Disrupting a sector like Fintech does not happen by accident. It happens by design. Disruption is nearly always an act of intent. You see a valuable established market with dysfunction and you look to improve it. The genesis for disruption is often one unifying goal, and for technology companies, that usually means an OKR – Objective and Key Results.
There’s about a 70% chance that you’re reading this post using a Chrome browser. But, did you know that when Chrome was just getting off the drawing board at Google, it started life as an OKR?
Objective: Develop the next-generation client platform for web applications
Key Result: Chrome reaches 20 million seven-day active users
Nearly every team could look at this and know where the company is going. They could start to work out how best to help the team succeed. These cross-functional discussions are happening every quarter where teams discuss what the few game-changing OKRs should be. These goals sit outside the normal business-as-usual. The bottom-up part of OKR planning.
This drive to bring more purpose and greater empowerment and autonomy is central to OKRs. If you want to disrupt a big market with huge competitors and high-performing teams, then use a goal-setting framework like OKR. These teams are highly collaborative, agile, productive, and innovative. They are not a luxury; they are table-stakes.
OKRs that would align with the Objective above are highly likely to be cross-functional. Each department would be involved in planning. If you’re launching a new product — that takes a cross-functional effort. You’ll look at every quarter and discuss whether an OKR should be carried over.
OKRs are more than just aligned Objective and Key Results
It’s a common misconception that OKRs are just about learning to write an objective and matching it with 1 – 4 Key Results that align with other Objectives and Key Results. If you’re good at using OKRs you understand the small details that unlock their hidden superpowers.
Total Clarity With OKRs
If you’ve planned OKRs well, you will have clarity on a few game-changing goals and will have imagined what success would look like. You will then commit to achieving them—the more focused, which means the fewer goals you have, the better.
If you’re trying to describe your business-as-usual as OKRs or shoehorn every KPI you track into a Key Result, it has gone wrong. When you get up in the morning, they should never wonder what the company and team have committed to achieving.
Different teams, roles, and responsibilities in the business will be involved in OKRs in any one quarter. Of course, you have named owners and collaborators, but you might also have different people doing initiatives to deliver the outcomes you’ve specified. If in Legal and launching a new product that needs Terms and Conditions, you know what when needed, you’ll drop what you’re doing to help achieve the committed OKR.
Having a shared sub-set of KPIs called Health Metrics (meaning the health of the company) will help for clarity. These tell you and everyone else how a team is performing. OKRs can then be hyper-focused on the areas of most value. The company’s business-as-usual performance is measured by these metrics. If any of them become an issue or opportunity, perhaps they will become an OKR focus going forward.
There’s something about hard to achieve goals that help most of us perform better. It’s the science of goal setting. The benefits of being stretched are:
- Creating a greater focus on the most relevant activities
- Prolong effort for a greater amount of time
- Stimulating learning, collaboration and innovation
Taken to the extreme, this ambition becomes a Moon Shot, but the default for OKR is just ‘Hard.’ If goals are hard to achieve, you also need to redefine success. The idea that 100% is not necessarily the desired end-state is at first odd. The sweet spot, when targets have been well-calibrated, is somewhere around the 70% mark. Much less, and perhaps there were issues, much more, and perhaps you were not ambitious enough.
Once you’ve defined OKRs, cadence and communication are what drives the outcomes. Weekly check-ins become the flywheel of achievement. Priorities, progress and problems are shared for the week ahead. Check-ins show accountability, collaboration, dependability and productivity. It will enhance the ongoing commitment to your desired end-state.
If you’re going to have honest debates about what priorities should be, if you are going to be genuinely ambitious, if you’re going to work cross-functionally as well as in your teams, if you’re sometimes playing a lead role and sometimes supporting. You’re going to work in an agile way, sharing priorities and problems as you go; you need to have the right culture.
Embracing and embedding OKRs improves culture through time; even if to start with, it just points out where the issues are. Cultural pillars like accountability, collaboration, Psychological Safety, and learning and development will become central to everything you do.
The behaviors and habits that define how the company works, how managers and teams behave, and how the day-to-day happens are the glue that will hold everything together as you move from scale-up to unicorn.
It’s A Journey
If you’re looking to disrupt the establishment, try using OKRs. It takes a few quarters to make OKRs cultural, and there will be bumps in the road and mistakes might be made. However, once you’ve got the framework in your toolbox and culture, the only limit to your success becomes your level of ambition and willingness to fall short occasionally.
Cybersecurity Outsourcing: Principles of Choice and Trust
A few years ago, cybersecurity outsourcing was perceived as something inorganic and often restrained. Today, cybersecurity outsourcing is still a rare phenomenon. Instead, many companies prefer to take care of security issues themselves.
Almost everyone has heard about cybersecurity outsourcing, but the detailed content of this principle is still interpreted very differently in many companies.
In this article, I want to answer the following important questions: Are there any risks in cybersecurity outsourcing? Who is the service for? Under what conditions is it beneficial to outsource security? Finally, what is the difference between MSSP and SecaaS models?
Why do companies outsource?
Outsourcing is the transfer of some functions of your own business to another company. Why use outsourcing? The answer is obvious – companies need to optimize their costs. They do this either because they do not have the relevant competencies or because it is more profitable to implement some functions on the side. When companies need to put complex technical systems into operation and do not have the capacity or competence to do this, outsourcing is a great solution.
Due to the constant growth in the number and types of threats, organizations now need to protect themselves better. However, for several reasons, they often do not have a complete set of necessary technologies and are forced to attract third-party players.
Who needs cybersecurity outsourcing?
Any company can use cybersecurity outsourcing. It all depends on what security goals and objectives are planned to be achieved with its help. The most obvious choice is for small companies, where information security functions are of secondary importance to business functions due to a lack of funds or competencies.
For large companies, the goal of outsourcing is different. First, it helps them to solve information security tasks more effectively. Usually, they have a set of security issues, the solution of which is complex without external help. Building DDoS protection is a good example. This type of attack has grown so much in strength that it is very difficult to do without the involvement of third-party services.
There are also economic reasons that push large companies to switch to outsourcing. Outsourcing helps them implement the desired function at a lower cost.
At the same time, outsourcing is not suitable for every company. In general, companies need to focus on their core business. In some cases, you can (and should) do everything on your own; in other cases, it is advisable to outsource part of the IS functions or turn to 100% outsourcing. However, in general, I can say that information security is easier and more reliable to implement through outsourcing.
What information security functions are most often outsourced?
It is preferable to outsource implementation and operational functions. Sometimes it is possible to outsource some functions that belong to the critical competencies of information security departments. This may involve policy management, etc.
The reason for introducing information security outsourcing in a company is often the need to obtain DDoS protection, ensure the safe operation of a corporate website, or build a branch network. In addition, the introduction of outsourcing often reflects the maturity of a company, its key and non-key competencies, and the willingness to delegate and accept responsibility in partnership with other companies.
The following functions are popular among those who already use outsourcing:
- Vulnerability scanning
- Threat response and monitoring
- Penetration testing
- Information security audits
- Incident investigation
- DDoS protection
Outsourcing vs. outstaffing
The difference between outsourcing and outstaffing lies in who manages the staff and program resources. If the customer does this, then we are talking about outstaffing. However, if the solution is implemented on the side of the provider, then this is outsourcing.
When outstaffing, the integrator provides its customer with a dedicated employee or a team. Usually, these people temporarily become part of the customer’s team. During outsourcing, the dedicated staff continues to work as part of the provider. This allows the customer to provide their competencies, but the staff members can simultaneously be assigned to different projects. Separate customers receive their part from outsourcing.
With outstaffing, the provider’s staff is fully occupied with a specific customer’s project. This company may participate in people search, hiring, and firing of employees involved in the project. The outstaffing provider is only responsible for accounting and HR management functions.
At the same time, a different management model works with outsourcing: the customer is given support for a specific security function, and the provider manages the staff for its implementation.
Managed Security Service Provider (MSSP) or Security-as-a-Service (SECaaS)
We should distinguish two areas: traditional outsourcing (MSSP) and cloud outsourcing (SECaaS).
With MSSP, a company orders an information security service, which will be provided based on a particular set of protection tools. The MSS provider takes care of the operation of the tools. The customer does not need to manage the setup and monitoring.
SECaaS outsourcing works differently. The customer buys specific information security services in the provider’s cloud. SECaaS is when the provider gives the customer the technology with complete freedom to apply controls.
To understand the differences between MSSP and SECaaS, comparing taxi and car sharing is better. In the first case, the driver controls the car. He provides the passenger with a delivery service. In the second case, the control function is taken by the customer, who drives the vehicle delivered to him.
How to evaluate the effectiveness of outsourcing?
The economic efficiency of outsourcing is of paramount importance. But the calculation of its effects and its comparison with internal solutions (in-house) is not so obvious.
When evaluating the effectiveness of an information security solution, one may use the following rule of thumb: in projects for 3 – 5 years, one should focus on optimizing OPEX (operating expense); for longer projects – on optimizing CAPEX (capital expenditure).
At the same time, when deciding to switch to outsourcing, economic efficiency assessment may sometimes fade into the background. More and more companies are guided by the vital need to have certain information security functions. Efficiency evaluation comes in only when choosing a method of implementation. This transformation is taking place under the influence of recommendations provided by analytical agencies (Gartner, Forrester) and government authorities. It is expected that in the next ten years, the share of outsourcing in certain areas of information security will reach 90%.
When evaluating efficiency, a lot depends on the specifics of the company. It depends on many factors that reflect the characteristics of the company’s business and can only be calculated individually. It is necessary to consider various costs, including those that arise due to possible downtime.
What functions should not be outsourced?
Functions closely related to the company’s internal business processes should not be outsourced. The emerging risks will touch not only the customer but also all internal communications. Such a decision may be constrained by data protection regulations, and too many additional approvals are required to implement such a model.
Although there are some exceptions, in general, the customer should be ready to accept certain risks. Outsourcing is impossible if the customer is not prepared to take responsibility and bear the costs of violating the outsourced IS function.
Benefits of cybersecurity outsourcing
Let me now evaluate the attractiveness of cybersecurity outsourcing for companies of various types.
For a company of up to 1,000 people, IS outsourcing helps to build a layered cyber defense, delegating functions where it does not yet have sufficient competence.
For larger companies with about 10,000 or more, meeting the Time-to-Market criterion becomes critical. But, again, outsourcing allows you to solve this problem quickly and saves you from solving HR problems.
Regulators also receive benefits from the introduction of information security outsourcing. They are interested in finding partners because regulators have to solve the country’s information security control problem. The best way for government authorities is to create a separate structure to transfer control. Even in the office of the president of any country, there is a place for cybersecurity outsourcing. This allows you to focus on core functions and outsource information security to get a quick technical solution.
Information security outsourcing is also attractive for large international projects such as the Olympics. After the end of the events, it will not be necessary to keep the created structure. So, outsourcing is the best solution.
The assessment of service quality
Trust is created by confidence in the quality of the service received. The question of control is not idle here. Customers are obliged to understand what exactly they outsource. Therefore, the hybrid model is currently the most popular one. Companies create their own information security department but, at the same time, outsource some of the functions, knowing well what exactly they should get in the end.
If this is not possible, then you may focus on the service provider’s reputation, the opinion of other customers, the availability of certificates, etc. If necessary, you should visit the integrator and get acquainted with its team, work processes, and the methodology used.
Sometimes you can resort to artificial checks. For example, if the SLA implies a response within 15 minutes, then an artificial security incident can be triggered and response time evaluated.
What parameters should be included in service level agreements?
The basic set of expected parameters includes response time before an event is detected, response time before a decision is made to localize/stop the threat, continuity of service provision, and recovery time after a failure. This basic set can be supplemented with a lengthy list of other parameters formed by the customer based on his business processes.
It is necessary to take into account all possible options for responding to incidents: the need for the service provider to visit the site, the procedure for conducting digital forensics operations, etc.
It is vital to resolve all organizational issues already at the stage of signing the contract. This will allow you to set the conditions for the customer to be able to defend his position in the event of a failure in the provision of services. It is also essential for the customer to define the areas and shares of responsibility of the provider in case of incidents.
The terms of reference must also be attached to the SLA agreement. It should highlight all the technical characteristics of the service provided. If the terms of reference are vague, then the interpretation of the SLA can be subjective.
There should not be many problems with the preparation of documents. The SLA agreement and its details are already standardized among many providers. The need for adaptation arises only for large customers. In general, quality metrics for information security services are known in advance. Some limit values can be adjusted when the need arises. For example, you may need to set stricter rules or lower your requirements.
Prospects for the development of cybersecurity outsourcing in 2023
The current situation with personnel, the complexity of information security projects, and the requirements of regulators trigger an increase in information security outsourcing services. As a result, the growth of the most prominent players in cybersecurity outsourcing and their portfolio of services is expected. This is determined by the necessity to maintain a high level of service they provide. There will also be a quicker migration of information security solutions to the cloud.
In recent years, we have seen a significant drop in the cost of cyber attacks. At the same time, the severity of their consequences is growing. It pushes an increase in demand for information security services. A price rise is expected, and perhaps even a shortage of some hardware components. Therefore, the need for hardware-optimized software solutions will grow.
Featured Image Credit: Tima Miroshnichenko; Pexels; Thank you!
5 Signs That Indicate Your Startup Is Ready To Scale Up
Concerns surrounding the current changing economic cycle amid rampant running inflation, a tightening monetary policy, and an even tighter labor market has seen small business sentiment reach a new low against the backdrop of tumultuous conditions.
Across the board, small business confidence has plummeted to new record lows. According to an earlier August report by CNBC, The Small Business Confidence Index dropped to 42 points at the start of the third quarter, four points lower than the quarter before.
Today, more than half – 51% – of small business owners and entrepreneurs have described the current state of the economy as “poor,” a jump from 44% recorded in the second quarter.
The post-pandemic economy, which has brought widespread uncertainty to both business owners and consumers has left many owners signaling red as they try to shield themselves financially against a looming recession.
The tall tale that reads around 90% of startups fail, and 10% fail within the first year since inception is looking more and more realistic these days.
A lack of financial capital, consumer support, and appropriate services or products in a highly competitive market has driven many startup entrepreneurs further into the dark. But these and other conditions have been a persisting challenge for many startup owners, and for those who can upscale their ventures in the coming months or years or now left feeling more puzzled than ever before.
Despite the hard economic challenges, running from higher operating costs to troublesome labor conditions, there are still a number of startups – in several industries – that carry the potential to increase their capacity, whether it’s broadening their services or products offerings, onboarding new personnel, or even going public with a brick-and-mortar store.
Signs That Indicate That It Is Time To Scale Your Business
Regardless of the conditions, you’re operating, it’s time that you start noticing the signs that will help you realize it’s time to scale your business – and here are five of the most common ones.
You Still Have Ongoing Funding
Whether your startup was lucky enough to strike a few lucrative funding deals with credible investors, or you recently signed new backers that are willing to invest in your new line of products and services, startups that still have plentiful funding amid the turndown will potentially be ready to scale their ventures in the coming months or years.
It’s always best to consider how funding is used, and where most of its being allocated. If most of your finances are currently tied to research and development, you might want to still hold out before going too big too soon. If the funding is still there, it’s a good indicator that the startup is still in a good position and that the possibilities of scaling could be around the corner.
Sales have been booming, and the startup is finding it more and more difficult to keep up with the strong demand. If you notice that you need to hire or onboard new personnel to help drive revenue and growth, you might need to consider how you can scale your business in the months ahead.
It’s best to play it safe, as most of the time higher sales can be driven by market trends, and consumer shopping behaviors can change on a whim. If your sales strategy is still on track with startup goals, look to ways in which you can initiate optimized sales growth, while at the same time onboarding a talented team.
Sturdy and Loyal Customer Base
Startups that are more focused on rapid growth, and not consumer demands or building a loyal customer base tend to fail a lot quicker. This might not be the case for every startup, as industries do tend to differ, and consumer purchasing behavior.
Nonetheless, startups that have established a loyal and trusting customer base, and that have a clear value proposition within their business ethos might be ready to start branching out to other parts of the consumer market.
It could also swing the other way around. In the case where a startup has to start turning clients away, because of increased demand, and not enough physical hands to help the business cope, the business could start running into a bottleneck situation.
This is why it’s important to invest in a valuable core team that can help drive sales, and carry the potential to push further development of the business.
You Have a Strong Team
Although customers are a crucial part of the business, a strong and highly motivated team is just as important to the core of the business.
Any business owner will tell you that without the right people, a business is setting itself up for failure. Having a strong team that carries out the mission of the business day in and out will only help a startup become more successful in the long run.
If you notice that your team is capable of running projects by themselves, resolving issues without requiring executive intervention, or generating new leads that could potentially lead to new sales – your startup might be ready for the next step of its scaling journey.
Steady Cash Flow
Aside from investor funding deals and private backers, startups that enjoy steady cash flow might be in the right position to enter a new era of growth.
Although it’s possible that scaling your startup will automatically increase costs, it’s important to delay every outlay of cash as long as possible. This will help the business remain financially secure, even in the face of a sudden market downturn.
Generating revenue is a good thing, but having a steady stream of income coming and going through your business is a good indicator for any startup owner.
There are a lot of startup owners who need to consider before simply deciding they want to scale their business. Whether it’s bringing onboard new members, or launching new products and services to help alleviate a bottleneck demand – seeing the signs of positive business growth means that your startup is ready for its next phase.
Published First on ValueWalk. Read Here.
Featured Image Credit: Photo by Beytlik; Pexels; Thank you!
The Role of Advanced Tech in Modern CX
While customer experience (CX) will always require a human touch, there’s something to be said about technology and its role in keeping customers happy and engaged. And if you look at the current landscape of business tools, you’ll see that there’s never been a better time to focus on modern CX.
What is Customer Experience?
Customer experience might sound like a buzzword or fancy term that Silicon Valley startups paste into PowerPoint presentations when raising a fresh round of capital. Still, it’s a tangible concept that has a real-world impact on your business (for better or worse).
According to HubSpot, “Customer experience is the impression your customers have of your brand as a whole throughout all aspects of the buyer’s journey. It results in their view of your brand and impacts factors related to your bottom line including revenue.”
Modern CX is especially important when you think about the sheer volume of options the average customer has to choose from. With so many similar services and products being sold by competitors, you need something that sets you apart. A positive customer experience can help you do this. Likewise, ongoing CX impacts loyalty, repeat purchases, customer lifetime value, and more.
Customer experience is created and influenced by two primary touch points within your organization: Your people and your products. If you’re going to enhance customer experience, start by thinking about (1) how you can improve the way your people interact with and serve your customers, and (2) the quality, utility, and perceived value of your products by the customer.
Exploring High-Tech Approaches to Customer Experience
If you want to elevate the customer experience and grow your business, you must reduce friction. And the best way to reduce friction is by streamlining your approach using technology and innovation.
Here are several technologies and approaches that successful companies rely on (and you can too).
1. IT Help Desk Software
If you’re still using a basic ticketing system to handle support tickets and IT requests, you’re playing from behind. Not only are your customers extremely frustrated with the slow pace and poor service, but your employees are drowning behind the scenes.
IT help desk software decreases end-user confusion, streamlines problem resolution, and makes quick use of pesky tickets. Some features of IT help desk software could include the following.
- Assign individual tickets to specific team members based on skillsets, certifications, experience, and availability. This ensures customers get the best (and fastest) support for their individualized needs.
- Automatically and intelligently triage support tickets so that simple fixes can be automatically addressed without requiring manual input from a team member.
- Get notifications and reminders on outstanding support tickets so that no customer request is left open for too long.
Most advanced help desk software is built on the cloud, which increases your team’s flexibility and allows you to provide customer support from anywhere (without being dependent on location or device).
It’s also entirely scalable, which makes it easy to continue providing great support, even as your customer base and volume of support tickets grow.
2. AI and ML Chatbots
People want as many different customer service options and channels as they can get. And they expect someone to be available to help them regardless of the time or day. From a company’s perspective, this creates a lot of pressure and expectation. Thankfully, technology comes to the rescue once again. This time, it’s in the form of artificial intelligence (AI) and machine learning (ML) chatbots.
AI and ML chatbots are essentially online chat technology with smart algorithms. Companies program them to understand and interpret customer questions. They can provide answers, suggest solutions, and/or triage customer support requests. Employees can then send tickets to the correct support person.
While some companies choose to develop their own chatbots, you can also leverage existing platforms.
3. 24/7 Social Monitoring
You can’t afford to clock out. While 9-to-5 may be standard work hours, companies with high modern CX scores are tuned into what’s happening with their customers 24/7/365…and you should be, too.
While 24/7 monitoring is important, you don’t have to physically park yourself (or employees) in front of a computer or phone around the clock. Using monitoring software, you can listen to what’s happening and gather insights about what people are saying on social media. You can also track, analyze, and respond to email and chat requests.
Some of the top 24/7 monitoring platforms on the market include Zendesk, Hubspot, LiveAgent, and Hootsuite.
4. Virtual and Augmented Reality
While maybe not as common as some of the other technologies listed in this article, don’t underestimate the rise of augmented reality (AR) and virtual reality (VR). We live in a virtual world where more of the buying process is happening at a distance. This is leading brands are always looking for ways to increase customer engagement and enhance the shopping experience. AR and VR are game-changers in this regard.
Amazon, which is always on the bleeding edge when it comes to modern CX – is a great example. Their new AR View technology allows shoppers to view items in their homes before purchasing.
Amazon’s technology allows prospective customers to view products in the setting of their own homes before they make a purchase. They can make their purchases based on how the product looks and fits their current setting, color scheme, and so forth. They no longer need to move furniture around once something arrives only to discover it doesn’t really work as they thought. Instead, they use a smartphone to boost confidence prior to purchase.
Aside from being interesting and unique, this “view in your room” technology serves the distinct purpose of reducing the friction that shoppers often experience when they don’t know what a product will look like in their home and/or if it’ll fit the space. Customers who use this augmented reality technology end up happier with their final purchases and are less likely to return the products they purchase.
Measuring Customer Experience
If you’re going to commit to strategically improving your CX, you want to make sure you’re measuring it. (This is the only way to track progress and know if you’re getting the results you’re searching for.) Again, there are several ways you can do this, including the following.
- Start tracking your Customer Satisfaction Score (CSAT). This is basically a measurement of how happy your customers are with your products and service.
- To calculate a CSAT score, you simply send customers a one-question survey after a purchase or support interaction that asks: “How satisfied were you with [company/product]?”
- Typically, you ask customers to rank their satisfaction on a scale of 1-10 (with 10 being the most positive).
- Over time, you can track your CSAT score and watch as it moves up or down. This will give you some context for how customers feel.
- It’s natural to have some churn. However, tracking customer churn rates will help you understand when and why customers are leaving.
- Dig in and analyze the data. Determine the reasons for the churn and any actions you can take to reduce future churn.
- Engage with customers and proactively gather feedback. If possible, meet with customers face-to-face or have extended open-ended discussions via phone or video conferencing.
- This allows you to measure both the experience and the sentiment. (You can tell a lot through tone of voice, inflection, word choice, etc.)
Adding It All Up
Customer experience is more than a buzzword. It’s a tangible measurement of the way customers feel about your brand and its products.
By prioritizing modern CX with the right high-tech investments, you can improve your results and experience success.
Featured Image: CottonBro; Pexels.com. Thank you!