Because we receive so many questions from our readers each week, we unfortunately cannot answer every question in the Crucial Skills Newsletter. To help more of our readers with their crucial conversations, confrontations, and behavior change challenges, we’d like to introduce our new Community Q&A column! Each month, we’ll select a reader’s question, post it here on the blog, and invite you to share your advice and ideas. Please share your answers to this reader’s question in the comments below. Dear Crucial Skills, One of my colleagues works ten- to thirteen-hour days, even though her job does not require her to put in that many hours. She is a single, middle-aged woman and also volunteers one evening a week at a food pantry. She complains about how long she stays at work, so I have carefully encouraged her to leave on time. I kindly told her that there are others who can take care of things and that she owes it to herself to get out of work at a reasonable hour. This is always a lose-lose conversation. She says "I know," but her behavior does not change and she continues to complain that she "stays so late," she is "so tired," and "no one ever thanks me for my help." When other employees ask me why she stays so late, I tell them I don’t know and suggest they ask her. How can I help my friend stop playing the victim and see that leaving work on time is actually healthy and reasonable? Full-time Friend Update: We have received many helpful responses to Full-time Friend’s question. Thank you to everyone who has responded! Here are a few comments that summarize our readers’ advice. If you would like to read or share more advice, please do so in the comments below: "This is a difficult question to answer because we are missing an essential piece of information: What is her motivation for working so late? . . . Could it be that she is not a fast worker and is concerned about meeting a productivity standard? Could she be worried about her position and wants it known that she is going the extra mile? She has a need that must be identified and fulfilled in a healthier manner." - Julian Fountain "I see this where I work as well, and also find myself falling into the habit now and then of working extra hours. I am a ‘single middle-aged woman’ - my kids are adults and independent. If I don’t have something scheduled with friends or family it’s very easy to stay at work because there is no one waiting for me at home….a rare occurance because I keep myself pretty busy to avoid this situation, and it’s more likely others complain about my ‘being too busy’. Your ‘friend’ may need a regular afterwork get together or activity in addition to her volunteering. I’ve taken on the task of getting we ‘single middle-aged ladies’ together once a month or so after work to share conversation and the feeling of togetherness and ‘family’ that others get at home in the evening - others (married/male) are also included. Give it a try, my guess is she needs her ‘friends from work’ more than she needs to ‘be at work’ but doesn’t know how to ask." - Linda "What exactly is it that’s bothering you? Is it the fact that she complains about working late, or something else? Whatever it is, I think it’s essential at this point that you address what is bothering you, not her . . . Just remind her that this has been going on for a while with no change. Let her know how it makes you feel, and suggest a brainstorming session regarding how you can help change whatever you or she needs to change to improve the situation." - Dave

Mike Robert Wood's blog post was featuredIf Gummy Bears Could Talk, They’d Whisper Your PasswordA generation is growing up in a world where everything can be obtained at the click of a button, from anywhere, 24/7, in real-time. Missed your favourite TV show? Watch it on catch up. Hate waiting for holiday photos to be developed? Take snaps on your smartphone and instantly upload them to Facebook. Want the new Kings of Leon album but can’t be bothered to go to the high street store? Stream music instantly from Spotify, Youtube or Naptster.Long gone are the days of having to wait for things. In the digital world - what we want is already there and is only a click away. And this applies to things that go beyond social sharing, online shopping and streaming music. But despite the digital DNA of this growing generation and their openness to share personal information digitally, they still expect the same protection of their online identity. Recent research highlighted that online fraud and identity theft were the first and second concern of most UK citizens. Nowhere is this more important than with banking.Enabling differentiation and loyalty by offering a seamless customer experience and protecting customers from fraud, is one of the biggest challenges for financial services in the digital age.Will fingerprint recognition help?As reported recently in Wired, RBS and Natwest announced that they will offer customers the ability to manage their finances on the move, using Fingerprint login instead of the passcode. This is a positive step forward with improving the customer experience for banking. Not only is this hugely convenient for customers, who don’t need to carry around their ‘number generator’ keypads, passwords or pins, it’s also a more secure way of ensuring that the person is who they say they are. However, despite this, there are flaws to this approach for which some customers may be concerned.Single authentication isn’t reliable. If your phone should get compromised, or your account gets hacked, you can quickly change your password to prevent fraud. But you can’t change your fingerprint. So does that mean you need to buy a new phone and start the process again? Or wipe your phone of all its data? All of a sudden fingerprint banking doesn’t seem so convenient now.In addition, the iPhone Touch ID allows multiple enrolled fingers. So, if my five-year old daughter got hold of my phone, she could in effect access all the data on the phone, including my bank account - which could be potentially very damning and expensive!On the flip side, having a second factor of authentication such as a finger-print is definitely more secure than using ‘contactless’ payments cards, which only require a single touch to authenticate up to £20 transactions, should the phone also be used as a digital wallet.There are no silver bullets here. Finger readers, like many forms of authentication, can be spoofed. There are already numerous existing workarounds on YouTube, demonstrating innovative uses of what look like Gummy Bear sweets to replicate fingerprints in order to fool finger print readers. Whilst this is an unlikely move for a fraudster to make, it can happen.So what is the answer?The answer is simple - take a holistic approach to include biometrics as part of a multi-layered solution which also offers customer choice. Biometrics will be a greater part of banking, so it’s important to get the customer experience right to ensure adoption. Gartner predicts that 30 percent of organisations will use biometric authentication for mobile devices by 2016, but again this alone isn’t bulletproof.Aspects such as location, timing, behavioural information, cognitive data and social networks can all be bought into play to support a solid authentication process. For instance, these tools can detect whether someone accessing their account is doing so from a regular location or IP address, such as home or at work. If this location falls outside of the norm, banks have the confidence to intercept and challenge.Similarly, using biometric behavioural solutions, you can tell whether a person is using their device differently (e.g swiping differently to how they usually would) or spot the robotic behaviour of malware. Individual customers may react differently to biometric step-up challenges each with their own preferences, so offering customer choice is important to grow adoption and confidence. For example, some may be comfortable and more able to speak into the phone (using biometric voice recognition), some are happy with the concept of a ‘selfie’ (using biometric face recognition) and others may still perceive greater security with PINS and passwords.Building on these behaviours enables banks to create a profile of the customer based upon a confidence factor or risk-score. It also reduces the frustration felt by customers when they forget their password and are locked out. Furthermore, it gives financial institutions the tools to intelligently detect fraud with more ease than ever before. It’s win-win.Mike Robert Wood is helping to address fraud and security issues with creative solutions for Unisys customers.See More

ABOUT THE AUTHOR   Joseph Grenny is coauthor of four New York Times bestsellers, Change Anything, Crucial Conversations, Crucial Confrontations, and Influencer. READ MORE Dear Crucial Skills, I am having a hard time dealing with a coworker/friend. She has a big heart and will do anything to help anyone. The problem is her temper. If something does not go her way or someone does something she does not agree with, she throws a temper tantrum like you have never seen before. She yells and cusses like a sailor and does not care who hears her. She is constantly on the backs of the people who work here and rips into the other managers weekly. We all really like her and know she gets stressed easily, but we can’t handle her temper tantrums anymore. We have all tried to talk to her about this but nothing seems to sink in. She thinks it is funny and will tell you quickly that it is our fault not hers. Now people and even her friends are shying away from her, and it is getting harder and harder to work with her. How can we get her to stop throwing a fit and still keep a good working relationship and friendship? Signed, Punching Bag Dear Punching Bag, Okay, buckle your seatbelt, because I have a strong dose of feedback for you to hear. Please know that all I want to do is give you a perspective that will help you solve your problem. I don’t want to offend and especially don’t want to "blame the victim." But one thing I need to do is challenge your "victim story." Here goes. Ready? The biggest problem here is that you and your colleagues are playing the victim when you have actually been enablers. If this has been going on for a long time, if she is truly behaving as abusively as you describe, and you’ve not ratcheted up your response—then you are rewarding her behavior. If you and others are shying away, then you’ve allowed her to bully you. This has to stop if her behavior is going to stop. You and your colleagues need to take responsibility for announcing and enforcing your own boundary. You have two options. One is to turn this over to HR or her boss immediately. If this is truly an issue of abuse and you either don’t want to or can’t handle what I suggest below, then the way to take responsibility is by asking those who should be handling this to handle it. If, on the other hand, you think it’s something you and your colleagues can and should attempt to address first, here’s how you might prepare for and hold this crucial conversation. First, get clear in your mind that these are not "requests" or "suggestions" for her. These are absolute and inviolable boundaries you will hold her to—with associated consequences. Here are some steps to follow: 1. Gain commitment. Meet with your friends. Help them see the role you have all been playing and commit them to holding her firmly accountable. 2. One voice. Meet with her as a group. You may not need everyone to come, but you should invite someone else to meet with her so she isn’t able to minimize the points you make or rationalize her way out. Now, going in with more than one person violates safety so invite as few colleagues as possible but as many as necessary—perhaps two or three. 3. Compassion and courage. Open by explaining the reason for the discussion. Be sure to create safety, but be firm. For example, "I know this may seem kind of dramatic, but it is very important to us. We’re sorry if this seems like we’re ganging up, but since a number of us have been affected, we needed you to hear from more voices. We need you to hear us out about a concern we want to address. If we can’t address it here, we will be meeting with the boss or with HR instead. Our preference is to work it out between us. Can we have your commitment to hear us out without interruption?" After she agrees, create a bit of safety. "We think this problem is solvable and we want to solve it. We love you and we want to continue working with you, but not under the conditions we’ve been working under. If we can solve this one problem, we hope to work with you for many years. The problem is . . ." Now lay out facts—not generalities—share the pattern, then describe two or three instances of her behavior and the effect on your relationship. Share natural consequences so she’ll understand why you’re motivated to address this. For example, "To you this may seem like we have thin skin, but you need to know that the three of us have found ourselves shaking in our cubicles when we’ve thought about approaching you with a concern. We feel sick and I even have a hard time sleeping when . . ." Whatever the effects are, share them. Keep it brief so she’ll have a chance to respond, but be clear on how you want to move to action. For example, "We want your agreement that you will never yell or swear at us again when you are not getting your way. We want you to take an anger management class, and if things improve, we would like to keep this between us. But if there is another infraction in the next month, we will turn this over to the boss or HR. I know that might sound like a threat—and I’m sorry if it does—but it isn’t. It’s just us taking responsibility for our actions. I feel ashamed that we’ve allowed this to go on for so long. That’s our fault, and you’ve gotten the wrong message that we think this is okay. It’s not okay. It must stop." I hope I don’t come across as anything but sympathetic with your plight. It’s so easy to let things slide for so long that you get used to them and lose perspective on how things really should be. Trust me, you deserve a different work climate than the one you appear to have. Give it to yourself and your colleagues by holding this crucial conversation. Sincerely, Joseph Related Material:Employee Temper Tantrum Confronting a Gossiping Boss

Dan Salmons's blog post was featuredWhat Miyagi-San Teaches Us About PCI DSS Compliance"Polish on, polish off", "brush up, brush down". Thus begins Daniel LaRusso’s training in the martial arts in classic 1980s kid’s movie The Karate Kid. Instead of learning kicks and throws in the dojo, Daniel found himself redecorating his teacher’s house, and even then, Miyagi-San makes him do each job in a very specific way - but not necessarily the easiest way.Daniel ends his first day of training angry and disappointed, but then the Japanese sage delivers his real lesson. All of a sudden the tedious movements he’s had to use all day become powerful defensive manoeuvres. And, of course, the movie ends with Daniel defeating his nemesis.This is a bit like what digital security means for any organisation processing card payments. The rule book we must all follow, PCI DSS, lays down in great detail exactly what organisations must demonstrate to achieve compliance. But doing what you need to achieve compliance won’t make your customers secure - just like knowing all the moves won’t necessarily make you great at karate.Payment security is hugely important today, as the market for stolen cards is vast and lucrative. It was recently revealed that 183 million accounts were compromised in Q3 of 2014 and credit-card hacking has been found to be America’s top crime worry. As the owners of the 56 million credit cards that were compromised from Home Depot found to their cost, card details are hot property at the moment - with each card worth an estimated £8. For criminal gangs trading in thousands, if not millions of stolen accounts, that’s a very profitable line of business.Yet a large number of payment providers see the compliance process as a necessary evil of doing business - a bit like fire-drills and employer liability insurance - and less of a business opportunity to keep and win new clients. Indeed, there are plenty of ways organisations can meet the spirit of the standards without actually baking them in to every part of their operations. For example, many organisations only allow auditors to examine data and conduct penetration tests on ‘sandbox’ systems, unconnected to the provider’s online systems. That’ll get them the tick in the box, but will it be a hallmark of total security? There’s no way of knowing until it’s too late.As Miyagi-San taught Daniel LaRusso, truly defending yourself requires you to think far more fundamentally about what you do and how you do it. The hard part is to practice it day in and day out. But if organisations are using a service that’s ‘compliant by design’, they are far better placed to defend their customers’ data robustly. For us, this means embedding PCI DSS-friendly processes into the code base of our core applications - rather than rushing to compile paper trails by hand when audit time comes. It means giving auditors access to live data on our production systems, which in turn requires a culture of sustained compliance and continuous improvement that all employees need to embrace. It also means we plan our businesses around audits - allowing plenty of time for preparations. It’s for these reasons we marked 10 years of Level 1 PCI DSS compliance in August last year.Finally, compliance by design demands that executives run their business with security uppermost in their minds and as a business opportunity - not the other way around. PCI DSS audits generally require many business functions, especially finance, IT and operations, to go into lockdown for several weeks a year. Rolling out new products and integrating new customers simply takes much longer during audits - if they happen at all. But with products that are compliant by design, the thousands of merchants and millions of consumers for whom we process payments each year have true peace of mind.It’s worth reminding ourselves why PCI DSS exists: because consumers demand and expect protection! Research we commissioned in May 2014 found that security is more important among consumers than convenience when deciding how they pay. Moreover, over half of UK consumers (55%) viewed the security of payment methods as the most important factor in deciding how we pay - while only a quarter (26%) believed convenience to be the most important deciding factor.This is why simply doing the basics isn’t enough. In spite of its length, PCI DSS should really be seen as merely the status quo, not the benchmark. Organisations need to go beyond the ‘box ticking’ to secure their customers’ card data. It only takes one breach to risk the ire of customers whose card details are compromised, and their faith in your ability to protect them may never be restored. For this reason, it’s absolutely crucial to get the security side right. Though compliance by design may at times feel like waxing the auditor’s car or painting their fence every day in a tedious fashion, it means your customers can rely on your "powerful defensive manoeuvres" to keep their data safe.Dan Salmons is Managing Director of Mobile and Online at PayPoint.See More

ABOUT THE AUTHOR Cricket Buchler is a Master Trainer. READ MORE How do I appropriately respond to participants’ fears and concerns about participating in the training? Several have expressed fears around role playing—one was even in tears. They have even expressed fears around mixing up teams for activities, and these are intact teams!What a great question! As you suggest, it is very common for our participants to be anxious about ‘performing’ in front of their colleagues. Because of this, I consider it my primary goal, as a facilitator, to create safety in the learning environment. I’ve found that if I can front-load the conversation in class by acknowledging participant fears and assuaging them, it goes a long way in preventing some of these kinds of reactions. And in my mind, if I can prevent the fear from ever creeping into the classroom in the first place, everyone’s job gets easier!When introducing the concept of deliberate practices for the first time, I always say this: "Now we’re going to practice with some scenarios. Before we start, I’m wondering, ‘Would any of you say you are generally not a fan of role-playing in a training classroom?’" (While asking this, I raise my hand as if to demo an invitation for them to raise their own in answer to that question). Participants will raise their hands, giving you a good sense of people’s comfort level in the room. I try to remember who raises their hand so as to avoid pairing those individuals up with each other later, finding it better to match the Nervous Nellies with others in the room who are more comfortable with this practice.Then I say (with a healthy dose of sarcasm and a hearty smile) "Ok! Well you’ll be happy to know that we won’t be role-playing in here. We’ll be doing deliberate practice. You’re going to LOVE these!" And right then, people begin to relax—because they feel validated. Then, I go on by saying "Ok, I’m playing with you a little bit, but let me tell you how they really are different. I feel like with role plays, we always feel we have to get really creative and make life difficult for our partners, then we switch roles and it comes right back to us. That is NOT what we are doing here. These are meant to feel super safe. We don’t expect anyone to be perfect at this (you’ve never done this before!) We’ll give you a coach to jump in and help you, even feed you lines. You can call a time-out and ask for help at any point, and you can ask for a do-over any time you like. Just say, "I think I can do that better. Let me try again!"After creating safety in the room, I move into reading over the directions in the toolkits. Then, I find it helpful to walk through a large group demo of how to do the structured rehearsals before putting them into groups of three and assigning roles (taking care not to pair together those who expressed anxiety in the beginning). The demo allows people to get comfortable with the practice and often alleviates anxiety for participants.For a large group demo, you as the facilitator can take on the role of the initiator. Explain the role of the respondent, and then ask for one volunteer to play the part of the respondent. Then ask the rest of the class to play the role of coaches—asking them to tell you what you should be saying each step of the way as you walk through the situation. You can essentially walk through the first structured rehearsal as an entire class before asking folks to practice the second and third situations on their own in groups of three. I’ve found this approach to significantly reduce anxiety in the room. Related Material:How can I help participants better understand and benefit from the summary questions at the end of each section of training? How can I help participants who are creating their own change plan in Influencer Training create an actual results statement? What if participants don’t like the term "violence" being used in the training?

Thomas Clarke posted a blog postHow Service Automation Got Us Out of Email JailAt NetApp, we take pride in giving our customers great service, which is one of the main reasons why we’re successful. We put a lot of emphasis on driving sales through strong customer relationships, but we also know that our backend fulfillment processes are just as important. Every link in our customer service chain has to be strong - or the chain will break.Our quote-to-invoice (Q2I) process is a critical part of our customer service commitment. It’s how we fulfill our customers’ needs. It’s also key to our financial performance, since fast quote-to-invoice times let us recognize revenue more quickly.However, like many other enterprises, our entire Q2I process was driven by emails from customers, partners and field sales. Thousands of emails arrived at a single shared inbox and were handled manually by the Q2I team. Everyone had to scan the same emails to decide which ones belonged to them, which was incredibly inefficient.Despite heavy oversight, emails kept slipping through the cracks. We had no effective way of tracking customer requests, so we often didn’t know when things got stuck in the queue. And, since email didn’t really drive a process, we had no clear way to measure and improve our performance.Putting a Method Behind the Email MadnessAbandoning emails wasn’t an option. Changing customer, field sales and partner behavior would have created chaos. Instead, we needed a way of turning an exploding volume of unstructured emails into structured information. After looking at what was available, we decided to go with a service automation solution from ServiceNow and their services partner, Cloud Sherpas. They developed a system of conditional logic to automatically analyze our incoming emails, extracting key information based on the sender, subject and email text. They used this information to populate standard request templates, which were then automatically sent to the right team member using the solution’s built-in workflow engine.From Reactive to ProactiveAs a request makes its way through our Q2I workflow, we can now see its status at every point along the way. Requests are routed throughout the process, and we can automatically manage approvals and other required actions. Instead of reacting when a customer complains, we’re able to unblock individual requests before the customer knows there’s an issue. The case histories we get from ServiceNow are particularly useful - these give our team members the context they need to come up to speed quickly on a case and hit the ground running.Measure It, Manage ItNow that we have a service automation solution in place, we understand what we’re doing right - and what we can do better. We can measure how well each part of our Q2I process is performing.This makes it easy to spot bottlenecks, and to identify when mistakes are made. Not only do we have overall strategic metrics, we can aggregate issues by type to find root cause.For instance, with this data-driven process, we now know how long it takes to complete requests, and we can tie this back to the request type. We’ve even identified types of requests that can be handled automatically - and zero touch means zero delay. It’s also much easier to manage workloads, since we can see who is overloaded and who is underutilized.The Bottom LineWhen we launched our project, we had clear ROI objectives. What surprised us, however, was that the reality far exceeded our expectations. The investment paid for itself in nine months, despite a limited initial rollout. Since then, we’ve extended the solution to handle 68,000 requests a year, giving us a total savings of $650,000 annually - or $1.8 million over our three-year projection period. At that rate, a single month’s savings pays for the entire project.While it’s easy to focus on the return on investment alone, the business intelligence we get from our ServiceNow solution helps us understand our process and how we can change, grow and evolve to adapt to customer needs. But equally important is the impact the solution has had on our employees. Rather than view it as a way to measure their productivity, they view it as a tool to better serve our customers and to measure and improve the overall process. What we’ve learned is not to stay locked in email jail for enterprise services. A choice for freedom is one of the best investments we’ve made.Thomas Clarke serves as Director, Quote-to-Invoice PMO & Performance Measurement at NetApp.See More

Jason Bloomberg's blog post was featuredStreaming Analytics: Terminator or Star Trek?Since the dawn of enterprise digital computing, managers have been looking to computer operators to run data processing jobs on those original workhorses of computation. The goal: to generate reports that the managers would use to make decisions on how to run their companies or government agencies.Today, those large binders filled with perforated pages striped in glorious green and white may be long gone, but the batch job - paper report - human decision pattern remains engrained on our managerial consciousness, for better or worse.Cut to half a century later. We now have big data. Cloud computing. A wholly revamped notion of digital that is mobile-centric, omnichannel, and customer-focused. And yet, old habits are slow to die.Take, for example, the first version of Hadoop. It was a batch job processing platform that would generate reports (paper optional, thankfully) that managers might attempt to interpret in order to make better decisions.Yes, today the hardware is faster, the software is better, the data sets bigger - but the human context for data analytics in many ways remains ensconced in the Mad Men days.Fortunately, this perception is changing. Real-time analytics technology is now a reality. Analysis of data about the past is still important, but insight about what’s happening right now is increasingly available to the decision maker, and it is thus up to that decision maker to understand how to leverage such insight to make good decisions - right now.The True Value of Real-Time AnalyticsThe reason that it has taken so long for real-time analytics to become a useful tool is because of the bottleneck problem: every step in the data lifecycle must perform in real-time or the end result falls short.Today all the pieces are finally falling into place. From data collection to movement to aggregation to processing to analysis to visualization, vendors and open source communities are stepping up to the plate and solving each bottleneck on this path to insight.The end result - when everything works properly - can be astounding. A simple example: imagine moving the "buy" button to different positions on a live ecommerce web page while watching real-time purchasing data go up and down until you find the optimal location.Now do the same thing for every other aspect of your business. That’s the power of real-time analytics.Sounds good, right? But if that example leaves you scratching your head, you’re not alone. Only in certain still-rare circumstances are the benefits of real-time analytics so cut-and-dried. It’s one thing to shift a button around, but quite another to deal with the broad complexities of an enterprise business environment.Perhaps the greatest challenge in the simplistic ecommerce example above is establishing the feedback loop. The traditional batch job/report/decision pattern ends with a human decision, not with an automated decision leading to an action that changes the data in real-time. That part of the real-time analytics pattern is still uncomfortably unfamiliar.From Real-Time Analytics to Streaming AnalyticsOn the one hand, the importance of a feedback loop indicates how we must shift our thinking away from the traditional batch job/report/decision pattern to the real-time pattern in order to maximize the value we can squeeze from our analytics.On the other hand, the feedback examples above reveal one remaining bottleneck: the human itself. As long as the goal of big data analytics insight is to fuel human decision making, then all-too-human limitations will continue to be our limiting factor.Once we establish a fully automated feedback loop, however, then we take this final remaining bottleneck out of the equation, unleashing a new level of speed and performance.We’re not just talking real-time analytics at that point. We’ve moved to streaming analytics.The field of streaming analytics takes as its starting point not simply large data sets, but a never-ending, 24 x 7 fire hose of data. All of a sudden, making sure we have no bottlenecks simply becomes the price of admission.We can’t even begin to deal with streaming data if we have to pause even for a moment to move it, store it, process it, or analyze it. The fire hose just keeps on streaming.Today’s technology is finally piecing together the end-to-end components that make streaming analytics a reality. And yet, making sense out of the results of our streaming analytics - in real-time, without introducing a bottleneck - presents perhaps the greatest challenge of this approach.Rising to this challenge is the field of cognitive computing - a way of analyzing streaming data that are multistructured, ambiguous, and in a constant state of flux.The advantages are profound. Fraud detection and prevention, dynamic product pricing, Internet-of-Things (IoT) data analysis, electronic trading, customer promotion triggering, and compliance monitoring are some of the early examples of the power of streaming analytics - bolstered by cognitive computing to establish real-time, machine learning-based feedback loops that drive business value with no bottlenecks.And you ain’t seen nothin’ yet.Putting the Human Back into the Streaming Analytics PictureMost people’s exposure to cognitive computing consists of watching IBM Watson trounce the world’s best players at Jeopardy! The same kind of technology is the key to fully automated streaming analytics - technology that gets smarter and smarter by itself.If the notion of an intelligent, constantly learning, Jeopardy!-playing computer running the largest companies and governments in the world doesn’t frighten you just a bit, then you probably never watched the Terminator movies, or any number of other dystopian AI-run-wild flicks.Well, you can relax - at least for now. Establishing fully automated streaming analytics feedback loops won’t take humans out of the picture. Rather, it raises the role humans play to a new level. Instead of Terminator, think Star Trek.People, after all, must still build and manage the entire kit and caboodle. And for all its power and velocity, streaming analytics is still just a tool - a tool in human hands.In order to play at this new level, however, we must learn new skills. Just as we’re struggling to move from batch job/report/decision thinking to real-time thinking, we must now take the next step: working with never-ending torrents of multistructured, dynamic data.Thinking at the Meta-Insights LevelIn other words, we must raise the insights we obtain from streaming analytics to the meta level. The insights we gain aren’t simply about how best to run our business, as we’re automating how we use those insights. Instead, the insights we humans must gather are meta-insights: insights into how to leverage the ongoing insights the technology provides us.Most people aren’t working at this meta-insight level. Our technology is advancing so quickly that we’re still struggling to move from batch thinking to real-time thinking. The result is increased turbulence, both in the business and technology domains. After all, change is ubiquitous and accelerating across the digital spectrum. It’s virtually impossible to keep up.Dealing with change as the fundamental business constant, after all, is what the Agile Architecture Revolution is all about. As we remove the bottlenecks from our data processing and leverage the fire hose of real-time, streaming analytics, this revolution becomes an unavoidable business reality. Get ready for warp speed!Jason Bloomberg is President of Intellyx.See More

Like many of us, Maureen Winningham didn’t grow up in a home where family members practiced crucial conversations regularly and well. Rather, she grew up in one of those households where he who yells the loudest gets his point across. The worst culprit of all was her father whom she labeled "Mr. Blow-and-Go" for his explosive temper and anger-filled communication style. Many years later, after one particularly dreadful Christmas dinner, Maureen used her skills to hold a long overdue crucial conversation with her father in which she recognized her role in the problem, explained the damage her father’s communication style had caused in her life, and asked him for a way to repair their relationship to a healthy level of love and respect. Watch as Maureen describes how that one conversation literally changed her life and helped her build a special relationship with her father before it was too late. Related Material:How do you hold a crucial conversation via e-mail? Facing a Crucial Conversation? How do you handle a crucial conversation with a really difficult person?

Harry Kraemer posted a blog postLaunching a Startup From a Foundation of 'Best Team' ValuesAt the very beginning, a startup company may consist of only an entrepreneur and a partner or two. There is no infrastructure or formalized process; sometimes there isn’t even an office. At some point in a startup’s life cycle that small team—the powerful nucleus of the founder and a couple of other people—has to grow in order to turn an idea into a company.As that startup grows from 2 people to 10 to 50 and so on, the team must have more than passion and skills. A "best team" must be formed, built on a foundation of values.Without alignment around core values that define the company, it will be difficult to bring together and grow a cohesive team. Consider the recent leadership upset at Snapchat when Emily White, the chief operating officer of the messaging app company, left after less than two years. That was reportedly due to rising tensions with CEO Evan Spiegel.At the very beginning of a startup’s life, so much attention is paid to the "idea"—the concept, technology, app, or other marketplace proposition. A startup rises or falls, however, on the strength of its people. If a best team, aligned in their values, is in place, the chances of success increase greatly.Consider the example of Fieldglass, founded by Jai Shekhawat in 1999, which offers a vendor management system for the procurement of contract labor and services. Fieldglass, which was sold to SAP in mid-2014, reportedly for more than $1 billion, started with a small team chosen on the basis of the "whole person"—people who had the right attitude, a passion for the business, and a willingness to do the work that needed to be done.Shekhawat credits a model he described as servant leadership and "subordination of ego." The leader serves the team, and together they devote themselves to service of the customers. These attitudes and behaviors are fundamental to values-based leadership, which can be practiced at any level and in any organization, large or small.I have practiced values-based leadership throughout my career, from my early days in a cubicle through my tenure as CEO of Baxter International, a $12 billion health care company, and now as a professor at Northwestern University’s Kellogg School of Management. As I have seen in large companies and small startups, building a world-class valued-based organization begins with a core team of individuals committed to becoming their "best selves." This group of individuals who think and act as their best selves can then come together as a "best team" aligned with the values and vision of the organization.When the team is small, fit is crucial. If one person is not aligned with the values and the culture, the negative impact is exponential. Values create cohesion as people take on multiple roles that have nothing to do with their training or specific skill set. At the earliest stages of a startup, the finance guy or the head of engineering may end up packing boxes for a customer. This is not just teamwork; it is best-team work.As a startup moves from its initial phase to its first years of growth, there will be changes: some people will move up, some will move on, and others will come onboard. Through all these changes, values alignment remains the No. 1 priority. As Shekhawat told me, "Everyone needs to contribute to the DNA of the firm… A person who is contributing and feels that they’ve helped shape the company will treat it like their child. These are the roots of loyalty."These core values also shape the culture of the enterprise as it grows, such as by determining the values-driven "best partners" with which the company does business, influencing interactions with stakeholders as a "best investment," and finally putting forth a vision of how to make a difference in the world as a "best citizen."There is no limit to the ideas that will emerge in our digital world. Bringing these ideas to life requires a best team of people acting and interacting as their best selves, in service of a bigger purpose and a grander mission and vision.Harry M. Jansen Kraemer Jr. is the author of "Becoming the Best: Build a World-Class Organization through Values-Based Leadership" (Jossey-Bass, 2015), and the best-selling "From Values to Action: The Four Principles of Values-Based Leadership". He is the former chairman and CEO of Baxter International Inc., and is now a professor at Northwestern University’s Kellogg School of Management and an executive partner with Madison Dearborn Partners.See More

A dear friend and long-time mentor, Stephen R. Covey, died this week. In the coming weeks, many will write about his enormous influence in the business world, in families, and on the international political stage. Rather than add to that well-deserved chorus, I’ll express my personal gratitude and remembrance. In 1984, I heard Stephen speak at a business conference. His speech opened up a whole new field to me that redirected my professional plans. Prior to that speech, I had never heard of the Organizational Behavior field. I changed the course of my studies, joined him in his fledgling company, and began a career that has enabled me to be part of work that I find immensely meaningful. In 1990, I left Stephen’s company to begin a new one and to study more carefully how to influence profound and sustainable behavior change in large human systems. While Stephen would have preferred that I stay with his company, he was abundantly generous in wishing me well—and even went out of his way to endorse our work on many occasions. I have no doubt that his foreword to Crucial Conversations was an important part of its success. Stephen R. Covey has had as great an influence on who I am and what I do as anyone else in the world. His consecrated life, his principle-centered approach to our field, and his fundamental faith that true principles will bear up to scientific scrutiny in organizational success have blessed my life and my work. I thank God for bringing this good man into my life. - Joseph Grenny, cofounder of VitalSmarts and coauthor of Crucial Conversations Related Material:Joseph Grenny Introduces Crucial Conversations Second Edition Help! My Friend is Unfit for a Referral Coping with the Loss of a Loved One

Peter Nicolas Zavlaris's blog post was featuredHealth Insurance Firmly in the Cross HairsPremera Blue Cross is the latest victim of what appears to be a long-term APT perpetrated by China. Between CHS, Anthem and now Premera Blue Cross, it’s now safe to say health insurance is firmly in the cross hairs of powerful nation state actors.Brian Krebs from krebsonsecurity.com reports,Premera Blue Cross, a major provider of healthcare services, disclosed today that an intrusion into its network may have resulted in the breach of financial and medical records of 11 million customers. Although Premera isn’t saying so just yet, there are indicators that this intrusion is once again the work of state-sponsored espionage groups based in China.The indicators are the similarities between methods used, according threat intelligence gathered by ThreatConnect. Jeremy Kirk from cio.com explains that ThreatConnect discovered a similarly "mis-typed" domain called "prennera.com" tied to malicious infrastructure connected to Deep Panda, the group that breached Anthem.In Anthem’s case, the URL was ‘"we11point.com", a spoofed version of "wellpoint.com" (Wellpoint eventually became Anthem). The URLs are embedded in emails and sent to employees. Behind the URLs is malicious infrastructure that phishes for information like login credentials or spreads data-stealing malware.In the Anthem attack, subdomains referencing internal services used by employees were discovered. The purpose was clearly to spoof services into visiting the malicious domains. By "typosquatting" URLs that closely resembled official domains, the malicious emails could bypass email filters.Further obfuscating the malware was the use of digitally signed software certificates from a Korean based company called DTOPTOOLZ Co. This ties back to a RAT (remote access tool) called Derusbi, which is a known Deep Panda tool.If it is indeed a Chinese APT group, the scary question remains: Why is China so interested in our personal records? Selling the data for profit is an unlikely motive. Plus, to date no one has seen any evidence that the data stolen from CHS, Anthem and now Premera Blue Cross has appeared on the black market.However, having someone’s PII in combination with his or her login credentials grants an attacker access to pretty much everything. PHI (personal health information) can tell you if someone suffers from an embarrassing ailment or has physical vulnerabilities you can exploit. While cyber thieves are after money, nation states are after bigger game.Thus far, Deep Panda’s methods have been relatively low-tech. They use easy-to-access commercial malware and SPAM. The key to their success appears to be their ability to bypass email filters using well-crafted fake emails and recognizable domains.This is a serious threat. Large organizations receive millions of emails per day, and only a tiny percentage of them may be malicious. No matter how effective email filters become, malware is still getting through.CISOs responsible for protecting PII and PHI and looking to stay one step ahead of their adversary need greater visibility. When domains are registered that spoof those belonging to their organization, CISOs and their teams need an automated way to detect and test them to determine if they’re malicious. Just as attackers' tactics evolve, so must enterprise security intelligence.Peter Nicolas Zavlaris is the resident blogger for RiskIQ.See More

To help more of our readers with their crucial conversations, confrontations, and behavior change challenges, we recently introduced our new Community Q&A column! Please share your answers to this reader’s question in the comments below. Dear Crucial Skills, When I began dating my husband five years ago, his kids and I hit it off right away and I even had a friendly relationship with his ex-wife . . . at first. After we got engaged things changed. The stronger my relationship became with the kids, the more she seemed to look for reasons to attack me. I have attempted to explain that I am not trying to replace her, but that I truly love her kids and want them to feel at home when they are at our house (we have 50/50 custody). She seems fine after we talk, but then she either ignores me or has a big, dramatic outburst and accuses me of trying to be their mom. I reached my breaking point when she chewed me out in front of the kids at a Little League game last week. How do I help her see that I only want what is best for the kids? Keeping the Peace Related Material:Making a Safe Switch to Crucial Skills Before & After: Making BIG Changes Kerrying On: A Disaster in the Making

Babak Hodjat's blog post was featuredThe AI Resurgence: Why Now?Artificial Intelligence (AI) has been enjoying a major resurgence in recent months and for some seasoned professionals, who have been in the AI industry since the 1980s, it feels like déjà vu all over again.AI, being a loosely defined collection of techniques inspired by natural intelligence, does have a mystic aspect to it. After all, we do culturally assign positive value to all things smart, and so we naturally expect any system imbued with AI to be good, or it is not AI. When AI works, it is only doing what it is supposed to do, no matter how complex an algorithm being used to enable it, but when it fails to work--even if what was asked of it is impractical or out of scope—it is often not considered intelligent anymore. Just think of your personal assistant.For these reasons, AI has typically gone through cycles of promise, leading to investment, and then under-delivery, due to the expectation problem noted above, which has inevitably led to a tapering off of the funding.This time, however, the scale and scope of this surge in attention to AI is much larger than before. During the latter half of 2014, there was an injection of nearly half a billion dollars into the AI industry.What are the drivers behind this?For starters, the infrastructure speed, availability, and sheer scale has enabled bolder algorithms to tackle more ambitious problems. Not only is the hardware faster, sometimes augmented by specialized arrays of processors (e.g., GPUs), it is also available in the shape of cloud services. What used to be run in specialized labs with access to super computers can now be deployed to the cloud at a fraction of the cost and much more easily. This has democratized access to the necessary hardware platforms to run AI, enabling a proliferation of start-ups.Furthermore, new emerging open source technologies, such as Hadoop, allow speedier development of scaled AI technologies applied to large and distributed data sets.A combination of other events has helped AI gain the critical-mass necessary for it to become the center of attention for technology investment. Larger players are investing heavily in various AI technologies. These investments go beyond simple R&D extensions of existing products, and are often quite strategic in nature. Take for example, IBM’s scale of investment in Watson, or Google’s investment in driverless cars, Deep Learning (i.e., DeepMind), and even Quantum Computing, which promises to significantly improve on efficiency of machine learning algorithms.On top of this, there’s a more wide scale awareness of AI in the general population, thanks in no small part to the advent and relative success of natural language mobile personal assistants. Incidentally, the fact that Siri can be funny sometimes, which ironically is technically relatively simple to implement, does add to the impression that it is truly intelligent.But there’s more substance to this resurgence than the impression of intelligence that Siri’s jocularity gives its users. The recent advances in Machine Learning are truly groundbreaking. Artificial Neural Networks (deep learning computer systems that mimic the human brain) are now scaled to several tens of hidden layer nodes, increasing their abstraction power. They can be trained on tens of thousands of cores, speeding up the process of developing generalizing learning models. Other mainstream classification approaches, such as Random Forest classification, have been scaled to run on very large numbers of compute nodes, enabling the tackling of ever more ambitious problems on larger and larger data-sets (e.g., Wise.io).Big Data is, of course, another driver of the recent investment interest in AI companies. Cheap storage, sometimes in the cloud, paired with the intuition by all manners of industry that collecting every piece of data possible will someday come in handy, has brought about a high demand for solutions that go beyond simple statistical analysis of data, and promise new insights and intelligence. The AI industry to Big Data is as petrochemical industry was to crude oil. We have the promise of doing more with the Big-Data crude than to simply burn it.Most recently, confidence in AI has risen to the point where hedge funds, traditionally weary of black-box approaches to trading, are also starting to explore the use of machine learning (e.g., Bridgewater).The financial boost from the recent investment in AI has led to a rapid expansion of the AI industry. More companies are looking to provide smarter solutions for their customers, and an explosion of new AI related companies that are looking to provide these solutions are emerging. Most industries that don’t want to be left behind are looking to employ AI in some form or other. The impact on industry has been broken down many different ways, but perhaps one of the best AI market landscapes I’ve seen is from Shivon Zilis, an investor at Bloomberg Beta. This is yet more evidence supporting the fact that AI is being applied in practically every industry possible, from Finance to Medicine, from Automotive to Oil and Gas.Broadly speaking, AI companies fall into the following categories:Platform companies, providing general-purpose AI APIs to practitioners (e.g., Nuance, PredictionIO, Wise.io)Enterprise start-ups, bringing a combination of their core technologies and professional services customization to the wider enterprise, following a model not dissimilar to SAP’s (e.g., Skymind, Predii).Product companies focused on specific vertical applications of AI (e.g., Euclid Analytics, HoneyComb, Judicata)It is still early days for assessing the impact these players are having on their respective industries and hard to measure their success in the various application areas they have focused upon. In some cases, the investments have been more on the promise with little actual proof.Are we in another AI hype-cycle? Perhaps. In many cases, the term AI is certainly being conflated and sometimes confused with techniques that have never been thought of as AI being recast to be able to ride-out the buzz-wave. But the breakthroughs have also been coming at a fast and furious pace, pointing to the fact that there is ample room for innovation yet to be explored.What can we realistically expect from AI in the next two to three years? Some of the more promising areas in my mind are: better fraud detection, breakthroughs in medical diagnostics, more intelligent personal assistants, and superior browsing and discovery of products in online retail and commerce. Hype or not, AI is once again promising to be the next frontier for software innovation and application.Babak Hodjat is the founder and chief scientist at Sentient Technologies.See More

Leyla Seka commented on Leyla Seka's blog post Do You Have What It Takes to Be a Kick Ass Small Business CEO?

ABOUT THE AUTHOR David Maxfield is coauthor of three New York Times bestsellers, Crucial Accountability, Influencer, and Change Anything. READ MORE During the month of July, we publish "best of" content. The following article was first published on August 1, 2012.   Dear Crucial Skills, One of my main concerns at work is how we talk about each other—the staff lunchroom can be especially toxic. What feels most shocking to me is how our boss is often thrown under the bus. I am having a hard time thinking of an appropriate comment to make as I feel that listening to these conversations implies my agreement. And I have to admit there have been times when I’ve piped up with a rude wise-crack or two, so I don’t want to seem like I’m above it all. There are times I just avoid the lunchroom and I know others do, too. What suggestions do you have for responding to wisecracks made behind coworkers’ backs? Staying In From the Lunch Room  Dear Staying In, You’ve done a great job of describing a familiar problem. I bet many of us have been in the same situation. We’re joking around in the lunchroom, one-upping each other’s wisecracks, when somehow the topic turns to our boss or maybe to a colleague. We keep on with the jokes and banter, but at some point, it crosses the line from play to poison. As you said, we’re throwing someone under the bus—all in the name of fun. In these situations, silence isn’t golden. It’s agreement. When we don’t speak up, we show our support for the people doing the badmouthing. We’re helping to throw the person under the bus. It’s this kind of poisonous conversation that causes bad morale to spread across a team or organization. It begins with a seemingly innocuous joke, which is really the leading edge of an attack. Instead of saying something like, "I see it differently," others in the conversation remain silent or add to the wisecrack, amplifying the attack. The group is creating a villain story at someone’s expense, without stopping to question the story’s truth or giving the person a chance to respond. As the story is repeated and grows unchallenged, it becomes full of what the comedian Stephen Colbert calls "truthiness." It may be several steps away from the facts, but it feels true. And it poisons the workplace. Why do we do this? Sometimes it’s because we don’t know the person’s true motives and we assume the worst. Jamaicans have a saying, "If you don’t know a man, you’ll invent him." The implication is that we’ll invent him as an ogre. Few of us know our managers—especially senior leaders—really well. We aren’t privy to their information or motives. And as the saying suggests, we judge them harshly. We don’t give them the benefit of the doubt. Sometimes these conversations are as simple as failing to give the benefit of the doubt, but there is often more going on. Sometimes your colleague is motivated by jealousy, revenge, fear, or dislike. Regardless of the cause, you need to speak up when you see this inappropriate behavior. Use CPR to decide what to say. CPR stands for Content, Pattern, and Relationship. CPR can help you think about a problem and decide how to focus your conversation. Suppose a person at your table says, "Sure, the boss says she’s trying to improve staffing levels, but that’s just to shut us up. What she really means is ‘staphing‘ levels—you know like a staph infection!" A statement like this may contain issues related to Content, Pattern, and Relationship. As a problem-solver, you can decide which issues are most central to you. You can use CPR to focus on the issues that are closest to the heart of your concerns. Content: Addressing the content means you focus on the facts in the person’s statement. Focusing on content is usually the simplest and safest way to respond because you aren’t drawing any conclusions beyond what the person has just said. An example of addressing the content would be, "I don’t think she’s trying to shut us up. Why do you think that?" Addressing the content frames the problem as a question of facts. It focuses the discussion toward what your manager said and why your colleague doesn’t believe it. Pattern: Suppose this comment is just one in a pattern of passive-aggressive comments this group uses to badmouth the boss. You might address this pattern by saying, "I like the way we kid around with each other, but not when we start to throw people under the bus—people who aren’t here to defend themselves." Addressing the pattern focuses on your colleagues’ inappropriate behavior. It’s a tougher discussion, but it may be closer to the heart of your concern. Relationship: The long-term impact of these corrosive conversations is the undermining of trust and respect. The relationship with the boss is put at risk. If you feel that people’s comments reveal a rupture in basic trust and respect for your boss, then you might address the relationship itself: "It sounds as if you’re questioning whether you can trust and respect her. Is that right? If that’s your concern, then I think you need to find a way to talk with her and hash it out." Note that you may decide to have this conversation in private, instead of putting the person on the spot in front of everyone. Again, it’s a tough discussion, but it may be closer to the heart of your concern. The mistake many problem-solvers make is to focus on content, the simple and safe route, when their true concern involves the pattern or relationship. They address a problem, but it’s not the problem they really care about. This CPR skill can be used in a wide variety of situations, not just in confronting gossip about your boss. The next time you have a concern, use CPR to decide which part of the concern to address. CPR can help you focus on the heart of your gossip problem. David Related posts: Dealing with Personal Issues at Work Dealing with Resentment at Work Dealing with a Know-It-All

Michael Daly's blog post was featuredThe Seven Megatrends in CybersecurityIn today’s information economy where everything is connected, the health and viability of a company’s computer systems directly impacts its ability to thrive and survive. Major cybersecurity breaches in retail, healthcare and the financial sector have proven even large organizations are not appropriately prepared to deal with current cyber threats. A new survey commissioned by Raytheon in partnership with the Ponemon Institute of 1,006 cybersecurity CIOs, CISOs and senior IT leaders in the U.S., Europe, Middle East and North Africa, identified what respondents consider to be the top factors affecting the success of their cybersecurity operations today and in the future. From these responses, seven major trends emerged that predict how organizations manage cybersecurity over the next three years.Board of Directors and CEOs are not involved... Only 34 percent of senior leaders across global organizations view cybersecurity as a strategic priority. Moreover, nearly 80 percent of Boards of Directors have not been briefed on cybersecurity strategy in the last 12 months. Only 14 percent of respondents said the CISO or head of cybersecurity reports directly to the CEO. To be heard, CISOs must focus on the key metrics that get to the heart of how cybersecurity impacts the business. For example, "dwell time" measures the duration an intruder has access to the network. By focusing on this metric, CISOs can benchmark the effectiveness of internal policies, technology and campaigns.Cyber Crime will keep information security leaders up at night. Cyber crime and enabling technologies are keeping information security leaders from a good night’s sleep these days. In the wake of the Sony breach, senior leaders also fear risks from nation state attackers and risks associated with cyber warfare or cyber terrorism. These threats, while less probable than others when it comes to inflicting network damage, will continue to make news headlines and remain a source of stress for security leaders worldwide.Insider threat risks from employee negligence will decline. CISOs and IT leaders should anticipate risks associated with employee behavior, whether malicious or unintentional, will decline. The most dramatic change will be a reduction in simple negligence, where a lack of awareness of cybersecurity practices will decrease by 26 percent and employee complacency toward cybersecurity will decrease by 33 percent. Better and more frequent training around cybersecurity practices will help mitigate the number of accidental vulnerabilities and risks on the network and will also help employees identify any suspicious behavior or online activity.Organizations are not ready for an inevitable "Internet of Things" world. Currently, only about one-third of organizations are prepared to handle risks associated with the Internet of Things (IoT). As we add more personal and business-driven devices such as building automation and smart medicine to the chain of interconnectedness, vulnerabilities will be compounded and create weaknesses throughout the organization. We won't be able to manage the risks if we don't recognize the risks.Cyber talent is in short supply. Across industries, cyber talent is in short supply and high demand. Organizations need more knowledgeable and experienced information security employees to secure their business and their customers. Educators and the private sector must work together to integrate cybersecurity into educational programs at an early age and encourage students to pursue this career field in order to grow the talent pipeline.Big shift in technology toward big data analytics and forensics. According to survey respondents, there will be a shift toward big data analytics and behavioral profiling, with a 38 percent increase in use by 2018. There will also be a 21 percent increase in the use of automated forensics tools. Meanwhile, the use of anti-virus and anti-malware software will decline by 15 percent in the next three years.The good news. Despite all the dramatic cyber-related news in the media today, information security leaders remain optimistic about their organizations’ future in regard to cybersecurity strategy and posture. Fifty-nine percent of respondents believe the state of their organization’s security posture will improve in three years.As basic human nature, we tend to fear the extreme or the attack that has no remedy. We fear the Ebola virus more than the cigarette we may smoke. While cyber terrorism is a real threat, and zero-day attacks will continue, organizations should also focus on the devices lingering on their networks that have not been patched and expose their enterprise to vulnerabilities. And, with an increasing number of devices and types of devices on our networks (internal and external; company and employee), we need to spend more effort thinking about how to compartmentalize the risks through segregation and monitoring. We may not be able to patch many of these new devices.Michael K. Daly is the Chief Technology Officer of Cybersecurity and Special Missions (CSM), a business of Raytheon Company’s Intelligence, Information and Services (IIS).See More

ABOUT THE AUTHOR Dave Angel is a Master Trainer. READ MORE My participants often ask how they can be certain if they are really addressing the right crucial conversation. I’d appreciate any insights on how to effectively answer this question. Great question! If our ultimate goal in dialogue is to produce results and strengthen relationships, we need to ensure we are holding the right conversation. But just because we are talking, doesn’t mean we are holding the right conversation. Think about the last time you were frustrated with a conversation that didn’t go well. Did you end up feeling like Bill Murray in "Groundhog Day"; holding the same conversation over and over but expecting different results? If you did, you were probably holding the wrong conversation. Another way you know you are holding the wrong conversation is when the other person continues to go to silence or violence. You need to be able to recognize that the conditions of dialogue are failing and work to restore safety. We also go astray when we focus on the wrong issue. One of my favorite methods for focusing on the right conversation is to utilize the skill-set of CPR. As you prepare to dialogue, think about what is most important to you and what you really want the outcome to be. Sometimes we need to talk about a specific, one-time occurrence and so we focus on the Content; what was said and done. If we find there is a recurrent problem we can then take it to a deeper level and address the Pattern of behavior. If you’ve addressed the Content and the Pattern of behavior and you still aren’t getting results you can take it to the deepest level and focus on how it is impacting the Relationship. When you are trying to determine at what level to enter the conversation, ask yourself: "What’s most important to me?" Is it a one-time occurrence, a pattern of behavior, or something that is really impacting the relationship? If you are unsure, I always encourage people to start with Content. If you find you’re not getting results, look for a Pattern of behavior. If you still find yourself stuck, focus on how the Relationship is suffering. The next time you find you’re not getting the desired results or wonder if you are holding the right conversation, consider using CPR. I find this important skill-set helpful in getting back to dialogue, producing results, and strengthening relationships Related Material:Before & After: My BIG Crucial Conversation by Maureen Winningham How do you handle a crucial conversation with a really difficult person? How do you hold a crucial conversation via e-mail?

Daniel Green's blog post was featuredWill Apple Watch Make Us More Productive?Since the announcement of Apple Watch back in October 2014, a range of productivity focused apps have popped up, designed specifically to be compatible with the new wrist-bound interface. Popular apps such as OfficeTime, Todoist, and Mailbox will be among the first to be available on the new wearable interface.However, a variation of these apps already exists on the iPhone, and noted over at Fast Company,"What we’re getting is not so much a new set of capabilities, but a new interface. And crucially, it’s an interface that we wear on our bodies, rather than tuck away in our pockets."The debate over whether Apple Watch will make us more productive appears to center around the distractibility of the device- indeed, will Apple Watch add more distraction to our 24/7 technology-enabled switched on lives?The Institute of Advanced Motorists is concerned this will be the case, and noted by Neil Greig, IAM director of Policy and Research- "An iWatch has the potential to be just as distracting as any other smartphone device. Indeed more so if you have to take your hand off the wheel and your eyes off the road to interact with it."VentureBeat’s Mark Sullivan, also pointed out that the Apple Watch is entirely dependent on the battery life of the linked iPhone- if your iPhone is dead, so will any functionality on your Watch that requires a network connection (Apple Watch does not have its own cellular or Wi Fi connection). And in short, killing any hopes of having your workday planned out via the wearable interface.While a lack of network connection will not affect Apple Pay, music, or exercise related apps on your Watch, it will certainly impact your organisational plans for the day. Indeed major criticism of the Watch tends to be centered on its necessary link to a recent model of the iPhone, and while this may be excellent for Apple’s bottom line, it will likely end up being an efficiency drawback for users.Daniel Green is the founder of GetSerio.See More

Ryan Wilk's blog post was featuredWhere Should Fraud Detection Start? Shifting the Focus From Check-Out to Account CreationOnline fraud, from the merchant’s standpoint, is defined as someone other than you spending your money online. As the purchaser, you have a credit card with a secret code on the back that you only know if you possess the card. You type in your card information and your secret code, and then the retailer runs the numbers to see if your credit card checks out. Retailers left that task to the banks and credit card companies, and that became the standard strategy as online shopping started to ramp up in the ’90s.As time went on, sales and marketing teams realized that asking the user for any additional information, like that security code, resulted in lost sales. Marketers within retail shopping portals constantly pushed for new ways to safely and securely store customer data in order to reduce customer friction and make the order confirmation path as smooth and speedy as possible.But for each additional marketing-driven change, fraud teams felt the knock-on effects in the form of new challenges. The architecture of online shopping changed fundamentally. Instead of checking the card at transaction, the fraud test shifted to the user account, which holds all your sensitive information secured by a password.This created a gap between the login screen and the "confirm purchase" button because the events were not connected. So fraudsters tried to steal accounts by guessing passwords - a strategy that often worked!The Rule of Unintended ConsequencesIn response, rules were used to tie login and purchase together. With the advent of the virtual shopping cart, merchant marketers needed a way to not just track sales but verify that the person making the transaction had the right to do so. Historically, retailers focused on the transaction itself because that was the pain point and because back then, fraud happened individually, one transaction at a time.The rules engine seemed like the answer, but retailers founds themselves building ever more complicated rules to assess whether or not a particular purchase was legitimate or fraudulent, and finding that this method still didn’t work. More restrictive rules also had the unexpected side effect of increasing false positives, turning legitimate users away and souring potential and long-term customers alike. In the end, fraudsters kept getting better at exploiting a system that created as many holes as it patched.Passwords Are Not EnoughNo number of complex rules will save you, though, when all of a customer’s relevant information is stolen and made public. Wide-scale data breaches make it easy for savvy criminals to bypass primitive rules because usernames, passwords, credit cards numbers and personally identifying information are freely available. Now, fraudsters can either pilfer legitimate accounts or make up new ones with the stolen data.Whereas fraud used to entail one person making a series of bad transactions on a single stolen credit card, fraudsters now think bigger — much bigger. These days, the favorite tactic is seeding a site with hundreds or thousands of fake accounts well before any attempt is made to steal a dime.Passwords are only one part of a modern, effect fraud prevention strategy. We must look beyond whether a password is correct when entered before approving a purchase, which means we need to take a closer look at account creation. We need to shift our focus to when the account is created in the first place. And it all comes down to intelligence gathering.Consumers and Hackers Do Their HomeworkTypically, before a user makes a purchase, they conduct research until they feel the product is right for them. This could include researching the product and the seller, looking at user reviews and ratings, seeing what configuration options the item offers, and so on. If it’s the type of item that’s purchased often, eventually that purchase becomes automatic, trusted.Intelligence gathering is step one in any hack as well. Gone are the days when fraudsters could brute-force their way in through weak rule-sets. They’ve had to become more clever and, to do that, they’ve had to slow down and do their homework. Before they plan a fraud, they plot out their steps, what they want to steal and where the likely security holes are. Only when they are sure will they launch the fraud attempt. And once they have one working strategy, they’ll use it again and again until it stops working.So if customers and hackers alike understand the value of research, what about retailers?Applying Marketing Tactics to Fraud DetectionMarketers long ago learned that studying their prospective customers resulted in increased sales. Retailers initially sought out the most basic demographics—gender, age, income—but quickly diversified, and they used that information to divide their customers into smaller groups more descriptive of their needs and then tailored their marketing approach to each subset. Retailers could better predict what products would appeal to each group and, in some cases, lead to entirely new product lines being developed.No retailer would dream of opening up a storefront without having categorized and investigated their intended market and having plans in place to respond to feedback so they can continually adjust both the message and their product. Why? Because it works.Given how sold retailers already are on gathering intelligence to entice customers to their storefronts, it’s surprising that more retailers don’t scope out their prospective customers once they arrive at their website but before they try to make a purchase.Gathering Intelligence on Account CreationSo if intelligence-gathering helps retailers draw in the right customers, what would happen if they spent some time looking at the account before the first purchase is made?Successful fraudsters have taken intelligence gathering on prospective targets to new heights because they have no choice. As rule-based fraud detection became more and more complicated, fraudsters had to continually change tactics. Before, they could take a single account and test a thousand stolen credit cards, one after the other, until one worked; when that behavior got flagged, fraudsters started making thousands of accounts, each with a single credit card. You can put new rules in place to flag them, but then fraudsters let the accounts sit fallow until that rule has expired. These accounts then appear indistinguishable from legitimate accounts. Yet the creation of these accounts does leave telltale hints about their purpose, distinct from that of a legitimate user, if you’re looking for them.Marketing intelligence can often predict the upcoming needs and desires of a customer before the customer is even aware of them. So accurate that in some cases, they can predict customer pregnancies. That same level of precision can be applied to deciding ahead of time whether a newly minted account is for a real person or for a foot soldier waiting for orders in a future fraud assault. Evaluating account creation helps determine good users from bad and predict fraud before it happens.Ryan Wilk is the director of customer success for NuData Security.See More

ABOUT THE EXPERT Steve Willis is a Master Trainer and Vice President of Professional Services at VitalSmarts. READ MORE Recently, I was in the back of the room (no, I was not asked to sit there—at least not this time) of a training session. I was watching Angela as she worked her way through the material. She was working well with the group and doing a nice job of engaging them with the material. After lunch on the first day, her class found themselves wrapped up in a fascinating discussion. They were engaged. They were applying the material to themselves and pulling poor Angela off her schedule. Time began to fly. The first ten minutes of discussion quickly doubled. Twenty minutes behind and they were still interested in continuing on. Angela paused to ask, "Wow, this seems valuable. Should we spend more time on this, or should we move on to the next concept?" While this is a great question, she addressed it to the wrong audience. She should have directed it to herself. She was asking the group to make a decision without all the information to do so. They don’t know what they’re giving up in order to spend more time where they are. Yes, there are ways to make up time, and yet so many times what happens is the sections toward the end of the training are shortened—sometimes to the point of being non-recognizable. You condense the heck out of the materials, and in the end, the participants suffer. Participants need you, the facilitator, to make these types of decisions. Instead of asking the group and allowing them to make the decision, solicit input and make the decision yourself. At times, you’ll decide to spend the extra time, and other times you’ll decide to move forward in the material. But you, the facilitator, need to decide to decide. Related Material:From the Road: Wrong is Wrong Your First Ten Minutes Could Be Your Last From the Road: What Happens in Training, Stays in Training

Gary Newe's blog post was featured10 Steps to Mitigate a DDoS Attack in Real TimeCybercrime has become a prominent national issue, elevated further thanks to several recent high-profile hacks and DDoS attacks. The fight-back has also intensified as shown by the recent arrest of dozens of suspected hackers by the NCA last week. This nationwide "strike week" shows that the cyber threat is being taken seriously by government bodies, however, businesses remain vulnerable to virtual attacks.The frequency and size of DDoS attacks is ever-growing and continues to be a priority issue for many businesses. With the ongoing work to shut-down or neutralise botnets, a cyber-arms race has started with hactivists and other cyber criminals constantly searching for new ways in which to amplify attacks. As a result, DDoS attacks are increasingly common.As the lines between the professional and social use of technology continue to blur, it is vital that we start to really recognise the significance of these attacks, how likely they are and how damaging they can be.For the first-time DDoS victim, these attacks can be scary and stressful ordeals. That’s not surprising; poor network performance and website downtime can be massively costly for businesses, both in lost sales and consumer trust. It’s not all bad news though, as there are some steps that can be taken to mitigate the impact. Here are some recommendations, should you experience an attack:1. Verify that there is an attack - Rule out common causes of an outage, such as DNS misconfiguration, upstream routing issues and human error.2. Contact your team leads - Gather the operations and applications team leads need to verify which areas are being attacked and to officially confirm the attack. Make sure everyone agrees on which areas are affected.3. Triage your applications - Make triage decisions to keep your high-value apps alive. When you’re under an intense DDoS attack and you have limited resources, focus on protecting revenue generators.4. Protect remote users - Keep your business running: Whitelist the IP addresses of trusted remote users that require access and mainlist this list. Populate the list throughout the network and with service providers as needed.5. Classify the attack - What type of attach is it: Volumetric? Slow and low? Your service provider will tell you if the attack is solely volumetric and may already have taken remediation steps.6. Evaluate source address mitigation options - For advanced attack vectors your service provider can’t mitigate/ determine the number of sources. Block small lists of attacking IP addresses at your firewall. Block larger attacks with geolocation.7. Mitigate application layer attacks - Identify the malicious traffic and whether it’s generated by a known attack tool. Specific application-layer attacks can be mitigated on a case-by-case basis with distinct countermeasures, which may be provided by your existing solutions.8. Leverage your security perimeter - Still experiencing issues? You could be confronting an asymmetric layer 7 DDoS flood. Focus on your application-level defences: login walls, human detection, or Real Browser Enforcement.9. Constrain Resources - If previous steps fail, simply constraining resources, like rate and connection limit is a last resort - it can turn away both good and bad traffic. Instead, you may want to disable or blackhole an application.10. Manage public relations - If the attack becomes public, prepare a statement and notify internal staff. If industry policies allow it, be forthright and admit you’re being attacked. If not, cite technical challenges and advise staff to direct all inquiries to the PR manager.It’s an unfortunate fact that the DDoS threat has never been greater and is likely to continue to grow. As ever, the best protection is to be prepared for whatever will get thrown at you and DDoS mitigation should be part of your preparation. It’s important to consider if your network is up to scratch to cope with unexpected loads and if it has the intelligence to identify legitimate traffic during peaks, before an attack hits.Gary Newe is technical director of F5.See More

ABOUT THE AUTHOR Ron McMillan is coauthor of four New York Times bestsellers, Change Anything, Crucial Conversations, Crucial Confrontations, and Influencer. READ MORE Dear Crucial Skills, In my day job, I am a consultant. However, in the evenings I train with a very knowledgeable and inspiring martial arts instructor. I have never learned as much or been as happy working with someone. However, his business management habits do not set him up for success. He doesn’t maintain his website; his school has several names and logos that change from reference to reference; and he doesn’t record when or if people pay him. There is evidence he and his family sometimes run out of money before the end of the month. While he is friendly and open, I feel like our life experiences and difference in age (he’s my senior by twenty years) mean that he would take my attempt to help as butting in. I am also certain his way of doing things made sense once upon a time. How can I help him while remaining respectful of his experience? Worried Student  Dear Student, Many crucial conversations are complicated by differences in age or social status—direct report to boss, child to parent, student to teacher, and junior to senior. These differences are complicated by our expectations as to what is appropriate communication and what is not, and frequently those expectations are not clearly defined. In your situation, it sounds like there is a clear teacher/student relationship, but for you to assume the role of teaching your teacher is awkward. Furthermore, it seems that to you, the twenty-year difference in age creates unclear expectations. The essential condition to create in your crucial conversation is Mutual Respect. From your description of the relationship, I can see that a great deal of respect already exists. Build on that respect and create new expectations by using a few simple skills. Begin by asking for his permission to discuss a personal situation. You might say, "Sensei, may I talk with you about an important issue that doesn’t have anything to do with my training?" Asking for permission alerts your teacher that the topic you wish to discuss is outside your normal interactions. If he agrees to talk or wants to know the subject, introduce the topic of your conversation. "I’ve been blessed by your gifts to me and I want you to continue to give them to others. I have some ideas I’d like to share with you that will help the business side of your enterprise. May I discuss that with you?" If he declines, contrast to share your good intentions. "I don’t want to presume to tell you how to run your business. That isn’t my place. I do want to share some ideas that will reduce your worries and help your business succeed into the future." If he says "no," do not continue, but look for opportunities to talk this over in the future, after he has thought about your words. If he expresses interest in your invitation, begin by using your STATE skills. Share your facts. Factually describe what you have seen. For example, "I’ve noticed you receive payment from your students, but do not record when you receive them or when the payments are due." Tell your story. Tell him what you are assuming as a result. "I’m wondering if the business side of your work gets less attention and that maybe better tracking would give you more income." Ask for his point-of-view. "Am I seeing this correctly? Do you see it differently?" Talk tentatively. Be clear that your purpose is not to challenge your friend. You are not trying to hurt, humiliate, or judge. Your purpose is to create enough Mutual Respect and Mutual Purpose to make it safe for your teacher to consider your ideas. Encourage testing. Your questions, "Am I seeing this correctly?" and "Do you see it differently?" test your stories and your perceptions. Perhaps you are missing something. You want to create mutual understanding, not convince or compel. Be open. Listen well and entertain the possibility that your view is not the whole truth. Using these simple skills with the intent to help, not hurt, increases the likelihood that your teacher will hear you out and won’t be offended. If not during this single conversation, then over time as you respectfully and consistently communicate that you are trying to help him. All the best,Ron Related Material:Offering Advice Without Causing Offense Responding to Unwanted Parenting Advice How many times should I have a conversation before I give up?

Mary Cullinane's blog post was featuredWhy Free Is Not the Future of Digital Content in EducationAs Chief Content Officer of a learning company, people frequently ask me: "Won’t all of your content eventually be free? After all, when technology enters the market, free is right behind it."Then they’ll point to something like the music industry, where annual revenues have declined more than $20 billion from their peak over a decade ago and album sales recently hit their lowest point on record.For $9.99 a month — less than the price of a single CD a decade ago — listeners can stream as much ad-free music as they want on Spotify, the service that made headlines in 2013 when it revealed the average payout to artists each time their songs are streamed is less than a penny. (Sorry Swifties, you now have to go to YouTube to get your "Shake It Off" fix.)The downward price pressure exerted on the music industry (or the news business, or movies) by the digital revolution is unmistakable. But going digital will affect different industries in different ways based on market dynamics and other factors.With music, there are characteristics about the way the user consumes the content - i.e. songs - that help explain why technology has put so much downward pressure on pricing.For starters, the use of technology does not make me like the song itself more. It doesn’t improve songs in a way that would lead me to assign additional value to them. If, like me, you’re not an audiophile with an ear for the nuances of vinyl recordings, the songs are the same songs, however you play them. I appreciate the convenience of not having to cart CDs around, but in reality, the impact of this new digital use pattern on my lifestyle is minimal.Contrast that with gaming: The video game industry has thrived in recent years. That’s partly because video games provide a social experience - a service - that cannot be pirated. And technology has catalyzed this shift.Primary and secondary education presents another case where technology fundamentally changes the way content is experienced. Just imagine: I am a teacher. I am responsible for ensuring that my students succeed in an educational process that will equip them with the knowledge and skills that are critical for their future success.There are 30 different learning styles in my classroom and I have to reach them all. I have to be certain the resources I put in front of my students are engaging. I need a solution that allows me to understand how well they are doing, and adjust the materials they use based on their individual proficiency levels and learning progressions.Technology helps me do this. As students engage with the content, the content learns more about the students and it also becomes "smarter". A digital engine compares students’ responses to those of all other users. Equipped with that data, this adaptive learning system doesn’t just show that a student answered incorrectly. It knows why she did, and uses those insights to create a customized learning path.In doing so, technology helps solves a big problem that has always confronted teachers: students learn at different paces. Advanced students can get bored and struggling students can give up. Now, as a teacher, I can put content in front of each learner that is personalized to his or her needs. It’s something teachers have been doing through the ages, but technology brings it to the next level of adaptivity.You get the picture. In this case, technology is making educational content better. It is increasing its value. It is now able to solve a long-existing challenge. It is enabling content to do things that it could not do before. And the stakes could not be higher.The quality of educational content has a marked impact on student achievement. If we do not get educational content right, students are less likely to gain the knowledge and skills they need to succeed in college and careers. Teachers, families and schools need to know that the content they are using is effective, aligned to standards, and will drive student achievement.Digital-age technology is showing up in classrooms across the United States. But that doesn’t mean that "free is right behind it." High-quality content, delivered through smart digital platforms, makes it possible for teachers to work with their students in ways they never could have imagined before. And given what’s at stake, that’s something worth investing in.Mary Cullinane is Houghton Mifflin Harcourt’s first Chief Content Officer. See More

According to our new study on communication in relationships, couples who argue effectively are ten times more likely to have a happy relationship than those who sweep difficult issues under the rug. And what are the most difficult topics couples usually avoid or harmfully debate? The study found that the three most difficult topics for couples to discuss are sex, finances, and irritating habits. Other interesting statistics include: Four out of five say poor communication played a role in their last failed relationship and half cite poor communication as a significant cause of the failed relationship. Fewer than one in five believe they are usually to blame when a conversation goes poorly. Those who blame their partner for poor communication are more likely to be dissatisfied with the relationship. Many couples operate under the myth that when they avoid discussing sensitive issues, they avoid an argument. And most couples mistakenly assume that avoiding an argument is ultimately a win for the relationship. However, what we don’t talk out, we eventually act out. In reality, it’s not how much you argue, but the way in which you debate sensitive issues that ultimately determines the success of your relationship. The good news is that with the right set of skills, crucial conversations can strengthen your relationship. Here are five tips for effectively holding crucial conversations with your significant other: Manage your thoughts. Soften your judgments by asking yourself why a reasonable, rational, and decent person would do what your significant other is doing. Affirm before you complain. Don’t start by diving into the issue. Establish emotional safety by letting your significant other know you respect and care about him or her. Start with the facts. When you begin discussing the issue, strip out accusatory, judgmental, and inflammatory language. Be tentative but honest. Having laid out the facts, tell your significant other why you’re concerned—but don’t do it as an accusation, share it as an opinion. Invite dialogue. After sharing your concerns, encourage your significant other to share his or hers—even if he or she disagrees with you. If you are open to hearing your significant other’s point of view, he or she will be more open to yours. Related Material:Crucial Applications: Overcoming the "Nasty versus Nice" Debate Crucial Applications: Talking About Holiday Finances Crucial Applications: Delivering Bad News