Platt Perspective on Business and Technology

Rethinking national security in a post-2016 US presidential election context: conflict and cyber-conflict in an age of social media 3

Posted in business and convergent technologies, social networking and business by Timothy Platt on August 16, 2017

This is my third installment to a new series on cyber risk and cyber conflict in a still emerging 21st century interactive online context, and in a ubiquitously social media connected context and when faced with a rapidly interconnecting internet of things among other disruptively new online innovations (see Part 1 and Part 2.)

I concluded Part 2 of this narrative by proffering a briefly outlined solution to a problem, and in a way that could be seen as highlighting a fundamental conundrum faced. More specifically, I wrote in Parts 1 and 2 of how new and emerging value-creating technological innovations such as online social media and cloud computing create new opportunity for more malevolent use too, even as they create whole new worlds of positive opportunity. And to pick up on just one of the many facets to the positive side of this transformation, that make its advancement inevitable:

• Consider how essentially anywhere to anywhere and at any time, ubiquitous connectivity through small, simple smart phones and tablets has changed the world, reducing friction and barriers and bring people together and even globally,
• And particularly when cloud computing and for both data storage and for processing power, have in effect put always-connected supercomputer, super-communications devices into everyone’s hands. Think of this as ubiquitous connectivity and communications with what can amount to arbitrarily wide computational bandwidth, and equally wide ranging data storage, retrieval and sharing capabilities supporting it.

Now consider how this capability can be exploited by both individual black hat hackers, and by large organizations: governments included, that seek to exploit newly emerging cyber-weaknesses that arise from these new technologies in pursuing their own plans and policies. I wrote in Part 2, at least in brief and selective outline, of how Russia, China and North Korea have done this, as case in point examples. And in the course of that, I noted and at least began to discuss how the vulnerabilities exploited there, always have two faces: technological and human, and how the human side to that can be the more difficult to effectively address.

That led me to the quickly outlined “cyber security solution” that I made note of above and that I first offered at the end of Part 2, where I wrote of cyber-defense and security in general as calling for:

• Better computer and network user training,
• Better, more up to date and capable automated systems,
• And usage options channeling systems that reinforce good practices and discourage or even actively prevent bad, risk-creating ones.

Then, after offering that, I added that “technology fixes are always going to be important and necessary in this, but increasingly the biggest vulnerabilities faced come from human users, and particularly ones who are trusted and who have access permissions, to critically important systems.”

I begin addressing this ending point to Part 2 and starting point to this Part 3 by picking up on one of the Russian government sponsored and led examples made note of in Part 3, where the Russian government explicitly sought to influence and even suborn the 2016 elections in the United States, including their presidential election. One of the key attack vectors used was a phishing attack campaign that gave them access to the Democratic Party email server system, used for within-Party confidential communications. This attack helped Russian operatives and private sector participants working for them, to insert malware into those server computers that gave them direct access to them for copying files stored on them, as well as capability for damaging or deleting files stored there. And this gave them the ability to edit as desired, and selectively leak emails so covertly captured too. And this was done and according to a timing schedule that would cause the greatest harm to a Hillary Clinton, Democratic Party presidential campaign, significantly helping Donald Trump to win the White House.

Let’s reconsider the three “to-do”, or at least “to-attempt” bullet points that I just repeated here from Part 2, as a first-take “cyber security solution”:

• Training only works if people who receive it actually follow through and do what they have been taught.
• “Better, more up to date and capable automated systems” as an operational goal, is always going to constitute a moving target, as both new positive capabilities and the new vulnerabilities that they bring with them arise and become commonplace.
• And the ongoing emergence of this new and different, and particularly of an ongoing flow of disruptively new and different, can make good practice shaping and requiring systems, obsolete almost before they are really implemented – and particularly given the challenges of the first of these three bullet points.

How did the Russians hack into the Democratic National Committee (DNC) confidential email servers that they specifically targeted here? Setting aside the technical side of this question and only considering the social engineering side to it, all that took was one person who was trusted enough to be given access to this email system, who would click to open what probably should have been seen to be suspicious links in an email that they had opened with their standard email software. Then when they went to the DNC secure server with it, they delivered the malware that they had just infected their computer with from this, and the rest was history.

• This is very important. It did not matter if a thousand others had deleted the malware-carrying emails that this one use opened and clicked into, if just that one trusted systems user did open at least one of them and click at least one link in it.

There is a saying to the effect that a chain can be no stronger than its weakest link. Reframing “link” in human terms rather than hyperlink, cyber terms, all it takes is one weak human link in this type of system, among its community of trusted and vetted users to compromise the entire system. And they only have to set aside their judgment and training once, at an inopportune moment to become that crucially weak link.

Let me add one more innovative element to the positive value created/negative vulnerability created from it, paradigm that I have been developing and pursuing this series around: automation and the artificial intelligence based automated cyber systems that enable it. These smart systems can be and increasingly are being developed and implemented to create automatic nuanced flexibility into complex information and communications systems. They can be and increasingly are being used to promote what many if not most would consider more malevolent purposes too, such as attempting to throw national elections. Automated systems of the type that I write of here are consistent and always follow their algorithmic protocols and processes in place, and they are becoming more and more subtle and capable in doing this, every day. They do not tire or become distracted and they do not make out-of-pattern mistakes. And here, they are pitted against individual human users of these systems, who all at least occasionally do.

Let’s reconsider the three to-do recommendation points that I initially repeated here towards the top of this posting:

• Training only works if people who receive it actually follow through and do what they have been taught.
• “Better, more up to date and capable automated systems” as an operational goal, is always going to constitute a moving target, as both new positive capabilities and the new vulnerabilities that they bring with them arise and become commonplace.
• And the ongoing emergence of this new and different, and particularly of an ongoing flow of disruptively new and different, can make good practice shaping and requiring systems, obsolete almost before they are really implemented – and particularly given the challenges of the first of these three bullet points.

And I match them with the issues and challenges of this posting in mind, with a brief set of matching questions:

• How best can these technology/human user systems be kept up to date and effective from a security perspective, while still keeping them essentially intuitively usable for legitimate human users?

The faster the technologies change that these systems have to address, and the more profoundly they do so when they do, the greater the training requirements that will be required at least by default and according to most current practices in place, and the less likely it becomes that “potentially weaker links” will learn all of this New and incorporate it into their actual online and computer-connected behavior, and fast enough. So the more important it becomes that systems be made intuitively obvious and that learning curve requirements be prevented, to limit if not entirely avoid that losing race towards cyber-security safety. And yes, I intentionally conflate use per se and “safe, security-aware” use in this, as they need to be one and the same in practice.

• Moving targets such as “better, more up to date and capable automated systems” of the type cited in the second above-repeated point, tend to become harder to justify, at least for the added effort and expense of keeping them secure in the face of new possible challenges. That certainly holds true when these information technology and communications systems keep working for their current iterations, and when updates to them, up to now have seemed to work and securely so too. How do you maintain the financial and other support for this type of ongoing change when it succeeds, and continues to – in the face of pressures to hold down costs?

Unfortunately, it is all too common that ongoing success from using technologies, breeds reduced awareness of the importance of maintaining equally updated ongoing (generally expensive) protective, preemptive capabilities in them too. And it becomes harder and harder to keep these systems updated and with support for doing so, as the most recent negative consequence actually once faced, slips farther into the past. And to put this point of observation into perspective, I suggest you’re reviewing Parts 1 and 2 of this series, where I write of how easy it is to put off responding to already known and still open vulnerabilities that have struck elsewhere, but not here at least yet.

And for Point 3 of that list, I add what is probably the most intractable of these questions:

• In principle, non-technology organizations that do not have strength in depth in cyber issues and on how best to respond to them, can be safe in the face of already known threats and vulnerabilities, if that is they partner for their cyber-security with reliable businesses that do have such strengths and that really stay as up to date as possible on known threat vectors and how they can be and are being exploited. But what of zero-day vulnerabilities and the disruptively new: how can they be at least better managed?

I am going to continue this discussion in a next series installment, starting with these questions. And I will take that next step to this narrative out of the abstract by at least briefly discussing some specific new, and old-but-rebuilt sources of information systems risk. Meanwhile, you can find this and related postings and series at Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation. And you can also find this and related material at Social Networking and Business 2, and also see that directory’s Page 1.

Donald Trump and the stress testing of the American system of government 20

Posted in social networking and business by Timothy Platt on August 15, 2017

This is my 25th installment to what has become an ongoing series of postings in which I seek to address politics in the United States as it has become, starting with the nominations process leading up to the 2016 presidential elections (see Social Networking and Business 2, posting 244 and loosely following.) And this is also my 20th installment here since the inauguration of Donald Trump as the 45th president of the United States.

I distinctly remember watching one of president Trump’s official spokespersons in a televised White House press briefing, respond to a reporter’s accusation of chaos in the Trump administration, by proclaiming that “Trump thrives on chaos.” That was several official White House press secretaries and other senior spokespersons ago, and it dates to before Trump realized that cameras and open questions from reporters were not always all that good for him at those events. Still, this presented a form of candor that is shocking for its clarity, and certainly in light of the rest of president Trump’s ongoing message.

And like any door opening revelation, this one has led us to new questions that we would not have even known to ask. By now we all know what the word “chaos” means in that context: the 45th president’s “business as usual.” He has been burning through and replacing what should be the stably-in-place senior members of his staff at a rate that, to use one of his favorite words, is genuinely “tremendous.” And that includes replacing his White House communications directors with the most recent one before now: Anthony Scaramucci only lasting ten days in that job. Trump has yet to get even just one major piece of legislation passed through Congress and in spite of a great deal of effort to break that impasse. And the largest single feat that he has actually accomplished from all of his effort at getting legislation passed has been to shatter the Republican Party solidarity that in principle might have meant his being able to get his agenda passed into law, and even easily. His Republican Party hold in Congress has been effectively thrown into chaos and in both the House and Senate, with enough by now reliable dissenters from among “his own” Party’s ranks, consistently breaking ranks to insure that this pattern of failure will mostly continue.

Let me take that assertion out of the abstract with a specific example. Trump has actively sought to block investigation into possible Russian government-led interference in the 2016 US elections, as discussed in earlier postings to this series. And he has also actively tried to thwart sanctions against Russia, from Congressional action, while doing that. Then the:

House passed a massive Russia sanctions bill, and overwhelming so, on July 25,2017 and almost immediately thereafter the Senate followed suit and passed it too.

It is important to note that at the same time this bill placed punitive sanctions on the Russian government and on businesses and organizations in that country with links to their government, it also specifically moved to prevent president Trump from undoing or bypassing those sanctions on his own. This bill placed sanctions on Trump too. And it passed in the House, 419 for and only 3 against. And it then passed in the Senate, 98 to 2. Trump was forced to sign this or else face the humiliation of seeing his own Republican party overwhelmingly overturn his veto, making him look that much weaker.

I have discussed his failures at getting his vision of healthcare reform passed into law in a number of earlier installments to this series. And his failures there have just continued on. Prospects look dim for his bringing Congress to pass his tax reform agenda into law, or his immigration policy or any other major initiative either. And resistance from his own Party’s elected leaders goes way beyond Congress too, with Republican governors breaking ranks with him on immigration and environmental protection and a wide range of other issues too. In fact the only area where president Trump has been able to advance his agenda has been where he can do so by executive order and either himself or through his senior appointees. At least selective aspects to what Donald Trump would call regulatory reform come to mind there, as do his more draconian interpretations of how Homeland Security and its agencies should enforce immigration policies already in place.

“Trump thrives on chaos.” What does a word like “thrive” mean in a Trump presidency context? What does he see as success, beyond his keeping the support of his true believer base? And when president Trump, with his win-lose approach to the world, sees himself and his administration as winning in all of this, what does that say about his relationship with his own political party that he nominally leads? What does this say about Trump as a leader of the United States as a diverse nation, or of the free world?

And this brings me to the issue that has prompted me to write this series installment at all. I very actively added to this ongoing narrative and at a rapid pace when I was discussing and analyzing the earliest days of the Trump presidency and the question of his basic competency, during his first 100 days in office. And a great deal of that was an attempt to put president Trump and his issues in perspective and both historically and in terms of constitutional law. But The Donald mostly seems to repeat himself, primarily carrying out new variations on the same problematical decision making and follow through. If he is the embodiment of chaos in the White House, that in his case means relatively narrowly constrained and highly repetitive chaos, with his making essentially the same mistakes in judgment and action again and again and again and ….

Why am I adding this installment to this series now? On one level I could cite how Trump’s chaos has empowered Xi Jinping and his Chinese government, from the power vacuum that Trump has left in his wake. And I could cite the chaos and confusion he has sown for our national allies and globally. I could cite what politely would be called his pissing match with the psychotic leader of North Korea, Kim Jong-Un. I could cite his complete, and I add completely inept inability to disavow the words and actions of hate driven extremists such as David Duke and the Ku Klux Klan, the American Nazi Party, and white supremacist extremists. They claim to be key supporters in his political base and Donald Trump is incapable of disavowing anything that his supporters would say or do, least he somehow diminish his supporting base! I could delve into any combination of these issues here, and more that I did not bother to add to this already lengthy and depressing list. But instead of that, I would step back to consider a larger, overarching issue that enters into and informs all of these more specific friction and pain point issues:

• Donald Trump does not learn, ever. And by all appearance he is incapable of learning too.

Trump got a ghostwriter: Tony Schwartz to actually write “his” book, The Art of the Deal. (See Donald Trump’s Ghostwriter Tells All , as published by The New Yorker.) How could someone with Donald Trump’s attention span, his lack of basic factual knowledge and his limited intellect successfully pass a business degree program, or an undergraduate college degree program for that matter, without “help?” No, I do not have any evidence that would show he did not successfully complete these academic programs on his own. I just find that assertion as incredible as Trump’s claims about the live audience size in front of him when he was sworn into office as the 45th president.

Investigations proceed and on several fronts now into Russian interference in the 2016 US elections, and on possible Trump campaign collusion in that. And it is apparent that this effort has gone on to look into possible direct involvement of both his family in this and of his own. And investigations are proceeding just as actively into possible conflict of interest violations of US federal statutes too. And president Trump is also at least potentially facing obstruction of justice charges too: the type of charges that ended Richard Nixon’s presidency. What will happen next? The only detail to the answer to that question, that I can reliably offer here, and with real confidence is that president Trump will back into it from a failure to learn anything from what has happened or from what is happening now or from what will happen in the coming days, weeks and months. And he will proclaim his outrage and declare himself to have been victimized by all of his detractors, and on the basis of “fake news” and even in the face of photos of him with the proverbial smoking gun in his hand.

People sometimes confuse “ignorance” with simple lack of knowledge and the limit of what a given individual can and does know. If that were valid, then we would all be ignorant as no one can learn and know more than just a tiny fraction of all that there is to know. Ignorance is very different than that; it is a presumption of already knowing all that is worth knowing and of holding complete truth in understanding. Ignorance is like a vaccination against learning: a hermetically sealed barrier to learning, where even one’s most off the cuff and unconsidered opinion is automatically deemed to be better than any expertly conceived, fact-based judgment of anyone else. Donald Trump does not learn and cannot learn and he is incapable of “growing” into the job of president. His string of business failures and bankruptcies were predictive harbingers of this, and his performance as president to date, simply reinforces the message that that track record offers.

I will add more to this series, when and as events unfold that would warrant that. With a Trump administration and its chaos, I am not going to try to guess when that will be, and certainly not at this time. Meanwhile, you can find this and related postings at Social Networking and Business 2, and also see that directory’s Page 1.

On the importance of disintermediating real, 2-way communications in business organizations 3

Posted in social networking and business, strategy and planning by Timothy Platt on August 12, 2017

This is my third installment to a brief series on coordinating information sharing and communications needs, and information access filtering and gate keeping requirements (see Part 1 and Part 2.)

I began addressing disruptively novel change in an organization and in what it brings to market, and what it has to be able to bring to market if it is to remain competitive there, in Part 2. And I focused in that installment on that array of issues, from a within-business perspective and in terms of its internal systems and their needs and capabilities. My goal here is to flip orientations from that, to consider the business’ outside contexts and how they impact upon and help to shape and prioritize the decisions and actions that I addressed in Part 2, within the organization. And I begin this by at least briefly categorically listing a few of the key players that would enter into any analysis of, or discussion of a market-facing business and its more meaningful outside world. In anticipation of this posting, I cited four of these stakeholder types at the end of Part 2 and I re-list them here with a fifth such entry added in too. Note that while the order that I offer these stakeholder categories in, might seem arbitrary, I chose it with a specific narrative flow in mind for using it. And I add that their order is probably unimportant in general, as any of them can hold greater or lesser importance for their level of direct impact, depending on the business in question and its circumstance:

1. Any business equity holding outside shareholders where this category applies,
2. Change and its pressures as arise in their general customer base and marketplace,
3. And from a business’ individually dominant clients as a special case where an enterprise has them, and both from when a single major client accounts for a large percentage of the work activity and the incoming revenue generated, and from when a significant number of a business’ perhaps individually smaller clients all start demanding change, and when they speak with a single voice and as if one on that.
4. And from among a business’ competition,
5. And from outside regulatory organizations.

Let me begin here by at least briefly clarifying Point 1 of this list. Equity holding outside shareholders can mean stockholders for a publically traded company, and certainly in this context if that company is failing to make changes that a significant percentage of their shareholders would see as necessary, and who are dissatisfied with the business for its financial or other (e.g. environmental impact) performance because of that. I have seen stockholder revolts and they do need to be taken seriously and even if major shareholders from within the business can quash any proposed action from outsiders in shareholder meetings and proxy votes. And this can also mean dissatisfaction and even pressures to influence and even control, coming from major outside investors such as venture capitalists, or from funds managers who individually manage and make ownership decisions that involve large numbers of that business’ outstanding shares as a percentage of shares traded. Think of this as the influence of many smaller voices speaking out as one, and that of individual very large voices as they speak out, respectively. Both can mean significant pressure on a business and its planning and execution, and certainly for what have come to be contentious actions or positions taken.

Now let’s consider Point 2 and Point 3:

• Point 2’s market participants individually make their decisions as to what to purchase if anything, and when and where, as individuals and for the most part as individual product end users. This need not involve concerted organized action in any particular way, though fad purchasing can lead to what amounts to that, as can viral marketing and its capacity to at least transiently enlist what can become large numbers of same-minded purchase decision making participants who are otherwise unrelated.
• Point 3 addresses larger single voices and decision makers, and does represent concerted, longer-term organized voices.
• Think of Point 2 and Point 3 here as marketplace counterparts to the two categorical equity holder types noted here regarding Point 1 stakeholders.

Point 3 stakeholders include, among others, single dominating client businesses in business-to-business arenas. And it just as significantly includes major wholesalers that might take on a large percentage of what a business offers in more of a business-to-consumer context. And it includes in that vein, single large retails that might do the same, or even buy out all of what some business produces. Let me take that out of the abstract by citing two examples. Globally, Walmart sells more than one million US dollars worth of toilet paper every single day for overall gross sales. And that number is old now by several years. Their gross annual sales for this one product type is probably at or above half a billion dollars per year now. That type of purchasing power influences suppliers and original manufacturers of all types. And to turn to a smaller but still significantly sized second retail business, for a second such example, consider Trader Joe’s: the supermarket chain. Their approach where possible and realistic, is to only sell products branded to their own name. And they go to small producers and buy out everything they produce for some product type, to exclusively sell in this way, as carrying their brand and as having been vetted for meeting their quality standards. This can, for example, mean buying out an entire vintage year from a small wine producer, or entire production runs and essentially everything that a small pasta or similar manufacturer makes for sale over a contractually agreed to period of time.

Switching categories again in my above-cited categorical list of stakeholders, large numbers of irate stockholders and the news stories their anger and frustration can and do create, can have a very significant collective impact on a business, as can single larger voices for Point 1 and its participants. The collective impact of smaller individual marketplace participants, as by analogy addressed in Point 2, or of single larger ones as per Point 3 can have massive impact too. And for the former, consider the marketing disaster of a business facing a consumer boycott that is heralded and followed as an unfolding news story in the press and on television and online. That can kill a business if it cannot effectively respond and resolve matters. And the loss or threat of loss of some single balance sheet shaping, major purchasing customer can have an equally significant impact too.

I have already at least begin tying this posting’s line of discussion, to this series and its main topic in the above paragraph where I cite the crucial importance of communications here, and of open and as necessary, transparent communications and certainly with all involved parties included there. And that leads me back to the above list of five stakeholder categories and the two groups I have skipped over up to here: Point 4 (a business’ competition) and Point 5 (outside regulatory organizations.)

Let’s start with Point 4. Few people start out thinking of a business’ competitors as holding a stakeholder position to them, but that in fact can be a valid way to view them insofar as a business and its primary competitors in particular, as so strongly influenced by each other. Businesses have a stake in how their competitors do, even in more zero-sum game theory contexts where they thrive to the extent that their competition does not. But in the real world, competitive relationships are not always so simple and do not always take on a strictly win-lose position. As a case in point, a larger, market dominating business might absolutely need the cover of having viable competitors in order to avoid the costly and even all but devastating challenge of antitrust action. Remember, courts have been known to go so far as to force the break-up of companies deemed to be monopolistic and irretrievably so as currently organized. A business that was facing that type of possible action, after for example being warned of it through prior court action, would probably see it as disastrous for them if one of their larger and more presentable competitors looked like it might go under!

Businesses, and certainly in countries such as the United States, are legally barred from colluding with each other as that can be seen as violating antitrust and antimonopoly laws for constituting market manipulation of one form or other. But there are in fact a relatively wide range of contexts where selective and allowed collaborations, and their game strategies that go beyond simple win-lose, would offer greater value and safety and for all businesses concerned.

And this brings me to the above list’s Point 5 and outside regulatory organizations. I am going to address that stakeholder category in my next series installment and will continue from there to more fully discuss all of these categorical stakeholder types in terms of communications and in terms of simplified, disintermediated communications. In anticipation of that, and as a simple example, many legal systems have strong and strongly enforced antimonopoly laws in place that directly impact upon and limit how competing businesses can communicate with each other. But even then, there are carved out exceptions and complexities, as apply for example where businesses that create and sell competing antivirus and anti-malware software products are allowed to work together for example, for sharing updates on new and emerging threat vectors. And a great deal of regulatory law that essentially all businesses have to work within, involves sensitive personally identifiable information and how that can and cannot be communicated and between whom and under what conditions.

There is an old saying to the effect that the devil is in the details. That certainly applies when the issues of this series are considered in more specific contexts. I will at least begin delving into the communications details of all of this in my next installment, having focused on who would do this communicating here.

Meanwhile, you can find this and related postings and series at Business Strategy and Operations – 4, and also at Page 1, Page 2 and Page 3 of that directory. And also see Social Networking and Business 2 and that directory’s Page 1 for related material.

Finding virtue in simplicity when complexity becomes problematical, and vice versa 4

Posted in social networking and business by Timothy Platt on August 2, 2017

This is my fourth installment to a brief series on simplicity and complexity in business communications, and in carrying out and evaluating the results of business processes, tasks and projects (see Social Networking and Business 2), postings 257 and loosely following for Parts 1-3.)

I began this series (in Part 1 and Part 2) with a brief orienting outline of some general principles regarding business communications best practices. And with that in place as a working foundation for what is to follow it in this series, I briefly offered project management as a source of working examples, in Part 2 and in Part 3. And in that, I at least briefly touched upon two distinct but nevertheless vitally important faces to project work:

• The one-off nature of projects and certainly of individual projects as they address non-standard workplace demands and seek to find novel and new solutions for resolving them,
• And the more standardized system of recurringly setting up and running, and reviewing and evaluating projects per se as an ongoing and even regularly resorted to approach.

Individual projects might have one-off and even essentially unique qualities and certainly for what they each individually seek to accomplish, but project support and management systems need to be standardized, and both to set up and run projects more effectively and more cost-effectively as specific endeavors and to more effectively coordinate project work per se with the rest of the business. I have recurringly written about projects and project work in this blog; here I focused on how to more effectively communicate in this type of context.

Then at the end of Part 3, I stated that I would continue this discussion in a next series installment where I will look beyond the more limited context of projects and project management systems, to consider the business as a whole. And I begin that, by making a basic categorical distinction, just as I did when discussing projects as a special case. And the point of distinction that I make here is between:

1. Business processes that are essentially rote-standardized and for what is done and how and by whom, and with what expected inputs and outputs, and
2. Business processes that have to explicitly accommodate change and even explicit uncertainty – and that can even be in place and use in order to help the business to flexibly accommodate change.

Note that I am explicitly and intentionally positing two ends of what in reality is a continuum here, where a flexible and resilient business would have to be widely capable of responding to and resolving at least some change and even unexpected change that arrives without any real warning. And in principle at least, that type of change can arise essentially anywhere in a business and its systems; disruptive change as a special categorical case in point can and does arise where it would be least expected and that is part of what makes it disruptive. But I focus on the extremes at least here and for now, in building an organizing conceptual framework for what could be a wider and more far-reaching discussion. And for purposes of this posting at least, I will refer to these end-point categories as Type 1 and Type 2 business processes.

• Type 1 processes can become rigid and resistant to change and certainly for business activities that have become so consistently standardized that they become taken for granted and all but invisible.
• At the same time, communications patterns and processes in them can become both automatic and minimal and with sparse messaging-only required, and certainly as long as usual and expected continue to hold true.
• Type 2 processes are built around change, and the people who take part in them or who depend upon their being effectively carried out as outside stakeholders for them, have to expect that.
• At the same time, communications become both less routine and more critically important. And the level and range of types of information that would have to be shared and effectively so in them becomes significantly greater too, and certainly when compared to the opposite end of the spectrum, of Type 1.

So if disruptive change happens and either as a one-off event or as the start to what might become a new ongoing reality, it is the Type 1 and closely related processes that are going to fail, and with much higher likelihood and with much greater impact and severity, than you would in most cases find for Type 2 processes.

This represents a crucially important risk management issue, or rather set of them:

• The importance of knowing what is taken for granted and overlooked because it has become so rote and routine and reliable and so taken for granted,
• And the importance of really knowing how those areas of the business are managed and maintained through standardized, if sparse communications patterns and networks in place.

When a critically important Type 1 process or set of them breaks down, the whole business can find itself in trouble – and without having effective communications channels prepared for remediating this, or even for fully characterizing it. And at least in my experience, and perhaps I have been unlucky for this, these breakdowns always seem to happen when a business would be least prepared to respond effectively in general, where for example a key usually stable and reliable computer networking resource that has to be up 24/7 breaks down when only a skeleton staff is on duty in the middle of the night. Type 1 systems never seem to break down at opportune times. But arguably, a real Type 1 systems breakdown can make any time inopportune, and certainly if not at least thought through in advance of that.

I am going to continue this discussion in a next series installment where I will step back from these two extreme point considerations to consider business processes and systems of them in general. And in anticipation of that, I add that I will consider both within-business and external to the business factors that can effect and shape business efficiency and resiliency there. Meanwhile, you can find this and related material at Social Networking and Business and its Page 2 continuation. And also see my series: Communicating More Effectively as a Job and Career Skill Set, for its more generally applicable discussion of focused message best practices per se. I offer that with a specific case in point jobs and careers focus, but the approaches raised and discussed there are more generally applicable. You can find that series at Guide to Effective Job Search and Career Development – 3, as its postings 342-358.

Topologically (contrived opportunistically) connected social networks: rethinking epistemic bubbles and their possible breaking 2

Posted in social networking and business by Timothy Platt on July 15, 2017

This is my second posting to a short series on the potential enabling roles that change and non-systematic encounters can play in effective social networking in general, and business-oriented social networking in particular (see Part 1.)

I begin this discussion with a brief outline of where this series comes from, as offering a proposed social networking counterpart to a higher level functional-organizational process that is observed in complex genetic systems: topologically associated domains, or TADs. My social networking counterpart to this phenomenon is termed here, topologically (or contrived opportunistically) connected social networking, and I loosely defined it in Part 1 as:

• Networking in an opportunistically arising context where people come together for perhaps transiently shared reasons and for perhaps transiently shared purpose.
• The important point here, in keeping with the basic organizing paradigm of the genetic systems TAD, is that this takes place in recurring contexts and even in readily predictably recurring ones, that would not fit the more usual predictable goals-oriented patterns that planned and intentional networking is usually carried out in, where many and even most participants come together in order to pursue specific types of networking and related activity. But the contexts that this form of networking take place in are recurring, as are the widened range of demographics that become involved.

I suggested in Part 1 that this represents a form of networking opportunity that is most open and available to open networkers, and particularly to those who look for opportunity from novel and unexpected directions, and who are willing to reach out to and network outside of their usual circles. Topological networking is not for the faint of heart, or the shy and uncertain. It is for the more extroverted and for those who are willing to take the risk of speaking with strangers and even continuing the conversations so started.

And this brings me to the points that I would add to this brief narrative in this second installment posting:

• When you limit your networking to the known and familiar, you are unlikely to find the disruptively new and novel, and either for insight or opportunity. You are more likely to just hear and see and learn of the already known and the at-most marginally new and different.
• People you know might occasionally share the completely unexpected, but even there this is most likely to only happen if they have connected outside of their usual circles – unless it is to share word with you of an event or development that you would learn of any way through the news or other more generally available channels.
• You are more likely to learn of the new and unexpected from people outside of your usual circle, where the same news and information tends to circle around. And this definitely holds true for new and unexpected that you would not, in effect automatically learn of anyway.

Topological, or contrived opportunistically connecting networking opportunity – coupled with a willingness to actually pursue such opportunity, can open doors and create functional, useful connections that would otherwise be invisible, and as such go untapped. And this brings me to the tag line title for this posting: “rethinking epistemic bubbles and their possible breaking.”

Last year, I wrote a brief posting to this blog on the basis of a talk that I had just given, about how we have come to speak past each other at closest, rather than with each other and certainly in our politics. See Thinking Through the Words We Use in Our Political Monologs. That became a first installment to a series that I have been adding to in recent months, about politics in America leading up to and since the 2016 United States elections (see Social Networking and Business 2, postings 244 and loosely following.) And I first began using the term epistemic in this type of missed and blocked communications context in Part 4 of that series.

In a fundamental sense, what I am doing here in this brief series is to offer with a perhaps too erudite sounding label, a possible way out of the impasse that is inherent to the epistemic barriers and epistemic bubbles of that series; I have been writing this series in terms of business networking but I have been writing it with wider ranging networking and communicating and information and perspective sharing context in mind, than would be included in business oriented networking alone.

Active, contrived opportunistically connected social networking means, or at least should mean intentionally reaching out beyond the usual and familiar and even in potentially uncomfortable directions, where you might hear and see perspectives that are contrary to your current beliefs and opinions – as that can be the only way to see beyond them, or see your own automatic assumptions in them. And it can be the only way to break through the epistemic bubble walls that you are in, and make contact with anyone on the other side.

I began this two posting series in a business context but with this larger context in mind and end it there, at least for now.

You can find this and related postings at Social Networking and Business 2, and also see that directory’s Page 1.

Leveraging social media in gorilla and viral marketing as great business equalizers: a reconsideration of business disintermediation and from multiple perspectives 2

Posted in social networking and business, strategy and planning by Timothy Platt on July 7, 2017

This is my second posting to a series on disintermediation, focusing on how this enables marketing options such as gorilla and viral marketing, but also considering how it shapes and influences businesses as a whole. My focus here may be marketing-oriented, but marketing per se only makes sense when considered in the larger context of the business carrying it out and the marketplace it is directed towards (see Part 1.)

I began this series with a general orienting line of discussion that ended with brief single bullet point descriptions of two specific case study examples that I would delve into, to take the issues raised in Part 1 out of the abstract:

• A new, young, small startup that seeks to leverage its liquidity and other assets available as creatively and effectively as possible, and from its day one when it is just starting to develop the basic template that it would scale up from,
• And a larger, established business that has become at least somewhat complacent and somewhat sclerotic in the process, and with holdover systems and organizational process flows that might not reflect current actual needs or opportunities faced.

I begin here with the first of these examples and with the challenge of a new and still essentially embryonically small business, as it seeks to develop so as to successfully compete with larger well established enterprises. And in the course of developing that narrative, I of necessity will consider the second case study example as well, as an important element of the context that a startup would have to develop in (at least initially considering larger established businesses in general here.) But starting here with the first of those case studies and with that small newly forming startup:

• What do they have to offer that would make them competitive, and what can such a startup offer in an immediately practical sense that can enable it to launch and to grow to a point where it can successfully compete as a profitable venture?

A large corporation might be able to compete with a significant level of overall effectiveness across a wider range of business and market-facing activity and it might be able to cost-effectively offer a wider range of products and services than its smaller competitive counterparts can. And this definitely includes startups and early stage businesses. And this definitely includes smaller businesses in general too and certainly in an online marketing and sales context where local proximity to a customer base might not in and of itself make a real difference for a smaller, locally oriented business. But these smaller ventures can succeed and even thrive in this type of competitive environment, in their own particular niche areas: if they can offer something unique that would appeal to spending consumers, and if they specialize effectively and focus on their niche specialization in doing so.

Gorilla marketing and the use of novel and distinctive marketing approaches, geared and designed to appeal to their own particular niche market audiences, enter into this discussion here, as does viral marketing where members of a customer base and potential marketplace that a business would target, can be brought in to help them with their marketing through online social media and other word of mouth, or word of tweet and so on sharing.

Disintermediation strategies that are operationalized in ways that actively make members of the target market community into marketing allies there, can in fact serve as “great equalizers,” giving even small and new businesses a competitive chance when facing off with their bigger and more established rivals. And that particularly holds true when big per se, in an established market-facing business is coupled with “set in their ways” and even hidebound and rigid in what they do and in how they do it.

I often write in this blog about the need to be lean and agile and adaptable, and in my experience as a consultant it is often the larger and more established businesses that are in the greatest need of hearing that lesson. They are the ones that need to find ways to become resilient in the face of new and emerging competitive patterns and processes that other businesses are confronting them with: new and creative upstarts included.

So want can a larger, Goliath of a business do to effectively compete against smaller Davids, and particularly in rapidly changing markets and industries where they are constantly facing new and perhaps creatively novel niche challenges? A large and diverse corporation that offers a wide range of perhaps only somewhat overall-connected products and services, can find itself facing several and even many such niche competitor challenges at once, each at least somewhat impinging on a different area of its overall business activity. But the leaders and strategists of such a corporation do not in most cases have any way to know a priori which of these new and emerging niche opportunities will emerge as significant and as significantly competing in their marketplaces and in their customer bases, even if they know as a matter of basic principle that at least some of them hold real promise and offer real threat too. And I add that lack of prescient foresight usually holds true even when larger and established businesses could at least potentially develop their own best futures from selectively pursuing the right-for-them new and emerging early stage niche opportunities too. Remember, every great new industry as a whole begins as a new and disruptively creative startup, or as a niche sideline or extension of an older and more established business that it in some way sprang out of, and even as it was seen as of secondary value when starting out for the small pioneer and early adaptor market it first attracts.

Goliath Inc. might be large now, and it might have good name brand recognition and solid sales and reserves to support it. But its ability to compete long-term and certainly under these circumstances, means its being able to capture and develop the right niche markets too, and in the face of those nimble specialty startups that seek to build into them.

As a perhaps extreme alternative to that, I cite the expression “death by a thousand small cuts.” And with that, I explicitly note that I chose a title to this posting that sounds more oriented toward the little guy business and startup, and I am writing about them too. But I am also very definitely writing about larger and more established businesses that can become sidelined by failure to develop into new and emerging niche opportunities, that might begin small and even appear to be insignificant when measured against current cash flow metrics for business lines already established, but that might also represent that larger organization’s best possible next step forward future that it should be developing into.

How can a solidly entrenched business such as Goliath Inc. remain agile and effective in the face of change and its ongoing challenges, where it might not be apparent where new and next is simply new and fad, and when it is new and their best possible future too? How can they know when to simply ignore what might only be marginally competing startups and small niche companies and their markets and opportunities, and focus elsewhere and on their own established core strengths? And how can they best know when they should move into a new emerging innovative niche opportunity too?

• Essentially as a matter of definition, new in the sense under discussion here means outside of the core competency and the core business model arenas of already established businesses. So I am not writing here about circumstances where an established business would automatically be expected to know what to develop and expand into and what to leave for others as falling outside of their area of strength and need.
• I am writing of future developments and not of any particular business’ now and current – and even for the smaller enterprises that dream of capturing new markets out of emerging and still forming niches.

How can and do larger established businesses respond to this challenge when they do see need to act? The obvious and I add first recourse answer to that is acquisition. Established businesses buy out newer, younger, agile and creative businesses that have arrived at and developed new products and the technologies that underlie them, and that have at least proof of principle tested them in real marketplaces. And this does reduce both development costs and risks from attempting to maintain what might otherwise have to be significant research and development programs in-house, while affording them opportunity to obtain exclusive ownership of new that would meet their specific needs.

These points are all valid but let’s consider some of the perhaps hidden costs in that. And I begin with timing costs. The more rapidly changing an industry and market, the shorter the value-offering shelf life of any given outside acquired acquisition, and both because it will be superseded by a next generation alternative and because other businesses, including new agile young startups are building for those niches too.

There is a reason why large businesses that follow an acquisition route here, often end up as serial small business acquirers and with many of the largest corporations taking on as many as hundreds of such smaller businesses over the years.

And now they have to somehow integrate all of this into their overall systems. Do they risk the loss of what has individually made these acquisitions special and valuable to them in the first place, by forcing them in what might be the wrong ways to fit their standard corporate processes and practices in place, maintaining overall consistency throughout their overall organization? Or do they let a potentially vast assemblage of such acquisitions simply continue to operate as is, and as if separate businesses? How and where do they step in and standardize and how and when should they stand back and leave what might be sources of defining value alone to proceed as is?

If a large acquiring business simply takes this hands-off approach as its one and only, default option what happens to its operational and even its strategic systems as organizing frameworks, and certainly as guiding sources of principle for their overall organization? And can they still be said to even have a single coherent business culture or even a single coherent operational and strategic system under these perhaps extremely stated circumstances?

I have just made some business model assumptions here that I am going to explore in a next series installment, where I will consider tightly and loosely organized businesses and what in their looser forms can become value chain business assemblages – with a blurring of the lines between large and small businesses per se. In anticipation of that, I will consider what might be called clearinghouse corporate models. And I will tie this line of discussion back to the questions of what is offered to a business’ targeted markets and how it markets to them, and with gorilla and viral marketing options definitely included there. Meanwhile, you can find this and related postings and series at Business Strategy and Operations – 4, and also at Page 1, Page 2 and Page 3 of that directory. You can find this and related postings at Social Networking and Business 2, and also see that directory’s Page 1.

Rethinking national security in a post-2016 US presidential election context: conflict and cyber-conflict in an age of social media 2

Posted in business and convergent technologies, social networking and business by Timothy Platt on July 1, 2017

This is my second installment to a new series on cyber risk and cyber conflict in a still emerging 21st century interactive online context, and in a ubiquitously social media connected context and when faced with a rapidly interconnecting internet of things among other disruptively new online innovations (see Part 1.)

I stated at the end of Part 1 that I would turn here in its follow-up to at least briefly consider how Russia used cyber-weapons to influence and even disrupt the 2016 elections in the United States including the presidential election there. And I will do that here, widening my perspective on the issues raised by that one event to also consider, for example, Russian meddling in the United Kingdom’s Brexit referendum and recent European elections too, as well as other internationally impactful cyber-attack incidents.

I begin this posting and its narrative by citing some recent news stories concerning at least some of these cyber offensives, as specifically orchestrated by and led by agencies of the Russian government:

UK Officials Now Think Russia May Have Interfered with the Brexit Vote.
Russian Meddling and Europe’s Elections.
FPI Conference Call: Russian Interference in Foreign Elections.

And I also cite this Wikipedia piece:

Russian Interference in the 2016 United States Elections.

and this public release version of an official US government intelligence community assessment report on the 2016 hacking of United States elections by the Russian government and by groups organized and led by them in that:

Background to “Assessing Russian Activities and Intentions in Recent US Elections”: The Analytic Process and Cyber Incident Attribution.

Officially, nation states only develop cyber-warfare capabilities for defensive purposes, and as a deterrent from others using this type of weapon offensively against them. If they admit to having cyber elements in their militaries at all, it is always for strictly defensive purposes and never with intent to proactively, offensively use them.

North Korea and China have deployed cyber-weapons in pursuit of their national interests and so have the United States and others and in a variety of arguably non-defense roles. All three, and other nations as well, have actively used these capabilities in order to clandestinely gather in secret and sensitive information from national governments. And for China and North Korea this has also actively included gathering sensitive and confidential information from private businesses too. And a variety of countries have at least occasionally used these capabilities in more overt manners too, besides just seeking to surreptitiously gather information through cyber-espionage.

As a specific and well known example of that, the North Korean government very specifically cyber-attacked Sony Pictures and their computer network in retaliation for their producing and releasing a movie: The Interview, in which a buffoon representing Kim Jong-Un was targeted for assassination. See:

U.S. Said to Find North Korea Ordered Cyberattack on Sony and
N.S.A. Breached North Korean Networks Before Sony Attack, Officials Say.

And North Korea under Kim Jong-Un has become particularly active in using cyber-weapon capabilities offensively. They have used their cyber-capability to attack banks and private businesses in South Korea, and to attack the South Korean government itself. And as a very recent, as of this writing, example of this policy and practice, consider their use of ransomware as a means of bringing in foreign currency “income” and from multiple sources globally, to help prop up their economy.

North Korea’s economy has always been weak at best but it has spiraled downward from weak to worse under sanctions imposed because of their recent nuclear weapons and ballistic missile tests. See:

• This Wikipedia piece on North Korea’s far-reaching WannaCry Ransomware Attack and this news story about it:
More Evidence Points to North Korea in Ransomware Attack.)

I have to add that even countries that have largely limited their development and deployment of cyber-warfare capability to defensive use have found themselves at least occasionally resorting to them in offensive initiatives. I cite the use of the Stuxnet computer worm as an example of that type of cyber-offensive approach as the United States and Israel specifically sought to impede Iran’s effort to develop and produce nuclear weapons as a particular limited, targeted use of this type of capability.

I have to add that offensive and defensive are in the eye of the beholder. I think it safe to state that the United States government would claim that it carries out cyber-surveillance on the computer networks and systems of countries such as North Korea (as noted above) for strictly defensive purposes. And the same could be said of their alleged use of cyber-weapons to impede North Korean ballistic missile tests “left of launch” – on the ground and before those missiles can take off. They would claim that these are all defensive measures taken to deter the grave risk that an always unstable at best North Korean leadership might have nuclear weapons and ballistic missiles that they could deliver them with in a devastating attack. The North Koreans, and I add others might see this type of action differently and as representing something other than defense-only.

And of course Russia has recently gone on the cyber-offensive and very actively, and globally in attacking and seeking to suborn elections and referendum votes in multiple nations that they see as being at least potential adversaries, as noted in the above references on that. And they have cyber-attacked neighboring countries in a variety of ways over the years too (e.g. in preparation for their physical incursion into the Ukraine.) And I add that they have prominently deployed social media and related resources as weapons in much of this, as touched upon in more abstract terms in Part 1 of this series and as noted, by way of example, in the news pieces pointed to in the above-offered links.

New technologies and new ways to use already established ones create both new positive-side possibilities and new, negative-side vulnerabilities. And the more disruptively significant a New is, the greater both the positive and negative side to it can be for impact achieved. This holds for social media and the emerging internet of things, and it applies to cloud storage and cloud-based application programs and related distantly located and managed functional capabilities. This applies to essentially every new and every next-step technology that emerges, and certainly online where an attack can be launched and sent out at close to the speed of light and with largely effective masking as to where an attack actually came from.

• These new and emerging technologies are usage neutral in this regard, in and of themselves. Their societally positive and negative values arise in how they are used and in what ends they are used to achieve.
• And information systems security: an increasingly vital face to national security and on all levels and for all nations, is increasingly a matter of thinking outside of the box of past and even current practices, and beyond the scope of past and even current possibilities, to imagine what a potential adversary: local and individual, or national and more comprehensively scaled might do or try to do next. (See Stuxnet and the Democratization of Warfare for a brief orienting discussion of the roles that even single individuals can play in this.)
• Then the next step in this risk assessment and remediation conceptualization arises and it is the most difficult one of all to actually design for use and to put into effect – getting people and organizations: both businesses and governments included there, to actually prepare for what might come, by installing and using protective systems that are developed in light of realistic threat assessments, and that include in them proactive protective elements.

I keep finding myself thinking back as I write this, to a fundamental challenge that is implicit in the ongoing real-world information security experience publically shared by the Open Web Application Security Project (OWASP) in their Top 10 threat assessment and identification project. Many of the most serious and prevalent risk vulnerabilities that this widely known and respected organization has published about, have been included in their recurringly updated Top 10 risks list for years now, and even from the beginning of that organization and from the first edition of this list. Widely accessible ways are available for both identifying where these vulnerabilities are in systems that exhibit them and for remediating them, patching and removing them. But so many businesses and even government agencies do not effectively address even long-known vulnerabilities, let alone new and emerging ones.

When I wrote of the emerging cyber-security risks inherent in the internet of things, in Rethinking Online Security in an Age of the Internet of Things: the more things change, the more they stay the same, I did so with this human usage and management vulnerability in mind. And with that noted, I return in this discussion to the Russian hacking of the United States Democratic Party server computers, leading up to the 2016 elections there, and how they used confidential emails and other documents illegally obtained from them, out of context at the very least to interfere with those American elections. I have been writing of these events and about the vulnerabilities that they represent here, in terms of technology. But in a fundamental sense they are human user challenges too, and fit as threat vectors into the social engineering paradigm, and even when channels such as social media are not involved.

Ultimately, the only way that the Russians could hack those Democratic Party computer servers was by coaxing humans with legitimate access to those systems to take actions that would install malware on them, primarily by coaxing them to click to links in emails that would prompt the downloading of malware onto their secure network connected email server computers. And this brings me to three basic categorical corrective responses, for at least limiting the possibility of a next similar attack from working. And here I write in terms of cyber-defense and security in general:

• Better computer and network user training,
• Better, more up to date and capable automated systems,
• And usage options channeling systems that reinforce good practices and discourage or even actively prevent bad, risk-creating ones.

Technology fixes are always going to be important and necessary in this, but increasingly the biggest vulnerabilities faced come from human users, and particularly ones who are trusted and who have access permissions, to critically important systems.

I am going to continue this discussion in a next series installment, with that set of possibilities and that observation. And I will offer at least a brief set of thoughts as to how the above bullet pointed information systems security approaches might be implemented in a rapidly, disruptively changing computer and information technology context. And as part of that, I will at least briefly discuss some of the positive tools and capabilities that have emerged in the last few years, as of this writing, and how they can be exploited, turning them into sources of security vulnerability too.

Meanwhile, you can find this and related postings and series at Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation. And you can also find this and related material at Social Networking and Business 2, and also see that directory’s Page 1.

On the importance of disintermediating real, 2-way communications in business organizations 2

Posted in social networking and business, strategy and planning by Timothy Platt on June 27, 2017

This is my second installment to a brief series on coordinating information sharing and communications needs, and information access filtering and gate keeping requirements (see Part 1.)

I offered Part 1 of this series as a baseline representation of how communications in a business can be thought through and optimized, in a stable business that is not going through fundamental, disruptive change and either in what it does or in how it does that, or in its immediate functionally connected context as that might impact upon its ongoing strategy or operations.

As a point of clarification here, a business can fit the expected form implicit in the Part 1 model that I have just offered in this series, and still undergo change per se and certainly if it is taking place in an ongoing evolutionary manner and according to a consistent and at least in-principle predictable pattern. I only assume up to here in this series that this business is not carrying out or facing the disruptive unknown.

I at least begin to challenge that assumption here in this posting, where I will focus on what a business does that makes it profitable, and more particularly on what it brings to market in achieving that. This means my adding marketable product or service innovation into this narrative. At the end of Part 1, I stated that I would discuss:

• How innovative initiatives and the drive to achieve them shape and reshape information and knowledge development, and communications systems development and implementation too – and the rules-based systems that operationally define them.

That is the goal of this series installment. Then after addressing that set of issues I will look outward to consider disruptive change in a business’ outside context, as that would create need for accommodating change within the business. And after that and with both of these faces to disruptive, nonlinear change added to this overall discussion, I will explicitly consider new and novel change in that business’ strategic and operational systems.

• I begin this with the products and services offered and with a simple, basic assumption: product and service innovation and change are information and communication driven.
• And the more fundamental and disruptively novel the change in what a business would develop and produce and bring to market, the more disruptively novel and new the information and communication flows that would be required to actually carry that out.

This can mean new types of information. It can mean new stakeholders and other essential participants having to enter into essential communication networks that would be involved in creating these innovations and in bringing them profitably to market. And it can mean making changes in the rules based systems that govern information control and access. Most of the time, that would mean change within existing rules-based information control systems, with updates made to the lists of who is authorized to have access to what, or who has authority to add to or modify or delete what in the way of stored raw data or processed knowledge. Think cloud-based and computerized database organized data and information, and processed knowledge repositories there, as they have become a primary form of storage and management for most businesses as they develop and maintain information and knowledge “in-house” as a sharable resource.

Networking and direct communicative connections with experts within an organization remain and will remain very important there too. But even there, online social media as for example, can be maintained strictly in-house in intranets for more confidential information, or it can be securely stored in third party cloud-based systems, as well as being managed through third party social media sites. However this is done and in whatever combinations of options pursued, this can prove essentially useful for helping employees and at all levels in an organization, to find and connect to those experts.

And when outside experts have to be brought into these conversations in some manner, online and cloud based systems and resources can prove essential there too. And I will pick up on that contingency as a working example of how rules based information access and control systems can face need for more fundamental change, with a briefly outlined scenario that would compel that:

• Your business has always arrived at and managed its product development in-house, starting from an initial burst of disruptive innovation that it built from when it was initially launched and as it took off as a successful venture. But over time, its innovative development has shifted from disruptive and revolutionary as a beginning, to incremental and evolutionary – and to primarily cosmetic with the successive introduction of more minor tweaks to established product lines.
• And you know this as the owner or Chief Executive Officer of this business and you seek to do something about it to in effect revitalize the business before it slips into a middle of the pack position and loses its marketplace recognition entirely as an innovative business that is preferentially worth buying from. And you see two possible paths forward in addressing this slowly but seemingly inexorable challenge: inexorable if you and your business simply pursue a business as usual approach here.
• You could actively try to find and bring in really creative new hires who can bring real innovative potential back into the business again, and with a goal of disruptively innovating from the inside again, as drove the founding of the business.
• Or you could seek out and secure exclusive rights to a new innovation from an outside source such as a new and creative startup or from a university lab and the professor who runs it.
• You could, I add, take what amounts to a hybrid approach and in several ways. That can mean taking what amounts to a “try before you buy” approach and seeking to acquire that innovative startup if initial experience working with them makes that look like a prudent move. Or it can mean seeking to in some way hire and bring on-board that faculty member with their practical and applicable innovative ideas, and at least proof of principle prototype innovations.
• And this brings me to the information control and access systems that you have in place for safeguarding your business. If your entire product development-facing system there is in-house oriented and you now have to reach outside of your own walls to take your business forward with new next-step innovation, you are going to have to at the very least, rethink and reformulate your vetting and your access management systems, to include wider risk management compliant contexts than you have ever had to allow for in your current rules-based systems.

Businesses in fact look outside of their own walls all of the time for new innovative approaches and particularly when they seek out the disruptively new. One of the challenges of strictly in-house, and particularly when people there can and do freely communicate together, is that everyone there can come to share a same basic set of automatically assumed and even seemingly axiomatic assumptions as to what is doable and practical. And these assumptions can in effect become blinders – as is arguably the case in the above briefly sketched out business example.

• Familiarity there, and a strictly in-house familiarity in particular, can create pressures towards shared consensus and agreement – and particularly where a disruptively novel, current game-breaking alternative is offered by a seeming maverick.
• This point may sound paradoxical, but effective in-house communications can in fact stifle innovation and certainly disruptively new and novel innovation – and certainly when that communication system is coupled with a demand for closely aligned agreement and with no real room left for the voices of what might offer consensus-breaking, current expectations challenging alternatives.

Breaking out of that rut means changing and even disruptively changing information sharing and communications rules for the business, and the rules based systems in place for managing access and control over sensitive and confidential information, that essentially by definition enters into any profitably competitive new innovation and its realization. And I add this has to include the more unspoken rules of corporate culture too, that fit into and help support or thwart formally stated information management systems, and that at the very least serve to interpret them in their implementation.

As noted above, I am going to continue this discussion by looking outward to consider disruptive change in a business’ outside context, as that would create need for accommodating change within the business. This, I add means change and its pressures as arise in their marketplace, and from among a business’ competition, and at least potentially from several other directions too (e.g. from business equity holding outside shareholders, and from outside regulatory organizations.) And after that and with both of these basic categorical faces to disruptive, nonlinear change added to this overall discussion, as noted in this posting and the next, I will explicitly consider new and novel change in that business’ strategic and operational systems.

Meanwhile, you can find this and related postings and series at Business Strategy and Operations – 4, and also at Page 1, Page 2 and Page 3 of that directory. And also see Social Networking and Business 2 and that directory’s Page 1 for related material.

Donald Trump and the stress testing of the American system of government 19

Posted in social networking and business by Timothy Platt on June 26, 2017

This is my 24th installment to what has become an ongoing series of postings in which I seek to address politics in the United States as it has become, starting with the nominations process leading up to the 2016 presidential elections (see Social Networking and Business 2, posting 244 and loosely following.) And this is also my 19th installment here since the inauguration of Donald Trump as the 45th president of the United States.

And this is an installment to this series that is essentially guaranteed to at least partly displease essentially everyone and for at least something in it. That is because my goal here is to acknowledge and address a range of observations and conclusions that I have come to see as truths, that include elements that would not all, collectively please anyone. (To clarify that, when I say “truths,” I mean “fact-based” facts and not “alternative” facts, to use the current idiom.)

Let me begin with some details that would please those who are more liberal and progressive politically, but irritate those who see themselves as being on the right, politically:

• I have been writing this series in large part as a presentation of and discussion of findings that hold significant potential for shortening the presidential administration of Donald Trump if formally proven, and either from his removal from office for mental incapacity, or for his removal from office through an impeachment process. And this assertion certainly holds for the installments that I have added to this series since Trump’s inauguration into office and his becoming the acting executive branch head of the government of the United States.
• And I have come to the conclusion that his ongoing behavior and all that it is built upon will all but certainly lead to a constitutional crisis and his removal from office through mechanisms offered in one or the other of the US Constitution’s 25th Amendment, or its Article 2, Section 4 (removal due to incapacitation or through impeachment respectively.)
• And I have not just asserted this view in this series as an unsupported conclusion. I have systematically shared my thought processes that would lead up to it here, and documenting references that have led me to arrive at it.
• I have also addressed this overall conclusion at least, in recent installments to a concurrently running series on China and the government of Xi Jinping there, as president Trump and his statements and actions have impacted upon China and their policies and actions too (see Macroeconomics and Business and Page 2 to that directory, postings 154 and loosely following for that series.) And see in particular its Part 46 installment in this context, for its particular cogency to this posting’s discussion.

That and the flow of material that I cite in those postings would displease the political Right, and particularly Donald Trump’s core supporters. But now let’s consider the earliest postings to my American politics-oriented series that this fits into, and particularly its Part 1. I laid a foundation there for displeasing any readers on the Left politically too, when I first started addressing the challenges we face in current American, and I add current global politics as well. Let me start with the perhaps “unpleasant truth” bottom line that I arrive at for this side of this narrative, here starting with the points I just made:

• Yes, I in fact do firmly believe that Donald Trump will be removed from office, and most probably within his first term of office, and by the constitutional means just noted in passing above. But no, this is not going to happen soon. It would take real, concerted effort on president Trump’s part to cause this to happen before the 2018 off-year US congressional elections. And this will only happen even then, if the Democratic Party takes control of both the House and the Senate, and as such control of their legislative agendas.
• And as much as a significant number of current members of Congress, and I add a numerical majority of Americans seem to disfavor Trump’s presidency and at least in significant part, they are factionally divided in ways that Trump’s core supporters are not. And not everyone who is dissatisfied with Trump’s performance in office is ready to impeach him or ready to support that being done anyway.
• Donald Trump has only been in office for some 150 days as of this writing, and a significant fraction of Americans are still willing to give him more time. But more importantly here, a solid core group that accounts for some 30% of the entire American public, actively supports Donald Trump and believes in him and will continue to do so, and seemingly no matter what the mainstream news media or any other publically visible and vocal detractors might say. This brings me directly back to that Part 1 posting: “Thinking Through the Words We Use in Our Political Monologs,” and how the American public has become fractured into hyper-partisan groups that do not and seemingly cannot communicate with each other across the divides between them.
• When Trump administration spokespersons speak of “alternative facts” to justify their positions and their understanding of reality, this is what they are at least tacitly acknowledging, that differing demographics, each caught up in their own echo chamber bubbles: their own epistemic bubbles, share and hold to their own views of reality and their own “truths.” And this includes their own acceptance or denial of scientific findings as well as their acceptance or denial of more social science framed political “truths.”
• And the 30% who support Trump 100% and on seemingly everything, all the time do go to the polls to vote and in a very unified manner, and even as their “un-Trump” and “anti-Trump” competitors argue among themselves and sit at home when the polls are open and they could have a say in matters.

Donald Trump is almost certainly the single worst president of the United States who has ever served in office: the bottom of the barrel worst in history. And he makes all others who have served in office before him look good, or at least a lot better by comparison, including the likes of Warren G Harding and James Buchanan: two former presidents who have up to now successfully competed for the titles of worst and second worst ever. Seek out a consensus opinion on this from any significantly inclusive group of professionally respected American history scholars, and without regard to their personal political views, right, left or center now; you will hear this assessment from them. But 30 % of the entire American public does not and will not believe any of that. I know a few people in that camp; they are not bad people and they are not stupid, by any means. They are for the most part simply burned out by the seemingly endless venality and cynicism of politics as usual in the United States, and by both Democrats and by Republicans in office. It is just that they do tend to see Republicans as being at least a somewhat better choice for elected office, at least usually. And they do live and breathe in their own particular “alternative” view of reality and their own collective bubble that supports and sustains it – just as their Liberal and Progressive counterparts do in theirs too.

And this brings me to an in the news reality check on the schism that I write of here: the chasm of opinion and perception, judgment and conclusion that I write of here. Trump is a disaster in office and he is aided and abetted in this by Republican members of Congress who would do seemingly anything to stay in power and regardless of consequences. And Trump is now consistently polling well below 50% in the positives, in national public opinion surveys. So when a quick succession of special elections have come up since the Trump election to fill vacancies in Congress, those seats were there for the taking by Democratic Party contenders, right? But no, the Democratic Party and their contenders have lost every single one of these races and without exception. And this brings me to a recent in the news reality check offering, which I share in this posting here, by way of two recent newspaper articles:

Karen Handel Wins Georgia Special Election, Fending Off Upstart Democrat, and
Democrats Seethe After Georgia Loss: ‘Our Brand Is Worse Than Trump’.

I seriously doubt that many if any elected Democrats and certainly those in significant positions of power, believe that their “brand” is worse, and certainly if that means their seriously questioning the underlying message that it seeks to represent. But it really, really is.

• Donald Trump is certain to be removed from office, as just stridently asserted above. But if the Democrats as a Party keep going the way that they have been, that might not happen in this reality – just in their “alternative” one.

What can the Democratic Party do to turn things around for themselves, besides hope that president Trump will start to implode effectively enough as a president to discourage even his core 30%, as well as a majority of the “let’s give him more time” people? I am not presumptuous enough to try to map out a full answer to that, but I would offer two first steps, neither of which would be comfortable or easy for them:

• They have to start listening, and I mean really listening to the people who support Trump and his vision of America and of American values. And they need to do so with a simple sounding question firmly in mind. What are the legitimate concerns and even the legitimate grievances that these people hold that the Democratic Party and its elected officials have not addressed, or even acknowledged? That means assuming that the vast majority of those who support Trump are good people who in some genuine sense feel left out and even betrayed by the powers that be, and that the issues that drive them to support this outsider, are legitimate and should be more positively acknowledged – by the Democratic Party.
• And then comes the really hard part. The leadership of the Democratic Party has to admit that it could and should have done better and its members have to actively enter into conversations with those who would start out at least suspicious and angry toward them. And that means listening and asking questions, and seeking to find common ground and agreeing that there are genuine issues that need to be addressed. I am not, I stress, writing here about accepting the current Republican Party fiscal or other ideology; I am writing about reaching out to the man and woman in the street, and to everyday fellow citizens. And they have to do this while more actively reaching out to and listening to their own divisively divided membership too; the Democratic Party has to actually become the big tent, inclusive political party that they still claim to be, and one that is both inclusive for its diversity – and unified in support of its underlying shared values.

And this brings me back to the first set of bullet points that I added towards the top of this posting. True or not, and valid or not, those points and their message do not matter, as long as the politicians and elected officials who would actually take action in response to Trump’s behavior, are caught up in their own blinding epistemic bubbles too. Yes, I have labeled this progression of now 19 postings in this series: “Donald Trump and the stress testing of the American system of government.” And he is stress testing everything he touches. But nothing will happen from that if any remediation to it has to come essentially entirely from Trump himself and his administration, or from some combination of them and their Republican Party supporters and backers.

There are a variety of other issues relevant to this series that I have held off on including in this series installment, to keep its focus as simple and direct as possible. I end its discussion here and now but I am certain to come back to this narrative and to this series in future installments too, as there is a lot more to say in it.

Meanwhile, you can find this and related postings at Social Networking and Business 2, and also see that directory’s Page 1.

Finding virtue in simplicity when complexity becomes problematical, and vice versa 3

Posted in social networking and business by Timothy Platt on June 17, 2017

This is my third installment to a brief series on simplicity and complexity in business communications, and in carrying out and evaluating the results of business processes, tasks and projects (see Part 1 and Part 2.)

I began addressing the issues and challenges of effective business communications in Part 1, and then switched to consider a special case in point example as provided by project management. And to clarify what I mean there, I refer to both the:

• One-off nature of specific projects, and the need to carry out such endeavors as perhaps-exceptions to business-as-usual processes and practices,
• And the need for standardized processes and mechanisms for setting up and managing and participating in projects and certainly for any organization that recurringly carries out specifically organized projects: in-house or as a client-facing service or both.

I stated at the end of Part 2 that I would shift directions in this series installment:

• To consider communications and communications best practices from the perspective of project management and leadership best practices, where different organizations and I add different types of projects might face different best practices alternatives for managing the issues that I have been raising here.

And I begin doing so by considering the role of scale and focus in projects. As a general rule, smaller and simpler projects – projects with more constrained and limited goals, can be managed and carried out by a smaller and more constrained headcount of participants, and at all levels. This, among other things (usually) means fewer opportunities for scheduling conflicts for hands-on participants where they would find themselves torn between requirements to carry out special assignment project tasks, and their more routine work. I parenthetically added in that word “usually” there because all it takes for chaos and complication in project work, is one inopportunely positioned gatekeeper manager who sees themselves as owning the time and effort of at least one crucial would-be project participant. I refer here to managers who have in their teams, employees with specialized skills that might be required for a project that requires interdisciplinary participation, who insists that their routine work is always more important than any non-standard work that members of their team might also be responsible for, that will not enter into their own pre-established performance review goals or stretch goals or those of their team. This type of resistance to active and timely participation can throw off any project’s schedule and I add any project’s budget, as work-around accommodations have to be arrived at and followed through on and as work completion dependencies and complications of missing goals create ripple effects. And this can happen even in small but important projects, and certainly if a bottleneck manager’s own next level up supervisor is unwilling to step in to adjudicate matters as can sometimes happen.

• Effective communications cannot always guarantee buy-in and active support, but a failure in communications in this type of context can and probably will stymie them.

If this at least potential problem is important at the level of the individual project, it is even more so in setting up and actually following more general guidelines for any business that recurringly faces need to carry out projects in general.

Flipping this around with regard to my starting assumptions as addressed up to here, larger projects with correspondingly larger overall headcounts are more likely to draw in people from a wider range of functional areas in the business, including for example at least someone from finance for managing project budgets, and even if the projects under consideration are not financial department oriented for what they would accomplish. Larger projects of necessity bring in wider ranges of types of stakeholders. And larger projects can also of necessity call for larger and more complex management structures too.

• And a real driver of complexity there can be found when seeking to maintain communications and buy-in and in the face of information sharing friction or management resistance.

And with that point noted, I offer a division of labor option at the top of a project’s management that I have found very useful, where a given project might have:

• An overall project manager who provides overall strategic leadership and who works with more senior business management on behalf of a project, and
• A right-hand man or woman, project coordinator who reports directly to the overall project manager and who is tasked with keeping everything on track on a more details-oriented operational level, and for working with and managing communications and other problems as they arise within the project and with managers who project participants normally report to. Note: the overall project manager would become involved in that if needed and if a sufficiently impactful point of disagreement was arrived at between an outside manager and a project participant or manager. That would be specifically identified as an escalation in problem resolution response.

What I am writing of here, is the need for reasoned and need-based growth of a project team, and at all levels and to facilitate communications and the completion of task dependency work, and to help keep everything moving as quickly and cost-effectively as possible. When adding in a specific new position and project team member would specifically lead to improvements there, that person should be brought in. When a project participant is no longer needed, they should be relieved of this project participation responsibility and returned to their usual work responsibilities so they can focus more fully on them again. And for complex, long-term projects this process of bringing in and in time phasing out involvement of specific active participants becomes an ongoing endeavor, that would be strategically managed by the overall project manager and tactically managed by their project coordinator, at least where such a position has been carved out as a separate project level work description.

I am going to continue this discussion in a next series installment where I will look beyond the more limited context of projects and project management systems. Meanwhile, you can find this and related material at Social Networking and Business and its Page 2 continuation. And also see my series: Communicating More Effectively as a Job and Career Skill Set, for its more generally applicable discussion of focused message best practices per se. I offer that with a specific case in point jobs and careers focus, but the approaches raised and discussed there are more generally applicable. You can find that series at Guide to Effective Job Search and Career Development – 3, as its postings 342-358.

%d bloggers like this: