I have not done a philosophical security blog post for a long time ? and now I was suddenly inspired to write one while installing ? rather, replacing with an HD version – security cameras at my house.
Given the house we have, I can imagine a physical security setup where every possible entrance (including second floor windows) and every camera is in the view of at least one security camera. That will take between 12 and 16 cameras. Coupling this with tamper-proof camera enclosures and protected cables, as well as smartly placed indoor cameras and a couple of hidden devices, one can ? waste a lot of money.
Am I doing this? No, I don?t! I just want coverage of common ingress points [into the house] and a degree of assurance that a casual “attacker” (i.e. burglar) will be caught on camera at least once and the images would then be available to the police.
My focus here is a commodity attack, not a targeted one. Making a regular house resistant to dedicated burglar is an impossible affair, and the law of diminishing returns kicks hard ? and early (I also have a dog — and not just any dog …)
In any case, why all this? I hear that many organizations developed a sudden, vendor-marketing-infused interest to fight advanced and targeted attacks. But guess what? More than a few of said organizations actually aren?t that good at fighting basic, commodity attacks – and they are NOT improving.
So, it is a free country and it is [in most industries] legal to really suck at infosec / ?cyber.? However, I find it highly illogical and, in fact, wasteful, to attempt stopping or detecting an advanced attacker before you managed to succeed with a common one.
Along the same vein, I worry about people who are “concerned about targeted attacks” but lack any ability to tell that “yes, this attack IS in fact targeted” and , moreover, lack moderately effective defenses against opportunistic attacks in the first place.
So, yes, advanced attacks ARE real. Persistent threats ARE real. 0h-day-wielding state-sponsored superhackers ARE real. But, by god, why focus there if you can barely detect a more traditional intrusion, one that utilizes mid-1990s style tools, exploits and tactics!?
Focus on improving your security maturity ? not on randomly picking high-maturity tools (like NFT) and practices (like hunting) and then declaring success! Before you buy another ?anti-advanced-anything? box, THINK ? are you handling the basics well already and, if YES, what is the best direction for improvement from your current position?
Blog posts tagged ?philosophical?:
As cyber attacks and data breaches are surfacing on a daily basis, our clients are looking for ways to mitigate the risk associated with these events. One of the most popular methods being explored is the use of cyber insurance. But, just what is cyber insurance?
Gartner defines cyber insurance as protection against losses related to cyber-risks, such as data theft/loss, business interruption caused by a computer malfunction or virus, and fines or lost income because of system downtime, network intrusion and/or information security breaches.
As a result of many recent highly publicized losses related to cyber security risks, interest in cyber insurance continues to grow. In fact, our recent 2014 Global Risk Management Survey showed that half of the companies surveyed are currently exploring some form of cyber insurance.
For those companies who are currently considering the use of cyber insurance, we offer the following five tips to find the right policy and to maximize the value of the coverage obtained.
To learn more, read “Understanding When and How to Use Cyber Insurance Effectively” or see our latest research on cyber insurance at gartner.com.
There?s nothing particularly new in the insight that our functional orientations can breed inside-out?rather than outside-in?thinking. Sales, marketing, customer support. These functions exist, first and foremost, to support a separation of enterprise concerns, the roles and responsibilities designed to make an organization go. But sometimes they also create a sort of myopia.
The same holds true for channels, which are another artificial construct. Channels exist to align people and processes with key customer touch points, where these touch points often depend on certain specialized skills. But while these channels may serve the needs of the organization through the specialization of duties, they don?t always serve the needs of customers themselves.
When functions and channels show through, they reveal seams in your brand. Unseemly seams. Big, conspicuous ones, like those left by a welder when function matters over form. These seams are often the result of your organization getting in the way of execution. Customers notice and judge you harshly.
Last summer, I moved into a new old house. As these things often to go, I wrote what felt like a blank check to poor fortune, as I navigated a minefield of expenses, including the purchase of a new refrigerator. I ordered it online, begrudgingly accepting the terms of a three-week backorder.
Three days later, this well-known retailer asked me to review the experience. My thought: What experience? The value hadn?t been realized. I overlooked it as a common orchestration error until they reminded me again and again over the next three weeks.
These, my friends, are what I mean by seams.
But look around and you?ll see other seams. Pricing inconsistencies, inflexible fulfillment and return policies, employees who display indifference or even contempt for customers. These are seams.
They make you look pretty silly, particularly when others are getting it right.
This week?s snowstorm in the Northeast of the U.S. created major travel headaches for many of my Gartner colleagues. But it also served as something of a smoke test for modern customer experience. The verdict? Mostly pretty darn positive. Anecdotal evidence suggests that many airlines are generally getting it right. Rebooking happens auto-magically. Alerts are dispatched to customers? preferred channels. Bags are easily tracked on mobile apps. Function and channel operates in the service of the customer.
The highest performing companies recognize the unintended consequences of artificial boundaries. The know that customer experiences may be defined horizontally, but they?re executed vertically. They build the connective tissue between these vertical boundaries to hide the seams. They begin with a view toward serving an audience, making this objective the guiding principle of all of their efforts.
Your company will always have artificial boundaries that put pressure on the delivery of a seamless experience. It?s your responsibility is to recognize them?and then ensure your customers never do.
A unique and arguably the oldest company in the 3D printing space, Höganäs? ?Digital Metal? subsidiary does not sell its 3D printers, although the company is willing to discuss license arrangements. Rather Digital Metal is a 3D print service bureau that leverages the company?s proprietary ?precision inkjet? devices to print on demand.
Höganäs says it is the world?s largest producer of powdered metals for the metallurgical market. The Swedish company, with roots going back to 1797, began working with metal 3D printing in 2010 and acquired fcubic in 2012 to accelerate its 3D printing strategy.
Digital Metal has four machines in operation. Stainless steel is the only metal that can be printed at present while the development of another grade of stainless steel as well as printable copper, silver and titanium powders is underway.
?Precision inkjet? employs binder jetting technology in which metal powder is spread out and then printed with an adhesive. The parts undergo a separate sintering process once the build process is complete. The combination of inkjet technology and fine metal powder results in 35 micron resolution in every direction.
Sample of a Small Complex Shape
Courtesy of Digital Metal
As with other providers? equipment, Digital Metal?s printers do not require support materials. Instead the build box of printed and unprinted powder provides the necessary support. Importantly, the 150mm x 100mm x 60mm (approximately 6? x 4? x 2.4?) build volume also enables multiple items to be spread out horizontally and vertically, increasing the number printed at one time and effectively reducing the printing cost per piece.
As you would expect, customers used Digital Metal for prototyping new products including small, complex ones that cannot be made with traditional manufacturing techniques. Customers can then have finished items produced once the prototyping process is complete. Not surprisingly, items ranging from jewelry to medical devices to industrial products to aerospace components are being printed, and for a global customer base.
Parts Emerging from the Build Box
Courtesy of Digital Metal
I advise clients who are skeptical of the value and innovation that can be derived from 3D printing to ?try before you buy? ? test your ideas at a 3D print service bureau such as Digital Metal and other local, regional and global bureaus.
As you survey the market, keep in mind that inkjet technologies have tremendous upside potential across the spectrum of 2D and 3D printed items ranging from printed electronics to consumer goods to medical devices to bioprinting. Binder jetting printers from 3D Systems, ExOne, Microjet and VoxelJet certainly fall within this category, as will HP?s multi jet fusion technology when it goes on the market.
Exciting times, these!
Subscribe to my blog. Simply click on the RSS link above.
Yes, I apologize if I am adding yet another post to the mass of content about how sales needs to shift. But I hope you add this one to your “useful” pile and not your “I hope I never hear that again” pile.
After thinking about my post last week about respecting the buying process and the feedback I received, my mind started to go in some crazy directions. How can sellers respect the buying process, but still meet their objectives? Waiting for buyers to contact you, particularly if you work for a brand that is not well known, is a recipe for failure. At the same time, contacting at the wrong time doesn’t work either. What can you do.
I’d suggest yet another mind shift for sales is one part of the solution. For years, and I think to a large extent it still happens today, many in sales felt that they were gatekeepers. They sit in between the buyer and their organizations. They want everything to go through them. A buyer wants information, then sales wants to be the one to get it for you. You want to talk to someone technical, it’s “not so fast, let me make sure I can make that happen (and put a bunch of qualifiers on what I expect from you in order to make that connection).” Gatekeepers often “extract their fee” for the act of unlocking the gate to get to what you need.
It’s the wrong way to think and act today. It’s also a bit delusional.
First, and we’ve known this for a while, customers don’t need sales to help them with access to information. They can find it on their own. Furthermore, if they have started on this path and then engage with sales, and a gatekeeper type discussion ensues, it’s likely to become a dead-end–one of the memorable moments (not in a good way) where they buyer seeks never to interact with that seller again.
But it is not just information. It connecting to people. Let’s talk references. I’ll be exploring references in more detail in my next post, but one of the interesting facts that came out of a recent Gartner survey on buying was that “sales arranged references calls or visits” was the lowest ranked sales activity in terms of value from a buyer perspective. This was startling. The high tech sales world has always been driven by references. What is going on? We still need to dig deeper, but my hypothesis is that there are two factors at work:
How should sales be behaving?
I suggest they need to think and act like expediters. An expediters understands the client situation and goal and works to find the fastest way to achieve that goal. They don’t make money if they don’t help the client achieve the outcome. They don’t keep people out—they connect (and get out of the way—-other than under. To effectively expedite, sellers should:
And they have to do one very important thing for themselves. They need to use the understanding of the buyer situation to make sure it is worth their time. There is no reason to expedite efforts if there is no value to you, the seller in the end. Your level of effort should be commensurate with how close to that value for you the buyer is. Your time is valuable to.
But above all, don’t think that you have the ability to hold access to information and assets as a “chip” that you can play in return for getting the buyer to do something they may not want to do. That doesn’t work. They have other ways to get what they want. You don’t want to be viewed as a roadblock. You want to be the one that gets them in the fast lane.
Providing every existing or potential customer with one view of the retailer, where the customer sees no observable difference between experiences across the retailer’s channels, is pivotal for success within the consumerized retail environment. However, facilitating a consistent experience for millions of customers across thousands of retailer touchpoints is proving to be almost insurmountable for many larger retailers. One of the biggest opportunities is maintaining the high quality and security of customer data. In this recently published research entitled How to Achieve One View of the Retailer Through Behavioral Segmentation, Kelsie Welch and I describe the chain of custody that oversees and protects gathering, cleansing and maintaining customer data and the resulting application of segmentation. This chain of custody that tracks customer information from inception of a relationship through all physical or digital interactions is the lifeblood of visionary retailers.
We also delve into the complexities of behavior segmentation in an effort to cut through the hype and get down to what matters when trying to understand your customer’s personas, motivators and the resulting behavior segments essential for effective personalization strategies. Understanding behavioral segmentation requires retailers to move along the analytics maturity spectrum from descriptive and diagnostic to predictive and ultimately prescriptive analytics. Descriptive analytics includes the use of reporting and dashboards to track what has happened. Diagnostic analytics includes the use of exception reporting, data mining and other types of discovery to find current business opportunities and is reflective of most Tier 1 multichannel retailer’s capabilities.
Gartner January 2015
For example online grocery retailer FreshDirect uses prescriptive analytics across marketing, merchandising, supply chain and transportation to create an in-depth understanding of its customers and identify business opportunities. Using tools provided by SAS, it developed customer behavior patterns that allowed it to identify areas for expansion into the Philadelphia market. Becoming prescriptive, a state where retailers can actively determine future direction is even more challenging and requires an extensive period of predictive analytics to validate the behavioral segmentation cycle.
Log on to Gartner.com to read more
In talking to clients, we often guide them to ask for reference customers. This is particularly important for emerging technology such as SDN.
However, clients have asked for more detail around what specifically to ask these reference customers. In addition, as analysts we take a lot of reference calls, I probably do 25-50 p/year with early adopters of new technologies and have a pretty standard set of questions, to extract the key value and differentiation a vendor provides.
So here?s a base set of questions (side note for vendors ? these are the questions I am asking your reference customers, in all likelihood).
And some related research?
Four Key Questions to Ask Your Data Center Networking Vendor
Ask Your SDN Vendor Seven Key Questions Before You Buy
There has been a lot of interest over the last 12 months in products based on open source for monitoring and management. In the area of log analysis, Elasticsearch has been a player which has strengthened with the growing investments in the space. The awareness has been greatly increased in the past year. While the popular Kibana frontend to Elasticsearch has been the main GUI. These two projects are paired with Logstash for ingest, combined these make up the ELK stack. There is another great open source project to take a look at. The focus of this weeks write-up is on this alternative to ELK.
The company behind Graylog is Torch out of Hamburg Germany (https://www.torch.sh/) they do consulting around the product. The open source site is https://www.graylog2.org/ the project is an ElasticSearch based product, but unlike Kibana it also has additional features:
The supported data comes in the form of plugins which include syslog or GELF (Graylog Extended Log Format) or other plugins. GELF allows for several enhancement from typical syslog.
The nice thing is that you don’t need to do any extractions once the messages have been added via GELF. They have 72 such plugins including many GELF libraries (See: https://www.graylog2.org/supported-sources?perPage=100)
On the site you can sign up for a self-service trial of the software, I did this in early November, there has been another release since then. These screenshots may be a little out of date:
There can be multiple backend nodes connected to the frontend. There is some good management within the GUI of the connections. The main dashboard when you login shows you information about the cluster, components, and the status. There is a query box.
Some other administrative views. Many of the log management tools, especially in open source neglect the day to day maintenance and administration. Being a systems and operations person myself I always dig into the internals needed for day to day administration. Graylog has a lot of what’s been missing across open source ElasticSearch management tools. Some additional views:
They have a data generator in the demo so you’ll see there are plenty of events in the data store.
Here is a query for smtp in the last 30 minutes.
You can also see inside the queries being sent to ElasticSearch, here are the JSON objects being passed to the engine:
Value breakdowns of the results quickly
Graylog has the notion of stream as illustrated below
What these are is a way to pass realtime rules against the data coming into the Graylog server before they are committed to elasticsearch, this real time processing provides a differentiator to Kibana based systems
Some sample sinks of what you can do with a proper eventing system, such as alerting:
The requisite dashboarding for any monitoring tool. Everyone loves dashboards, users are always asking for more dashboards, and they clearly do sell monitoring products. The value they provide are typically pretty limited. If the actual analytics in our software were better the computer would be doing the analysis versus a user looking at graphical displays of data. I digress…
You cannot share the same backend between Kibana/Logstash and Graylog since they use a different schema for the log data in ElasticSearch. Hence you’ll have to make a decision which tool you want to use when setting up ElasicSearch. Please leave comments or questions below on @jkowall on Twitter.
As the Gartner for Marketing Leaders team heads down on another round of market research for our yearly Multichannel Campaign Management Magic Quadrant for April 2015, I want to underline the importance for vendors ( and for marketers themselves) not to limit multichannel marketing to pure channel centric thinking, an area where for some, despite some product name changes and theoretical examples of additional channel support, still look very much like functions for one-off, one-way channel push campaigns. This jeopardizes how customers want to engage and buy and doesn’t focus on the work that needs to be done for Multichannel Marketing. You can talk ?all channels? or ?any channel anytime?, but I don?t think it solves much.
Multichannel Marketers think multidimensional, this means not only do they need to enable multiple channels, but they need to be able to think:
Multi-purpose: Buyers are purpose-driven?you should be, too; Multichannel strategies start with clearly defined purposes, goals and audiences. If marketers do not clearly understand the purpose of each multichannel interaction, an idea of the expected outcomes, where the engagement might lead next, your audience won?t either.
Multi-value: Multichannel marketing needs multiple value producing exchanges between company and customer. What are their reasons for engaging with us and how can marketing accommodate? Why are we reaching out to them now? Will it sell more product, will it start a path to purchase? Is the value balanced or one-sided? One side might end up having nothing to show for their investment in the interaction. Multichannel marketing means being a multichannel orchestrator, consistently conducting a multi-value exchange, engaging audiences in value building, value producing, mutual interaction.
Multi-segmentation: Multichannel marketing means multiple segmentation techniques that group audiences based on multiple attributes along multiple dimensions. Traditional attributes focus on products; who has bought and who would be likely buyers. Newer groupings focus on profitability and techniques for moving segments into more valuable ones. Others focus on grouping personas, life cycles and lifestyles. Marketers should have an approach to many of them.
Multi-speed and multi-way: Multichannel marketers operate at two speeds, automating big and small campaigns and campaigns built from results of campaigns. They also maintain always-on interaction with continuous contextual engagement. They do this in multi-ways, based on past interaction and predicted future ones, both inbound and outbound, event-triggered and in real-time, just like conversations in a relationship.
Multi-data Multichannel marketers consume and create lots of data. New and old data, both explicit and implicit, both big and small, all play important roles from defining audiences to understanding context and the multiple channels where you?ll focus multiple interactions and campaigns. Transactional data, third-party data, anonymous customer/consumer data all contribute the right interaction at the right time in the right channel.
Multi-processes: Multichannel marketers think beyond marketing departments and think multi-processes to influence customer service process, support processes, sales processes and product strategies . Multichannel Marketing doesn?t exist in a vacuum. Marketers must involve themselves in all these customer reaching processes and be able to infuse evolving customer processes into a long term multidimensional, multichannel, marketing strategy.
Last week, over 30,000 people converged on NYC for NRF to learn the latest retail trends. One of biggest takeaways was that NRF now looks a lot like Shop.org. Digital technology is no longer a side dish, it?s the main entrée, with retailers lining up to hear about mobile marketing technology designed to identify, attract and engage customers before they even enter the store and digital commerce platforms that integrate with their ERP technology infrastructure and their digital marketing technology stack to support the full lifecycle of retail marketing across online and offline channels?store, Web, mobile and social networks.
The biggest takeaway from 2015 NRF was the share of mind (and Expo floor space) that retailers and technology and service providers dedicated to digital technology that bridges the online and offline worlds. It appears retailers have learned that it?s no longer about funneling customer down a particular path, or even failed attempts to predict which path a consumer might follow. Today?s digital commerce experience?and even the in-store experience is becoming a digital commerce experience?is about enabling a customer-led commerce experience with meaningful connections between channels.
3 Ways Retailers are Bridging the Gap
Digitizing the in-store environment. The Rebecca Minkoff store in SoHo and in the eBay booth at the NRF Expo features digital displays in its fitting rooms and RFID tags on all of its merchandise, allowing the display to sense what items shoppers have in the room, show how items pair together and enable shoppers to request additional colors, sizes and pieces and have them brought to the fitting room. No more awkwardly traipsing around the store in your socks or trying to flag a salesperson. In addition to improving the in-store (and in-fitting room) environment, the store also lets shoppers to save their fitting room session by choosing to send themselves an SMS and retrieve the session later on the retailer?s website.
Turning mobile associates into front-line marketers. Integration of CRM and loyalty data and proliferation of clienteling tools on associates? smartphones and tablets could bring this technique from luxury shoppers to the masses. Retailers can arm associates with customer data from CRM systems and loyalty programs, and info customers provide during their store visit, to tailor in-store interaction and maintain engagement after the visit. To avoid the creepy-factor, customers have to opt-in to this and brand marketing can control what info employees can see, as well as what content they can send. This allows front-line employees to become marketers and ambassadors. It may not work for all retailers due to the level of training and interaction involved, but you don?t have to shop the high-rent district to get a personal touch.
Connecting mobile consumers? devices to drive traffic and conversion. The bridge between online and offline can be figurative, as well as literal. Major mobile network providers are in a race to turn your car into a mobile device. But this isn?t just about helping you stay connected to friends and family, check your email or update your Facebook status. This is also about using location data to make relevant recommendations?nearby restaurants, stores, and even gas stations based on your location (and the position of your fuel gauge). Seems sort of futuristic, but imagine the ability to drive literal traffic to your store or restaurant by informing nearby customers about your promotions or gas prices.
For more on my takeaways from the 2015 NRF Big Show, take a look at my post, Here’s How Retailers Are Reinventing Themselves to Remain Relevant on the NRF website.
Existe un negro capítulo en la historia humana cuyo horror es condenado prácticamente de manera universal: el Holocausto. Esta semana se cumplen 70 años de la liberación de Auschwitz, el infame campo de concentración nazi. Como sucede con las experiencias humanas, las artes siempre responden para representar y mantener viva esa memoria ?por más triste […]
Una de las cosas que agrega tanta emoción a los MOBA es la variedad de sus personajes. Los distintos poderes, habilidades y clases permiten que toda partida tenga su propia dinámica y cada pelea merezca una estrategia diferente. En el caso de ?Smite?, el título de Level Up! donde los dioses se toman el campo […]
Bienvenidos a ENTER al día, estas son las noticias del día más importantes en el mundo de la tecnología y la cultura digital. Cómo acceder a Facebook gratis y los servicios de Internet.org Apple vende 74,4 millones de iPhone y rompe todos los records Llegó el tráiler para la nueva película de ?Los Cuatro Fantásticos? […]
Aunque recientemente habíamos visto que el Apple Watch se vendería a partir de marzo, esta vez tenemos información oficial de Tim Cook, CEO de Apple, quien afirmó que el Apple Watch se comenzará a vender en abril, de acuerdo con Cnet. De acuerdo con la publicación, la anterior información fue dada por Cook durante una […]
El año pasado, ?Cazafantasmas? cumplió 30 años, haciendo que Sony sacara a la luz un nuevo tráiler con motivo del aniversario y las ediciones Blu-ray de ‘Cazafantasmas’ y ‘Cazafantasmas II’. Continúa leyendo en ENTER.COUn comentario en Este sería el elenco de la nueva película de Cazafantasmas, 2015 ENTER.CO
Si eres usuario de Tigo y tienes un equipo con plan prepago ?aunque sirve para pospago?, podrás acceder a los sitios de la iniciativa Internet.org, que lanzó recientemente Mark Zuckerberg en el país en compañía del operador móvil. A continuación mostramos en video cómo puedes acceder a los diferentes servicios de la iniciativa que incluye a […]
Los reinicios son buenos. Son una forma de explorar de otra forma las historias que vimos en el pasado, con la ventaja de darle a una nueva generación una cara para relacionar a esos relatos. Y una de las mejores historias para los amantes de la acción y aventura fue ?Indiana Jones? (menos la que […]
Luego de casi cinco meses de haber salido el trailer de Resident Evil: Revelations 2, y de confirmar que Claire Redfield y Moira Burton serán la dupla femenina protagonista del juego, a menos de un mes del lanzamiento del juego fueron anunciados nuevos detalles sobre un modo alternativo a la historia principal. Este es un […]
Apple acaba de publicar sus resultados financieros para el primer periodo fiscal de 2015 (último trimestre de 2014) y los resultados son mucho mejores que los esperados. La acción, en operaciones después del cierre de la campana, subió 5%. Los números superaron ampliamente las expectativas de los analistas de Wall Street. Continúa leyendo en ENTER.CO2 […]
Apple acaba de anunciar los resultados del trimestre anterior (su Q1 2015 fiscal), y tuvo un rendimiento histórico. Conoce en vivo lo que tienen que decir los altos ejecutivos de la firma de la manzana sobre los resultados en este liveblog de la usual llamada a inversionistas luego del reporte trimestral. Continúa leyendo en ENTER.COUn comentario […]
Avenida 15 # 104-30 Of.305 Bogota, D.C., Colombia / PBX (571)467-3939/ 386-0994. Movil (57) 315 331-1740
Miami, FL., E.U. / Phone:(786)467-6722
Copyright 2014. All Rights Reserved.
Designed by ETRADE GROUP SAS.