\'Internet underground\' fight demands better cybersecurity intelligence

WASHINGTON -- Increasingly sophisticated and global cyberthreats along with unrelenting technology advances highlight the need for better cyberthreat intelligence, a former U.S. national security advisor told an industry summit today.

"We're now in a state of rising fear," warned Greg Rattray, CEO of Delta Risk, a cybersecurity consulting firm. "The neighborhood is getting tough." Rattray is a retired U.S. Air Force colonel who served as director of cybersecurity on the National Security Council during the second Bush administration.

Rattray, the keynote speaker at the Cyber Threat Intelligence Summit sponsored by the SANS Institute, said a growing number of high-profile, state-sponsored attacks -- like Stuxnet and last year's Iranian-launched Shamoon attack on Aramco, the Saudi state oil company -- have underscored the growing agility of cyberattackers targeting critical infrastructure along with denial-of-service attacks on banking networks.

"The risk is going up like crazy," Rattray warned, and there is little time between attacks to develop adequate defenses. For instance, he said when banks deploy new network defenses, adversaries often adapt within hours.

"The problem is not new," Rattray added. "It has sort of waxed and waned" since cyberspace emerged as a potential battleground in the late 1990s with the rise of networked applications and the U.S. military's shift to "network-centric warfare."

One constant has been the need for better cyberthreat intelligence, as determining the source of attacks has grown more difficult. Cyberdeterrence will remain an elusive objective, Rattray said, if defenders can't quickly determine who is attacking their networks. Hence, he said the need to collaborate across borders on cyberdefense has grown as enterprises increasingly seek to protect global supply chains.

Those efforts were slowed in the 2000s, Rattray said, when military resources were shifted to the wars in Afghanistan and Iraq. At the same time, what he called an "Internet underground" emerged that was initially criminal in nature but has since been "turned over" to state-sponsored attacks.

"As the underground grows," Rattray cautioned, "the risk grows."

The castle walls are eroded [and] the enemy is inside the gates.

Greg Rattray, CEO, Delta Risk

Advanced, persistent cyber threats again emerged beginning in about 2007, he said. "Persistence was obviously the big thing," replacing one-off attacks. Moreover, cheaper connectivity has spawned vulnerable global networks in which suppliers like military contractors are now under siege by sophisticated hackers.

In addition, the proliferation of mobile devices has fueled new forms of electronic warfare that Rattray labeled "waveform attacks" against low-power mobile devices. He noted that these types of attacks are relatively easy to mount as a way to disrupt communications by essentially jamming RF transmissions from mobile phones.

"The castle walls are eroded [and] the enemy is inside the gates," Rattray told attendees. And while many attacks are persistent, he said others take the form of hit-and-run "guerilla conflicts."

All this, Rattray said, underscores the need for enterprises and network administrators to aggressively manage emerging operational risks. He urged security experts to work more closely with their IT and systems management counterparts to gain a better understanding of threats and risks.

Closer collaboration would give cyberintelligence experts more opportunities to share threat information and manage risks, he added, while gaining a better understanding of when to shut down critical networks.

One possible solution to the intelligence deficit is the creation of what Rattray dubbed "full spectrum geeks" who understand both the nature of cyberthreats and the constantly changing technology environment. These "cyberrisk managers" could ultimately produce the risk assessments government agencies and corporations need to weather new types of cyberattacks.

Despite the growing cyberthreat and the need for better cyberintelligence, Rattray cautioned against exaggerating the situation. The former Air Force officer also argued against militarizing cyberspace by developing a U.S. national cybersecurity offensive capability. Such a move, he warned, would only prompt a similar military response from other countries, potentially further escalating the conflict.

While there was agreement here that the phrase "cyberwar" has been overused, industry observers stressed the need for continuing vigilance. "There is a cyberconflict, and we are losing," said an executive with Invincea, a cybersecurity firm based in Fairfax, Va., who declined to provide his or her name. "It's death by a thousand cuts."




Small Business Lending Up for First Time in 10 Quarters

small business lending

Small business owners received some good news this week as it was reported that lending to them has increased for the first time in 10 quarters.

According to a report at Inc.com, the U.S. Small Business Administration released its quarterly report this week showing the loans to small businesses have increased for the first time in more than two years, a potential sign that some companies are coming out of the economic recession.

Overall, lending to small businesses increased by four-tenths (0.4) of a percent, from $584.1 billion in September last year to $586 billion by the end of 2012. Less restrictive standards for commercial and industrial (C&I) loans led to the increase in lending to small businesses. Commercial real estate (CRE) lending continued to lag, according to data from the Small Business Administration report. Demand for both loans continues to be high, a sign that businesses are recovering from previous economic downturns.

The SBA report notes that loans in all size categories (under $1 million, between $100,000 and $1 million, and under $100,000) all saw increases during the final quarter of last year. Big banks lent more to small businesses than smaller financial institutions and the gains in big bank loans offset the declines realized among smaller banks.

We reported last year on this trend, with bigger financial institutions lending more to small businesses even as loans from smaller banks were approved less often. Big banks have been criticized in the past for not lending to smaller businesses. According to the SBA report:

“Larger institutions of $1 billion or more helped offset the declines in lending by the smaller lending depository institutions. Small business lending by institutions with assets of $50 billion or more followed the general trend and remained unchanged.”

Wells Fargo loaned the most money to small businesses last year, according to Inc.com’s data.

The bank loaned $32.8 billion through 664,542 loans. Bank of America ($26.2 billion), JPMorgan Chase ($19.8 billion), American Express Bank ($16.9 billion), U.S. Bank ($13.8), PNC Bank ($9.9 billion), Branch Banking and Trust Co. ($9.1 billion), Citibank ($9.1 billion), Regions Banks ($6.9 billion), and TD Bank ($6 billion) rounded out the top 10 banks lending to small businesses, based on data provided by SNL Financial Services.




Generate More Leads from the Cloud With Leads 360 Express CRM

When it comes to small business tools essential to developing a successful business, a good customer relationship management (CRM) software would rank at the top of the list.  A good CRM software product not only keeps track of customer contacts, prospect updates, and sales status information, but would also provide selling processes, email templates, workflow tracking, and moreâ€" a far cry from the over-used, dog-eared cards in the bulky Rolodex of yesteryear.  Thankfully we have the newly launched Leads360 Express, a cloud-based sales CRM solution, with a mission to make selling easier for small businesses.

“To keep up with the goliath’s in the industry, small businesses need to respond quickly and diligently to sales opportunities,” says Alyssa Trenkamp, Senior Marketing Manager for Leads360 Express.  “With Express, winning sales strategies are baked into the product for an immediate competitive advantage.”

Touted as the “sales equalizer,” Leads360 Express, because it is a cloud-based CRM, requires no installation and allows small businesses to capture and track leads from any source.  The system will distribute and prioritize leads, respond to leads with one-click phone dialing, and analyze leads conversion rates and the effectiveness of sales campaigns.

Leads360 Express offers many features that help small businesses track, file, and store every aspect of CRM including:

  • Instant Lead Capture- Captures inbound phone as well as online leads
  • Automatic Lead Distribution- Assigns leads to representatives for quick follow-up
  • Prioritization Engine- Sorts leads in real-time creating a leads priority view
  • Email Marketing- Automatically sends emails to leads when milestones are reached
  • Sales Mobility- Allows users to login from anywhere using computer or iPhone app

Of course there are other CRM software tools available and some even offer services in the cloud, but Leads360 Express provides a more focused approach with an emphasis to helping small businesses improve sales conversion rates and grow revenues.  Leads360 Express offers two pricing plans, $24.99 (Make it Rain Plan) and $64.99 (Make it Pour Plan).  Unlike Salesforce Sales Cloud, which customers have to pay for a year up front, Leads360 Express offers a zero-risk, pay-as-you-go monthly plan.  That makes life easier and a lot more organized than your traditional desktop Rolodex.



Generate More Leads from the Cloud With Leads 360 Express CRM

When it comes to small business tools essential to developing a successful business, a good customer relationship management (CRM) software would rank at the top of the list.  A good CRM software product not only keeps track of customer contacts, prospect updates, and sales status information, but would also provide selling processes, email templates, workflow tracking, and moreâ€" a far cry from the over-used, dog-eared cards in the bulky Rolodex of yesteryear.  Thankfully we have the newly launched Leads360 Express, a cloud-based sales CRM solution, with a mission to make selling easier for small businesses.

“To keep up with the goliath’s in the industry, small businesses need to respond quickly and diligently to sales opportunities,” says Alyssa Trenkamp, Senior Marketing Manager for Leads360 Express.  “With Express, winning sales strategies are baked into the product for an immediate competitive advantage.”

Touted as the “sales equalizer,” Leads360 Express, because it is a cloud-based CRM, requires no installation and allows small businesses to capture and track leads from any source.  The system will distribute and prioritize leads, respond to leads with one-click phone dialing, and analyze leads conversion rates and the effectiveness of sales campaigns.

Leads360 Express offers many features that help small businesses track, file, and store every aspect of CRM including:

  • Instant Lead Capture- Captures inbound phone as well as online leads
  • Automatic Lead Distribution- Assigns leads to representatives for quick follow-up
  • Prioritization Engine- Sorts leads in real-time creating a leads priority view
  • Email Marketing- Automatically sends emails to leads when milestones are reached
  • Sales Mobility- Allows users to login from anywhere using computer or iPhone app

Of course there are other CRM software tools available and some even offer services in the cloud, but Leads360 Express provides a more focused approach with an emphasis to helping small businesses improve sales conversion rates and grow revenues.  Leads360 Express offers two pricing plans, $24.99 (Make it Rain Plan) and $64.99 (Make it Pour Plan).  Unlike Salesforce Sales Cloud, which customers have to pay for a year up front, Leads360 Express offers a zero-risk, pay-as-you-go monthly plan.  That makes life easier and a lot more organized than your traditional desktop Rolodex.



Why, When, What and How to Outsource Tasks

outsource

Is it a good idea for a small business to outsource some tasks

Contrary to what many small business entrepreneurs think, it is often a great idea to outsource certain tasks to others. But, before you make any decisions to outsource, here are a few things you need to think about.

Why Outsource Tasks

You may have the talent to do it all. However, if you indeed do it all, it may become difficult to achieve the ultimate objective - to enhance the prospects of your business. While you may be able to handle everything on your own, you may not be able to focus on the more essential elements of the business.

It is possible to streamline your business if you outsource certain tasks to vendors. By doing this, you will be able to concentrate on the core areas of your business. The first step may be a little difficult, however, in the long run it will lead to an increase in efficiency.

Another advantage is the cost-effectiveness of outsourcing. When you decide to outsource specific tasks to others, you need not employ a large number of people or buy or rent office space to accommodate them. This can considerably reduce the burden of overhead and cut business costs.

Advanced technology has made it easier to appoint professionals from any part of the world for specific tasks. The availability of highly skilled freelancers combined with the accessibility of their services enhances the suitability of the option to outsource.

When to Outsource Tasks

For small businesses, outsourcing can be advantageous from the beginning. When you start a business, you need to make sure that you do not lose your focus. In such circumstances, if you have to handle tasks such as attending to calls or bookkeeping, you may not be able to do justice to the more important tasks at hand.

There is no right time for a business to outsource. The way your business works, the staff members you have and the tasks they need to handle daily play a significant role in the decision about when to outsource.

While a very small business can capitalize on the advantages of outsourcing from the very beginning, a medium-sized business may not need to outsource daily tasks considering this option only if they cannot handle new projects on their own.  However, this may only be appropriate if appointing a full-time employee is not justified.

If you feel that you are the only one who can manage everything efficiently, but do not find adequate time for the most important tasks of your business, it may be the right time to let go of your complete control over certain tasks and outsource them.

What Tasks to Outsource

The first thing is to identify the core areas of your business. Any tasks directly associated with these areas must not be in the list of tasks to be outsourced. If the core business areas are outsourced, your clients may not be able to get anything unique from you - a mistake a small business cannot afford to make.

For example, a web design business must refrain from using third-party providers for any tasks related to web designing, the focal point of the business. However, the business can outsource tasks such as payroll management or inventory management to contractors.

The common tasks that small businesses may choose to outsource include the following:

Repetitive tasks: Data entry is a good example of a highly repetitive task. While you may use your in-house staff for this, it may be a better idea to outsource this and employ the in-house staff for more useful work.

Specialized tasks: IT support can be the right example of this type of task. While you may need IT support for your network, you may not need to appoint a full-time employee for this purpose. In such a situation, a contractor may be ideal for this specialized work.

Expert tasks: Financial analyst is a good example of a position requiring a high level of expertise, but that you can still easily outsource. It may be difficult for a small business to pay for highly-skilled executives. However, you can appoint a financial analyst on a contractual basis at a much lower cost.

How to Outsource Tasks

After you have decided when and what to outsource, the next job is to find the right partner. The best way to do this is to get recommendations from your business associates and contacts. You may also find a number of contractors from online platforms dedicated to connecting businesses with outsourcing partners.

Finding the right partner is all about understanding whether your requirements correspond to their specializations. After you have selected a contractor to outsource to, the next task is to draft a contract to specify every detail of the outsourced tasks.

The best way to ensure that the partnership works out is to be clear about everything. Because you are the one providing instructions, you may be the one to blame in case of any misunderstanding. To ensure proper communication between your business and your outsourcing partner, it is best not to leave anything to assumptions.

Keep in mind that the contractors you appoint may need some time to adjust to your work processes. Also, keep away from micromanagement as it may hinder your outsourcing efforts.

The entire idea of outsourcing is to save time - and focus on the core aspects of your business.

Outsourcing Photo via Shutterstock




South Korean attacks caused by anti-virus interception

The attacks on South Korea were caused by a virus that wiped the hard drives of infected computers and prevented them from booting up upon restart.

According to research by Fortinet, in this incident the hackers broke into the servers of the local anti-virus company and planted malware, which was then distributed as an update patch.

While details are sketchy on who was responsible, with fingers being pointed at both hacktivists and North Korea, evidence uncovered by Fortinet's Threat Response Team and the Korea Information Security Association found that some control and command (C&C) channels possibly involved in the wiper attack were registered by individuals with ties to other sites hosting typical Chinese exploit packs; but this is no indication that the Chinese are responsible.

Guillaume Lovet, senior manager of the FortiGuard labs threat response team at Fortinet, said that hackers had earlier stole administrator login information from security vendors' patch management server with some form of advanced persistent threat (APT).

“With the login information, the hackers created malware on the patch management server that masqueraded as a normal signature update file,” he said.

“This fake update file subsequently infected a large number of PCs all at once, deleting a Master Boot Record on each PC to prevent it from booting up normally. This malware, a Trojan-like virus, has been set to activate on March 20th at 2pm Korea time on the infected PCs.”

Lovet admitted that it did not know how the virus got there in the first place, but said that it was possible that the affected networks were already part of one or several casual botnets, and that the attackers just purchased from the botnet owners the right to install their wiper malware.

He said: “Working with the Korea Information Security Association, Fortinet found evidence that the attacks were prepared way beforehand. The attackers were trying to infect as many systems as they could prior to the 2pm deadline. Then, at that time, everything would be destroyed in unison. The entire scheme was clearly thought out and premeditated.”

Researchers at Symantec said a Trojan named ‘Jokra' was used in the attacks, which is capable of overwriting a computer's master boot record and all data stored on it. The Trojan also attempts to repeat this data-wiping process on any drives ‘attached or mapped to the compromised computer'.

Symantec said that further research showed that a wiper component that erases Linux machines was also evident.

Jaime Blasco, labs director at AlienVault, said: “If the goal of the attackers was to create panic, it means they did not have a specific list of victims. From my point of view, one of the easiest ways to gain access to several targets without having too much resources/skills would be: buy an exploit kit and a malware kit, hack into websites and redirect victims to your malicious infrastructure; or even better, rent a botnet(s) that have access to hundreds of computers and try to find victims inside interesting targets.”

He said that analysis of one binary shows that it clears the DNS cache for Internet Explorer and modifies the etc/hosts file, adding new entries and when the victim resolves the South Korean bank's domain names included in the modified ‘etc/hosts' file, the domains will point to 103.14.114.156.

He said: “All the files we mentioned are from the same malware family for sure, they have very similar behaviours with some slight differences and their file names match with the list we found in the South Korean news. Some vendors call this family Win32.Morix.”



South Korean attacks caused by anti-virus interception

The attacks on South Korea were caused by a virus that wiped the hard drives of infected computers and prevented them from booting up upon restart.

According to research by Fortinet, in this incident the hackers broke into the servers of the local anti-virus company and planted malware, which was then distributed as an update patch.

While details are sketchy on who was responsible, with fingers being pointed at both hacktivists and North Korea, evidence uncovered by Fortinet's Threat Response Team and the Korea Information Security Association found that some control and command (C&C) channels possibly involved in the wiper attack were registered by individuals with ties to other sites hosting typical Chinese exploit packs; but this is no indication that the Chinese are responsible.

Guillaume Lovet, senior manager of the FortiGuard labs threat response team at Fortinet, said that hackers had earlier stole administrator login information from security vendors' patch management server with some form of advanced persistent threat (APT).

“With the login information, the hackers created malware on the patch management server that masqueraded as a normal signature update file,” he said.

“This fake update file subsequently infected a large number of PCs all at once, deleting a Master Boot Record on each PC to prevent it from booting up normally. This malware, a Trojan-like virus, has been set to activate on March 20th at 2pm Korea time on the infected PCs.”

Lovet admitted that it did not know how the virus got there in the first place, but said that it was possible that the affected networks were already part of one or several casual botnets, and that the attackers just purchased from the botnet owners the right to install their wiper malware.

He said: “Working with the Korea Information Security Association, Fortinet found evidence that the attacks were prepared way beforehand. The attackers were trying to infect as many systems as they could prior to the 2pm deadline. Then, at that time, everything would be destroyed in unison. The entire scheme was clearly thought out and premeditated.”

Researchers at Symantec said a Trojan named ‘Jokra' was used in the attacks, which is capable of overwriting a computer's master boot record and all data stored on it. The Trojan also attempts to repeat this data-wiping process on any drives ‘attached or mapped to the compromised computer'.

Symantec said that further research showed that a wiper component that erases Linux machines was also evident.

Jaime Blasco, labs director at AlienVault, said: “If the goal of the attackers was to create panic, it means they did not have a specific list of victims. From my point of view, one of the easiest ways to gain access to several targets without having too much resources/skills would be: buy an exploit kit and a malware kit, hack into websites and redirect victims to your malicious infrastructure; or even better, rent a botnet(s) that have access to hundreds of computers and try to find victims inside interesting targets.”

He said that analysis of one binary shows that it clears the DNS cache for Internet Explorer and modifies the etc/hosts file, adding new entries and when the victim resolves the South Korean bank's domain names included in the modified ‘etc/hosts' file, the domains will point to 103.14.114.156.

He said: “All the files we mentioned are from the same malware family for sure, they have very similar behaviours with some slight differences and their file names match with the list we found in the South Korean news. Some vendors call this family Win32.Morix.”



Targeted malware deemed to be a major threat for businesses in 2012

A survey of 1,000 IT and security professionals worldwide has found that 52 per cent believe targeted malware attacks are their top server security concern this year.

According to the survey by Bit9, a quarter said that their servers were attacked in 2012, a rise of eight per cent on last year's survey. When asked how confident they were in their ability to identify and stop advanced threats, 59 per cent of respondents said that they were ‘somewhat confident', 20 per cent said that they were ‘not confident' and 18 per cent said that they were ‘very confident'.

Bit9 said that the good news from this survey is that there is greater awareness on the part of IT and security professionals about what they do and don't know about experiencing an advanced attack.

The not-so-good news is that the number of cyber attacks is rising and that confidence in the ability to identify and detect them before they can do damage is lower than ever.

Brian Hazzard, vice president of product management for Bit9, said: “These results highlight the need for greater control in identifying and stopping advanced attacks on valuable server resourcesâ€"before they executeâ€"while decreasing the security-related administrative workloads of IT and security professionals.”



Winfrasoft launches third version of authentication technology to allow Windows login

Winfrasoft has announced the capability to securely login to Windows using its PIN technology.

Launching the third version of its PINgrid, PINphrase and PINpass technology at this years' Infosecurity Europe exhibition, the company said that the technology augments the CTRL+ALT+DEL process of logging on in Windows, adding the requirement to provide a one-time passcode in addition to the Windows password.

A free new component of the AuthCentral 3.0 product release, the technology is currently in beta and will be officially launched at the exhibition at the end of April. The AuthCentral Desktop Logon Agent is available at no extra charge for Windows Vista, 7 and 8 (both 32-bit and 64-bit).

Steven Hope, technical director of Winfrasoft, said: “You can now log into Windows using this and you can deploy it through a systems management policy. You can add the grid system and it becomes one and a half factor, also run it offline as it is software and not cloud-based.”



4 Startup Founders Discuss How Customer Engagement Has Changed

It takes a great deal of time, effort, passion and commitment to create successful businesses today.  Recently I had the pleasure of hosting  Social Biz Atlanta 2013 where four company founders of inbound marketing and CRM startups discussed how customer engagement has changed in the past 5 years with the rise of social media.  They shared a number of their experiences and insights leading them to create successful businesses, which eventually were sold for a combined total of $250 million - and led them to begin the process all over again with new startups.

Kyle Porter, Founder of SalesLoft leads this Q&A with T.A. McCann, Founder of Gist (acquired by RIM), Jon Ferrarra, Founder of Nimble, and David Cummings, Co-founder of Pardot.  Below is an edited transcript of their on-stage conversation.  You can see a video of the whole session at the bottom of this post.

* * * * *

customer engagementKyle Porter:  T.A., from your first businesses and your early entrepreneurship to now, how have customer expectations changed How has your understanding of customer expectations changed in the market place

T.A. McCann: One is on the customer experience side. People’s tolerance for a product that doesn’t work ordoesn’t look like it works very well is small and getting smaller. So you have to hook them very quickly into some sort of value before they’ll make a choice to move on to something.

Second, the engagement models. When we started Gist in 2008, Twitter was just starting to happen. The engagement model, certainly from customer engagement and supportive engagement, we wouldn’t have thought about that at all. How a big portion of our engagement, both in terms of marketing and support, happens on primarily Twitter, followed closely by Facebook and Linkedin.

Twitter, I think, is the most interesting part of that change over the last few years.

Kyle Porter:  Jon, when you all built Nimble, how did you account for the way that the customer wants to react How big a role did that play in the products creation

Jon Ferrara: One of the things that I learned early on when I first got into sales, is that sales people don’t work in a vacuum. They work as part of a larger team and everybody on that team is part of that conversation. I think that in today’s market place, it is more critical than ever.

What is going on is that the whole customer journey and experience is radically shifting where customers are doing their own homework. They are making their own buying decisions. Then they are starting to yell back at companies on every channel they want to, whatever department they want, and they expect an authentic and relevant response in a timely fashion from that department.

Most companies aren’t prepared for that.

Kyle Porter:  David, your business is known for its culture. Can you share some anecdotes about Pardot How does this air of transparency, openness and personality come out in your messaging and your branding, and in customer relations

David Cummings: We were really struggling with how to differentiate ourselves from the main competitors in the market. After going through that for about 6 or 12 months, we realized that the market at the time, this was back in 2007/2008, was very much traditional enterprise software.

Pricing wasn’t published, two year contracts were common place and salespeople were pushy. It was just a very traditional enterprise software model. We said, “What happens if we flip this on its head What if we made our pricing totally transparent What if we had all month to month, no contracts at all What if we take all of our knowledge base, all of our on-board materials, even our forum, and make it totally public online What if we really put everything out there”

One of the things that we would frequently say internally is, “The best form of sales for us is to educate our customers.”

The best form of sales is really education, knowing that if we educate them as well as we could, providing everything that they needed in a self service manner, at the end of the day they would have a better customer experience.

Kyle Porter:  T.A., I have heard you talk a bit about the early days of Gist. How you would set up weekly events where you would have customers come to your office, and you just engage deeply with them.

T.A. McCann: I am really a product kind of guy. I am an engineer. But I really enjoy the direct interaction with the customer.

When I first built Gist I just thought it was for sales people, so I would invite them on Wednesday nights to come to the office, one or two of them. I would spend the first 10 minutes trying to understand what they do. I would learn about new things, whose blogs they read, what technology they use. The next 10 minutes I would show them my very below average version of my product, and get their feedback. The last 10 minutes of their interaction, I would try to share with them a bunch of other solutions I knew that might solve their problem, contact management, CRM, etc.

I did that every Wednesday night for 18 months. So as the team went from me to three, to six, to 12, to 15, the whole team would participate in that. We would stay late after that and drink beer and eat pizza and work late into the night.

Kyle Porter:  Jon, your tool actually helps people engage with their customers. What have you learned and what spurred you towards the creation of Nimble

Jon Ferrara: I am going to tell you a little story about a small company called IBM that does that on a daily basis.

I want you all to go out and search on your Twitter stream, #SocialBizIBM. What you will see is worldwide. There are customer-facing business people at IBM who are, on a daily basis, educating and engaging the constituency out there in the social river.

What that does is build their personal brand. By building their personal brand, they are building a company brand. Today IBM, within two years, has become a thought leader in social business by empowering their customer phase in line-level business people to build their personal brand and thereby build the company brand.

This is the kind of engagement that can truly scale a company and a brand. The problem is when you are doing that, there is no context to the conversation. Basically, you all live in Twitter, Facebook, Linkedin, Pinterest, Instagram, Foursquare and Google+. Then you try to manage it with HootSuite or TweetDeck. But none of those conversations are tied back to who you are talking about, the customer/prospect/contacts that your company does business with.

That is what we are trying to solve with Nimble.

Kyle Porter:  David, what are some ideas for ways to tactically get that message out and connect with people that are your audience and that you’re looking to build a community with

David Cummings: I am a big fan of inbound marketing, or content marketing. If you look at JobChangeAlerts, it’s an app that ties into your Linkedin account. It will alert you whenever anybody in your Linkedin network changes jobs, which as a salesperson, is a compelling event with which to reach out and say, “Congrats on your new job.” As well as to stay on top of mine.

Tools in the market combined with content marketing, combined with many applications â€" many being really tiny special purpose apps that help people solve problems â€" I think that’s the future of marketing.

Kyle Porter:  T.A., where is all of this heading What are we going to see in the next couple of years

T.A. McCann: I would argue that most companies, even the most sophisticated ones, don’t yet have a holistic understanding of the user. It is quite difficult. Every now and again you can stitch together a couple of pieces. Somebody read this blog post, retweeted and then bought my product. Even that is sometimes pretty difficult. Let alone they bought my product and they told three other people about it and they told seven other people.

We will get there sometime soon. But that is quite challenging. So I think that is one component of it.

I think it’s this deeper understanding and profiling of people. If you look at it, all of you probably have an email list, right But can you stack rank that email list based on Klout score, like who is actually influential Can you stack rank that list on who has some influence to your brand or products Could you combine those two things together and say who has the real relevance and influence Who likes my “things,” and how do I make sure to send them a tee shirt

Jon Ferrara: I think it is all still too complex and hard. I think that all of us, as business professionals, know what we should do. I think as human beings we know what we should do. Do we all eat right  Do we all exercise right No.

I think that to be a business professional today is hard. I think that every day you wake up and you look at your inbox and you start digging out of that hole in the sand. It never, ever, ever is empty. It continually fills up.

I think that the future is not one monolithic company and product that is going to do all of that for us, like Microsoft Office. I think we all use the best of the breed little pieces and we put them altogether.

So I think that all of these software companies that are emerging today with these open API’s are going to be able to allow you, as a customer, to tie the products together those that best suit you.

Editor’s Note: This interview is a partial transcript of a panel discussion at the Social Biz Atlanta Conference in February 2013. The full video session is below.

This interview is part of our One on One series of conversations with some of the most thought-provoking entrepreneurs, authors and experts in business today. This interview has been edited for publication. To hear audio of the full interview, click the right arrow on the gray player below. You can also see more interviews in our interview series.




4 Startup Founders Discuss How Customer Engagement Has Changed

It takes a great deal of time, effort, passion and commitment to create successful businesses today.  Recently I had the pleasure of hosting  Social Biz Atlanta 2013 where four company founders of inbound marketing and CRM startups discussed how customer engagement has changed in the past 5 years with the rise of social media.  They shared a number of their experiences and insights leading them to create successful businesses, which eventually were sold for a combined total of $250 million - and led them to begin the process all over again with new startups.

Kyle Porter, Founder of SalesLoft leads this Q&A with T.A. McCann, Founder of Gist (acquired by RIM), Jon Ferrarra, Founder of Nimble, and David Cummings, Co-founder of Pardot.  Below is an edited transcript of their on-stage conversation.  You can see a video of the whole session at the bottom of this post.

* * * * *

customer engagementKyle Porter:  T.A., from your first businesses and your early entrepreneurship to now, how have customer expectations changed How has your understanding of customer expectations changed in the market place

T.A. McCann: One is on the customer experience side. People’s tolerance for a product that doesn’t work ordoesn’t look like it works very well is small and getting smaller. So you have to hook them very quickly into some sort of value before they’ll make a choice to move on to something.

Second, the engagement models. When we started Gist in 2008, Twitter was just starting to happen. The engagement model, certainly from customer engagement and supportive engagement, we wouldn’t have thought about that at all. How a big portion of our engagement, both in terms of marketing and support, happens on primarily Twitter, followed closely by Facebook and Linkedin.

Twitter, I think, is the most interesting part of that change over the last few years.

Kyle Porter:  Jon, when you all built Nimble, how did you account for the way that the customer wants to react How big a role did that play in the products creation

Jon Ferrara: One of the things that I learned early on when I first got into sales, is that sales people don’t work in a vacuum. They work as part of a larger team and everybody on that team is part of that conversation. I think that in today’s market place, it is more critical than ever.

What is going on is that the whole customer journey and experience is radically shifting where customers are doing their own homework. They are making their own buying decisions. Then they are starting to yell back at companies on every channel they want to, whatever department they want, and they expect an authentic and relevant response in a timely fashion from that department.

Most companies aren’t prepared for that.

Kyle Porter:  David, your business is known for its culture. Can you share some anecdotes about Pardot How does this air of transparency, openness and personality come out in your messaging and your branding, and in customer relations

David Cummings: We were really struggling with how to differentiate ourselves from the main competitors in the market. After going through that for about 6 or 12 months, we realized that the market at the time, this was back in 2007/2008, was very much traditional enterprise software.

Pricing wasn’t published, two year contracts were common place and salespeople were pushy. It was just a very traditional enterprise software model. We said, “What happens if we flip this on its head What if we made our pricing totally transparent What if we had all month to month, no contracts at all What if we take all of our knowledge base, all of our on-board materials, even our forum, and make it totally public online What if we really put everything out there”

One of the things that we would frequently say internally is, “The best form of sales for us is to educate our customers.”

The best form of sales is really education, knowing that if we educate them as well as we could, providing everything that they needed in a self service manner, at the end of the day they would have a better customer experience.

Kyle Porter:  T.A., I have heard you talk a bit about the early days of Gist. How you would set up weekly events where you would have customers come to your office, and you just engage deeply with them.

T.A. McCann: I am really a product kind of guy. I am an engineer. But I really enjoy the direct interaction with the customer.

When I first built Gist I just thought it was for sales people, so I would invite them on Wednesday nights to come to the office, one or two of them. I would spend the first 10 minutes trying to understand what they do. I would learn about new things, whose blogs they read, what technology they use. The next 10 minutes I would show them my very below average version of my product, and get their feedback. The last 10 minutes of their interaction, I would try to share with them a bunch of other solutions I knew that might solve their problem, contact management, CRM, etc.

I did that every Wednesday night for 18 months. So as the team went from me to three, to six, to 12, to 15, the whole team would participate in that. We would stay late after that and drink beer and eat pizza and work late into the night.

Kyle Porter:  Jon, your tool actually helps people engage with their customers. What have you learned and what spurred you towards the creation of Nimble

Jon Ferrara: I am going to tell you a little story about a small company called IBM that does that on a daily basis.

I want you all to go out and search on your Twitter stream, #SocialBizIBM. What you will see is worldwide. There are customer-facing business people at IBM who are, on a daily basis, educating and engaging the constituency out there in the social river.

What that does is build their personal brand. By building their personal brand, they are building a company brand. Today IBM, within two years, has become a thought leader in social business by empowering their customer phase in line-level business people to build their personal brand and thereby build the company brand.

This is the kind of engagement that can truly scale a company and a brand. The problem is when you are doing that, there is no context to the conversation. Basically, you all live in Twitter, Facebook, Linkedin, Pinterest, Instagram, Foursquare and Google+. Then you try to manage it with HootSuite or TweetDeck. But none of those conversations are tied back to who you are talking about, the customer/prospect/contacts that your company does business with.

That is what we are trying to solve with Nimble.

Kyle Porter:  David, what are some ideas for ways to tactically get that message out and connect with people that are your audience and that you’re looking to build a community with

David Cummings: I am a big fan of inbound marketing, or content marketing. If you look at JobChangeAlerts, it’s an app that ties into your Linkedin account. It will alert you whenever anybody in your Linkedin network changes jobs, which as a salesperson, is a compelling event with which to reach out and say, “Congrats on your new job.” As well as to stay on top of mine.

Tools in the market combined with content marketing, combined with many applications â€" many being really tiny special purpose apps that help people solve problems â€" I think that’s the future of marketing.

Kyle Porter:  T.A., where is all of this heading What are we going to see in the next couple of years

T.A. McCann: I would argue that most companies, even the most sophisticated ones, don’t yet have a holistic understanding of the user. It is quite difficult. Every now and again you can stitch together a couple of pieces. Somebody read this blog post, retweeted and then bought my product. Even that is sometimes pretty difficult. Let alone they bought my product and they told three other people about it and they told seven other people.

We will get there sometime soon. But that is quite challenging. So I think that is one component of it.

I think it’s this deeper understanding and profiling of people. If you look at it, all of you probably have an email list, right But can you stack rank that email list based on Klout score, like who is actually influential Can you stack rank that list on who has some influence to your brand or products Could you combine those two things together and say who has the real relevance and influence Who likes my “things,” and how do I make sure to send them a tee shirt

Jon Ferrara: I think it is all still too complex and hard. I think that all of us, as business professionals, know what we should do. I think as human beings we know what we should do. Do we all eat right  Do we all exercise right No.

I think that to be a business professional today is hard. I think that every day you wake up and you look at your inbox and you start digging out of that hole in the sand. It never, ever, ever is empty. It continually fills up.

I think that the future is not one monolithic company and product that is going to do all of that for us, like Microsoft Office. I think we all use the best of the breed little pieces and we put them altogether.

So I think that all of these software companies that are emerging today with these open API’s are going to be able to allow you, as a customer, to tie the products together those that best suit you.

Editor’s Note: This interview is a partial transcript of a panel discussion at the Social Biz Atlanta Conference in February 2013. The full video session is below.

This interview is part of our One on One series of conversations with some of the most thought-provoking entrepreneurs, authors and experts in business today. This interview has been edited for publication. To hear audio of the full interview, click the right arrow on the gray player below. You can also see more interviews in our interview series.




Barry’s Bite: The Only Business Formula to Grow A Business

Welcome to Barry’s Bite, a weekly article series from Barry Moltz, host of Business Insanity Radio.  In this first article, Barry shares with us his thoughts on the only formula that grows a business.

 

Growing a business takes focusing on one simple formula: Profit = Revenue - Expense

Unfortunately, this is difficult because few small-business owners focus on their monthly financial statements. In any economy, a healthy company matches every expense with a revenue source to increase its profitability. Does every expense have a purpose

Focus on these profit and loss statement categories:

  1. Cost of Goods Sold (or Cost of Sales): Is this the lowest price to produce the quantity needed at the quality customers will accept Can the quality be reduced and still keep or grow the customer base Some companies provide excess quality the customer does not want or won’t pay for. It all starts with identifying the numbers by using a simple accounting software such as Sage 50 and Quickbooks.
  2. Rent (and Associated Utilities): Does the company need a physical space or can it be virtual There are many tools that are available that can enable communication between team members such as Sharepoint, Dropbox and Google Drive.
  3. Marketing and Sales: How does the company attract customers Is this done using face to face, local search advertising, email or social media Since every marketing expense is now “trackable” there is no excuse to find out what works and what is a waste of money.
  4. People: Who at the company brings in the revenue or supports it Fire everyone else! What happens to the company’s productivity when a particular employee is on vacation
  5. Phones and the Internet: When was the last time the company plan was checked since area is always priced competitively. Can a free service like Skype or OoVoo be used instead
  6. Health Insurance: Obamacare officially gets started in 2014, but how will it affect your small business Companies under 50 people may see a rebate, but larger companies may see an increase in cost.
  7. Office Supplies: Some companies tell employees to BYOS (Bring Your Own Supplies)! Remember, an office will consume as many office products as it is fed. Set a limit.

If other expenses were eliminated, what would really happen to the business Business owners are surprised to see what they can do without.

Barry is a nationally recognized expert on small business who has given hundreds of presentations to audiences ranging in size from 20 to 20,000. As a member of the Entrepreneurship Hall of Fame, he has also taught entrepreneurship as an adjunct professor at the Illinois Institute of Technology. He has appeared on many TV and radio programs such as CNBC’s The Big Idea with Donny Deutsch, MSNBC’s Your Business and NPR’s The Tavis Smiley Show. He hosts his own radio show, Business Insanity Talk Radio, and writes regularly for the American Express Open Forum, and Forbes.com.      

Three Solutions That Make Remote Access To Your Files Easier Than Ever

If you are a business traveler who is cranking up frequent flyer miles or someone who is constantly on the go, this is a critical bit of information for you. Consider any of these all too familiar business problems - (a) you just left the office and your boss asks you to urgently forward an attachment emailed a couple of weeks ago or (b) you are in the midst of that crucial presentation to a client in a café using a file stored in the cloud but the Wi-Fi is painfully slow or (c) while some of your clients prefer to share files using Google Drive or Dropbox, others prefer to simply email them, leaving you struggling to organize your work documents. So just how do you integrate and access your work files scattered across different locations including your inbox

There are several applications which can help you seamlessly access personal and office files via your mobile phone or tablet devices. Not only do these applications allow you to remotely edit your documents and share them with clients, they also ensure that the information is synchronized with your office computer and cloud network. Let’s review some of these.

Documents To Go

Developed by DataViz, this application is the seasoned player in the market and really does take your office on the road with you!  Download this application to access Microsoft Word, Excel and PowerPoint files, view password protected and high fidelity PDF files. The full version of the app is more than just a viewer. Fully integrated with Google Docs, Gmail and other email applications, Documents To Go let’s you download, format and share files with ease. Developed specifically for Android devices, the basic version is free while the premium version for Android phones costs $14.99. The application comes preinstalled in Blackberry 7 and is available on iPhone for $9.99 and $16.99 for the basic and premium version respectively. For Symbian S60 devices the premium version of the app can be downloaded for as low as $6.99 in the OVI store. On the flip side however this is not the best word processing pp and does not fully support other cloud services like Dropbox. And yes the full version of the app will consume 7MB of space on your device.

Quickoffice (acquired by Google)

With more than 60,000 users being added every day, Quick Office is touted to be the world’s most installed office app. Available in three versions- Quickoffice Pro HD ($19.99 for iPad/ Android Tablet), Quickoffice Pro ( $14.99 for iPhone / iPod Touch /Android ) and Quickoffice (free),  the app offers a desktop-like office experience on your mobile device. With this app you can access, modify and share Microsoft Office files stored not only on your device but also in the cloud whether it’s Box.net, Google Docs, Dropbox, Huddle, SugarSync or MobileMe.  Hide columns and rows, merge cells, wrap text and scroll excel spreadsheets with its easy user interface controls. Use the app to insert pictures, format text and add bullets on word documents as well as to animate presentations.  Best of all Quickoffice offers you an all in one office solution whether online or offline.  And while it does not have a print option, you an print on a Wi-Fi printer by downloading a free app available on Google Play.

Documents.Me

This is the latest kid on the app block! Whether a document is stored on your PC, on different public cloud locations or is available in your inbox as an attachment, you can now search and access it on your mobile device using the Documents.Me application. No longer the stress of remembering where the file is stored, all you need to do is enter the file name or content and the application locates the file by scanning all possible locations.  As per Documents.Me founder R. Paul Singh the application has been designed as a comprehensive platform for accessing relevant documents while on-the-go. This is also perhaps the reason why the application allows files to be viewed in the offline mode. What’s more the application is free and employs adequate security measures making it an ideal business solution for remote access and sharing of critical documents. Known previously as DocSync, Documents.Me appliation is currently available on iPhone and iPad devices only.

While these remote access apps are a great way to track client documents across locations and keep requisite business information in the palm of your hands, they can also prove to be a vital tool for enhancing your team’s productivity on the go!



Three Solutions That Make Remote Access To Your Files Easier Than Ever

If you are a business traveler who is cranking up frequent flyer miles or someone who is constantly on the go, this is a critical bit of information for you. Consider any of these all too familiar business problems - (a) you just left the office and your boss asks you to urgently forward an attachment emailed a couple of weeks ago or (b) you are in the midst of that crucial presentation to a client in a café using a file stored in the cloud but the Wi-Fi is painfully slow or (c) while some of your clients prefer to share files using Google Drive or Dropbox, others prefer to simply email them, leaving you struggling to organize your work documents. So just how do you integrate and access your work files scattered across different locations including your inbox

There are several applications which can help you seamlessly access personal and office files via your mobile phone or tablet devices. Not only do these applications allow you to remotely edit your documents and share them with clients, they also ensure that the information is synchronized with your office computer and cloud network. Let’s review some of these.

Documents To Go

Developed by DataViz, this application is the seasoned player in the market and really does take your office on the road with you!  Download this application to access Microsoft Word, Excel and PowerPoint files, view password protected and high fidelity PDF files. The full version of the app is more than just a viewer. Fully integrated with Google Docs, Gmail and other email applications, Documents To Go let’s you download, format and share files with ease. Developed specifically for Android devices, the basic version is free while the premium version for Android phones costs $14.99. The application comes preinstalled in Blackberry 7 and is available on iPhone for $9.99 and $16.99 for the basic and premium version respectively. For Symbian S60 devices the premium version of the app can be downloaded for as low as $6.99 in the OVI store. On the flip side however this is not the best word processing pp and does not fully support other cloud services like Dropbox. And yes the full version of the app will consume 7MB of space on your device.

Quickoffice (acquired by Google)

With more than 60,000 users being added every day, Quick Office is touted to be the world’s most installed office app. Available in three versions- Quickoffice Pro HD ($19.99 for iPad/ Android Tablet), Quickoffice Pro ( $14.99 for iPhone / iPod Touch /Android ) and Quickoffice (free),  the app offers a desktop-like office experience on your mobile device. With this app you can access, modify and share Microsoft Office files stored not only on your device but also in the cloud whether it’s Box.net, Google Docs, Dropbox, Huddle, SugarSync or MobileMe.  Hide columns and rows, merge cells, wrap text and scroll excel spreadsheets with its easy user interface controls. Use the app to insert pictures, format text and add bullets on word documents as well as to animate presentations.  Best of all Quickoffice offers you an all in one office solution whether online or offline.  And while it does not have a print option, you an print on a Wi-Fi printer by downloading a free app available on Google Play.

Documents.Me

This is the latest kid on the app block! Whether a document is stored on your PC, on different public cloud locations or is available in your inbox as an attachment, you can now search and access it on your mobile device using the Documents.Me application. No longer the stress of remembering where the file is stored, all you need to do is enter the file name or content and the application locates the file by scanning all possible locations.  As per Documents.Me founder R. Paul Singh the application has been designed as a comprehensive platform for accessing relevant documents while on-the-go. This is also perhaps the reason why the application allows files to be viewed in the offline mode. What’s more the application is free and employs adequate security measures making it an ideal business solution for remote access and sharing of critical documents. Known previously as DocSync, Documents.Me appliation is currently available on iPhone and iPad devices only.

While these remote access apps are a great way to track client documents across locations and keep requisite business information in the palm of your hands, they can also prove to be a vital tool for enhancing your team’s productivity on the go!



Three Solutions That Make Remote Access To Your Files Easier Than Ever

If you are a business traveler who is cranking up frequent flyer miles or someone who is constantly on the go, this is a critical bit of information for you. Consider any of these all too familiar business problems - (a) you just left the office and your boss asks you to urgently forward an attachment emailed a couple of weeks ago or (b) you are in the midst of that crucial presentation to a client in a café using a file stored in the cloud but the Wi-Fi is painfully slow or (c) while some of your clients prefer to share files using Google Drive or Dropbox, others prefer to simply email them, leaving you struggling to organize your work documents. So just how do you integrate and access your work files scattered across different locations including your inbox

There are several applications which can help you seamlessly access personal and office files via your mobile phone or tablet devices. Not only do these applications allow you to remotely edit your documents and share them with clients, they also ensure that the information is synchronized with your office computer and cloud network. Let’s review some of these.

Documents To Go

Developed by DataViz, this application is the seasoned player in the market and really does take your office on the road with you!  Download this application to access Microsoft Word, Excel and PowerPoint files, view password protected and high fidelity PDF files. The full version of the app is more than just a viewer. Fully integrated with Google Docs, Gmail and other email applications, Documents To Go let’s you download, format and share files with ease. Developed specifically for Android devices, the basic version is free while the premium version for Android phones costs $14.99. The application comes preinstalled in Blackberry 7 and is available on iPhone for $9.99 and $16.99 for the basic and premium version respectively. For Symbian S60 devices the premium version of the app can be downloaded for as low as $6.99 in the OVI store. On the flip side however this is not the best word processing pp and does not fully support other cloud services like Dropbox. And yes the full version of the app will consume 7MB of space on your device.

Quickoffice (acquired by Google)

With more than 60,000 users being added every day, Quick Office is touted to be the world’s most installed office app. Available in three versions- Quickoffice Pro HD ($19.99 for iPad/ Android Tablet), Quickoffice Pro ( $14.99 for iPhone / iPod Touch /Android ) and Quickoffice (free),  the app offers a desktop-like office experience on your mobile device. With this app you can access, modify and share Microsoft Office files stored not only on your device but also in the cloud whether it’s Box.net, Google Docs, Dropbox, Huddle, SugarSync or MobileMe.  Hide columns and rows, merge cells, wrap text and scroll excel spreadsheets with its easy user interface controls. Use the app to insert pictures, format text and add bullets on word documents as well as to animate presentations.  Best of all Quickoffice offers you an all in one office solution whether online or offline.  And while it does not have a print option, you an print on a Wi-Fi printer by downloading a free app available on Google Play.

Documents.Me

This is the latest kid on the app block! Whether a document is stored on your PC, on different public cloud locations or is available in your inbox as an attachment, you can now search and access it on your mobile device using the Documents.Me application. No longer the stress of remembering where the file is stored, all you need to do is enter the file name or content and the application locates the file by scanning all possible locations.  As per Documents.Me founder R. Paul Singh the application has been designed as a comprehensive platform for accessing relevant documents while on-the-go. This is also perhaps the reason why the application allows files to be viewed in the offline mode. What’s more the application is free and employs adequate security measures making it an ideal business solution for remote access and sharing of critical documents. Known previously as DocSync, Documents.Me appliation is currently available on iPhone and iPad devices only.

While these remote access apps are a great way to track client documents across locations and keep requisite business information in the palm of your hands, they can also prove to be a vital tool for enhancing your team’s productivity on the go!



Barry’s Bite: The Only Business Formula to Grow A Business

Welcome to Barry’s Bite, a weekly article series from Barry Moltz, host of Business Insanity Radio.  In this first article, Barry shares with us his thoughts on the only formula that grows a business.

 

Growing a business takes focusing on one simple formula: Profit = Revenue - Expense

Unfortunately, this is difficult because few small-business owners focus on their monthly financial statements. In any economy, a healthy company matches every expense with a revenue source to increase its profitability. Does every expense have a purpose

Focus on these profit and loss statement categories:

  1. Cost of Goods Sold (or Cost of Sales): Is this the lowest price to produce the quantity needed at the quality customers will accept Can the quality be reduced and still keep or grow the customer base Some companies provide excess quality the customer does not want or won’t pay for. It all starts with identifying the numbers by using a simple accounting software such as Sage 50 and Quickbooks.
  2. Rent (and Associated Utilities): Does the company need a physical space or can it be virtual There are many tools that are available that can enable communication between team members such as Sharepoint, Dropbox and Google Drive.
  3. Marketing and Sales: How does the company attract customers Is this done using face to face, local search advertising, email or social media Since every marketing expense is now “trackable” there is no excuse to find out what works and what is a waste of money.
  4. People: Who at the company brings in the revenue or supports it Fire everyone else! What happens to the company’s productivity when a particular employee is on vacation
  5. Phones and the Internet: When was the last time the company plan was checked since area is always priced competitively. Can a free service like Skype or OoVoo be used instead
  6. Health Insurance: Obamacare officially gets started in 2014, but how will it affect your small business Companies under 50 people may see a rebate, but larger companies may see an increase in cost.
  7. Office Supplies: Some companies tell employees to BYOS (Bring Your Own Supplies)! Remember, an office will consume as many office products as it is fed. Set a limit.

If other expenses were eliminated, what would really happen to the business Business owners are surprised to see what they can do without.

Barry is a nationally recognized expert on small business who has given hundreds of presentations to audiences ranging in size from 20 to 20,000. As a member of the Entrepreneurship Hall of Fame, he has also taught entrepreneurship as an adjunct professor at the Illinois Institute of Technology. He has appeared on many TV and radio programs such as CNBC’s The Big Idea with Donny Deutsch, MSNBC’s Your Business and NPR’s The Tavis Smiley Show. He hosts his own radio show, Business Insanity Talk Radio, and writes regularly for the American Express Open Forum, and Forbes.com.      

An Elevator, Escalator and Stairway Pitch: Cartoon

business cartoon

I remember attending some sort of sales seminar where we had to craft an elevator pitch. You know, a short summary of who you are, what you do and why it’s the best thing since sliced bread.

I know a lot of people worked really hard on distilling something great from pages and pages of material. But I’ve always been choosier about my words anyway. So it came fairly easily to me.

If those other folks had to craft additional pitches like in this business cartoon, I think they’d still be at that seminar.




An Elevator, Escalator and Stairway Pitch: Cartoon

business cartoon

I remember attending some sort of sales seminar where we had to craft an elevator pitch. You know, a short summary of who you are, what you do and why it’s the best thing since sliced bread.

I know a lot of people worked really hard on distilling something great from pages and pages of material. But I’ve always been choosier about my words anyway. So it came fairly easily to me.

If those other folks had to craft additional pitches like in this business cartoon, I think they’d still be at that seminar.




Major web applications open to hijacking flaw

Twitter, LinkedIn, Yahoo! and Hotmail accounts are open to hijacking thanks to a flaw that allows cookies to be stolen and reused.

According to researcher Rishi Narang, these applications fail to assign new session identities, which allows for a session fixation attack in which the accounts can be hijacked.

An attacker would need to intercept cookies while the user is logged into the service, as the cookies expire on logout - with the exception of LinkedIn, which kept its cookies active for three months, Narang said.

Attackers in possession of the right cookie would have unfettered access to accounts. Password changes would not prevent access.

SC Magazine Australia replayed Narang's proof of concept steps and was able to access various Twitter accounts by inserting the respective alphanumeric auth_token into locally-stored Twitter cookies using the cookie manager browser extension. It is understood Twitter knew of the vulnerability.

Microsoft Outlook, Live services and Yahoo were also affected,

Narang said: "Twitter, Microsoft and Yahoo used HTTPS to help mitigate the risk of the cookies being remotely intercepted, but Narang said that was not enough.

"To me it is a compensatory control, it is not a fix for a session management vulnerability," Narang said.

"There are examples where cookies can be accessible to hijack authenticated sessions, and these cookies are days, sometimes months old. As a result, someone can successfully access accounts that belong to individuals from different global locations."

Director of Sydney-based penetration testing firm HackLabs, Chris Gatford, was surprised such large companies would leave the vulnerability exposed.

"It's web app security 101," Gatford said.

He said other attack techniques would be required in order to swipe the cookies and gain account access from a remote location.

"You could use some sort of cross-site scripting attack if you did not have physical access to the machine".

During penetration tests Gatford found many organisations were exposed to the vulnerability and failed to fix it after becoming aware of the problem. He said a quick fix for some complex frameworks could be to utilise two cookies for the login process.



GCHQ establishes vulnerability detection research group

GCHQ has announced that it is to open an academic research institute that will seek vulnerabilities in software.

According to Computer Weekly, the group will provide businesses, individuals and government with details on software behaviour in a secure way when it is installed on operational networks.

The group is funded by a £4.5 million grant and made up of teams from: Queen Mary, University of London working with University of Kent and University College London; University of Edinburgh; Imperial College London; University College London; University of Kent working with University College London; and the University of Manchester.

Also involved are partnerships with the Engineering and Physical Sciences Research Council (EPSRC) through the Research Councils UK (RCUK) Global Uncertainties Programme and the Department for Business, Innovation and Skills (BIS).

Imperial College London will host the research institute, with Professor Philippa Gardner appointed as director of research. She said: "The creation of this research institute recognises the excellence of UK research in automated program analysis and verification. It provides an exciting opportunity to focus this research on cyber security."

David Delpy, EPSRC's chief executive, said: "Academic research that both evaluates threats and devises appropriate defences and safeguards is vital to our national and personal security. Fundamental and applied science and engineering have important roles to play here."

David Willetts, minister for universities and science, said: "This institute will build on the UK's global reputation for cyber security research and innovation. It complements wider work government in partnership with academia and industry to boost the economy through improved cyber security. This includes the Cyber Growth Partnership, which met for the first time this week"

Ash Patel, regional director of Stonesoft, said: “Today's cyber battles have no geographic boundaries and the attack methods used by hackers are fast gaining complexity. The creation of a vulnerability research unit by GCHQ is a positive move forward and helps further demonstrate to UK businesses that the government is truly committed to fighting cyber crime and threats.

“This builds upon the UK government's call to work closer with industry and academia in developing an endorsed standard for cyber security earlier this month.

“In the current economic climate, Britain needs to promote the fact it is doing everything possible to develop a safe trading environment and encouraging investment from global enterprises. Security is a key factor in this. However, businesses cannot rely on the government alone. For ultimate success, businesses must work in parallel with the institute, ensuring protocols are in place that help employees identify potential cyber security risks.”



10 Tips for Content Marketing Like a Rock Star

content marketing

Content marketing is on the rise.

Seventy percent of businesses surveyed in a recent Econsultancy/Responsys Marketing Budgets 2013 Report said they intended to spend more this year on content marketing efforts.

That puts content marketing ahead of both search engine optimization and email marketing in terms of spending planned by the majority of companies in 2013, the report says.

The results are validation for online small business owners and entrepreneurs who for years have been using content marketing as a cost effective way of building their brands and getting their messages out.

But it also means stiffer competition from here on in as businesses begin to focus on content marketing as a core strategy for reaching customers. Below are 10 tips for staying ahead of the competition by content marketing like a rock star in 2013.

Seek Nirvana

Great content, like any other great achievement, is often a work in progress. Here Andrew Delamarter gives us a brief overview of what a great content marketing strategy should look like and provides us with a checklist to see how far our own efforts are from perfection. Search Engine Watch

Create Experience

Content marketing should not exist in a vacuum, writes Ben Barone-Nugent, senior digital writer & content strategist at the TBWA agency. Instead, it should be one part of an overall experience created for your customer, including great user experience, attentive channel monitoring, and a solid overall digital strategy. The Guardian

Play the Long Game

Content marketing does not yield immediate results, says blogger Beth Hayden. Think of the posts in a blog as a “sideways sales letter,” she says. Instead of a 4,000 word sales letter to a customer in an effort to make an immediate sale, your blog should be about writing many 1,000 word posts over years and having customers or readers enter in at various places in the sales process. Copyblogger

Spread the Word

An estimated 91 percent of B2B marketers and 86 percent of B2C marketers already use content marketing to generate leads and with good reason. Those who create keyword rich content from blog posts to articles to YouTube videos consistently top search results. But to do content marketing well, you must first understand how an effective campaign works. Entrepreneur

Protect Your Assets

You may not think of the content you create as a business asset, but that is exactly how you should be viewing the content you create regularly for your audience and customers. Like any other asset, your content marketing can be damaged to the point where it cannot benefit your business as it should. Here Jeff Gordon explains some mistakes to avoid. BuyerZone

Follow the Rules

Rock stars may like to break the rules occasionally, but they, too, live by a code. They understand the importance of their audience and will go to great lengths to meet their expectations. Today, social media sites like Facebook and Twitter are changing the way content marketers connect with their audiences, says content marketing expert Matt Kumin. Marketing Daily

Keep it Valuable

Content comes in all forms. One of those that we think of less often is the online presentations posted on the popular site SlideShare. SlideShare attracts 60 million visitors and 130 page views monthly, making it one of the 200 most visited sites in the world. Here’s what we can learn about quality content from SlideShare. Forbes

Know Your Audience

In this post, content creator Amie Marse talks about the importance of knowing your audience, in this case, women. It’s important for content marketers to know and understand their audience and prospective customers in order to create appropriate content. The type of audience might also determine the kind of content you create. Small Business Trends

Understand the Creation Process

One of the hardest parts for some small business owners is understanding what content really is and how to create it, says Rachel Parker of Resonance Content Marketing in this podcast interview. But content marketing is both simpler and more complicated than most small business owners and marketers realize. Jontus Media

Ignore the Trends

Content marketing continues to grow in importance, so sooner or later expect some backlash, says Frank Strong. For those business owners and entrepreneurs who worry this is simply a fad, don’t. Content marketing may be in the spotlight at the moment, but it is also here to stay. Sword and the Script

Rock Star Photo via Shutterstock




Subscribe to: Posts (Atom)