For Retailers, “Insourcing” Adtech is the New Black

By Declan Kennedy, CEO StitcherAds

Insourcing is not a brand new concept. But it’s taken a long time – too long – to reach the part of the enterprise most critical to its success: the part that acquires new customers and grows revenue. Fortunately that’s now changing.

Not so long ago, outsourcing was all the rage when reducing costs. But more recently, enterprises have found that the need to respond quickly and change frequently – tying together information from many silos of the business – it’s more effective and more secure to bring what were once exotic specialities in-house rather than leaving it to a third party.

For example, we saw UK retailer Marks & Spencer move e-commerce systems from Amazon Web Services back in-house. Now appropriate and more mature applications are available to support this, many businesses are taking an intelligent and crucial step towards ensuring ROI on many processes like website development, SEO, and most recently marketing automation. Savvy digital marketers will anticipate that with the right tools, they can get the results they need without losing crucial time spent communicating with third parties.

This movement has been brought about by the collision of two big trends: the SaaS revolution, which has completely changed expectations of software those in enterprises and SMBs alike; and Big Data, where the variety, velocity and volume of information and in particular customer interactions can no longer be left to others. No longer are radically changing and arbitrary costs the norm for a service, instead people can bring processes in-house with the support of an effective SaaS platform, for a steady and fixed price. This has been an almost universal shift within business with but one exception because of its traditional moorings – adtech. But this cannot last.

For retailers, in particular, where the skills of using direct response advertising to capture opportunities in near-real-time and win new customers by rapidly shifting offers to reflect changing demand are crucial, the adoption of effective marketing automation tools is paramount. In a recent report from eMarketer, analysis shows US retail digital ad spending will reach $11.05 billion in 2014 shows, with a 70% emphasis on ads meant to trigger sales and leads than those intended to boost brand awareness – with increasing amounts being spent on direct response, the most value is going to come for retailers who need to make every penny count.

Agencies still have a role to play – their strategic insights are often extremely valuable, but creating a lot of advertisements rapidly isn’t something that makes sense to price based on a percentage of spend (CPM). Businesses are starting to realise Facebook has become an incredibly powerful channel for direct response advertising, and with the right technology they can maximise sales conversion rates, whilst keeping costs low and predictable. Adtech is by no means as mature as it should be, but in-house marketing teams, vendors and agencies alike are starting to wake up to its possibilities.

Count To Five And Keep Advanced Threats At Bay

By Sean Newman, Security Evangelist for Sourcefire, now part of Cisco

As business environments change, security infrastructure must change to enable business success. Whether you’re operating under increased risk from advanced targeted attacks, or transitioning to the cloud or mobile devices for the productivity, agility and efficiency these technologies provide, the end result is the same: You need to adapt your security infrastructure in lock-step. You can’t afford to leave gaps in protection for today’s sophisticated attackers exploit.

However, finding the resources to address the evolving cyber security landscape effectively can be challenging. Today’s attacks are stealthier than ever. To understand and protect against them, organisations need to mobilise all aspects of their defenses to focus on the threat, including services. It’s about gaining visibility and control across the extended network and the full attack continuum – before an attack happens, during the time it is in progress, and even after an attack may have been successful, with information stolen or systems damaged. This new threat-centric model is driving changes in cyber security technologies, products and services alike.

The first wave of managed security service providers (MSSPs) focused on getting products and tools up and running, maintenance, upgrades, and training. But today, effective cyber security services need to be based on an in-depth and continuously evolving knowledge of the threats themselves, not just the operations of the technology. Reflective of a new era in how we must address cyber security, some industry analysts are starting to call this next wave of security services MSSP 2.0.

Based on in-house security skills, budget, and competing business priorities you may choose to outsource more or less of your cyber security needs. Wherever you fall on the outsourcing spectrum, when evaluating managed security services, the following five questions can help ensure you get the support you need to stay focused on the threat:

1. What types of telemetry form the basis for your visibility and detection capabilities? 

If the answer is simply flow or log data, that isn’t enough. Other data, such as protocol metadata (i.e., data extracted directly from packets traversing the network) is a rich source of insights into today’s more popular attack methods like ‘watering hole’ attacks and phishing campaigns that contain links to malicious sites. In these cases, the ability to incorporate HTTP metadata in a telemetry model provides the depth of information needed to help detect web-based threats. With more data, the more effective the MSSP will be in zeroing-in on anomalies and that’s a key capability to finding the needle in the haystack.

2. How are you performing analytics on that data? 

With the inspection of more data, simple analytics models such as correlating logs against common rule-sets fall short, particularly if they do not function in real-time. Advanced, real-time, big data analytics techniques are essential to scrutinise the large amounts of data gathered, not just locally across the enterprise, but globally through community-based threat intelligence. This level of analysis isn’t based on rules that attackers can understand and hence evade, but is predictive and uses dynamic statistical modelling to identify anomalous behaviours from granular, customer network baselines and other indications of compromise (IoCs) to pinpoint likely malicious activities. Regardless of the number of telemetry sources used, applying robust analytics to data, rather than simple correlation, will result in high-fidelity detections.  

3. Where do you keep that data and how do you protect it?

You’ll need to understand if the data is held onsite, at the MSSP’s data centre, or in the cloud. Depending on the type of data your organisation has, the compliance requirements you face, and the guarantees the MSSP provides, you’ll need to decide if the answer is adequate and, if not, can they offer an alternative approach. This is an individual choice, for each organisation, and must be based on the comfort level of all parties affected from the technical, legal, and business sides of the organisation.

4. What do you report on?

Data is great, but you must be able to understand and act on it. You need a level of assurance that the data is correlated to provide context, so that the information you’re getting is relevant to your environment and has been prioritised. In this way you can focus on the threats that matter most. Time is of the essence when dealing with advanced targeted attacks that have a specific mission. Understand if the MSSP is able to present you with only vetted, high-fidelity, information, versus an endless list of events that require further analysis and investigation to determine whether they are true or false alerts.

5. How can you help protect my organisation against unknown, zero-day attacks?

To detect and protect against zero-day threats you need to be able to go beyond traditional point-in-time approaches with capabilities that let you monitor and analyse on an ongoing basis, across your extended network. That’s where the value of diverse telemetry, coupled with predictive analytics and statistical modelling, really becomes apparent. This moves beyond mere event correlation, that the MSSPs have offered for years.  In combination, these capabilities can pinpoint nearly imperceptible IoCs and anomalies to help identify these particularly stealthy and damaging attacks.

Given today’s business, regulatory, and cyber security challenges more and more organisations are looking for outside expert help, to protect their environments from cyber attacks. By asking these key questions, you can help ensure you’re MSSP is staying focused on the threats themselves in order to deliver the protection you need.

LUSH uses Data to Improve In-Store Performance

By Claire West, Fresh Business Thinking 

Lush has made data analytics available to staff on the shop floor as well as in its warehouses, so they have real-time information on sales performance at their fingertips.

Not only has this helped to tap into the ambitious spirit of staff – competing over which store can do best in terms of sales and performance – but it also gives them information to make decisions and better the customer experience.

For example, if they notice a particular bath bomb is selling well with a certain shampoo, they can change the store layout so the items are closer together.

As all products are created from fresh ingredients, the retailer has actually been able to achieve savings of £1 million through ensuring it is making use of it is produce in the most effective way – only ordering exactly what it needs to create the right amount of goods for the levels being sold and ensuring no products go out of date.

Technology platform, QlikView Business Discovery, is being used by employees at every level throughout the business to provide access to relevant sales, stock, store and staff information to improve performance.

Scott Silverthorn, Head of  Data Services at LUSH Fresh Handmade Cosmetics. “As it is used by many different parts of the business, QlikView allows us to continually make insights into our company. Some of the shop managers have told us they have had their most profitable year ever because QlikView has brought together the data they need to manage their sales, their stock and their staffing.”

Testing Should not be Testing – 4 Ways to get the Most from your Optimisation Team

By Matt Althauser, European GM of Optimizely

It’s a phrase that’s turned into cliché. “Curiosity killed the cat” itself is a common warning about the dangers of unnecessary experimentation and the perils of the unknown. Its rejoinder is less well-known, though – the full quote is often heard as, “Curiosity killed the cat, but satisfaction brought it back.” For business leaders and marketers looking to improve their websites’ conversion rates, the extended phrase holds true.

Continue reading

The Top 2014 Tech Trends Translated Into Business Outcomes

By Ettienne Reinecke, CTO of Dimension Data

The ICT marketplace is abuzz with talk of a number of disruptive forces set to come into play in the year ahead. This article will share some practical insights on how these trends are playing out in the business context and explain how Dimension Data is helping organisations to put these forces to work to drive profitability and competitive advantage.

Continue reading

Predictions 2014 – Are You Preparing for Smart Wigs in the Enterprise?

By Alessandro Porro, Vice President of International Sales at Ipswitch, Network Management Division

The effect of wearable technology on the corporate network in 2014

Seriously, wigs?

Sony has filed a patent application for “SmartWig”, as companies continue the tousle to lead the way in wearable technology. It says the SmartWig can be worn “in addition to natural hair”, and will be able to process data and communicate wirelessly with other external devices.

Continue reading