Strategy

Strategy
Tell me a time when you were pretty confident this product or feature was going to fail, but because consensus was ship it, it shifted anyway. And it ended up being a big winner where you were like, "Oh, well, I guess I was wrong."

Top Answer : I've got to tip my cap to the head of product management that works for me. QuickBase had this login screen for our users when you're coming to use our platform. It was a super elegant fully white screen with the dialogue box and a login or canceled type of thing. We have 10,000+ hours per week that eyeballs are looking at that screen. Somebody on the team had the bright idea treating that like ad space. Shouldn't we announce that we have a user conference coming up? Shouldn't we announce that there's a big release coming up of a new feature set? Shouldn't we give pointers to resources? We have a very robust co-op program at QuickBase where we work with universities to bring in CS students to be part of our dev teams. Over the course of a month, they basically rebuilt the homepage so that the sign-in page now has information and other resources. It's been immensely helpful in terms of driving more usage of other capabilities and features. That to me was a really good example of something that was really obvious and just all upside for us. A more nuanced example comes from two years ago. We were building and delivering a new workflow automation capability inside of the QuickBase app. We were all kind of like, okay, this is really important. We're really glad to be bringing this, but it was really only seen as a step on the roadmap for us. And the reality is we launched that and very, very quickly the usage and the adoption of that capability just completely outstripped any thoughts we had had of demand for that capability. A third of our customers within just a couple of months were using that capability. It got so acute actually that we looked at it and said, we're going to need a bigger boat. So that actually was one of the core elements that drove an acquisition we made last summer of a company called cloud pipes, which is now kind of the foundation of our integration and workflow platform.We’ve got a lot of Zapier-like capabilities to connect to third party systems and a very, very robust, highly scalable workflow automation capability. That's going to be a very strategic platform. And it was all unlocked by the building and shipping of automations, which we knew was going to be important. We had no idea how important it was going to be.

Innovation:  AI Investment and AdoptionInnovation: AI Investment and Adoption

AI/ML investments are well underway at leading companies and show no signs of slowing. But are these massive investments generating the business results they promise? Your IT peers tell all.

This quarter, are you planning to launch application rationalization initiatives (to cut operational costs, improve resiliency, etc)?

Top Answer : We’ve been doing it for years and have a dedicated team of employees and contractors focused on that as a primary goal. And each application team has a supporting goal to reduce X% and $X cost each year. The last year I was involved we took out over $10 million in license, support and infrastructure cost.

432 views
1 comments
0 upvotes
Related Tags
Digital transformation unlocks a ton of opportunity. How do you focus and prioritize? How do you choose what to say yes to?

Top Answer : It's really important to go from outside to in, and to think left to right. Outside-in is basically that you've got to start with the customer in mind and really understand what's happening in the market and understand what your customer is, or prospective customers are, hiring you to do: What job did they want to hire your platform or an alternative platform to do for them? Because that starts to really get you familiar with what are the obvious features that are needed to solve the requirements that they have. And then what are the non-obvious or the latent desires that they have to solve those problems? You just have to spend a lot of time on that dimension first, before you come back to determining the solution, or how to build something.  It's a foundational point because it can be so easy for an engineering and a product organization to start thinking about the things they know how to do, or technology they are comfortable building, and start building technology for the sake of technology. That's not really helpful. I think you see this a lot, for example, right now in AI companies. Every company that wants to get funded in the Valley is basically like, well, we're an AI company. And that's awesome. AI is a transformative technology. There’s going to be a ton of really big companies that come out of this wave, but I've talked to various senior IT leaders at big companies and they'll say, “look, if I talked to one more AI company that is solving a problem for me that I didn't even know I had or cared about, I'm going to scream. I want an AI company that's going to solve a problem that I do care about because I've got like 50 of them. So please help me with that.” So that's really what I mean when I talk about outside: start with the customer. Really start outside your four walls and then work backwards. That's outside-in.  Left to right is really about ensuring that as a product organization, I'm not just thinking about building technology and delivering it into the market. I've got to be thinking about how that connects all the way through to what we're marketing, what we're selling, how we're supporting it, and what our channel partners are going to do. Our product really is foundational to what the customer is hiring us to do, but it really is that whole portfolio of how what we're building is aligning to what is being sold and how what is being sold by the people on the front lines is aligned into what we're building that is important.

2 views
1 comments
1 upvotes
Related Tags
How can CIOs make a successful digital transformation at their organization?

Top Answer : Digital transformation is of course the number one priority of the vast bulk of CIOs we work with. We believe that organizations need to think of what I call dual track digital transformation. One set of things are going to be your big rock efforts. When I was at Hewlett Packard enterprise, we worked with the largest and most complicated IT shops on earth. And we were a trusted partner to those shops. I worked with dozens of customers that were on these big rock digital transformation journeys. Things like I'm going to upgrade my network. I need a new CRM. I need the 3-5 huge projects that often take 3-7 years and are really costly. I can't tell you how many times I talked to a customer and they'd say, “you know what, we're 5 years into our journey. We thought it was going to take 6 years. It's probably going to take us another 10 years to get where we need to be.” And you just kind of realized this is just too long. It's just not responsive enough. I know you need to do it, but there's gotta be a better way for software to provide points on the board for the CIO in the here and now. I don't want to go to a CIO and say, look, it's going to take you 3 years to get this solution, when it really is going to be 5.  They take a long time. They're important to do, don't get me wrong. But the challenge is customers aren't going to wait around for three years for you to get a new network. They want better service now. I started to learn about QuickBase, I got very intrigued very quickly because it presented a model, and low code more recently has grown as a market. It presented that roadmap to say, look, we can help you put points on the board quickly. And I think that's so critical in this environment, especially. COVID has only exposed that more. You have to be able to respond really quickly. And so we talk a lot about this concept of a dual track transformation, where you really need to enable the organization to spin up and iterate on solutions at the edge of the business really quickly so that you have that ability to get better every day and be more responsive to the market as a whole.

8 views
2 comments
1 upvotes
Related Tags
Securing a Distributed WorkforceSecuring a Distributed Workforce

This Pulse survey of 100 security executives brings to light the security challenges teams have faced during the pandemic, and how they’re filling security gaps.

0 views
0 comments
Related Tags
How has the Solar Winds breach impacted how your organization thinks about IOT security?

Top Answer : We have been using SolarWinds since before I got to campus, so we're on the hook to think about this type of impact. The reality is until somebody is breached, until somebody is personally affected, no one pays attention. At UCLA, we know our leadership is definitely concerned about ransomware and security issues in general. Those are the things that get people's attention, and then once you've got their attention, you can actually try and move forward with a solution, or multiple solutions. The difficulty there lies in needing more people. There just aren't enough people with that skill set already in place to be able to do that. Even though you want to rush to fix the problem, it's still months away until you can get that group of people together that can actually start to move forward, get it resourced, get it funded, get it organized in a way that you can actually implement something and do it. You can't knee-jerk react to Orion and say, "Oh, let me fix the problem." No, too late. Beforehand we had FireEye. FireEye was what picked it up for us. FireEye is relatively new to us and if we didn't have FireEye, we'd have no idea. And I'm one of the lucky ones, at least for now, it doesn't look like it phoned home. I don't have ADFS. This goes back to technology, right? When I walked in the door, we didn't even have a SIEM, right? It's been on my list. We implemented Splunk in June. I can go back now and look at Splunk and see what happened... yay, right? Again, it seems like these little moral victories, that you would think would be normal blocking and tackling. These solutions need to be in place. You need the right tools in the toolkit to be able to help yourself survive.

Driving Digital Transformation Post-CrisisDriving Digital Transformation Post-Crisis

How have digital transformation priorities and challenges changed because of COVID-19? 100 CIOs share their thoughts.

0 views
0 comments
Related Tags
What's a greater concern for returning to the office? Comment how you are prioritizing...

Top Answer : The majority of our focus is definitely on the human factors as the technical factors are mostly related to things we had to solve as we went distributed.  We will need some additional technical stuff to support the human factors (eg. scheduling software to limit the # of people in the office at the same time) but solving the human factors of helping people to feel comfortable, ensuring that safety precautions are being followed, etc... are much harder and why it will be a while before we go back.

How should IT leaders and security think about backup strategy?

Top Answer : Obviously it is important to back-up data, that kind of goes without saying. But the fact is, data is everything at this point: the data we're creating, the attributes about the data, the location of the data, everything we're doing with data is important. Equally important are the analytics that we can do against that data. For example, if you're backing up your laptops, you can very clearly see what files are on laptops and that helps you track down malware, PII, or other exposure. If many people have downloaded the same file, you can go through and find that file and eliminate it. From my standpoint, knowing what's on your endpoints, knowing what's in your SaaS apps, knowing what you have and where you have it is essential. It is not just critical to back it up, but also just knowing what you have and where it is.

8 views
2 comments
1 upvotes
Related Tags
How do you build a security-focused culture within IT?

Top Answer : It's a culture shift you have to create by educating people on what it is that you're actually doing. I've found that when we set up something new, a lot of people ask us questions about what we're doing. The first thing they want to know is basically if the company is watching what they post on social media or what they buy on Amazon. They don’t understand that's the least of my worries. My worries are, “Did you accidentally send out something with a bunch of PII to someone you shouldn't have sent it to?” Those are the real concerns, things that create liability for the company, because our entire job is to enable the company to securely be productive. So I think that's the first thing is to get everyone on board and explain what we're looking to do and what we're trying to protect against. This isn't about a big brother situation. I always tell people, "What you do on your computer is a productivity situation between you and your manager. What we do to secure the endpoint, is to protect the company." I like to impress that upon people.

6 views
3 comments
1 upvotes
Related Tags
Has anyone performed a cost benefit analysis related to risk reduction for security tools?  If so, how did you go about it?

Top Answer : Determining the cost benefit investment in security tools can be tricky and rather subjective. Especially considering some of the risk being mitigated by the tool can be due to human acts. For security tool evaluations, two scenarios are most likely: a random event or an intentional/unintentional human act. The most common cost valuations for security tools are: costs of non-compliance, cost/impact of a hacking event/data breach or the cost of reputational risk. Quantifying any of these costs can also be a challenge but losing customer trust can ultimately be the worst outcome and lead to a loss of revenue. According to IBM, nearly 40% of the average total cost of a data breach stems from lost business. Penalties against organizations that collect and manage personal data or health data can be very costly. Projecting the cost of a data breach to an organization could be quantified by using published penalties under whatever regulatory rules an organization must comply with. However, the regulatory landscape is very complex in the US and can vary from state-to-state, especially when breach notification is involved. According to IBM, the average costs associated with data breaches in 2019 were approximately $8M PER breach. In evaluating a security tool, a reasonable metric for use in a cost benefit analysis may be the penalty cost per record the tool is used to protect. According to IBM, in the US, the average cost of each lost record was approximately $146 in 2019. The most expensive type of record to lose was customer PII records, which are involved in around 80% of all data breaches. Therefore, the tool evaluation needs to address: mitigation of the adverse consequences associated with a breach (penalties, loss of reputation, etc); mitigation of any likely causes of a data breach (events, human acts) and management of the risk going forward (prevention of lost business).

7 views
1 comments
3 upvotes
Related Tags