Spotlight on Innovation
Posted by Tate Hansen Mon, 19 Feb 2007 05:12:00 GMT
I read a WSJ Opinion article today by Harold Evans titled “The American Way” which, in a sense, paralleled the ideas presented by Tom Kelly’s recent presentation at RSA around innovation.
From WSJ:Efficiency, once the be-all and end-all, is no longer considered enough for survival in the world economy. In a global marketplace, efficiency – and the cost cutting associated with it – is essential but may not be enough when competitors in China and India can discount you to death with demographics.
That got me to thinking in our industry how often we see claims of “innovation”, but which are really not.
We should reserve the terms ‘innovation’ and ‘innovators’ for real change and not confuse it with different functions.
[…]
Entrepreneurship, the assumption of risk, may not be innovative at all. You assume risk if you open a new auto dealership, but this is not innovative unless you are the first.
Blend in the key points from Tom Kelly’s presentation (or books) and you’ll see how powerful it is to continually aspire for true innovation.
“Tom has observed a number of roles that people can play in an organization to foster innovation and new ideas while offering an effective counter to naysayers. Among these approaches are the Anthropologist, the person who goes into the field to see how customers use and respond to products, to come up with new innovations; the Cross-Pollinator, who mixes and matches ideas, widely disparate people, and technologies to create new ideas that can drive growth; and the Hurdler, who instantly looks for ways to overcome the limits and challenges to any situation.”
Tying this back to the security industry, I’ve been stricken with the illness inducing problem of inspecting massive data sets for important events. A real innovative breakthrough to me would be if someone built an easy-to-use and easy-to-manage system (one that accepts all possible data sources) that handles the crushing volume of disparate events on enterprise networks while truly notifying me of only important events.
To cite a small example, I’m installing several pieces of “security software” for a client considerate of threats: Snort, OSSEC HIDS, Central Log Aggregator, etc. I’ve played with several products which purport to do all I wish, but none of them are succeeding or innovating to me – none feel like they are offering real change or doing something other than offering different functions. Maybe I’ll try the Hurdler role for some time to see what I can do.
How about trying to play a role?
