The Guardian's Media Network recently hosted a live chat around the topic of how CMOs can align and use digital marketing and data analytics - two areas we've taken a close look at since the inception of the IBM Center for Applied Insights.
The Guardian notes:
Big data (and analyzing that data) means that marketing professionals are now getting even closer to the customer – they know more about audiences than ever before, with pinpoint precision. At their fingertips a marketer now has detailed facts and figures about consumer browsing habits, their favorite brands, how they use social media. It means that campaigns can be targeted, analyzed and proved better than ever.
It becomes the job of marketers and CMOs to make sense of all that data and not get lost in the noise. Doing this, takes an analytical and curious approach to data. It's easy to find the "big numbers" but more challenging to find the "right numbers." As Surjit Chana, CMO of IBM Europe, has said, the core principles of marketing haven't changed. What has changed, dramatically, is how those principles come to life in today's marketing campaigns, customer experiences, and business results. In our paper, Marketing Science: From descriptive to prescriptive, we found that only 23% of marketing professionals use tested analytic approaches to understand the vast amount of data they have access to. More traditional marketers, using data to describe outcomes but not determine actions, consistently use data at face value - without applying data models or scientific thinking.
When technology and analytic skills don't exist in the marketing teams, it makes perfect sense to build partnerships with those who do. The closest partner in most organizations is IT. Thus, the renewed focus on CMO + CIO collaboration. We're continuing to watch, collaborate, and recommend approaches to our C-Suite colleagues. Check out "Understanding leading retailers" to see how the retail industry is collaborating with IT and partners to serve customers better.
In my previous post, I emphasized the importance of consumer focus for CPG companies. We, at the IBM Center for Applied Insights, have been working on a comprehensive global study* to gain more quantitative and qualitative insights about the increasing consumer focus of these CPG companies.
For the purpose of this study, we have segmented the market in terms of the degree of consumer focus and the use of analytics by the survey respondents. In this post, I would like to point out towards the most notable finding of the lot: existence of a “Leader” group amongst the survey respondents which enjoys much more clout with the retailers. In fact, they are nearly three times less concerned about needing a retailer’s approval to execute their plans, and 1.4 times less concerned about seeing their planning processes extended as a result of delays. They also exhibit superior financial performance over the rest. Between 2009 and 2012, the leading publicly quoted consumer products companies in our sample saw their stock prices rise 1.6 times faster than the rest (16 percent cumulative annual growth rate for Leaders compared to 10 percent cumulative annual growth rate for Others).
The companies in the Leader group use advanced analytics and collaborate extensively (both internally between functions and externally with retailers) to develop a high degree of consumer focus.
As shown in the figure 1 below, they comprise of about 15 percent of the total respondents.
The executive presentation will be delivered at the IBM Smarter Commerce event at Nashville this week.
For more details and insights on what exactly are these leaders doing differently than the rest and what steps can be taken to become one, revisit this space in a month. The Center and IBM DemandTec are authoring a complete paper on this topic, due out by the end of June.
I look forward to your comments and observations. Please click “Add a Comment” below or “More Actions” to share this with others.
Note - For the purpose of this study, we conducted telephone interviews with 356 senior sales executives at consumer products companies in Australia, Canada, India, the United Kingdom and United States, between February, 2013 to March, 2013. These respondents cover 10 product categories. Forty-six percent of them work for large enterprises (employing 1,000 or more people), while 54 percent work for medium-sized enterprises (employing 100-999 people).
Managing Consultant, IBM Center for Applied Insights
Yesterday, we hosted a virtual livestream launch of our new Sourcing research. We’re live with exciting new research that explores how business and IT services sourcing are shifting – and the link between these shifting motivations and better business performance.
The sourcing market is changing. Clients are looking for sourcing relationships that offer higher value business outcomes in addition to cost savings. From our direct experience working with clients and general market observations, we've recognized technology shifts are accelerating the need for capabilities organizations don't have in-house.
To explore the extent of this shift – and how it is impacting organizations' sourcing motivations and strategies – we initiated a large-scale research project. Through this research, we saw distinct differences in the way that clients view outsourcing, and we uncovered a link between innovative sourcing practices and better business performance.
To better understand sourcing motivations and execution, we had three objectives for this study:
To understand how sourcing motivations are changing
To determine how sourcing strategies impact financial performance of the business
For those customers who embrace a new sourcing strategy, do they have different expectations? And, how do they structure and manage their sourcing relationships?
For the virtual panel, Rich Lechner, IBM VP of Services Marketing, served as moderator. I kicked off the discussion with an overview of study methodology and key findings. Then we were joined by the following experts:
Phil Fersht, CEO & Founder, HfS Research
Pat Kerin, General Manager, Strategic Outsourcing, Global Technology Services
Stan Sutula, Vice President, Finance and Planning, Global Technology Services
Joanne Collins-Smee, General Manager, Globally Integrated Capabilities, Global Business Services
Senior Consultant, IBM Center for Applied Insights
Sometimes time and space conspire to create an opportunity that you weren’t expecting. That was the case for me last week. Near where I live, the University of Rhode Island (URI) hosted their third Cybersecurity Symposiumon education and workforce development. Speakers included the entire Rhode Island Congressional delegation, the director of the U.S. Defense Intelligence Agency, the CIO for the U.S. Department of Defense and a number of industry practitioners, including IBM’s VP for Cyber Security Innovation Marisa Viveros. Marisa was the co-author of the paper that we recently published on leading practices for cybersecurity education.
The symposium was open to the public and students, had over 400 attendees, and flew at a fairly high level. There were some excellent takeaways and parallels to IBM’s recent research with respect to cybersecurity skills and education. The Congressional delegation, which included Sen. Whitehouse, Sen. Reed, Rep. Langevin and Rep. Cicilline, each emphasized different areas of the cybersecurity challenge. This included improving public awareness, the national security implications of the rapidly changing cyber threat, the difficulties with law enforcement, and the need to protect our privacy, civil rights and liberties.
Lieutenant General Flynn of the U.S. Defense Intelligence Agency (and URI alum) was a very engaging speaker and talked about the “invisible war” that is currently being waged in cyberspace. He highlighted the profound transition U.S. security is currently going through – caused by population, economic and technology shifts – which require new ways of thinking. To fight this invisible war, he said that for every person currently working in cybersecurity today, we need a staggering twenty-eight more. He also repeatedly talked about the generational issues involved in cybersecurity and that real rules and discipline have yet to emerge on the international stage. He advocated something akin to the “law of the sea”, but for the cyber domain.
The business and industry panel included speakers from Google, IBM, Dell SecureWorks, CVS and Fidelity Investments and was much more open and conversational. They all brought their perspectives – whether providing information security or managing it for their organizations. There was a lot of discussion about how to break into the field of cybersecurity, what skills to have, what courses to take, and career paths. Stephan Somogyi, from Google, talked about the need to educate everyone on digital hygiene and focusing education on the basics of computer science. He said that you have to have a passion for security, it is a calling. If you have that, you can come from any field. Jeff Shilling, from Dell, talked about the incredible need for security technicians, those with hands-on skills. He has enough security managers, what he needs are those that can do the work (he agreed with Lt. Gen. Flynn’s assessment).
A lot of the themes from the day echoed what we recommended through our research. Local and national collaboration was evident with the diversity of speakers and the support from the entire university, the Congressional delegation, the military and industry. The importance of awareness was highlighted over and over. URI is working on innovative ways to provide hands-on experience for students through a low-cost Open Cyber Challenge Platform they are developing. The need for improving non-technical cybersecurity academic programs for business and policy leaders was highlighted in a new study from the Pell Center for International Relations and Public Policy.
This was a very valuable event, and I hope that it continues on an annual basis. Even though it was to raise local awareness and promote URI and its computer science program, it could stand to have increased global participation in the next iteration – which was one of our key findings.
For a summary of our recent research check out and share the Prezi presentation below:
David Jarvis Senior Consultant, IBM Center for Applied Insights
In a world of increasing and varying information security threats, academic initiatives focused on cybersecurity are proliferating - yet, there is still the danger of falling short in addressing the long-term threat. To avoid becoming too focused on near-term issues, programs must be more collaborative across their own institutions, with industry, government, and among the global academic community. Only by working in concert can we meet today’s demand while educating the next generation to create a more secure future.
There have been a lot of recent reports, blog posts and news articles discussing the cybersecurity skills gap. It has been an ongoing issue for a while, and will continue into the future. We wanted to tackle this problem, not from the demand side, but from the supply side. So, the IBM Center for Applied Insights and IBM’s Cyber Security Innovation team selected 15 academic programs in 6 different countries from the over 200 institutions we monitor and work with. We conducted interviews with faculty members, department chairs and others. This week, we released a synthesis of those interviews in our latest security insights paper,“Cybersecurity education for the next generation: Advancing a collaborative approach” .
Through our interviews it was confirmed that cybersecurity is top of mind for students, educators, industry and government. Industry and government are currently facing a significant skills gap and this is causing the programs we interviewed see extremely high demand for their students, both undergraduate and graduate.
But, not all is rosy with the increased demand and attention. Programs are expected to provide more of everything – courses, graduates, opportunities, research – which has caused programs to face a number of organizational and technology challenges. Stained programs are addressing these challenges in different ways, taking different approaches to cybersecurity education, but still sharing similar common principles.
The trends, challenges, issues and differing perspectives cannot be fully addressed by each academic program on its own; cybersecurity is a global problem and should have global solutions. A set of leading practices promoting a longer-term and more collaborative approach is needed. We identified three general areas that the leading programs we talked to excelled at, all dealing with collaboration and connection.
1. Collaborate within your own institution – Cybersecurity programs should embed security practices and principles in computer science and engineering courses and take a holistic technical approach. They should work with other disciplines and schools in the university (e.g., business, law, ethics, medicine, policy). They should offer diverse education options for students and professionals (graduate, undergraduate, professional development, etc.).
2. Co-evolve with industry and government – Academic programs should have deep ties with industry and government – partnering and collaborating on research, curriculum development, and opportunities for students. A hands-on, practical, approach is also extremely important. Laboratory work, projects, special-interest groups, and internships should all be cultivated.
3. Connect across the global academic community – A number of the programs we talked with discussed the need for building a “science of security” to anticipate security problems and a cross-discipline lingua franca among scientists, engineers and policy makers. Fundamental concepts and common vocabulary can only be developed with participation of the entire global cybersecurity community.
I've previously written about our research of leading marketers, both their correlation with improved financial performance and what exactly they do differently than everybody else. We recently sat down with three leaders from our Enterprise Marketing Management team, Yuchun Lee, Elana Anderson, and Jay Henderson, and asked them to discuss our research and the implications of that research in more detail. Check out the video to get their take on why marketing matters, and how you can continue to engage with customers effectively and invest your marketing dollars intelligently.
Leave us a comment here or on YouTube to let us know if you're seeing similar trends in your enterprise.
David Jarvis & Susanne Hupfer IBM Center for Applied Insights
There are four pivotal information technologies that are rapidly reshaping how enterprises operate: mobile technology, business analytics, cloud computing, and social business. All four of these technologies are potentially disruptive, and they also come with unique security concerns. Many people fear the security implications of employees bringing their own mobile devices to work, or storing mission critical databases in public cloud environments. Fear shouldn’t drive organizations away from these potentially transformative technologies. How are organizations overcoming their fears? How are they breaking though the “security wall”?
Recently IBM released the results of its 2012 Tech Trends Report, which looks at the adoption patterns of these four technologies. It is based on a survey of over 1,200 professionals who make technology decisions – the respondents came from 16 industries and 13 countries. As part of the analysis, three different types of organizations were identified:
Pacesetters (20%) believe emerging technologies are critical to their business success and are using them to enable new operating/business models. They’re also adopting ahead of their competition.
Followers (55%) agree that these technologies are important and can provide critical capabilities and differentiation, but they generally trail Pacesetters in adoption.
Dabblers (25%) are generally behind or, at best, on par with competitors in terms of adoption. They’re less strategic in their use of emerging technologies, namely citing greater efficiency or new capabilities in selected areas.
One common thread across all three of the identified groups is that security is a significant area of importance and concern. In fact, 62% of respondents cite security as one of the three most important areas facing their organization over the next two years, with 27% rating it number one. One interesting aspect is that, the less mature an organization is with respect to the four strategic technology areas, the more security rates as an area of importance and focus. Seventy-seven percent of the Dabblers cited security as a top-three area of importance, versus only 49% of the more mature Pacesetters. Why is that? Perhaps the Dabblers don’t fully understand, or trust, that there are security technologies, policies and practices that can ensure a more secure approach overall. Or perhaps they lack the experience the Pacesetters have.
“Security and privacy are not always treated as first-order problems. Things are deployed and made widely available without regard for security and privacy. In a best-case scenario, security and privacy are thought of as add-ons. Worst case, they’re ignored completely.” – Dr. Eugene Spafford, Professor and Executive Director of the Center for Education and Research in Information Assurance and Security, Purdue University
Besides being an area of significant importance, security is also seen as a significant barrier to technology adoption by the survey respondents. Information security is ranked as one of the top two barriers to adoption across the four technology areas – more than integration, inadequate skills or regulation and compliance. Overall, security is the biggest barrier for a majority of respondents for mobile (61%) and cloud (56%) adoption. Security is cited less often as the top adoption barrier in social (47%) and analytics (31%). As shown by the dark blue bars in the graph below, there isn’t a huge gap between the groups (9-11%) when it comes to security concerns, but, in general, less mature Dabblers see security as more of a barrier than the more mature Pacesetters. The exception is analytics, which has the lowest adoption barrier. Perhaps Pacesetters better understand the potential risks in implementing advanced analytic systems.
Another part of the security wall blocking the full realization of the benefits of the four technologies is that organizations’ current IT security policies aren’t sufficient. The figure above generally shows correlations between viewing security as a barrier to adoption (dark blue bars) and inadequate security policies (light blue bars). The Pacesetters are more confident across the board, with a majority saying that their security policies are adequate. The “adequate policies gap” between the Pacesetters and Dabblers ranges from 13% to 32%, a fairly wide margin. This tells us that organizations that have the right security policies in place are more confident, and less likely to see security as a barrier. For the others, there is a gap between their fears and taking the steps needed to address those fears.
Another tool organizations are using to attack the security wall is skills development. A majority of the respondents know that security is an issue and are working hard to boost their confidence. Overall, 70% of organizations are planning to develop or acquire skills in “mobile security and privacy” and “cloud security” – the two technology areas where security is seen as the biggest barrier.
Security is tightly intertwined with the four technology areas discussed. You shouldn’t pursue cloud, mobile, social or analytics endeavors without also focusing on needed security technologies, skills, policies and practices. The more you focus on policies and skills, the less likely you will see security as an impediment. Treat security as a business imperative and make it a priority. Design security in from the start of any project. Doing this will increase confidence and help to tear down the walls that are slowing the adoption of important, transformative technologies.
The study explores how enterprises are responding to the opportunities and risks introduced by new technologies.This year, we surveyed over 1,200 IT and business decision makers to determine why, when, and how their organizations adopt four pivotal emerging technologies – mobile, analytics, cloud and social business technologies – that are rapidly reshaping how enterprises operate.
Are you in the lead, or is your organization falling behind? You can use the adoption and investment statistics we discovered to help you assess where your organizationstands:
Business Analytics and Mobile Computing are already quite mainstream, with over 50% of respondents deploying.Cloud Computing and Social Business represent a coming wave, with 40% either already piloting the technologies, or planning to adopt them within two years.Moreover, planned investment levels in the four technologies over the next two years indicate that all are moving full steam ahead: 55% or more of respondents plan to increase investment in Mobile, Cloud, and Business Analytics, and 43% plan to increase their investment in Social Business. You can click on the following infographic to take a deeper dive:
Despite the foothold of these technologies and the enthusiastic investment landscape, the report cites critical IT skill gaps that threaten to slam on the brakes just as organizations are hoping to leverage these technologies for their strategic advantage:
Across all four technology areas, only roughly 1 in 10 companies report having all the skills they need to be successful, and one-quarter of respondents report major skill gaps.
We also surveyed about 700 educators and students about these technology areas, and according to their responses, the skill gap is poised to get even worse:
About one-half of academic respondents report major gaps in their institution’s ability to meet the needs of the IT workforce.
Security also continues to be a major concern. In fact, Security is rated as the #1 barrier to adoption for mobile, cloud and social business, and the #2 barrier to adoption for business analytics.
What can you learn from those making the most progress applying these technologies for strategic advantage?
We asked respondents to rate the four emerging technologies’ importance to their businesses and also to rate their enterprises’ pace of adoption relative to competitors. We identified an elite group of Pacesetters who are forging ahead faster than others – despite the adoption hurdles – and who are using emerging technologies in more strategic ways.
If you want to get your organization onto the technology fast track (or keep it there), there are a number of interesting lessons you can take from the Pacesetters. We found that Pacesetters are more likely to exhibit three distinguishing traits that help them capitalize on the potential of mobile, analytics, cloud and social technologies. They are:
So, how are Pacesetters managing to stay ahead of the competition? As it turns out, they’re very experimental in their approach to developing IT skills. Rather than wait until there’s clear business demand for new skills, Pacesetters start building skills ahead of time: they are nine times more likely to experiment with technologies that don’t yet have a clear business application, and twice as likely to proactively develop skills to meet anticipated needs.
To learn more about the study results and how you can follow the pacesetters’ lead in technology adoption, you can check out the complete IBM 2012 Tech Trends report and a variety of other resources.
Don't miss the paper's list of concrete recommendations for becoming Pacesetters. We invite you to join in the discussion and let us know what you think about the study and its recommendations!
In my previous blog post on How Leading Marketers Outperform, I discussed how Leading Marketers develop a system of engagement
that drives customer value at every touch.Today, I’m going to focus on the other side of that equation and dig a
bit deeper into what prevents many marketing organizations from becoming Leading
The first question you might ask is “why doesn’t everybody
just establish a system of engagement?”The short answer is because it’s not easy.A look at the barriers both Leading Marketers
and others face in implementing marketing technology is very telling.
To begin with there are a set of barriers we found that are
common to virtually any technology decision: cost, ROI, and organizational structure.
If we continue looking, the additional barriers for leading marketers are ease of
use and lack of appropriate user skills.Alternatively, we found that some others are more concerned with
alignment/collaboration within the organization – particularly with IT.In many cases, marketers may not even have
ownership of marketing technology decisions.
In short leading marketers are collaborating with IT to implement the technology framework that supports a system of engagement and are focused on issues that enable them to improve
the effectiveness and scale of their activities. The others are
struggling to coordinate effectively with IT and other functional areas within
the enterprise. They aren't at a point yet where ease of use or a lack of user skills could be a barrier.
This leads to the second question, “okay, how do
you collaborate more effectively with other functional areas (especially IT)?”This is complicated, but our data
suggests that Leading Marketers are able to collaborate effectively at least in
part because they’ve established credibility within the organization.
There are lots of ways to establish credibility, but a part
of it is being able to demonstrate the value that you bring to the table.To that end, our study found that 88% of
leading marketers attribute business results to marketing activities. They use a variety of different systems,
ranging from spreadsheets to complex software suites, but the common thread is
that they attribute results regardless of methodology.
And of that 88%, 93% of those leading marketers have a set
process in place for determining which marketing activity receives credit for
the business results.Again, the
specific methodology varies – first touch, last touch, results distributed
across multiple touches – but they have a set process in place.
This measurement allows leading marketers to invest resources intelligently.They know what works and what doesn’t, and this allows them to maximize
the impact they have on the business and focus only on the most effective
activities. This in turn builds credibility with the rest of the enterprise. Marketers can finally speak in the same financial language as the rest of the business.
So in summary, it’s very difficult
to become a leading marketer without measuring the results of marketing
activities.Measurement not only informs
operational spending decisions, but also impacts the role of marketing within
the organization. Leading marketers’ ability to attribute results helps them
not only invest intelligently but also build credibility and the financial justification needed to construct an
enterprise-wide system of engagement.
I'll be back next time with a discussion of the overall characteristics of leading marketers and how they illustrate a road-map forward for marketing organizations. In the meantime, if you have any questions, please feel free to leave a comment!
Derek Franks Consultant, IBM Center for Applied Insights
A couple of weeks ago I wrote a blog post discussing our
recent paper that links Leading Marketers with financial outperformance.In our study, these Leading Marketers had 40%
higher revenue growth and twice the
gross profit growth.Naturally, the next
question you’d ask is “how do I become a leading marketer?”And that’s exactly what I’m going to talk
about over my next few posts.
To kick things off, we found that Leading Marketers engage
with their customers across a variety of channels.These leading marketers are more likely to
have integrated inbound, outbound and offline marketing programs in some or all
channels.They are more likely to use
interaction optimization technology in all of their channels.And they are also more likely to adjust
offers in real-time across all channels.In short, they create a “System of Engagement” that allows them to
engage each customer as an individual, across multiple channels.
So if leading marketers are creating a system of engagement
to deliver targeted messaging across channels, what specific tactics are they
using?To answer that, we looked closer
at mobile and social channels.
Essentially, a number of tactics within these channels can
be considered “table stakes.”Everybody
has a mobile version of their website and delivers mobile e-mails.Everybody has a social networking page on a
site like Facebook and most engage in micro-blogging (Twitter).But there are some specific, innovative
tactics where we saw differences between leading marketers and others.
When it comes to mobile, we found that leading marketers
were more likely to use mobile messaging campaigns, location based targeting,
and mobile-specific ads.For social,
leading marketers were more likely to develop apps for 3rd party
networking sites (Facebook), leverage social/local group buying (Groupon), and
participate in location-based games (Foursquare).All of this means that leading marketers are
faster to begin leveraging emerging/trending technologies to see if they can
enhance the system of engagement.Some
of these tactics may or may not prove to be effective in the long run, but the
leading marketers get there first… not unlike the adage “fail fast, fail
often”.By being at the forefront with
these tactics, they stand to benefit when they come across something that’s
It’s also interesting to note that location-based tactics
saw greater use by leading marketers in both mobile and social.When you think about a system of engagement
that strives to deliver targeted, personalized, relevant offers in real-time,
it makes perfect sense that location-data is a key component to enhancing that
There are a number of ideas you can take away from our data,
but there’s one over-riding principle that I think is worth taking to
heart:Innovation.Leading marketers aren’t afraid of trying out
new channel engagement technologies or tactics.They get there first and they find out what works.They don’t worry about whether a channel is completely
mature… they jump in and get their hands dirty.This enables them to be proactive with their customers, rather than
Derek Franks Consultant, IBM Center for Applied Insights
As a former marketer myself, I know that marketing is often marginalized within enterprises, particularly those with strong scientific or development organizations. Marketing is often viewed as being responsible for the “soft stuff” that looks pretty but doesn’t have any real impact on the business. I’m here to tell you that this view is wrong, and if you don’t realize it quickly, your competitors will.
We recently surveyed 362 marketers from around the world, across more than 15 industries, and found that Leading Marketers’ enterprises had 40% greater Revenue growth and twice the Gross Profit growth over the past 3 years when compared to the rest.
What exactly is a Leading Marketer?I’m glad you asked. We identified 2 essential traits of effective marketers: “Effective Engagement” and “Intelligent Investment”. Essentially we defined Leading Marketers as those who had a high level of responsibility forengagingwith customers across channels as well as a sophisticated approach toinvestingmarketing resources.
We then looked at publicly available financial data and found that when we correlated that to our segmentation of leading marketers, a clear trend emerged: Leading Marketers’ enterprises performed better financially.
So how, exactly, do you develop a Leading Marketing organization within your enterprise? Like most things in today’s world the answer is complex but grounded in the principles of Marketing 101. It can be as simple as the 4P’s or as complicated as developing a collaborative relationship with other functional areas within the enterprise. I’ll be blogging more about this topic and other insights from our study over the coming weeks, but get a sneak preview by reading our executive report, How Leading Marketers Outperform: Effective Engagement and Intelligent Investment.
If there is a particular topic you’d like me to talk about, please login and leave me a comment, below.
David Jarvis Client Insights, Senior Consultant Center for Applied Insights
It is well known that social media holds a great deal of promise for the enterprise, but many executives and others are still struggling to get over the potential security and privacy risks. So, what is the best way to make the transition to becoming a secure social enterprise?
There are a lot of potential benefits to extensively using social media within and outside of your organization. It can increase connections with clients and customers, creating deeper relationships. Internally, it can improve collaboration, productivity, flexibility and accelerate innovation propagation within the enterprise. Social media even has the potential to break down hierarchies, creating more a more collegial working environment.
However, all of this newfound openness and transparency can create significant struggles and security concerns. What happens if my personal and professional social media accounts get entangled? How can I encourage an open dialogue with my customers without leaking product and strategy details? How can I balance my conversations with clients – open enough to be valuable, without seeming like I am controlling it too much? What are the best ways to approach approvals and checks before posting, without sacrificing immediacy?
These worries are not unfounded. Earlier this month, LinkedIn reportedthat hackers breached their servers and leaked 6.5 million user passwords. Not all of them were decoded, but a number were published. In the latest IBM X-Force annual report it was noted that in 2011 there was a significant increase in phishing mails impersonating social media sites and attackers are using personal and professional information from social media to improve their pre-attack intelligence gathering.
We have recently published a couple of resources on using social media responsibly and securely. IBM recently launched our “Go Social. Stay Safe. Be Smart”program externally.
We also just published a new article, as part of our Security Essentials for CIOs series, on navigating the risks and rewards of social media. In the article, we outline four steps for a better enterprise approach to social media, plus some tips for employees using social media.
Define your social agenda – What do you want from social media? Who should be involved? What types of benefits do you expect?
Analyze the risks – Use a structured way to look at potential internal and external risks. Come up with standard procedures for when things go wrong.
Create and communicate your policy – Design an education program to communicate the opportunities and risks of social media, and what is expected from employees.
Monitor security and measure progress – How effective is the use social media for the enterprise? Is it driving more business? Is it really improving collaboration?
Senior consultant, IBM Center for Applied Insights
It’s easy to say that information security leaders have it tough. The security landscape is full of conflict, confusion and uncertainty, coming from a number of different directions. Leaders have a lot to handle. If it’s not a rapidly shifting threat, it’s new technology platforms to secure including mobile, cloud and social. Almost every article I see these days is focused on the growing challenges, with titles like the “Eye of the storm”, “Into the cloud, out of the fog” and “Converging waves of pain.”
Today, the IBM Center for Applied Insights releases the results of the 2012 IBM Chief Information Security Officer Assessment. This was our first foray into examining the role of information security leaders, and how they are evolving to meet the challenging landscape. While we understand and appreciate the fact that things are difficult on the technical front, we wanted to focus on the organizational and leadership aspects of information security.
We felt that information security leadership was in the process of undergoing a transformation and wanted to test whether the role was changing based on increasing security challenges and greater attention from business leaders.
We wanted to identify best practices that could be shared across the industry – and understand if organizations were moving toward a more holistic, risk-based approach to information security.
We also wanted to know what roles collaboration, innovation and integration are playing in security organizations.
What we discovered was that only 1 in 4 security leaders have made the shift to being recognized as having strategic impact on their enterprise. Based on a self-assessment of their organizational maturity and their ability to handle a security incident, three different types of leaders emerged.
Influencers (25%) – This group sees their security organizations as progressive, ranking themselves highly in both maturity and preparedness. These security leaders have business influence and authority – a strategic voice in the enterprise.
Protectors (47%) – These security leaders recognize the importance of information security as a strategic priority. However, they lack important measurement insight and the necessary budget authority to fully transform their enterprises’ security approach.
Responders (28%) – This group remains largely in response mode, working to protect the enterprise and comply with regulations and standards but struggling to make strategic headway. They may not yet have the resources or business influence to drive significant change.
We also discovered some significant differences between the groups that show how Influencers have developed their strategic voice. Compared to Responders, Influencers are:
2x more likely to have a dedicated CISO
2.5x more likely to have a security or risk committee
3x more likely to have information security as a board topic
2x more likely to use a standard set of security metrics to track their progress
4x more likely to be focused on improving enterprise-wide communication and collaboration over the next two years
2x more likely to be focused on providing education and security awareness over the next two years
This is just the beginning of our conversation around the role of information security leadership and its place within the enterprise. The full report goes into more detail on the security landscape, the different types of leaders and their characteristics, and a way forward for everyone.
Susanne Hupfer Client Insights, Consultant IBM Center for Applied Insights
Ever wonder what makes one infographic hit the mark and another one miss? There's more science to it than you might think.
Information graphics – visual representations of information, data,
knowledge, or concepts – have been around for millennia, and humans have
long mapped data in order to organize what they see, filter out
extraneous details, reveal patterns, suggest further exploration, and
ultimately better understand the world around them.
"Why should we be interested in visualization? Because the human visual system is a pattern seeker of enormous power and subtlety. The eye and the visual cortex of the brain form a massively parallel processor that provides the highest-bandwidth channel into human cognitive centers. At higher levels of processing, perception and cognition are closely interrelated, which is the reason why the words ‘understanding’ and ‘seeing’ are synonymous.” (Colin Ware, Information Visualization: Perception for Design, Academic Press, 2000)
Anyone responsible for creating infographics in order to communicate complex information effectively can benefit by taking advantage of lessons from visual perception research.
Prof. Colin Ware, of the Data Visualization Research Lab at the University of New Hampshire, explains:
“… the visual system has its own rules. We can easily see patterns presented in certain ways, but if they are presented in other ways, they become invisible. … The more general point is that when data is presented in certain ways, the patterns can be readily perceived. If we can understand how perception works, our knowledge can be translated into rules for displaying information. Following perception-based rules, we can present our data in such a way that the important and informative patterns stand out. If we disobey the rules, our data will be incomprehensible or misleading.”
One important lesson we can leverage from vision science is an understanding of which elements will prominently “pop out” of an image – thanks to a mechanism known as “pre-attentive processing.” As our brains start to process an image, massively parallel processes detect image elements that are differentiated by low-level characteristics such as form, color, motion, and spatial position. The principles of pre-attentive processing govern which visual elements grab our attention first, before we’ve even begun to consciously process the image.
Here’s a simple example to illustrate the point. Count the number of 9’s appearing in this set of digits:
This time was a lot easier and quicker, thanks to the fact that our brains process lightness pre-attentively.
Some features that are pre-attentively processed include: color (hue and intensity), form (line orientation, line length and width, size, shape, curvature), motion (flicker, direction), and spatial position (2D position, spatial grouping).
For some more pre-attentive fun, visit the demo at this site, choose a feature, and see how immediately and easily your visual system is able to process it.
Understanding what kinds of features are pre-attentively processed has important implications for visual displays. When designing for critical situations such as air traffic control, flight display, or clinical care dashboards, it’s crucial to understand how to make certain symbols or elements stand out from others so they can be interpreted and acted upon immediately.
Likewise, if you’re designing infographics, it’s also important to understand which elements will be seen at first glance – they’re your first chance to grab your reader’s attention, even before conscious processing. Using color, size, shape, orientation, and other pre-attentive attributes, you’ll need to carefully craft which are the most important elements that should “pop out” first.
But choose carefully; not every element of your infographic can stand out. Vision science tells us that pre-attentive elements become less distinct as the assortment of patterns increases. Imagine a bumblebee swarming among flies; the bee is easy to pick out. Now imagine wasps, hornets, and yellowjackets joining the swarm, and the bumblebee will get lost in the mix. So it is with an infographic: As the multitude of competing pre-attentive elements increases, their “power to pop” will be diminished.
Within the IBM Center for Applied Insights (CAI), I’ve begun an additional research path on enterprise mobile application development. To share and solidify my thinking, I’ll be posting some insights and early observations here.
According to the latest IBM Tech Trends study involving more than 1,200 technology decision makers, 69 percent of the respondents indicated that they increased their investments in mobility during the past year. Moreover, 63% of IT buyers say applications— with an internal or external use—are their highest priority mobility projects.
To start, I find it helpful to look at the challenges faced by those doing the work of defining the future of enterprise application development – the developers. Some of the significant challenges include managing a great user experience across devices and platforms, integrating with existing IT systems and ensuring data security. These challenges in turn are defining the capabilities and features for future mobile applications. Let’s have a closer look at just two of these challenges and new developments:
The diversity of platforms and devices poses a unique challenge to developers. Every device company wants to be distinct, yet user-friendly. Screen sizes vary widely. New interactions, like multi-finger swipes, are added over time. New inputs, from GPS to image information, mean that expected data may or may not be available to each user. And, users work "differently" on mobile devices than they do on PCs. Developers have a significant challenge addressing the variety and scope of changes in user experience.
While the enterprises are increasingly moving towards Enterprise Mobility, in most cases the transition has either just begun or been quite slow. Many times, developers are fraught with the challenge of connecting the applications wirelessly with legacy data systems, servers and other IT systems such as cloud services. Depending on the type of data and the nature of requirement, developers need to decide whether the data needs to be downloaded on the device, for how long, how and when to update the data etc.
One company that has been successful in integrating front and back-end systems through a mobile platform is Air Canada. It developed an app to help customers check their flight status and obtain electronic boarding passes in real time. The app has had over 1.5 million downloads and was ranked number two overall in the Apple App store in Canada a week after its release. As a result, Air Canada was able to reduce its per-check-in costs by 80 percent.
Mobile application developers can address these challenges, and others, if they view them as opportunities and try to find innovative solutions to these problems. These challenges can very well become the guides/pointers towards the future course of enterprise application development.
I look forward to hearing your comments and suggestions. I’ll also have more to say in the coming weeks, as our research progresses.