Consulting & Professional Services

Consulting & Professional Services
How do you work with clients when it comes to change management?

Top Answer: We follow agile ways of working in terms of how we advise our customers and what we want them to adopt. We start with initiatives, such as a new technology that we are trying to dock, and we build those initiatives into work streams. We create backlogs, which could be innovation backlogs or part of a product backlog.  So how do you adopt agile ways of working and incorporate change management as part of your safe, agile process? Every initiative is carved into multiple work streams, which may have multiple sprints. As part of the definition of “done”, traceability back to the initiative is critical. As part of our delivery excellence charter, we have a transparent dashboard that visually depicts our team metrics, initiative coverage to sprints and many more to track success to initiatives.

What's it like to be a consulting CIO?

Top Answer: I never aspired to be a consultant or advisor, I just fell into running a small consulting business. I used to think it would be very frustrating to give advice and not be able to put my ideas into action, but I've actually found the opposite to be true. I have the fortune to work with companies that really seem to value the guidance that I'm giving them, and most of the time they try to do something with it.

How do you differentiate your services in an enterprise when the market is so crowded?

Top Answer: It's a bit difficult to differentiate. We mostly sell to enterprises and the majority of my customers are coming through my own network, which I have because of the two startups I’ve done. These are companies making products that are still in the essence stage, but a few of them are larger companies from the US. I'm working with their products and helping to build these small connectors. But it's difficult for me to differentiate between the real enterprises and these small companies that are trying to do an operational support system (OSS).

Has anyone worked with a consultant for trade promotion management (TPM)? Any advice or recommendations for getting started?

Top Answer: Trade Promotion Management & Optimization is a very critical tech-enabler for the Sales Support Ecosystem. If you are in India, reach out to Accenture for their consulting services around the  Trade Promotion Management & Optimization. 

Related Tags
What do you do when a business won't follow your cybersecurity recommendations?

Top Answer: You have to treat those situations with the same disposition a doctor would have. I've done over 200 assessments around the globe, often in organizations that are seen as mission-critical to the country they’re in. It’s often a massive enterprise that’s responsible for the country’s gross domestic product, so I don't take it personally when they take my report and put it on a shelf. I did everything I could; I learned about the system and its makeup. It’s just the nature of the beast. 

How do you foster a collaborative dynamic when assessing another organization’s cybersecurity?

Top Answer: I made some great friends doing cybersecurity assessments. I can pick up a phone in a foreign country and never need to worry about a meal. It's amazing the way a community rallies around itself, but that comes with a certain level of diligence and discipline, where you're each able to demonstrate to the other that you're not there to make them feel bad. You're in the trenches with them, trying to do the same thing for the same team. You just have a better vantage because you’re the mercenary who has been out there, seeing the world as it is. That gives you the ability to make a more effective decision.  Then you could even be asked to be a SANS instructor based on your community impact because you approach it with an agnostic view, and you're able to remove the ego from what you're trying to achieve. That allows you to assess the individual, team, or institution as a whole and say, "It's not about this one factor of the multi-factored Swiss watch of the customer security program. I don't care about that one cog. I care about the entire watch piece." That creates a different dynamic. It used to be that when I would come in to perform a forensic assessment on an organization, the legal liability of that risk was identified as the “Joe factor” as we would witness factors that other tools left behind by using our methodology. People in those organizations thought, “If that person sees too much, he needs to go because he understands exactly what's broken. If we have to dismiss this individual, we are in trouble.” So there is a certain approach that you need to bring in as the outside party to bridge the gap between acting in the best interests of all involved.

Can hiring a part-time or "fractional" CIO be an effective solution for startups or SMBs?

Top Answer: It can be a good solution for a startup and SMB. The advantage is that you control the cost and can potentially attract more senior CIO who perhaps is not ready to move to your organization on a full-time role.  I have seen organizations hiring vCISO and some offering vCISO as a service. The same can be applied to the CIO position. The critical part here is to have a way to ensure they have the dedicated time and focus for your startup/SMB.