Way back when, personal computers were just gadgets enjoyed by hobbyists.
Then, in 1979, Dan Bricklin and Bob Frankston invented VisiCalc, the world’s first electronic spreadsheet.
VisiCalc was, for the personal computer, what the inflation that followed the Big Bang was for the universe.
Then the Internet happened, and with it the four key innovations that made it interesting enough to stimulate all the other innovations that made it more interesting: Wikipedia, search engines, Google Maps, and Amazon.
Wikipedia is on the list because it changed where we all go to satisfy our curiosity about just about anything with confidence we aren’t just reading FAKE NEWS!
Search engines? Because they’re what we use when we want to find something someone wants us to find.
Google Maps wasn’t the first mapping application, but it’s completely replaced paper maps and the Yellow Pages for locating anything and navigating to it.
And Amazon is what we use when we want to buy something, never mind if the vendor is nearby or not. It’s also supplanted local libraries, and in part is supplanting the Library of Congress. It’s also what we use when we want to find a book about something.
Not to trivialize everything else on the internet … many readers would, for example, add blogs and social media … but it’s these innovations that resulted in the internet supplanting much of physical reality.
Then there’s one more innovation that, in its own way, has been just as influential: cybercrime. It’s key impact: Preventing innovation. This week’s topic: How to encourage innovation without endangering the enterprise.
Start here: “Innovation” isn’t a thing. Or more precisely, it isn’t just one thing. Conversations about innovation are easily derailed by confusing and conflating innovation’s various contexts.
Conversations about innovation are, for most people most of the time, about products and services. Product-innovative companies design, engineer, market, and sell products and services that have unexpected and exciting features.
Not that there’s anything wrong with adding unexpected and exciting features to your business’s products and services. Far from it: When it comes to marketplace success, product innovation is right up there with selling at the lowest price and making the whole buying experience more convenient.
Only in this day and age, many potentially valuable features might never see the light of day due to cybersecurity considerations.
Or, even worse, they might see the light of day while ignoring their cybersecurity implications.
When the subject is innovation and it isn’t about products and services, it’s probably about internal processes. And when it comes to competitive advantage, that’s as it should be: Better internal processes can result in lower product prices and improvements in convenience.
Big process improvements tend to come from formal projects that build cybersecurity into their deliverables. But as a general rule, there’s as much opportunity from large numbers of small improvements as from small numbers of big improvements.
If it weren’t for cybersecurity worries, business users could, between Excel and Robotic Process Automation tools, sand off a lot of small obstacles to process efficiency with minimal IT involvement.
But taking cybersecurity concerns into account, a lot of these opportunities will never see the light of day.
Products and processes are the most obvious types of innovation that can be stifled by cybersecurity considerations. But they aren’t the only ones.
But wait! There’s more!
Two types of innovation get less attention than they deserve: capability innovation and customer innovation.
Capability innovation is making the business competent at skills it could use to improve its products, services, and internal processes if only it knew how to do something.
Customer innovation is all about finding ways to attract customer segments the company currently ignores.
Both of these innovation categories are just as prone to being stifled by cybersecurity concerns as products and processes.
Bob’s last word: I’d love to tell you I have a brilliant solution that results in a highly innovative business that’s also perfectly hardened.
I don’t. My best suggestion (no, not “best practice”!) is an all-out, no-hold’s-barred, high-visibility effort to build cybersecurity awareness into the business culture. Couple that with turning the Cybersecurity organization into a highly accessible internal consulting group, ready, willing, and able to help anyone developing an innovation to harden their innovation.
If you have other alternatives to suggest, please post them in the comments. That’s what they’re for.
Bob’s sales pitch: It isn’t really a sales pitch, but it’s time for the annual KJR census. It’s your opportunity to let me know enough subscribers have enough interest in what I write every week to warrant the time and effort needed to write it.
It’s also your opportunity to let me know which of the topics I tend to write about … and others that I don’t … are topics you want to read about.