Tag Archives: Vulnerability

How Do You Take on Additional Business When You Are Capacity Limited? Seven Suggestions

Situation: A Company has been growing rapidly over the past year. This has strained resources in some departments, including manufacturing. New customer demand just keeps coming in. What can the CEO do to meet customer demand without busting at the seams? How do you take on additional business when you are capacity limited?

Advice from the CEOs:

  • There are three questions to be asked before taking other steps:
    • Is it possible to expand manufacturing by outsourcing?
    • Can the company just hire more people?
    • Is the business that the company is getting good profitable business?
  • First, what a great problem to have – not to belittle the challenge that the company faces.
  • If there is concern about the company’s vulnerability to future downturns and the company is holding off adding staff because of this, look for a filler product that can help the company to smooth business cycles.
  • Farm out constrained work to other departments of the company – for example engineering. Are there independent entities that the company could partner with to add temporary capacity?
  • If there are financial constraints, then look at adjusting the pricing for new business.
  • If there are conflicts between capacity in manufacturing and engineering, consider becoming more of an engineering-focused firm and invest in this area. Look at outsourcing manufacturing capacity.
  • Look for sources of temporary capital to fund the company through the adjustment. Use an existing bank line of credit or a loan to finance short-term capital needs.

[like]

What’s the Optimum Business Strategy: Going Broader or Deeper? Five Points

Situation: A CEO wants to expand her company’s business base, either by diversifying its client base, or by going deeper into current clients. What are some of the key questions that should be considered as they evaluate these two alternatives? What’s the optimum business strategy – going broader or deeper?

Advice of the Forum:

  • If the company diversifies, what will be the perception of current clients?
    • Will they see this as more or less beneficial to their interests?
  • What are the most important objectives – what is leadership trying to achieve? Does the response to this question weigh in favor or one or the other alternative?
  • Analyze the available markets, as well as the company’s current share of the existing market. Is the company the dominant player in its market or is there still ample growth opportunity by investing in deeper penetration of the existing market?
  • Are there important vulnerabilities regarding the current client base? Is the company too dependent on a small number of customers? What will happen if key customers decide to choose another vendor or to develop internal resources to meet their needs?
  • For the option to go deeper into the current client base, what is the resource match between the objective and current resources?
    • Do current employees have the appropriate competencies?
    • What is the available time and dollars to pursue the market?
    • What is the ROI target and what are the risks?
    • Does the company have the right infrastructure to pursue the market, or will it require developing additional infrastructure? What is the cost of development in time, money and resources?
    • It is an area in which the company can excel, and does it align with the passion and drive of the current business focus?

[like]

How Do You Establish Performance Metrics? Three Guidelines

Situation: A CEO wants to establish baseline metrics to evaluate company performance, and guide both planning and operations. Without baseline metrics it is difficult to compare the impact of options that the company faces. What are the most important areas to analyze, and what do other companies measure? How do you establish performance metrics?

Advice from the CEOs:

  • Start with the basic divisions of the business. As an example, take a company which has three arms to its business – products that it represents for other companies, products that it distributes, and custom products that it manufactures to customer specifications.  
    • For each of these lines track gross revenue, profit net of direct costs, FTEs necessary to support the business, number of customers, net profit percent, net profit per employee and net profit per customer.
    • Calculate these metrics on at least a quarterly basis for the past 2-3 years to set a baseline and a chart of historic trends.
  • Once you establish a baseline, chart current performance on at least a quarterly basis and look for trends and patterns.
    • Where is your greatest growth and greatest profitability – not just on a global basis but in terms of profit per customer and profit per employee?
    • If you’ve included your full costs including the costs of the FTEs to support each business, then the analysis should show you where you want to invest and what it will cost you to support additional investment.
    • Do a similar analysis of costs per line to further support investment analysis.
  • This analysis will help to evaluate whether it is better to purchase another rep line, or whether you would be better off investing the same funds to grow custom business.
    • Similarly, it will demonstrate on what kinds of customers and products you want your sales force to focus to grow profitable business and will help you to establish objectives based on anticipated revenue or profit per new customer that sales closes.
    • Finally, it will highlight potential vulnerabilities such as the impact of the loss of a key customer in one portion of the business.

[like]

What Is Changing The Game in Network Security?

Interview with Philippe Courtot, CEO, Qualys

Situation: Companies experiencing security breaches and data theft are regularly in the headlines. Those launching these attacks are increasingly well organized and very creative. What is changing the game in network security and how can you respond?

Advice from Philippe Courtot:

  • The movements from enterprise software to Software as a Service (SaaS), and from mainframes to PCs to mobile devices increase the challenges of protecting enterprise environments. Therefore, a cohesive technology platform is imperative.
  • Companies are sensitive to the possibility of attack at any time. There are three principal attack vectors: breach through web applications, breach through email and browsers, and breach by device. Between PCs, iPhones and Android devices, the PC is the most closely linked to the corporate intranet while often the most vulnerable because users are lax about updating their systems and applications.
  • Attackers often target a company executive or high level administrative assistant to access the user’s profile and passwords.  In one type of attack called spear fishing, the attacker creates emails tailored to the person targeted appearing to come from a colleague or friend. When the target clicks on the email, a small piece of code is inserted in the computer, which can give control to the attacker. Another way to gain control of a computer is through physical access. An attacker can learn about a pending vacation via Facebook or twitter, providing an opportunity for home invasion. Once the attacker has access to the computer, they can plant a control program on the system. When the user returns, the attackers can make fast, brief forays inserting additional code or taking data from the enterprise network. They may use the information themselves, or sell it to others.

Given these new realities, how does a company prevent attack?

  • First, the company must thoroughly analyze and understand their vulnerabilities which are all potential entry points for an attacker. Once vulnerabilities are mapped, work on a schedule to remediate them.
  • Second, you must educate all users about the threats. This is especially critical for any personnel who have access to secure company data.
  • Third, invest in and build additional defenses to shield all remaining vulnerabilities. Make sure that employees are drilled on the defenses and that they are used. One growing trend is the use of two factor authentication, requiring employees to carry token generation devices with them to use in addition to their password. These tokens can be delivered by smart phone.

You can contact Philippe Courtot at [email protected]

Key Words:  Network, Security, Breach, Data, Theft, Response, Mainframe, PC, Mobile, Enterprise, Environment, Criminal, Government, Attack, Vector, Social Network, Email, Browser, Web, Application, Device, Spear Fishing, Executive, Assistant, Profile, Password, Vulnerability, Educate, Defense, ID

[like]