Developing a Culture of Innovation

High Performance IT Organizations:
– Understand Change at a granular level
– Drive change versus Resist Change

Next Age IT Heroes will be “Masters of Change”

v>

De-Synchronization is the story every executive must understand – The pace of change for various piece-parts of the world we live in is not uniform.  The un-even acceleration of key piece-parts (i.e., institutions, skill sets, practices & mind sets)

General Shape of the Future – SMAC Stack: Social Media, Mobility, Analytics/Big Data, Cloud

 

Moving Fast in the Enterprise

Success in today’s marketplace requires us to move faster, to get closer to customers, and to increase the probability that what we build is fundamentally what they want.  Moving Fast in the Enterprise must be done with a concise set of tools and principles, but also a new way of thinking that can help us do that better.

These principles can be applied throughout the enterprise, regardless of organizations implementing a new version of a product, taking a product into a new market, or building something fundamentally new like the world has never seen.  End results include process change to simplify internal productivity, interacting with customers better enabling quicker sales cycles, reducing the cost of sales, resulting in more value added customer solutions.

These are all changes with a high degree of uncertainty, where calculating ROI can be difficult.  By treating process changes as controlled experiments to test validity can ultimately drive an organization wide roll-out.

Do traditional enterprise processes take the idea of growth based on customer need seriously?  Is the customer completely engaged throughout the build process?  How often do we get the voice of the customer right the first time?  What if market conditions change through the life of the project which may change the scope of the project?  Getting customers engaged early and continually through the project serves to constantly test to ensure the current version of the product fundamentally is going to drive growth and delight customers.  This develops a process of continued learning where a measurable business outcome is achieved.

Organizations must focus on ‘Build, Measure, Learn’ cycle times – How much time has elapsed before we’ve validated the idea as correct or incorrect?

Every team member can be entrepreneurial about their job.  Do you have ideas about how you can serve customers better?  How can you get the ideas tested?  We should be empowered to propose experiments.  Every project must have accountability and defined metrics.  While driving process change, are you learning something important?  How are you learning about what customers want?

 

The End of the Industrial Age

Work Design
From Hierarchies to Networks
Twentieth Century Icons: Mastery of Scale, Quality, and Cost

  • Organizations that mastered these capabilities dominated the twentieth-century economy
  • Bureaucratic systems optimized core processes
  • Division of responsibility – needing only top leaders to worry about the overall goals
  • each worker freed to develop a component skill

The Primary Function Today: Orchestrating Intelligence

  • Using one’s particular knowledge and capacities in ways that contribute to the success of the whole
  • Combining different types of knowledge and expertise to come up with something better
  • Harnessing the smallest units of knowledge
  • Continually improving processes and routines
  • Customizing relationships with customers, suppliers and others
  • Detecting and responding to market and environmental shifts
  • Learning

Drivers for Change

  • The Technology Revolution
  • The Economic Revolution
  • The Net Generation
  • The Social Revolution

Collaboration and the Changing Nature of Work
Ronald Coase
The Economics of Collaboration

  1. Peer Pioneers
  2. Ideagoras
  3. Prosumers
  4. New Alexandrians
  5. Platforms for Participation
  6. The Global Plant Floor
  7. The Wiki Workplace
    Personal Profiles (based on people)
    Industrial Strength Social Networks
    Blogging and Microblogging
    Wikis and Document Co-creation
    Ideastorms
    Team Project Tools
    Deliberation-Decision Making
    New Generation Knowledge Management

Knowledge Management 2.0
Old: Finite Resource, Internal, Containerization
New: Infinite Resource, Internal and External, Collaboration

Collaborative Decision Making
Collaborative Decision Management
From Command and Control to Ideation and Decision Making Ecosystems:
– Brainstorming / Storyboarding
– Criticism forbidden
Beyond quantity of ideas, nothing discourage
– Objective is alternative ideas for further analysis
– Voting on ideas
Ranking ideas
– Throwing some ideas off the island

Dicisionally
From Command and Control to Interactive Group Decisioning
Nominal Group Technique
– Personality Tree
– Not Verbal
– Ideas documented, circulated, discussed non judgmentally
– Then eventual ranking
Delphi Method
– Asynchronous
– Iterative questions and answers
– Convergence towards actionable insights
Combinations of the Above

From Command and Control to Sense and Respond
From Meeting Domination to approaches like Delphi
From Decisions as Events to Decisions as Reusable Assets
From Knowledge Management to Social Knowledge

 

 

Security in the News – Week of January 13

Information Security

Business Day Live

South Africa Neglects Alarming Effect of Cybercrime

January 14

Cyber-attacks are growing risk to business in South Africa, but neither government nor business are doing enough to combat it.

 

CNN

Starbucks App Leaves Passwords Vulnerable

January 15

App allows customers to purchase from smartphones, saves usernames, passwords, other personal information in plain text.

 

Computerworld

Target’s Point-of-Sale Terminals Were Infected with Malware

January 13

Attackers used malware to steal credit and debit card data from PoS systems.

 

Target Hackers Have More Data to Sell as Demand Wanes

January 14

Those who stole data appear to be keeping low profile on underground forums.

 

Target to Invest $5M in Cyber Security Ed Program

January 14

Launch of plan to educate public on dangers of scams follows major theft of Target customer data.

 

Kaspersky Lab: Beware of Neverquest Trojan Banker
January 14

Recorded attempts to infect computers used for online banking with malicious program creators claim can attack any bank, any country.

 

Hackers Exploit SCADA Holes to Take Full Control of Critical Infrastructure

January 15

Review of reports on hacking critical infrastructure, from dish satellite systems to taking full control of industrial control systems.

 

Spammers Target Snapchat, Bitly, Kik Messenger

January 16

Companies working with Symantec to clean up malicious links, result of API keys left visible on web.

 

Help Net Security

Top Security Concerns for 2014

January 14

AhnLab, immersed in the cyber trenches and the cloud, announced top security concerns for 2014.

 

Understanding Mobile Security Pressure Points and Vulnerabilities

January 14

41 percent of government employees who used assessment tool are putting themselves, agencies at risk with existing mobile habits.

 

Amazon and GoDaddy are Biggest Malware Hosters

January 15

US leading malware hosting nation, 44 percent of malware hosted domestically.

 

Security Concerns Still holding Back Cloud Adoption

January 15

With significant differences in public cloud infrastructure concerns between cloud-wise, cloud-wary, organizations not using cloud services have no near-term plans.

 

Krebs on Security

First Look at Target Intrusion, Malware

January 15

Target disclosed malicious software infected point-of-sale systems at checkout counters.

 

Closer Look at Target Malware, Part II

January 16

Previous story prompted flood of analysis and reporting from antivirus and security vendors about related malware.

 

PC Magazine

Syrian Hackers Hijack Saudi Sites, Target Microsoft Again

January 15

SEA seized control of Saudi Arabian govn. websites, tweeting names, links of 16 Saudi domains as they infiltrated each one.

 

The Register

Banking Apps – Insecure and Badly Written

January 13

Security researchers IO Active are warning that many smartphone banking apps are leaky and need to be fixed.

 

We Live Security

Less Than Half of Consumers Take Steps to Stay Safe Online

January 13

Survey conducted by British gov. found less than half took basic steps online, part of new cyber campaign.

 

Luxury Store Neiman Marcus Admits to Cyber-Intrusion, Theft from Customer Cards

January 13

Thieves accessed systems, made unauthorized charges on customers’ credit cards over holiday period.

 

Major Cyber-Attacks Can be Predicted Using Computer Model

January 14

Major international cyber-attacks follow pattern can be predicted by mathematical model, researchers claim.

 

Tips for Defending Accounts Against Card Fraud

January 14

If you used credit, debit card in store last three months, check accounts for fraudulent charges.

 

Borrowing Tricks from Cybercriminals Scare Web Users Into Safe Browsing

January 15

Direct threats against users are more effective, such as vague warnings about systems or impact on others.

 

Security and Crisis Management

CBS News

Deaths in Shootout During Pre-Olympics Security Sweep in Russia

January 15

Russian security forces and gunmen were killed in shootout during a sweep for militants before the Sochi Winter Olympics.

 

Channel News Asia

24 Wounded in Philippine School Blast

January 13

Suspected improvised bomb attack at university campus in Philippines left 24 student and teachers people wounded.

 

News 24

31 Killed in Tribal Clashes in Southern Libya

January 13

Days of fighting between tribes in S. Libya kill 31, gunmen assassinated country’s deputy minister of electricity in separate attack.

Security in the News – Week of January 6

Information Security

BetaNews

Malware Introduced by Employees Major Concern for Business

January 9

Study finds malware security concern for businesses, finds employees were main reason when it comes to introducing malware to enterprise systems.

 

Computerworld

Target Breach Unleashes Fresh Scams

January 6

Scammers are nothing if not innovative, goes to show best defense is an educated workforce.

 

Help Net Security

Growing Hacking Threat to Ecommerce Websites

January 6

How websites get hacked, how to prevent it and what to do in a website compromise.

 

Unauthorized Activity on Your Amazon Account Phishing Email Doing Rounds

January 6

Spam campaign that aims for login credentials claims unauthorized activity on recipient’s Amazon account.

 

Deadly New Ransomware To Be Released?

January 7

As disruptive as Cryptolocker is, there’s a possibility that a deadlier type of ransomware will soon target unsuspecting users.

 

Senior Managers Worst Information Security Offenders

January 8

As companies look for solutions to protect integrity of networks, data centers and computer systems, unexpected threat is lurking under surface, senior management.

 

Top Priorities for Organizations to Counter Digital Criminality

January 8

Highlights biggest issue to hit organizations in 2014 will be rise of digital criminality as fraud becomes increasingly cyber enabled.

 

What Healthcare Security and Privacy Pros Wish For

January 9

2013 proved to be a dizzying year for healthcare compliance, privacy, and information security.

 

Krebs on Security

Target: Names, Emails, Phone Numbers on Up To 70 Million Customers Stolen

January 10

Target’s ongoing forensic investigation also determined guest information, separate from payment card data, was taken during breach.

 

Naked Security

Follow Up Phish Targets Possible Victims of JP Morgan Chase Card Breach

January 8

How cybercriminals use real security disasters to cause follow-up disasters of their own.

 

Network World

Talk of Cyberwarfare Meaningless to Many Companies

January 7

While government leaders often use attention-grabbing buzzwords, such expressions do not have much impact on security budgets within private industries.

 

Worst Data Breach Incidents of 2013

January 8

Businesses and government agencies lost most personal, financial records due to hackers or security mishaps.

 

Seven Best Habits of Effective Security Pros

January 8

IS professionals need to learn more swiftly, communicate more effectively, know more about business, and match capabilities of an ever-improving set of adversaries.

 

State of Security

Security and Risk Management in Healthcare

January 6

Study reveals industries lag behind other sectors in implementation of critical security controls.

 

Skipfish Scanner Used in Financial Sector Attacks

January 8

Cloud platform provider reports discovery of ongoing attacks targeting  financial sector in which systems are being scanned for vulnerabilities with security reconnaissance tool.

 

Remote Network Satellite Links Vulnerable to Attacks

January 8

Researchers have warned that terminals that allow Internet access for remote networks by sending data to satellites may be a “soft target” for attackers.

 

ThreatPost

PrisonLocker Ransomware Emerges From Criminal Forums

January 6

Researchers uncovered new ransomware, malware author, legitimate security researcher or posing as one via a personal blog and Twitter handle.

 

We Live Security

2013: A View to a Scam

January 6

Plenty of scams effective to rate a warning or three, in the hope of alerting potential victims to the kind of gambit they use.

 

Security and Crisis Management

BBC News Africa

DR Congo’s Lubumbashi Hit by Fighting

January 7

26 killed in 8 hour battle between government, rebel forces in DRC city Lubumbashi.

 

Nigeria Gunmen Kill 30 in Plateau State Raid

January 7

Gunmen stormed village in Nigeria’s central Plateau state, leaving 30 people dead.

 

BBC News Europe

Russia Security Swoop after Bodies Found in Stavropol

January 9

Russian security forces deployed in anti-terror operation 186 miles east of Sochi, venue for Winter Olympics.

 

News 24

Mozambique Clash Leaves at Least 2 Dead

January 8

At least two gunmen linked to main opposition party killed in exchange of fire with government forces in town of Pembe.

Security in the News – Week of December 23

Information Security

Computerworld

Target Hackers Try New Ways to Use Stolen Card Data

December 23

For the first time, hackers market stolen data with info on location of store where card was used; experts say new strategy will slow detection.

 

Help Net Security

Breaking Backlog of Digital Forensic Evidence

December 23

Time for change in the way law enforcement works with digital forensic evidence.

 

How Consumer Attitudes Changed Towards Data Security

December 24

With moves in digital world, a traceable footprint is created, which organizations can use to analyze, predict and act upon.

 

State of Security

Target: The Desolation of Fraud

December 24

Security teams are feeling more overwhelmed by challenges of modern, organized cyber-crime.

 

Security and Crisis Management

BBC News Africa

Kenya and Ethiopia Leaders in Juba for Talks

December 26

Leaders of two of South Sudan’s neighbors, Kenya and Ethiopia, have held constructive talks in a bid to halt fighting.

 

BBC News Asia

Bangladesh Deploys Army Ahead of January Elections

December 25

Tens of thousands of troops are being deployed across Bangladesh to try to prevent potential political violence ahead of next month’s elections.

 

Thailand Protests: Yingluck Government Rejects Election Delay

December 26

Thailand’s government rejected calls to delay February’s election, amid increasingly violent protests in which a policeman was shot dead.

 

BBC News Europe

Defiant Turkish PM in Major Reshuffle

December 25

Turkish PM announced major cabinet reshuffle after three ministerial resignations over a corruption inquiry.

Channel News Asia

Thai Army Chief Refuses to Rule Out Coup

December 27

With tensions running high in Bangkok after violent clashes between police, opposition protesters, army chief refused to rule out a coup, saying anything can happen.

 

The Cambodian Daily

Factories Advised to Close as Wage Strikes Swell

December 27

Cambodia’s garment manufacturers were advised to temporarily shut operations as tens of thousands of workers at hundreds of factories joined nationwide strikes over wages.

Security in the News – Week of December 16

Information Security

All Things D

People More Freaked Out by Hacking Than Tracking

December 20

Respondents to recent survey said hacking is a bigger concern than tracking.

 

CNN Money

Target: 40 Million Credit Cards Compromised

December 19

Breach of credit, debit card data may have affected 40 million shoppers who went to the store in three weeks after Thanksgiving.

 

Computerworld

Most iPhone Users Enable Activation Lock

December 18

Survey by San Francisco DA finds that there’s room for improvement in Apple implementation.

 

FBI Launches New Biometric Systems to Nail Criminals

December 19

Palm prints, iris images and mug shots join fingerprints in the FBI’s database, helping to identify the bad guys.

 

Help Net Security

Resurgence of Malware Signed with Stolen Certificates

December 16

Since 2009, variants of the Winwebsec rogue AV family have tricked users into believing computer is infected, paying for registering software to rid of non-existent threat.

 

Gamers Attacked 11.7 Million Times in 2013

December 16

Kaspersky Lab discovered PC gamers across Europe were hit by a massive number of attacks in 2013.

 

How Human Behavior Affects Malware and Defense Measures

December 17

Even the most security-conscious users are open to attack through unknown vulnerabilities, and best security mechanisms can be circumvented as a result of poor user choices

 

Top Eight Security Insights for 2014

December 18

BeyondTrust’s Advanced Research identified the top 8 pain points and big deals in security in 2014.

 

India Set to Escalate Internet Surveillance

December 18

Indian government to launch surveillance system capable of analyzing online communication in real-time, detecting words that indicate terrorist, criminal activity.

 

Teaching Children Information Security Skills

December 18

(ISC)2 Foundation discusses biggest online threats to kids and provides tips on how to teach children to stay safe online.

 

What’s the Greatest Security Risk?

December 18

Study by the Ponemon Institute.

 

Krebs on Security

The Case for a Compulsory Bug Bounty

December 17

Study presents economic case yet for compelling companies to pay for information about security vulnerabilities in products.

 

Network World

Phishing Messages Fall in 2013 Despite Better Targeting

December 18

Criminals are sending fewer phishing emails than year ago, but more skilfully targeted, says security firm Websense.

 

Proof Point

Attackers Making Malware Delivery More Secure

December 19

Attackers directly send SSL-protected URLs in targeted phishing emails that link to their malware which is almost always packed inside a zip file.

 

State of Security

Cloud Computing Adoption by Federal Agencies Increases 400%

December 19

Cloud security technology trends in federal government finds despite security concerns cited as roadblocks to cloud adoption, agencies rapidly expanding tadoption of cloud infrastructure.

 

We Live Security

NSA Saves World from Plot to Remotely Destroy PCs

December 16

International plot which would turn PCs into bricks by remotely triggering deeply buried malware foiled by NSA.

 

Biometric Smart ID Card Could Offer Ultimate in Portable Security

December 17

New smart ID card to eliminate hacking, identity theft using voiceprints, fingerprints, iris readings and connecting to mobile devices via Bluetooth.

 

Holiday Shoppers Turning to Mobile to Bag Bargains, Ignoring Security Risk

December 19

40 believe convenience of shopping via mobile outweighed the risk.

 

Security and Crisis Management

No SCM news this week.

Security in the News – Week of December 9

Information Security

Computerworld

300 Victims Report Fake Support Calls to Security Org

December 10

Internet Storm Center collects info on scam for research.

 

Banks Shouldn’t Rely on Mobile SMS Passcodes

December 11

As mobile banking grows, malicious Android applications are increasingly intercepting one-time passcodes.

 

NASDAQ, Other Global Exchanges to Collaborate on Cybersecurity

December 12

World Federation of Exchanges creates working group to address cyberthreats against capital markets.

 

FireEye

Letting The Wrong Ones In: Email Security’s Big Blind Spot

December 13

Security professionals seem confident that email security gateways and SaaS providers can safeguard them from spear-phishing attacks.

 

Help Net Security

Popular Holiday-Themed Phishing Attacks

December 10

Holidays are busy, especially for hackers. Phishing is most effective when it exploits human emotions—fear, greed, anxiousness, curiosity, compassion, getting a good deal.

 

Inadequate Electronic Disposal Protocols Can Lead to Security Leaks

December 10

IT departments’ decisions could inadvertently put orgs at risk of IS breach if they don’t have sufficient protocols for disposal of old electronic devices.

 

Visualizing Year’s Top Cyber Attacks

December 10

Red October, Kelihos, Syrian Electronic Army DNS Hijack, Syria Internet shutdown and Cryptolocker topped list of malicious events.

 

SC Magazine

Top Breaches in 2013

December 10

Sideshow.

 

CISOs of Global Firms Offer Insight on Effective Security Programs

December 10

CISOs, security execs at well-known companies provided recommendations to help enhance organizations’ security programs.

 

Security Affairs

ENISA Threat Landscape 2013 Report, Rise of Cyber Threats

December 12

ENISA Threat Landscape 2013, collection of information on top cyber-threats that have been assessed in reporting period.

 

State of Security

Chinese Hackers Targeted Europeans Before G20 Summit

December 10

Chinese hackers gained access to European ministries, with attackers sending malware-laden emails designed to infect target’s computers and eavesdrop on communications.

 

ThreatPost

Tech Giants Unite in Call for Surveillance Reform

December 9

Technology companies coalition calling for reform of surveillance practices, undermining trust in respective services, and nternet as a medium for communication and commerce.

 

Facebook Phishing Campaign Employing Malicious Tumblr Pages

December 11

New round of Facebook-related spam using fake messages about recent crimes involving recipients’ friends as a lure to direct them to Tumblr pages serving exploits.

 

64-Bit Version of Zeus Banking Trojan In The Wild

November 11

Researchers spotted new version of malware that uses Web injects to steal banking credentials to drain online accounts, steal digital certificates and log keystrokes.

 

We Live Security

Microsoft Uses Telepathy To Warn Users Off Weak Passwords

December 9

Telepathy, comes from computing, illustrates which passwords are easy for a computer to guess the next letter as you type in a password.

 

Guide to APTs – and Why Most of US Have Little to Fear from These Cyberweapons

December 9

If you work for a government or large institution I’m pretty sure you are being targeted by an APT right now.

 

New Hesperbot Targets: Germany and Australia

December 10

November has been eventful, update on situation and malware developments.

 

2014 Security and Privacy Predictions

December 10

Trends in security and privacy ESET researchers are predicting for 2014.

 

Security and Crisis Management

Reuters

Suicide Bomber Attacks German Troops Near Airport in Afghan Capital

December 11

Suicide bomber attacked a convoy of German troops near international airport in Kabul, but there were no immediate reports of casualties.

 

News 24

Kenya Police Shot Near Somali Border

December 10

Gunmen killed five Kenyan policemen and wounded two in an ambush in troubled northeast border region close to war-torn Somalia.

 

Washington Post

Argentine Looting: 10 Dead, $90 million Lost

December 11

Argentina’s Cabinet chief is declaring end to police strikes and scattered looting, but violence continues in streets abandoned by officers demanding higher pay.

The Meaning of Life

The meaning of life… is to make life meaningful… of course.

This section of the blog will concentrate on the journey of my life, what I’ve learned and continue to learn along the way, while sharing insight that I hope you’ll find valuable.

Much more to come…

4 New Ways to Think About Our Jobs

Below is a summary of the way we should be thinking about our jobs today versus the way it might have been 20 or 30 years ago:
1) “Average” is officially over…everyone has to find their (personal) way to create value
2) We grew up in a high wage/medium skill world…now it is only a high wage/high skill world
3) We must keep reinventing our jobs to keep them:
• Think like an immigrant (be a paranoid optimist)
• Think like an artisan (your job is a personal work, “your initials in it”)
• If you think you are “finished”…you may be
• PQ+CQ>IQ (‘passion quotient’ plus ‘curiosity quotient’ is more important than ‘intellectual quotient’)
4) The world of “defined benefits” is over…only defined contributions count