Speed and Inclusion

Let’s talk about speed…the need to have timeframes, deadlines and target dates that are determined by markets, competitors and customers.  Not by internal processes and “when we feel like it.”  Also, the importance of inclusiveness, team play, and our leaders’ responsibility to get people on the same “page.”  Is there a conflict between “speed” and “inclusion”?  Is taking time to collaborate at odds with moving quickly?  I don’t think so.

In our ultra-competitive world, being late greatly increases our chance of losing, and being early helps us win…at this level it is a pretty easy choice.  Inclusiveness is important too, because most of our work is complicated, and can only be executed well if many people understand exactly what they need to do, and then do it.  Taking an extra step to get everyone on the same page can make everything else go faster, improving both our ability to be on time, execute well, and win.

Striking a balance here requires a few things, but mainly judgment.  Leaders have to assess who and how many to “include” and how much time should be allotted for “inclusion.”  People have to participate (or be included) when and where they are asked, not when they feel like it.  If you can’t make the meeting or conference call, find another way to communicate your views without slowing the process down.

Everyone has to recognize that inputs have to be collected, expectations have to be communicated, and decisions have to be made based on external deadlines and commitments.  If you don’t know what the timeframe or deadline is for doing something, ask.  If you

know what it is, adjust your schedule to accommodate it or make other arrangements so the process can move forward.

Customers set the pace, and there is only one time zone that counts – the one they (not the rest of us) are in.  If all else fails, just remember that fast companies that deliver on their commitments win more than slow companies that don’t…



Marc Andreessen, co-founder of Netscape and venture capital firm, Andeessen Horowitz gives us insight to youthful visionary leaders and innovators in his new book Zoom.  Highlights from the Foreword are mentioned here.

Don’t look to the past to dictate the future.  That is a key trait for anyone transforming business today.  Building a business is crazy hard.  Things always go horribly wrong.  And most companies fail.  Only a very few win big.  In venture capital, for instance, just 10 to 15 companies funded a year are responsible for 97% of the returns.  We glorify the ones that create new products and industries, but startups are really more like sausage factories.  People love eating sausage, but no one wants to watch the sausage get made.  Even the most glorious startups suffer crisis after crisis after crisis.

Companies that succeed  do so because of someone at the helm with an irrepressible vision – a leader (or leaders) with principles, courage, and maniacal drive.

That’s imperative.  Without that kind of conviction and commitment, innovative businesses would never survive long enough to make their mark.  The visionaries fostering a new future are constantly questioned by the many who prefer to live in the status quo.  That’s why throughout history the greatest innovations were never widely understood at the time they were introduced.

We are in a world or rapidly accelerating technological change.  Mobile is under-hyped.  Social is underestimated.  The enterprise is being reinvented.  The world is being transformed.  But the nature of innovation is that it’s hard to predict.

It would have been impossible for Facebook to exist 15 years ago.  We therefore cannot prejudge anything; the best way to move the world ahead is only to trust the process of innovation – and to feed it.

The most significant value of any company is not its current products or services, but its legacy as an innovation factory for years to come.  Encouraging the overall spirit of questioning, inventing, and doing good – more than emulating the details – is what will lead to the creation of miraculous things we haven’t though of yet, and it is what will make the future a marvelous place.

Get In Over Your Head

Almost everyone in business has to make an uncertain move at some point – a step that seems high-risk, but potentially high-reward.  Then there are those who make a career out of such leaps of faith.  Risk is scary and uncertain, but it’s also where inspiration can come to you, and it’s where, if your skill matches your ambition, you can succeed.  Outside your comfort zone, you’ll question what you find and think of fresh ways to approach the status quo.  Several modern leaders have made it a habit to get into ventures that seem overwhelmingly challenging.  Their example is emboldening.  Pursue your wildest-dream ideas, and you might find that it pays off a lot more than playing it safe.


Security in the News – Week of October 14

Information Security


Brazil to Fortify Government Email Due to NSA Revelations

October 14

Federal Data Processing Service has been tasked with making a secure email system for federal government.


Hackers Attack PR Newswire, Get User Data

October 17

Stolen data includes account customer credentials and contact information.


Dark Reading

The Long Shadow Of Saudi Aramco

October 14

New threats, realities of targeted attacks forcing oil and gas companies to rethink and drill down on security.


Help Net Security

Researchers Crack Vessel Tracking System

October 16

Automated Identification Systems (AIS) can be easily hacked in order to do some real damage.


DDoS Attack Size Accelerating Rapidly

October 17

Global  attack trends show DDoS continues to be a global threat, with alarming increases in attack size this year.



Hackers use Botnet to Scrape Google for Vulnerable Sites

October 15

Hackers using botnet to scour Google for websites that use vulnerable installations of the vBulletin forum software.



Google-Backed File-Sharing Service Spreads Chinese Malware

October 14

Xunlei has hundreds of millions of users in China. And, it was recently found to be distributing a signed malware known as KanKan.


Hackers Target Mandiant CEO Via Limo Service

October 15

CEO famously highlighted Chinese cyber-espionage efforts earlier may be feeling effect of retaliation.


PC Magazine

Indonesia Tops China as Cyber Attack Capital

October 16

Indonesia accounting for 38 percent of attacks, China with 33 percent and U.S. with 6.9 percent.


State of Security

Gartner: Configuration Hardening Required for Security and Compliance

October 14

Security config management is an effective security control to implement, and foundational to many regulatory standards and security frameworks.


More Than One-in-Three Breaches Due to Insiders

October 15

Forrester report indicates more than one-third of reported data breaches involved insider, whether maliciously or errant data handling.


Social Engineering Key to Metasploit DNS Hijacking Attack

October 16

Key mechanism for attack against Metasploit and Rapid7 is believed to be social engineering of an employee at Registrar.com by a pro-Palestine hacker group called KDMS.


We Live Security

Five New Tricks used by Cybercriminals

October 15

Latest traps laid by cybercriminals.



Researchers Uncover Holes That Open Power Stations to Hacking

October 16

Vulnerabilities discovered in products used in critical infrastructure systems to allow attackers to crash or hijack the servers controlling electric substations and water systems.


Security and Crisis Management


Syrian Intelligence Chief Killed in Deir al-Zour

October 18

State television reported that Gen Jamaa died while “carrying out his national duties” and “pursuing terrorists” in Deir al-Zour.


International New York Times

Myanmar: More Mysterious Explosions

October 17

Three small bombs went off in eastern Myanmar, killing one and wounding six, the latest in a series of unexplained explosions.


Radio Free Europe

IED Explodes Near Caucasus Mosque, Human Remains Found

October 18

Police in Russian Republic of Kabardino-Balkaria are investigating deadly blast near village mosque that appears to have been a bomb that exploded prematurely.



Pirate Attacks by Heavily Armed Gangs Surge off Nigerian Coast

October 17

Pirate attacks off Nigeria’s coast have jumped by a third this year with ships passing through West Africa’s Gulf of Guinea, a major commodities hub.


The Washington Post

Indonesian Police Kill Suspected Militant, Arrest 2 in Anti-Terror Raid

October 17

Indonesia’s elite anti-terrorism squad shot and killed one suspect and arrested two others, seizing weapons and fertilizer allegedly for bomb making from group suspected of planning terrorist attacks.

Are you a Multiplier or Diminisher?

Good information on Liz Wiseman’s book The Multiplier Effect. She provides great insight into how best to manage people.

What is a Multiplier? A person that uses their intelligence, skills, etc. to amplify the intelligence of people around them which in turn makes team members provide their best work. The opposite is a Diminisher. Multipliers create pressure while Diminishers create stress. What is the difference between pressure and stress?

  • Example: William Tell had to shoot an apple off his sons head to save his life.
    • William feels pressure – He is in control
    • Son feels stress – He is not in control
  • What do you do with the control you have as a leader?

Based on Liz and her team’s research of 150+ managers across multiple cultures, countries, continents, and industries, the follow statistics arose.

Diminshers only get 50% of people’s capability. They have the view that people won’t figure the problem out without their help. Diminishers are:

  • Empire builders, talent hoarders
  • Know it all, tell people what to do
  • Decision makers: decide then debate, big decisions made behind closed doors
  • Micromanagers

Multipliers get 90-100% of people’s capability. They have the view that people are smart and will figure out the problem on their own. Multipliers are:

  • Talent Magnet: attract and optimize talent
  • Liberator: create space for best thinking
  • Challenger: extend stretch challenges
  • Debate Maker: debate then decide (Don’t spend their time getting buy in, spend it debating, people then feel apart of the decision)
  • Investor: instill ownership & accountability (Boss just gives you 51% of vote, boss backs you up, you have all the accountability)

Sometimes we can be a Diminisher and not realize it. Liz calls this the Accidental Diminisher. What is an Accidental Diminisher? The good manager who wants to be good leader but is having a diminishing impact. Usually the greatest diminishing impact will occur while holding greatest intentions. Below are 6 ways we can beAccidental Diminishers and how to mitigate these situations.

Idea guy:

  • Thinks: “My ideas spark creativity in others!” In reality, it shuts out other people’s ideas.
  • Mitigate: Ask only questions to get ideas from others. Liz gave the example of putting her kids to bed. It was always a struggle of her giving orders. Instead she only asked questions (What time is it? What comes first? Who needs help with PJs? Who will brush their teeth first?) and it worked! The kids had ideas and knew what to do.


  • Thinks:” My energy is contagious!” In reality, people are just waiting for him/her to be quiet or just avoid/tune out the person. People feel like they take all the space and shut down other people.
  • Mitigate: Play your chips. Dispense opinions in small doses. Like 5 chips in a meeting.


  • Thinks: “I must ensure people are successful!” In reality, too much help can hurt. Employees can then rely too much or get frustrated with all the help.
  • Mitigate: Give it back. Help the person but make sure to give them the control/baton back.

Pace setter:

  • Thinks: “If I set the standard, others will follow!” In reality, what happens when the leader gets a car length ahead? People slow down, not speed up.
  • Mitigate: Supersize a role, 1 size bigger. (Example: toddlers shoes, you buy them 1 size bigger)

Rapid Responder:

  • Thinks: “My fast decisions will keep us moving quickly” In reality, employees may feel they have to respond just as quickly which may not be realistic for them.
  • Mitigate: Make a debate/conversation, stop on the vital issues don’t just breeze by them.


  • Thinks: “With the right attitude we can do this!” In reality, sometimes it is an unrealistic expectation and makes employees feel undervalued. (Example: Manager – “How hard can it be?” Employee – “Well, actually it really is hard.”)
  • Mitigate: Create mistake space, risk and iterate space. Encourage people when they have completed the challenging problem.

Are people smart around you? What does your intelligence do to those around you? Make a simple shift. We know how to lead like multipliers, but we sit comfortably in our ways. If we shift our weight who else will?

Where do you think you fall on the spectrum? Take the Multiplier Effect Quiz!


Security in the News – Week of October 7

Information Security


The Practicality of the Cyber Kill Chain Approach to Security

October 7

Cyber Kill Chain approach, and whether it might be a good fit for your organization.


Chinese Hackers Miss Google Network, But Checks Go On

October 7

Google exec says US government networks are in danger because no one is there during the shutdown to stop hackers.


New NIST Cybersecurity Standards Could Pose Liability Risks


Once passed, standard will become benchmark to measure critical infrastructure security programs.



Maker of Black Hole Exploit Kit Arrested in Russia

October 8

Researchers claim person behind one of the greatest scourges of Internet had been arrest, details remain vague with no official word from authorities in Russia.


Krebs on Security

Bulletproof Hoster Santrex Calls It Quits

October 9

Web hosting provider courted cybercrime forums and created haven for nest of malicious sites, is shutting its doors citing internal network issues and recent downtime.


Network World

The Autonomous Hackable Car

October 9

It is time to start thinking of your car as another mobile device.


Toll of Enterprise Cybercrime: $11.8 Million Per Year; 122 Attacks Per Week

October 8

Ponemon Institute survived 60 large companies and found the toll of cybercrime is growing.


SC Magazine

Gameover Trojan Hides Activity in Encrypted SSL Connections to Defraud Victims

October 7

Saboteurs spreading the Gameover banking trojan are hosting Zeus variant on number of infected sites and using encrypted SSL connection to remain undetected.


Alleged Anonymous Members Indicted Led Unassuming Lives

October 9

Dozen men belonging to Anonymous and indicted on charges of launching DDoS against major sites are proving hacker stereotypes are the farthest thing from truth.


Nearly 50k Patient Credit Cards Compromised by Insider

October 9

46K patients of Scottsdale Dermatology may have had personal information compromised, one suspect an employee of the medical practice’s billing firm.


Facebook Phishing Attack Preys on Users Desiring to Know Profile Viewers

October 10

Want to know who is visiting your Facebook page?


Security Affairs

2013 Norton Report, the Impact of Cybercrime According Symantec

October 9

Annual research study which examines the consumers’ online behaviors, the dangers and financial cost of cybercrime.



Enterprises are Failing to Mitigate Insider Threats

October 8

Report on mitigation efforts within enterprise reveals majority of organizations are failing to take necessary steps to counter potential losses due to insider threats.


USA Today

Google Chrome’s Cache Exposes Personal Data

October 10

Major security flaw in Google’s popular Chrome browser was exposed by data management firm Identity Finder.


We Live Security

Banks to Face Biggest Cyber War Game Ever in UK

October 8

Cyber war game will test Britain’s financial system to its limits in a virtual attack to test defenses of banks, markets and payments systems against a simulated attacks.


EU Cyber Agency Warns of Outdated Systems in Power Plants

October 9

Cyber-attacks against Industrial Control Systems pose risk to power plants and other critical infrastructure, and action is needed to ensure nations stay safe.


Security and Crisis Management

Al Arabiya

Car Bomb Set off Near Swedish Consulate in Libya’s Benghazi

October 11

Car bomb explodes outside Swedish consulate in Benghazi, damaging front of building and nearby houses.



France Says its Forces Kill 10 Islamist Militants in Mali

October 10

French Special Forces killed 10 militants in northern Mali this month, as simmering violence threatens security at November elections and will delay French troop withdrawal.

Using The Kano Model To Augment Product Development Strategy

This beautifully simple model, distinguish between basic and differentiating features was developed by Noriaka Kano in the 1970s and 1980s while studying quality control and customer satisfaction. It challenges the conventional belief that improving every aspect of your product or service leads to increased customer satisfaction, asserting that improving certain aspects only serves to maintain basic expectations, whereas improving other aspects can delight customers with less effort.

The Kano model is a simple two-axis grid, comparing product investment with customer satisfaction. The power of the Kano model comes in mapping your different features against this simple grid.



Basic Features
Basic features that a user expects to be there and work will never score highly on satisfaction, but can take inordinate amounts of effort to build and maintain.

A great analogy is the hot water in a hotel. Modern hotels spend a fortune ensuring that every room has hot water instantly available, night and day. The boiler in the basement is going all night and day and there are recirculating heat pumps on every floor to circulate water throughout the pipes to keep it hot. Now, no customer is going to rave on Twitter or TripAdvisor about how good the hot water in their hotel was, but if it wasn’t there, or it wasn’t hot enough, or took too long to get hot, you bet there would be a complaint, and a loud one.

No matter how much effort you put into this feature you will only ever be able to meet basic expectations. Investment in this area is all about downside protection. This doesn’t make them any less important, but it becomes crucial to understand at what point you’ve met the users’ expectations and to stop there. Any further development is a wasted effort.

One challenge with basic expectations is that a user will never tell you about them. If you sat someone down and asked them to design their perfect hotel they’d probably talk about comfortable beds, a nice TV, maybe the view, etc. They would never think to mention that they’d expect to be able to have a hot shower at 3am. You have to observe and research to find these basic expectations.


Delightful Features
At the opposite end of the spectrum are features that delight the user. These score very highly on satisfaction and in many cases may not take as much investment. Small incremental improvements here have an outsized impact on customer satisfaction.

Returning to the hotel example, you can see a lot of features that were developed to delight the customer – from the concierge to a complimentary glass of wine on arrival to the Doubletree Hilton chain that has made giving every customer a freshly baked chocolate chip cookie on check-in a central part of their experience. They bake and give out more than 60,000 cookies per day. Checking in can be a delight when you get a freshly baked cookie to go with the paperwork.

The beauty is that these features can deliver so much more user satisfaction per unit of investment than basic features. That cookie probably costs pennies compared to the hundreds of thousands of dollars spent to build and maintain the hot water system in the hotel.

Migration From Delight To Expectation
One of the most challenging aspects of the Kano model is that it predicts that all features will migrate from delightful to basic expectations. Once a user has come to expect that delightful feature – whether because you’ve had it for a while or because all their other products have it – the feature has become something they expect. The absence of that feature would now be a frustration, and you need to discover new delightful features.

By giving everyone a cookie every time they check in, and making it part of their brand promise and advertising, the cookies stop being special. Pretty soon their guests just expect the cookie and cease to be surprised or delighted by it. Again, they’d probably be pretty cross if they didn’t get it though.

Lessons For Product Managers

  1. Define your users’ needs in light of the Kano model. What are the basic expectations that they simply expect to be there and where would the absence of these features lead to frustration?
  2. Map your products and features against the Kano model. Which features are meeting basic expectations? Only invest in developing or maintaining those to the extent that you need to satisfy the customer. Which features are your delighters? Focus your efforts here and make sure you’re constantly developing new ones.
  3. Monitor your customer satisfaction and competition to ensure that features you think delight users haven’t slid into basic expectations and no longer help your customer satisfaction.
  4. Find and focus on sustainable delighters that truly differentiate your product and continue to deliver customer satisfaction over time.

Keep in mind, Kano analysis without an overarching product strategy can lead to a fractured, incoherent product. A product should stand for a single idea that differentiates it from other products in the competitive landscape of the mind of the prospect. It’s important to evaluate features not just in terms of their potential to satisfy or delight, but in terms of supporting and strengthening a larger value proposition.