Connect with us


Kimberly-Clark is learning to act like a tech products company



There are no microchips in Huggies diapers or Scott paper towels, nor are there likely to be anytime soon. Nevertheless, the consumer products company behind those brands, Kimberly-Clark, is learning how to act more like a tech company, as it recognizes the importance of digital experience to the total experience of buying and using its products.

This transformation might not be much on the minds of those making paper products for Kimberly-Clark, but it’s important within IT. Actually, scratch that: “We call ourselves digital technology services — we don’t call ourselves IT anymore,” explained Sunniath Pervez, senior manager and product transformation office leader at Kimberly-Clark.

Becoming a tech products company

The concept of products, rather than projects, is one of the concepts that grow out of the agile programming movement and related methodologies. As a mindset shift, the idea is to get away from focusing on projects, or limited time commitments to develop and deliver applications that will be declared “done” at the end of the process. By thinking instead in terms of products, technology teams can organize themselves more like software companies who will build a minimum viable product they can bring to market, promote, and then continually improve in subsequent iterations.

“IT is seen, even today, as a delivery shop, where the business comes up with a list of requirements, an amount of funding, and says go do it — go fetch,” Pervez said. “So IT has become very efficient at delivering on time and on budget but not necessarily understanding, why are we delivering these things? What value are we adding to the business?”

Kimberly-Clark began doing more agile software development work about five years ago, but at first, the payoff was to make a few isolated teams more efficient at getting their work done, Pervez said. “But that still didn’t answer the question of what value are we adding? Are we really adding value? Or are we just delivering something random, a project that started because somebody had some money for it?”

By reorganizing around technology products, rather than projects, his team aims to understand the problem to be solved by an application more deeply and discover the true requirements for making it successful, rather than accepting a predefined list of requirements. And by building an internal product management organization, Pervez aims to develop a portfolio of products that map to a “value stream” of payoffs for the company and its customers.

“It sounds a little bit obvious if you come from the tech world — that’s how software companies have been operating for many, many years,” said Elad Simon, cofounder, and CEO at, a vendor of product portfolio management software for enterprise IT used by Kimberly-Clark. For companies outside of the software industry, a software development team’s involvement traditionally ended when the application was delivered, with “no real follow up,” Simon said. “After that, it doesn’t really exist as something people take care of and nurture.”

The practical challenges of shifting to a product orientation revolve around the creation of persistent teams that take ownership of a technology product and its continual improvement, rather than being disbanded when a predefined project concludes. That requires broad cooperation across the organization, Pervez said. “If I look at my objectives for next year, there are probably three or four things my team can do ourselves. For the rest, I have to work with finance, or I have to work with HR, or some other group.”

One of the first payoffs of the product management approach was a supply chain application known as Control Tower that provides end-to-end visibility that can be used to troubleshoot bottlenecks and ensure products make it to grocery store shelves. Kimberly-Clark initially put out an RFP for vendor solutions before deciding to build it as a test case for the product management approach, Pervez said.

However, most of his group’s work has been more aligned with sales, marketing, and building “first-party” connections with customers, rather than only getting data about customers and their preferences through retailers and other intermediaries.

Minimum loveable product

The success story he tells concerns the redesign of a loyalty app for Huggies. The app has become popular because it allows parents to scan a barcode and get savings and other rewards. However, the previous version of the app, which had been built to spec in the traditional manner, was not so popular. One reason: the signup process involved entering three screens worth of data on a tiny mobile phone screen. Or, as Pervez puts it, the process was “like you’re applying for a mortgage — and then sometimes the app crashes, and you have to start all over.”

An integrated product team that broke down the divisions between business and technology team members streamlined the enrollment process by allowing parents to use their Facebook profiles. Because the product team created something people would actually use, the app’s one-year goal of making first-party connections with 100,000 consumers was achieved in six months, Pervez said.

“The great thing about this approach is that you don’t have to solve everything upfront. You can take an MVP approach and continuously build on it,” Pervez said. “But I’ll never forget what the product manager told me. He said the goal is no longer an MVP, a minimum viable product — it’s a minimum loveable product.”

In the long run, what the business will love more is the data derived from getting more people to use the application, including data to feed sexier applications like AI predictive analysis of customer demand and optimization of the supply chain that delivers it. “With better engagement, we’re enabling teams to make data-driven decisions about how to increase sales and create long-term customer relationships. Our digital products will always be there to support our physical products.”

As’s Simon indicated, “It’s not like Kimberly-Clark is a software company that will make, you know, digital toilet paper. But software is becoming like the veins and arteries of the organization.”

Source link


Better together: Offsetting cybersecurity’s labor challenges with API integrations



The labor challenges afflicting cybersecurity teams far and wide are no secret. A razor-tight hiring market coupled with surging demand and an accelerating threat landscape has created a perfect storm of complexity, resulting in a widening skills gap that is driving higher levels of burnout and human error across the sector. In fact, Verizon’s independently commissioned 2022 Data Breach Investigations Report found that 82% of breaches today involve some degree of human error. Whether it’s an unsuspecting end user or a bleary-eyed analyst, the vulnerabilities caused by cognitive overload shouldn’t be overlooked.  

Take the recent high-profile Uber data breach. A malicious actor, posing as an internal IT administrator, used digital collaboration channels to trick an Uber employee into giving up their VPN credentials, leading to a total compromise of the rideshare giant’s network infrastructure. The breach exemplified the consequences of a social engineering attack targeting the always-on hybrid workforce. And with the rate of such attacks accelerating in volume and velocity, it’s clear that more visibility of these threats is needed for security teams to effectively remediate them.

Many organizations are investing in a plethora of new, best-in-class security products in response to staffing shortages. However, reactive patchwork spending on the industry’s latest niche products shouldn’t be viewed as the answer, as the tool sprawl often creates additional complexity that hurts organizations more than it helps. Enterprises, on average, have 60 to 80 different security monitoring tools in their portfolio, many of which go unused, underutilized or forgotten. Forcing security teams to master a myriad of tools, consoles and workflows shifts priorities from managing risk to managing technology.

An integrated cybersecurity framework

The companies best positioned to offset cybersecurity’s labor challenges are those adopting best-of-breed security tools and platforms that offer a deep library of API and third-party integrations. Above all, an integrated framework empowers organizations to effectively navigate their unique environments by consolidating tools and reducing human error through the following three processes:


Intelligent Security Summit

Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.

Register Now

  • Improved protection via security intelligence and threat sharing: This enables rapid recognition and response to incoming threats via machine learning analytics tools, strengthening a human analyst’s ability to formulate swift and comprehensive cyberdefense measures.
  • Improved efficiency via automation: This enables offloading of repetitive and mundane manual tasks to AI-enabled tools, streamlining human workflows by accelerating and improving key facets of incident response and vulnerability management.
  • Improved prevention via sharing and consolidating tool data: This enables complete, real-time visibility into an organization’s entire security environment to promote the creation of targeted alerts that uncover unknown threats.

In collaborating with a wider range of security vendors, organizations leveraging API integrations benefit from the combined knowledge of all integrated platforms to greatly improve overall security posture. The extensive access to timely threat intelligence allows security teams to align prevention, investigation and response plans across multiple security controls, as well as increase the speed of their detection and remediation efforts.

Amid the widespread adoption of cloud-based hybrid work environments, it’s increasingly clear that organizational security architectures must consist of scalable, tightly integrated solutions that combine the right balance of automated prevention, detection and response capabilities to effectively protect data across its lifecycle.

Enhancing detection and increasing cybersecurity efficacy

An open API integration framework is the embodiment of unlocking strength in numbers. It stitches together the critical functions and processes performed by foundational security tools — email security, endpoint security, web security, NDR, data security — into a single meshed framework that operates in unison and shares centralized threat intelligence data across its ecosystem. By connecting all the pieces of the puzzle, organizations gain the resources to enhance their prevention and detection capabilities in complex environments.

In one scenario, an API framework could enable automated processes to continuously flow between an email gateway and security service edge (SSE) to corresponding SIEM/XDR systems. This would allow security teams to share rich logging, metadata, indicators of compromise, malicious URLs, user activity, data movement and machine learning analytics in real time. The AI-powered SIEM platform automates the analysis of that threat data, sifting through the noise to generate actionable alerts with contextual information for security teams. Meanwhile, the real-time contextual insights provide simplified guidance for analysts to alleviate potential threats and, if needed, formulate a swift response to an attack.

With access to a wider range of threat data touchpoints, cybersecurity teams can also create customized scripts within the overarching API library. This gives them “targeted capabilities” that more directly align with their specific needs and skillsets. For instance, the team could create a script that simultaneously analyzes email security logs from Vendor A, data protection logs from Vendor B, web security click logs from Vendor C, and spam filter logs from Vendor D, based on which intel is most relevant to their specific use case. Filtering the exceedingly high volumes of incoming alerts enhances the efficiency of the entire team, empowering analysts to identify needles in the haystack by prioritizing the right alerts at the right times for maximized protection.

Automating manual processes and workflows

Despite the growing number of innovative, best-in-class products available on the market today, it’s important to remember that a multi-vector social engineering attack is exceedingly difficult for hybrid security teams to combat regardless of the tools in their stack. Quick and agile responses are non-negotiable in these situations, but with resources stretched thin and employees working from multiple locations, executing swift corrective action free of human error is easier said than done. Even the most experienced and skilled security teams are susceptible to mistakes while trying to remediate an attack. Therefore, identifying how to automate well-defined processes wherever possible is imperative for tightening these response durations and ensuring security teams can remediate quickly and effectively.

With access to an open API library, organizations can integrate the capabilities of additional AI/ML security tools into their existing security architecture to automate the repetitive steps of protection, detection, response, mitigation and intelligence sharing. Whether it’s informing an endpoint security provider of an emerging alert, or securely moving data from one storage solution to another, API-driven automation can handle the routine, error-prone tasks cybersecurity teams perform every day. Streamlining these otherwise human-centric workflows allows overstretched analysts to instead focus on more critical threat assessments requiring extensive time and attention. That, on a macro level, strengthens the security posture of the greater organization.

There’s no magic bullet that will completely reverse cybersecurity’s labor challenges in the immediate future. But there are proactive steps organizations can take now to provide the critical support their security teams need today. For effectively navigating a complex threat landscape, there’s no better place to start than with the applied adoption of a deep API integration framework.

After all, cybersecurity is a team sport. Why defend alone when you can defend together? 

Joseph Tibbetts is senior director for tech alliances and API at Mimecast.

Source link

Continue Reading


It’s foie gras season in unicorn land • TechCrunch




elcome to the TechCrunch Exchange, a weekly startups-and-markets newsletter. It’s inspired by the daily TechCrunch+ column where it gets its name. Want it in your inbox every Saturday? Sign up here.

With most startups getting repriced behind closed doors, we love getting data that gives us a glimpse of what’s going on. This week, our new information comes from EquityZen, which shared insights on secondary stock sales. EquityZen also put up a few IPO predictions that gave us food for thought. Let’s explore. — Anna

A glimpse of repricing

How do you know when a unicorn has lost its billion-dollar valuation? Usually you only find out long after the fact, when — and if — the company raises a down round that makes it clear that its equity valuation is no longer in the unicorn realm.

The thing is, not many founders want to advertise that they have raised capital at a lower valuation than their previous round; in most cases, they just won’t disclose their new valuation.

As market observers, this leaves us with little data on a topic that our readers do care about: What kind of repricing they could expect. This is why we were grateful for Instacart, which made it public that it reduced its valuation through a 409A price change. This wasn’t good news, but it was a helpful data point for everyone involved. However, that was back in March.

Source link

Continue Reading


This Top-Rated PDF Solution Is 66% Off Now



Opinions expressed by Entrepreneur contributors are their own.

Paper has made its way largely out of business, but that doesn’t mean you don’t still work with documents regularly. Instead, we’re just working with them differently: with the dreaded PDF. These static files can be great if you’re positive that a document is ready, but a serious nightmare when you have to make changes. When you’re working with a lot of PDFs, you need a quality digital solution.


We’ve got a deal you’ll like. For a limited time, you can get a lifetime subscription to UPDF Pro for 66% off.

UPDF Pro is one of the top-rated PDF solutions on the market. Geeky Gadget writes, “UPDF is a potent PDF editor and PDF converter designed to stay up with advanced technologies. It ensures that whichever features you use are up to date. UPDF not only converts PDF to Word but can perform many advanced editing.” Fossbytes adds, “UPDF doesn’t have a boring interface like other PDF software. The design is stunning and eye-catching. On top of it, it is convenient to use. You wouldn’t be bothered with a complex design that is very time-consuming.”

These are just the tip of the iceberg of positive reviews for this all-in-one PDF solution for individuals and businesses. With it, you can edit any PDF document across Windows, Mac, iOS, and Android devices, adding or deleting text, editing fonts and color, and much more. The tool allows you to add, crop, rotate, replace, extract or delete images, watermark documents, and password-protect them for elevated confidentiality. You can also easily annotate PDFs, highlight, underline, or strike out text, add shapes and notes, and much more. Finally, it’s even easy to convert any PDF to Word, Excel, PowerPoint, and a ton of other file types in just a click.

Working with PDFs has never been easier than with a lifetime subscription to UPDF Pro. Grab it on sale for 66% off $149 at just $49.99, the best price you’ll find online.

Prices subject to change.

Continue Reading