Set goals, diagnose challenges, and build your cybersecurity strategy with heavy contemplation of 1st, 2nd, and 3rd order consequences (such as exponential cost curves on team members and $$)

Building a cybersecurity strategy requires a full appreciation of the business direction, current technical assets, and the technology being developed and supported. Many organizations began with a strategy — a basic one built on fundamental elements, such as have good availability and ensure our operations execute as expected. Simple.

Today though, we as leaders are now sought in a strategy around our digital assets, technology solutions, and customer experience. These require a rebirth of your strategy and is an awesome opportunity for everyone involved. My experiences here have seen great and bad. Great where teams collaborate, innovate, and customer feedback is fantastic. Bad, well, usually they are just false starts — where isolated ideas never become operational realties or in other cases when textbook ideas don’t fit reality of a business.

Having been in the center of reboots and uniquely blessed to build such programs (generally around digital products, IOT, and currently serverless / Lambda), I found a principle that has benefited me repeatedly. A first principle of sorts, on how to approach a strategy development and activation (the initiation of a new strategy within an operating organization whether 10 teams or 5,000 teams), and it is best approached by asking how your strategy answers this question:

How much do you respond to 1st order consequences at the expense of 2nd and 3rd order consequences?

Your strategy analysis can be accomplished with this question answered, and in my experience, when you structure that approach in the following process. A process that creates laser focus on achieving your goals, but not rushing into activities without the above 2nd and 3rd order consequences considered!

To achieve your goals:

  • Set Goals (high level, specific, prioritize)
  • Identify and mitigate problems (resources, buy-in)
  • Diagnose of root problems (Get to the nerve of the issue)
  • Design plan (be practical and creative, not all things need to be fixed)
  • Task and complete (tasks aren’t the goals, but require diligence to achieve goal)

Greater expansion on this idea is developed and articulated within the Management Principles of Ray Dalio of Bridgewater Capital, one of the most successful management companies in the world.

The Startup Idea Matrix – The Mission – Medium

Wow, I love this structure and brainstorming approach. This isn’t a mission to fill the voids, but an exercise I challenge all Strategy, Product Leads, and Digital executives to partake in for their customer groups.

There is something magical about laying out the ideas … talking to customers .. seeing around the curve, and maybe simply creating a beautiful experience in your App, at your location, or with your teams on those long tail (future!) clients.

Build something great – Ship it and create an amazing customer experience. Full link to the above matrix on Medium.

Keep innovating – James DeLuccia

The Startup Idea Matrix

I generally think it is smart to have patience in finding an idea that pulls you in: a market or opportunity you can’t imagine not pursuing. Patience in the near-term will save you a lot of time in the long-term. However, I’ve found one way to find this idea is to gain broad exposure to different markets until a specific opportunity and mission stands out to you. Credit to Chris Dixon who showed me this format a few years ago.

Source: The Startup Idea Matrix – The Mission – Medium

This is how you make Twitter profitable and safe – results of strategic analysis

This is how you make Twitter profitable and safe

These past few years we have heard the troubles of Twitter. Despite a brilliant founder and team, they are just not hitting the metrics and social impact possible.

I have heard dozens of banter on how to solve it, but I think the simplest solution is to practice what is already working. An approach that gains revenue, limits trolls, and raises the quality of the network in general. This has the potential to double and triple the value of Twitter. It would also increase the customer experience too!

This analysis is based on a detailed financial review and exploratory canvas of options across the start-ups and established businesses. If you spend time in the start-up scene — Atlanta to Silicon Valley, you know the passion and value of such customer experiences. There is more to be done, but let’s remove the noise.

To make Twitter Profitable and safe ….

Charge for accounts.

Imagine if web domains didn’t require you to pay for them — how could you ever manage them and let alone allow free market forces to self correct to quality? Charging for accounts will ensure that those (news outlets, media stars, etc..) who are making revenue off of the platform pay … those who use it to draw insights and have conversations also benefit by paying for it. EVERY start-up that led with a freemium model converted elegantly to a pay model … unless they had a superior platform for advertising.

Twitter is not a platform — it is a messaging space.

Have a twist on this idea? An alternative approach? Share it! Let’s make a sustainable business that we have all benefited, but maybe lost some love due to the filth.

Source: This is how you make Twitter profitable and safe – Medium

How Google positioned it’s size and security as a strategic advantage

Google published an in-depth outline on their cybersecurity initiatives around the Google Cloud Platform. While not as public as Amazon’s Cloud control details, it is worth a quick review for startups and business technologists looking to expand their offerings across this platform.

One item that I thought was well described, and aligned with my recent Strategy Article published here on Creating Value, is how they position their size as a benefit to the consumer.

Specifically, Google articulates, and engineered their offerings to take advantage of their size and scale to be MORE secure and MORE responsive to customer activities. Reinforces their position as a leader and illuminates many of the ‘Good to Great‘ qualities espoused by Jim Collins.

How you design your next solutions can be cumulative advantage, if done strategically.

A global network with unique security benefits

Google’s IP data network consists of our own fiber, public fiber, and undersea cables.This allows us to deliver highly available and low latency services across the globe.

In other cloud services and on-premises solutions, customer data must make several journeys between devices, known as “hops,” across the public Internet. The number of hops depends on the distance between the customer’s ISP and the solution’s data center. Each additional hop introduces a new opportunity for data to be attacked or intercepted. Because it’s linked to most ISPs in the world, Google’s global network improves the security of data in transit by limiting hops across the public Internet.

Source: Google Security Whitepaper  |  Documentation  |  Google Cloud Platform

Technology — that which surrounds our lives, enhances it, and improves it

How much are we really aware as to how it IMPACTS and IMPROVES our lives, and how do we manage it in a way to deliver results? Well, that is something I have been chasing for the past 11 years, through experimentation, start-ups, advising start-ups, inventing, and writing books.

Yes, writing books. The most recent project I wrapped up moments ago was on parenting. First off, parenting is a deep and passionate topic of mine and others — both family caregivers and parents alike. Tackling this required me to truly leverage a few core talents that I have excelled at for years (you possess many of these traits and the others are dormant, I promise).

Specifically, talents around developing practical and elegant insights to highly complex situations (Einstein would be proud). These skills of pattern matching, observation, study, broad research domains, and experimentation brought a distinct set of skills to form concrete examples and ideas around parenting. I also was able to tap into and develop my artistic capabilities, and craft a beautiful book with rich visual examples to connect with the reader.

The exploration and experimentation for making a book though is found in the actual creation — the execution. Here are the vast areas where technology and diverse teaming were required to produce the book:

  • Drafting of the book using online only editors (Google Apps)
  • Setting up a rich universe and feedback system across 1,ooo+ individuals
  • Launching surveys across social media and direct to individual experts
  • Hiring international team members (Germany, Philippines, and Canada) to provide artistic, interior design, and exterior design services
  • Printing and field testing the book using on-demand printing systems
  • Creating a wholesale company account to pre-order
  • Developing a storyboard marketing plan using vast online management and execution tools

and much more!

It is striking to me the integration of social media, online instant-delivery tools (imagine using this technology to create an individually designed in-person experience), conventional online tools, and international coordination through support platforms that allows for scale and efficiency.

These past few months I have been blessed to be able to explore my curiosity in this space of parenting and create a manuscript that I hope will benefit many families. It also allowed me to sharpen my consumer engagement knowledge that I look forward to utilizing more in the future. A great lesson for me, and perhaps one you can draw upon, too.


Discovery how you can publish too: Book Publishing and Book Printing Solutions for Nonfiction and Fiction

Police seek Amazon Echo data in murder case (updated)

Always on technology, Amazon’s Echo device is only a single example of numerous devices in our lives that accomplish this marvel, is in the spotlight in a murder court case – “Police in Arkansas want to know if one of the gadgets overheard something that can help with a murder case. According to The Information, authorities in Bentonville issued a warrant for Amazon to hand over any audio or records from an Echo belonging to James Andrew Bates. Bates is set to go to trial for first-degree murder for the death of Victor Collins next year.”

Echo only captures audio and streams it to the cloud when the device hears the wake word “Alexa.” A ring on the top of the device turns blue to give a visual indication that audio is being recorded. Those clips, or “utterances” as the company calls them, are stored in the cloud until a customer deletes them either individually or all at once. When that’s done, the “utterances” are permanently deleted. What’s more, the microphones on an Echo device can be manually turned off at any time.

Source: Police seek Amazon Echo data in murder case (updated)

Of course, you must delete the utterances from them to be gone …

I love the application and possibility of these technologies. While this is a good query into privacy protections and safeguards, there is much advantage to these technologies. It’ll be good to have the privacy concerns settled as it will further open the door for greater uses – medical, education, early childhood support, hospitality (already being done at the Wynn in Vegas), and more.



Topics for deeper study from the Commission on Enhancing National Security released on 12/1/2016

A few sections that I feel strongly about and look forward to studying more, and hopefully helping teams work on generally.


This feels very aligned with themes and success patterns within the development advanced technology space. There is an art though to these metrics and I am interested on the philosophy, raw inputs, and weight placed upon the 1,000s of possibly collected metrics:

Action Item 5.3.3 OMB should integrate cybersecurity metrics with agency performance metrics, review these metrics biannually, and integrate metrics and associated performance with the annual budget process. (SHORT TERM)

The idea of creating consistency and similarity seems to have a possibility of weakening the resiliency of the currently structured components. In that variety of administration, build, procedure, and custom threat augmentation all weaken with consistency. This will be interesting to see based on historic events. Cost wise I see an advantage, resiliency I am hesitant:

Recommendation 5.1 The federal government should take advantage of its ability to share components of the information technology (IT) infrastructure by consolidating basic network operations.

Well this sounds absolutely identical to the initiative that Mudge and his wife have setup in Washington and they presented at DefCon, well done:

Action Item 3.1.1 To improve consumers’ purchasing decisions, an independent organization should develop the equivalent of a cybersecurity “nutritional label” for technology products and services— ideally linked to a rating system of understandable, impartial, third-party assessment that consumers will intuitively trust and understand. (SHORT AND MEDIUM TERM)


Maybe if we stopped stating roles and responsibilities to regular consumers of our technology and spoke to them in English, as I learned the hard way in my own Consumer ‘roles and responsibilities’ a part of How Not To Be Hacked:

Action Item 3.1.3 The FTC should convene consumer organizations and industry stakeholders in an initiative to develop a standard template for documents that inform consumers of their cybersecurity roles and responsibilities as citizens in the digital economy

More to follow … hoping there is more transparency around these results and the process to enhance our Nation’s future success and safety.