New Research: CISOs Need To Add Customer Obsession To Their Job Description

Edward Ferrara

The CISO And The Customer

Next month Forrester will publish research focusing on the role the customer plays in security planning. Customer attitudes are changing, and companies need to recognize these changes or risk losing customers. These changes put enormous attention on the CISO and the security team. But CISOs should also look at this as a big opportunity for CISOs to move from the back office to the front office. Security incidents, managed well, can actually enhance customer perceptions of a company; managed poorly, they can be devastating. If customers lose trust in a company because of the way the business handles personal data and privacy, they will easily take their business elsewhere. Sales will fall, stock prices will follow, and the CISO will be accountable. CISOs need to improve their security program by focusing on the company’s true customers – the ones that create revenue – clarifying and speeding communications and implementing customer-focused security controls.  Look for it next month!

Is All Work Becoming Knowledge Work?

Craig Le Clair

 

It hit me the other day when I was speaking with a call center operator about my reservation. She was funny, smart, well informed and flew around her app. with the quickness of the chipmunk. She is the new breed of worker. Not the production worker that performs repetitive tasks, like data entry and responding to the same dumb information requests, anxious to get you off the phone to meet a call duration metric. No, our relentless offshoring, automation, and customer self-service is slowly eliminating this type of worker.

We hear numbers like this consistently, and this from a Workforce Planning  VP at a major Major Telecommunications company,

“Today  70% of our inquiries are handled by self service (IVR, Web, or mobile) with only 30% that ever get to our call center.  But these calls that get through are really hard. The customer has researched the problem on line and is ready to have a deep conversation. So unfortunately, even though the call volumes are way down, the number of agents we need has not decreased due to how complex these calls are. "

What does this mean for enterprises? High performance will be achieved supporting these workers with advanced information management and solutions like Dynamic Case Management that give them freedom to make decisions and advance the customer experience.  

We will shortly publish a wave on DCM. Look for some new European solutions like BeInformed (Netherlands), Whitestein (Germany), and ISIS (Austria) to gain ground on  PegaSystems, IBM, EMC, Appian  and others from the traditional BPM market.

Target Breach: Vendors, You're Not Wrestlers, And This Isn't The WWE

Rick Holland

Yesterday, Bloomberg Businessweek ran a story providing some alarming details on the Target breach.  The article, “Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It,” didn’t paint a pretty picture of Target’s response. 

Some of the highlights in case you haven't read it yet: 

  • Six months before the incident, Target invested $1.6 million in FireEye technology.
  • Target had a team of security specialists in Bangalore monitoring the environment.
  • On Saturday November 30, FireEye identified and alerted on the exfiltration malware. By all accounts this wasn't sophisticated malware; the article states that even Symantec Endpoint Protection detected it. 
Read more

Benchmark Your Applications Portfolio

George Lawrie

Do you ever wonder how your business applications portfolio stacks up against your peers?

We conducted a series of interviews to understand how firms measure applications portfolio coverage of their business units and business models, end-user use of applications, and business value. We’re inviting application leaders to take a 10 to 15 minute survey anonymously to give their feedback on the metrics and their own estimate of their scores. We plan to aggregate the data then slice and dice by size or SIC or other “firmographics,” so that you can compare yourself with similar firms.

Dozens of your peers have already completed the survey and we want to write the report next week. But it's not too late. You can still join the fun here :

 https://forrester.az1.qualtrics.com/SE/?SID=SV_3rWh3knhUv6w4h7

Competition For The Established CIA Triad

Andrew Rose

The information security profession is built on three fundamental tenets, those of confidentiality, availability, and integrity. Increasingly, however, I see two things happening:

-       Organizations are reprioritising these to reflect their significance within their organization, with confidentiality often trailing to availability and integrity; or

-       Additional aspects such as authentication, authorization, non-repudiation etc. are supplementing the CIA triad.

It seems that there may be a growing group of S&R professionals who are dissatisfied with these concepts, feeling that they are ambiguous or incomplete, and some find it troublesome that they lack standard units of measurement.

It was with interest, therefore, that I noted a competition issued by the O-ISM3 Consortium, an organization that focuses on fostering alignment between security objectives and business goals. Their challenge lays out a use case for participants to navigate. It involves a mock audit on a travel company and presents entrants with the audit findings. The participants are then challenged to create a set of audit questions that would lead to these responses, but they have to choose one of two alternative paths – either their questions must all include references to C, I, and A, or none of them may.

Read more

If Your Business Looks Digital, What Should Your App Delivery Look Like?

Diego Lo Giudice

When computers were invented 60 years ago, nobody would have thought that gazillions of 0 and 1s would soon rule the world. After all, that’s all there is in any computer memory, be it a laptop, a mobile phone, or a supercomputer like Watson;  if you could open memory up and visualize the smallest elementary unit, you would “see” only an infinite sequence of 0s and 1s, something that would look like this:

Interestingly, that has not changed. Computers are still processing 1s and 0s. What has changed is that we live in an age of digital disruption, an age where software applications run and rule our business more and more. To be successful, those applications need to be engaging and entertaining so that consumers enjoy and are delighted by them; they also have to be mobile and accessible anywhere and at anytime, and they have to leverage tons of information, no matter if it comes from a database, a tweet, or Facebook.  

Read more

Analytics Helps Retailers Improve Customer Retention

Gene Cao

IBM recently kicked off its big data market planning for 2014 and released a white paper that discusses how analytics create new business value for end user organizations. The major differences compared with last year’s event:

  • Organizational change. IBM has assigned a new big data practice leader for China, similar to what it’s done for other new technologies including mobile, social, and cloud. IBM can integrate resources from infrastructure (IBM STG), software (IBM SWG), and services (IBM GBS/GTS) teams, although the team members do not report directly to them.
  • A new analytics platform powered by Watson technology. The Watson Foundation platform has three new functions. It can be deployed on SoftLayer; it extends IBM’s big data analysis capabilities to social, mobile, and cloud; and it offers enterprises the power and ease of use of Watson analysis.
  • Measurable benefits from customer insights analysis. Chinese organizations have started to buy into the value of analytics and would like to invest in technology tools to optimize customer insights. AmorePacific, a Hong Kong-based skin care and cosmetics company, is using IBM’s SPSS predictive analytics solution to craft tailored messages to its customers and has improved its response rate by more than 30%. It primarily analyzes point-of-sale data, demographic information from its loyalty program, and market data such as property values in the neighborhoods where customers live.
Read more

The War Of Mission-Critical Applications In The Cloud Is Getting Hot In China

Charlie Dai

The entire cloud ecosystem in China is undergoing significant change. End users are getting more serious about adopting cloud solutions and ISVs are working with telecom carriers and partners to deliver mission-critical business applications in the cloud. My latest report, “Brief: Major Players Are Targeting The Chinese Cloud Market For Core Business Apps,” summarizes the overall trends of cloud adoption in China, looks at each vendor’s solution, and provides high-level suggestions. Specifically, I discuss:

  • General trends in SaaS adoption in China. Timing is very critical for market penetration. The survey results I share in this report show a dramatic increase in decision-maker interest in cloud-based offerings. This is probably the last chance for companies that want significant market share, but do not yet have it, to enter the Chinese SaaS market.
  • All of the major multinational vendors are moving. Global players have been closely watching the cloud market in China for years, and in 2013 they have made strategic moves. SAP, Oracle, Microsoft, and Infor have adopted different strategies in China based on the strengths and capabilities of their core product and solution offerings, technology stack, and partners. The report will tell you how each of these companies is working to address the Chinese market.
  • Local market leader practices. Large multinational vendors are not the only ones with skin in the game. Major local players in enterprise management software, such as Yonyou and Kingdee, are also working hard and have achieved significant progress in this space. The report will tell you what advantages their global peers need to have and which shortcomings they need to improve upon.
Read more

Categories:

When Too Much Control Is a Bad Thing

James Staten

I know, more control is an axiom! But the above statement is more often true. When we're talking about configuration control in the public cloud it can be especially true, as control over the configuration of your application can put control in the hands of someone who knows less about the given platform and thus is more likely to get the configuration wrong. Have I fired you up yet? Then you're going to love (or loathe) my latest report, published today. 

Let's look at the facts. Your base configuration of an application deployed to the cloud is likely a single VM in a single availability zone without load balancing, redundancy, DR, or a performance guarantee. That's why you demand configuration control so you can address these shortcomings. But how well do you know the cloud platform you are using? Is it better to use their autoscaling service (if they have one) or to bring your own virtual load balancers? How many instances of your VM, in which zones, is best for availability? Would it be better to configure your own database cluster or use their database as a service solution? One answer probably isn't correct — mirroring the configuration of the application as deployed in your corporate virtualization environment. Starting to see my point?

Fact is, more configuration control may just be a bad thing.

Read more

It's Time To Reinvent BPM For The Age Of The Customer

Clay Richardson

Over the last 12 years, I've seen – and helped drive – a lot of change in the BPM market.  First, I watched BPM move from a heavy focus on integration to a greater focus on collaboration and social interaction.  And then, BPM expanded from highly structured and ‘automate-able’ processes to address unstructured, more dynamic business processes.  It is safe to say that over the last decade, demand for BPM was driven by key characteristics of the "Information Age" - a relentless drive towards improving the flow and sharing of information across people and systems.

Now, the most compelling business cases powering fresh demand for BPM focus on characteristics of the new age we are moving into - what Forrester calls the "Age Of The Customer."  If you look closely at most of today’s BPM initiatives, they tend to hide behind an imaginary firewall that separates what external customers experience and what internal business operations feel they need to be efficient. In this new age, business leaders are waking up to the realization that they can no longer divorce process improvement from the people and systems that touch customers, partners, and customer-facing employees. 

Read more