Senior Consultant, IBM Center for Applied Insights
Sometimes time and space conspire to create an opportunity that you weren’t expecting. That was the case for me last week. Near where I live, the University of Rhode Island (URI) hosted their third Cybersecurity Symposiumon education and workforce development. Speakers included the entire Rhode Island Congressional delegation, the director of the U.S. Defense Intelligence Agency, the CIO for the U.S. Department of Defense and a number of industry practitioners, including IBM’s VP for Cyber Security Innovation Marisa Viveros. Marisa was the co-author of the paper that we recently published on leading practices for cybersecurity education.
The symposium was open to the public and students, had over 400 attendees, and flew at a fairly high level. There were some excellent takeaways and parallels to IBM’s recent research with respect to cybersecurity skills and education. The Congressional delegation, which included Sen. Whitehouse, Sen. Reed, Rep. Langevin and Rep. Cicilline, each emphasized different areas of the cybersecurity challenge. This included improving public awareness, the national security implications of the rapidly changing cyber threat, the difficulties with law enforcement, and the need to protect our privacy, civil rights and liberties.
Lieutenant General Flynn of the U.S. Defense Intelligence Agency (and URI alum) was a very engaging speaker and talked about the “invisible war” that is currently being waged in cyberspace. He highlighted the profound transition U.S. security is currently going through – caused by population, economic and technology shifts – which require new ways of thinking. To fight this invisible war, he said that for every person currently working in cybersecurity today, we need a staggering twenty-eight more. He also repeatedly talked about the generational issues involved in cybersecurity and that real rules and discipline have yet to emerge on the international stage. He advocated something akin to the “law of the sea”, but for the cyber domain.
The business and industry panel included speakers from Google, IBM, Dell SecureWorks, CVS and Fidelity Investments and was much more open and conversational. They all brought their perspectives – whether providing information security or managing it for their organizations. There was a lot of discussion about how to break into the field of cybersecurity, what skills to have, what courses to take, and career paths. Stephan Somogyi, from Google, talked about the need to educate everyone on digital hygiene and focusing education on the basics of computer science. He said that you have to have a passion for security, it is a calling. If you have that, you can come from any field. Jeff Shilling, from Dell, talked about the incredible need for security technicians, those with hands-on skills. He has enough security managers, what he needs are those that can do the work (he agreed with Lt. Gen. Flynn’s assessment).
A lot of the themes from the day echoed what we recommended through our research. Local and national collaboration was evident with the diversity of speakers and the support from the entire university, the Congressional delegation, the military and industry. The importance of awareness was highlighted over and over. URI is working on innovative ways to provide hands-on experience for students through a low-cost Open Cyber Challenge Platform they are developing. The need for improving non-technical cybersecurity academic programs for business and policy leaders was highlighted in a new study from the Pell Center for International Relations and Public Policy.
This was a very valuable event, and I hope that it continues on an annual basis. Even though it was to raise local awareness and promote URI and its computer science program, it could stand to have increased global participation in the next iteration – which was one of our key findings.
For a summary of our recent research check out and share the Prezi presentation below:
Let’s start with some startling facts about the consumer products and goods (CPG) industry. Failure rates of new product innovations are estimated to be higher than 70 percent globally. Still, more than 80 percent of traditional marketers make decisions based on gut feel and past experiences, instead of using scientific approaches that unlock new insights (for example, advanced analytics).
Today, CPG companies are wrestling with a host of market challenges related to market, retailer and technology. Some of the significant challenges faced by the CPG companies include:
Market – Volatile commodity prices and shifts in global supply and demand increasingly influence the gross profit margins of CPG companies. Large multi-national CPG companies have global supply chains and they sell globally, hence their profit margins are affected by the cyclical movements of currencies, economies and other macro-economic factors in a country.
Retailer – The increasing clout of retailers in the marketplace poses significant challenge to the CPG companies. The big retailers are getting even bigger and more powerful. CPG companies face pressure from the retailers to reduce prices. There is a lack of collaboration/partnership with the retailers as retailers continue to limit access to consumer data and insights. CPG companies increasingly find it challenging to obtain approval from retailers for executing their plans and strategies. Maintaining retailer’s loyalty also becomes a big ongoing challenge for the CPG companies.
Technology – Keeping pace with exponential increase in data and associated analysis and technological developments has always been a challenge for the CPG companies. Companies are struggling with integrating data across channels and functions, cleaning and standardizing it and churning it with the help of advanced analytics to produce actionable insights.
These are all important challenges worthy of attention for the market participants, in order to survive and compete in the marketplace. Still, the manufacturers should start focusing on the one thing that can inform their product development, improve their operational effectiveness, increase their competitiveness and boost their profits - the consumer.
The presence of today’s technology-enabled empowered, omni-channel consumer affects how CPG companies control costs, grow sales, coordinate a wide variety of trade activities, manage time and manage the customer (retailer) relationship. These consumers are empowered by an abundance of information, technology and choices. Their expectations from the companies have increased in terms of ongoing engagement and constant experience across channels. And they can champion or sully the reputation of a brand at the click of a mouse. Their constant online and offline engagement with companies and their products generate a lot of data about their shopping behavior and preferences. That is why, manufacturers should start taking their end consumers more seriously as this knowledge can inform various functions like sales, supply chain, IT etc. across the companies (and not just marketing) and help companies transform their entire value chain. This would help them to anticipate consumer need s and proactively plan for them. This can also help them collaborate with retailers and gain a seat at the decision maker’s desk.
Many CPG companies, globally, have started to realize this need of strong consumer focus and are deploying dedicated resources and advanced analytics to develop consumer centric capabilities. For example, in its 2011 category leadership study by Kantar retail, when retailers were asked which manufacturers ranked among the top three in consumer/shopper insights and category management, Procter & Gamble (41.9%), Kraft Foods (37.1%) and PepsiCo (27.0%) came out on top, with General Mills a hair width behind (26.9%).
We, at the IBM Center for Applied Insights, have been working on a comprehensive global study of over 350 CPG senior executives to gain more quantitative and qualitative insights about the increasing consumer focus of these CPG companies. The focus of this study would be to understand market trends, the need for consumer orientation, who are the leaders, how they are doing it and the results achieved.
Watch out this space for more insights and information on the release of forthcoming executive presentation, info-graphic and white paper.
I look forward to your comments and observations. Please click “Add a Comment” below or “More Actions” to share this with others.
David Jarvis Senior Consultant, IBM Center for Applied Insights
In a world of increasing and varying information security threats, academic initiatives focused on cybersecurity are proliferating - yet, there is still the danger of falling short in addressing the long-term threat. To avoid becoming too focused on near-term issues, programs must be more collaborative across their own institutions, with industry, government, and among the global academic community. Only by working in concert can we meet today’s demand while educating the next generation to create a more secure future.
There have been a lot of recent reports, blog posts and news articles discussing the cybersecurity skills gap. It has been an ongoing issue for a while, and will continue into the future. We wanted to tackle this problem, not from the demand side, but from the supply side. So, the IBM Center for Applied Insights and IBM’s Cyber Security Innovation team selected 15 academic programs in 6 different countries from the over 200 institutions we monitor and work with. We conducted interviews with faculty members, department chairs and others. This week, we released a synthesis of those interviews in our latest security insights paper,“Cybersecurity education for the next generation: Advancing a collaborative approach” .
Through our interviews it was confirmed that cybersecurity is top of mind for students, educators, industry and government. Industry and government are currently facing a significant skills gap and this is causing the programs we interviewed see extremely high demand for their students, both undergraduate and graduate.
But, not all is rosy with the increased demand and attention. Programs are expected to provide more of everything – courses, graduates, opportunities, research – which has caused programs to face a number of organizational and technology challenges. Stained programs are addressing these challenges in different ways, taking different approaches to cybersecurity education, but still sharing similar common principles.
The trends, challenges, issues and differing perspectives cannot be fully addressed by each academic program on its own; cybersecurity is a global problem and should have global solutions. A set of leading practices promoting a longer-term and more collaborative approach is needed. We identified three general areas that the leading programs we talked to excelled at, all dealing with collaboration and connection.
1. Collaborate within your own institution – Cybersecurity programs should embed security practices and principles in computer science and engineering courses and take a holistic technical approach. They should work with other disciplines and schools in the university (e.g., business, law, ethics, medicine, policy). They should offer diverse education options for students and professionals (graduate, undergraduate, professional development, etc.).
2. Co-evolve with industry and government – Academic programs should have deep ties with industry and government – partnering and collaborating on research, curriculum development, and opportunities for students. A hands-on, practical, approach is also extremely important. Laboratory work, projects, special-interest groups, and internships should all be cultivated.
3. Connect across the global academic community – A number of the programs we talked with discussed the need for building a “science of security” to anticipate security problems and a cross-discipline lingua franca among scientists, engineers and policy makers. Fundamental concepts and common vocabulary can only be developed with participation of the entire global cybersecurity community.
We recently put together a nice video that provides an overview of Marketing Science. What is Marketing Science exactly? Well you can either watch the video or take a look at our Whitepaper. But the short version is that it's a way for marketers to deal with the challenges that "Big Data" presents by using a more rigorous scientifically grounded approach to develop insights and then using those insights to impact the business.
The concept itself really isn't very complicated. We've boiled it down to 3 steps: Architect Data, Apply Science, and Influence Action. However, the application of these concepts isn't always easy or straightforward. So over the coming months, I'll be posting about some of our own internal examples of applying Marketing Science to give you a better feel for what it looks like in practice.
And if your company has been engaging in Marketing Science, we'd love to hear about it. Who knows, maybe your example could be the subject of a future blog post.
Derek Franks Consultant, IBM Center for Applied Insights
The era of “Big Data” presents a variety of challenges and opportunities for marketers. With the increase in volume, velocity, and granularity of data, marketers can become much more precise in how they interact with both the marketplace and individual customers. But the same time, when you’re dealing with large volumes of data, it’s easy to over-fit your models and mistake “noise” for “signal”, to borrow a concept from Nate Silver’s excellent book, The Signal and the Noise.
This is something that we’ve been dealing with internally at IBM for a while now. In response, we’ve developed a framework internally that we think may help others refine their own approach to generating insights from data.
We call this framework “Marketing Science”. This is a 3-step framework consisting of “Architecting Data”, “Applying Science”, and “Influencing Action”. The fundamental idea is to apply the scientific method to developing insights within a business setting. This presents unique challenges in and of itself. But there are some basic concepts to keep in mind:
"Architecting" (or collecting and structuring) data is extremely important. The rest of the process depends on getting access to the right data from a variety of sources and if you haven’t done a good job of dealing with data across your enterprise, it’s like trying to run a 100m race with your shoes untied.
A hypothesis-test-refine approach to data analysis is central to the concept of Marketing Science. Developing and testing hypotheses is one of the main ways you limit your exposure to over-fitting data.
Within a business setting, insights are only valuable in so far as they’re able to inform decision-making and/or influence action. At the end of the day, driving business outcomes is the goal of Marketing Science. Keeping this in mind helps to keep you focused through the first two steps. And it means that once you’ve uncovered a nugget of insight, the real work may just be getting started as you take that insight back to the business.
Marketing Science is a fascinating topic that we’ll be talking about quite a bit more moving forward. We’ve conducted some market research that I think will be very enlightening and have started collecting some use-cases of how we’re applying these principles in a practical sense. In the meantime, if you have any comments or thoughts on developing insights from data, we’d love to hear from you.
I've previously written about our research of leading marketers, both their correlation with improved financial performance and what exactly they do differently than everybody else. We recently sat down with three leaders from our Enterprise Marketing Management team, Yuchun Lee, Elana Anderson, and Jay Henderson, and asked them to discuss our research and the implications of that research in more detail. Check out the video to get their take on why marketing matters, and how you can continue to engage with customers effectively and invest your marketing dollars intelligently.
Leave us a comment here or on YouTube to let us know if you're seeing similar trends in your enterprise.
John Reiners Principal Consultant, IBM Center for Applied Insights
This month is the 10th anniversary of London’s congestion charge. It was not quite the first such scheme (Singapore had been running theirs for almost 10 years) but it was certainly one of the earliest internationally visible Smarter City projects before the term had even been invented. So what can we learn 10 years on from their experience?
Prevailing opinion at the time was that it was an audacious experiment. Most people expected it not to work, & certainly not to be popular. But if it was a success, it would establish London as a pioneering city, with many others in the UK and elsewhere keen to emulate it.
How wrong that opinion was! Congestion charging has been a success with remarkably few technical problems and an acquiescent, if not wildly enthusiastic, public. It had an immediate impact on traffic volumes and congestion and London is a cleaner city as a result. Yet the follow on wave of implementations has not happened. Why not?
I think the reason is in how the benefits from congestion charging are delivered and communicated to the public. The economic case for congestion charging is hard to dispute – it is cheaper to implement than road building programmes and the benefits of reduced congestion, from fewer accidents, increased mobility and fewer emissions are considerable and proven. Yet these benefits are not clearly visible to the public, who only experience the inconvenience of adapting to a new way of paying for their commute. When proposed schemes are put to the public (as they were in Manchester, Edinburgh and West London) the public voted strongly against. It takes a particular brave mayor to risk upsetting public opinion, whatever the ultimate gain to the city as a whole.
So for significant smarter city projects like congestion charging to proceed as more than vanity projects of bold mayors, more work is needed to convince the public of its benefits. There are signs that this may be happening….As technology in related areas like telematics, car to car communications, automated parking systems etc progresses, the creation of a digital city road infrastructure can be seen as an enabler to drive innovation and new business opportunities. Many governments, including the US, UK, Germany, S Korea, Japan and Singapore have identified the potential of investing in traffic management and information services to drive business investment and jobs. There is a race to lead these industries of the future. But to join the race, let alone win it, cities will need first to convince their public that it’s worth it.
Mobile money has progressed by leaps and bounds in the recent years and a lot of innovations are happening globally. The industry is undergoing a lot of changes and ecosystem participants are trying to learn from their successes and failures to innovate further. I have been an avid follower of the various developments happening in the industry. In this post, I will capture my thoughts on key segments of growth/developments which I would expect to happen this year. I believe these segments of growth/developments have the potential to bring further scale and innovation in this industry:
1. Development of ‘App Store’ – I expect that some of the major mobile money service providers may open up their platforms via an Application Programming Interface (APIs) that allows third parties to hook in and innovate. This development has the potential to replicate the success of the ‘Apple Appstore’ by providing an incentivized ecosystem to the developers. They would develop innovative and customized applications for specific markets which would address specific needs and in turn, attract more customers to the service. Thinking further, an ecosystem of these Apps stores from various service providers can provide further scale up and growth opportunities to them.
For example, a Kenyan MPesa customer on his visit to Ghana, can simply download an app to pay parking fees or make some quick purchases in a busy market in Ghana. Implementing platform level and customer level interoperability would be the foundation to build this big ecosystem.
2. Transformation of traditional model of B2B payments – Increasingly, mobile money is finding its application in the Retail industry for Point of Sale (PoS) transactions. Interestingly, I would expect more Business to Business (B2B) mobile money solutions to emerge for various industries. These solutions would focus on transforming the way payments are being made throughout the value chain. The aim would be to reduce risk of carrying cash, optimize liquidity, and provide delivery of goods and payments with security.
For example, Coca-Cola Sabco is looking at the use of mobile money as a way to shift the supply chain of its Manual Distribution Centers away from cash. In Papua New Guinea, IFC is looking at piloting mobile money to reduce the use of cash in the coffee supply chain.
3. Development of new business models – Traditionally a Mobile Network Operator (MNO) or a bank provides the mobile money services either individually or in collaboration. Of late, new business models are emerging as different industries are exploring mobile money based custom applications.
For example, Bharat Sanchar Nigam Limited (BSNL), a leading telecom service provider in India, has a mobile banking platform which will help mobile subscribers to send money orders electronically. The unique thing is that this SMS based service is done in association with India Post. Receiver will be able to encash the SMS at all post offices in the country. Starbucks, a leading coffee chain is already among the most successful early adopters of mobile payments, claiming to have processed USD26 million in mobile transactions in the US just 12 months after launching the service. Recently, it has forged a partnership with Square that will see the mobile payments company power in-store credit and debit card payments for Starbucks.
I expect that more of these innovative and interesting partnerships will emerge which would utilize mobile money to conduct business more efficiently and effectively.
I look forward to your comments and observations. Please click “Add a Comment” below or “More Actions” to share this with others.
Caitlin Halferty Consultant, IBM Center for Applied Insights
Yesterday, on Tuesday February 5, 2013, IBM CEO Ginni Rometty addressed more than 200 South African business leaders in Johannesburg. IBM has been doing business in Africa for more than 90 years. Most recently, the company has been expanding its presence by focusing investments in more than 20 African countries.
Current research suggests the top challenges African-based CIOs face today include:
Availability of skilled resources
Network and bandwith availability
Availability of liquid assets to secure investments in technology
Ensuring return on IT investment
Consistent and effective security policies
Familiarity of users and customers with new technologies
Tie to legacy environment and tools that constrains the ability to adopt new technologies
Implementation of technology standards across countries/regions
Ability to meet regulatory and compliance regulations
Stabilize and enhance IT infrastructure in support of the business
Ability to establish meaningful metrics
Improve risk management posture
Establish effective governance processes
As African-based CIOs rise to meet these challenges, should they look to the West or the East for their mentors?
To further explore how these CIOs strengthen and transform their organizations in light of these challenges, we're assessing competencies and capabilities that span:
Business strategy and process
Risk management and compliance
Innovation and growth
Relationship management and communications
What competencies and capabilities do you see as most promising?
We look to answer these questions and several others for you when we publish our research later this year. Post a comment and contribute your opinion to the conversation!
David Jarvis & Susanne Hupfer IBM Center for Applied Insights
There are four pivotal information technologies that are rapidly reshaping how enterprises operate: mobile technology, business analytics, cloud computing, and social business. All four of these technologies are potentially disruptive, and they also come with unique security concerns. Many people fear the security implications of employees bringing their own mobile devices to work, or storing mission critical databases in public cloud environments. Fear shouldn’t drive organizations away from these potentially transformative technologies. How are organizations overcoming their fears? How are they breaking though the “security wall”?
Recently IBM released the results of its 2012 Tech Trends Report, which looks at the adoption patterns of these four technologies. It is based on a survey of over 1,200 professionals who make technology decisions – the respondents came from 16 industries and 13 countries. As part of the analysis, three different types of organizations were identified:
Pacesetters (20%) believe emerging technologies are critical to their business success and are using them to enable new operating/business models. They’re also adopting ahead of their competition.
Followers (55%) agree that these technologies are important and can provide critical capabilities and differentiation, but they generally trail Pacesetters in adoption.
Dabblers (25%) are generally behind or, at best, on par with competitors in terms of adoption. They’re less strategic in their use of emerging technologies, namely citing greater efficiency or new capabilities in selected areas.
One common thread across all three of the identified groups is that security is a significant area of importance and concern. In fact, 62% of respondents cite security as one of the three most important areas facing their organization over the next two years, with 27% rating it number one. One interesting aspect is that, the less mature an organization is with respect to the four strategic technology areas, the more security rates as an area of importance and focus. Seventy-seven percent of the Dabblers cited security as a top-three area of importance, versus only 49% of the more mature Pacesetters. Why is that? Perhaps the Dabblers don’t fully understand, or trust, that there are security technologies, policies and practices that can ensure a more secure approach overall. Or perhaps they lack the experience the Pacesetters have.
“Security and privacy are not always treated as first-order problems. Things are deployed and made widely available without regard for security and privacy. In a best-case scenario, security and privacy are thought of as add-ons. Worst case, they’re ignored completely.” – Dr. Eugene Spafford, Professor and Executive Director of the Center for Education and Research in Information Assurance and Security, Purdue University
Besides being an area of significant importance, security is also seen as a significant barrier to technology adoption by the survey respondents. Information security is ranked as one of the top two barriers to adoption across the four technology areas – more than integration, inadequate skills or regulation and compliance. Overall, security is the biggest barrier for a majority of respondents for mobile (61%) and cloud (56%) adoption. Security is cited less often as the top adoption barrier in social (47%) and analytics (31%). As shown by the dark blue bars in the graph below, there isn’t a huge gap between the groups (9-11%) when it comes to security concerns, but, in general, less mature Dabblers see security as more of a barrier than the more mature Pacesetters. The exception is analytics, which has the lowest adoption barrier. Perhaps Pacesetters better understand the potential risks in implementing advanced analytic systems.
Another part of the security wall blocking the full realization of the benefits of the four technologies is that organizations’ current IT security policies aren’t sufficient. The figure above generally shows correlations between viewing security as a barrier to adoption (dark blue bars) and inadequate security policies (light blue bars). The Pacesetters are more confident across the board, with a majority saying that their security policies are adequate. The “adequate policies gap” between the Pacesetters and Dabblers ranges from 13% to 32%, a fairly wide margin. This tells us that organizations that have the right security policies in place are more confident, and less likely to see security as a barrier. For the others, there is a gap between their fears and taking the steps needed to address those fears.
Another tool organizations are using to attack the security wall is skills development. A majority of the respondents know that security is an issue and are working hard to boost their confidence. Overall, 70% of organizations are planning to develop or acquire skills in “mobile security and privacy” and “cloud security” – the two technology areas where security is seen as the biggest barrier.
Security is tightly intertwined with the four technology areas discussed. You shouldn’t pursue cloud, mobile, social or analytics endeavors without also focusing on needed security technologies, skills, policies and practices. The more you focus on policies and skills, the less likely you will see security as an impediment. Treat security as a business imperative and make it a priority. Design security in from the start of any project. Doing this will increase confidence and help to tear down the walls that are slowing the adoption of important, transformative technologies.