Schlagwort-Archive: information

Innovation starts with your users…

The best advice I ever received when I was looking to start a consulting business was this:

“To guarantee success, find a need and fill it.”

There is no value in creating products or services for which there is no need. On occasion, an organization will come up with a game-changing product and redefine a whole industry, such as RIM in the early days, replacing pagers with email anywhere, and Apple with its iPhone and iPad, which brought smart devices to the masses. But, for the most part, the businesses that thrive are those who have mastered the ability to identify a need and fulfill it.

It is evident that they excel at anticipating what their customers would need, and when. They have essentially put themselves in the place of the user, and walked through what a successful experience would be. Interacting with these organizations is uncannily intuitive. The website is informative, expectations are clearly defined, there are no unpleasant surprises, and if it is a product, you could likely hand it to a child and they would be able to figure out how to get started.

As you read this, I’m sure you are remembering your own experiences in dealing with companies offering this type of product or service. This may be anything from the great little restaurant you frequent or the car dealer you have bought a second or third vehicle from because you loved the service.

But not all businesses are thriving.

There are far too many companies, service organizations, and manufacturers more concerned with numbers, and specifically how high can their sale numbers reach in the next quarter, than they are with the experience of their customers in interacting with their products.

No one will deny that Apple has made a huge impact with the iPad. Even if you are not an Apple fan, you can’t deny the device is simple to use. I can hand mine to a 3-year old and she will flick and swipe at the screen like a pro to find her games and books.

I got an iPad for my parents (who are in their eighties). A week later, they wanted to buy a second one so they don’t fight over who gets to use it. These devices have opened up a whole new world of opportunity and discovery from the comfort of their La-Z-Boy recliners.

And the best part (for me), I have barely spent mere moments providing them with tech support. When you consider that I’ve had to help them with setting up almost every other device (i.e. their first computer, programming numbers into phones, setting up HD television, replacing the 8-track player with an iPod) this is almost a miracle.

In my role as a CIO, I get to preview and try a lot of different devices, software applications, and computer hardware. I admit that much of what I see leaves me underwhelmed, like the array of slate devices that have come my way recently.
I also know that I would never, ever recommend that my parents use one of these other slate devices.

The iPad comes with the Apple ecosystem. The iPad, while intuitive to use, is like celery – designed to move the dip (or in this case the experience) from the bowl to your mouth. A lot of the other devices are like celery without the dip. The experience runs out of steam pretty quickly.

I am remiss to quote yet another saying by Steve Jobs, but the following is fitting of the streamlined user experience and device capabilities of the iPad:

“You’ve got to start with the customer experience and work backwards for the technology.” (WWDC 1997)

So what can an IT leader learn from this?

It would seem that many of us in IT leadership missed the class on customer experience:

We have a service catalogue but have never defined what a successful experience would look like.
We ask our users to use products and services that we ourselves would never incorporate into our own department.
We launch new technology initiatives without ever consulting the people who will actually have to use the new system.
We get defensive when we are questioned about missing functionality or dismissive when new features are suggested that we didn’t think of.
And on and on…
It doesn’t sound very nice to be a customer of this type of an IT department but, unfortunately, many of our users have these experiences daily.

What is different though is that given the influx of personal devices and cloud- based applications and services, our users now have a choice. For example, marketing departments can set up a contract with SalesForce.com and completely end run your department.

Don’t think it isn’t happening, or won’t happen to you, so let me suggest something:

It’s time to change the way IT is done in your organization.

Dust off your service catalogue; sit down with your team. Take each of these services and discuss what a successful user experience would look like. It’s not about what’s most convenient for your team, but what would make the user experience the best it could possibly be. Talk about how you are going to make it happen. Then do it.

If you start at the end, you are leveraging proven wisdom for running a successful organization.

________________________________________________________________________________

Note: A version of this post by the author previously appeared on the IT World Canada website.

Images:  Used under Creative Commons license

About the Author:

I’m the Chief Information Officer for Appleby College, in Oakville, Ontario Canada, where my team is transforming the delivery of education through innovative application of technology. I'm also a beBee Brand Ambassador.

I'm convinced that IT leadership needs to dramatically change how IT is delivered rather than being relegated to a costly overhead department.

In addition to transforming IT in my role as CIO, I look for every opportunity to talk about this… writing, speaking and now blogging on BeBee (www.bebee.com/@kevin-pashuk) , LinkedIn, ITWorld Canada, or at TurningTechInvisible.com.

I also shoot things… with my camera. Check out my photostream at www.flickr.com/photos/kwpashuk 
IT – Information Technology
Kevin Pashuk Kevin Pashuk
Chief Information Officer – Appleby College/ beBee Brand Ambassador • Appleby College and beBee

Visit the Kairos webiste https://cabinet.kairosplanet.com/register/#111b0e

The 2 Biggest Cybersecurity Fears of NASDAQ’s Chief Information Security Officer

NASDAQ CISO, Lou Modano, shares the big picture fears that businesses need to think about — even if they already have a great information-security program in place.
  
By Joseph Steinberg CEO, SecureMySocial   @JosephSteinberg

I recently spoke with Lou Modano, Chief Information Security Officer of NASDAQ, and asked him what his greatest fears are right now when it comes to keeping NASDAQ cyber-safe. Of course, there are many threats facing NASDAQ – from criminals to hacktivists to nation states – and the stock exchange obviously has an army of highly skilled information-security professionals, intensive information-security-related training, and a robust information-security technological infrastructure, so my question went beyond the usual technological and human issues, and, instead focused on what risks are hardest to correct even with significant cybersecurity resources. As such, CISO Modano's observations provide insight into the big-picture problems that businesses, cybersecurity professionals, and policymakers should be thinking about.

Modano told me that his two greatest concerns are:

1. The speed at which vulnerabilities are exploited to create cyber-weapons.
It is no secret that, in recent years, hackers have become much more adept at creating cyberweapons to exploit vulnerabilities, and that the time between the disclosure of a particular vulnerability and the creation of a weapon that exploits it has dramatically decreased. When vulnerabilities are found in software, the software makers typically issue patches – that is, fixes that can be downloaded and installed either automatically or manually. Modano pointed out, however, that the because the time between the issuance of a patch and the discovery of weapons that exploit the associated vulnerability in unpatched systems is going down, organizations wishing to stay secure often have a lot less time to deploy patches than they used to have in the past. Because a formal change management process including the testing of patches is needed in order to ensure that patches do not interfere with system functions or otherwise have adverse side effects, organizations face a growing risk of being unable to fully deploy patches before hackers start attacking unpatched systems or of deploying inadequately tested patches. While businesses can work to make their patching and change management process extremely efficient, even doing so does not fully solve the problem – especially in situations in which vulnerabilities are announced before patches are available, in which cases criminals often create cyber-weapons that exploit the vulnerabilities even before the associated patches are released by vendors. We may see an example of this in the near term if Wikileaks decides to publish details of CIA cyberweapons before the associated vulnerabilities are fixed by vendors, and folks have had adequate time to test and install the fixes; such an occurrence could force security-conscious organizations to temporarily disable various online services.

–– ADVERTISEMENT ––

Lesson: Make sure you have an efficient process for obtaining, testing, and deploying security fixes, and be aware of when you may be at risk even with such a process in place.

2. How does the information-security team know what it does not know?
As Sun Tzu pointed our thousands of years ago, it is much easier to defend against attacks when you know your enemy and its tactics. While security professionals do attempt to monitor hacker communication channels for indications of brewing attacks and exploits, one of the greatest problems that defenders face is that hackers are, by definition, one step ahead. Security pros face challenges in getting as much intelligence about what threats are coming – sometimes there are warnings from chatter or from information shared on social media, but sometimes defenders know nothing about a powerful attack before it is launched. Modano pointed out that industry groups and other methods of exchanging information do help – as one organization that detects something anomalous or hostile can share its findings with others both to warn them and to see if others have observed similar potential threats. Even firms that compete for business often recognize that when it comes to information security it is in their common interest to share information about threats that they discover – after all, if a criminal or nation state breaches one of the firms, he/she/it is likely to launch similar attacks against the others. At the same time, however, as Modano noted to me, there is a lack of standardization across federal and state regulators on matters related to privacy, information sharing, breach notification, and other areas of security; a lack of uniformity complicates matters related to knowledge sharing, as not all businesses are subject to same rules and requirements.

Lesson for us all: Make sure you obtain as much relevant intelligence as you can about threats to your business and personal information systems. Industry groups and information-security venues can be one good source of such knowledge.

For insights from other experts who attended the recent NASDAQ – National Cybersecurity Alliance Summit in New York, please see my article 6 Insights From Experts At The NASDAQ-NCSA CyberSecurity Summit.

Visit the Kairos webiste https://cabinet.kairosplanet.com/register/#111b0e