IBM Center for Applied Insights
Ellen Cornillon 110000K9SX firstname.lastname@example.org 505 Visits
Susanne Hupfer 2700006BQ0 Susanne_Hupfer@us.ibm.com Tags:  social_software social-networking social-software social-business social_networking ibmcai social social_business 1,018 Visits
Client Insights, Consultant
IBM Center for Applied Insights
If you've paid attention to the business press this past year, you've no doubt heard all about the potential benefits of social software to the enterprise (improved organizational collaboration, transparency, decision-making, and innovation). Maybe you're seriously considering deploying enterprise social software and becoming a "social business." If so, you'll be in good company: organizations that outperform financially are 57% more likely to allow their people to use social and collaborative tools. We outline these benefits in our recent short paper: Social is great! So, now what?
But you may be wondering what to expect once you roll out social software to your organization. An IBM Research study of social networking inside a large enterprise may hold some clues.
In 2007, IBM launched an experimental internal social networking site for employees -- SocialBlue (once-upon-a-time known as Beehive) -- that was designed to blur the boundaries between professional and personal, and business and fun. The site capabilities included customizable user profiles, status messages, "friending" of people, photo and list sharing, and commenting (on profiles, photos, lists). Through interviews and quantitative analysis of usage logs, the researchers set about studying the adoption, usage, motivations, and impact of social networking in the workplace.
The results were fascinating. Within a year of launch, upwards of 30,000 employees had opted in to use the site. We all know that, on personal social networking sites such as Facebook, we tend to connect to friends and acquaintances -- the people we already know. So you might guess that employees using enterprise social software would mainly want to connect to their immediate coworkers... but you'd be wrong. Employees instead used the site to meet new colleagues and also to connect and keep up with "weak ties" -- colleagues they didn't know well or weren't in regular communication with. They hoped to strengthen these ties in case they needed to call upon those connections later.
Why were all those thousands of IBMers connecting and sharing? It turns out they were Caring, Climbing, and Campaigning:
Caring: Interviews showed that employees enjoyed connecting on a social level with their colleagues. One user explained: "[the system] helps me connect to people personally, which helps me to like these people more, which makes me want to work with them." Another explained that, with teams becoming increasingly distributed and lacking everyday, face-to-face contact, the system "added that interpersonal relationship back in."
Climbing: A subset of users deliberately used the system as a career advancement tool. Techniques included becoming a visible expert on a topic by participating in professional conversations, and also strategically "friending" upper management.
Campaigning: Some users leveraged the system as a platform for promoting and gaining support for their ideas and projects. Due to the flat, cross-divisional nature of the system, some noted that putting an idea out there might garner attention and support from an executive in a way that would be harder to achieve through traditional, hierarchical corporate channels.
Today, 400k+ IBMers continue to connect to one another and care, climb, and campaign using the IBM Connections product, which was influenced by the research work on SocialBlue.
There are two other important "C's" you'll want to carefully consider when you deploy social software to your enterprise: Capabilities and Culture.
Capabilities: The capabilities of an enterprise social networking system have a direct impact on the kind of usage you're going to see. For instance, if SocialBlue hadn't allowed commenting on others' profiles and content, much of the casual, conversational, watercooler-ish nature of the site would not have been possible.
Culture: If your enterprise is multi-national and globally integrated, you'll need to take geographic needs and behavior into account. Users from different geographies and cultures perceive different benefits from enterprise social software and participate at varying levels and in different ways. The "corporate culture" that your organization promotes is also fundamental to becoming a social business, and will drive how your employees make use of social software and what they do with it.
What have you seen as the biggest barriers to adoption or benefits realized within your organizations?
Ellen Cornillon 110000K9SX email@example.com Tags:  public_safety roi outcomes ems disaster_response fire police smarter_planet efficiency roi-for-smart law_enforcement benefits 1,015 Visits
John Reiners (profile)
Government Leader - IBM Center for Applied Insights
Last week, IBM hosted several U.S. Congressmen, their support teams, and media on Capitol Hill on the theme "IBM's Smarter States: How Tech Innovations Will Impact the Future of Government."
At the event, public safety was discussed as one of the areas of opportunity. We have recently published our research into the ROI of smarter public safety.
Our research, carried out over several months last year, looked at new approaches to public safety being adopted by agencies around the world, in law enforcement, fire, EMS, and disaster response. It presents the growing evidence of tangible benefits that these new approaches are delivering. You can check out a summary of the results in the study report. You and your colleagues can also access a Benefit Estimator, which can apply the research findings to calculate the potential benefits for your own organization.
I was asked the other day to summarise what we found out from our research, beyond the results presented in the report. There is always more to say than will fit in a single report! That question got me thinking, however, because the lessons learned during this research project probably apply equally to other areas of government and indeed other industries facing rapid technological change. So, here are my top 5 lessons learned:
There is a natural tendency to prefer this last one, as it offers the promise of cost saving & improved service levels as well as keeping control of operations. Though because investment is needed, it may be harder to secure the funds needed unless a convincing case can be made.
So do these points resonate with other areas of government and other industries? and what are the implications? For example, how can we move to a more sophisticated debate on how to invest in smarter approaches that:
Derek Franks 1100007YTJ firstname.lastname@example.org Tags:  roi-for-smart for state industry insights ibm_center_for_applied_in... center analytics of retail applied smarter_analytics state-of-smart smarter_retail smart ibm 1,512 Visits
Consultant, IBM Center for Applied Insights
Welcome! This is the first post in a series of articles I’ll be writing over the coming months that delve a bit deeper into some of the more interesting findings from our State of Smart research here at the IBM Center for Applied Insights. Today we’ll be discussing some of the interesting data points for the retail industry including some surprising findings about CRM.
If you’re not familiar with our State of Smart work, an overview of our research and findings can be found in our Executive Report. We surveyed over 1100 executives worldwide across 9 industries to determine their organizations’ information and analytics capabilities (we refer to these capabilities as “listen” and “anticipate”). We found that organizations with these capabilities significantly outperformed their peers: 1.6x revenue growth, 2x EBITDA growth, and 2.5x stock price appreciation over a five year period. Not bad, huh?
But this only tells part of the story. We also asked these enterprises about where they realize value from analytics and how they deploy “listen” and “anticipate” capabilities. So let’s dig into the retail data a bit deeper.
For our purposes, we’re going to refer to retailers in the top right quadrant as “Outperformers” and everybody else as “Others”. Only 29% of retailers are Outperformers. About 62% of retailers have a high level of “listen” capabilities while only 38% of retailers have a high level of “anticipate” capabilities.
What this tells us is that retailers are pretty good at “Listening” – i.e. capturing data. By and large, most retailers have done a good job of laying down an information foundation. However, a much smaller proportion of those retailers are then translating that data into actionable insights.
So we know that retailers have room to improve when it comes to leveraging the data that they capture. What other interesting insights did we uncover?
For starters, as you might expect from the high “listen” capabilities, retail Outperformers are very good at capturing different types of data. Specifically, 84% of Outperformers capture data at every customer interaction (this was the highest % across any industry we surveyed). The 'data at every customer interaction' spread between outperformers and others is 2.2x, the second highest gap among the nine industry categories.
Additionally, the 56% of the Outperformers captured unstructured data versus 35% of the Others. Essentially the Outperformers are looking beyond individual transaction data and are mining social media, weather patterns, etc to drive more robust information for applied decision making.
The Outperformers then leverage this information to drive actionable insights about their customers. For example, 84% of Outperformers (vs 38% of Others) use their information and analytics capabilities to recommend actions to customers. This can take the form of both customer facing recommendations, such as cross-selling or up-selling opportunities, or internal actions such as identifying next best actions to convert abandoned baskets or reactivate a dormant customer.
The holy grail of retailers has long been to develop deep insights about customers from a variety of data sources and then use these insights to drive actions that positively impact the customer experience and consequently improve their top and bottom line. Our data shows that the Outperformers are doing just that.
What we’ve talked about so far is fairly intuitive. However in the course of analyzing the State of Smart data we saw several things that intrigued us. For instance, found that only 36% of Outperformers vs 31% of Others realized value from customer relationship management. We expected the overall percentages to be higher and gap to be wider. The data suggest several things. First, the true value of CRM has likely not yet been realized by most retailers. Second, the outperformers haven’t yet found a way to drive the additional insights they’ve been generating into their CRM practices.
Hopefully you found this deep dive into our State of Smart retail industry data to be interesting and useful. If you're interested in calculating the potential impact that developing your "listen" and "anticipate" capabilities can have on your business, I suggest you take a quick look at our Smarter Merchandising and Smarter Shopping Experience toolsets. We've developed online calculators that let you quickly and easily get an idea of the potential economic benefits that leveraging analytics can have for your organization.
I’ll be posting more deep dive articles over the next few months. Check back next next week for a deep dive into the banking industry data. If you have any questions about this article or requests for future articles, please feel free to let me know.
Derek Franks 1100007YTJ email@example.com Tags:  smart banking analytics financial_services roi-for-smart state-of-smart 1,044 Visits
Consultant, IBM Center for Applied Insights
If you look at the distribution matrix below, the first think you’ll notice is that 46% of the respondents were identified as “Outperformers”. This was the highest ratio of Outperformers of any of industry we surveyed. Simultaneously, 33% of respondents were identified as having low Listen and Anticipate capabilities.
What we’re seeing here is an interesting dichotomy. Simultaneously, a significant proportion of
the industry are Outperformers while a smaller yet significant proportion of
the industry has low Listen and Anticipate capabilities – without much in between. This tells us that while Banking is clearly one of the more advanced industries when it comes to data and analytics, there are still significant opportunities for improvement.
As you might expect, the Banking industry Outperformers capture quite a bit of data. 79% captured customer data at every interaction (2.1x more than the Others). Additionally 58% of the Outperformers captured unstructured data (1.6x more than the Others).
What is that data used for? Interestingly, both Outperformers and Others used analytics to guide the actions executive decision makers (83% and 79% respectively). This was by far the smallest gap in this capability between the Outperformers and Others of any industry and suggests that this capability is “table stakes”.
However, there are several uses of data that differentiate Outperformers from Others. First, 84% of Outperformers provide insights to suppliers and business partners (2.4x more than the Others). Second, the Banking Outperformers tied for the highest percentage usage of analytics to recommend actions to customers among the industries (87% - 1.7x more than the Others).
Finally, we saw 2 very interesting results when we asked where Banks realized value from analytics. We found that 37% of Outperformers realized value when they used analytics to drive workforce planning and management. This was particularly interesting because the Outperformers were 9(!) times more likely to realize value here than the Others.
The other interesting result was one that we haven’t found a complete explanation for (yet!). 65% of the Others vs 48% of the Outperformers realized value from analytics in regards to risk management. This was a counter-intuitive result, so there’s clearly something interesting going on here.
My current theory is that this result doesn’t mean that these Outperformers aren’t engaged in risk management activities. To the contrary, it likely means that about half of them have other systems in place that drive their risk management activities without relying significantly on Analytics. They may make more use of policies, procedures, limits, and executive oversight. Or perhaps their greater use of analytics to engage with customers, suppliers, and business partners is effectively providing indirect risk management.
Hopefully this has provided you with some interesting insights into the Banking industry. As always, please feel free to leave a comment or send me an e-mail if you have any questions. I’d be particularly interested in any thoughts you might have on risk management in the Banking industry.
See you next time!
Derek Franks 1100007YTJ firstname.lastname@example.org Tags:  roi-for-smart roi industry unstructured_data state-of-smart c&p chemical&petroleum 782 Visits
Consultant, IBM Center for Applied Insights
Welcome to another State of Smart industry deep dive. Today we’ll be taking a look at the Chemical and Petroleum industry. I’ve been looking forward to writing this post for a while now. We came across some data points when we looked at unstructured data that initially were surprising but actually make quite a bit of sense when you think about it.
Let’s take a look at the data, shall we? As you can see, 39% of C&P companies surveyed fell into the “Outperformers” category, having both high Listen and Anticipate capabilities. Very few companies reported to have high Anticipate and low Listen capabilities (which makes sense if you think about it).
Overall, C&P companies are very good at Listening, with 59% having a high Listen capability. Simultaneously only 42% have a high Anticipate capability.
So as you might expect, C&P outperformers are really good at capturing data. When we dig a little deeper into the data, we find that 70% of Outperformers capture data at every customer interaction. That a little less than 1.7x more than the Others.
When it came to unstructured data however we found something really interesting. Initially, I wasn’t expecting C&P companies to spend a lot of time and effort capturing unstructured data. However, we found that 55% of the Outperformers in fact did so. They were 2.1x more likely to capture unstructured data than the Others.
This was surprising in a couple of ways. First, we didn’t expect so many C&P outperformers to capture unstructured data (they were 4th out of 9 industry groups). Second, we didn’t expect to see such a large gap between the Outperformers and Others (this was the largest gap of any industry).
So what exactly are C&P companies doing with unstructured data? Well to begin with they’re looking beyond social media to things like weather/climate data, economic forecasts, and international political data. It makes sense. Many of these companies operate in volatile regions of the world, or rely on raw materials that come from those volatile regions.
In that context, being able for example to actively monitor or even predict civil unrest, or predict the path of a hurricane is vital to maintaining operations. So while at first glance, you might think that C&P companies don’t have much use for unstructured data, in fact successfully leveraging unstructured data can be quite critical to their business.
Our research also showed that 78% C&P Outperformers then empowered employees to take action based on analytics. They were 2.1x more likely to empower their employees than the Others (the largest gap of any industry). Again this makes a lot of sense. What good is developing insight if you don’t allow your employees to act on it?
We saw that 75% C&P Outperformers shared their insights with suppliers and business partners compared to 41% of the others. C&P companies often have complicated supply chains and sharing insights can help mitigate a number of risks.
Looking at where C&P Outperformers realize value from analytics, we found that 47% used analytics for risk management (1.7x more than the others – again this was the largest gap among the industries). Given the capital intensive nature of many C&P companies’ operations, this makes quite a bit of sense. It also seems logical from a health and safety perspective when you consider the impact (both environmental and political) and high level of visibility that incidents within this industry can have.
We’re not the first group to identify this linkage with risk management. In 2008, the IBM Institute for Business Value published a study linking risk management at C&P companies to improved financial performance. It’s good to see that the linkage is still valid.
That’s it for today’s discussion of the Chemical and Petroleum industry. As always, please feel free to send me an e-mail or leave a comment if you have any questions. In my next installment, we’ll take a closer look at the healthcare industry.
Just like our State of Smart research has shown that outperforming organizations listen (and anticipate), Amgen CEO Kevin Sharer shows us that listening is no less important for leaders. Interestingly enough, this was something he picked up from Sam Palmisano. Sharer points out that listening with the sole goal of understanding or comprehension, is the greatest sign of respect you can extend to others. As a leader within your organization, do you listen with the sole goal of understanding? And perhaps more importantly, does your company listen to its customers with that same mindset?
DAVID JARVIS 1000007UE6 email@example.com Tags:  security_essentials cloud cloud_security security 1,243 Visits
Senior Consultant, IBM Center for Applied Insights
According to the 2012 Cloud Computing Survey released this month by IDG, the number one barrier to implementing cloud strategies is security. A full 70% of respondents reported being significantly worried about it. More than service interruptions and other factors – unauthorized users getting access to data strikes fear into the heart of potential cloud adopters.
However, because of their flexibility, potential cost savings and ease of use, the allure of cloud computing is undeniable. So, what to do? How can we have cloud computing platforms that inspire confidence instead of instill fear?
It all starts with education. Everyone developing a cloud-delivered service becomes, de facto, an IT architect. Users must understand the risks and responsibilities in operating on a cloud, and follow a set of best practices that they respect and incorporate into their daily routines.
Second, we have to think in a different context – it needs to be more about securing information, rather than the security of physical devices and locations. If the information is secure by its nature, it doesn’t matter where it is, or what device it is on. The data has to be encrypted and available only to those who need access to it. Putting the onus on the data owner instead of the cloud provider is a good idea. Ponemon and CA released the results of a survey in May 2011 which showed that cloud providers didn’t make security their number one concern. The majority of cloud providers believed it was their customer’s responsibility to secure the cloud, not theirs.
Finally, this leads us to the importance of knowing and trusting the cloud vendor and the country the hosting data center operates in. Depending on the location of the data center, there are possible data rights issues and disruptions caused by political unrest, infrastructure issues or natural disaster. In the end, you’re investing not only in the cloud provider, but in a country as well.
The IBM Center for Applied Insights has been working with IBM’s VP of IT Risk to develop a series of eight articles on Security Essentials for CIOs, based on IBM's own experiences. The latest, the third in the series, is about what it takes for an enterprise to develop a secure cloud computing strategy.
Susanne Hupfer 2700006BQ0 Susanne_Hupfer@us.ibm.com Tags:  cai data-visualization analytics visualization graphics visual-perception infographics design 3,960 Visits
Client Insights, Consultant
IBM Center for Applied Insights
Ever wonder what makes one infographic hit the mark and another one miss? There's more science to it than you might think.
Information graphics – visual representations of information, data, knowledge, or concepts – have been around for millennia, and humans have long mapped data in order to organize what they see, filter out extraneous details, reveal patterns, suggest further exploration, and ultimately better understand the world around them.
"Why should we be interested in visualization? Because the human visual system is a pattern seeker of enormous power and subtlety. The eye and the visual cortex of the brain form a massively parallel processor that provides the highest-bandwidth channel into human cognitive centers. At higher levels of processing, perception and cognition are closely interrelated, which is the reason why the words ‘understanding’ and ‘seeing’ are synonymous.”
(Colin Ware, Information Visualization: Perception for Design, Academic Press, 2000)
“… the visual system has its own rules. We can easily see patterns presented in certain ways, but if they are presented in other ways, they become invisible. … The more general point is that when data is presented in certain ways, the patterns can be readily perceived. If we can understand how perception works, our knowledge can be translated into rules for displaying information. Following perception-based rules, we can present our data in such a way that the important and informative patterns stand out. If we disobey the rules, our data will be incomprehensible or misleading.”
DAVID JARVIS 1000007UE6 firstname.lastname@example.org Tags:  security_leader leaders security ciso cso information_security risk_management infosec 1,649 Visits
Senior consultant, IBM Center for Applied Insights
It’s easy to say that information security leaders have it tough. The security landscape is full of conflict, confusion and uncertainty, coming from a number of different directions. Leaders have a lot to handle. If it’s not a rapidly shifting threat, it’s new technology platforms to secure including mobile, cloud and social. Almost every article I see these days is focused on the growing challenges, with titles like the “Eye of the storm”, “Into the cloud, out of the fog” and “Converging waves of pain.”
Today, the IBM Center for Applied Insights releases the results of the 2012 IBM Chief Information Security Officer Assessment. This was our first foray into examining the role of information security leaders, and how they are evolving to meet the challenging landscape. While we understand and appreciate the fact that things are difficult on the technical front, we wanted to focus on the organizational and leadership aspects of information security.
What we discovered was that only 1 in 4 security leaders have made the shift to being recognized as having strategic impact on their enterprise. Based on a self-assessment of their organizational maturity and their ability to handle a security incident, three different types of leaders emerged.
We also discovered some significant differences between the groups that show how Influencers have developed their strategic voice. Compared to Responders, Influencers are:
This is just the beginning of our conversation around the role of information security leadership and its place within the enterprise. The full report goes into more detail on the security landscape, the different types of leaders and their characteristics, and a way forward for everyone.
Check out the full report, “Finding a strategic voice” for more information on this important topic. Also, catch our ongoing series of articles on best practices for information security from IBM’s VP of IT Risk on the IBM Center for Applied Insights security site.
Derek Franks 1100007YTJ email@example.com Tags:  state-of-smart listening anticipate smarter_analytics healthcare analytics 1,091 Visits
Consultant, IBM Center for Applied Insights
Hello again! I’m back today to discuss the healthcare industry data from our State of Smart work. If you’re not familiar with State of Smart, you can check out our whitepaper or watch the video.
As you can see, Healthcare has a distribution of 31% Outperformers and 69% Others. Overall, that breakout is similar to many other industries – with one exception. 19% of respondents identified that they had a high Anticipate capability with a low Listen capability.
This is unusual as typically most organizations will develop strong Listen capabilities before investing in Anticipate capabilities. The majority of healthcare organizations we surveyed followed this more typical model, but the higher number of outliers here suggests a couple of things: 1) Healthcare firms recognize the benefits of applying analytics to data in order to develop insights and 2) they could be dealing with an overwhelming amount of patient data that limits their ability to listen effectively.
Most Important Issues over the next 3 years:
We also saw something a bit different when we asked healthcare organizations about their most important issues over the next 3 years. Most other industries are focused on technical, economic or organizational challenges. Healthcare firms are clearly most focused on patient safety. It was selected as a top issue by 55% of respondents, with the next highest issue, compliance, only being selected by 37% of respondents. We also saw that an often talked about topic, cost control landed in 5th place with 28% of respondents selecting it.
Digging a little bit deeper into the data, we found that the vast majority of healthcare Outperformers collected data at every customer interaction (82%) and were 1.7x more likely to do so than the Others. This was the 2nd highest overall percentage behind retailers.
However, when we asked about their ability to capture unstructured data, we saw that healthcare organizations are struggling. Only 45% of the Outperformers captured unstructured data (2nd lowest overall) compared with 30% of the Others. This lends at least some credence to the theory mentioned above that some healthcare organizations may be struggling to keep up with the volume of data that is now available to them.
Also supporting the theory that healthcare organizations are embracing the value of analytics, when we asked who they shared insights with, we saw some of the highest numbers of any industry.
82% of Outperformers (vs 44% of Others) use insights to guide the actions of executive decision makers. 87% of Outperformers (vs 33% of Others) share insights with suppliers and business partners. 87% of Outperformers (vs 54% of Others) used analytics to recommend actions to patients. The Outperformer numbers were some of the highest of any industry and are all very logical ways for healthcare organizations to leverage insights from analytics.
This same theme continues when we look at where healthcare organizations realize value from analytics. 60% of Outperformers (vs 42% of Others) realize value when it comes to Patient Relationship Management. 48% of Outperformers (vs 33% of Others) realize value from Workforce Planning and Optimization. Again, these were all large percentages compared to other industries.
We did however see that there was a gap when it came to collaborating and sharing knowledge. Only 18% of Outperformers were realizing value here. That said, the overall numbers across industries were low for collaboration and sharing, but with analytics providing such strong value in a number of areas for healthcare organizations it seems logical that a possible next step would be to build better collaboration and sharing capabilities. After all, if nobody knows about an insight that’s been developed regarding a patient, drug, procedure, etc, it can’t add significant value.
Overall the data we see from healthcare organizations suggests that Outperformers are truly leveraging their Anticipate capabilities to drive value for the organization and for patients. That said, there’s still opportunity to add value by continuing to develop the Listening capability while making sure that insights and knowledge can be shared across the organization.
Ellen Cornillon 110000K9SX firstname.lastname@example.org Tags:  cai thought-leadership leadership 884 Visits
Client Insights, Consultant
IBM Center for Applied Insights
The CAI team have spent some time recently musing on the meaning of “thought leadership” – how do you define it and what makes good thought leadership. These may seem like obvious questions but, in my experience, as the amount of content multiplies (web commentary, blogs, social media, and so on), many people are unclear about what is distinctive about thought leadership. Our discussion highlighted some interesting points.
Firstly, there is a hazy line between thought leadership and marketing material. Thought leadership uses fact-based research to analyze a topical client issue and uses this to propose client action. Marketing material, on the other hand, uses assertion to argue the case for a supplier’s products and services. Both have their place. A potential customer would expect to find detail of products and services when accessing suppliers’ websites and point-of-view documents can provide a persuasive case to buy. Effective thought leadership, though, can offer something a little different. It can entice a potential client in, change their perspective on an issue, and increase their levels of trust and confidence in their supplier. It is for this reason that thought leadership features so prominently on the websites of all major IT systems & service providers.
So what makes effective thought leadership? I recently carried out a scan of a number of IT providers websites and the quality varies hugely. The best included several thought provoking articles which were easily accessible, thoroughly researched, and well presented. They made a compelling case for actions which clearly aligned closely with the strategic direction of the supplier. The worst were short opinion pieces which demonstrated a poor appreciation of market dynamics. In determining what makes effective thought leadership I use four categories (borrowing considerably from the analysis carried out by source for consulting.com):
Credible research: This means sufficient depth and breadth of data collection (perhaps using a customer survey) plus analysis which has rigour, yet can be understood by the reader.
Client appeal: It must draw the client in – to pick up the report/article and to carry on reading. To do this it must tackle an issue of immediate client interest and be written from the clients’ point of view, offering practical recommendations and demonstrating outcomes.
Distinctive: It must say something new, different which makes a difference (i.e. it qualifies as newsworthy).
Effective messaging: It must draw the reader almost subliminally to a set of messages which are aligned to the suppliers’ agenda. It this is done too obviously, the research and analysis loses credibility.
DAVID JARVIS 1000007UE6 email@example.com Tags:  security_leader erm leaders security ciso information_security leadership 1,604 Visits
Client Insights, Senior Consultant
Center for Applied Insights
Some things are bad to do by committee, creating a work of art, cooking dinner, closing a baseball game – and sometimes committees are a necessity. Security and risk committees are an essential part of any enterprise’s security and risk management infrastructure. They are a sign of a mature organization. By promoting collaboration across the enterprise and making security and the associated risk discussions an integral part of senior leadership’s responsibilities, the enterprise can be better protected. Yet, even though the benefits are clear, not enough enterprises have one.
A study released last week by the Carnegie Mellon CyLab, looking at privacy and security governance in the Forbes Global 2000, reported that boards and senior leadership still are not exercising appropriate governance over the privacy and security of their digital assets. The study stated that there is still a significant gap in understanding around the fact that security, privacy and IT risk are all a part of enterprise risk management.
The study did note one encouraging sign – that more and more enterprises have cross-functional privacy/security committees – 70% of 2012 respondents versus 17% in 2008. These committees can act as a bridge to boards and senior leadership and elevate the discussion around security and risk, potentially closing the governance gap.
These findings line up very nicely with what we recently uncovered as part of our 2012 CISO Assessment. Overall, only 49% of the total sample reported that they had a security or risk committee. When we delved deeper, 68% of the most mature group of organizations, Influencers, had a security/risk committee. In comparison, only 26% of the least confident and mature group, Responders, had one.
What was interesting was, regardless of the organization’s overall security maturity level, if they had a security or risk committee they shared similar characteristics. In general, leaders of the committees tended to be Senior IT Executives (28%), CISOs (24%) or Senior Business Executives (22%). These committees met on a fairly regular basis, with 48% meeting quarterly and 27% meeting monthly.
The security and risk committees also took a comprehensive, enterprise-wide approach with both business and IT representation. From the business side, the most represented functions included Compliance (80%), Legal (65%), Business Executives (64%), Business Operations (64%), and Finance (59%). From the IT side, IT Executives (91%), IT Operations (72%), Network Operations (60%), and Data Governance (51%) were all a part of a majority of the committees.
Finally, as part of the CISO Assessment we looked at the primary objectives of the security/risk committees. Looking at the chart below we can see that, based on their top two choices, most committees were primarily focused on developing enterprise security strategy and developing action plans and recommendations. So should committees only be focused on strategic policy and governance issues? Is there more they could be doing?
At IBM, our risk management team meets quarterly with a top advisory committee, including senior vice presidents of all the business units, who report directly to the CEO. These include the leaders of many functional areas including finance, marketing, technology and others. Each of these executives must understand the security risks to his or her unit and what controls are in place. Together, they shape and decide strategy. Security, after all, is intimately tied not only to their units, but to the future of the enterprise.
Based on all this information, I think that enterprises are using security and risk committees more and more and they are adopting best practices around the leaders, members, operations, and goals of those committees. To make the next step:
Shubham Jain 270003FVPN firstname.lastname@example.org Tags:  money partnership m scale markets developing mobile customer m-pesa cgap economies payments kenya adoption agent emerging pesa 2,648 Visits
Consultant, IBM Center for Applied Insights
IBM Center for Applied Insights (CAI) has recently started a new program on building fact-based, market-centric thought leadership assets on various facets of mobile money.
As I dig deeper to understand the current state and evolving trends of this segment, some facts are worth noticing: Consultative Group to Assist the Poor. (CGAP) estimates that around 3.5 billion people worldwide currently lack access to formal financial services. It estimates that there will be 1.7 billion unbanked customers with mobile phones by 2012. There are more than 165 pilots in the mobile money segment in emerging economies being run by a diverse group of organizations.
However, very few mobile money deployments have been able to achieve scale and gain significant customer base. Some deployments which have been able to achieve significant scale include M-Pesa in Kenya, GCASH and Smart Money in Philippines, Vodacom in Tanzania, and MTN Uganda.
Hence, there is definitely a huge potential to achieve scale in this segment, especially in the emerging markets, and firms are investing hard to address this market. However, many of them are still struggling to fully tap into this opportunity. Cracking the code for high customer adoption and usage, in quantity and continuity, appears to be an Achilles’ heel for the Mobile Network Operators (MNOs), financial institutions, and other organizations trying to venture into this segment.
So, what insights can we learn from those who have succeeded in this segment? I researched to determine some common factors which seem to have made some deployments more successful than others. It seems that there are two broad factors which can prove to be very critical for an organization while trying to launch and subsequently scale: the actual product and an effective agent network. Today, we’ll take a look at the impact of the product.
Product – Building a strong, robust and compelling product offering (and later a product portfolio) is a very important factor which is sometimes overlooked as many companies try to emulate successful offerings and solutions from other deployments.
Some of the key points to keep in mind are:
Company’s vision and long term strategy – Most of the successful companies have a well-defined long term vision and strategy with respect to offering mobile money services. For instance, a company can aspire to be the leading low cost provider for person-to-person transfer services or it can aspire to be a leading service provider in the retail payments segment. A clear vision also helps senior management develop a long term commitment to the service. This often takes substantial initial funding towards mobile money deployments and at least three to five years to become profitable.
DAVID JARVIS 1000007UE6 email@example.com Tags:  security social_media security_essentials collaboration social social_business 1,215 Visits
Client Insights, Senior Consultant
Center for Applied Insights
It is well known that social media holds a great deal of promise for the enterprise, but many executives and others are still struggling to get over the potential security and privacy risks. So, what is the best way to make the transition to becoming a secure social enterprise?
We also just published a new article, as part of our Security Essentials for CIOs series, on navigating the risks and rewards of social media. In the article, we outline four steps for a better enterprise approach to social media, plus some tips for employees using social media.
To read more, check out the article here, and watch for forthcoming articles in the coming months on the IBM Center for Applied Insights security site.
Shubham Jain 270003FVPN firstname.lastname@example.org Tags:  unbanked pesa money airtel m kenya india mobile payments - 2,560 Visits
Client Insights, Consultant, IBM Center for Applied Insights
In this post, I will explore some interesting facets of the mobile money market in India such as market opportunity, regulatory environment, market participants, and the way ahead for the market.
Market Opportunity: The Indian economy has shown strong growth in the recent years, making it a USD 1.3 trillion economy. It is predominantly a cash economy with more than 65% of all retail transactions (total transactions are estimated as USD 410 billion per year) being conducted in cash. According to Reserve Bank of India(RBI), the central bank of India, more than 57% of the electronic transactions happen through credit and debit cards and the rest through Electronic Clearing Service (ECS) and Funds Transfer.
In India, 40% of the population remains unbanked. In contrast, it is estimated that more than 70% of the 1.17 billion people in India own a mobile phone. Moreover, this subscriber base has been increasing by 20 million customers per quarter. Hence, with a huge mobile subscriber base and a very small percentage of the transactions taking place over mobile, the potential for mobile money to take off and replace cash is immense.
Regulatory Environment: Government and the Reserve Bank of India are the nodal agencies which formulate regulations pertaining to mobile money. The Indian regulatory system has been gradually allowing the expansion of new products and solutions aimed to take advantage of the vast opportunities in this space.
RBI recognizes that individual banks need to work in conjunction with operators, mobile devices and payment technologies. In 2009, it mandated that a bank account is needed to send money but in 2010, it allowed ‘Other Persons’ (non-banks/NBFCs) to issue m-based semi-closed instruments with certain conditions and caps on transfer amounts. As a result, banks started offering mobile banking services. Further in 2010, it allowed semi-closed instruments to be used for bill payments and ticketing services, also, and permitted issue of co-branded instruments.
In late 2010, an interbank system had been set up in India enabling instant money transfers between bank accounts via mobile phones. NPCI's Interbank Mobile Payment Services (IMPS) is India's first instant fund transfer facility in the retail payment sector. It provides an inter-operable infrastructure for the banks and facilitates real time money transfer facility to their customers through the mobile channel. The unique feature of this system is that banks can choose any mobile banking application of their choice. Interestingly, IMPS can be made available in all forms (SMS, USSD, thin client, thick client) and hence it can support the transactions directly from low end mobiles to high end mobiles.
Market Participants: As compared to mobile money deployments in other emerging economies like Kenya, Philippines and Uganda, the Indian market is at a very nascent stage in terms of market consolidation and volume of transactions. The Indian telecom market is quite fragmented with fifteen different mobile operators providing service to more than 900 million subscribers. Among them, BhartiAirtel, Reliance Communications and Vodafone together hold more than 50% of market share.
BhartiAirtel has recently launched its mobile money services across India, offering services like payment of utility bills, mobile recharges, purchase at retail outlets, person to person money transfer, etc. Only Airtel customers can use this service and transfer money to other customers on Airtel.
My Mobile Payments Ltd (MMPL), a mobile payment service provider, had recently announced the launch of ‘Money-on-Mobile’ (MOM). It is a M-Wallet service which permits a mobile phone subscriber to purchase a wide range of goods and services using the mobile phone instead of paying by cash, cheque, debit or credit cards. It offers services like mobile recharge, utility bill payments, purchase of bus and movie tickets, to name a few. It claims to be India's first operator and bank agnostic mobile payment system.
The way ahead: As outlined in my earlier post, though the opportunity is huge and growing, companies need to address security apprehensions associated with mobile payments and build the awareness of the technology and the product.
India’s unique demography is an important factor to consider while taking strategic and marketing decisions during the ‘launch’ and ‘scale’ phases of mobile money deployments. Some of the notable factors are:
Besides offering regular services like person to person transfer, utility bill payments, mobile recharge etc. other useful revenue streams can be explored too.
I look forward to your comments and observations. Please click “Add a Comment” below or “More Actions” to share this with others.
Shubham Jain 270003FVPN email@example.com Tags:  cgap kenya m-pesa mobile mmu interoperability gsma airtel money mtn wizzit bharti payments 2,777 Visits
Consultant, IBM Center for Applied Insights
In this post, I shall try to have a closer look at some of the important questions pertaining to interoperability: what do we mean by mobile money interoperability, what are the arguments for and against interoperability, and what practical steps can be taken to achieve it?
The mobile money industry has witnessed a remarkable activity in the recent years. There are more than 165 pilots in the mobile money segment in emerging economies, mostly being run by MNOs, banks and other financial institutions. It is now possible to find two or more deployments in many Sub-Saharan African and South Asian countries. Yet, only a very few of these deployments have been able to achieve significant scale. In a recent survey of 52 mobile money service providers, the GSM (Groupe Spéciale Mobile) Association identified 11 service providers that have more than 1 million registered customers. This has led many to make a case for implementation of interoperability in mobile money ecosystems so that customers are more inclined to use mobile money and the deployments can achieve scale by increased customer adoption. Let’s try to explore this important concept further.
Defining mobile money interoperability: Interoperability occurs if different systems are technically able to work together. For mobile money, interoperability can happen between handsets, networks, financial processes and retail processes etc. The Consultative Group to Assist the Poor. (CGAP) has proposed a framework that categorizes interoperability in three levels: platform, customer, and agent levels.
The debate around interoperability: Market participants and regulators have not reached a consensus about the need and benefits of interoperability. Some regulators believe that interoperability is the way to go as the market matures and operators try to scale up. For example, governments of Ghana and India have mandated interoperability in their countries. Some regulators have taken a neutral position and have allowed market forces to decide the course. The Bank of Zambia prefers, but has not mandated, that mobile money solutions be interoperable. It is encouraging interoperability through the development of a national switch. Others feel that interoperability will erode the competitive advantage of market leaders and its implementation may not result in sufficient addition in subscribers to justify the investment required. For example, a report by GSM (Groupe Spéciale Mobile) Association suggests that the business case for implementing interoperability is unlikely to justify the initial investments of implementing it.
How to achieve interoperability: Though industry leaders seem to agree that interoperability is a key issue, they have different views on how it can be achieved. There are two broad approaches to achieving interoperability:
With respect to the timing and extent of interoperability, maybe the real answer lies somewhere in between. The timing and extent of interoperability needs to be specific to the state of market and needs to be continuously assessed. A report by Mobile Money for the Unbanked (MMU), suggests some valuable recommendations:
Have you ever been blocked by interoperability issues? What steps are your companies taking? I look forward to your comments and observations. Please click “Add a Comment” below or “More Actions” to share this with others.
Shubham Jain 270003FVPN firstname.lastname@example.org Tags:  payments network benefits uganda airtel user mobile m-pesa ghana experience mtn kenya interoperability agent money 2,112 Visits
Today, I’m going to take a different approach to, hopefully, give you a glimpse into how mobile money can change users’ experiences. This is an imaginative piece (all characters are fictitious) where I’ll try to highlight the concerns, joys and satisfaction of a mobile money user from the hinterlands of India in the year 2015. It highlights the importance of an effective and trained agent network, importance of sufficient face-time for new customers, interoperability issues, and benefits of mobile money for a typical user.
Today, I woke up late at 5 am, startled to already be a half hour behind schedule. My mobile phone in hand, I kept checking the time and rushed to get ready. I can’t afford to lose half a day’s wage, US$6, if I report late to work even by half an hour.
At work, Sultan, one of my best friends, asked me for a loan of US$15 which he needed to pay the school fees of his daughter. I checked my Airtel mobile money wallet balance and instantly transferred the amount to his mobile money wallet. For a nominal fee of 10 cents, it was worthwhile to help a friend.
Thinking back, I remember the last time I loaned Sultan US$10. I had to walk down 2 Kms to the nearest branch of State Bank of India to transfer money to his account. That was when we met Harpreet, the sales agent of BharatiAirtel mobile money services at the bank. He introduced us to the new mobile money services. Until then, I had a basic feature phone and could not understand much of technology or features of mobile money in the first go. Harpreet was patient; he explained the service, its features, its tie up with banks, charges and benefits for us for about 30 minutes. I was particularly wary of the notion of holding money in mobile – how secure could it be? What if I lose my phone/SIM or someone else makes use of PIN delivered to me? Harpreet demonstrated everything and explained it in detail to clear our apprehensions. This convinced both of us, me and Sultan, to subscribe to the service on our Airtel SIMs. He even gave us the contact details of two local agents in our locality who can help us cash-in and cash-out, as required.
The first few days in using this service were difficult. I forgot some of the steps of using various services; user interface of the application was not so convenient, etc. I remember approaching the local agent and was so relieved to see that he could help. He was very well trained and he helped me from time to time in using the services more efficiently. One challenge I faced in the beginning was that the agent used to run out of cash. This was a major let down for me and I had to walk a Km to get cash from another agent. Over the last two months, though, I feel the service has improved a lot.
Since then, I have been using this service quite frequently. I have used it to make recharges on my cell phone, make and receive money transfers to/from my friends, send money to my family, check bank account balance, withdraw and deposit cash at the agent and even pay my electricity bill. The list keeps on getting longer! Here again, the agent is proactive enough to let me know of the new services and discounts offered by the service providers.
For me, it’s a hand to mouth situation, given my meagre salary. I work in New Delhi but my family lives in a distant village in Orissa, more than 1000Kms from my place. With this service, I can transfer money to them on a real time basis and with minimal charges. Earlier, I used to transfer money through post office or hand it over to someone who would be travelling to my place. It took a few days for the money to arrive and I was charged about thrice as much. I am quite happy that this service enables me to send money to my family as and when they need it.
One challenge I faced initially, while transferring money to my family, was that my family was using the mobile services of Vodafone and Airtel was not allowing money transfers to non-Airtel subscribers. Sending remittance to my family constitutes 80% of my transactions and this was a major handicap for me. Either, I had to take the services of Vodafone or my family had to take the services of Airtel. Due to this, I was not able to transfer money to them for a couple of weeks. I consulted some of my friends and they advised a workaround solution they had been using. However, I was not convinced and instead, asked my family to take Airtel connection.
I have genuinely recommended this service to my fellow workers at the construction site and taken four of them to Harpreet to sign up for the services. For this, Harpreet gave me bonus talktime on my cell phone. It is a nice incentive for sharing my experience.
I finally got free from my work at 7 pm this evening and received my daily salary. I transferred the entire amount to my family since the monthly rent was due on their house.
Though it is tough for me to survive in this salary and work condition, mobile money has surely made the journey a bit simpler and convenient.
I look forward to your comments and observations. Please click “Add a Comment” below or “More Actions” to share this with others.
DAVID JARVIS 1000007UE6 email@example.com Tags:  security ciso retail security_leader 2,035 Visits
Special thanks to Geert Van De Putte and Tim Appleby from IBM Software Group for their help with this post.
Like other industries, retail has its own set of unique security challenges. Loss prevention is a significant component of that challenge. The latest National Retail Security Survey stated that in 2011, U.S. retailers lost $34.5 billion to retail theft – combining employee theft, shoplifting, paperwork errors and supplier fraud. That accounted for approximately 1.4 percent of total retail sales last year.
Today, the checkout/point of sale is the nexus for retail security. Here, the four most important flows for a retailer converge – cash, inventory, electronic payments and customer data. All sorts of different security incidents and fraud can happen at this point – self-checkout fraud, shoplifting, counterfeit coupons, employee theft and compliance in theft, and the theft of customer data through compromised equipment.
As the boundaries of retailers extend beyond the traditional brick and mortar of their stores, additional security concerns come into play. There is fraud around online ordering and home shipment, portal security issues for retailer websites, supply chain security associated with contamination, theft and low quality, and even stealing intellectual property (if retailers have their own private labels).
On top of all of this, retailers are also transforming their business with emerging technologies that all have their own unique security challenges. These include new payment technologies like mobile point-of-sale and in-aisle purchasing, e-receipts, RFID and near-field communications, video and social analytics, mobility and multi-channel access and social networking.
All of these are increasing the number of contact points between the customer and the retailer – pushing out the security boundary further and further. Retailers are struggling to create a better, deeper customer experience and, at the same time, mitigate the potential risks to the organization.
The threat landscape and new technologies are creating a need for an integrated security environment. Are retailers up to the task? Are they approaching physical and information security in new, united ways? Is loss prevention being included in more and more technology conversations? Are retailers moving away from being purely reactive?
We gained a bit of insight into this as part of the IBM 2012 CISO Assessment. There were eleven retail respondents from four different countries (France, Germany, Japan and the U.S.). Their answers compared to the overall statistics from the survey shed some light on the issues:
Another statistic that highlights the fact that retailers know the importance of information security but are struggling to address the changing technology environment comes from IBM’s Global Workforce Study. Overall, 49% of respondents stated that they have “completely addressed” their mobile security concern. For retail it was only 22%. However, 73% of retail respondents expect to make significant investments in their mobile environment in the next 1-2 years, signaling they know it is an issue.
Retailers are not only responsible for protecting their own information, but they are under considerable regulatory pressure to make sure they protect customer information as well. They are faced with a diverse array of threats and technologies that are creating new potential vulnerabilities. They need to have the right security organization and capabilities that unites information and physical security, risk, loss prevention and others into a holistic approach. Retailers realize this, but they still have a way to go before they’ll be confident in their capabilities.
Feel free to contribute to the conversation. Are these the right security challenges for retailers? Will it take more than just technology to address them? How do you think they are addressing this important issue today? Do retailers have a harder go at it than other industries because of the nature of their business? Let us know what you think.
Derek Franks 1100007YTJ firstname.lastname@example.org Tags:  analytics marketing enterprise management investment engagement system_of_engagement emm 1 Comment 1,699 Visits
As a former marketer myself, I know that marketing is often marginalized within enterprises, particularly those with strong scientific or development organizations. Marketing is often viewed as being responsible for the “soft stuff” that looks pretty but doesn’t have any real impact on the business. I’m here to tell you that this view is wrong, and if you don’t realize it quickly, your competitors will.
We recently surveyed 362 marketers from around the world, across more than 15 industries, and found that Leading Marketers’ enterprises had 40% greater Revenue growth and twice the Gross Profit growth over the past 3 years when compared to the rest.
What exactly is a Leading Marketer? I’m glad you asked. We identified 2 essential traits of effective marketers: “Effective Engagement” and “Intelligent Investment”. Essentially we defined Leading Marketers as those who had a high level of responsibility for engaging with customers across channels as well as a sophisticated approach to investing marketing resources.
We then looked at publicly available financial data and found that when we correlated that to our segmentation of leading marketers, a clear trend emerged: Leading Marketers’ enterprises performed better financially.
So how, exactly, do you develop a Leading Marketing organization within your enterprise? Like most things in today’s world the answer is complex but grounded in the principles of Marketing 101. It can be as simple as the 4P’s or as complicated as developing a collaborative relationship with other functional areas within the enterprise. I’ll be blogging more about this topic and other insights from our study over the coming weeks, but get a sneak preview by reading our executive report, How Leading Marketers Outperform: Effective Engagement and Intelligent Investment.
If there is a particular topic you’d like me to talk about, please login and leave me a comment, below.