenya, Philippines and Uganda, the Indian market is at a very nascent stage in terms of market consolidation and volume of transactions. The Indian telecom market is quite fragmented with fifteen different mobile operators providing service to more than 900 million subscribers. Among them, BhartiAirtel, Reliance Communications and Vodafone together hold more than 50% of market share.
BhartiAirtel has recently launched its mobile money services across India, offering services like payment of utility bills, mobile recharges, purchase at retail outlets, person to person money transfer, etc. Only Airtel customers can use this service and transfer money to other customers on Airtel.
My Mobile Payments Ltd (MMPL), a mobile payment service provider, had recently announced the launch of ‘Money-on-Mobile’ (MOM). It is a M-Wallet service which permits a mobile phone subscriber to purchase a wide range of goods and services using the mobile phone instead of paying by cash, cheque, debit or credit cards. It offers services like mobile recharge, utility bill payments, purchase of bus and movie tickets, to name a few. It claims to be India's first operator and bank agnostic mobile payment system.
The way ahead: As outlined in my earlier post, though the opportunity is huge and growing, companies need to address security apprehensions associated with mobile payments and build the awareness of the technology and the product.
India’s unique demography is an important factor to consider while taking strategic and marketing decisions during the ‘launch’ and ‘scale’ phases of mobile money deployments. Some of the notable factors are:
It is estimated that 60% of the 1.17 billion population lives in rural areas most of which suffer from a lack of basic infrastructure and education. Companies generally face significant challenges in building the infrastructure and consumer awareness in these areas.
Also, more than 50% of the Indian population is below the age of 25 years. This segment of population embraces new technology more readily but at the same time, it is a lot more value conscious and has little loyalty to a brand.
Besides offering regular services like person to person transfer, utility bill payments, mobile recharge etc. other useful revenue streams can be explored too.
The internal remittance market – The internal migrant population is estimated to be around 100 million people. This market for internal remittance is estimated to be around USD 8 billion to USD 12 billion.
Government payments market – Government of India offers a number of subsidy and support programs like Mahatma Gandhi National Rural Employee Guarantee Act (MG-NREGA), fuel subsidy, fertilizer subsidy and public distribution system which is estimated to be around USD 40 billion. A lot of it is wasted due to leakages and fraud in the distribution system. To ensure that the intended recipients do get their payments,mobile payments can play a very crucial role. The Indian government’s ‘Aadhar’ program to provide a unique identification number to every citizen of India would further lend support to the rapid uptake of financial services and transactions over mobile.
I look forward to your comments and observations. Please click “Add a Comment” below or “More Actions” to share this with others.
Shubham Jain Consultant, IBM Center for Applied Insights
IBM Center for Applied Insights
(CAI) has recently started a new program on building fact-based, market-centric
thought leadership assets on various facets of mobile money.
As I dig deeper to understand the
current state and evolving trends of this segment, some facts are worth
Group to Assist the Poor. (CGAP) estimates that around 3.5 billion people
worldwide currently lack access to formal financial services. It estimates that
there will be 1.7 billion unbanked customers with mobile phones by 2012. There
are more than 165 pilots in the mobile money segment in emerging economies being
run by a diverse group of organizations.
However, very few mobile money
deployments have been able to achieve scale and gain significant customer
base. Some deployments which have been
able to achieve significant scale include M-Pesa in Kenya, GCASH and Smart
Money in Philippines, Vodacom in Tanzania, and MTN Uganda.
Hence, there is definitely a huge
potential to achieve scale in this segment, especially in the emerging markets,
and firms are investing hard to address this market. However, many of them are
still struggling to fully tap into this opportunity. Cracking the code for high
customer adoption and usage, in quantity and continuity, appears to be an
Achilles’ heel for the Mobile Network Operators (MNOs), financial institutions,
and other organizations trying to venture into this segment.
So, what insights can we learn
from those who have succeeded in this segment? I researched to determine some
common factors which seem to have made some deployments more successful than
others. It seems that there are two broad factors which can prove to be very
critical for an organization while trying to launch and subsequently scale: the
actual product and an effective agent network. Today, we’ll take a look at the
impact of the product.
Product – Building a strong, robust and compelling
product offering (and later a product portfolio) is a very important factor
which is sometimes overlooked as many companies try to emulate successful
offerings and solutions from other deployments.
Some of the key points to keep in mind are:
vision and long term strategy – Most of the successful companies have a
well-defined long term vision and strategy with respect to offering mobile
money services. For instance, a company can aspire to be the leading low cost
provider for person-to-person transfer services or it can aspire to be a
leading service provider in the retail payments segment. A clear vision also
helps senior management develop a long term commitment to the service. This
often takes substantial initial funding towards mobile money deployments and at
to five years to become profitable.
needs of the market – A clear and articulated value proposition, in terms
of addressing the ‘market specific’ needs for mobile money, goes a long way
towards ensuring success of the deployment. There is no ‘One size fits all’
business model or offering which can cater to different markets in the emerging
or the developed economies. For example, M-Pesa has gained its popularity and
scale by uniquely positioning the product to address the remittance need of the
Kenyan population; its value proposition being: “send money home.” WIZZIT in South Africa focuses on “live life
anywhere” by addressing the mobile banking needs of their consumers. Other
avenues can be business-to-business payments, bill pay, salary payments, and so
on. In the planning phase, a thorough market research can help develop a deep
understanding of consumer’s pain points in the specific market which can be
addressed effectively by the mobile money deployment.
awareness – The bulk of potential consumers in the emerging markets are
from the informal economy, people who are unbanked and use other formal and
informal means such as post offices, banks, or personal networks for money
transfer. This target segment is mostly unaware of the potential for and
features of newly launched mobile money offerings. They also have security
apprehensions associated with mobile money transfers and lack of initial
technology understanding. For example, some of my colleagues were initially worried
about security of their payments while using newly launched mobile payments
services by BharatiAirtel.
Hence, a concerted and targeted marketing campaign goes a long way in
addressing the apprehensions of the target segment.
Features –This target customer base from the informal segment in emerging
economies wants the service to be Fast (Instant transfer of money over long
distance and without any queues), Inexpensive (in comparison to costlier
credit/debit cards or informal payment methods), Safe (Holding value and making
payments that is safer than holding and transacting cash) and Accessible (able
to cash out, make purchases, and receive money in remote areas). For example,
as per a white
paper by IBM, cost of sending 1000 Ksh ($13.06) through M-Pesa is $0.38
which is cheaper than any other service available in Kenya such as PostaPay and
Partnerships – Research suggests that making the right partnerships at the
right time helps a) align the business and its new/existing products with the
overall vision on an ongoing basis, b) continuously learn and address the needs,
challenges and new demands of the market and c) expand and reach scale. The
partnerships can be with technology partners, banks and financial institutions,
MNOs, agent networks, retail chains and other corporate organizations.
For example, Bank Bradesco and the Post Office in
Brazil have partnered to create Banco Brazil. The partnership has been able to
effectively attract rural populations boosting the business of both companies. Another
interesting partnership is in Japan, a developed economy. Sony partnered with
DoCoMo, a MNO, to form a joint venture – FeliCa Networks. They produced both the mobile phone chip and card
reader which enable them to manage downloads and applications for consumers and
merchants and gain a strong foothold in the mobile payment market.
There is a lot to be learned and written on the effective management
of agent networks. The agent network is the effective face of the company for
consumers. I can try to explore this
factor in more detail in one of my subsequent posts.
Look forward to your comments and
Do you know which industry is adopting analytics fastest? Do you know which industry has the biggest problem with social skills? Now you can find out.
The latest IBM Tech Trends Study surveyed over 1200 IT and business decision-makers – IT managers, business professionals and IT practitioners from 16 different industries and 13 countries – to assess how and why enterprises are adopting four emerging technologies – Mobile, Analytics, Cloud and Social Business – that are dramatically transforming how enterprises operate.
The study showed that Business Analytics and Mobile Computing represent a large swell, with over half of respondents already adopting these technologies. Cloud Computing and Social Business form a coming wave, with 40% currently piloting or planning to adopt by 2014. Furthermore, enterprises’ projected investment in the four areas is surging: 55% or more plan to increase investment in Mobile, Cloud, and Business Analytics, and 43% project increased investment in Social Business.
Despite the momentum in these areas, the study also uncovered a critical shortage of IT skills: Across all four technology areas, only about 1 in 10 companies reports having all the skills needed to be successful, and a quarter of respondents report major skill gaps.
A Deeper Dive: the Tech Trends Industry Dashboard
Today we’re launching a new interactive dashboard that allows you to explore the study findings in a dynamic way, by industry and by tech area. You can investigate adoption, investment, and skills for a particular industry within each tech area and sort to see how that industry compares to others, or to the cross-industry average.
Here’s one example. I chose Analytics, then Adoption Levels, and sorted by “Deployment” (and also clicked to “show percentages”):
We see that Insurance, Media and Entertainment, and Banking are the top three front runner industries in terms of high adoption of Analytics. Where does your industry fall?
You can also click on a particular industry name to bring up a graph specific to that industry; here we see Analytics skill levels reported by Media and Entertainment organizations:
It appears that Media and Entertainment is doing better on Analytics skills than the average: 23% have all the skills they need for Analytics, versus just 13% across all industries.
Sharing your insights
Are you successfully surfing one of the big tech waves but getting knocked down by another? Regarding your enterprise itself, do you think you’re outpacing your industry, keeping up, or lagging?
If you have particular insights about your industry’s position, please share them. All the graphs you encounter in the exploration are shareable – use the social media buttons or the embed code located beneath each graph to embed the graph within a blog, web page, or social media site. The embedded graph retains all the interactive functionality of the full dashboard.
Happy exploring – and we hope you’ll join the conversation around these findings!
Derek Franks Consultant, IBM Center for Applied Insights
A couple of weeks ago I wrote a blog post discussing our
recent paper that links Leading Marketers with financial outperformance.In our study, these Leading Marketers had 40%
higher revenue growth and twice the
gross profit growth.Naturally, the next
question you’d ask is “how do I become a leading marketer?”And that’s exactly what I’m going to talk
about over my next few posts.
To kick things off, we found that Leading Marketers engage
with their customers across a variety of channels.These leading marketers are more likely to
have integrated inbound, outbound and offline marketing programs in some or all
channels.They are more likely to use
interaction optimization technology in all of their channels.And they are also more likely to adjust
offers in real-time across all channels.In short, they create a “System of Engagement” that allows them to
engage each customer as an individual, across multiple channels.
So if leading marketers are creating a system of engagement
to deliver targeted messaging across channels, what specific tactics are they
using?To answer that, we looked closer
at mobile and social channels.
Essentially, a number of tactics within these channels can
be considered “table stakes.”Everybody
has a mobile version of their website and delivers mobile e-mails.Everybody has a social networking page on a
site like Facebook and most engage in micro-blogging (Twitter).But there are some specific, innovative
tactics where we saw differences between leading marketers and others.
When it comes to mobile, we found that leading marketers
were more likely to use mobile messaging campaigns, location based targeting,
and mobile-specific ads.For social,
leading marketers were more likely to develop apps for 3rd party
networking sites (Facebook), leverage social/local group buying (Groupon), and
participate in location-based games (Foursquare).All of this means that leading marketers are
faster to begin leveraging emerging/trending technologies to see if they can
enhance the system of engagement.Some
of these tactics may or may not prove to be effective in the long run, but the
leading marketers get there first… not unlike the adage “fail fast, fail
often”.By being at the forefront with
these tactics, they stand to benefit when they come across something that’s
It’s also interesting to note that location-based tactics
saw greater use by leading marketers in both mobile and social.When you think about a system of engagement
that strives to deliver targeted, personalized, relevant offers in real-time,
it makes perfect sense that location-data is a key component to enhancing that
There are a number of ideas you can take away from our data,
but there’s one over-riding principle that I think is worth taking to
heart:Innovation.Leading marketers aren’t afraid of trying out
new channel engagement technologies or tactics.They get there first and they find out what works.They don’t worry about whether a channel is completely
mature… they jump in and get their hands dirty.This enables them to be proactive with their customers, rather than
At the IBM Center for Applied Insights, we’re always searching for new best practices to share with IBM, our clients, and the rest of the world. Which is why, at a recent team meeting, we gathered to discuss a new article from McKinsey. In “The do-or-die questions boards should ask about technology”, McKinsey outlines nine questions all boards should be posing to their company management in order to be “technology winners”. You’ll probably notice that few of these questions focus on the technology – they focus on how to get business value from the technology. These nine questions fit so well with what we try to accomplish at the Center, I thought it would be a good exercise to pull key insights from some of our studies to see how we are helping to address them:
1. How will IT change the basis of competition in our industry?
As we’ve seen in many industries, technology is radically changing the competitive landscape, allowing new companies to gain significant market share from established players. In our 2012 Tech Trends report, we segmented over 1200 respondents into 3 groups based on their organizational stance on emerging IT. What we discovered was that the leaders (Pacesetters) were ahead of their competitors in the mobile, analytics, cloud, and social business spaces. These Pacesetters believe emerging technologies are critical to their business success and are using them to enable new operating and business models to improve their competitive position.
2. What will it take to exceed our customers’ expectations in a digital world?
Customer expectations are as high as they’ve ever been - customers demand an experience that is convenient, immediate and hyper-personalized. In “Why leading marketers outperform”, we found that leading marketers deliver targeted, personalized messages to customers in real-time through channels such as social media and mobile. These marketers encourage innovation, measure every customer interaction and touch point, and collaborate regularly with IT. Compared to traditional marketers, these leaders have a three year CAGR that is more than 40 percent higher.
3. Do our business plans reflect the full potential of technology to improve our performance?
Investing in technology is expensive, but it can yield incredible returns and boost performance. We asked over 1500 IT decision-makers about their attitudes in the Platform-as-a-Service space in “Exploring the frontiers of cloud computing.” We found that the leaders, or “Pioneers”, were adopting PaaS as a way to drive innovation and improve application lifecycle across the enterprise. For these pioneers, benefits included increased resiliency, efficiency, data management integration, and optimization. According to one respondent, a VP of IT, utilizing PaaS can make a company “more nimble and cost-effective, with consistent performance and faster roll outs.” Sounds like a pretty good payoff to me.
4. Is our portfolio of technology investments aligned with opportunities and threats?
A technology portfolio must clearly reflect current opportunities and threats, change regularly, and balance short and long-term technology investments. In our Sourcing study, we looked at CEMEX, one of the world’s leading suppliers of cements, as an example of company that leveraged opportunity and minimized risks with its long-term sourcing strategy. CEMEX realized it needed to accelerate its transformation and become more agile to respond rapidly to new opportunities and threats. It engaged with a strategic sourcing provider to cut costs, improve productivity, and deliver transformative innovation. CEMEX built innovation into its sourcing contract by requiring the provider to invest annually in innovative projects that helped CEMEX achieve desired business outcomes.
5. How will IT improve our operational and strategic agility?
Across industries, customers expect new customized products and services, faster than ever before. In order to decrease time to market, companies can leverage IT to improve operational and strategic agility. We studied operations strategy decision makers from financial markets firms in “Beating market mandates: How winners are re-engineering financial markets operations” to better understand the characteristics of leading companies. The leaders in the study excel at meeting both regulatory and marketplace requirements, and typically introduce new products and services in 3 months or less. These leaders are extremely agile - focusing on improving access to analytics and reducing complexity.
6. Do we have the capabilities required to deliver value from IT?
At the Center for Applied Insights, many of our studies are about identifying and understanding the groups that get the most value from IT. Whether it’s Chief Information Security Officers who have a mature security strategy, CMOs who act as Marketing Scientists and deeply understand their customers through analytics, or CFOs who accelerate performance through analysis and prescriptive insight, we want to understand the capabilities necessary to get the best possible value from IT.
7. Who is accountable for IT and how do we hold them to account?
Who “owns” IT is becoming increasingly difficult to determine. Leading organizations have clear operating models that determine accountability for IT activities - it’s not just the CIO who is accountable anymore. In “Accelerating performance: The evolving role of the CFO”, we discuss how the CFO must contribute to the company’s IT strategy as well. This study looks back at the 2010 IBM Global CFO study, to see how the 2010 leaders are performing today. The outperformers excelled in finance efficiency and business insight, and continue to outperform financially today. However, in order for these leading CFOs to accelerate the performance of their organizations, they must now expand their influence beyond financial decisions to broader, strategic choices about business and operating models.
8. Are we comfortable with our level of IT risk?
With explosive growth in connectivity and collaboration, information technology is becoming increasingly complex and difficult to manage - managing risk from IT must be an enterprise-wide priority. In our article series “Security Essentials for CIOs”, we define an approach to manage all forms of IT risk, whether it is cybersecurity risk, IT compliance, risk to the supply chain or technology impacts to business transformation efforts.
9. Are we making the most of our technology story?
The McKinsey article could not have ended on a better question. We aim to bring stories to life - to show how leaders are building and advancing their businesses with IT. We use data to identify best practices, and communicate an IT story that addresses competition, strategy, value, performance, and risk.
Time and again, we’ve identified leaders in our studies and determined that these leaders are asking and getting answers to the nine questions above. If “digital technologies are disrupting industries,” then to be a technology winner in any industry, companies need to ask the right questions about IT strategy, and, more importantly, act on the answers they receive.
Today, I’m going to take a different approach to, hopefully, give you a glimpse into how mobile money can change users’ experiences. This is an imaginative piece (all characters are fictitious) where I’ll try to highlight the concerns, joys and satisfaction of a mobile money user from the hinterlands of India in the year 2015. It highlights the importance of an effective and trained agent network, importance of sufficient face-time for new customers, interoperability issues, and benefits of mobile money for a typical user.
Today, I woke up late at 5 am, startled to already be a half hour behind schedule. My mobile phone in hand, I kept checking the time and rushed to get ready. I can’t afford to lose half a day’s wage, US$6, if I report late to work even by half an hour.
At work, Sultan, one of my best friends, asked me for a loan of US$15 which he needed to pay the school fees of his daughter. I checked my Airtel mobile money wallet balance and instantly transferred the amount to his mobile money wallet. For a nominal fee of 10 cents, it was worthwhile to help a friend.
Thinking back, I remember the last time I loaned Sultan US$10. I had to walk down 2 Kms to the nearest branch of State Bank of India to transfer money to his account. That was when we met Harpreet, the sales agent of BharatiAirtel mobile money services at the bank. He introduced us to the new mobile money services. Until then, I had a basic feature phone and could not understand much of technology or features of mobile money in the first go. Harpreet was patient; he explained the service, its features, its tie up with banks, charges and benefits for us for about 30 minutes. I was particularly wary of the notion of holding money in mobile – how secure could it be? What if I lose my phone/SIM or someone else makes use of PIN delivered to me? Harpreet demonstrated everything and explained it in detail to clear our apprehensions. This convinced both of us, me and Sultan, to subscribe to the service on our Airtel SIMs. He even gave us the contact details of two local agents in our locality who can help us cash-in and cash-out, as required.
The first few days in using this service were difficult. I forgot some of the steps of using various services; user interface of the application was not so convenient, etc. I remember approaching the local agent and was so relieved to see that he could help. He was very well trained and he helped me from time to time in using the services more efficiently. One challenge I faced in the beginning was that the agent used to run out of cash. This was a major let down for me and I had to walk a Km to get cash from another agent. Over the last two months, though, I feel the service has improved a lot.
Since then, I have been using this service quite frequently. I have used it to make recharges on my cell phone, make and receive money transfers to/from my friends, send money to my family, check bank account balance, withdraw and deposit cash at the agent and even pay my electricity bill. The list keeps on getting longer! Here again, the agent is proactive enough to let me know of the new services and discounts offered by the service providers.
For me, it’s a hand to mouth situation, given my meagre salary. I work in New Delhi but my family lives in a distant village in Orissa, more than 1000Kms from my place. With this service, I can transfer money to them on a real time basis and with minimal charges. Earlier, I used to transfer money through post office or hand it over to someone who would be travelling to my place. It took a few days for the money to arrive and I was charged about thrice as much. I am quite happy that this service enables me to send money to my family as and when they need it.
One challenge I faced initially, while transferring money to my family, was that my family was using the mobile services of Vodafone and Airtel was not allowing money transfers to non-Airtel subscribers. Sending remittance to my family constitutes 80% of my transactions and this was a major handicap for me. Either, I had to take the services of Vodafone or my family had to take the services of Airtel. Due to this, I was not able to transfer money to them for a couple of weeks. I consulted some of my friends and they advised a workaround solution they had been using. However, I was not convinced and instead, asked my family to take Airtel connection.
I have genuinely recommended this service to my fellow workers at the construction site and taken four of them to Harpreet to sign up for the services. For this, Harpreet gave me bonus talktime on my cell phone. It is a nice incentive for sharing my experience.
I finally got free from my work at 7 pm this evening and received my daily salary. I transferred the entire amount to my family since the monthly rent was due on their house.
Though it is tough for me to survive in this salary and work condition, mobile money has surely made the journey a bit simpler and convenient.
I look forward to your comments and observations. Please click “Add a Comment” below or “More Actions” to share this with others.
Special thanks to Geert Van De Putte and Tim Appleby from IBM Software Group for their help with this post.
Like other industries, retail has its own set of unique security challenges. Loss prevention is a significant component of that challenge. The latest National Retail Security Surveystated that in 2011, U.S. retailers lost $34.5 billion to retail theft – combining employee theft, shoplifting, paperwork errors and supplier fraud. That accounted for approximately 1.4 percent of total retail sales last year.
Today, the checkout/point of sale is the nexus for retail security. Here, the four most important flows for a retailer converge – cash, inventory, electronic payments and customer data. All sorts of different security incidents and fraud can happen at this point – self-checkout fraud, shoplifting, counterfeit coupons, employee theft and compliance in theft, and the theft of customer data through compromised equipment.
As the boundaries of retailers extend beyond the traditional brick and mortar of their stores, additional security concerns come into play. There is fraud around online ordering and home shipment, portal security issues for retailer websites, supply chain security associated with contamination, theft and low quality, and even stealing intellectual property (if retailers have their own private labels).
On top of all of this, retailers are also transforming their business with emerging technologies that all have their own unique security challenges. These include new payment technologies like mobile point-of-sale and in-aisle purchasing, e-receipts, RFID and near-field communications, video and social analytics, mobility and multi-channel access and social networking.
All of these are increasing the number of contact points between the customer and the retailer – pushing out the security boundary further and further. Retailers are struggling to create a better, deeper customer experience and, at the same time, mitigate the potential risks to the organization.
The threat landscape and new technologies are creating a need for an integrated security environment. Are retailers up to the task? Are they approaching physical and information security in new, united ways? Is loss prevention being included in more and more technology conversations? Are retailers moving away from being purely reactive?
We gained a bit of insight into this as part of theIBM 2012 CISO Assessment. There were eleven retail respondents from four different countries (France, Germany, Japan and the U.S.). Their answers compared to the overall statistics from the survey shed some light on the issues:
Retailers realize that information security needs more attention – 8 of 11 see increased leadership attention from two years ago, and 9 of 11 expect increased budgets over the next two years.
They are making progress – all of the retail respondents indicated a slight (7 of 11) or a dramatic (4 of 11) improvement in their information security position from two years ago.
However, they currently don’t have the information security organizational structure to address the changing landscape – only 2 of 11 have a CISO, 2 of 11 have a budget line item, 4 of the 11 have a security or risk committee and 5 of 11 use a standard set of metrics.
Internal threats and mobility are top concerns – 6 of 11 respondents indicated mobility as their top technology concern. Internal threats were ranked the highest overall security threat with 5 of 11 ranking it #1.
Retailers will be focused on employee education and using managed services to improve their security situation over the next two years.
Another statistic that highlights the fact that retailers know the importance of information security but are struggling to address the changing technology environment comes from IBM’s Global Workforce Study. Overall, 49% of respondents stated that they have “completely addressed” their mobile security concern. For retail it was only 22%. However, 73% of retail respondents expect to make significant investments in their mobile environment in the next 1-2 years, signaling they know it is an issue.
Retailers are not only responsible for protecting their own information, but they are under considerable regulatory pressure to make sure they protect customer information as well. They are faced with a diverse array of threats and technologies that are creating new potential vulnerabilities. They need to have the right security organization and capabilities that unites information and physical security, risk, loss prevention and others into a holistic approach. Retailers realize this, but they still have a way to go before they’ll be confident in their capabilities.
Feel free to contribute to the conversation. Are these the right security challenges for retailers? Will it take more than just technology to address them? How do you think they are addressing this important issue today? Do retailers have a harder go at it than other industries because of the nature of their business? Let us know what you think.
Not many people empathize with financial markets firms these days. Yet, they are facing a one-two punch of increasingly onerous regulation combined with increased competition (a result of more demanding customers, technological change, globalization and the downturn in the global economy).
Industry experts estimate that 15-20% of the market share for wholesale and investment banking will be reshuffled in the next few years. To survive let alone thrive, financial markets firms must adapt – by changing the way that they operate.
Working with Broadridge Financial Solutions we looked into how financial markets firms are responding to this demanding environment – and specifically the changes they are making to their operating models – that is how they organize their resources, business processes, systems, information assets, etc.
The research highlighted a leading group – who excelled at both compliance and innovation. This group had five key things they were thinking and doing differently than the rest:
Thinking marketplace first, “factory” efficiencies second
Designing operations around client interactions, not vice versa
Cultivating agility – and an ability to see what others don’t
Building and use scale, but not always in expected ways
Partnering to extend their capabilities – and their thinking
These firms have a different perspective on operations and how it contributes to the business. The distinctions between front, middle and back office are becoming less distinct. As a UK-based Chief Operations Officer at a Universal Bank observed: “We must make sure changes enhance the whole process - It’s no good having a Rolls-Royce in the front and a Mini in the back.”
The leaders are looking at how operations can positively contribute to the business – through consolidation and greater efficiency of course, but also through creating the flexibility to scale resources and adapt to market conditions, facilitating faster product development and enabling innovation.
The leaders are also more open to working with external partners – and see the positive value to be gained through collaboration, for example accessing the technology and resources of an external partner. Leaders outsource more of their business processes, in particular, traditional areas like back-office accounting, settlement and clearance and reporting systems.
Success in these areas will likely encourage leaders to forge ahead into sourcing more complex functions such as reconciliations, data management, tax reporting and corporate actions. But what they outsource is perhaps of less interest than how they outsource. The leaders outsource with a business objective in mind, seeking to get the best from their partner, whereas those lagging tend to see the potential benefits in a more limited way – focusing on cutting costs of the back office.
And importantly, the study points to these differences in attitude feeding into improved results. Those who recognize how operations can contribute to the business and see collaboration as a way of improving business outcomes are rewarded with improved customer satisfaction, faster product introduction, improved regulatory compliance and improved access to information.
So what are the implications, for firms operating in financial markets as well as those in other industries who are trying to optimize the contribution of their back offices? For financial markets firms - focus on achieving agility, scalability and customer centricity, with the potential help of external partners. Many of those currently lagging are planning to evolve their operating model over the next three years. However, there is no time to delay, as the leading firms are forging ahead, and gaining market share as a result.
For those in other industries seeking to optimize their back office operations, this study also provides valuable insights. The financial markets industry is an extreme case where technological change, globalization, market turmoil, low switching costs and significant regulatory change have come together accelerating required operating model change. But the drivers are similar in many other industries – and we are observing a transformation in approaches to outsourcing – focusing more on sharing expertise and delivering business value rather than simply efficiency savings. Increasingly, the winners, across all industries, will be those who exploit these new capabilities to the full.
The study explores how enterprises are responding to the opportunities and risks introduced by new technologies.This year, we surveyed over 1,200 IT and business decision makers to determine why, when, and how their organizations adopt four pivotal emerging technologies – mobile, analytics, cloud and social business technologies – that are rapidly reshaping how enterprises operate.
Are you in the lead, or is your organization falling behind? You can use the adoption and investment statistics we discovered to help you assess where your organizationstands:
Business Analytics and Mobile Computing are already quite mainstream, with over 50% of respondents deploying.Cloud Computing and Social Business represent a coming wave, with 40% either already piloting the technologies, or planning to adopt them within two years.Moreover, planned investment levels in the four technologies over the next two years indicate that all are moving full steam ahead: 55% or more of respondents plan to increase investment in Mobile, Cloud, and Business Analytics, and 43% plan to increase their investment in Social Business. You can click on the following infographic to take a deeper dive:
Despite the foothold of these technologies and the enthusiastic investment landscape, the report cites critical IT skill gaps that threaten to slam on the brakes just as organizations are hoping to leverage these technologies for their strategic advantage:
Across all four technology areas, only roughly 1 in 10 companies report having all the skills they need to be successful, and one-quarter of respondents report major skill gaps.
We also surveyed about 700 educators and students about these technology areas, and according to their responses, the skill gap is poised to get even worse:
About one-half of academic respondents report major gaps in their institution’s ability to meet the needs of the IT workforce.
Security also continues to be a major concern. In fact, Security is rated as the #1 barrier to adoption for mobile, cloud and social business, and the #2 barrier to adoption for business analytics.
What can you learn from those making the most progress applying these technologies for strategic advantage?
We asked respondents to rate the four emerging technologies’ importance to their businesses and also to rate their enterprises’ pace of adoption relative to competitors. We identified an elite group of Pacesetters who are forging ahead faster than others – despite the adoption hurdles – and who are using emerging technologies in more strategic ways.
If you want to get your organization onto the technology fast track (or keep it there), there are a number of interesting lessons you can take from the Pacesetters. We found that Pacesetters are more likely to exhibit three distinguishing traits that help them capitalize on the potential of mobile, analytics, cloud and social technologies. They are:
So, how are Pacesetters managing to stay ahead of the competition? As it turns out, they’re very experimental in their approach to developing IT skills. Rather than wait until there’s clear business demand for new skills, Pacesetters start building skills ahead of time: they are nine times more likely to experiment with technologies that don’t yet have a clear business application, and twice as likely to proactively develop skills to meet anticipated needs.
To learn more about the study results and how you can follow the pacesetters’ lead in technology adoption, you can check out the complete IBM 2012 Tech Trends report and a variety of other resources.
Don't miss the paper's list of concrete recommendations for becoming Pacesetters. We invite you to join in the discussion and let us know what you think about the study and its recommendations!
Senior Consultant, IBM Center for Applied Insights
Growing up, there was a very specific sandwich-making rule laid down by my dad. When making peanut butter and jelly sandwiches, you had to use the peanut butter before the jelly. Was this because of some principle which determined that the resulting sandwich held together better when the ingredients were applied in this order? No. It was because he hated the cross-contamination of jelly into the peanut butter jar which was inevitable when it was on the spreading knife first. He preferred jelly-free sandwiches, you see.
This memory of a long held rule, which still govern my actions today, came to me as I was reviewing the Center's current research into security related topics. We're talking with Chief Information Security Officers (CISOs) about their evolution and leading practices in the enterprise. We're discussing how they successfully bring security topics into the business world. Most importantly, we're examining how business priorities impact security choices.
In the realm of mobile and BYOD, you can hardly have a conversation without discussing security. It is a key inhibitor to mobile adoption and one reason companies are looking for managed security solutions rather than simply hoping for the best. Some security leaders argue for keeping personally owned devices out of the enterprise, simply due to the risk potential. Others, accepting that mobile is here to stay, fight to make its use as secure and safe as possible. It's only going to get worse and more and more connected devices enter the enterprise (see this recent Forbes article: "The Next Big Thing In Enterprise IT: Bring Your Own Wearable Tech?")
IBM's prior CISO, and current head of Security Services, Kris Lovejoy wrote about best practices for mobile implementations last year as part of our Security Essentials series:"Enabling mobility: their device, your data". For many, doing business means being mobile. As a security leader, it becomes your job to manage the risk - not just avoid it. Caleb Barlow extended these thoughts with an article this summer, "Yes, It’s Possible to Be Confident About Mobile Security", which focuses on four key ways to mitigate the risk of adding mobile to your secure enterprise:
Risk analysis - Organizations must understand what enterprise data is on employee devices, how it could be compromised and the potential impact of the comprise (i.e. What does it cost? What happens if the device is lost? Is the data incidental or crucial to business?).
Securing the application - In the pre-mobile, personal computer era, simply securing the device and the user were sufficient. When it comes to mobile devices, we also need to think about securing the application itself. As a typical application is downloaded from a store, the end user really has no idea who built the application, what it actually does with your data or how secure it is. Corporate applications with sensitive data need to be secure in their own right.
Secure mobile access authentication - Since mobile devices are shared, it’s important to authenticate both the user and the device before granting access and to look at the context of the user requesting access based on factors like time, network, location, device characteristics, role, etc. If the context appears to be out of line with normal behavior, appropriate counter measures can be taken.
Encryption: Simply put, if the data is sensitive it needs to be encrypted both while at rest as well as while in motion on the network.
What stops you from fully adding mobile to your security strategy? Hopefully it is more than just a distaste for jelly in your peanut butter. This October we'll have more to share on mobile adoption challenges when we release this year's follow up to our 2012 CISO Assessment.
We hear a lot of chatter about a growing IT skills gap, both here in the US and globally. A recent New York Times article provided some statistics that were both frightening and illuminating. Approximately 20 percent of American adults don’t use the Internet at home, work, or school, and don’t own a web-enabled mobile device. While the government has funded a $7 billion effort to expand Internet access across the country, there has been little to no increase in adoption. Employment opportunities are increasingly web-based, but digital literacy rates have remained stagnant.
This gap is not only apparent in the general population, but also in the IT workforce. At the Center for Applied Insights, skills gaps often emerge in our studies as top barriers to success in specific fields. Our 2012 Tech Trends study, which surveyed more than 1200 IT professionals, found that only 1 in 10 organizations has all the skills it needs to be successful. This indicates a major gap – and when we talked to students and educators to get headlights into the future - roughly 75 percent of them report a moderate to major gap in their ability to meet the skill needs of the IT workforce. If the workforce of tomorrow and their teachers are telling us the gap is this big – clearly there’s a problem.
There is also a major skills gap in the security realm. In “Cybersecurity education for the next generation”, we addressed the need for cybersecurity-related academic programs around the world. Less than 60 percent of the students and educators surveyed believe their academic programs address the creation and development of IT security practices for emerging technologies such as Mobile, Cloud, and Social Business.
How can we close it?
Forbes, like the New York Times, wrote an article about the skills gap, emphasizing the disconnect between traditional education institutions and the current, fast-changing job market. Bottom line: institutions aren’t evolving as quickly as they should; only 42 percent of employers believe recent graduates are ready for work. Forbes’ solution? Job seekers must take it upon themselves to develop their own skills, by utilizing online resources. At the same time, companies must invest in comprehensive training programs for their diverse group of new employees, and make job requirements clearer. Noticeably absent was a suggestion for how traditional education institutions can improve. IBM has a tactic to address this. Ad Age featured a story on how IBM, in partnership with its clients, works with academic institutions to design programs that prepare students for real world IT work experience. Examples of these programs include integration with GM at Michigan State, and GlaxoSmithKline at Yale.
At the IBM Center for Applied Insights, we’ve looked at the IT skills gap from both the supply and demand sides. In terms of demand, our Tech Trends paper provides suggestions for IT leaders and practitioners on how to close this gap. For IT leaders, we suggest encouraging skill development across a range of disciplines, designing diverse teams and using social tools to assemble expertise, and extending the skills mission beyond IT, making business leaders smarter consumers of analytics. For practitioners, we suggest concentrating on integrating expertise and deepening specialized skills while broadening knowledge across new areas. Practitioners must combine areas of expertise to deliver more value, strengthen business acumen, and use social tools to solicit and supply expertise.
On the supply side, we discovered that cybersecurity education programs are entering a period of transformation. In order to work in concert with today’s demands, we suggest five key initiatives. (1) Increase awareness of security across the academic community, and produce more graduates from cybersecurity programs. (2) Treat security education as a global issue. (3) Approach security comprehensively, linking technical to non-technical fields. (4) Seek innovative ways to fund labs and pursue real-world projects. (5) Advance a “science of security”.
As technology continues to rapidly transform, skills gaps will continue to emerge. While we won’t try to tackle the 20 percent of non-Internet users in the US population, we in the Tech world have the tools to bridge the gaps in the IT workforce. We must be innovative, adaptable, and forward-thinking. What are the next skills gaps that we’ll explore? Stay tuned for more studies from the Center for Applied Insights that address this skills gap, specifically looking at IT leadership in Africa.
If your enterprise is working with Big Data, or at least beginning to stick your toe in the water, and you're not thinking about the concept of "signal", you're about to make a big mistake. Identifying the signal is what will enable you to leverage Big Data effectively. And if you don't, you're going to spend a lot of time and money chasing red herrings.
When we rely on data for decision making, what qualifies as a signal and what is merely noise? In and of themselves, data are neither. Data are merely facts. When facts are useful, they serve as signals. When they aren’t useful, data clutter the environment with distracting noise.
For data to be useful, they must:
Address something that matters
Provide an opportunity for action to achieve or maintain a desired state
When any of these qualities are missing, data remain noise.
I like this definition. It fits hand in hand with the concept of Marketing Science that we proposed earlier this year. Insights (aka signal) are only valuable in so far as they drive business outcomes. And if you're developing insights that influence action within your enterprise, you had better make sure that what you're looking at is actually signal.
This is where Big Data is presents challenges. In his post, Few makes the absolutely correct point that data are noisy. And when data increase dramatically in volume, velocity, and variety (aka it gets BIG), that noisiness grows right along with everything else. All of a sudden, it becomes that much harder to correctly identify signal. As Few points out:
Finding a needle in a haystack doesn’t get easier as you’re tossing more and more hay on the pile.
If you listen to some of the discussion around Big Data, you could easily walk away thinking that if you can capture it, all you need to do is run it through some sophisticated analytic software and "boom" you've got new insights.
The problem with this approach is that pesky noise. As you start dealing with huge data sets, it becomes relatively easy to find "statistically significant noise". You may think you're looking at signal, but instead you're just finding random patterns in the noise that happen to look like signal. This is what can happen when analysts are given lots of data and told to go find something.
How do you combat this? Part of it, as Few points out, is having data analysts that have a deep understanding of how to detect signal and the associated challenges that Big Data presents. The other part, is in how you approach data analysis in the first place.
Again, I'll reference our Marketing Science framework and propose that by applying a scientific approach to data collection and analysis, you improve your ability to correctly identify signal. Instead of randomly looking for patterns in the data, by developing hypotheses and then testing and refining them, you're able to focus on signal that (a is more likely to actually be signal and b) will help drive the business forward.
We've seen some really interesting and impactful results internally with the Marketing Science framework. We've developed insights that both drive business outcomes and challenge conventional thinking. I'll be highlighting a few of these examples in future blog posts. In the meantime, I'd love to get your feedback on what challenges you've experienced with identifying signal within Big Data.
Senior consultant, IBM Center for Applied Insights
It’s easy to say that information security leaders have it tough. The security landscape is full of conflict, confusion and uncertainty, coming from a number of different directions. Leaders have a lot to handle. If it’s not a rapidly shifting threat, it’s new technology platforms to secure including mobile, cloud and social. Almost every article I see these days is focused on the growing challenges, with titles like the “Eye of the storm”, “Into the cloud, out of the fog” and “Converging waves of pain.”
Today, the IBM Center for Applied Insights releases the results of the 2012 IBM Chief Information Security Officer Assessment. This was our first foray into examining the role of information security leaders, and how they are evolving to meet the challenging landscape. While we understand and appreciate the fact that things are difficult on the technical front, we wanted to focus on the organizational and leadership aspects of information security.
We felt that information security leadership was in the process of undergoing a transformation and wanted to test whether the role was changing based on increasing security challenges and greater attention from business leaders.
We wanted to identify best practices that could be shared across the industry – and understand if organizations were moving toward a more holistic, risk-based approach to information security.
We also wanted to know what roles collaboration, innovation and integration are playing in security organizations.
What we discovered was that only 1 in 4 security leaders have made the shift to being recognized as having strategic impact on their enterprise. Based on a self-assessment of their organizational maturity and their ability to handle a security incident, three different types of leaders emerged.
Influencers (25%) – This group sees their security organizations as progressive, ranking themselves highly in both maturity and preparedness. These security leaders have business influence and authority – a strategic voice in the enterprise.
Protectors (47%) – These security leaders recognize the importance of information security as a strategic priority. However, they lack important measurement insight and the necessary budget authority to fully transform their enterprises’ security approach.
Responders (28%) – This group remains largely in response mode, working to protect the enterprise and comply with regulations and standards but struggling to make strategic headway. They may not yet have the resources or business influence to drive significant change.
We also discovered some significant differences between the groups that show how Influencers have developed their strategic voice. Compared to Responders, Influencers are:
2x more likely to have a dedicated CISO
2.5x more likely to have a security or risk committee
3x more likely to have information security as a board topic
2x more likely to use a standard set of security metrics to track their progress
4x more likely to be focused on improving enterprise-wide communication and collaboration over the next two years
2x more likely to be focused on providing education and security awareness over the next two years
This is just the beginning of our conversation around the role of information security leadership and its place within the enterprise. The full report goes into more detail on the security landscape, the different types of leaders and their characteristics, and a way forward for everyone.
Derek Franks Consultant, IBM Center for Applied Insights
As a former marketer myself, I know that marketing is often marginalized within enterprises, particularly those with strong scientific or development organizations. Marketing is often viewed as being responsible for the “soft stuff” that looks pretty but doesn’t have any real impact on the business. I’m here to tell you that this view is wrong, and if you don’t realize it quickly, your competitors will.
We recently surveyed 362 marketers from around the world, across more than 15 industries, and found that Leading Marketers’ enterprises had 40% greater Revenue growth and twice the Gross Profit growth over the past 3 years when compared to the rest.
What exactly is a Leading Marketer?I’m glad you asked. We identified 2 essential traits of effective marketers: “Effective Engagement” and “Intelligent Investment”. Essentially we defined Leading Marketers as those who had a high level of responsibility forengagingwith customers across channels as well as a sophisticated approach toinvestingmarketing resources.
We then looked at publicly available financial data and found that when we correlated that to our segmentation of leading marketers, a clear trend emerged: Leading Marketers’ enterprises performed better financially.
So how, exactly, do you develop a Leading Marketing organization within your enterprise? Like most things in today’s world the answer is complex but grounded in the principles of Marketing 101. It can be as simple as the 4P’s or as complicated as developing a collaborative relationship with other functional areas within the enterprise. I’ll be blogging more about this topic and other insights from our study over the coming weeks, but get a sneak preview by reading our executive report, How Leading Marketers Outperform: Effective Engagement and Intelligent Investment.
If there is a particular topic you’d like me to talk about, please login and leave me a comment, below.
Senior Consultant, IBM Center for Applied Insights
Sometimes time and space conspire to create an opportunity that you weren’t expecting. That was the case for me last week. Near where I live, the University of Rhode Island (URI) hosted their third Cybersecurity Symposiumon education and workforce development. Speakers included the entire Rhode Island Congressional delegation, the director of the U.S. Defense Intelligence Agency, the CIO for the U.S. Department of Defense and a number of industry practitioners, including IBM’s VP for Cyber Security Innovation Marisa Viveros. Marisa was the co-author of the paper that we recently published on leading practices for cybersecurity education.
The symposium was open to the public and students, had over 400 attendees, and flew at a fairly high level. There were some excellent takeaways and parallels to IBM’s recent research with respect to cybersecurity skills and education. The Congressional delegation, which included Sen. Whitehouse, Sen. Reed, Rep. Langevin and Rep. Cicilline, each emphasized different areas of the cybersecurity challenge. This included improving public awareness, the national security implications of the rapidly changing cyber threat, the difficulties with law enforcement, and the need to protect our privacy, civil rights and liberties.
Lieutenant General Flynn of the U.S. Defense Intelligence Agency (and URI alum) was a very engaging speaker and talked about the “invisible war” that is currently being waged in cyberspace. He highlighted the profound transition U.S. security is currently going through – caused by population, economic and technology shifts – which require new ways of thinking. To fight this invisible war, he said that for every person currently working in cybersecurity today, we need a staggering twenty-eight more. He also repeatedly talked about the generational issues involved in cybersecurity and that real rules and discipline have yet to emerge on the international stage. He advocated something akin to the “law of the sea”, but for the cyber domain.
The business and industry panel included speakers from Google, IBM, Dell SecureWorks, CVS and Fidelity Investments and was much more open and conversational. They all brought their perspectives – whether providing information security or managing it for their organizations. There was a lot of discussion about how to break into the field of cybersecurity, what skills to have, what courses to take, and career paths. Stephan Somogyi, from Google, talked about the need to educate everyone on digital hygiene and focusing education on the basics of computer science. He said that you have to have a passion for security, it is a calling. If you have that, you can come from any field. Jeff Shilling, from Dell, talked about the incredible need for security technicians, those with hands-on skills. He has enough security managers, what he needs are those that can do the work (he agreed with Lt. Gen. Flynn’s assessment).
A lot of the themes from the day echoed what we recommended through our research. Local and national collaboration was evident with the diversity of speakers and the support from the entire university, the Congressional delegation, the military and industry. The importance of awareness was highlighted over and over. URI is working on innovative ways to provide hands-on experience for students through a low-cost Open Cyber Challenge Platform they are developing. The need for improving non-technical cybersecurity academic programs for business and policy leaders was highlighted in a new study from the Pell Center for International Relations and Public Policy.
This was a very valuable event, and I hope that it continues on an annual basis. Even though it was to raise local awareness and promote URI and its computer science program, it could stand to have increased global participation in the next iteration – which was one of our key findings.
For a summary of our recent research check out and share the Prezi presentation below: