Extra Crunch

Auto Added by WPeMatico

Implement DevSecOps to transform your business to IT-as-code

Michael Fraser
Contributor

Michael Fraser is an Air Force Veteran and co-founder of Refactr, a DevSecOps automation platform that helps tech teams modernize towards IT-as-code.

Conduct an online search and you’ll find close to one million websites offering their own definition of DevSecOps.

Why is it that domain experts and practitioners alike continue to iterate on analogous definitions? Likely, it’s because they’re all correct. DevSecOps is a union between culture, practice and tools providing continuous delivery to the end user. It’s an attitude; a commitment to baking security into the engineering process. It’s a practice; one that prioritizes processes that deliver functionality and speed without sacrificing security or test rigor. Finally, it’s a combination of automation tools; correctly pieced together, they increase business agility.

The goal of DevSecOps is to reach a future state where software defines everything. To get to this state, businesses must realize the DevSecOps mindset across every tech team, implement work processes that encourage cross-organizational collaboration, and leverage automation tools, such as for infrastructure, configuration management and security. To make the process repeatable and scalable, businesses must plug their solution into CI/CD pipelines, which remove manual errors, standardize deployments and accelerate product iterations. Completing this process, everything becomes code. I refer to this destination as “IT-as-code.”

Why is DevSecOps important?

Whichever way you cut it, DevSecOps, as a culture, practice or combination of tools, is of increasing importance. Particularly these days, with more consumers and businesses leaning on digital, enterprises find themselves in the irrefutable position of delivering with speed and scale. Digital transformation that would’ve taken years, or at the very least would’ve undergone a period of premeditation, is now urgent and compressed into a matter of months.

The keys to a successful DevSecOps program

Security and operations are a part of this new shift to IT, not just software delivery: A DevSecOps program succeeds when everyone, from security, to operations, to development, is not only part of the technical team but able to share information for repeatable use. Security, often seen as a blocker, will uphold the “secure by design” principle by automating security code testing and reviews, and educating engineers on secure design best practices. Operations, typically reactive to development, can troubleshoot incongruent merges between engineering and production proactively. However, currently, businesses are only familiar with utilizing automation for software delivery. They don’t know what automation means for security or operations. Figuring out how to apply the same methodology throughout the whole program and therefore the whole business is critical for success.

Powered by WPeMatico

Superhuman’s Rahul Vohra says recession is the ‘perfect time’ to be aggressive for well-capitalized startups

Email is one of those things that no one likes but that we’re all forced to use. Superhuman, founded by Rahul Vohra, aims to help everyone get to inbox zero.

Launched in 2017, Superhuman charges $30 per month and is still in invite-only mode with more than 275,000 people on the waitlist. That’s by design, Vohra told us earlier this week on Extra Crunch Live.

“I think a lot of folks misunderstand the nature of our waitlist,” he said. “They assume it’s some kind of FOMO-generating technique or some kind of false scarcity. Nothing could be further from the truth. The real reason we have the waitlist is that I want everyone who uses Superhuman to be deliriously happy with their experience.”

Today, the app is only available for desktop and iOS. Superhuman started with iOS because most premium users have iPhones, Vohra said. Still, many users have Android, so Superhuman’s waitlist consists mostly of Android users.

“We don’t think that if we onboard them they’d have the best experience with Superhuman because email really is an ecosystem product,” he said. “You do it just as much on the go as you do from your laptop. There’s a lot of reasons like that. So if you’re a person who identifies that as a must-have, well, we’ll take in the survey, we’ll learn about you so we know when to reach out to you. Then when we have those things built or integrated, we’ll reach out.”

We also chatted about his obsession with email, determining pricing for a premium product, the impact of COVID-19, diversity in tech in light of the police killing of George Floyd and so much more.

Throughout the conversation, Vohra also offered up some good practical advice for founders. Here are some highlights from the conversation.

On competition from Hey, the latest buzzy email app

Yeah, I’m not at all worried. I used to get worried about this. You know, 10 years ago, even as recently as five years ago, I would get worried about competitors. But I think Paul Graham has really, really great advice on this. I think he says pretty much verbatim: Startups don’t kill other startups. Competition generally doesn’t kill the startup. Other things do, like running out of money being the biggest one, or lack of momentum or lack of motivation or co-founder feuds; these are all really dangerous things.

Competition from other startups generally isn’t the thing that gets you and you know, props to the Basecamp team and everything they’ve done with Hey. It’s really impressive. I think it’s for an entirely different demographic than Superhuman is for.

Superhuman is for the person for whom essentially email is work and work is email. Our users kind of almost personally identify with their email inbox, and they’re coming from Gmail or G Suite. Typically it’s overflowing so they often receive hundreds if not thousands of emails a day, and they send off 100 emails a day. Superhuman is for high-volume email for whom email really matters. Power users, essentially, though power users isn’t quite the right articulation. What I actually say is prosumers because there’s a lot of people who come to us at Superhuman and they’re not yet power users of email, but they know they need to be.

That’s what I would call a prosumer — someone who really wants to be brilliant at doing email. Now Hey doesn’t seem to be designed for that target market. It doesn’t seem to be designed for high-volume emailers or prosumers or power users.

Powered by WPeMatico

Decrypted: The tech police use against the public

There is a darker side to cybersecurity that’s frequently overlooked.

Just as you have an entire industry of people working to keep systems and networks safe from threats, commercial adversaries are working to exploit them. We’re not talking about red-teamers, who work to ethically hack companies from within. We’re referring to exploit markets that sell details of security vulnerabilities and the commercial spyware companies that use those exploits to help governments and hackers spy on their targets.

These for-profit surveillance companies flew under the radar for years, but have only recently gained notoriety. But now, they’re getting unwanted attention from U.S. lawmakers.

In this week’s Decrypted, we look at the technologies police use against the public.


THE BIG PICTURE

Secrecy over protest surveillance prompts call for transparency

Last week we looked at how the Justice Department granted the Drug Enforcement Administration new powers to covertly spy on protesters. But that leaves a big question: What kind of surveillance do federal agencies have, and what happens to people’s data once it is collected?

While some surveillance is noticeable — from overhead drones and police helicopters overhead — others are worried that law enforcement are using less than obvious technologies, like facial recognition and access to phone records, CNBC reports. Many police departments around the U.S. also use “stingray” devices that spoof cell towers to trick cell phones into turning over their call, message and location data.

Powered by WPeMatico

Long-term profitability is the only growth metric that matters

Joe Yakuel
Contributor

Joe Yakuel is the founder and CEO of WITHIN, the world’s first performance branding company.

Your company’s one metric that matters (OMTM) shouldn’t be return on investment (ROI), return on ad spend (ROAS), net promoter score (NPS), brand affinity or one of the other sophisticated-sounding acronyms marketers use to gauge success.

Your company’s one metric that matters should be long-term profitability.

Put another way, your business should be singularly focused on how much money it can return to its owners, investors and shareholders. Sounds obvious, right?

You’d be surprised: A majority of Fortune 500 and Silicon Valley startup marketing budgets aren’t optimized for long-term profitability.

Instead, budgets are often optimized for secondary or upper-funnel metrics. Besides tracking ROI, ROAS, NPS and brand affinity, many marketers monitor key performance indicators (KPI) like net revenue, customer acquisition cost (CAC), cost per thousand (CPM) and brand recall — none of which directly correlate with long-term profitability.

In fact, many brands’ marketing departments frequently omit the word “profit” all together from the line items and KPIs in their monthly performance reports.

A good way to think about the futility of the KPI status quo is the following fictional scenario, which reflects the marketing and advertising playbooks of a shockingly large segment of American businesses: Main Street Shoes spends $100 on a Facebook ad campaign to promote a new line of sneakers to Jack and Andrew. As a result of the retailer’s Facebook ad campaign, Jack and Andrew each spend $100 to buy new sneakers.

Powered by WPeMatico

‘One day we were in the office and the next we were working from home’

Scott Kinka
Contributor

Scott Kinka serves as CTO for Evolve IP. An award-winning, 20-year technology veteran with expertise in virtualization, cloud security and telecommunications, he designs the Evolve IP roadmap, leads its project team and works closely with customers and partners.

Ryan Easter couldn’t believe he was being asked to run a pandemic business continuity test.

It was late October, 2019 and Easter, IT Director and a principal at Johnson Investment Counsel, was being asked by regulators to ensure that their employees could work from home with the same capabilities they had in the office. In addition, the company needed to evaluate situations where up to 50% of personnel were impacted by a virus and unable to work, forcing others to pick up their internal functions and workload.

“I honestly thought that it was going to be a waste of time,” said Easter. “I never imagined that we would have had to put our pandemic plan into action. But because we had a tested strategy already in place, we didn’t miss a beat when COVID-19 struck.”

In the months leading up to the initial test, Johnson Investment Counsel developed a work anywhere blueprint with their technology partner Evolve IP. The plan covered a wide variety of integrated technologies including voice services, collaboration, virtual desktops, disaster recovery and remote office connectivity.

“Having a strategy where our work anywhere services were integrated together was one of the keys to our success,” said Easter. “We manage about $13 billion in assets for clients across the United States and provide comprehensive wealth and investment management to individual and institutional investors. We have our own line of mutual funds, a state-chartered trust company, a proprietary charitable gift fund, with research analysts and traders covering both equity and fixed income markets. Duct taping one-off solutions wasn’t going to cut it.”

Easter continued, “It was imperative that our advisors could communicate with clients, collaborate with each other and operate the business seamlessly. That included ensuring we could make real-time trades and provide all of our other client services.”

Five months later, the novel coronavirus hit the United States and Johnson Investment Counsel’s blueprint test got real.

Powered by WPeMatico

European VC firm Pale Blue Dot plans to fund 40 ‘planet-positive’ startups

Pale Blue Dot, a newly outed European venture capital firm focused on climate tech, announced this week the first closing of its debut fund at €53 million.

Targeting pre-seed and seed stage startups, the firm says it will consider software and technology investments with a strong positive climate impact. Current areas of focus include food/agriculture, industry, fashion/apparel, energy and transportation, with plans to back up to 40 companies out of fund one.

Founding partners Hampus Jakobsson, Heidi Lindvall and Joel Larsson are stalwarts of the Nordic tech ecosystem and beyond: Jakobsson co-founded TAT (The Astonishing Tribe), which was sold to Blackberry in 2012, and is a prominent angel investor in Europe, most recently a venture partner at BlueYard Capital . Lindvall is the former head of accelerator and investment team at Fast Track Malmö, with a background in human rights and media. Larsson was previously managing director at Fast Track Malmö, with a technical background and prior fund management experience.

I put questions to all three, delving deeper into Pale Blue Dot’s remit and the firm’s investment thesis. We also discussed the macro trends that warrant a fund specializing in climate tech and why Europe is poised to become a leader in the space.

Pale Blue Dot is a new VC fund specializing in climate tech, but in a sense — and to varying degrees — isn’t every venture capital fund a climate tech fund these days?

Heidi Lindvall: We think all funds should be “planet-positive” and working for a better world, but it will take time until it is a focus. Still, most funds look at a potential positive impact late in their assessment and will not decline the deal if the startups wouldn’t be significantly pulling the world in a good direction.

Hampus Jakobsson: Focus has both upsides and downsides.

The negative part with being niche is that we won’t do investments in amazing people or startups that we don’t think are “climate-contributing enough” or that the founders aren’t doing it in a genuine way (as the risk of them to paying attention to the impact might lead them to become a noncontributing company).

Powered by WPeMatico

How COVID-19 transformed the way Americans spend online

Ethan Smith
Contributor

Ethan Smith is founder and CEO of Graphite, an SEO and growth marketing agency based in San Francisco. Ethan has served as a strategic advisor to Ticketmaster, MasterClass, Thumbtack and Honey.

COVID-19 has transformed the way Americans use their phones and the way they spend their time and money online. These shifts present both a number of challenges and a raft of opportunities for savvy growth marketers.

We’ve seen COVID-19 affect a number of verticals. A number of industries have taken a hit (like music streaming and sports), while some are expanding due to the pandemic (groceries, media, video gaming). Others have found distinctive ways to adjust the way they position and sell their product, allowing them to take advantage of changes in buyer behavior.

The key to being able to read and react to changes in this still-tumultuous time and tailoring your growth marketing accordingly is to understand how public sentiment is reflected in new purchasing behaviors. Here’s an overview of the most important trends we’re seeing that will allow you to adjust your growth marketing effectively.

By the numbers: A sheltering-in-place economy

Virtually all of the data we’ve seen shows a marked difference in buyer behavior following the WHO’s declaration of a pandemic on March 11, 2020. With consumers encouraged to stay home to deter the spread of COVID-19, it’s no surprise that the biggest change is the spike in online activity.

Powered by WPeMatico

Extra Crunch Live: Join Superhuman’s Rahul Vohra for a live discussion of email, SaaS and buzzy businesses

An email app with a waitlist? No, this isn’t 2004 and I’m not talking about Gmail. Superhuman has managed to attract and maintain constant interest for its subscription email product, with a wait list at over 275,000 people long at last count – all while asking users to pay $30 per month to gain access to the service. Founder and CEO Rahul Vohra will join us on Tuesday, June 26 at 2pm ET/11am PT for an Extra Crunch Live Q&A.

We have plenty of questions of our own, but we bet you do, too! Extra Crunch members can ask their own questions directly to Vohra during the chat.

We’re thrilled to be able to sit down with Vohra for a discussion about email, why it was in need of change, and what’s bringing so much attention and interest to Superhuman on a sustained basis. We’ll talk about the current prevailing market climate and what that’s meant for the business, as well as how you manage to create not one, but two companies (Vohra previously founded and sold Rapportive) that have adapted email to more modern needs – and struck a chord with users as a result.

Meanwhile, SaaS seems to be one of the bright spots in an otherwise fairly gloomy global economic situation, and Superhuman’s $30 per month subscription model definitely qualifies. We’ll ask Vohra what it means to build a successful SaaS startup in 2020, and how there might be plenty of opportunity even in so-called ‘solved’ problems like email and other aspects of our digital lives that have become virtually invisible thanks to habit.

Audience members can also ask their own questions, so come prepared with yours if you’re already an Extra Crunch member. And if you aren’t yet – now’s a great time to sign up.

We hope to see you there!

Powered by WPeMatico

IoT solutions are enabling physical distancing

Tyler Cracraft
Contributor

Tyler Cracraft is an electronic engineer turned solution architect at Advantech who has more than a decade of experience working in the electronics technology industry.

If you’re a business owner or investor and are wondering about the long-term impacts of the COVID-19 pandemic on the business world, you’re not alone.

Today’s business leaders have been plunged into the deep end of telecommuting with little notice, and the way we do business has been impacted at almost every level. Travel is restricted, meetings are virtual and delivery of goods and even raw materials is being delayed. While some industries that depend on large gatherings are seeing extremely difficult challenges due to the pandemic, others such as the tech industry, see the opportunity and responsibility for innovation and growth.

As many states begin phased reopening, companies are trying to determine what the workplace and business environment will look like in a post-quarantine world. The first obvious step is the integration of personal protective equipment (PPE). Sanitization and face masks will become required and nonessential face-to-face meetings will be a thing of the past, along with shaking hands.

Additionally, relationship-driven careers such as sales and recruiting will have to find new ways to connect to be successful. Physical distancing rules will have to be established, which may include employees coming in alternate days while telecommuting the other days of the week to keep offices at reduced capacity. Large offices of 10 or more may implement thermographic camera technology for fever screening or other real-time technology-based health screenings.

One thing is for sure: IoT devices that enable physical distancing will become an integral part of reopening businesses, facilitating sales connections and embracing a different way of living.

Solutions for physical distancing

There are a variety of IoT devices available that can help business leaders successfully implement physical distancing in their offices. Thermographic camera technology coupled with facial recognition can create a baseline for each employee and then assist in determining if an employee has a temperature outside of their norm. Other remote health monitoring may also take place with healthcare providers, helping employees determine on a daily basis if they are well enough to go into work.

Powered by WPeMatico

Marietje Schaake is ‘very concerned about the future of democracy’

Scott Bade
Contributor

Scott Bade is a former speechwriter for Mike Bloomberg and co-author of “More Human: Designing a World Where People Come First.”

In the ten years she spent as a member of the European Parliament, Marietje Schaake became one of Brussels’ leading voices on technology policy issues.

A Dutch politician from the centrist-liberal Democrats 66 party, Schaake has been called “Europe’s most wired” politician. Since stepping down at the last European Parliament elections in 2019, she has doubled down with her work on cyber policy, becoming president of the CyberPeace Institute in Geneva and moving to the heart of Silicon Valley, where she has joined Stanford University as both the International Director of Policy at Stanford’s Cyber Policy Center, as well as an International Policy Fellow at its Institute for Human-Centered Artificial Intelligence.

I spoke with her about her top cyber policy concerns, the prospects of greater U.S.-EU cooperation on technology and much more.

Can you tell me about your journey from MEP in Brussels to think tank in academia?

There were a variety of reasons why I thought a third term was not the best thing for me to do. I started thinking about what would be a good way to continue, focusing on the fight for justice, for universal human rights and increasingly for the rule of law. A number of academic institutions, especially in the U.S. reached out, and we started a conversation about what the options might be, what I thought would be worthwhile. [My goal] was to understand where tech is going and what does it mean for society, for democracy, for human rights and the rule of law? But also how do the politics of Silicon Valley work?

I feel like there’s a huge opportunity, if not to say gap, on the West Coast when it comes to a policy shop — both to scrutinize policy that the companies are making and to look at what government is doing because Sacramento is super interesting. 

So from a policy perspective, what areas of tech are you thinking about most?

I’m very concerned about the future of democracy in the broadest sense of the word. I feel like we need to understand better how the architecture of information flows and how it impacts our offline democratic world. The more people get steered in a certain direction, the more the foundations of actual liberalism and liberal democracy are challenged. And I feel like we just don’t look at that enough.

Powered by WPeMatico