Hartford Business Journal

www.HartfordBusiness.com July 24, 2017 • Hartford Business Journal 21 BIZ BOOKS Keys to implementing innovation strategies, ideas "R obert's Rules of Innovation II — The Art of Implemen- tation" By Robert F. Brands with Martin Kleinman (Bascom Hill Publishing Group, $24.95). The issue with implementing innovation rests with the dichotomy between opera- tions and innovation. Ops focuses on what is; innovation on what could be — with emphasis on could. You can rely on the repeatability of operations because time-tested pro- cesses and procedures form its backbone. The results are somewhat predictable. Innovation, on the other hand, "always walks the tightrope of uncertainty"; it's disrup- tive from the get-go. No one knows the outcome until it hits the market. While most executives say they favor innovation, "they don't walk the talk." Under the guise of constructive criticism, they look for flaws at every turn. Why? They lack "an enthusiasm for risk taking, and a willing- ness to invest without ROI assurance"; they prefer the certainty of operations. The clear message: If the executives don't buy in "big picture and whole hog," innovation dies. Brands sees HR's roll as vital to innova- tion because it must assemble the right team. Why not let the managers select the team? HR has a more objective view of the selec- tion process. Managers are so focused on operations that they may look at what people are doing and have done, rather than an individual's passion for change and how employees think. They may view innovators as boat-rockers, which doesn't fit the ops mode well — but it fits the innovation mode to a "T." Here are a few of the key roles innovators take on: "Iter- ator" — the idea machine lays the foundation of the project by refining and shaping the original idea into a workable project with deliverables. "Customer Anthropolo- gist" — the link between the customer and end users (who may be different than the current customers). The "communicator" keeps those out- side the team apprised of progress and emphasizes chief benefits. The "roadblock remover" (generally a senior-level manager) clears away "financial, organizational and political barriers to success." Top management needs to meet with the team at the outset to convey unequivocal buy-in to the process, and how ideas will be evaluated. With buy-in and benchmarks provided, the team has clear direction. • • • "From Ranking to Revenue — A Business Owner's Guide to Successful Search Engine Optimization" by Jason Healey (Createspace Independent Pub- lishing, $19.99). When most businesses think of search engine optimization (SEO) they think in terms of "first page of Google" ranking and even sponsored ads [i.e. pay per click (PPC)] for that prominence. The non- PPC process involves providing keywords on your website so Google can read them. Both processes drive business directly to your website. If you don't PPC, you have no con - trol over where you'll appear on Google — but you know it won't be the first page unless the search involves the name of your firm. Healey points out that "drive direct to web- site" accounts for about 30 percent of SEO. The "drive direct" primarily benefits large firms with a national presence. "The remain- ing 70 percent deals with off-site factors such as getting inbound links from other websites. Tapping that 70 per- cent takes a different approach than just PPC or topic relevance: Make your web pages as visible as possible by finding complementary web pages to link to yours, and having them link your website to theirs. Essentially, you search for complements (I'd bet there would be matches in the membership rolls of chambers of commerce) and talk with the company's management about mutually beneficial web- site cross-pollination. This works very well for small businesses in local markets. Why? Mutual linking locally amounts to a referral/ testimonial — which consumers trust. Examples: 1. You have a retail business selling chees- es. Linking up with a nearby wine shop would be mutu- ally beneficial. 2. Your busi- ness sells varieties of olive oil, vinegar and salad dressing. Linking up with a business that offers cooking classes would be a great fit. n Jim Pawlak is a nationally syndicated book reviewer. Jim Pawlak OTHER VOICES How will CT biz be impacted by new cyber strategy? By Loren Dealy Mahler T he state of Connecticut just released its first cybersecurity strategy. The well-rounded framework takes a com- prehensive view of managing risk in today's threat environment, and now the focus shifts to implementation. What will it look like, and how much of an impact will it have on Con- necticut businesses? First, credit must be given to the team that drafted the strat- egy. They managed to avoid many of the pitfalls that usually befall a government body trying to tackle a complex issue. When Gov. Mal- loy first appointed a chief cybersecurity risk officer, Art House, last year, there was pressure to get something done, an approach that often leaves businesses with strict regu- lations and no guidance. Instead the strategy came first and the action plan will follow, an iterative approach that will give businesses an opportunity to help shape implementation. Malicious cyber actors don't just threat- en one industry, and by acknowledging the widespread nature of the potential impacts, the commission has taken a strong step towards raising the security level across the state. Modern cybersecurity practices require more than a simple, technical solution. Technol- ogy is still a key component, but now it's about layering smart policies, people and plans, so an entire entity is resilient, not just defensive. By taking an approach centered on what the whole enterprise should be doing before, during and after an inci- dent, the commis- sion embraced this new reality. Now comes the hard part. The devil lurks in the details, and the true, long- term impact of the strategy won't be realized until we see how implementation plays out. If it is too prescriptive, businesses will suffocate. If it's too flexible, noth- ing changes. Do you use carrots or sticks? Regu- lations or tax incentives? As the state grapples with this next step, it would be wise to look to the lessons learned from other state-level efforts. Our neighbors in the New York Department of Financial Services (DFS) recently published a new regulation outlining a baseline stan- dard of cybersecurity for all companies in the financial, insurance and banking sectors. While it doesn't cover the breadth of sectors like our new Connecticut strategy, there are still several key lessons our state can learn. Be open to feedback The first version of the DFS regulation was met with significant resistance. The busi- ness community viewed it as too prescrip- tive with unrealistic deadlines, but after a public comment period, DFS issued a final rule that reflect- ed much of the feed- back received. While no new regulation is going to be univer- sally loved, this effort to listen and adjust led to a much better reception when the final regulation was published. Require functions not solutions The DFS regulation requires companies to address specific functions, rather than dictating specific solutions. For example, companies are required to establish access controls, implement continuous monitoring and adequately train their workforce, but DFS doesn't say exactly how these functions should be performed. Allowing companies the flexibil- ity to determine the solutions that best fit their individual risk profiles, business objectives and resources maximizes their ability to comply. Establish rolling deadlines DFS established a rolling series of deadlines that allow the requirements to come online in a logical order. Requiring companies to rush and meet a single, arbitrary deadline encour- ages them to throw money at various solutions without having the space to thoughtfully think through a risk-based solution designed for their specific needs and resources. Connecticut has taken a significant first step in securing our state from the impacts of a cyber attack. Establishing a strategy that embraces a robust, modern approach to cyber- security across multiple industries will leverage our collective strength for long-term results. Now it's time to tackle the details. With such a strong start and the benefit of lessons learned, Connecticut is well positioned to secure our future without harming our economy. n Loren Dealy Mahler is the president of Dealy Mahler Strategies LLC, a Connecti- cut-based strategic communications firm that advises clients on cybersecurity issues, particularly related to crisis management planning and incident response. Loren Dealy Mahler ▶ ▶ While most executives say they favor innovation, 'they don't walk the talk.' ▶ ▶ Modern cybersecurity practices require more than a simple, technical solution.

• Cover