Why Agile Is Eating The World​​

In 2011, Marc Andreessen wrote his famous essay, “Why Software Is Eating the World,” in The Wall Street Journal, leading to the cliché that “every company needs to become a software company.” (A useful update by Jeetu Patel on the situation in 2016 is here: “Software is still eating the world.”)

In one way, Andreessen’s 2011 article was remarkably prescient. In 2011, IT firms were looked down on by Wall Street. Andreessen was telling Wall Street: “Pay attention! These companies are more valuable than you think they are.” And Wall Street listened. In 2018, the five biggest companies in the world by market capitalization are IT firms: Amazon, Apple, Facebook, Google and Microsoft.

But it turned out that Andreessen was only half right. It's not that all software is eating the world: General Electric has just proved that in a spectacular fashion: It invested heavily in software and the result. After five years, the CEO and his top lieutenants were terminated. Similar developments are under way at Intel, P&G and HP.

It turns out that it’s not just software that’s’ eating the world. Firms are learning the hard way that software requires a different way of running the organization to be successful. Firms have to be nimble, adaptable, able to adjust on the fly to meet the shifting whims of a marketplace driven by the customer. This kind of management was—and is—beyond the capabilities of the lumbering industrial giants of the 20th Century. It is firms that are truly agile that are eating the world (whether or not they call themselves by the label "Agile").

In fact, many of the big successful IT firms don't use the label “Agile” to describe the way they are run. Instead they talk about "the Google way" or "our startup culture." Of the big five, Microsoft is the exception in making an explicit commitment to the label “Agile.”

But whatever label is used, the successful software firms are all recognizably implementing the substance of Agile—a focus on delivering value for customers, working in small teams in short cycles, and networked organizational arrangements rather than top-down bureaucracy and silos. It’s the firms that invest in software while retaining the top-down 20th Century management practices and structures that fail.

As a result, the world is entering a new age: the age of Agile. An unstoppable revolution is now under way in our society, affecting almost everyone. Agile organizations are connecting everyone and everything, everywhere, all the time. They are capable of delivering instant, intimate, frictionless value on a large scale. They are creating a world in which people, insights, and money interact quickly, easily, and cheaply. For some firms, the revolution is uplifting and beautiful. For others, it is dark and threatening.

Dazzling examples of the new way of running organizations are everywhere apparent. It’s not just the five biggest firms by market capitalization: Amazon, Apple, Facebook, Google and Microsoft. It’s also firms like Airbnb, Etsy, Lyft, Menlo Innovations, Saab, Samsung, Spotify, Tesla, Uber and Warby Parker. At the same time, what is lifting some companies is killing others, as the big, lumbering market=leading bureaucracies miss game-changing transformations in industry after industry.

Simply put, it’s Agile, not just software, that is eating the world. As usual, with any massive social change, there’s good news and bad news. Let’s begin with the good news.

Good News #1: Customers Take Charge

The winning firms are those that deliver instant, intimate, frictionless value for customers.. A world in which people, insights, and money interact quickly, easily, and cheaply is a world that has transformed human life—everything is easier and more convenient. It’s difficult for young people today even to imagine the world of just thirty years ago. How did people get by with no cell-phones and no Internet? It sounds downright archaic, like the world before the wheel was invented.

Good News #2: The End Of Wage-Slavery

With the great gains in material prosperity that were steadily generated by the Industrial Revolution from the late 1700s onward, it was easy to overlook the fact that they involved a dark bargain: in essence, large numbers of the human race agreed to sell themselves into wage slavery. Rightly or wrongly, they agreed to be treated like slaves while at work. While they were in the workplace, they agreed to follow orders, even if those orders were demeaning, stupid or just plain wrong, i.e. slavery. To be sure, there was some interesting work to be had in some parts of some organizations. But they were the exceptions. What was valued was diligent following of orders.

So, although slavery was abolished in the political sphere by the mid-19th Century, it continued in the workplace in the form of wage-slavery, even if few were willing to call it that. The reluctance to face this social reality stemmed from the economic fact that wage-slavery was useful: it led to a huge improvement in material prosperity for most of society, at least for most of the developed world. The fact that it led to spiritually crimped existence for much of the human race was just a regrettable side-effect of “progress.”

Wage-slavery as an economic model thus continued from the late-18th Century until the late 20th Century. Then something went wrong. It turned out that wage-slaves could not deliver what the economy now needed. In a marketplace disrupted by globalization, deregulation, knowledge work and new technology, firms now required initiative, innovation, commitment, smarts, passion--the very opposite of wage-slaves.

As a result, a new kind of management was needed to enable this new kind of worker. Some called this way of running an organization “Agile.” Some used other labels. But whatever it was called, it wasn’t just a new process. It was a fundamentally different way of running organizations. It was economically more productive. And it has immense potential benefit for the human spirit. It can create workplaces that enable human beings to contribute their full talents on something worthwhile and meaningful—creating value for other human beings.

The end of slavery in the political sphere was a big deal. The end of wage-slavery in the workplace is also a pretty big deal.

The Bad News: A New, Darker Gilded Age

Yet as with any massive social change, there are also downsides. A summary of the issues is set out by David Dayen in an insightful article in American Prospect, “Big Tech: The New Predatory Capitalism.” He argues that “The tech giants are menacing democracy, privacy, and competition” and asks: “Can they be housebroken?”

Thus, the successful exponents of software and Agile are becoming so successful that they are now emerging as a threat to a free society, in the much same way, mutatis mutandis, that the big industrial companies of the late 19th Century (rail, oil, steel) became a threat to society and had to be broken up the trust-busters like President Theodore Roosevelt. A similar scenario needs to occur with the big IT firms. That’s a job for the public sector. Dayen's article sets out the agenda. True, it's hard to see how all this will happen in the current political environment. But it has to happen, if a free society is to survive.

Today’s Necessity: Embrace Agile

For the private sector, waiting for anti-trust action is not a solution. Continuing the management practices and structures of the lumbering industrial giants of the 20th Century won’t cut the mustard. To survive, let alone thrive, firms today must learn to embrace the new business reality: they are entering the age of Agile.


Understanding The Agile Mindset

The Agile management revolution is transforming the world of work. It took off in software development in 2001 and is now spreading rapidly, under various labels, to all parts and all kinds of organizations, including the five largest and fastest-growing firms on the planet. It is truly a Copernican revolution in management. As Professor Julian Birkinshaw declared in 2016, we have entered the age of Agile. Agile firms are now capable of delivering instant, intimate, frictionless value at scale. In case you hadn’t noticed, everything is different.

A striking feature of the revolution is the widespread view among Agile practitioners that success in Agile management depends on an Agile mindset. Initiates’ enthusiasm for that expression has sometimes sounded to outsiders like a pledge of allegiance. Such enthusiasm, while stimulating for practitioners, has often turned off newcomers, who sense or fear they are entering a cult.

What Is An Agile Mindset?

As to what “having an Agile mindset” means, things were initially unclear. Some resorted to the Supreme Court’s approach to defining pornography: “You know it when you see it.” Yet over time, the nature and content of the Agile mindset have clarified, particularly by way of contrast to the bureaucratic mindset that is still prevalent in many large organizations.

Practitioners are thus said to have an Agile mindset when they are preoccupied—and sometimes obsessed—with innovating and delivering steadily more customer value, with getting work done in small self-organizing teams, and with collaborating together in an interactive network. Such organizations have been shown to have the capacity to adapt rapidly to a quickly shifting marketplace.

By contrast, managers in traditionally run organizations are often said to have a bureaucratic mindset when they are primarily preoccupied with making money for the company and its shareholders, when they are organizing work according to rules, roles and criteria that they determine, and when they are operating the organization as a top-down hierarchy with multiple layers and divisions.

The bureaucracy that ensues from such a mindset often finds it hard to adapt to a world in massive rapid change.

The two different kinds of mindsets exert a powerful influence on the behavior of their respective organizations and can be seen as having the de facto force of organizational laws, as shown here.

It’s not that those with a bureaucratic mindset don’t care about the customer: it’s just that they generally focus more on making money for the company and its shareholders. Nor do they never use teams; it’s that in a bureaucracy, self-organizing teams are the exception, not the rule. Nor is operating as a network unknown in a bureaucracy: it’s just that maintaining the pyramid of layers and divisions is seen as more important.

A bureaucratic mindset, when shared by tens of thousands of staff, tends to create a radically different—and less adaptable—kind of organization than one peopled by those with an Agile mindset.

My First Encounter With The Agile Mindset

The profoundly pragmatic Agile Manifesto of 2001 makes no mention of any “Agile mindset.” My 2010 book, The Leader's Guide to Radical Management, talked about attitudes, approaches, points of view and philosophies but it didn’t mention “mindset” either.

I first came across the term “mindset” in 2015 when the member firms of the Learning Consortium were trying to describe what they had learned in a series of site visits to firms like Microsoft, Ericsson, and Menlo Innovations who all said they implementing varieties of “Agile management.”

In those discussions, we asked ourselves: what exactly were these firms doing and why? We were puzzled by the many variations in principles and practices that we observed, as well as by the fact that some firms seemed to embody the spirit of Agile without ever using the Agile label.

What did these firms have in common? We were struck by one thing: managers in successful firms seem to speak and act differently from those in the less successful firms. When managers spoke and acted in this way, benefits seemed to flow even if there were shortfalls in processes, practices or systems. By contrast, when managers spoke and acted in a more traditional bureaucratic manner, few if any benefits seemed to flow, even when the firms were implementing Agile processes and practices according to the book.

What was going on?

In our discussions in the Learning Consortium, Menlo Innovations CEO Rich Sheridan suggested a term that might encapsulate what we were trying to describe: these managers could be said to have “an Agile mindset.” Those who didn’t, didn’t. And that was the central conclusion of our 2015 report.

In fact, the term, “Agile mindset” had been pioneered at least five years earlier in 2010 by Agile thought-leader Ahmed Sidky, as depicted in his brilliant diagram below, which shows the Agile mindset as preceding, and even driving, the values and principles of the Agile Manifesto.

Carol Dweck’s Growth Mindset

Even earlier, in 2006, Stanford psychology professor Dr. Carol Dweck had popularized the term, “mindset” in her best-selling book, Mindset: The New Psychology of Success (Random House, 2006). She distinguished between a Fixed Mindset and a Growth Mindset. The Fixed Mindset was one in which “I believe that my intelligence, personality, character, are inherent and stale. locked down or fixed. My potential is determined at birth. It doesn’t change.” By contrast, a Growth Mindset was one in which “I believe my success is based on hard work, learning, training, and doggedness.” Dweck offered educational research showing that teaching practices based on a Growth Mindset got better results than those based Fixed Mindset.

Some Agile practitioners have equated the Agile mindset with Dweck’s Growth Mindset. That is an unusual usage, as it would appear to omit the main elements of the Agile management revolution—the focus on customers, small teams and networks. Dweck’s own research is thus more concerned with individual education than management.

Two further concerns about Dweck’s work should also give pause to those equating the Agile mindset with the Growth Mindset. One is that Dweck’s research has, despite multiple efforts, yet to be replicated—a key requirement to establish its validity in its original field of education, even before exporting it to management.

Another is that the management examples cited in her wide-ranging book appear somewhat the opposite of Agile management. The Growth Mindset is said to have led Jim Collins’ firms from Good to Great and its heroes are said to include Jack Welch at GE and Lou Gerstner at IBM. Meanwhile, the Fixed Mindset is cited as the reason behind the failures of Lee Iaccoca at Chrysler, Albert “Chainsaw Al” Dunlap at Sunbeam, Steve Case of AOL Time Warner; and Ken Lay and Jeff Skilling of Enron. In such boldly expansive writing, one has to wonder whether the concepts of Growth and Fixed Mindset have been stretched from their original concept beyond breaking point.

Douglas McGregor’s Theory Y

The Agile mindset is also often associated with the work of MIT management professor Douglas McGregor. His Theory Y, in which managers are encouraged to trust and support their people to do the right thing, is opposed to Theory X, under which managers distrust their employees and tell them what to do. McGregor’s book The Human Side of Enterprise (1960) is an application of the concept of mindset before the term itself became popular.

While the Agile mindset is congruent with the Theory Y mindset, it goes considerably beyond it. Thus McGregor remained neutral on the roles of the customer vs. the shareholder, the hierarchy vs the network, and even Theory X vs Theory Y. His approach offered a way of looking at the issues rather than solving them and was more influential among humanistic thinkers than it was among managers. In the decades following 1960, firms focused steadily more on downsizing and shareholder value. Theory X came to dominate, while Theory Y remained a largely unrealized ideal.

Gil Broza: Multiple Mindsets?

Gil Broza in his interesting book entitled The Agile Mindset (3P Vantage Media: 2015) wrote that a leader may have multiple mindsets – Agile, Waterfall and Lean – and may choose the appropriate mindset according to the task at hand as if choosing which pair of clothes to wear on a particular day.

The elements of the Agile mindset, however—the prioritization of customers over shareholders, of self-organizing teams over boss-driven individuals, and of networks over top-down hierarchies—are not the kind of viewpoints that are likely to change on a daily basis. Nor are the objects of the Agile mindset amenable to adjustment on a moment’s notice. There is thus much to be said for the view that you either have an Agile mindset or you don’t.

Agile As A Professional Mindset

It may be better to think of the Agile mindset as something akin to the mindset of a profession, such as that of a lawyer, a doctor or an economist. Thus, lawyers, doctors, and economists think about certain problems in characteristic ways. They notice certain kinds of information, data, and concerns in their respective subjects. They analyze the issues in their respective ways. They pursue their respective kinds of solutions. These different ways of thinking, perceiving and acting as lawyers, doctors, and economists, are acquired over years of training and practice, which in turn generate characteristic attitudes, values, modes of thought and approaches to problems. Professional mindsets are not things that can be acquired overnight or a two-day training course.

Similarly, those managers with an Agile mindset also pay attention to certain kinds of information, data, and concerns. They analyze problems in particular ways. They tend to pursue certain kinds of solutions—focusing on value for customers, working in small teams and operating as a network. Their ways of thinking, perceiving and acting are often acquired over a period of years of practice. We should not be surprised that the Agile mindset too isn’t something that can be acquired overnight or a two-day training course.

What we are talking about with the Agile mindset is the emergence of management itself—finally—becoming a real profession.

The Nature Of The Agile Mindset

The Agile mindset is an attribute of practitioners more than theorists. It is pragmatic and action-oriented more than a theoretical philosophy. It goes beyond a set of beliefs and becomes a tool for diagnosis and the basis for action. It tends to be built on the hard-won knowledge of experience and crafted from the lessons of trying to cope with massive change in the face of incomprehensible complexity.

The Agile mindset might also be called a framework, a paradigm, or a common model. Yet “mindset” seems a better choice of word, reflecting a coherent tradition of exploration, paths of analysis and patterns of reasoning.

The Agile mindset reflects ways of thinking that have developed over time. It is a certain cast of mind that emphasizes some things over others. It should continue to grow and evolve. It reflects attitudes and viewpoints that tend to endure. Over time, it leads to people being seen as having a certain makeup or character. Once we have understood the Agile mindset, we can anticipate types of behavior that should occur.

Lessons From Earlier Shifts

Big, deep, epochal changes of the kind we are now undergoing have led to deep changes in society before, such as Copernicus’ revolution in astronomy in 1539 and Sir Frances Bacon’s revolution in science in 1620. In those intellectual revolutions, we can see that the processes and practices varied, but in each case, the change was driven by a constant mindset. We can also see that in each case, change was initially resisted and full adoption by society took a very long time. Fake versions of the change were also continuing problems. Yet in the end, resistance was futile. The better mindset proved stronger than society and prevailed.

Agile of course is more than a mindset. It includes many different values, principles, and practices. But what is important is the human intelligence, the sensibility, and the values that are driving those processes, practices, and systems. They may be used for good or evil. They may lower and dehumanize humanity or to uplift and sustain it. Understanding the Agile mindset may help us attain the latter.


Explaining Agile To Your Boss? Here’s How

Business agility is a complex multidimensional concept, as shown in the table below. Explaining each dimension to a traditional boss is more likely to result in mental overload and frustration than comprehension, even if he listens to the whole explanation, which itself is unlikely. Can the magic of metaphor help?

The first impulse in searching for a metaphor is often to look for something agile like an acrobat, a ballet dancer or a squirrel. This usually doesn’t help because it gives no clue that the concept of the Agile enterprise has come to mean a great deal more than the English adjective, “agile.”

Nevertheless, metaphors can help to illuminate Agile’s key principles. Here are several possibilities. 

1. The Goal Of The Firm: A Copernican Revolution

In terms of the goal or ideology of the firm, business agility implies a shift from a focus on making money for the firm to a focus on delivering more value to customers.

It is akin to the Copernican Revolution in astronomy in which we realized, contrary to the evidence of our own eyes, that the Earth is revolving around the Sun, not vice versa. This changed not only astronomy but the society as a whole: social phenomena like the Divine Right of Kings and the Roman Catholic Church started to look implausible once we realized that the Earth is no more than a speck of dust in a much vaster universe. Everything began to look different.

Similarly the business agility revolution involves the realization that in a complex and rapidly changing world, the firm revolves around the customer, not vice versa. Everything the firm does now has to be viewed from how it affects the customer, not just whether it made money for the firm. “Delighting the customer” is no longer just a slogan: the whole organization needs to be mobilized in this cause.

Making money becomes the result of the firm’s activities. Happily though, as the experience of Agile firms like Amazon shows, delighting the customer makes more money for the firm and its shareholders than explicit efforts to make money off the customer.

2.    Architecture Of Work: U.S. Football Vs. Basketball

In terms of the architecture of work, business agility involves a shift from bureaucracy—i.e. individuals filling roles and reporting to bosses—to a mode of operation that draws on the full talents of staff, often through small self-organizing teams working in short cycles. This shift is similar in some ways to the difference between American football and basketball.

The 20th century corporation is in some ways like an American football team, which in the NFL is tightly controlled by a “coach” who makes all the decisions about strategy, about who will play, about how the players will play and about what specific plays they will make. In fact, play is stopped every few seconds to enable these top-down decisions to be communicated to the players.

By contrast, an Agile corporation is more like a basketball team in which the players play as a set of sub-teams (offense and defense) within an overall team. The coach is a real coach and stays off the field of play. Decisions about how to play and what specific moves to make are the responsibility of the players.

This in turn leads to a very significant difference in actual playing time. In basketball, a two-hour game has at least 60 minutes of playing time. By contrast, a 3-hour game of American NFL football has only 11 minutes of actual playing time.

This phenomenon closely resembles the difference between bureaucracy and agility. In a bureaucracy, often more than 50% of the time is spent reporting on work that has been done, is currently being done or will be done in the future, rather than actually doing work that adds value to some client. By contrast, in Agile enterprises, most teams have a clear line of sight to the customer; any work that is not adding value to a customer is questionable. As a result, real waste is systematically eliminated.

It also illustrates how identical words can have radically different meanings. For instance “coach” means something radically different. In soccer, a coach is actually a coach who sits on the sidelines and lets the players play, while in American football, a coach is a commander and controller who, though also sitting on the sidelines, is actively deciding every play—a quintessential micromanager.

In the same way, the term “manager” means something very different in a bureaucracy as compared to an Agile enterprise. Part of the transition from bureaucracy to business agility involves not only learning the new meanings of apparently familiar words but also changing the behaviors associated with those words. This obviously doesn’t happen overnight. As social theorist Thomas Kuhn suggested, it can be like “entering a new world.” The firm becomes much more productive because it is drawing on the full talents of those doing the work, and who are in constant contact with customers. In such firms, human beings are creating more value for other human beings.

3. The Firm’s Dynamic: PC Vs. iPhone Apps

In terms of the dynamic of the firm, a 20th Century firm is like a 20th century PC: its components operate separately as separate computer programs. To get anything done, you have to close one program and open another. The programs didn’t interact well with each other. The very structure of the system gets in the way of getting anything done.

Similarly the silos of a 20th century firm are often in competition with each other. As former general Stan McChrystal explains in his book, Team of Teams. I, there were “very provincial definitions of purpose: completing a mission or finishing intel analysis, rather than [winning]. To each unit, the piece of the war that really mattered was the piece inside their box on the org chart; they were fighting their own fights in their own silos. The specialization that allowed for breathtaking efficiency became a liability in the face of the unpredictability of the real world.”

By contrast, the dynamic of an Agile firm resembles the apps of an IPhone. The apps interact easily with each other as a result of predefined interfaces. The apps are “always on”and interact almost immediately.

In an Agile organization, the artificial barriers between different parts of the organization are eliminated. The firm operates as a network, where ideas and information can flow up or down or horizontally as needed, not just top-down. Instead of teams and units being at odds with each other, now the firm becomes a set of teams that interact with and collaborate with other teams with the same connectivity, interaction and passion as they do within their own small team. As a result, once the manager accepts the new way of doing things, there is much less pressure on the manager.


Data Security Solutions for Fintech Startups

The fintech sector has brought consumers an endless stream of modern offerings that have enabled them to ditch several outdated banking and lending products.

Companies now have advanced B2B payment solutions at their fingertips, and online financial solutions have never been more convenient - largely thanks to the progress made by fintech startups.
But, despite being on the cutting edge of digital financial products, young fintech companies are at a disadvantage in a wildly important arena: data security.

Table of Contents

- What is Data Security?
- The Importance of Cyber Security in Fintech
- Data Security Challenges Faced by Fintech Startups
- Modern Fintech Data Security: Trends and New Innovations

With limited resources, growing compliance regulations around the world, and a constantly-evolving list of increasingly dangerous cyber threats, fintech startups face a uniquely difficult uphill battle.
And, with data breaches continuing to leer as an ever-present security threat, fintech firms are turning to new and advanced approaches to data privacy.

But, first, what do we mean when we talk about data security for startups?

What is Data Security?

Data security is the process of protecting digital assets - like information stored in a database - from unauthorized access by unapproved actors.

When we refer to data security, we’re simply talking about the set of standards and technologies that protect your business’ data. These days, data security is a fundamental aspect of IT at any modern organization.

From encryption and tokenization to cloud storage, data security technologies run a wide spectrum - and a number of advances have been made in recent years. This progress has been in response to, though not quite as speedy as, the growing sophistication of large-scale cybersecurity threats - like data breaches.

In the healthcare sector, for example, Black Book Market Research found that 96% of healthcare IT professionals agreed that data security attackers are outpacing their medical enterprises.

Healthcare data breaches will cost the industry $4 billion by the end of the year. Next year, by Black Book’s estimates, will be even worse.

And that’s just the healthcare sector.

Organizations from all industries are vulnerable to data breaches - especially in the age of ID verification, endless online payment methods and 1-click purchasing.

Even multinational tech giants have fallen prey, in extremely public ways. Yahoo just reached a $117.5 million class-action settlement with the victims of its infamous 2016 data breach.

That announcement came on the heels of a $700 million settlement that Equifax reached to deal with the aftermath of a 2017 data leak that exposed the Social Security numbers of almost 150 million consumers.

We could keep going down the list - data breaches happen, and they happen to organizations with ample resources invested in information security.

What about smaller organizations?

The Importance of Cyber Security in Fintech

Financial technology companies have revolutionized the way that consumers bank, how startups reach their customers and how businesses all over the world can run more smoothly.

Fintech investments took off in the past five years - providing us with simple alternatives to slow, conventional financial solutions.

Advances in the industry has brought us instant P2P payments, purely-online banking, seamless B2B solutions, innovative lending approaches and products that many businesses and consumers can’t even imagine living without at this point.

But the global fintech ecosystem’s consistent growth, potency and complexity make it inescapable that some solutions won’t be secure enough to guard against sensitive data exposure. It’s likely that these vulnerabilities will keep getting identified by attackers, then exploited.

This is a harsh reality that modern businesses are realizing - and starting to invest against.

We can see this when we look at application security spending. Businesses are pouring money into protecting their applications and the data flowing through them.

According to Market Research Future (MRFR), the worldwide application security market is expected to reach a staggering $9.64 billion by 2023 - up from just $2.56 billion in 2017. That’s an annual growth rate (CAGR) of 24.95%.

Within this market, SMEs are estimated to be the fastest growing investors in application security, when broken down by type of organization.

Unfortunately, when it comes to data privacy and protecting sensitive information, fintech startups face a unique set of challenges that make growing their core business an even more difficult endeavor than it already is.

Data Security Challenges Faced by Fintech Startups

In the world of securing sensitive data and avoiding data breaches, younger organizations in the fintech space have it especially hard.

Why is that so?

1. Reliance on sensitive user information

These days, fintech and data analytics go hand-in-hand. From robo advisors to AI-powered saving apps, data-driven technologies have been at the heart of the fintech revolution.

With fintech products deeply intertwined in modern retail banking, asset and wealth management, capital markets and insurance, organizations in this space are inevitably going to have to handle and store sensitive information from your users.

From ID verification to processing credit card payments, large volumes of sensitive data will make its way onto the databases of fintech organizations. The mere possession of such sensitive consumer information puts them both at risk of sensitive data exposure and places them within the scope of any number of data privacy laws.

2. New, updating and evolving data privacy laws

The nature of how fintech startups do business make it so that a lot of sensitive data hits their systems, which attracts the interest of government regulators - who are increasingly focused on protecting consumer data.

In the last few years, governmental regulatory institutions around the globe have started to take greater steps in protecting the rights of consumers when it comes to their personal information.

From Europe’s General Data Protection Regulation (GDPR), effective since 2018, to the soon-to-be-implemented California Consumer Protection Act (CCPA), businesses are suddenly needing to juggle compliance certifications for new regulatory frameworks.

Not only that, but fintech companies that accept or process credit card transactions have already been saddled with the burden of needing to maintain compliance with PCI DSS - a set of requirements that are aimed at preventing credit card fraud.

3. Limited resources for securing personal data

To successfully prevent data breaches and - simultaneously - meet the complex requirements set forth by legal frameworks like the GDPR, the CCPA and PCI DSS, you’re going to need a team of information security experts and compliance specialists that can create data flow maps, secure your networks and sensitive data storage solutions, ensure that you’re meeting regularly compliance rules… the list goes on.

Conglomerates have the resources to put towards a large-scale data security effort, but fintech startups have much less at their disposal.

4. Increasingly sophisticated cyber threats

As mentioned above, even some of the most widely-recognized tech brands have suffered from data breaches. From increasingly sneaky malware to highly-targeted phishing attacks, which skyrocketed 250% higher last year, there are simply too many ways for threat actors to gain access.

It just takes one team member on the wrong end of a phishing campaign to trigger a sensitive data exposure event - which can ruin a startup-stage business overnight.

And it’s not just unauthorized malicious actors that fintech startups need to be worried about, as there are threats coming from all angles - even some unexpected ones.

According to Verizon’s Insider Threat Report, 57% of database breaches involved some kind of insider threat from within an organization. Add that to the possibility of accidental sensitive data sharing and ransomware attacks, and covering all your bases becomes a costly and complex endeavor.

Modern Fintech Data Security: Trends and New Innovations

Thankfully, advances in the realm of data security have sprung up in recent years, helping relieve much of this pressure faced by fintech startups that need to secure their sensitive data.

From tokenization to data encryption, fintechs have employed a number of tried-and-true data security methods. Even with innovative approaches like these, however, data breaches are still a probable threat.

If sensitive data is stored in your database, there is a chance it will be exposed, and there are several avenues through which this could happen.

Fortunately, VGS has been securing fintech startups’ sensitive data for years using a next-generation data security approach that enables businesses to evade storing sensitive information on their systems altogether - while still enabling businesses to reap all the benefits of the original data.

This approach is called data aliasing, which is a technique that redacts sensitive information in real-time and replaces it with a synthetic data alias, enabling organizations to offload their data security responsibilities entirely by keeping the original data off their systems.

Businesses simply put their data security burden in the hands of VGS, which takes care of all sensitive data collection, storage and transfer on their behalf.

With their systems significantly freed from sensitive data, businesses’ data security and compliance scope is drastically minimized - enabling them to spend time focusing on innovating their products instead of designing a complex data privacy policy.

This article was originally posted on Very Good Security.

How To Get Innovation From Service Providers and Vendors

Companies today hold all business functions to a mandate for innovation. Innovation should create business value (a better experience for employees, customers, and partners). It should create agility and speed. It should make business functions more easily adaptable, easier to change. And it should also lower the cost of the functions over time. The benefits are clear and obvious. But the truth is innovation is illusive and hard to get.

It’s hard to get because innovation is disruptive. It sets off change. Change is painful. Institutions resist change because it’s ambiguous. Implications cascade across many dimensions and across all components of the operating model.

Most organizations’ approach to innovation is episodic. Innovation occurs in unexpected and serendipitous ways. Someone uncovers a new technique, a new source of talent or a new relationship with a stakeholder. An executive gets an idea, a vendor brings new technology or a competitor does something to gain an advantage. All these things create opportunities for innovation. But the ability to get an organization and its business processes and functions to adopt it is hard.

Because change is so painful, organizations find it easier to maintain the status quo. That’s also the case with vendors and third-party service providers.

Why Service Providers Don’t Innovate For Customers

One of the most frequent comments we at Everest Group hear when talking to executives responsible for a service line is “We don’t get innovation. We believe that there is more innovation to be had, but it’s very difficult to get our organization (and particularly our vendors) to not only bring us innovative ideas but also do it in their service lines.”

It’s all very well for a provider or vendor to use an innovative idea to try to take work from other vendors. But that unleashes a huge amount of change. It would be much better if a company’s existing vendors would bring innovation in the services they deliver. Although companies frequently ask for that, they are also just as frequently disappointed.

Companies find it’s much more desirable to get innovation from their incumbent providers than it is to introduce new providers. They don’t want to go through the expense, dislocation and change management of shutting down one provider and standing up another. But it’s hard to get incumbent providers to innovate. They are not incented to bring innovation. They have an incentive to maintain the status quo. Furthermore, they may have incentives to take costs out, but they would rather capture that cost themselves and increase profit margins than bring it through increasing value. They see innovation as a means to charge more, not do a better job.

Some providers try to use innovation to open adjacencies and grow new service areas, but fundamentally this is a conflict. Furthermore, providers struggle with revenue compression. Many innovations create efficiencies and, therefore, reduce the amount of revenue they can get for the same function. That creates a conflict of interest for them. Like all businesses, providers want to grow their revenue as well as their profit, but asking them to innovate is asking them to do something that will shrink their revenue, at least in the areas in which they apply it. They operate in a PxQ = R model (price times quantity = revenue). If you shrink the Q, which is the bigger number, the revenue inevitably falls.

How To Drive Your Service Provider To Innovate

The answer to the innovation dilemma is to think of innovation for every one of your company’s business services (a business process or function) as a journey. Don’t think about trying to drive innovation in big, incremental step changes. That approach is very difficult and ends up

Think of it on an ongoing monthly basis. Set up an environment in which you bring ideas to the internal organization and the vendor community as to how they can change.

Recognize that it’s very difficult to do this in step-change functions. That ends up requiring that your company replace its vendors, which I’ve already discussed as not advisable or, at least, only a second option. If you’re looking to drive ongoing innovation out of your incumbent vendors, you need to approach it as a journey.

Recognize that much of the challenge of innovation is change management. You need data and insight to drive institutional conviction so the organization can understand the benefit and how to overcome resistance and move down that path.

The innovation journey will involve changes in technology, changes in talent, changes in customer experiences and, eventually, change in the business operating model. Company leaders must digest and understand all that change. Thus, it’s important that you break the journey into small steps, feeding the information in consumable pieces. Helping them understand the change involves a lot of persuasion that needs to happen over time. Ask the organization to do only the change it’s capable of doing at the time.

The information you’ll need to provide leaders to get institutional conviction requires:

  • Knowing what changes in technology to present to your vendor and your organization
  • Recognizing what innovations are happening in the marketplace regarding technology and business processes
  • Placing that information into the context of the business service the internal organization or service providers deliver.
  • Understanding where your company’s opportunities are.

All this information requires a source of technology competitive intelligence, peer intelligence and ongoing data and facts to help to drive the change that cascades from innovation.

Once you have this information on an ongoing basis, you can introduce the necessary data and facts in digestible pieces to maintain institutional conviction regarding innovation opportunities and approaches on an ongoing basis.


Your Tech Is Great - Now, Get Your Employees To Use It

Whether you lead a company, a function or a team, here's a problem you've probably faced: Your company just invested a lot of money in a new technology, which can do 99 things better and faster than the old way, but no one is using it, or they're using just one or two of its capabilities, not all 99.

This example corroborates the findings in a report published by IDC (via CIO), which stated that "70% of siloed digital transformation initiatives will ultimately fail because of insufficient collaboration, integration, sourcing or project management."

In marketing, I see it all the time. From my experience, customer-centric modern marketers should be using the latest marketing technology. AI-driven marketing analytics, for example, can help marketers tailor and pace communications for each targeted individual, measure results in real time and alter campaigns on the fly while giving professionals and partners the right data at the right time for strategic decisions.

But most employees don't have a tech background. Many view the essential eight technologies (including AI and blockchain) as mystifying, not exciting. Plus, they already have jobs to do. They're not thrilled with spending hours at training sessions. Many will drag their feet and do as little as they can with the new tech for as long as they can unless you roll it out just right.

Give insiders the outsider treatment.

I like to think of my team the way I think of my company's clients, which is as valued individuals whose professional lives I want to make better and more productive. So when we roll out new technologies in-house, we use some of the same strategies that we do with clients:

Earn attention. You don't expect clients to be a captive audience. Don't demand it from your employees, either. Instead, make learning a game through engaging apps that turn lessons into friendly competitions. The best of these apps make the competition team-based to strengthen a collaborative mindset.

Offer bite-sized pieces. You wouldn't ask clients to sit through hour-long lectures. With your employees, offer apps that provide lessons in bite-sized pieces so they can "nibble" in their spare time. And if those apps are games, these "snacks" will feel like breaks, not extra work.

Make it active. Some of the most effective marketing gets people doing something, not just watching. Similarly, the best upskilling apps enable employees to quickly accomplish something with the new tech. People retain 5% of what they hear in a lecture but 75% of what they practice.

Be transparent — and humble. You wouldn't keep your clients in the dark or ignore their feedback. Similarly, tell your team exactly what your expectations are, and provide channels for them to say if anything isn't working. And when they talk to you, listen!

Win the influencers. In companies, the key influencers aren't social media stars but middle managers. Get those internal leaders on board by demonstrating the new tech's benefits for their teams, giving them some authority over the rollout and listening to their needs.

Keep track, and stay agile. Just as modern marketers follow the progress of campaigns in real time and adjust as needed, do the same with your tech rollout. Monitor employee engagement with usage analytics, and be ready to course-correct.

Give more power to your people. Make it easy for those who are accountable for business goals to see adoption progress and steer that behavior.

Everyone is trying it.

Most large companies, by their nature, resist change. But every large company has to change, rolling out newer and better digital technologies and getting its workforce to use them. Even Amazon and Microsoft have recently launched major upskilling initiatives.

But even if everyone is trying to get its workforce even more digital, many are failing. That's why if you want your company to be a winner of the Fourth Industrial Revolution instead of a casualty, you'll have to do more than offer your employees new opportunities. You need to get your teams excited to learn and use them.