Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - Khan Ehsanul Hoque

Pages: [1] 2 3 ... 37
LightCastle Business Confidence Index (BCI) 2022-2023

The Business Confidence Index (BCI) 2022-2023 report assesses the sentiment of 167 key industry leaders in Bangladesh’s economy across 25+ industries, including MNCs, local conglomerates, start-ups, and SMEs. The study reflects the country’s journey amid the global geopolitical turmoil, in particular, affected by the Ukraine-Russian war.

Despite facing structural shifts, Bangladesh’s private sector has shown a positive outlook in cumulative business sentiment – an overall score of +6.69. Interestingly, the local SMEs have fared better (+14.91) than local conglomerates and MNCs (+6.31). The difference in scores is mainly driven by external factors as the performance of the larger organizations tends to fluctuate more significantly with the changes in the global market.

Source: Business Confidence Index (BCI) 2022-2023

While the 2023 BCI remains positive, it is relatively lower than the previous year (+28.69), indicating a subtle deceleration in overall business sentiment. Slower economic growth, rising costs, and reduced consumer demand have contributed to a lower but positive confidence index this fiscal year.

Source: Business Confidence Index (BCI) 2022-2023

Download full Report:


Teaching AI to behave is the fastest-growing career skill

How important has prompt engineering become among IT skills?

So important that Erick Brethenoux, an adjunct professor at the Illinois Institute of Technology, said all of his engineering graduate students have put artificial intelligence (AI) prompt-engineering skills on their resumes and LinkedIn profiles. They know that’s what businesses now want.

“It’s critical. Prompt engineering is a very important part of what’s coming, not just for OpenAI, Google, Amazon, and Microsoft, but also for all the open-source models,” Brethenoux said. “They’re going to go into the workforce, and they need to master that technology one way or another.”

That anecdotal evidence is echoed by LinkedIn data, which shows a stark rise in the demand for prompt engineering, with more than 10,000 job offers mentioning it for various positions — and around 100 explicitly seeking a "prompt engineer."

Since the start of the year, LinkedIn has seen on average a 75% increase each month in members worldwide adding terms like “GAI,” “ChatGPT,” “Prompt Engineering,” and “Prompt Crafting,” to their profile, a spokesperson said. The number of LinkedIn members who have, or have been holding, "head of AI" positions has nearly tripled in the last five years.

AI and Machine Learning Specialists top the list of fast-growing jobs, followed by Sustainability Specialists, Business Intelligence Analysts and Information Security Analysts, and Renewable Energy Engineers, according to a survey by to the World Economic Forum.

Prompt engineers can earn a healthy six-figure salary — up to $335,000 a year. That’s because prompt engineering is needed to improve human-machine interaction with genAI tools; learning about the foundational technology — large language models (LLMs) — provides the best possible responses to queries.

The need for skilled prompt engineers is growing rapidly — as fast “as GenAI applications are being considered and piloted,” according to Avivah Litan, a vice president and distinguished analyst at Gartner Research.

“We think it’s important for enterprises to train their existing developers and software engineers on new prompt-engineering techniques," she said. "It isn’t easy to get good results out of genAI models unless you are skilled at data preparation and process flows for prompting models effectively.

“But you don’t need to run out and hire new staff for it — you likely need just a handful of specialized prompt engineers to jumpstart the development process and to help train other motivated and competent engineers and developers already in your organization.”

While every university around the world will eventually be training engineers, developers and others on prompt engineering, Brethenoux, who is also a distinguished vice president analyst at Gartner, agrees that organizations today should focus on upskilling existing employees. “People you already have have domain experience," he said. "You already have technology experts there. There are people working together who already know your business problems."

At the moment, online learning platforms such as Udemy, Coursera, and Code Academy are the best places to turn for upskilling or reskilling employees, Brethenoux said.

Over the past five months, Coursera has launched four courses on the topic, and it has enrolled more than 170,000 students in them, according to a spokesperson. Coursera’s programs include Prompt Engineering for ChatGPT from Vanderbilt University; ChatGPT Prompt Engineering for Developers from DeepLearning.AI; Prompt Engineering for Web Developers from Scrimba; and AI Foundations: Prompt Engineering with ChatGPT from Arizona State University.

Interest in the subject is so intense, in fact, that ChatGPT creator OpenAI, and well known AI scientist Andrew Ng — cofounder and head of Google Brain — also launched a course called ChatGPT Prompt Engineering for Developers.

And in the business world, companies such as EY, NTT DATA, Datasumi and eDreams have already created prompt engineer job titles, according to Forbes.

Kim Curley, vice president of People & Organization at NTT DATA, said her company has always created new jobs in response to disruptive technologies, and the position of prompt engineer will allow them to take advantage of emerging tech, particularly in the AI spaces.

"As all of us have seen, there’s a wide variety in the quality of the outputs from AI, and that quality has a lot to do with how we ask the questions we’re looking for answers to," Curley said. "Prompt engineers need to understand not only the underlying data that they’re querying but also the context of the answer that they need. This is a hot job and one that will increase in importance as more organizations are able to use AI."

Upskilling an existing employee, Curley said, is also the way to go when creating the position of prompt engineer.

"The need to understand context for the question and answer gives people who are already working with your data and in your business a big head start to be successful, particularly as AI has a way to go in terms of consistent quality," Curley said. "That said, we see these skills starting to be taught in traditional educational channels now, so expect this role to expand to newer hires who are earlier on in their careers."

So, what are LLMs and why do they need training?

LLMs are the deep-learning algorithms — neural networks — most often characterized by their massive storehouses of information. LLMs can have millions, billions and even trillions of parameters or variables. Essentially, LLMs are next-word generators, and training them to choose the most appropriate response for a given query is the job of a prompt engineer.

“Think of it as the process of interacting with a machine to get it to produce the results you’d like,” said Sameer Maskey, a Columbia University AI professor and CEO of Fusemachines, an AI consultancy.

While most LLMs such as OpenAI's GPT-4, Google’s LaMDA or Hugging Face’s Bart are pre-filled with massive amounts of information, prompt engineering allows genAI tools to be tailored for specific industry or even organizational use.

Over time, massive, amorphous LLMs such as GPT-4 are expected to give way to smaller models that are less compute intensive and more domain specific, allowing more compact LLMs to gain traction in any number of vertical industries. When that happens, prompt engineering will become even more critical.

“One of the biggest focus areas from a research perspective is how to get similar accuracy out of an LLM without having to use millions, billions, or even trillions of parameters,” Maskey said. “GPT is not going away, but on the back end, it may get smaller.”

In the most basic sense, prompt engineering, or designing questions or tasks for AI, requires five “high-level” considerations, according to Maskey.

Context — Provide the AI engine a specific sphere of vertical tasks, such as financial services, healthcare or manufacturing.
Give it the task itself — For example, ask it to return a list of all geographies where diabetes is found in 20% or more of the population.

Specificity — Narrow the scope of answers. Ask the AI tool to create a list versus an image, for example.
Fine-tuning process — Ask AI to elaborate on its answers to determine accuracy.

Retuning — If answers are not right, ask it for more information or to elaborate even more.
Prompts can be multimodal. For example, you can write a prompt to elicit text about an image into a two-stage framework. In that scenario, prompt engineering could be used to gain insights about radiological images; a prompt engineer inputs radiological images and the AI engine parses them to show acute conditions that need greater analysis by radiologists and physicians.

“Based on what you’re entering, it could be a text-based window, a coding platform where you're using snippets of code as prompts," Maskey said. "You could be uploading images or videos, and so forth."

One advantage with genAI is its accessibility to non-tech employees — that is, employees don’t necessarily need coding chops, Maskey said.

“For example, if you want build a linear regression model on your system or some kind of statistical analysis on a given data set — before, business people couldn’t, because they didn’t know Python, for example. There are a lot of instances where non-engineers would get a lot of advantages out of being able to do statistical analysis on datasets. Now, they can.”

Today in Tech ep. 93: How will we prepare for AI in education, training?
Prompt engineering, Maskey said, will some day be akin to learning how to use an Excel spreadsheet, which today is useful across many business units or departments.

Gartner’s Litan believes prompt engineering will eventually be folded into application engineering and software developer career streams. “It will be a required skill for the future, but it will not be a separate career stream,” she said.

Cloud providers are also expected to launch prompt-engineering services, according to a new report from Forrester Research.

“In 2024, all of the hyperscalers will announce prompt engineering," Forrester said. "However, enterprise adoption will be limited. Due to incomplete contextual data and limited experience in natural language and prompt engineering among data scientists, the cloud provider’s first-gen prompt engineering services will not suffice to address the tailored finetuning needs."

Even so, at this point, developing prompt engineering skills is mostly “learning by doing at this point because there’s no book on prompt engineering," said Brethenoux. “What kind of expertise do we have in just nine months' experience [with genAI tools]?” he said. “So, the main thing is about building an AI literacy program within an organization, and then start upskilling people.”


    Tips for Selecting the Right Tools for Your Security Operations Center

    Deciding when to invest in tools and selecting the right ones for the modern SOC is challenging. Can a tool serve multiple purposes or is creating robust processes the answer? Security and risk management leaders should use this research to make pragmatic decisions.

    Key Findings

    • Security operations center (SOC) owners struggle to identify the right technology investments for their security requirements, instead chasing the latest and greatest technologies that may dilute, rather than enhance, the efficacy of their SOC.
    • Looking at peers with SOCs or trying to benchmark against others in a vertical is of limited use. Each SOC is constructed to meet its own organization’s nuances, security use cases and current and target maturity level.
    • There is a misconception that technologies powered by artificial intelligence (AI) and machine learning (ML), or any that promise to fully automate your SOC, would magically transform an SOC from low maturity to high maturity overnight. Tools alone won’t solve all SOC challenges.
    • Security alert triaging is not just a challenge for the security operations center (SOC), but remediating an escalation is an organizational duty.
      Your SOC needs trained staff, processes and fine-tuned workflows to use and operate tools that support its goals and capabilities.


    • Prepare the SOC team and relevant stakeholders for a process-driven evaluation with a “premortem” analysis to reduce the chance of failed projects.
    • Align the tool selection process according to the target operating model and goals of the SOC, avoiding premature investments in tools perceived as “advanced.”
    • Make technology investments that match business risk requirements, IT roadmap such as public cloud and SaaS adoption, available staff skill sets and enhance areas of the SOC with operational challenges.
    • Involve stakeholders beyond the security team when making decisions on security tools. There will be security alerts that will need other areas in the business involved to help rectify the escalations.
    • Be flexible during organizational and business changes because new workflows and tools to support changes to processes and capabilities might be required.

    SOCs are like snowflakes because no two are alike. Many have yet to achieve their desired maturity level and target operating model. For those who have achieved their ideal maturity level, they still must react to changes like more evolving threat landscapes; digital business initiatives; and mergers and acquisitions. These factors will influence the current and future technology investments required for a modern SOC (see Note 1).

    However, SRM leaders may not consider these factors and instead purchase tools based on short-term needs or as rushed, reactive responses. An example is adding endpoint detection and response (EDR) for a ransomware event, as opposed to investing in security awareness and training to reduce the impact from employees launching malicious attachments sent via phishing emails.

    Leaders need to consider how new tools contribute to the SOC’s mission and enhance, rather than complicate, the work performed by SOC staff, given the burdens already placed on these, typically short-staffed, teams (e.g., analysts, engineers, threat hunters and incident responders).


    Tip No. 1: Prepare the SOC Team and Relevant Stakeholders for a Process-Driven Tool Evaluation With a Premortem Analysis

    Security leaders must educate stakeholders that new detection techniques or technologies do not mean that threat detection will be dramatically better. Many of these new techniques or technologies will be able to improve only a subset of the threat detection use cases required. They will not be able to completely replace the tools that are utilizing more common or traditional approaches (e.g., correlation-based analytics).

    Before purchasing tools for the SOC, SRM leaders should understand why, where and how the SOC would benefit from the technology. Understand the organization’s use cases, what threats the business is concerned about and how the tools can help enable protection and additional benefits. Many different security technology tools enable the application of AI through the use cases required (see Infographic: AI Use-Case Prism for Cybersecurity).
    • Is the SOC using AI to enhance the level of threat detection through specific use cases, whether it is data loss prevention or insider threat?
    • Will the SOC be using AI to manage a required repeatable task for which resources are limited?

    Then, they should perform an honest premortem assessment to determine whether they have the expertise to operate and use these tools over time. Conducting a premortem assessment will assist SRM leaders in identifying any future issues and reflect openly and honestly about any shortcomings in tools with the SOC and specific gaps in process or team structure.

    Why do projects fail or not live up to their promises? It may be due to scope; the technology itself (e.g., vendor claims were not confirmed during a proof of concept); the implementation of the tool; or the lack of resources and expertise to run the tool once deployed.

    For example, Gartner clients with an existing SOC that has reached an adequate maturity level commonly ask:
    • Do I upgrade to a modern security information and event management (SIEM) tool?
    • Should I buy X instead (EDR, NDR, CSPM, XDR)?
    • Should I build a data lake, create my own ML analytics capability and build my own security orchestration and automation on top of those other two components?

    The unhelpful, but always true, answer is, “It depends.” As part of a project to bring tools into the SOC, a solid understanding of the scope, technologies being considered and affected processes is required.

    SRM leaders can improve the odds of selecting the right tool for the organization by gaining consensus during a premortem analysis on what could go wrong and which success metrics should apply to a project. The premortem can also serve as an early-stage vehicle for collecting initial use cases and requirements. Those can be further refined as part of the formal project definition and approval cycles.

    Types of questions that SRM leaders should be asking as part of the premortem analysis are:
    • What is the outcome we require for the selection of this security tool?
    • What are the requirements for planning this project?
    • Do we have to hire additional resources to complete this project?
    • Do we have the correct skills internally aligned to the security tool to implement and transition to support?
    • Are we concerned about the timelines of this project?
    • Could and how would we miss milestones within this tooling project?
    • Can we implement any lessons learnt from other tool implementation projects to apply to this?
    • How are we going to track this project?
    • What is the operational cost to incorporate a new security product in the program?
    • Can the adoption of the new security product displace current legacy security products and processes? If yes, what are the potential cost savings?

    Tip No. 2: Align the Tool Selection Process According to the Target Operating Model and Goals of the SOC

    Every SOC should have a defined target operating model that describes the mission, responsibilities and timelines for achieving various goals and levels of maturity (see Create an SOC Target Operating Model to Drive Success). SRM leaders should use the target operating model as the key reference document as well as the existing technologies, people with expertise, and plays (or processes) in a SOC playbook.

    Armed with this, they should ask some key questions to determine which technologies would advance the mission and capabilities of the SOC, including:
    • What are our top priority concerns (i.e., risks, threats)?
    • Who will consume the security outcomes we are trying to deliver?
    • How can we identify known gaps in our SOC (see Table 2 in How to Build and Operate a Modern Security Operations Center)?
    • What are our SLA goals and what time frames should we set to reach them?
    • What technologies do we have already?
    • How well will the new technologies integrate with our existing toolset and processes?
    • Where is their headroom in the resources and expertise we have available?
    • Do we have applicable security use cases or processes? Are they well-documented? Are they optimized?

    An organization building an SOC should prioritize technology purchases to get real-time monitoring capabilities to better understand what is happening when observing the consequences of the event. This first level of visibility, while potentially limiting the SOC to reactive activities, is necessary.

    SIEMs used to be the first tool purchased when tackling a modern SOC journey.

    Today, more focused tools, such as EDR or NDR, or alternate platforms, such as XDR, try to compete with SIEM as a first purchase of a nascent SOC. Simultaneously, SIEM technology expands, including capabilities from UEBA, SOAR, Log Management, Threat Hunting and case management products, creating a superset of SOC capabilities available in a single platform.

    As the SOC matures and learns, it will build the processes to treat basic incidents, and it will start to differentiate alert treatment based on their impact. Additional tools might help at this stage to speed up initial assessment, with individual alerts being aggregated and augmented with additional context.

    More mature organizations may need to strengthen their ability to perform root cause analysis of the incident and elimination of the threat. They want to ensure that when they close an incident, the risk of recurrence is properly handled.

    Threat detection, investigation and response (TDIR) is a set of three core capabilities required by operational teams:
    • Threat detection: real time or near real time
    • Investigation: ad hoc, threat hunting and forensic
    • Response: manual and automated

    The set of TDIR capabilities increasingly represents the real world requirements for how tools within a SOC should contribute to the SOC mission and strategy providing integration and efficient process execution. An example of how the requirement for TDIR is influencing SOC operations is in the evolution of the SIEM to become all-in-one SOC platforms.

    • Monitoring and threat detection
    -Broad-based visibility and threat detection capabilities (e.g., an SIEM tool with advanced analytics like user and entity behavior analytics)

    -Endpoints (e.g., EDR)

    -Networks (e.g., network detection and response [NDR])

    -Cloud (e.g., security service edge [SSE] and cloud-native application protection platforms [CNAPPs])

    • Threat Intelligence

    Capabilities that deliver evidence-based knowledge about existing or emerging menaces or hazards to the organization’s assets
    This information can be obtained by threat intelligence portals, indicators of compromise (IOC) or reporting delivered by the provider
    Threat intelligence can also be intertwined with security alerts with other products to provide rich contextual information of the alert

    • Detection Engineering
    -Automation; incident management and response; and threat intelligence (e.g., security orchestration, automation and response [SOAR])
    • Incident Response and Hunting
    -Automated blocking of known threats when risk of false positive is negligible (e.g., extended detection and response [XDR])
    Alert aggregation into correlated security incidents (e.g., EDR, SIEM and NDR)
    Enriched search engine for in-depth investigation (e.g., SIEM and NDR)


    Tools for a New SOC or Converting From an Outsourced to Insourced Situation

    Smaller or newly formed SOCs, or those that were previously outsourced where the technology was given by the provider, often start with SIEM or log management solutions. This is necessary to start seeing what is happening in the organization, leveraging logs from network and endpoint security controls already in place, and possibly from other sources based on criticality to the organization (e.g., domain controllers, cloud infrastructure, critical applications and externally exposed assets). Some cloud-native or cloud-first enterprises may prefer cloud security products such as CNAPP to address the needs (see Emerging Technologies: Future of Cloud-Native Security Operations).

    The need to have a common repository of incidents could be addressed within an SIEM tool or within IT’s case management or service desk tool. Using the capabilities of an SOAR tool can be considered if the incident and case management capabilities in the SIEM do not have the correct integrations, or there are security and privacy concerns with using the IT service desk tool. Not every “greenfield” SOC will have the resources (i.e., budget, people and time) to implement a security incident response plan (SIRP) at the beginning. However, it should be strongly considered at the start of instrumenting the SOC, rather than trying to bolt it on later in the SOC building journey.

    If security and privacy concerns make the IT service desk tool inappropriate and if the preferred SIEM tool lacks good enough case management capabilities, security leaders will face an early maturity bottleneck. They will have to consider an SIEM tool with more advanced case management capabilities, or leverage an SIRP tool or the SIRP capabilities of an SOAR tool, which would normally be beyond their current maturity level.

    Tools for a Maturing SOC

    As the SOC organization builds integrated processes for real-time and near-real-time investigations, additional use cases will become more important. Typically, this includes the ability to allocate resources on threat hunting, with the objective of reviewing the entire “kill chain,” find the root cause and avoid repetition of the same incident.

    SOC teams face scalability challenges. Too many events and too much time spent on investigating complex incidents drive security leaders to seek tools for improving their SOC productivity. The security orchestration and automation and the threat intelligence platform (TIP) capabilities in SOAR tools can help automate many of the time-consuming activities of SOC and threat intelligence analysts, as well as support threat hunting activities.

    Tip No. 3: Make Technology Investments That Align With Security Outcomes

    Most organizations start their SOC journey with an evaluation of existing security controls. When they feel the need to purchase a specialized tool, they face a paradox of choices and too many possibilities in the market. Gartner sees many organizations select a tool primarily to solve the most recent security incident because they get a budget right after the event. They have the mandate to “make sure it never happens again,” and pick the shortest path.

    However, even if the preferred tool might provide value, it might not be the right time to add more tools, given the current maturity of the SOC. One frequent reason is the lack of available resources and expertise on the team to leverage the tool. It might even affect the budgeting model for the SOC by spending too much in one area while neglecting others.

    There are three categories of improvements where an SOC can invest in tools: visibility; analysis; and action, recovery and management. Investments can further be mapped as needed to items like the NIST Cybersecurity Framework.

    Identify: The SOC is dependent upon reliable information about the risks, threats and environments being used, and assets of the organization (e.g., identities, employees and devices) to be successful. New tools such as cyber asset attack surface management (CAASM) are emerging (see  Hype Cycle for Security Operations, 2022) that can be leveraged by the SOC to have visibility into organizational assets.

    Protect: Modern SOCs are focused on performing threat detection and response but should coordinate with their security operations counterparts to help drive protection activities. Developing and then improving security use cases is critical to success.

    Detect: This is where a majority of investments are made, regardless of the size, scope and maturity of an SOC. Common tools include SIEM solutions, as well as endpoint protection platform (EPP), EDR, CNAPP and NDR technologies. Capabilities like threat intelligence are one example in which being defensively prepared may require tool investments. Adding or maturing this capability could drive the adoption of TIP tools or SOAR solutions with TIP capabilities.

    Respond: There are two components to response. Both are increasingly being addressed by SOAR tools, as well as tools like SIEM, EDR and full packet capture (FPC).

    Triage: There is no security monitoring program that can avoid triage challenges when a security event or incident is identified. The SOC’s objective is to have insight into the priority events to investigate. They then need the relevant context for those events to determine the severity of the potential incident and required response.

    Incident response: Improvements in incident response overlap with the triage work but quickly become a separate field in larger teams. Larger, better-funded SOCs have new requirements and responsibilities, such as finding the root cause, containing or disrupting a threat, and applicable remediation and recovery processes.

    Continuous visibility and verification: While there is no magical tool to predict future attacks, continuous assessment of prevent and detect capabilities is a way to anticipate and quickly identify issues. This is typically the realm of analysts, engineers and responders in the SOC. Breach and attack simulation (BAS) tools can be utilized by the SOC for a variety of purposes, such as validating security controls (for both protection and detection) that are operating appropriately, or continuing test maintenance for content detection.

    In the next few years, many SOCs will abandon at least one of the security monitoring tools they currently use due to a lack of resources and expertise to use the tools effectively. To avoid this eventuality, SOC leaders should align their investment with the ability of the tool to provide value over the long term, considering the benefits to the SOC’s mission. They should then evaluate requirements for resources and expertise.

    The MITRE ATT&CK framework is being leveraged by vendors, but with increasing adoption by end-user organizations, to demonstrate control coverage and threat detection efficacy. There is also the new MITRE D3FEND matrix that is used for cybersecurity countermeasures (see How to Use MITRE ATT&CK to Improve Threat Detection Capabilities).

    Tip No. 4: Involve Stakeholders Beyond the Security Team

    As an organization gets closer to selecting their security tools, or enhancing their existing incumbent, many of the basic principals get thought about last, which are the security alerts and incidents. How will the security alerts and incidents get reported; who will report them and where will they be reported; and how will they be integrated into the organization?

    When purchasing new tools, the buyer will need to include other areas of the organization, but why is this? As noted in Tip 3, incident response is incredibly important for investigation, containment and remediation. The perception of adding an additional security tool into the security team is straightforward to the security professional, but without involving the other areas of the business can be a challenge where remediation is concerned.
    Involving others within the business is key to a successful tool implementation because the escalation decision will be identified and the correct resolver group communicated with. There are no surprises, and the security team’s process will be adapted with the new tooling and the correct resolver group within the business identified. When incidents are escalated and resolver groups identified in the process, the recording of the security incident is streamlined with the process and the correct business resolver group identified.

    Tip No. 5: Be Flexible in Case of Organizational and Business Changes

    If there is one constant in modern organizations, it is that things are changing somewhere. It can be major changes like digital transformation initiatives, where IT is rapidly moving toward use of SaaS and IaaS; mergers and acquisitions; or new regulations. It can be a more minor evolution such as the desire to bring threat detection and response in OT environments into the SOC.

    The key idea is to not treat the SOC as a closed system, but one that is vigilant of the changes to the environment outside of the SOC (for example, at the organizational level, the external business environment and sector it operates in). With this understanding, SOC leaders should then embrace change and new opportunities, when presented, to reengineer, or at least enhance and optimize, the SOC. This is similar to what other parts of IT might be doing when the business wants to “digitally transform.”

    To treat the SOC like a living entity, there should be processes established to address change such as quarterly reviews that baseline and assess the SOC’s capabilities. Other opportunities may include assessing the required capabilities as new business initiatives and strategies are surfaced to security and risk leaders. These situations provide important opportunities to determine how the SOC can support these changes and whether the SOC will need investments to reduce risk to the business from these changes.

    Finally, security leaders must seek out the critical inputs into any changes required in the SOC. These inputs should come from areas such as continuous performance monitoring of the SOC to uncover trends (both good and bad), postmortems from the completion of projects, strategic information from stakeholders across the business and evaluation of the changes in the external threat landscape.

    “Achieving depth in defense for the most prevalent threat vectors is the foundational step of maturing the role of the organization’s SOC. Integrate continuous threat exposure management (CTEM) to ensure cross-team collaboration becomes standard.”
    SOC leaders must find the balance in improving their detection and blocking capabilities. This should reduce the number of incidents and improve their response capabilities, ultimately to reduce attacker dwell time.



    When Liz Elting was living out of a dorm room in her 20s, she saw a big gap in the translation business. She decided to fill it herself.

    It’s the time of year when we put on our cozy sweaters, watch the leaves change, and grab a warm chai latte with a friend… It’s also when millions of college students have stepped onto campus for the first time. Those first jittery months of college are often the moment when we first start to dream up how we want to make our mark on the world. While some of us changed majors many times as we decided what path we wanted to take, others were laser-focused on their futures from day one. We’ve all heard stories of successful entrepreneurs who got their start in their college dorm rooms — Bill Gates, Mark Zuckerberg, and Liz Elting.

    Liz Elting is the founder of TransPerfect — now the world’s largest language translation company — which she launched in an NYU dorm room in 1992 without any outside funding. Her mission was simple: to provide the highest quality language services to leading organizations worldwide.

    The company now has over $1 billion in revenue and offices in more than 100 cities worldwide. Liz shares what she learned about creating a company from nothing in her new book: “Dream Big and Win: Translating Power Into Purpose and Creating a Billion-Dollar Business.”

    Liz loved learning new languages from an early age, and grew up studying Portuguese, French, Spanish, and Latin. After college, she moved to New York and immediately got a job at a translation company — but quickly started to notice that things could be done better. “A client would call up and say, ‘I need this five-page document translated, how long will it take?’ And I would say a week but I knew it could be done in one or two days if that’s what they really needed,” she says, “And I also thought we needed a local presence because our clients were around the world and I could envision a company with offices around the world.”

    She went to business school and after a short stint on Wall Street, decided to create the translation business of her dreams. The only problem was funding. “I thought, we are not in a position to work on getting funding. We don’t have time to create this complicated business plan. We just need to sell,” Liz said. So that’s precisely what she focused on from day one – making 300 phone calls in a day, and working 120-hour weeks until her company was able to move into an office space and hire its first employees.

    Listen to the episode to hear the qualities Liz Elting was looking for when hiring her core team of employees, why she decided not to take venture capital money, and what lessons she learned from eventually selling the business to her ex-fiancé.

    How She Does It is bringing you stories like these, that celebrate female risk-taking in business and beyond, every Monday. Listen and subscribe on Apple Podcasts! And don’t forget to share with a friend if you’re loving the show!


    The impact of early entrepreneurship education on financial literacy

    By Swati Gauba

    In a world marked by the swift evolution of technology and economic uncertainties, the imperative need for financial literacy stands paramount. Educators are increasingly recognising the potential of early entrepreneurship education as a robust tool for instilling financial acumen in the younger generation. Early entrepreneurship education can have a lasting impact on fostering financial literacy and equipping students for the intricate financial landscapes they will encounter as they grow.

    Cultivating a Mindset of Resourcefulness:

    Learning about starting your own business early on is more than just understanding financial literacy basics.  In regular classes, financial literacy lessons are often like learning recipes without ever cooking. Early entrepreneurship classes, though, are like cooking classes where you actually make the dishes. Students don’t just hear about budgets, investments, and risks—they get their hands dirty by doing projects that are akin to running a small business. It’s like learning to ride a bike by actually riding, not just reading about it.

    This hands-on approach helps students build a strong foundation for making smart financial choices and develop a mindset of resourcefulness. It’s like giving them a toolkit full of practical skills. So, when the economy changes, or life throws a curveball, they’re not stuck. They can adapt and make wise financial moves because they’ve learned the real deal, not just theory.

    Risk-Taking and Decision-Making Skills:

    Imagine teaching kids about starting a little business and taking risks – it’s like showing them how to ride a bike. Early on, they learn this thing called “calculated risk.” It’s like when they decide to pedal faster or slower, figuring out what works best.

    Think of it as a fun game they play in school. Left or right, they have to decide. If they go left, what could happen? If they go right, what might be the outcome? It’s like playing a game together, figuring out the best moves.

    Now, when they’re all grown up and handling money, they’re not scared. They’ve played the game of risks and choices. They know how to plan ahead, like superheroes plotting their next adventure. The financial literacy skill is like their superpower, helping them make smart decisions. So, teaching kids about entrepreneurship and financial literacy early on is like giving them a super toolkit for life.

    Financial Independence and Empowerment:

    Learning about budgeting, saving, and making informed choices equips kids with the foundational knowledge needed for managing their finances. Teaching them financial literacy is like showing them a roadmap for their money journey. They learn to plan ahead, set goals, and work towards financial milestones. When kids engage in activities like chores or small ventures, they not only earn money but also learn the value of work and investment. This early exposure sets the stage for responsible financial behaviour. As kids grasp financial concepts, they become more confident in handling money matters. This confidence is a crucial component of financial empowerment. Financial education often breaks generational cycles of financial instability. Kids empowered with financial literacy can influence positive financial habits within their families and communities.

    Encouraging Innovation and Creativity:

    Entrepreneurship education introduces students to calculated risk-taking. Encouraging them to try out new ideas and take risks fosters a culture of experimentation. Innovation often arises from trying and testing new concepts. Understanding financial literacy requires critical thinking and informed decision-making. These skills are transferable to various aspects of life, including innovation. Students learn to analyze situations, weigh options, and make decisions, which are crucial aspects of creative thinking. Entrepreneurship education often involves practical experiences such as running small businesses or engaging in projects. These hands-on experiences provide a fertile ground for creativity. For example, students running a small business might need to come up with innovative marketing strategies or find creative solutions to operational challenges.

    Long-Term Economic Impact:

    Early exposure to financial concepts helps students develop positive financial habits from a young age. These habits, such as saving regularly and making informed spending decisions, tend to persist into adulthood, contributing to long-term financial well-being.

    The long-term economic impact of introducing financial literacy in schools at an early age is the cultivation of a financially savvy generation that is more likely to make informed, responsible, and strategic financial decisions throughout their lives, thereby positively influencing their own economic well-being and contributing to the broader economic health of society.

    As we look to the future, integrating entrepreneurship education into early learning environments emerges as a transformative strategy for building a financially savvy and economically resilient generation.

    In conclusion, the benefits of early entrepreneurship education are multifaceted. Beyond merely imparting financial knowledge, it nurtures a mindset that is crucial in the face of an ever-evolving economic landscape. By fostering resilience, encouraging practical application, and promoting innovation, entrepreneurship education becomes a cornerstone for the development of financially literate and economically empowered individuals who are poised to make a lasting impact on both personal and societal levels.


    Entrepreneurial cognition: A key factor that differentiates successful entrepreneurs

    Entrepreneurial cognition is a field of study that delves into the cognitive processes, mental frameworks, and decision-making mechanisms that drive entrepreneurial behavior. It is the knowledge structures that people use to make assessments, judgments or decisions involving opportunity evaluation, venture creation and growth.  In the dynamic and competitive world of entrepreneurship, understanding the mindset of successful entrepreneurs becomes paramount to unlock the secrets behind their achievements. The key factor that differentiates successful entrepreneurs from unsuccessful or less successful entrepreneurs is the entrepreneurial cognition.

    The field of entrepreneurship has been studied from a psychological perspective but little attention has been given to cognitive perspective. The cognitive perspective in entrepreneurship emphasizes the role of the human mind in shaping entrepreneurial behavior. The cognitive approach involves studying specific types of cognitions that play a significant role in explaining entrepreneurial behavior, business success, and how entrepreneurs can be distinguished from non-entrepreneurs. Researchers adopting this approach emphasize that cognitive aspects are crucial in setting entrepreneurs apart from others. These cognitive elements encompass a wide spectrum, including beliefs, values, cognitive styles, and mental processes. By delving into these cognitive factors, researchers seek to uncover the unique mindset and thought patterns that drive entrepreneurial individuals to achieve their goals and stand out in the business world.

    The main cognitive factors of entrepreneurship include “self-efficacy”, “scripts” and “cognitive styles”. Self Efficacy is an important predictor of why individuals with the exactly same learned skill act differently.  Defined by Bandura, self efficacy is “one’s beliefs in their abilities to perform a certain level of performance or desired outcomes that influence situations that affect their lives”. Scripts on the other hand, refers to the structured and organized knowledge that an individual possesses about a specific concept; a comprehensive mental framework that aids in understanding and processing information related to that particular concept. An entrepreneurial expert becomes an expert because of the knowledge structure or scripts about a particular domain, a factor that differentiates him from novices. Cognitive Styles refers to an individual’s unique manner of perceiving and interpreting environmental stimuli. It encompasses how people organize and utilize information derived from their surroundings to inform and direct their actions. Individuals with a knowing style prefer to analyze and understand things based on facts and data. They have a strong desire to know precisely how things work and remember many details. They are focused on completing tasks accurately and excel at solving complex problems as long as there is a clear and logical solution available.

    Entrepreneurship, from a cognitive perspective, explains an individual’s behavior regarding the identification of opportunities for starting and growing businesses. Cognitive ability of successful entrepreneurs allows them to spot gaps in the market, foresee emerging trends, and connect seemingly unrelated information to create innovative solutions. Where entrepreneurship inherently involves taking risk, cognitive factors such as risk tolerance, risk perception, and the ability to evaluate potential outcomes play a crucial role in the decision-making process. Correspondingly, when it comes to decision making, entrepreneurs take into consideration rationality, intuition, and heuristics to guide their decisions effectively. Another important aspect is the creative thinking of entrepreneurs. Entrepreneurs who think outside of the box and embrace creativity can develop groundbreaking products and services that disrupt industries and create new market niches.

    Another significant deriver of entrepreneurial success is experience. Kolb’s experiential learning theory highlights the significant influence of our experiences, encompassing our thoughts, emotions, and environment, on the process of learning. In this theory, learning is not a passive activity but an active and dynamic process that involves engaging with real-life experiences and reflecting on them to gain insights and knowledge. It emphasizes that our perceptions, emotions, and interactions with the environment all play essential roles in shaping how we absorb and internalize new information, leading to a more holistic and transformative learning experience. Since decision making is based on the knowledge acquired through the learning process, and the fact that there is no perfect information makes Kolb’s experiential learning rather more relevant which combines previously gained knowledge, perception, cognition and experience.

    Human cognitive functioning in decision making processes can often lead to biases, errors or limitations. Research on heuristics (cognitive shortcuts or simplifying strategies that individuals employ to handle and process information, aiming to minimize uncertainty and facilitate decision-making) states that entrepreneurs using logic while coming across heuristics turn out to be more orthodox in their decision making. Entrepreneurs can be influenced by several cognitive biases that impact their decision-making processes. The overconfidence bias leads them to overestimate their abilities and the likelihood of success, potentially resulting in risky decisions and underestimation of challenges. Confirmation bias causes entrepreneurs to seek information that aligns with their existing beliefs, hindering their ability to identify potential pitfalls or consider alternative opportunities. Loss aversion makes entrepreneurs more sensitive to potential losses than gains, making them risk-averse and reluctant to take necessary risks. The anchoring effect causes entrepreneurs to rely heavily on the first piece of information they encounter, potentially skewing their judgment and leading to suboptimal choices. These biases can significantly shape an entrepreneur’s behavior and outcomes in the business world.

    The world of entrepreneurship is driven by innovation, risk-taking, and relentless pursuit of opportunities. Behind every successful venture lies the entrepreneurial cognition – the unique way entrepreneurs think, perceive, and process information. Entrepreneurs have been recognized for their unique ability to process information, leading to the development of the concept of “entrepreneurial cognition.” This distinctive cognitive capacity has become a defining characteristic that sets entrepreneurs apart from other individuals in the business realm. Understanding cognitive perspective on entrepreneurship is vital for aspiring entrepreneurs, educators, policymakers, and researchers to unlock the secrets of successful entrepreneurship and foster a thriving entrepreneurial ecosystem. To conclude, entrepreneurial cognition provides a fascinating insight into the minds of successful entrepreneurs. By understanding the cognitive processes involved in opportunity recognition, risk management, decision-making, creativity, and resilience, aspiring entrepreneurs can develop their cognitive skills and increase their chances of success.


    Business / Converting a Non-U.S. Entity to a Delaware Corporation
    « on: October 05, 2023, 11:52:28 AM »
    Converting a Non-U.S. Entity to a Delaware Corporation

    Clients continue to form Delaware companies daily, and enlist Harvard Business Services, Inc. (HBS) as their Registered Agent as Delaware continues to be the incorporation capital of the world. We have recently received numerous requests from clients based outside of the United States regarding converting, or “domesticating,” their already existing company based in another country into a Delaware company. In this case, clients decide to formally relocate an already registered entity in another country/jurisdiction to Delaware.

    We are experienced at domesticating clients’ Cayman Island companies in Delaware as an LLC, for example. This process may seem stressful, but we make it easy for you.

    For this process, a Certificate of Domestication and Delaware Certificate of Formation, Incorporation or Limited Partnership (depending on the entity type) can be filed with Delaware for approval. When HBS assists clients with this service, we generally receive the approved documents back from the state within 3 to 5 business days after the domestication certificate is signed and filed.

    The domestication process requires answers to simple questions. To start, the state needs to know the type of entity being formed in Delaware.  Will the Delaware Company be a Limited Liability Company, or a Limited Partnership? If the entity will be a General Corporation in Delaware, the state needs to know the total amount of common shares, preferred shares (if any) and par value of the shares. 

    If the company will be formed in Delaware as a Non-Profit Corporation, a purpose statement needs to be provided for the filing. More importantly, the state needs to know the country where the documents will be used.

    Below, is other pertinent information necessary that is previous to the Delaware process in order to assist with the rest of the domestication process:

    The exact name of the company (where it is currently formed)
    The jurisdiction where the entity was first formed
    The date that the company was first formed
    The jurisdiction that constituted the seat or principal place of business
    And what entity type (LLC, LP, Corp., Non-Profit) was the company in the original jurisdiction?
    For the Delaware part of the domestication process, the essential information needed from the company in order to complete the filing, and also if HBS is assisting with the filing or being appointed as the Delaware Registered Agent, is the name of the company being formed in Delaware, the name of the communications contact along with the physical address, email address and phone number of this contact.

    Then, we need to know the names of the initial members if forming an LLC in Delaware, the names and addresses of the General Partners for a Delaware LP, and the names of the initial directors if forming a Delaware General Corporation or Non-Profit Corporation.


    Gen Z are more concerned by getting better at their actual jobs than they are with improving the office soft skills their bosses say they lack, survey finds

    Gen Z have caught a bad reputation for having poor communication skills at work but they're more focused on amping up their technical prowess, according to a new Adobe survey.

    Adobe's Future Workforce Study surveyed over 1,000 Gen Z workers in the US in early September to explore their career motivations and workplace expectations. The respondents had been working full-time for a medium to large-sized company for up to three years.

    Respondents were asked about the type of training they want more of at work. The survey found that 48% of Gen Z wanted more training on hard skills related to their job whilst only a third said they wanted to build on their soft skills.

    A spokesperson for Adobe said that respondents were given a definition for hard skills and soft skills. They were informed that hard skills refer to job-related or technical knowledge and abilities, while soft skills were classed as interpersonal skills and traits that shape how you work.

    This is reflected in their attitudes towards AI with almost half saying they feel prepared for their employer to adopt the technology in everyday work.

    Adobe also said that "half of the respondents admitted to having used the technology to aid their work."

    70% of Gen Z are eager to climb up the corporate ladder to the C-suite and grow in terms of their impact in the workplace, Adobe's survey found.

    Contrary to Gen Z's perceptions of themselves, managers are more concerned about their lack of communication and interpersonal skills in the workplace.

    Major companies including Deloitte and PWC have noted a deficiency in soft skills in pandemic-era graduates including teamwork and collaboration, this is often linked to the fact that most Gen Z workers had to study and work remotely, the Financial Times reported in May.

    "This means that there is a greater need for employers to provide training on basic professional and working skills, that wasn't necessary in prior years," Jackie Henry, Deloitte's UK managing partner for people and purpose, told the FT.

    Companies like KPMG and Protiviti are even teaching their Gen Z hires how to send emails, what to wear in the office, and how to maintain the appropriate level of eye contact during a conversation.


    Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance

    The cybersecurity skills gap issue may be further from being solved than expected despite the large amount of money being invested around the world to train professionals, according to a report by the Information Systems Audit and Control Association (ISACA). While the volume of training has increased the number of entry-level professionals, organizations are looking for experienced cybersecurity personnel, the international IT governance professional association says.

    "Continued hyper-focus on the perceived worker shortage to fill unverifiable open cybersecurity positions is problematic, for it not only fails to address duplicate job postings but also the perspectives of aspiring cybersecurity professionals who spent significant time and money completing pathway programs and yet remain unable to secure employment in the cybersecurity field," ISACA states in its State of Cybersecurity 2023, Global Update on Workforce Efforts, Resources and Cyberoperations report.

    "Failure to resolve this critical issue will magnify the existing problem of students and career changers being unable to obtain employment due to lack of experience, despite any knowledge, skills or credentials they have acquired," found the report.

    The annual ISACA report was conducted during the second quarter of 2023. More than 2,100 professionals around the world answered the online survey sent to those with ISACA Certified Information Security Manager (CISM) certification or who have registered job titles in the information security field.

    The cyber workforce continues to age

    While the largest percentage of respondents (34%) remained among those aged between 35 and 44, the average age of the workforce continued to increase, albeit slowly -- respondents in the 45 to 54 and 55 to 64 age ranges increased by two percentage points (32%) and three percentage points (19%), respectively, compared with 2022.

    There has long been a discussion in IT circles around companies hiring and training recent graduates only to lose these now-skilled professionals to higher-paying jobs elsewhere. "Cybersecurity companies and departments largely do accept that training and upskilling is necessary to help combat the shortage of cyber staff," Jo Stewart-Rattray, CISO and ISACA ambassador, Oceania, tells CISO.

    "But it's a double-edged sword. While the intention is there, the under-staffing epidemic leaves us little capacity in terms of time to invest in training and upskilling -- even though this is the ultimate solution."

    It goes without saying that if a company finds the right professional with the right skills and can afford to hire that professional, it will. "In some ways, we are our own worst enemy," Stewart-Rattray says.

    Cybersecurity teams are 'at capacity'

    "The spike in cyberattacks that we have experienced globally has led to increased security vigilance by companies of all sizes. This is placing unprecedented demand on CISOs, who are being called upon to review and upgrade security and work with either legal teams or privacy teams to strengthen privacy programs, let alone handling data breaches themselves. We are at capacity," Stewart-Rattray says.

    The long-term resolution to the problem relies on cybersecurity professionals and those hiring must look to simplify job descriptions and requirements expected of cyber graduates and those professionals transitioning from other sectors, she suggests.

    "Rather, job descriptions should focus on the important skills, sometimes referred to as soft skills, that we are lacking in our industry, which opens up a wider pool of potential talent." Stewart-Rattray also said that the risk of losing a trained professional is not something she sees as a problem from her perspective.

    "The deterrent is time. I believe there are many benefits we can offer to help retain employees such as flexible working arrangements, as the return to office mandate is not being well-received across our industry sector. In addition, paying for certification and training programs, and covering industry memberships is important."

    The report found that 65% of the respondents paid employee certification fees. But the remaining 35% suggests that quite a few professionals have to pay out of pocket for their certifications and updates -- which aren't always cheap -- which becomes an additional stressor for some employees.

    Retention of cybersecurity professionals is on the rise

    The good news is that retention increased, with a 6% drop in the number of respondents reporting retention issues compared to the previous year. But this improvement is more likely tied to economic uncertainty rather than work conditions having improved.

    The main reasons for employees departing included recruitment by other companies (58%). The second highest response, poor financial incentives (e.g., salaries or bonuses), is likely the main driver, ISACA found. Those seeking better financial compensation increased by 6% from last year to 54%.

    While work stress levels dropped by two percentage points from 2022, it remains a contributing factor at 43%, ranking fourth on the list. Other notable reasons included limited remote work possibilities (increased by four percentage points from 2022) and poor work culture/environment, both potentially driven by return-to-work mandates.

    "Uncertainty of any kind appears to be driving fewer job changes, and while vacancies persist, the survey results indicate that enterprises appear to be tightening budgets and compensation aids ahead of a potential recession," read the report.

    The state of cybersecurity across regions

    In Europe, about 52% of organizations said they experienced more attacks than the year before, while in Oceania that reached 56%, both higher than the global average of 48%.

    The report found that companies were underreporting cyberattacks, with 78% in both European and Oceania regions. Only 3% of European organizations said they accurately report cybercrime even if not required to do so.

    Things get worse for Oceania when it comes to confidence in cybersecurity teams' ability to detect and respond to cyber threats, with only 36% being confident. The global average is 42%.

    While the percentage of employers requiring a university degree for entry-level cybersecurity positions remains at 52%, differences across geographical regions are notable -- Europe and Africa saw decreases, Asia and North America remained unchanged, and Latin America and Oceania reported 9% and 10% increases respectively in this requirement.


    How to Use AI to Reinforce and Practice Skills Before Money Is on the Line

    Each employee needs to master a certain set of skills and competencies to be successful in their role. A strong training program is key to ensuring employees have what it takes. But on its own, training isn’t enough.

    You’re likely familiar with the Ebbinghaus Forgetting Curve, a mathematical formula from the 1880s showing that humans forget about half of new information within an hour—and 70 percent within 24 hours. More recently, Gartner found that B2B sales representatives forget 70 percent of information they learned in training within one week; 87 percent is lost within a month.

    It seems obvious, but employees can’t apply their learning on the job if they can’t remember what they learned. As such, organizations must focus on reinforcement so employees have opportunities to hone their skills and master new ones before money is on the line.

    Reinforcement Efforts Are Often Inefficient and Ineffective

    Most training and enablement teams understand the importance of reinforcement. Yet, many approach it in an ineffective way—and nearly impossible to scale.
    Some organizations require all employees who undergo specific training to complete the same reinforcement practices and tasks. Each employee must “check the box”—even if they’ve already mastered the skill in question. This leads to disengagement and a reluctance to participate in future training initiatives.

    Other organizations attempt to deliver more personalized reinforcement opportunities, with varying levels of success. But often, they waste much time and manual effort in doing so. For example, consider a sales manager overseeing a team of 10 sales reps with varying levels of skills and experience. That sales leader must sit on several of their reps’ sales calls to determine the skills they’ve mastered and identify the ones for which reinforcement is needed. The manager must then determine what reinforcement is appropriate for the rep’s individual needs. If something doesn’t already exist, they may have to create it themselves—or work with the training or enablement team to set the wheels in motion.

    Neither approach is effective—or efficient.

    AI Can Supercharge Your Reinforcement Efforts

    Today, the world seems to be buzzing about artificial intelligence (AI) and its potential to influence (and improve) our personal and professional lives. In fact, the most innovative businesses have already started tapping into the tremendous potential of AI.
    It can seem overwhelming to dip your toes into the world of AI. But it doesn’t have to be. There are plenty of opportunities for learning and development professionals to leverage AI, and many are easy to implement.

    AI can be especially useful in delivering reinforcement opportunities that are personalized to each individual—and scalable. Let’s examine a few practical applications.

    You may not have the time it takes to develop each reinforcement activity from scratch. This is especially true if you’re working with a smaller-than-typical training team due to a reduction in force (RIF).

    Winning organizations are tapping into AI to simplify the setup of role-plays and other reinforcement opportunities. Have AI create a role-play scenario to test and upskill your teams on new messaging, a new product or service launch, or an upcoming renewal conversation. By giving AI a description of the scenario and topics to cover, your scenario description and module are auto-created as well as a scoring rubric in seconds. AI can take the guesswork out of creating reinforcement, which means your teams have more time to tackle strategic initiatives.

    Automate Role-Play Reviews

    Role-plays can effectively help employees practice their skills and ensure they’ve absorbed information learned in training. Traditionally, role-plays are conducted in person or, if done virtually, managers review virtual submissions to provide coaching and feedback. Either way, these exercises require a ton of time on the manager’s part—especially for those with larger teams.
    Today, organizations are using AI to scale role-play scenarios without requiring a huge commitment from managers. AI can review and grade role-plays at scale, either completely alleviating the need for human intervention or acting as an initial reviewer, so managers can prioritize their focus on team members who need additional coaching. AI can also help team members improve before they submit their final role-play by delivering instant recommendations for improvement.

    Understand What’s Happening in the Field

    Let’s say an employee is nailing their role-plays and other reinforcement activities. But once they get in the field, things go sour. They struggle to articulate the problem, so you’re unsure what kind of reinforcement will help.

    In the past, managers would have to sit in on several of this employee’s calls to get an idea of where things were going wrong. But sitting in on calls takes time, and you probably don’t have much to spare.

    These days, organizations can leverage AI to understand what’s happening in the field—without attending calls or poring over transcripts. AI can highlight key moments, objections, and customer pain points during calls. Leading organizations use AI to analyze, transcribe, and answer questions about recorded calls. Managers can tap into these insights to quickly prioritize their call reviews and deliver coaching and reinforcement that will improve outcomes.

    Uncover Key Training Insights Quickly

    Personalized, effective reinforcement requires the right data. For example, you need to know what training programs are adopted the most, the least, and why.
    Most organizations have no shortage of data. But it can be challenging to pull data from multiple dashboards and reports—and then make sense of it all. Sometimes, you have to dig through multiple dashboards and pages of reports just to deduce one key data point.

    With AI, you can derive quick, actionable insights from data. With AI’s impressive query abilities, organizations can ask questions to an AI assistant about training data within their platform and quick answers. For example, you can ask, “Which training program has the lowest completion score?” or “In the last quarter, which employee had the highest performance scores in our onboarding course?” Now, with quick access to data that’s been turned into insights, training, and enablement, professionals can better inform their strategic tasks and planning initiatives.

    Tap Into AI to Boost Retention on Your Teams

    On its own, training isn’t enough to ensure skill and messaging mastery. Reinforcement is key to ensuring learning sticks—and it is applied when it matters.
    Today, AI empowers organizations to deliver reinforcement that’s personalized to the needs of each employee. That means your employees will always have what it takes in the moments that matter.



    One of the many benefits to being part of GEM is networking with top  entrepreneurship researchers around the world. This was certainly on display during the VIII International Entrepreneurship Research Workshop GEM ACEDE(Entrepreneurship Division of the Spanish Academy of Management) that took place from September 21 - 23 at the University of Malaga in Spain.

    Some 100 participants, including many GEM National Team members, discussed “research driven entrepreneurship” that generates a high impact in academia, business and society.

    - GEM Chairman José Ernesto Amorós led a technical workshop.

    - GEM Executive Director Aileen Ionescu-Somers shared perspectives on future challenges for a global research network.

    - GEM researcher Niels Bosma delivered a session on how GEM data can be used for research and publications.

    Organized by GEM Spain and ACEDE, the event was centered on promoting the exchange of scientific knowledge and experiences in research, teaching and transfer.

    More than 60 academic papers were presented by researchers representing different Spanish and European universities. The opening ceremony was led by the Rector of the University of Malaga, José Ángel Narvaéz Bueno. Among the guests in attendance were:

    Javier González Navarro, General Director of Entrepreneurship Training and Continuing Education (Government of Andalucia)
    Alicia Izquierdo García, Deputy Mayor Delegate of Innovation, Digitization, Promotion, City Council of Malaga
    Esperanza González Pazos, Deputy for Sustainable Economic Development, Employment, and Training in Malaga
    Javier De Pro Rueda, Chief Financial Officer at Fundación Bancaria Unicaja
    “This event was a great opportunity for us to witness firsthand so many different examples of entrepreneurship research generating tangible impacts on society,” stated Ionescu-Somers. “GEM Spain has numerous regional teams spread out across the country. The team acts like a ‘family’ of researchers all working in the same direction towards understanding the phenomenon of entrepreneurship both locally and nationally. It was inspiring to observe their passion and enthusiasm. The GEM Spain team is a great example of the potential of GEM research to be leveraged in the rest of the world.”


    The entrepreneur’s guide to stress-free business trips

    Many entrepreneurs have to travel across the country to pursue opportunities for growth. While traveling should be fun, business trips can affect physical well-being and mental equilibrium. So, as you gear up for your next journey of business conquests, let’s delve into some valuable tips and clever tricks to ensure you find moments of calm and relaxation along the way.

    Healthy Habits on the Go
    Maintaining a healthy lifestyle while on the move is not only about surviving the hustle and bustle of business trips but thriving throughout them. Your energy, clarity, and overall well-being depend on it. Here are a few health-conscious practices that will transform your business travel experience.

    Energizing Movement
    Imagine starting your journey with a brisk walk through the airport terminal. It’s not just about getting from point A to B; those steps can energize your body and boost your circulation, ensuring you step onto the plane feeling refreshed and alive. Moving your body is not just about exercise; it’s about keeping your energy levels up and counteracting the sedentary nature of travel.

    In-Flight Bliss
    We all know the cramped quarters of an airplane can lead to stiffness and discomfort. Ankle circles, seated stretches, and shoulder rolls are simple exercises you can do right in your seat. These in-flight movements alleviate physical tension and stimulate blood flow, helping you arrive at your destination with a spring in your step.

    Nutrition for the Win
    Snacking is another secret to keeping your energy levels stable while on the move. Opt for nutrient-dense snacks like trail mix, granola bars, and fresh fruit. These choices satisfy your hunger and provide sustainable energy without the post-snack slump. And remember to stay hydrated! Airplane cabins are notorious for drying out your skin and body, so water is your best friend. A reusable water bottle can be your trusty companion, ensuring you are well-hydrated from takeoff to landing.

    Culinary Exploration
    When it’s time to dine, seek out local restaurants offering healthier options. Exploring the culinary scene of your destination is not just a pleasure for your taste buds—it’s an opportunity to nourish your body with wholesome ingredients that can fuel your productivity.

    Jet Lag Mastery
    Jet lag is one of the common problems for travelers across the globe. And you might also suffer from it. But don’t let it dampen your spirits or slow down your productivity. You can practice some strategies that will help you lower its effect.

    Start by adjusting your sleep schedule a few days before you depart. Shift your bedtime closer to the local time of your destination, helping your body transition more smoothly. During your flight, try to adapt to the destination’s time zone by sleeping and eating according to the new schedule. It might feel odd to have breakfast for dinner, but it’s a small sacrifice for a smoother adjustment.

    Resist the temptation to nap immediately upon landing, even if your internal clock begs for it. Instead, expose yourself to natural sunlight to help reset your circadian rhythm. Take a leisurely walk, spend time outdoors, or sit by a window. By syncing your body with the local time zone as soon as possible, you’ll minimize the impact of jet lag and hit the ground running.

    Productive Travel Rituals
    As an entrepreneur, you are a master of multitasking, but business trips can challenge even the most organized individual. You need to create a travel ritual to deal with unprecedented changes.

    Craft a travel routine that aligns with your work and personal goals. Utilize digital tools to manage your time efficiently- scheduling meetings, setting reminders, or mapping out work blocks. But remember, productivity isn’t just about work; it’s also about taking care of yourself. Incorporate mindfulness practices like deep breathing or short meditation sessions to stay grounded and reduce stress.

    And speaking of staying grounded, take advantage of your accommodation’s amenities. If there’s a gym or fitness center, work out to keep your energy levels up. Don’t underestimate the power of a good night’s sleep, either. Prioritize rest to ensure you’re firing on all cylinders throughout your trip.

    Business and Pleasure Fusion
    Picture this: you are in a new city for a business meeting but have a few extra hours to spare. Don’t let those hours go to waste! Embrace the concept of “leisure” and discover how combining business and leisure can make your business trips even more rewarding.

    While meetings and networking events are essential, take some time to explore the local culture and attractions. Whether trying exotic cuisines, visiting landmarks, or soaking in the city’s ambiance, these experiences can spark your creativity and enhance your business interactions. If your schedule permits, consider extending your stay by a day or two to enjoy traveling.

    Travel Wellness Toolkit
    A successful entrepreneur knows the importance of preparation. When it comes to travel, a well-stocked wellness toolkit can make all the difference in maintaining your health and vitality.

    Load your smartphone with wellness apps that offer guided workouts, meditation sessions, and healthy recipes. These tools can help you stay active, manage stress, and make wise nutritional choices. Pack a small bag with travel-sized essentials like resistance bands for a quick workout, a reusable water bottle to stay hydrated, and wholesome snacks to avoid unhealthy temptations.

    As you plan your itinerary, research your destination’s local gyms, parks, or jogging trails. A list of options ensures you can stick to your fitness routine, even when you’re far from home. And don’t forget about rest; quality sleep is the cornerstone of all successful business trips. Opt for accommodations that prioritize comfort and tranquility, enabling you to recharge for your busy days ahead.

    Bottom Line
    In a nutshell, some ways help you plan stress-free travel. You simply need to practice the tips mentioned above on applicable phases so that you don’t feel like avoiding business travels next time.


    Startup / Startup Venture Entrepreneur Shares His Formula For Success
    « on: October 04, 2023, 11:49:44 AM »
    Startup Venture Entrepreneur Shares His Formula For Success

    NEW YORK (October 3, 2023) — Start. Scale. Exit. Repeat.: Serial Entrepreneurs’ Secrets Revealed! by Colin C. Campbell is now available. The book is published with Forbes Books, the exclusive business book publishing imprint of Forbes, and is available today on Amazon.

    There’s no shortage of media reporting that explores why startup companies fail—but what do those who succeed have in common? In his new book, Start. Scale. Exit. Repeat., Colin Campbell is on a mission to crack the code on entrepreneurial success.

    From his formative years on a Canadian family farm to successfully exiting companies that today are valued at more than a billion dollars, Campbell collects firsthand experiences in helping build, scale, and sell startup companies. He also shares insights from fellow serial entrepreneurs and thought leaders.

    In Start. Scale. Exit. Repeat., Campbell keeps his winning formula simple, leading his readers from the initial idea to the high-value sale. He provides real-life examples, best practices, and “Golden Nuggets” of wisdom derived from both his successes and failures. Topics include vetting your idea, picking an all-star team of partners and employees, finding the right investors and funding, preparing for negotiations, and how to repeat the formula—each time better and faster.

    “I don’t pretend to be the next Steve Jobs, Bill Gates, or Elon Musk—and I don’t want to be,” said Campbell. “What I am is an entrepreneur who has successfully built small businesses over and over again. And like many other serial entrepreneurs, I’ve had wins and losses. But even the losses have helped me figure out what makes this formula different. By focusing on building a solid foundation and knowing what to look out for, I believe this strategy can dramatically increase your chances of success.”

    About Colin C. Campbell

    Hailing from his family’s farm in Canada, Colin Campbell has been an entrepreneur since launching a tech business with his brother in the early 1990s. Since then, some of his many startups he and partners have launched include internet companies like Internet Direct Canada, Tucows (TCX),, Hostopia, HipOptical, .CLUB Domains, Escape Club and pet product brand His companies have won numerous awards and earned recognition from publications like Profit and Inc. 5000. In his desire to support other entrepreneurs, he cofounded and co-hosts the live show and podcast Serial Entrepreneur: Secrets Revealed! Beyond his entrepreneurial pursuits, he loves spending time with his wife Kim, their two children, and their dogs.


    Why Entrepreneurs Swear by WELD as the Secret to Maximizing Wealth

    The world of entrepreneurship offers more than just innovation and freedom—it's a powerful conduit for wealth-building. With the right strategies, this journey can unlock financial potential like no other.

    While entrepreneurship extends far beyond just profits, its advantages in creating wealth are unmatched. I like to say entrepreneurship is an "unfair wealth creator." The wealth benefits of owning a business boil down to a handy acronym I call WELD. Just like welding two pieces of metal together makes them stronger, combining these four entrepreneurship advantages will strengthen your finances.

    WELD stands for Write-offs, Exit value, Lower taxes, and Depreciation. These pillars, when combined, illustrate why I'm a massive advocate for entrepreneurship, especially from a wealth perspective.

    As entrepreneurs, we have the unique advantage of writing off certain expenses against our income. I love this part of being an entrepreneur. Business travel, cars, office expenses, education, and computer equipment can all be write-offs. I have some of the coolest tech and I get to write it off!

    As an entrepreneur, you can write off portions of your travel, give your kids a $15,000 tax-free gift, rent your home from yourself, and more.

    Don't forget, essentials like health care and retirement contributions can also be harnessed for write-off potential. The trick is to navigate and maximize these benefits while staying within the bounds of regulations, so I definitely recommend working with a seasoned tax advisor.

    Exit Value
    While a consistent income stream from a business is undeniably valuable, there's a hidden gem many entrepreneurs overlook: the potential profit from selling their enterprise.

    Compare this to a traditional 9-to-5 job. Yes, you might enjoy a predictable paycheck every month, but the moment you decide to step away, that revenue stream stops. In contrast, when you're leading a business, not only do you often enjoy greater flexibility (imagine more quality time with your family), but there's also a tangible asset you're building.

    Let's talk franchises for a moment. If you invest, say $300,000, into a franchise, you might get a consistent annual cash flow of about $100,000. But when you're ready to exit, that franchise might sell for a multiple of its yearly revenue (sometimes upwards of 5x or $500,000). Plus, being part of a franchise network gives you a ready pool of potential buyers.

    Lower Taxes
    One of the standout perks of entrepreneurship, beyond the freedom and creativity it allows, is the potential for reduced tax liabilities. Contrast this with traditional salaried roles where individuals might face tax rates ranging from 10% to 37%. Entrepreneurs, with a keen understanding of the tax code and strategic financial planning, often navigate to much friendlier tax rates.

    Take the example of selling a business asset. Typically, such transactions incur tax rates of just 15% to 20%. This is considerably lower than the rates most salaried individuals encounter. Over the course of an entrepreneurial journey, these tax benefits can compound, leading to substantial wealth.

    For franchise investors, understanding depreciation is like having a superpower. Depreciation isn't just a dry accounting term; it's a vital financial strategy that can play a significant role in the economics of your business. We've all heard the stories of the real-estate investor who brought their tax rates down to $0 or how big businesses pay a lower tax rate than the average Joe. So, how does it work?

    Assets, whether they're heavy machinery, franchise-related vehicles, or even personal cars used for business, can undergo depreciation. This means their value diminishes systematically over time. Typically, businesses list these assets on a depreciation schedule, spreading this decrease in value across several years. However, thanks to provisions like Section 179, some assets can be depreciated immediately, allowing for significant tax breaks and write-offs.

    Here's a simple illustration: let's say you've invested in a franchise and installed equipment worth $50,000. Over the year, you've earned a gain of $100,000. If you get that equipment running by year-end, it's possible to use its depreciation to offset your gain, reducing the taxable amount.

    In real estate, you can combine both depreciation and property exchanges to bring your tax rates down considerably.

    But a word of caution: while the concept of depreciation offers intriguing financial benefits, it's essential to navigate it carefully. Misconceptions, especially from oversimplified sources or platforms like Instagram and TikTok, can lead to costly mistakes. For instance, a luxury vehicle, unless justified as a genuine business expense, might not be fully write-off eligible.

    As you explore the complexities of depreciation, always lean on the expertise of your CPA. They can guide you in optimizing these benefits while ensuring compliance.

    Greater risk, greater reward
    Entrepreneurship isn't just about the advantages. It's about taking risks. You've probably heard the saying: the greater the risk, the greater the potential reward. If it were easy, everyone would be doing it, right?

    That's where we, at Franchise Sidekick, step in. We're passionate about helping people harness the massive potential of entrepreneurship. For many, franchising is a safer route to business ownership. Our mission? To help you navigate this path with minimized risks. We'll walk you through our proven process, provide you with insider information, and help you pick a winning franchise brand.


    From Operator To Entrepreneur: How To Take Control Of Your Life

    Work on the business, not in the business. I’m sure you’ve heard this advice not once—and not even twice. However, very few people explain how to do it. So many business owners struggle to move away from the operational work. If you’re one of them, then this five-step action plan is for you.

    Below is my personal recipe for how to regain control over your time and start doing the kind of work you enjoy. Author’s note: You may not like what you read. If that’s the case, print it out and put it on the wall. Thank me later.

    1. Get brutally honest with yourself.
    Your two biggest enemies are perfectionism and ego. Many entrepreneurs feel like nobody can do their job better than them. And while it might be true, there’s no way one person can do it all. If your goal is to grow your business, you are going to need a team.

    Start by assessing your current role. What tasks really require your expertise and what can be delegated? What’s keeping you from letting go? Are you giving authority to your people? Are they allowed to make mistakes and learn from them? Give yourself honest answers.

    Next, define your desired role in the company. For example, you will be responsible for XYZ and delegate X number of operational tasks to other people in six months. Be sure to set a realistic timeline for this change, taking into account team training and adjustment period.

    2. Fire yourself.
    Now that you’ve set the goal for yourself and your business, start executing your vision. Build a competent team that will help you make that transition. Once again, let go of perfectionism and accept that some tasks are better done than perfect. The most optimal combination is having A players manage B players to get things done.

    Next, start delegating tasks one by one. Prioritize them by the level of complexity and overall impact—from the easiest to the most difficult. Some tasks can be delegated much faster than others. Also, don’t expect your team to execute everything perfectly in two weeks. There will be a learning curve and you should account for it.

    3. Optimize your processes.
    Together with your team, map out all of your key processes and identify bottlenecks. Next, see how you can streamline them. There are countless automation tools that will help you eliminate repetitive tasks and improve workflows.

    Depending on your current situation, this can mean many different things. If you’ve been running your business from Excel spreadsheets, think about implementing a CRM system and email automation. If you are more experienced with tech, consider synchronizing your apps or integrating more AI-based tools into your operations.

    4. Get greedy with your time.
    This is probably one of the hardest changes for business owners. To achieve your big goal, which is moving away from the operational work, you’ve got to stop letting the urgent take over the important.

    Start blocking time for revenue-generating, high-value activities and let small failures happen. Some people will get upset and some tasks will not be done properly. That’s okay. Be willing to pay this price for a bigger gain.

    Busy work like checking emails and responding to Slack messages will not get you anywhere. And you may be surprised to discover that half of all the seemingly urgent questions somehow resolve themselves. Trust your team to take care of everything on their own and be religious about your time blocks. Your main work must be done no matter what.

    5. Fill in your personal growth gaps.
    One of the reasons why many entrepreneurs keep slipping back into operational work is procrastination, which is usually a fear in disguise. Let me explain. I find that people operate in two modes: from the place of comfort or from the place of growth. The latter is always scary. It requires learning the skills you don’t have and failing, sometimes publicly. However, there’s no other way to grow.

    If you want to break through that glass ceiling, you have to go back to step number one and get honest with yourself. Acknowledge that you lack the skills to achieve your goals and admit that operational work is your comfort zone. You might not enjoy it, but you are very good at it. That’s why you do it. And now the choice is yours. You can stay in a warm bath or throw yourself into the wild jungle.

    These tips come from my personal experience and the experience of many entrepreneurs I’ve worked with over the years. I hope they’ll help you understand where you are and how to get to achieve your goals. Embrace honesty and trust, and you will reach your goals.


    Pages: [1] 2 3 ... 37