Platt Perspective on Business and Technology

Rethinking national security in a post-2016 US presidential election context: conflict and cyber-conflict in an age of social media 3

Posted in business and convergent technologies, social networking and business by Timothy Platt on August 16, 2017

This is my third installment to a new series on cyber risk and cyber conflict in a still emerging 21st century interactive online context, and in a ubiquitously social media connected context and when faced with a rapidly interconnecting internet of things among other disruptively new online innovations (see Part 1 and Part 2.)

I concluded Part 2 of this narrative by proffering a briefly outlined solution to a problem, and in a way that could be seen as highlighting a fundamental conundrum faced. More specifically, I wrote in Parts 1 and 2 of how new and emerging value-creating technological innovations such as online social media and cloud computing create new opportunity for more malevolent use too, even as they create whole new worlds of positive opportunity. And to pick up on just one of the many facets to the positive side of this transformation, that make its advancement inevitable:

• Consider how essentially anywhere to anywhere and at any time, ubiquitous connectivity through small, simple smart phones and tablets has changed the world, reducing friction and barriers and bring people together and even globally,
• And particularly when cloud computing and for both data storage and for processing power, have in effect put always-connected supercomputer, super-communications devices into everyone’s hands. Think of this as ubiquitous connectivity and communications with what can amount to arbitrarily wide computational bandwidth, and equally wide ranging data storage, retrieval and sharing capabilities supporting it.

Now consider how this capability can be exploited by both individual black hat hackers, and by large organizations: governments included, that seek to exploit newly emerging cyber-weaknesses that arise from these new technologies in pursuing their own plans and policies. I wrote in Part 2, at least in brief and selective outline, of how Russia, China and North Korea have done this, as case in point examples. And in the course of that, I noted and at least began to discuss how the vulnerabilities exploited there, always have two faces: technological and human, and how the human side to that can be the more difficult to effectively address.

That led me to the quickly outlined “cyber security solution” that I made note of above and that I first offered at the end of Part 2, where I wrote of cyber-defense and security in general as calling for:

• Better computer and network user training,
• Better, more up to date and capable automated systems,
• And usage options channeling systems that reinforce good practices and discourage or even actively prevent bad, risk-creating ones.

Then, after offering that, I added that “technology fixes are always going to be important and necessary in this, but increasingly the biggest vulnerabilities faced come from human users, and particularly ones who are trusted and who have access permissions, to critically important systems.”

I begin addressing this ending point to Part 2 and starting point to this Part 3 by picking up on one of the Russian government sponsored and led examples made note of in Part 3, where the Russian government explicitly sought to influence and even suborn the 2016 elections in the United States, including their presidential election. One of the key attack vectors used was a phishing attack campaign that gave them access to the Democratic Party email server system, used for within-Party confidential communications. This attack helped Russian operatives and private sector participants working for them, to insert malware into those server computers that gave them direct access to them for copying files stored on them, as well as capability for damaging or deleting files stored there. And this gave them the ability to edit as desired, and selectively leak emails so covertly captured too. And this was done and according to a timing schedule that would cause the greatest harm to a Hillary Clinton, Democratic Party presidential campaign, significantly helping Donald Trump to win the White House.

Let’s reconsider the three “to-do”, or at least “to-attempt” bullet points that I just repeated here from Part 2, as a first-take “cyber security solution”:

• Training only works if people who receive it actually follow through and do what they have been taught.
• “Better, more up to date and capable automated systems” as an operational goal, is always going to constitute a moving target, as both new positive capabilities and the new vulnerabilities that they bring with them arise and become commonplace.
• And the ongoing emergence of this new and different, and particularly of an ongoing flow of disruptively new and different, can make good practice shaping and requiring systems, obsolete almost before they are really implemented – and particularly given the challenges of the first of these three bullet points.

How did the Russians hack into the Democratic National Committee (DNC) confidential email servers that they specifically targeted here? Setting aside the technical side of this question and only considering the social engineering side to it, all that took was one person who was trusted enough to be given access to this email system, who would click to open what probably should have been seen to be suspicious links in an email that they had opened with their standard email software. Then when they went to the DNC secure server with it, they delivered the malware that they had just infected their computer with from this, and the rest was history.

• This is very important. It did not matter if a thousand others had deleted the malware-carrying emails that this one use opened and clicked into, if just that one trusted systems user did open at least one of them and click at least one link in it.

There is a saying to the effect that a chain can be no stronger than its weakest link. Reframing “link” in human terms rather than hyperlink, cyber terms, all it takes is one weak human link in this type of system, among its community of trusted and vetted users to compromise the entire system. And they only have to set aside their judgment and training once, at an inopportune moment to become that crucially weak link.

Let me add one more innovative element to the positive value created/negative vulnerability created from it, paradigm that I have been developing and pursuing this series around: automation and the artificial intelligence based automated cyber systems that enable it. These smart systems can be and increasingly are being developed and implemented to create automatic nuanced flexibility into complex information and communications systems. They can be and increasingly are being used to promote what many if not most would consider more malevolent purposes too, such as attempting to throw national elections. Automated systems of the type that I write of here are consistent and always follow their algorithmic protocols and processes in place, and they are becoming more and more subtle and capable in doing this, every day. They do not tire or become distracted and they do not make out-of-pattern mistakes. And here, they are pitted against individual human users of these systems, who all at least occasionally do.

Let’s reconsider the three to-do recommendation points that I initially repeated here towards the top of this posting:

• Training only works if people who receive it actually follow through and do what they have been taught.
• “Better, more up to date and capable automated systems” as an operational goal, is always going to constitute a moving target, as both new positive capabilities and the new vulnerabilities that they bring with them arise and become commonplace.
• And the ongoing emergence of this new and different, and particularly of an ongoing flow of disruptively new and different, can make good practice shaping and requiring systems, obsolete almost before they are really implemented – and particularly given the challenges of the first of these three bullet points.

And I match them with the issues and challenges of this posting in mind, with a brief set of matching questions:

• How best can these technology/human user systems be kept up to date and effective from a security perspective, while still keeping them essentially intuitively usable for legitimate human users?

The faster the technologies change that these systems have to address, and the more profoundly they do so when they do, the greater the training requirements that will be required at least by default and according to most current practices in place, and the less likely it becomes that “potentially weaker links” will learn all of this New and incorporate it into their actual online and computer-connected behavior, and fast enough. So the more important it becomes that systems be made intuitively obvious and that learning curve requirements be prevented, to limit if not entirely avoid that losing race towards cyber-security safety. And yes, I intentionally conflate use per se and “safe, security-aware” use in this, as they need to be one and the same in practice.

• Moving targets such as “better, more up to date and capable automated systems” of the type cited in the second above-repeated point, tend to become harder to justify, at least for the added effort and expense of keeping them secure in the face of new possible challenges. That certainly holds true when these information technology and communications systems keep working for their current iterations, and when updates to them, up to now have seemed to work and securely so too. How do you maintain the financial and other support for this type of ongoing change when it succeeds, and continues to – in the face of pressures to hold down costs?

Unfortunately, it is all too common that ongoing success from using technologies, breeds reduced awareness of the importance of maintaining equally updated ongoing (generally expensive) protective, preemptive capabilities in them too. And it becomes harder and harder to keep these systems updated and with support for doing so, as the most recent negative consequence actually once faced, slips farther into the past. And to put this point of observation into perspective, I suggest you’re reviewing Parts 1 and 2 of this series, where I write of how easy it is to put off responding to already known and still open vulnerabilities that have struck elsewhere, but not here at least yet.

And for Point 3 of that list, I add what is probably the most intractable of these questions:

• In principle, non-technology organizations that do not have strength in depth in cyber issues and on how best to respond to them, can be safe in the face of already known threats and vulnerabilities, if that is they partner for their cyber-security with reliable businesses that do have such strengths and that really stay as up to date as possible on known threat vectors and how they can be and are being exploited. But what of zero-day vulnerabilities and the disruptively new: how can they be at least better managed?

I am going to continue this discussion in a next series installment, starting with these questions. And I will take that next step to this narrative out of the abstract by at least briefly discussing some specific new, and old-but-rebuilt sources of information systems risk. Meanwhile, you can find this and related postings and series at Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation. And you can also find this and related material at Social Networking and Business 2, and also see that directory’s Page 1.

Meshing innovation, product development and production, marketing and sales as a virtuous cycle 6

Posted in business and convergent technologies, strategy and planning by Timothy Platt on August 4, 2017

This is my sixth installment to a series in which I reconsider cosmetic and innovative change as they impact upon and even fundamentally shape the product design and development, manufacturing, marketing, distribution and sales cycle, and from both the producer and consumer perspectives (see Ubiquitous Computing and Communications – everywhere all the time 2, postings 342 and loosely following for Parts 1-5.)

I focused in Part 5 on a restaurant example, where that business’ owner had decided to pursue a farm to table approach as the defining vision of their restaurant. Earlier, in Part 3 I offered a restaurant-oriented example of a downward vicious cycle, that fits a pattern that I have come to call a restaurant death spiral, where loss of business leads to cost cutting and corner cutting that in turn drives away customers and creates still greater loss – with that pattern repeating until the restaurant finishes failing. Think of the Part 3 scenario of this series as background and prelude for a Part 5 change of direction recovery here, for the level of urgency and determination that that would bring a business owner to, in order to avoid repeating what might in any way be viewed as returning to a lessons-learned failed path.

• What do the two business model approaches of Parts 3 and 5 have in common? Any realistic answer to that would have to include a rigidity that can create vulnerability and certainly in the face of the unexpected, and increased risk in any case, and certainly when the Part 5 scenario is pushed to its logical pure-play extreme.

And this brings me to the set of issues that I would at least begin address here in this posting, as encapsulated in this following set of bullet points:

1. Discussing what businesses respond to, and in the specific context of this series, as they respond in patterns of decision and action, review and further decision and action that can have recurringly cyclical elements to them.
2. And it means addressing how they would respond at a higher level strategic and overall operational level and not just at a day-to-day, here-and-now details level, and certainly if they do so effectively.
3. In anticipation of that point, I cite agility and resiliency as organizational goals – and as buffering mechanisms against the down-sides of change. I have already touched on this set of issues (e.g. in Part 5) but will return to further consider it in light of my discussion of the above Points 1 and 2.

I begin with Point 1 of that list, and with the point that the two just-referenced case study examples hold in common: their inflexibility and what it is grounded in.

• Business owners who pursue a Part 3 scenario or analogous approach to running their business, generally seem to be pursuing known and easy more than anything else, and with a goal of limiting risk from avoiding forays into what for them would be the unknown and unfamiliar.
• Business owners who pursue a more purely Part 5 scenario or analogous approach to running their business, do so with a goal of never, ever again risking falling into a known failed pattern: a once followed easy but long-term dangerous trap like the restaurant death spiral. And when I posit a Part 5 approach as a break-away from that downward spiral and with all of the pain that it had caused, the pressures to pursue their new course can be very intense.

Rigidity and the resulting fragility that it can engender, arise in both of these scenarios. And addressing the questions of what businesses respond to, and both one-off and as a matter of developing cyclically recurring processes, has to begin with a deeper understanding of goals and priorities and of what really should be added into the basic business mission and vision where that has to be fundamentally reconsidered.

Let’s consider the farm to table, local-only sourcing restaurant of Part 5. They started out pursuing this approach after what their owner came to see as a near death experience for their restaurant dream and for their own personal financial wellbeing too. And they began to see some real success from this as their business began to flourish. Then they hit a wall in the form of locally sourced supplies limitations that arose from really challenging weather and crop loss for the farms they would buy from. And this leads me to a fundamental question.

• Does this restaurant owner seek to run a locally sourcing farm to table restaurant only and with that their one and only mission defining goal?
• Or do they seek to provide the best food possible from the best ingredients possible where that might usually mean buying and using local and from specific partner business farms – but where they would selectively deviate from that when necessary for maintaining both quality of food and the variety that they would want on their menus?
• What, ultimately, are their operational and process-based priorities there?
• And what are the actual priorities of their customers and of their potential customers who would be drawn to quality, and even if they see value in farm to table and local sourcing where possible?

Transparency and openness are important here, in what such a restaurant offers its customers and in how it describes and explains and markets itself. And the same can be said for openness in how this restaurant maintains connection with and support for the local farms and dairies and other largely family owned and run enterprises that they began turning to when first becoming a farm to table restaurant. It is important to note here that farm to table restaurants do not just approach a within-organization business model and its requirements when pursuing that approach. They join a community with their family owned small farm and dairy providers that can become both mutually supportive and mutually rewarding and for all involved.

I am writing about marketing and communications here, but more importantly I am writing about a rethinking of what a business does and how, and with the necessary selectively expressed flexibility needed to address and surmount challenges. And yes, this might even mean buying premium quality canned Italian tomatoes or buying distantly grown ones – whichever would best meet the restaurant’s quality criteria and needs, until locally grown can be freshly available again. (I noted in Part 5 that elements of this scenario are now dated by the improvement of long-distance transportation, and even for ripe produce and at good costs at point of delivery. But I offer this example and continue developing it here because basic decisions with their competing alternative resolutions still arise and will continue to do so, as change and the unexpected force reconsideration and decisions, and in ways that might be novel to the business model in place. And the farm to table ethic of buying local and supporting local producers where ever possible, has to be taken into account here too.)

I am going to continue this discussion in a next series installment with Point 2 of my above-repeated topics list. And in anticipation of that, I note here that I will begin that line of discussion where I finished this posting, at a point where decisions have to be made that can be grounded in business ethics and related terms and in how a business and its owners enter into and participate in larger communities that only begin with their customers and their potential customer bases. I will discuss this in the context of meeting strategic and operational needs within a business, to keep it viable and profitably robust. Meanwhile, you can find this and related postings and series at Business Strategy and Operations – 4, and also at Page 1, Page 2 and Page 3 of that directory. And see also Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation.

Innovation, disruptive innovation and market volatility 34: innovative business development and the tools that drive it 4

Posted in business and convergent technologies, macroeconomics by Timothy Platt on July 25, 2017

This is my 34th posting to a series on the economics of innovation, and on how change and innovation can be defined and analyzed in economic and related risk management terms (see Macroeconomics and Business, posting 173 and loosely following for Parts 1-5 and Macroeconomics and Business 2, posting 203 and loosely following for Parts 6-33.)

I began Part 33 of this by repeating a to-address list of points that I am now working my way through. And I repeat this list here for smoother continuity of narrative, as I continue systematically addressing its issues:

1. Innovation and its realization are information and knowledge driven.
2. And the availability and effective use of raw information and of more processed knowledge developed from it, coupled with an ability to look beyond the usual blinders of how that information and knowledge would be more routinely viewed and understood, to see wider possibilities inherent in it,
3. Make innovation and its practical realization possible and actively drive them.
4. Information availability serves as an innovation driver, and business systems friction and the resistance to enabling and using available business intelligence that that creates, significantly set the boundaries that would distinguish between innovation per se and disruptively novel innovation as it would be perceived and understood
5. And in both the likelihood and opportunity for achieving the later, and for determining the likelihood of a true disruptive innovation being developed and refined to value creating fruition if one is attempted.

I at least initially dealt with Point 1 of this list in Part 32, and its Point 2 in Part 33. And I turn here to consider the above restated Point 3 in that same vein. And to be more specific here, I used Points 1 and 2 of this list to at least briefly sketch out a fundamental problem:

• A fundamental challenge that businesses face when they simultaneously seek to safeguard sensitive and confidential proprietary business information,
• And still remain open to the possibilities of developing and capitalizing on innovation, and even disruptively novel innovation where new communications patterns and information sharing allowances might be needed in order to effectively bring the right combinations of expertise together for that.

Rules based information access systems, of necessity are always built and implemented in terms of a business’ current here and now, and in terms of current information sharing needs – assuming of course that they are kept that up to date. Innovation and disruptive innovation in particular can demand new and novel there, as previously unconsidered combinations of personnel and unconsidered combinations of expertise and experience that they could offer become essential if their business is to develop its next step-forward future.

And this brings me directly to the above Point 3, and implementation. And it also brings me back to a specific business organization approach to making an enterprise more effectively innovative in practice, that I initially offered in my 2012 series: Keeping Innovation Fresh (see Business Strategy and Operations – 2, postings 241 and following, and in particular, see its Part 7 and following where I discuss transition committees.)

• A well organized and run transition committee serves the business that it operates in by helping to identify innovation opportunity that is being developed in-house, that holds potential for offering value to the business if further developed into fully practical implementation. And such a committee helps to facilitate this transition from proof of principle and concept, to practical realization. It bridges the gap between research and conceptualization and its output, and practical implementation that can be brought to market.
• For purposes of this series, consider that a second step to a larger and more comprehensive overall process and system of them that any successful in-house innovation has to traverse if it is to succeed and become a value creating part of the business that it first arises in. My focus here is on what precedes that step, in bringing the personnel and other necessary resources together to make development of initial innovative potential possible. And bringing together both the necessary people and the necessary information that they would develop New from, is crucial there.

In practice, the same people who comprise a transition committee might also find themselves responsible for championing the initial first step in the creation of potential new innovation too, from the initial idea stage. And having such an innovation-supportive group within a business is all but certain to at least help in that direction. But in practice, no single group of employees and managers can do all of this alone, and with anything like the reach into their business that they would need for that and across the full sweep of their table of organization. Keep in mind here that some of the most creative and ultimately valuable initial innovation ideas, can and do come from unexpected directions in an organization.

Making the first half of this system of processes work: making the first initial innovation identifying and supporting and enabling step work, calls for participation by both lower and middle managers who those creative hands-on employees report to, and participation from the risk management people who set and administer information access and sharing policy and their rules-based implementation.

I have said this before in this blog; this means supporting employees and managers who would step out beyond their routine day-to-day to attempt new, and this means senior management allowing for and being tolerant of failure, where not all attempts at developing innovative new possibilities work out successfully.

• The more actively and far-reaching a business seeks to be as an innovator in its industry and sector, the more formal structure is probably going to be needed to make this work and consistently so – and the more important it is for them to actively pursue this.
• A certain amount of overall organizational scale in this is probably going to be needed in order for a business to even have an organizational structure such as a transition team in place. Though I add, participation in this type of endeavor can be part-time and only be called upon on an as needed basis and as first step processes identify innovative potential for them to help promote and further develop. And, of course, the people who would do all of this have to be supported in their being allowed time and other resources to work on this too, along with their more usual workplace responsibilities.
• Note that I did not start out with cost considerations here and that was for a reason. As an initial step, the important goal is usually a proof of principle validation that there is something that might be of value if developed in a practical implementation direction. If this is done carefully, costs can in general be minimized and even if their inclusion on a budget might be notable. That raises the question of what budget and what line in the business’ accounting this would be charged too. And selecting there can require financial gatekeeper support too.
• Then taking that next step beyond basic proof of principle, takes effort and funding too and even with a focused prototyping effort. This is where the transition committee of my earlier series: Keeping Innovation Fresh, actively enters this narrative.

What is the single biggest challenge that seems to arise and throughout all of this, and particularly for successful, profitable businesses?

• Taking off the blinders that success can put in place, and looking past the currently successful and profitable, and in new directions
• And when the current bottom line for that business, and when the demands of its markets, are not already asking for new and different,
• And when the due diligence security of tried-and-true and fiscally known and at least for-now safe, would seem to mitigate against pursuit of research and new product development, and innovative change.

Businesses that cannot and do not take this leap into the admittedly unknown, ever, might be secure in their current here-and-now for right now and in their immediate and shorter term future. But they also run the risk and certainly longer-term, of being blindsided by their competitors who do innovate and who do support the potential for innovation that their employees can offer.

And with this I divide risk and benefits according to timeframes considered, and as a direct consequence of considering the How of actually carrying out the above list’s Point 3.

I am going to add some more to that line of discussion in my next installment to this series, and will proceed from there to address Point 4:

• Information availability serves as an innovation driver,
• And business systems friction and the resistance to enabling and using available business intelligence that that creates, significantly set the boundaries that would distinguish between innovation per se and disruptively novel innovation as it would be perceived and understood.

Meanwhile, you can find this and related postings at Macroeconomics and Business and its Page 2 continuation. And see also Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation.

Rethinking vertical integration for the 21st century context 17

Posted in business and convergent technologies, strategy and planning by Timothy Platt on July 23, 2017

This is my 17th installment to a series on what goes into an effectively organized and run, lean and agile business, and how that is changing in the increasingly ubiquitously connected context that all businesses, and that all individuals operate in (see Business Strategy and Operations – 3 and its Page 4 continuation, postings 577 and loosely following for Parts 1-16.)

I focused on symmetrical and asymmetrical power and control relationships between businesses in supply chain and related collaborative systems in Part 14, Part 15 and Part 16 of this series. And I have build that flow of discussion around three case in point examples: FedEx (in Part 14), Eastman Kodak (in Part 15) and Apple, Inc (which I have recurringly turned to and discussed throughout this series.) Those three business enterprises serve as the leading and even dominating participants in the business-to-business collaborations that they have entered into, and essentially without exception throughout their histories.

Then at the end of Part 16 I stated that I would conclude this series here, with a discussion of:

• Alignment and divergence in what participating businesses seek to achieve in business-to-business collaborations, and in how they would pursue their perhaps diverging goals there.

I also stated that I would reconsider Apple, Inc. in this context too and I will do so. But before I do that, I want to reconsider a point that I raised and then questioned in Part 16, readdressing it here in an explicitly international context.

Certainly for long-term collaborations and ones that have proven mutually beneficial and to all businesses concerned, you would most generally expect all partner businesses involved to see value in continuing these arrangements, as proven sources of value to them. Decisions and actions that would challenge these relationships by reducing their value to trusted and reliable partner businesses there, would create risk, and risk that would probably not be off-set by a compensatory gain in value received. And with this, I postulate a stable win-win game theory scenario as a path towards maximized value received and all around, and minimized risk created and once again for all businesses involved in these systems.

I then at least briefly made note of how a more within-collaboration, win-lose or at least win-indifference strategy might arise. Rethinking these business-to-business arrangements in the more general terms that I offer in my series: Some Thoughts Concerning a General Theory of Business, starting with its Part 12, these less mutually supportive strategic and operational approaches can arise for a variety of reasons, including time limitations for how long a collaboration can continue and a variety of other sources of uncertainty (see Section VI of Reexamining the Fundamentals for that series as a whole.

What are some of the specific forces that can lead participating businesses away from a more entirely win-win approach, and particularly in an international and transnational context? And I add to that: when alignment of aims and goals among business-to-business collaborative partners gives way to divergence and a more win-lose approach, is it always the overly larger and most dominant business in these systems that drives that? I begin addressing these two questions with a set of concluding remarks that I will then go back to explain.

• Outside governmental forces and the agendas that shape and drive them, as an increasing important source of this divergence, can create overt disjunction of goals and aims between collaborating businesses, and can create what in key respects can become win-lose scenarios, for businesses that those governments can see as foreign. I write here of protectionism when this is carried out in order to help home-based businesses in general, but this type of government policy and practice approach can also serve to advance overall national economic goals as well as promote specific business enterprises.
• And yes, a business that would seem to qualify as being more subordinate in a business-to-business collaboration and according to all three criteria offered in Part 16, can find itself driving these win-lose disjunctions from how they conceive mutual long term benefit, and even when all businesses involved seek to maintain these collaborations very long-term.

One of the governments that I have in mind here is that of the People’s Republic of China, the (seemingly) dominant collaborative partner business in this is Apple, Inc., and the smaller and (seemingly) more subordinate businesses involved here are China and otherwise foreign-based enterprises that provide parts and subassemblies and even significant production capabilities to Apple as that company seeks to manufacture its marketable, Apple-branded products as economically as possible. Apple in fact primarily manufactures both its iPhones and iPads in China in factories such as a Pegatron Corp. facility located just outside of Shanghai. Note that Pegatron is headquartered in Taiwan, but they do a lot of their manufacturing in mainland China, and particularly just outside of Shanghai, so a second government in this story is the “breakaway” government of the Republic of China (Taiwan).

Just considering the People’s Republic of China in this narrative, one of their primary requirements that they impose on foreign companies that operate in China, is that they must partner with a Chinese company for all that they do there. And a second requirement that they just as adamantly insist upon is that these foreign companies transfer technical knowledge to their Chinese partner business, (and through them to Chinese government and Communist Party owned and controlled enterprises as well, as the Chinese government sees fit.) Basically, China takes a long-term perspective here and with a goal of requiring that foreign businesses that seek advantage now, only gain it at the long-term cost of creating what can become their most challenging next generation competitors.

I picked a controversial and I add extremely complex example here, intentionally. The allure of China’s cheap labor and the allure of its massive marketplace with its sales potential have proven to be more than enough as a source of incentive, to bring foreign businesses and even strategically well run ones to enter into these agreements. Some of them have come to see the longer-term consequences of this for their potential downside as they have in fact created profoundly challenging competitors out of what had started out as “simple” collaborative partnerships. And to take that out of the abstract, I cite what is currently the largest railroad rolling stock manufacturer in the world now: the Chinese manufacturer CRRC Corporation, LTD. They and their immediate predecessors in China entered into business-to-business collaborations with a number of foreign rolling stock manufacturers and acquired best of breed technology solutions from all of them. Then CRRC combined the best of all of this under one roof and in ways that these technology providers could not do directly and to their own advantage, and still avoid antitrust action in their court systems. And CRRC grew and grew and is now the biggest and most dominating business in this entire industry.

With that cautionary note and the always-present potential for at least smaller scale variations on it, I turn back to the initial core area of discussion of this entire series, which I reconsider in the light of this and the preceding 16 installments to it: vertical and I add horizontal integration as it is and can be developed towards in-house, and the risk and benefits dynamics of that. And I reconsider Apple Inc. again in this: the case study that I began this series with and that I have in large part built this series around.

• Are Apple and I add other smart phones and related ubiquitously connectable devices in the process of creating what might become their very own next generation CRRC, as Chinese businesses, operating under China’s skewed copyright and patent protection laws, decide how the technology they acquire from their foreign business partners can be repurposed?

And this brings me to a final thought that I will end this posting with, and this series as well. International trade agreements are currently coming under intense fire and particularly from more technologically developed countries such as the United States. And one of the clarion calls leading the charge against them is the prospect of “foreign interference” in national legal systems. The focus there is on how a foreign business from a signatory nation with less stringent environmental protection or worker’s rights laws, might force their partner nations’ governments to pay hefty fines for imposing protective laws that are “in restraint of trade,” and that cause treaty violating avoidable loss of income and profitability from that. But the one area of law where challenges would in fact most likely arise would be in how foreign governments do or do not protect intellectual property and trade secrets and related sources of business-defining value – of a type directly challenged in my above-cited rolling stock example.

• As long as businesses see risk and uncertainty from entering into collaborative relationships with other businesses, and particularly in foreign countries where adequate safeguards are not in place, the pressure will be on to do more and more in-house and through in-house vertically integrated systems, horizontally integrated ones or both in order to safeguard business defining sources of value.

This is becoming increasingly important in our increasingly interconnected global community and marketplace.

I am ending this series here but I will definitely return to this set of issues in postings and series to come. Meanwhile, you can find this and related postings and series at Business Strategy and Operations – 4, and also at Page 1, Page 2 and Page 3 of that directory. And see also Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation.

Rethinking national security in a post-2016 US presidential election context: conflict and cyber-conflict in an age of social media 2

Posted in business and convergent technologies, social networking and business by Timothy Platt on July 1, 2017

This is my second installment to a new series on cyber risk and cyber conflict in a still emerging 21st century interactive online context, and in a ubiquitously social media connected context and when faced with a rapidly interconnecting internet of things among other disruptively new online innovations (see Part 1.)

I stated at the end of Part 1 that I would turn here in its follow-up to at least briefly consider how Russia used cyber-weapons to influence and even disrupt the 2016 elections in the United States including the presidential election there. And I will do that here, widening my perspective on the issues raised by that one event to also consider, for example, Russian meddling in the United Kingdom’s Brexit referendum and recent European elections too, as well as other internationally impactful cyber-attack incidents.

I begin this posting and its narrative by citing some recent news stories concerning at least some of these cyber offensives, as specifically orchestrated by and led by agencies of the Russian government:

UK Officials Now Think Russia May Have Interfered with the Brexit Vote.
Russian Meddling and Europe’s Elections.
FPI Conference Call: Russian Interference in Foreign Elections.

And I also cite this Wikipedia piece:

Russian Interference in the 2016 United States Elections.

and this public release version of an official US government intelligence community assessment report on the 2016 hacking of United States elections by the Russian government and by groups organized and led by them in that:

Background to “Assessing Russian Activities and Intentions in Recent US Elections”: The Analytic Process and Cyber Incident Attribution.

Officially, nation states only develop cyber-warfare capabilities for defensive purposes, and as a deterrent from others using this type of weapon offensively against them. If they admit to having cyber elements in their militaries at all, it is always for strictly defensive purposes and never with intent to proactively, offensively use them.

North Korea and China have deployed cyber-weapons in pursuit of their national interests and so have the United States and others and in a variety of arguably non-defense roles. All three, and other nations as well, have actively used these capabilities in order to clandestinely gather in secret and sensitive information from national governments. And for China and North Korea this has also actively included gathering sensitive and confidential information from private businesses too. And a variety of countries have at least occasionally used these capabilities in more overt manners too, besides just seeking to surreptitiously gather information through cyber-espionage.

As a specific and well known example of that, the North Korean government very specifically cyber-attacked Sony Pictures and their computer network in retaliation for their producing and releasing a movie: The Interview, in which a buffoon representing Kim Jong-Un was targeted for assassination. See:

U.S. Said to Find North Korea Ordered Cyberattack on Sony and
N.S.A. Breached North Korean Networks Before Sony Attack, Officials Say.

And North Korea under Kim Jong-Un has become particularly active in using cyber-weapon capabilities offensively. They have used their cyber-capability to attack banks and private businesses in South Korea, and to attack the South Korean government itself. And as a very recent, as of this writing, example of this policy and practice, consider their use of ransomware as a means of bringing in foreign currency “income” and from multiple sources globally, to help prop up their economy.

North Korea’s economy has always been weak at best but it has spiraled downward from weak to worse under sanctions imposed because of their recent nuclear weapons and ballistic missile tests. See:

• This Wikipedia piece on North Korea’s far-reaching WannaCry Ransomware Attack and this news story about it:
More Evidence Points to North Korea in Ransomware Attack.)

I have to add that even countries that have largely limited their development and deployment of cyber-warfare capability to defensive use have found themselves at least occasionally resorting to them in offensive initiatives. I cite the use of the Stuxnet computer worm as an example of that type of cyber-offensive approach as the United States and Israel specifically sought to impede Iran’s effort to develop and produce nuclear weapons as a particular limited, targeted use of this type of capability.

I have to add that offensive and defensive are in the eye of the beholder. I think it safe to state that the United States government would claim that it carries out cyber-surveillance on the computer networks and systems of countries such as North Korea (as noted above) for strictly defensive purposes. And the same could be said of their alleged use of cyber-weapons to impede North Korean ballistic missile tests “left of launch” – on the ground and before those missiles can take off. They would claim that these are all defensive measures taken to deter the grave risk that an always unstable at best North Korean leadership might have nuclear weapons and ballistic missiles that they could deliver them with in a devastating attack. The North Koreans, and I add others might see this type of action differently and as representing something other than defense-only.

And of course Russia has recently gone on the cyber-offensive and very actively, and globally in attacking and seeking to suborn elections and referendum votes in multiple nations that they see as being at least potential adversaries, as noted in the above references on that. And they have cyber-attacked neighboring countries in a variety of ways over the years too (e.g. in preparation for their physical incursion into the Ukraine.) And I add that they have prominently deployed social media and related resources as weapons in much of this, as touched upon in more abstract terms in Part 1 of this series and as noted, by way of example, in the news pieces pointed to in the above-offered links.

New technologies and new ways to use already established ones create both new positive-side possibilities and new, negative-side vulnerabilities. And the more disruptively significant a New is, the greater both the positive and negative side to it can be for impact achieved. This holds for social media and the emerging internet of things, and it applies to cloud storage and cloud-based application programs and related distantly located and managed functional capabilities. This applies to essentially every new and every next-step technology that emerges, and certainly online where an attack can be launched and sent out at close to the speed of light and with largely effective masking as to where an attack actually came from.

• These new and emerging technologies are usage neutral in this regard, in and of themselves. Their societally positive and negative values arise in how they are used and in what ends they are used to achieve.
• And information systems security: an increasingly vital face to national security and on all levels and for all nations, is increasingly a matter of thinking outside of the box of past and even current practices, and beyond the scope of past and even current possibilities, to imagine what a potential adversary: local and individual, or national and more comprehensively scaled might do or try to do next. (See Stuxnet and the Democratization of Warfare for a brief orienting discussion of the roles that even single individuals can play in this.)
• Then the next step in this risk assessment and remediation conceptualization arises and it is the most difficult one of all to actually design for use and to put into effect – getting people and organizations: both businesses and governments included there, to actually prepare for what might come, by installing and using protective systems that are developed in light of realistic threat assessments, and that include in them proactive protective elements.

I keep finding myself thinking back as I write this, to a fundamental challenge that is implicit in the ongoing real-world information security experience publically shared by the Open Web Application Security Project (OWASP) in their Top 10 threat assessment and identification project. Many of the most serious and prevalent risk vulnerabilities that this widely known and respected organization has published about, have been included in their recurringly updated Top 10 risks list for years now, and even from the beginning of that organization and from the first edition of this list. Widely accessible ways are available for both identifying where these vulnerabilities are in systems that exhibit them and for remediating them, patching and removing them. But so many businesses and even government agencies do not effectively address even long-known vulnerabilities, let alone new and emerging ones.

When I wrote of the emerging cyber-security risks inherent in the internet of things, in Rethinking Online Security in an Age of the Internet of Things: the more things change, the more they stay the same, I did so with this human usage and management vulnerability in mind. And with that noted, I return in this discussion to the Russian hacking of the United States Democratic Party server computers, leading up to the 2016 elections there, and how they used confidential emails and other documents illegally obtained from them, out of context at the very least to interfere with those American elections. I have been writing of these events and about the vulnerabilities that they represent here, in terms of technology. But in a fundamental sense they are human user challenges too, and fit as threat vectors into the social engineering paradigm, and even when channels such as social media are not involved.

Ultimately, the only way that the Russians could hack those Democratic Party computer servers was by coaxing humans with legitimate access to those systems to take actions that would install malware on them, primarily by coaxing them to click to links in emails that would prompt the downloading of malware onto their secure network connected email server computers. And this brings me to three basic categorical corrective responses, for at least limiting the possibility of a next similar attack from working. And here I write in terms of cyber-defense and security in general:

• Better computer and network user training,
• Better, more up to date and capable automated systems,
• And usage options channeling systems that reinforce good practices and discourage or even actively prevent bad, risk-creating ones.

Technology fixes are always going to be important and necessary in this, but increasingly the biggest vulnerabilities faced come from human users, and particularly ones who are trusted and who have access permissions, to critically important systems.

I am going to continue this discussion in a next series installment, with that set of possibilities and that observation. And I will offer at least a brief set of thoughts as to how the above bullet pointed information systems security approaches might be implemented in a rapidly, disruptively changing computer and information technology context. And as part of that, I will at least briefly discuss some of the positive tools and capabilities that have emerged in the last few years, as of this writing, and how they can be exploited, turning them into sources of security vulnerability too.

Meanwhile, you can find this and related postings and series at Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation. And you can also find this and related material at Social Networking and Business 2, and also see that directory’s Page 1.

Meshing innovation, product development and production, marketing and sales as a virtuous cycle 5

Posted in business and convergent technologies, strategy and planning by Timothy Platt on June 19, 2017

This is my fifth installment to a series in which I reconsider cosmetic and innovative change as they impact upon and even fundamentally shape the product design and development, manufacturing, marketing, distribution and sales cycle, and from both the producer and consumer perspectives (see Ubiquitous Computing and Communications – everywhere all the time 2, postings 342 and loosely following for Parts 1-4.)

I have been discussing virtuous and vicious cycles in businesses, as they alternatively pursue proactive and reactive approaches to change (see Part 2, Part 3 and Part 4.) And at the end of Part 4, I stated that I would more fully discuss the paths to change that these businesses would respond to and in both its evolutionary and disruptively revolutionary forms.

• This means discussing what businesses respond to, and in the specific context of this series, as they respond in patterns of decision and action, review and further decision and action that can have recurringly cyclical elements to them.
• And it means addressing how they would respond at a higher level strategic and overall operational level and not just at a day-to-day, here-and-now details level, and certainly if they do so effectively.
• In anticipation of that point, I cited agility and resiliency as organizational goals – and as buffering mechanisms against the down-sides of change.
• And I indicated that I would return to my restaurant example of Part’s 3 and 4 to add in another complicating factor there. I initially presented this case study example in negative terms, and in term of what I have come to call the “restaurant death spiral” scenario: an unfortunately real phenomenon that I have seen play out a number of times, and for its basic form in more than just restaurants. I then turned that scenario on its head and away from that initial vicious cycle pattern, to illustrate how a restaurant in precisely the same situation that launched my Part 3 vicious cycle pattern, could instead pursue a success creating virtuous cycle response (in Part 4.) My goal here is to add in a new contingency (that I add here is based on fact but that might I admit seem a bit historically dated now), that in effect stress tests that virtuous cycle approach with an unpredictable adversity. The question there, is one of exactly how robust this business has made itself as it seeks to redevelop itself through its virtuous cycle of change and improvement, and next step change and improvement. And this is where agility and resiliency enter in, as noted in the immediately preceding bullet point.

I am going to begin this overall thread of discussion with the specific case in point example of that last bullet point, and then address the first three points at least in part in terms of this example, as a means of taking my overall narrative here out of the entirely-abstract.

I suggest you’re at least briefly reviewing Parts 3 and 4, for their discussion of this restaurant example, and Part 4 in particular as I turn to consider a more positive and productive approach to restaurant turn-around and recovery. But in brief, this case study example involves a failing restaurant that turned itself around by among other things switching from easier to procure canned and otherwise processed ingredients, to a more knowledge and labor demanding local fresh and farm to table approach.

Local in-season produce and I add locally sourced eggs and dairy, meat, fish and poultry can be both better quality and more appealing to the customer for what you can do with them. And they can be less expensive for the restaurant at the same time. It is just that these locally sourced and farm-to-table fresh ingredients require a lot more knowledge of how and where to locally source, and this requires a great deal more effort and in networking to local sources and building relationships with them, and in making purchases from a much more widespread and diverse range of sources. Picking up on that last point, this means not being able to turn to one or a few wholesaler middlemen as a means of food ingredients sourcing simplicity. But along with buying and being able to cook with fresher, this also means cutting out middleman businesses that can and do add to costs paid as they add in markups to cover their expenses and to bring in a profit for themselves too. I repeat the up-side of this here. Now I toss in that complication that I warned I would add to this happy, virtuous cycle success story:

• Consider the potential consequences of weather-related crop failures.

Late heavy frosts and freezes in places like the Northeast in the United States can essential destroy crops for a season that would normally be starting their growth cycles early. This year, in the Northeast, as a very specific case in point, essentially all of the trees that produce fruit with stony pits, such as peaches or nectarines were hard-hit and overall crops for a lot of growers were essentially devastated by this. Weather related losses of this and a variety of other types can hit corn or tomatoes or essentially any other produce crop. And that type of loss impacts on both the growers who can lose significantly from what should be their year’s peak income seasons, and on their customers: wholesalers and other resellers, and customers such as farm to table restaurants definitely included.

What should a restaurant such as the one of this series’ example do if they suddenly find that crop failure has really seriously impacted on a significant range of the locally sourced ingredients that they would now normally turn to and require? I answer that by raising at least a few of the first round questions that such a restaurant owner would start asking:

• As a set of questions to the farmers who are now their regular providers of produce and other ingredients for their kitchen: How severe is this loss? How much of your expected crop if any, is going to be available this year and at what price? How much of that and of what I need at my restaurant can be made available to me and my business?
• If appropriate for the type of crop failure in question and the timing involved: Can you replant and have a later harvest run, and if so, when and with what delays? Some types of produce routinely can be grown for more than just one crop yield per year, so a late frost for example, might simply mean that type of product arriving at the restaurant later than usual for a first crop, though possibly at higher per unit price then.
• As a set of questions for consideration inside the restaurant: Should we try buying fresh for at least some ingredients that we see as more indispensable and even if that means buying non-local, or should we try making perhaps radical changes to our menu to stay locally farm to table? And where should we take each of these two approaches in our purchasing and menu planning considerations?
• And of course, what will this do to our restaurant’s finances, and both from having to buy rarer commodities that are more expensive now as a result, and from possible loss of customers if the menu cannot be kept as appealing to them? Consider an Italian restaurant that suddenly cannot buy fresh local tomatoes that it has been planning on for seasonal pasta sauces that absolutely require them?
• In that case, consider specific Italian tomato varietals such as Costoluto Genovese, or San Marzano. Only tomatoes of these types that are grown in Italy and in their specific areas of origin can be identified as such, in the same way that a number of wine varieties can only be called by their traditional names if they are produced in their traditional domains: their traditional growing and production regions (e.g. Chianti in one of the eight so called Chianti districts in Tuscany, Italy.) But many of these traditional varietals are also grown outside of their sites and regions of origin and sold under different names, and locally fresh.
• Should this restaurant buy from more distant sources and get tomatoes that were perhaps picked earlier and greener for travel, or should they very selectively go back to canned again, for high quality canned Italian San Marzano tomatoes, for example? Note: tomatoes can be harvested and shipped green and even fully green and ripened off of the vine – but they never taste the same when they are as when they are ripened on the vine. And this can have real impact on any food prepared with them and its taste and quality.

If the owner of this restaurant – here imagined as an at least largely Italian one, is now really firmly committed to farm to table and away from canned anything, but the fresh tomatoes they can get from more distant sources just do not meet their quality standards, this would put them in a real quandary. Fresh tomato and basil sauce would be out of the question however this decision were resolved, at least until locally gown higher quality tomatoes could be made available again. What should be done?

I realize that people who have never worked in or with a restaurant of this type, might see this as a trivial and artifactually contrived case in point example (unless that is they are real foodies, to use a current term of choice.) But for the owners of this restaurant or ones like it, the type of challenge that I have tried to present here, can be consequential and it can strike to the heart of what they seek their restaurant: their dream to be. And decisions made and follow through actions taken lead to next round decisions and actions too.

Picking up on the third of the four bullet points that I have been focusing on here, and with my above discussion of the fourth of them in mind, building for agility and resiliency can call for making difficult decisions. And it can mean thinking through and preparing for scenarios and possibilities that would be anything but comforting, and that might even be very disturbing as sources of possible emerging challenge.

I am going to continue this discussion in a next series installment where I will start at the top of my four bullet point, to-address list and more fully consider the first three:

• This means discussing what businesses respond to, and in the specific context of this series, as they respond in patterns of decision and action, review and further decision and action that can have recurringly cyclical elements to them.
• And it means addressing how they would respond at a higher level strategic and overall operational level and not just at a day-to-day, here-and-now details level, and certainly if they do so effectively.
• In anticipation of that point, I cited agility and resiliency as organizational goals – and as buffering mechanisms against the down-sides of change.

Meanwhile, you can find this and related postings and series at Business Strategy and Operations – 4, and also at Page 1, Page 2 and Page 3 of that directory. And see also Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation.

Innovation, disruptive innovation and market volatility 33: innovative business development and the tools that drive it 3

Posted in business and convergent technologies, macroeconomics by Timothy Platt on June 9, 2017

This is my 33rd posting to a series on the economics of innovation, and on how change and innovation can be defined and analyzed in economic and related risk management terms (see Macroeconomics and Business, posting 173 and loosely following for Parts 1-5 and Macroeconomics and Business 2, posting 203 and loosely following for Parts 6-32.)

I offered a to-address list of topic points towards the top of Part 32, that I repeat here for continuity of discussion, as my goal here is to continue delving into them in follow-up to that posting:

1. Innovation and its realization are information and knowledge driven.
2. And the availability and effective use of raw information and of more processed knowledge developed from it, coupled with an ability to look beyond the usual blinders of how that information and knowledge would be more routinely viewed and understood, to see wider possibilities inherent in it,
3. Make innovation and its practical realization possible and actively drive them.
4. Information availability serves as an innovation driver, and business systems friction and the resistance to enabling and using available business intelligence that that creates, significantly set the boundaries that would distinguish between innovation per se and disruptively novel innovation as it would be perceived and understood
5. And in both the likelihood and opportunity for achieving the later, and for determining the likelihood of a true disruptive innovation being developed and refined to value creating fruition if one is attempted.

I focused on Point 1 of this list in Part 32, and then stated at the end of it that I would turn to consider Point 2 here. I am going to do so but to set the stage for that, I want to at least begin by clarifying and explaining a point of terminology that I raised in Part 32 when discussing innovation per se. Innovation might be more minor and incremental in form or it might be more dramatic and overtly consequential, and disruptive innovation usually represents the more fundamental change end of that continuum. I noted that there is a gray area between innovation as a more general term and when more evolutionary change is considered, and overtly disruptive innovation, but without fully clarifying what I mean by that. Part of an explanation as to what this gray area represents, simply means that incremental change can mean smaller or larger increments on the one side, and that new and novel can be profoundly new and unexpected, or only somewhat new and novel; innovation does fall along at least something of a continuum as to the level and degree of novelty arrived at and even if we all tend to think more in terms of extremes and certainly for identifying the more disruptive-facing end of that continuum. But this explanation only tells one half of the story that I seek to convey in that term.

I in effect prepared to explain the other half of “gray area” in this context in Part 32, when I wrote of information and processed knowledge partitioning in an organization, in the context of business systems friction in information management: the ongoing cyclical processes of data collection and vetting, knowledge development from it, access and communications and use of both raw and processed knowledge and information, and their challenges.

I discussed this in terms of conundrums, where the same processes that can lead to risk reduction from prevention of sensitive information falling into the wrong hands, can also lead to the creation of barriers to effective legitimate information sharing too, and certainly where possible disruptive innovation development can call for new and novel patterns of who legitimately should be brought into an information sharing conversation. And as stated up to here at least, that just addresses the more contrived and planned-out, side to information sharing and its control, leaving out more entirely ad hoc decision making options and their use in information policy and information management.

• In practice, businesses face real risk of porosity, and unexpected information transfer out of the areas where specific forms of sensitive data and knowledge belongs, and into areas where it should not go, coupled with the equally unintended development of barriers to acceptable and even essential information and knowledge transfer and sharing.
• Information access and control processes and practices in actual day-to-day use can and all too often do leave the door open to sensitive information transfer and visibility where they should be limited and blocked, while limiting and blocking where they should be more open and communicative – and particularly, for the later, where novel lines of communication and information sharing would be called for, as for example when developing a disruptively new innovative opportunity and in ways that can lead it to a production line and profitability. I repeat this detail intentionally here.
• Let me pick up on and highlight a crucially important aspect of this, to clarify what I am addressing in these points. If the gold standard for controlling and managing sensitive and confidential information is to be found in developing and following explicit rules-based access and storage systems, and ones that can be largely automated with explicitly rules based, established permissions assigned to anyone who in principle might be involved in this information sharing, then novel and unexpected and unplanned for communications requirements that would bring in unusual combinations of experience and expertise into a conversation, would likely be blocked and certainly for proprietary and closely held in-house business intelligence and as both raw data and as more processed knowledge – barring explicit exception making decisions.

And this brings me to a scenario that I briefly touched upon in Part 32 where a business fails to develop a new and potentially very profitable innovation, and even a disruptively novel one, and even though it has had all of the pieces to that puzzle in place, because they cannot bring what they know together and into production. So another, competing business that may have started much later in the race to develop that type of innovation gets there first. And this sheds a whole new light on that “gray area,” where a lack of effective business intelligence development and sharing, and for actionable processed knowledge in particular, can mean real innovation and even disruptively novel innovation going essentially completely unrecognized for the value potential that it carries. Barriers there can prevent even the potentially most valuable disruptive innovation from ever taking place, and from being brought to market if started upon.

• If the gray area in the innovation continuum that I made note of in Part 32 represents a perhaps-rapidly evolving but still just incremental and perhaps-disruptively new, middle ground area along a continuum, where different viewers might rate the level and significance of change differently,
• That gray area also represents an area of friction-clouded uncertainty and of loss of visibility, where innovation and its potential are not going to even be visible and for at least some of those who should be key stakeholders of innovative change and advancement. And when that “some” includes the key gatekeepers who control which developments can be prototyped and which of them can be developed for production and brought into market-facing production, that can have long-term consequences.

I cited an earlier series in Part 32, with essentially this same area of concern in mind that I repeat here for its importance: Keeping Innovation Fresh, as can be found at Business Strategy and Operations – 2, as postings 241 and loosely following. And once again, see its Part 2: Xerox PARC and Menlo Park and its Part 3 continuation of that in particular, for their relevance here. The Xerox PARC research facility is renowned for both the volume and importance of the innovations that its researchers conceived, and the much smaller proportion of those innovation opportunities that its parent company ever allowed to be developed in-house and to their own profitability and benefit.

So the gray area that I touched upon so briefly in Part 32 and that I have been exploring in more detail here, is both a product of more objective reality where not all change is equal in scale, and subjective and subject to information barrier-facilitated friction if not always information barrier-creating friction. And with this stated, I overtly acknowledge that I have written this entire posting up to here as a direct and immediate response to Point 2 of the to-address list that I repeated towards the top of this posting.

Blinders can come from preconception and bias and even when all of the information that could possibly be needed to take a next conceptual leap is right in front of us. But more insidiously, those blinders can come from a lack of essential information that might be fully developed and in-principle available in-house, but that is so scattered in non-communicating offices that the people who would most need it are constrained to be unaware of it. Then they cannot even know enough of what is in-principle available for them to know and act upon, for them to even just realize that they are missing something – and even when that is a vital something.

I am going to continue this discussion in a next series installment where I will address Point 3 in the above list:

• Making innovation and its practical realization possible and actively drive them.

In anticipation of that line of discussion to come, this means my addressing approaches for both identifying where deleterious information and knowledge bottlenecks and barriers have arisen and remediating them, while still meeting genuine information access control requirements. And I will explicitly consider disruptive innovation, where novel and unexpected patterns of information and expertise sharing might be essential for timely success, that would call for both precise and flexible rules-based systems for allowed sensitive information sharing, with explicit exception handling capabilities built into them.

Meanwhile, you can find this and related postings at Macroeconomics and Business and its Page 2 continuation. And see also Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation.

Rethinking vertical integration for the 21st century context 16

Posted in business and convergent technologies, strategy and planning by Timothy Platt on June 7, 2017

This is my 16th installment to a series on what goes into an effectively organized and run, lean and agile business, and how that is changing in the increasingly ubiquitously connected context that all businesses, and that all individuals operate in (see Business Strategy and Operations – 3 and its Page 4 continuation, postings 577 and loosely following for Parts 1-15.)

I have been discussing symmetrical and asymmetrical business-to-business relationships in supply chain and other collaborative systems for several installments of this series now, at least as a matter of general principle. And I have done so by way of several case in point examples, including Apple, Inc. (with that case study discussed through much of this series), FedEx (in Part 14), and Eastman Kodak (in Part 15.) My goal for this posting is to at least begin to reconsider the issues raised there, in much more operational terms and from both sides of the table when negotiating and carrying out these business agreements, and from both shorter and longer-term timeframe perspectives.

I begin addressing this set of points with a basic question. And it is one that effectively shapes the operations-level nature of the relationship between collaborating businesses in any such ongoing business-to-business system:

• What defines primacy of place in establishing asymmetry of strength and position in these relationships, where and as it arises?

Let’s consider three possible answers to that question, all of which can be valid and true depending on the specific case-in-point examples considered:

1. Primacy of place can be determined essentially entirely on the basis of scope and reach, and certainly when one business in such a collaboration is responsible for and owner of most of a large and comprehensive business process system, and partner businesses that it works with only individually manage and hold responsibility for small add-on elements to what that controlling member business does.
2. Primacy of place can be determined by which business provides the compatibility standards that have to be followed, that all participating business would have to adhere to in collectively providing a consistently functional product and bringing it to market. This can hold whenever proprietary formatting or other standards are in play and owned by one participating business in such a collaborative system of them.
3. And primacy of place in this can be determined by the marketplace, when one business in what might even be a complex collaborative system has come to be seen as owning the collectively created brand, and its standards of excellence in meeting publically perceived needs.

Obviously, a single company can gain primacy of place in its collaborations according to one, two or even all three of these criteria. And I would cite Apple, Inc. as an example of a business that has achieved this for all three. They selectively farm out and outsource a wide range of productive activity, and both in hardware and software production, and certainly for hardware as it is produced according to their standards. They are the most wide-reaching and controlling partner in the supply chain systems that they enter into, and are first among (not really) equals in any and all business-to-business collaborations that they participate in, according to the Point 1 criterion as just noted above. But they also own and actively control ownership and usage of Apple branded standards and formats, and they determine what is and is not going to be allowed into them, that might be more open-source as to formatting – to the to the extent that they allow for that at all (e.g. their supporting bluetooth connectivity as a layer in an otherwise proprietary connectivity format protocol stack.) And Apple definitely owns and controls its brand and its name recognition. From a consumer perspective, anything they acquire from or through an Apple store, and either from a bricks and mortar storefront or online, comes entirely from Apple, Inc. Everything so offered is an Apple product. The partner businesses that contribute to Apple products are entirely eclipsed in branding and name recognition and very few Apple users could name even just one partner business that contributes, for example some specialty hardware component, or even a partner business that plays a key role in overall assembly of at least one line of Apple products.

With this in mind, I come to a second defining question:

• If as in the case of Apple, one partner business predominates and in a way that leaves all other participating businesses essentially invisible to end-user and purchasing markets, then where would these “lesser partners” gain value here?

The answer to that is easy: sales and profitable revenue generation. Ultimately, it is business effectiveness and capacity to create marketable value and revenue flow to match it, that count here, and it does not matter how widely known their role is in the collaborative systems they participate in, in order for them to reach their value creation and profitability goals. And this brings me directly to the issues and questions of operational systems and:

• Making sure as an ongoing due diligence requirement, that all operational processes in place in supportive partner businesses in these collaborations,
• Actively support those systems that they have entered into that actively drive their revenue generation and that actively sustain them in the process.

This means more minor supporting businesses seeking to participate in supply chain and related systems, in ways that bring positive value to all participants, as a means of keeping these collaborative systems stably profitable for themselves. And a well-run leading partner business in asymmetrical business-to-business collaborations will actively seek to positively support its smaller supporting partner businesses too, as the success of their supporting partners feeds into their own by helping those businesses to more effectively meet their needs and in a timely and cost-effective manner. Switching perspectives there and certainly from a longer-term perspective, a leading partner business in such collaborations risks losing access to good collaborative partner businesses if it gains a reputation for burning supporting businesses. The best supplier and specialty provider businesses that it would seek to work with and gain value from in this manner, essentially always have choices in which other businesses they would work with. And if they see a prospective collaborative opportunity as offering more risk than positive benefit to themselves, they will go elsewhere leaving that perhaps larger potential partner with fewer and lesser value options to work with in meeting their perhaps most pressing outside-sourced needs.

The above two bullet points and the paragraph that follow them sound reasonable on one level and can be, and accurately so. But they contain within them some assumptions that do not always hold true. I am going to conclude this posting by at least starting to identify and address them, beginning with the two bullet points and from the smaller, supporting business side of a business-to-business collaboration.

Yes, a business that seeks to gain value from entering into and participating in a business-to-business collaboration is going to benefit from making an effort to arrive at and maintain a mutually beneficial relationship there. And this means making the connecting systems and processes that functionally define an ongoing recurring collaboration reliable, predictable, timely and cost-effective – and for all concerned. This certainly applies in the short-term, and when dealing with current collaborations and the current context that might make them profitably worthwhile. But longer-term, it is vitally important that any business that enters into business-to-business collaborations remain flexible too, as circumstances can change. If a smaller business that for example produces and provides some specific line of parts or subassemblies for other manufacturers, takes on a single larger partner business as its sole client, and loses that business and even just briefly, it might fail into bankruptcy as a result and quickly if it does not have adequate reserves or back-up plans.

I wrote of Apple’s proprietary standards above, when briefly outlining how it is the largest and more powerful partner in any business-to-business collaboration that it enters into. What would happen to one of its smaller supporting partners if Apple were to suddenly walk away from them when their contract to work together comes up for renewal – and without warning from Apple that this was even being considered? Consider a smaller partner business that has put itself in the position of only manufacturing for Apple as its sole client, and to Apple’s proprietary standards and formats. And now it quite unexpectedly has to find new client businesses and retool its production lines away from what it has been doing for this one client company, if it is to manufacture for other partner businesses, and with all of the next-step, up-front costs that that entails.

• Longer-term due diligence means balancing ongoing and long-term flexibility and capacity for resilience, with here-and-now and shorter term need to efficiently meet current business contracts and transactional requirements.
• And this becomes particularly, critically important when a smaller business or really any business finds itself beholden to a single client business as the sole purchaser of all that it provides that would bring revenue into its coffers.

And from a leading business perspective in such collaborations, needs and requirements change. And their due diligence analyses and the decisions that arise from them can in fact lead those businesses to make changes in their selection of which other businesses they would actively collaborate with. This can mean changing what they require from the partner businesses that they work with, where meeting new requirements would entail significant retooling and other costs on a partner business’ part. Or it could mean cutting back the level of business carried out collaboratively with a current partner business, or it can even mean ending such a relationship with them entirely – and even at least relatively abruptly. So the points I made above that I have been commenting upon here, apply in the shorter term and when such collaborations are mutually beneficial. But circumstances and due diligence decision making conditions can change and certainly over longer stretches of time. Both sides of a business-to-business collaboration should strive to make these relationships work and profitably for all involved while they are in force. But such collaborations begin, and with time they end too. This also has to be taken into account.

I have been running a concurrent series on a general theory of business as Section VI of Reexamining the Fundamentals, in which I discuss businesses and their collaborations in terms of general principles. And one of the approaches that I have been delving into there is the application of game theory to understanding business decision making and its follow through in actions taken (starting with its Part 12: Some Thoughts Concerning a General Theory of Business 12: considering first steps toward developing a general theory of business 4.) Think of the two bullet points and following paragraph that I have just been commenting on here, as representing an implicitly win-win game strategy approach. And think of my commentary in follow-up to that as allowing for a more win-lose approach as well. I offer this comment here to connect this series to that one as a source of foundational background to what I have been offering here. And I offer this note to highlight how different businesses in supply chain and other collaborative systems can align or diverge in their basic conceptual understanding of the systems that they participate in, and of the strategies that they should best follow in them.

I am going to conclude this series, at least for now with a final installment in which I will focus on alignment and divergence in what participating businesses seek to achieve in business-to-business collaborations, and in how they would pursue their perhaps diverging goals. And to return this overall discussion to a tight focus on vertical, and I add horizontal integration, as carried out in-house, I will discuss the risk and benefits issues of alternatively working with other businesses or going it alone and seeking to do as much as possible in-house. And as with much of this series, I will consider Apple Inc. and its decisions and actions as a case study example for that.

Meanwhile, you can find this and related postings and series at Business Strategy and Operations – 4, and also at Page 1, Page 2 and Page 3 of that directory. And see also Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation.

Rethinking national security in a post-2016 US presidential election context: conflict and cyber-conflict in an age of social media 1

Posted in business and convergent technologies, social networking and business by Timothy Platt on May 12, 2017

We all face two fundamental challenges: two fundamental limitations in our thinking about risk and how to respond to it, and I am not sure which is more problematical:

• We can and all too often do, get so caught up in our standard routines, that we fail to pick up on and see what in retrospect were even clear warnings of new and emerging risks and threat vectors faced from routinely, automatically following them, and
• We can and all too often do overestimate both the range and reach of whatever security and risk management systems that we have in place now, and the range, reach and effectiveness of any newest and best add-on security solutions that we do institute.
• And that second presumption just starts with our tacitly assuming, for example, that if we have just uploaded the newest update patch to our anti-viral and anti-malware software in place, then our computers and networked systems must be essentially completely secure from those types of threat now, as if new and locally known but yet to be exploited zero-day vulnerabilities were now impossible. That second presumption can and all too often does find its way into all of our information systems security thinking, as an at-least starting point default that we have to continually watch out for and challenge.
• The two challenges noted in the first two of these bullet points in fact represent different sides to a single overall security risk phenomenon, and it is one that is much more wide-reaching than would just be encompassed in my simple if commonly familiar anti-virus/anti-malware example. And those two challenges comprise differing sides to that one larger source of risk that can and do interact with each other and build upon each other with an ongoing toxic synergy.

Let’s think past the walls and blinders that this synergy can and does create for us, and in more open-ended and general terms. What do we currently actually face? We might know, for example, of ongoing online problems such as social media troll behavior (see, for example Trolls and Other Antisocial, Disruptive and Divisive Social Networkers – Part 1 and its Part 2 continuation, and Cyber-Bullies, Cyber-Stalkers, Trolls and the Individual Social Networker.) And we might know of ongoing problems that we face societally such as how our online potentially-globally connecting community has been effectively shattered into separate epistemic bubble-limited groups and demographics, each with their own accepted “news” and opinion sharing sources and their own echo chamber validation of all that is known and presumed within them, and with no outside alternatives allowed in (see for example Thinking Through the Words We Use in Our Political Monologs .) And by now everyone should know about computer hacking and how sensitive and confidential information that is surreptitiously stolen from a targeted computer system can be publically posted online and through social media and related channels to cause explicit targeted damage, through resources such as Twitter and through sites such as WikiLeaks. But we do not necessarily connect the potentially connectable dots that emerging problems such as these create, to see how they and a constellation of other closely-related, weaponizable options could be used together to launch and carry out new far-reaching forms of unified cyber-attack, and against a business or organization, or even against an entire nation.

Note that when I wrote my above-cited 2010 cyber-trolling related postings, I explicitly did so in terms of individual online behavior, and in terms of what were for the most part still just lone individuals acting on their own initiative and in pursuit of their own personal agendas. That side to this challenge, of course still happens. But now the disruptive potential inherent in that once more localized and impact-limited form of antisocial behavior, has been weaponized as a key element for launching closely coordinated, targeted attacks too, with networks of trolls working together in a systematic centrally organized manner.

Think of this as scaling up the dark side to online social media for use in cyber-attacks, exactly as taking over veritable armies of individual, otherwise unrelated and geographically dispersed personal computers in assembling malware-controlled botnets can be used in launching attacks against even the largest organizational networked computer systems. And that quantitative shift on the trolling behavior side of this, makes troll behavior and related, a qualitatively new threat element too, just as coordinately suborning control over distant personal computers through assembly of organized botnets, made that a qualitatively new threat – and a qualitatively new weapon too.

And if new arises when the nature and scale of single specific potential cyber-vulnerabilities and cyber-threats such as these are scaled up individually, it also arises as at least initially, seemingly disparate and unrelated attack options and supportive circumstances for them (such as the ones noted above) are brought together and coordinately organized as new overall tools for new forms of potential cyber-warfare.

Let me add a third fundamental challenge, and limitation on our part to the above two that I began this posting with:

• Regardless of how many times we have stumbled for doing so, we all tend to prepare for the last battle faced and fought: the last war that we had to deal with and its learning curves, and not for the one that might be coming towards us.

I wrote a series to this blog beginning in September 2010 that focused on targeted malware, and with the stuxnet computer worm offered as an at least initial poster child example of that, that I built a more comprehensive discussion around. See Ubiquitous Computing and Communications – everywhere all the time, and its postings 58 and loosely following for Parts 1-15 of that series, and particularly see its Part 3: Stuxnet and the Democratization of Warfare.) We are all still thinking and planning in large part in terms of malware and target-specific malware as exemplified by stuxnet as a then game changing example. And we all think in terms of big systems attacks, such as large-scale botnet-driven dedicated denial of service (DDoS) attacks on business and government network servers and server farms. Those are still ongoing concerns, as are a great many other older sources of vulnerability that we should be more effectively managing, and limiting for their effectiveness against our networked systems. But the next big cyber-attack faced, and certainly any next such attack that rises to a level of impact so as to qualify as an act of cyber-warfare, is going to be led by and even build around weaponized use of social media and the interactive online, and other new and related, still just emerging threat vectors.

I have written repeatedly in this blog about how we do not learn from threats already faced and certainly when they have only been carried out somewhere else and against someone else, when updating and safeguarding our own computers and networked systems. I recently addressed that issue here in the new and still just emerging context of our still embryonic and forming internet of things, in Rethinking online security in an age of the internet of things: the more things change, the more they stay the same.

And this brings me to two areas of discussion that I have been leading up to in this posting:

• Russia’s recent forays into election interference through cyber-attack and both in the United States and in Europe, and
• A generally stated reframing of the overall cyber-security threat theatre faced and its dynamics, that would include within it an awareness of new and disruptive threat possibilities and influencers such as the ones I have just touched upon here.

I am going to continue this discussion in a next series installment where I will delve into those issues, starting with Russia’s recent interference in the 2016 United States elections, and on Great Britain’s Brexit vote and in recent European elections.

Meanwhile, you can find this and related postings and series at Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation. And you can also find this and related material at Social Networking and Business 2, and also see that directory’s Page 1.

Meshing innovation, product development and production, marketing and sales as a virtuous cycle 4

Posted in business and convergent technologies, strategy and planning by Timothy Platt on April 30, 2017

This is my fourth installment to a series in which I reconsider cosmetic and innovative change as they impact upon and even fundamentally shape the product design and development, manufacturing, marketing, distribution and sales cycle, and from both the producer and consumer perspectives (see Ubiquitous Computing and Communications – everywhere all the time 2, postings 342 and loosely following for Parts 1-3.)

My goal for this posting is to explicitly discuss virtuous business development cycles and their vicious cycle counterparts, and I begin this by noting that I have already begun doing so, by way of two specific working examples:

• A more positive, proactively planned and carried out example as drawn from garment manufacturing, where more expensive metal zippers are replaced with less expensive plastic ones (see Part 2), and
• A reactively and at most shortest-term, short term planned negative example that I have come to refer to as the restaurant death spiral, as I explained when presenting this scenario in Part 3.

Let’s begin this by playing what-if in reconsidering those two working examples, starting with the one that I presented in its more positive light: the manufacturing decision to switch from using a more expensive metal zipper to a less expensive plastic one.

First of all, I note here that when manufacturers take steps like this, they often approach this possibility with a goal of effecting change throughout their materials selection and manufacturing process systems, and not for just one decision point such as selection of zippers to include in their finished products. And they start that analytical, decision making process at the points in their design and manufacturing systems where they can predictably affect the greatest savings, at the lowest quality control risk: maximizing the positives while minimizing any negatives there. So in the case study example examined in Part 2 and under reconsideration here, this manufacturer would have done their homework before investing in or entering into this type of specific change so they would know in advance, basic details such as:

• How well these newer plastic zippers work,
• How long they last,
• How easily they break and certainly in comparison to the metal ones that they have been offering,
• And if and how customers accept them,
• Where the answers to the sets of questions that the above points raise would vary depending on where these zippers would be sourced from.

That last point highlights what in most cases would be the ultimate due diligence decision making criterion, where at least one source would have to be able to provide acceptable answers to those questions for a potentially purchasing manufacturer to proceed here in making this materials-used change.

Some third party providers would offer better quality plastic zippers than others and some would offer lower priced ones, and the trade-offs between quality and cost would be crucially important in all of this. But this only reflects two of a larger set of important issues here, and certainly as framed by the first four points here. The answers to the questions raised by the above bullet points and to others that would have to be asked, would vary from source to source for these pre-manufactured parts. And deciding where to source these items, would involve making trade-off decisions for what might be directly competing considerations such as per-unit cost of purchase, versus durability. And with that noted, I turn back to more fully examine the fourth bullet point from above, and the customer’s perspective on this.

That means durability and how long these zippers last before breaking but it also means ease of use by a garment wearing customer. Do they jam too easily, and even if they come through any effort to jerk them open again or closed without breaking? A finding that the zippers might be cheap and durable, but that they tend to jam when used and with unacceptably high frequency would not be a positive here. Quality, ultimately, is determined by the end user customer and not just by the manufacturer as for example when considering issues such as ease and cost of putting these zippers into garments on their assembly lines.

Ultimately, if the customer is dissatisfied with the zipper on a new jacket they have just purchased, they are going to be dissatisfied with the garment as whole and probably with its manufacturer too as a whole. But if they are satisfied with this change they are unlikely to even really notice it at all. So there is a real asymmetry of impact here. Risk analysis and quality control evaluation and follow through would focus on the more impact expanding possibilities of, in this example new plastic zipper failure and on the overall potential costs that this could lead to. So here, and particularly when this is a manufacturer that seeks to offer quality: not just cheap knock-offs, higher quality and a more modest per-item savings in manufacturing might win out. And it probably should.

But let’s play what-if here. Let’s assume, and I will be a bit cynical here, that a third party provider sent a specially selected lot of zippers to this manufacturer for trial use when they knew that they were being evaluated for a possible large and long-term contract with them. And now that this manufacturer has signed this contract with them, they just ship them whatever comes off of their assembly line for the make, model and size zippers ordered – and with less quality control added in for any given batch: no pre-shipping extra-step screening for possible defects or other problems.

• Did this garment maker do their homework, checking to see what other garment makers have experienced when sourcing zippers from this company for use in their products? Or did they make their decisions to buy from this source essentially entirely on the basis of their own reviews of a sample lot shipped to them?
• And let’s consider that contractual agreement. How does it cover quality control issues and for terms of payment, requirement for replacement of items found to be problematical, and contract termination if quality control issues from this source reach a level of significance? That last detail is the one that will come back to haunt this garment manufacturer if anything does, and certainly if they have entered into an agreement to buy at least some minimum volume of zippers from this sourcing business to among other things cover their claimed costs of setting up a production line for that work.
• Who actually wrote the terms defining what would qualify as a contract breech defining loss of quality control here, and what does it say? Does it favor the zipper manufacturer here, or the garment manufacturer that would purchase these items from them, or both and if so in what way? Assume that it would be impossible to prove that the zipper manufacturer knowingly sent a highly unrepresentative sample of their product offerings for trial use, where that in and of itself would qualify as a deceptive business practice that would nullify most such contracts. Assume that any binding resolutions made would be based on the terms of this contract itself as if entered into in good faith by all involved parties.

Proactive only works here if the right details and considerations are in fact all proactively considered. And as soon as a significant one arises that was not addressed in advance of contract signing, everything becomes as reactive and after the fact for this scenario too, as was outlined in my more negative working example, restaurant death spiral case.

Now let’s reconsider that example too. And let’s start out with a detail that on the face of it sounds crazy, but that I have in fact seen done. A restaurant buys canned goods and even when local seasonally grown fresh produce alternatives are available, because no one there has the time or expertise to go to the wholesale markets or directly to the local growers to source that way. They start out as a modestly consistently profitable business doing this! And then they get into trouble and in this case the owner decides that they have to make the sweat equity and learning curve investment of cutting costs (and improving quality) by at least seasonally buying locally and using fresh where they can. This changes everything; their cost cutting is now being carried out at least in part with an intense awareness of ongoing quality and as a matter of reducing cash flow challenges to the business by accepting greater owner burdens – but ones that would in fact improve the restaurant. I have just reframed this away from being a death spiral scenario per se and certainly if this type of more positive change predominates in what is done overall and if this approach is expanded in a next redevelopment cycle.

I have reframed this example from simply representing a death spiral scenario and certainly if more positive changes predominate in their overall impact over more negative ones, and particularly in the eyes of their customers and potential customers in their reachable marketplace. And this brings me to a second foundationally important point that I would make here:

• If the difference between these two basic scenarios and approaches discussed here lies in thinking through and examining the right details and factors and proactively getting them right,
• It also plays out in considering all of these factors in the larger context and for how everything fits together – and in how this larger perspective impacts upon the customers who ultimately pay the bills and who would or world not contribute to keeping the business viable and successful.
• This is a point where the garment manufacturer and the restaurant, and essentially any product providing business face essentially the same challenges and issues.

And this is where virtuous and vicious cycles enter this narrative. Both take place as cycles: and with at least two and probably many more rounds of proactive where possible, and reactive where necessary action and reaction.

• Virtuous cycles positively build on successes achieved and on how they were arrived at, and
• Vicious cycles seek to endure where viable paths to positive business building do not seem to present themselves, at least at acceptable costs to the business owners.

To follow-up here on my second example from Part 3, if the owner of restaurant realizes and accepts that they are going to have to step way outside of their usual comfort zone to identify and reach out to local farmers in their area, to buy local produce from them and enter into supply chain agreements with them for continuity of supply, they are creating a foundation for what can become a very positive virtuous cycle. And if they couple this first change with a shift to a seasonal menu where they can always offer best-price, best quality and as locally as possible, they might find whole new types and levels of business success from that. But if they are never willing to take that first step – here let’s say with sourcing and buying local spring and summer produce, none of this potential good can happen.

• Ultimately, the difference between virtuous and vicious here is in the details, with larger positive or negative patterns emerging from the perhaps individually small decisions made, actions taken and commitments made, or not.
• And ultimately, a business owner can decide which of these two paths to take, simply by virtue of whether they are willing to step outside of their comfort zones and attempt what for them at least, would be their new and still at first unknown.

I am going to continue this discussion in a next installment where I will more explicitly consider paths of change, and in both their gradual and disruptively intrusive forms. And in anticipation of that, this means building for agility and resiliency. In anticipation of that narrative, consider the potential consequences of weather-related crop failure for the virtuous cycle restaurant owner of above, who has sought to develop their newly reframed business in buy-local terms and with that as a defining feature of who they are now as a restaurant.

Meanwhile, you can find this and related postings and series at Business Strategy and Operations – 4, and also at Page 1, Page 2 and Page 3 of that directory. And see also Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation.

%d bloggers like this: