Is It Time For Customer Decision Management?

The essential shape of the enterprise marketing landscape hasn’t changed much over the years. In last week’s Revisiting The Enterprise Marketing Software Landscape, I dissect technologies into the four basic categories of marketing management, brand management, relationship marketing, and interactive marketing. Consumers are rapidly changing behaviors, and marketing as a practice is evolving dramatically, but the technologies that marketers buy continue to come in essentially the same containers.

Notice, however, all of the decision management systems employed across the marketing landscape. From interaction management to online testing to recommendations to contact optimization, marketers are using automated systems to make an increasing number of customer-facing decisions. Viewed from the perspective of those decisions, the landscape of marketing technologies is shifting under our feet.

So is it time for a new take – say, customer decision management (CDM) – on marketing technology?

Why Do We Need Customer Decision Management?

Given that we’re already awash in marketing technology, do we need another three-letter acronym? Yes, because customers are:

Read more

Rewind And Replay For Web App Vulnerabilities

Security threats develop and evolve with startling rapidity, with the attackers always seeking to stay one step ahead of the S&R professional. The agility of our aggressors is understandable; they do not have the same service-focused restrictions that most organizations have, and they seek to find and exploit individual weaknesses in the vast sea of interconnecting technology that is our computing infrastructure.

If we are to stand a chance of breaking even in this game, we have to learn our lessons and ensure that we don’t repeat the same mistakes over and over. Unfortunately, it is alarmingly common to see well known vulnerabilities and weakness being baked right in to new applications and systems – just as if the past 5 years had never happened!

A recent report released by Alex Hopkins of Context Information Security shines a light on the vulnerabilities they discovered while testing almost 600 pre-release web applications during 2011. The headlines for me were:

  • On average, the number of issues discovered per application is on the rise.
  • Two-thirds of web applications were affected by cross site scripting (XSS).
  • Nearly one in five web applications were vulnerable to SQL injection.

It makes depressing reading, but I’m interested in why this situation is occurring:

  • Are S&R professionals simply not educating and guiding application developers?
  • Are application developers ignoring the training and education? Are we teaching them the wrong things or do we struggle to explain the threats from XSS and SQL injection?
  • Are our internal testing regimes failing, allowing flawed code to reach release candidate stage?
Read more