blog writing: the slow and subtle art of pondering

Or how not to jump to hasty conclusions in just one step

A few days ago, I came across a piece on Bnet on which there was a mention of Sun Tzu‘s “the Art of War” in not very favourable terms. I therefore asked the Vincent Berthelot, who is very well versed in Oriental culture (he is even fluent in Tai), to write something up for us. Here is his comment, 100% devoid of political correctness.

By Vincent Berthelot, translated by visionary marketing

photo cc (some rights reserved) by AlphaTangoBravo / Adam Baker)

Very often, I have been annoyed by the tendency to superficially squeeze management tips into constrained lists such as “five key marketing techniques”, or even “how to succeed in social media in 12 steps”. Alas, this is a gimmick which has being quickly imported from America by many a Continental blogger. Let’s admit we all wrote at least one piece in that manner, but abusing this method leads to stereotypes and facile conclusions.

When Yann asked me to review a BNET article which falls into that category, I could not resist the urge to stop everything I was doing in order to write something up on that subject. The incriminated piece is won by Geoffrey James, subtly entitled “seven vastly overrated business books”.

In that blog post, James puts together in the same basket, some of the bestselling US management books of the past 20 years and celebrated writings such as Adam Smith’s “The Wealth of Nations” and Sun Tzu’s “The Art of War”. This very list shows the seriousness and hindsight behind the author’s methodology.

Reading that piece online will force you to click on as many internal links as possible so as to maximise traffic; after all, this is serious marketing stuff, don’t get mistaken! Geoffrey James also adds profound comments such as that Adam Smith could not possibly surmise the invention of the modern multinational or of computers and that Sun Tzu’s book is mostly useful if you are planning to play computer or board games only.

Of course, I admit that business and war, at least on the surface of it, have little in common and that Sun Tzu’s advice belong to another time.

I would in fact recommend that James’s list be updated to include his point of view on Marcus Aurelius, Clausewitz, Machiavelli and a few others. Books such as Sun Tzu’s are not meant to be utilitarian, just like your average management book, and they have to be read with different eyes too. They aren’t meant to deliver “recipes”, and since his words cannot be directly applied to your marketing strategy either. Continue reading “blog writing: the slow and subtle art of pondering”

Zscaler: “we want to be the of Internet security!”

this piece was originally written for the Orange Business Live blog

On November 15, I was invited with a group of journalist to a press tour in the Silicon Valley (a sequel to our June 2010 press tour in the Valley). Our first presentation took place in Sunnyvale, Calif. at the main office of Zscaler, a ground-breaking cloud security provider, which is also a partner of Orange Business Services.

The landscape has evolved

The security landscape has changed dramatically over the past decade. Whereas most security threats (apart from social engineering) used to come from outside devices like floppy disks or the more recent usb keys, the vast majority of threats are now directly coming from the Internet. This has forced enterprises to equip themselves with a flurry of protection devices and software which have, over the years, generated  staggering complexity; and now, this complexity is increasingly getting out of hand. Traffic and policy management have become so important that the very dissemination of such rules and policies are a major pain-point for CIOs, not to mention the fact that simple techniques such as url filtering for instance are not always proving very effective. Besides, traditional security measures generate humongous log files. Something had to be done, mostly in that age of cloud computing, in which all clients are now seeking to rent their IT instead of buying it. Zscaler’s approach is therefore not to compete in the same market as traditional players, but to redefine the game plan by providing security in the cloud.

The Zscaler blog

The company is security savvy and dedicated to the Web community. To that intent Zscaler have developed a R&D blog available at the blog is packed with information about Web security and you are mostly advised to download their own blacksheep firefox plug-in, a security device which will protect your device from the firesheep wifi sniffing plug-in so as to avoid that your facebook details be stolen by malicious people.

The Future?

What will be the future for Zscaler? Will the company sell itself to a bigger company? Zscaler is getting so many calls from VCs throughout the week that it would be an option if its CEO didn’t think that this isn’t one of his objectives. Zscaler is now performing so well that they think they are in a position “to build the of Internet Security”.

So far, the security market is a $1.2bn market dominated by a few players and then there are small players in the background. But the market is growing 30% year on year and Zscaler’s CEO think that it is still new and that “noone had ever done it properly so far”. This is why Zscaler thinks it can be a major player in that market by disrupting it and changing the ball game.

Below is a transcript of the presentation as it was delivered on November 15 in Sunnyvale, Calif. (the presentation was delivered by Shrey Bhatia, Zscaler’s head of worldwide field management and its CEO, Jay Chaudhry)

overview of Zscaler and its products

  • largest standalone cloud security company protecting 800 companies in 140 countries, millions of users
  • manage a cloud deployed across 40+ data centres globally
  • r&d over 3 continents and own 30 patents on cloud security technologies
  • with offices in 15 countries, US, Europe and APA
  • positioned as the “most visionary” company by Gartner
  • growing revenue by 50%
  • clients include LVMH, Allianz, VW, Coca Cola, Wipro etc.
  • “anyone who uses the Internet is a potential client of ours”
  • in France, there are already  many clients (see slide)already, and Orange Business Services is a partner of Zscaler’s (some of the French clients quoted on that slide were closed with Orange Business Services)

market overview: examples of how security is evolving on the Internet

  • Web (http protocol) has become main attack vector
  • over 80% of threats coming from the Web from 5% in 2000
  • It’s no longer USB disks or floppy disks
  • 85% of all traffic coming in and out of all companies (all types, small or large) is Web-based, this is why threats are coming from there too

Challenges facing the world in terms of Internet security

  • all content is active, live with Flash and Java, and this is what is making security threats more challenging
  • filtering: most companies want to control where employees are going. But the old list-based url is not working anymore. Facebook, wikipedia have evolving urls and it’s changing all the time. Besides blocking Facebook is an issue if the same company is launching multi million dollar advertising campaigns on Facebook!
  • Web 1.0 sites were read-only whereas Web 2.0 sites are now a cause for iinformation leaks: webmail, blogs, IM …
  • bandwidth is a real issue. Video is 20 times more exacting than text and companies are very concerned about the amount of bandwidth which is being used by video
  • Road warriers are new challenge too: people go to and so many online applications that the Web has become so critical. So it is of paramount importance to protect the road warriers
  • the last and one of the biggest challenge is cost and complexity: CEOs impose CIOs to do 20% more with a flat or even decreased budget

What Zscaler does and how they do it

  • Zscaler sits between the user and the Internet anywhere in the world, whereever they are, and whatever device they use. User goes to the Zscaler cloud, and Zscaler is the trusted third party and is termiinating the transaction to the Internet.
  • This is done with no hardware, no software, no plug-in, nothing!
  • This is why very international companies choose Zscaler.
  • How is it done?
    • in the browser, one has proxy settings, and one has to change the proxy setting, it’s all you have to do and it can be done remotely
    • can be done at device or office level, from the firewall or router
    • Zscaler’s cloud is the most global cloud in the industry
    • The “policies” are kept in the cloud and are moved around as companies and users are moving by moving the policies to the closest data centre. This is what is called “shadow policies”
    • Latency is important, and this is why data centres have to be as close to users as possible
    • In the past 6-7 years, companies have deployed MPLS networks: the biggest benefit is that bandwidth is divided by 2 and that latency is also improved. But network topologies are changing slowly because enterprises have spent a lot of time putting all their network topology together and they are naturally reluctant to throw everything away now. Hence it’s best to let them be more comfident with the service before they change their network infrastructure and re-engineer it.
  • cost-effectiveness
    • for all French customers, Zscaler is managing tens of thousands of users with just two boxes, and this is a lot easier and more cost effective than managing the complexity of myriad CPE’s (Customer Premises Equipment)
  • Will it slow things down?
    • Traditional security devices are firewall devices which weren’t designed to scale
    • Zscaler had to build new boxes which are very scalable
    • Standard costs to open 1 data centre is $1m, whereas Zscaler is able to open one for a fraction of that, with 2 boxes and can serve half a million users for that price
    • nanolog technology is a special technology which compresses logs and speeds up transactions, it has been developed by Zscaler (traditional logs for an average large company are going to generate 50-100GB of data every day. none of that information can be searched or used)
  • If everything is centralised how do minimise threats?
    • the goal of a cracker is to get to the user’s machine an monetise information or turn it into a bot
    • Zscaler is just a conduit, hence it’s just a bridge, and there is not much value in accessing Zscaler’s boxes
    • Zscaler spends an awful lot of time and R&D to protect their servers and make the service safe

Zscaler services

  • 4 types of Services come on top of that infrastructure:
    • Web security: Antivirus and Advanced threats browser contro, E-mail security
    • Web control: url filtering, web 2.0, limiting bandwidth (i.e. ensuring that YouTube for instance will not take up more than 30% of the total bandwidth)
    • Web DLP (data leaks/loss prevention)
    • Web analytics


  • save money and time, best security and policy management, real time reporting, easy to deploy data loss protection mechanism, near-zero latency (high performance proxy and breadth of cloud), integrated email & web
  • What Zscaler isn’t: Zscaler isn’t playing in the Wan optimisation space

What does a “trusted advisor” really mean?

You may not yet be familiar with Cisco and its ‘trusted advisor’ approach – in which the equipment provider is raising the bar and advising its clients rather than just selling to them. But what is a ‘trusted advisor’ and how do you achieve that status? Professor Lee Schlenker from EmLyon’s Chair of Emerging Economies and Technologies reports:

What does a “trusted advisor” really mean?

I recently had the opportunity during a CIO Conference in Zurich to ask Chris Hughes, one of the three founders of Facebook, if he saw a link between “trust” and “truth” in the practice of business today. Chris responded “no there probably isn’t… at least not in the media industry”. I followed up with the question in that case who does he trust? After a few moments thought, he replied, “I guess those that open up to me.”

The notion of the “trusted advisor” has become a key theme in the IT industry today. IBM, Microsoft Oracle, and a myriad of other firms are claiming that the development of trusted advisors constitutes a powerful value lever inside their companies and in their eco-systems. But what exactly is a “trusted advisor”, what does it mean in the context of the IT industry, and what lessons can be learned for the CIO?

Information systems have long provided a mirror of how management sees their employees, their customers, and their working environment. This image of work today is cloudy at best: most employees, not to mention their own managers, have increasing trouble in defining the contours of their professions, their job requirements, and even the foundations of trust in their organizations. As Daniel Goleman reminds us, workplace realities today are shaped by the absence of job security, the preference of “portable skills” over “technical competencies”, and a form of managerialism based as much mistrust as on trust.

Most CIOs readily admit that the truth isn’t in the figures, but in what the figures represent. Information systems vehiculate competing visions of how managers can shape professional behaviour in today’s workplace. On one hand IT systems are developed to reinforce the traditional concept of control, which suggests that information systems provide a coordinating mechanism based on asymmetric relations of power to guide behaviour for the good of the corporation. . One the other, IT systems are expected to enhance trust, which contrastingly refers to a coordinating mechanism based on shared values and norms used to deal with uncertainty. The multiple sources of uncertainty today in the market, in the corporation, and in the meaning of work have pushed managers to look beyond the limits of control to the potential value of trust.

How can the CIO and his team work to build trust in this context? Vanessa Hall, author of The Truth About Trust in Business, suggests that in our virtual world the task is more daunting than ever: “seeing is believing” doesn’t convey the same meaning when information technology replaces face to face interactions. Blind trust based on accumulated experience proves difficult where physical meetings with our customers and our own managers are increasingly rare. Trustworthiness, based a personal or product based reputation doesn’t hold up much better in an environment in which everything is marketed. In a technologically intermediated world, Hall argues that we are left to focus either on contextual trust – understanding what will work in a special context or referred trust – relying on the opinions of those we admire. In contrast to blind trust, contextual and referred trust are finite resources that can be progressively nurtured or rapidly consumed by managerial practice

Our recent “Journey to Value” workshops[1] with Microsoft’s European Operations Centers have underlined both the challenges and the opportunities of building trust in the organization and in its relationships with its business partners. Kees Pronk, Senior Director Partner & Field Operations for Microsoft EMEA, opened the workshops with the challenge that “trust is built on a clean track record of reliability, credibility and a well-developed interpersonal awareness.” Although most of the participants agreed that trust should be a key ingredient of good management –, one manager argued passionately that trust had nothing to do with their jobs – employees “just needed to get on with it”. “Getting on with it” proved a challenge in itself, for most of the group felt quite uneasy, if not frustrated, by the lack of corporate directives on how to reach the group’s ambitious goals for the fiscal year. The complexity of the challenges proved a third issue, for few of the customer and organizational challenges at hand could be solved by traditional top-down command and control processes.

The workshops’ exercises and outputs proved quite informative. The discussions on “truth ” and “trust” demonstrated to many the importance of personal engagement in reaching organizational objectives. The discussions on “getting on with it” brought to light both where existing practices and experiences could be channeled to get work done, and where top management needed to provide more input to move the team forward . The exercises around the ladder of trust demonstrated how the group could use the wisdom of their peers in building operational value levers one step at a time to meet financial objectives. Finally, the group’s conclusion that truth was less about storing the facts in a database and then archiving them for posterity, than about building and strengthening relationships inside work and out.

A few potential experiments that can help CIOs and their teams build trust within their organizations and with their business partners include:

Open up your communication challenges. Extend your information systems to address not only formal institutional communication, but to capture and air the information communication once reserved to talk around the coffee table. Encourage management to go beyond the facts to document the rationale behind the decisions that have already been made, and the tough choices that lay ahead.

Develop information systems that encourage bottom up input . Compare the benefits and risks of “unbounding” the enterprise systems that mirror organizational truths. To what extent can 2.0 technologies break down the barriers around data to shed light on the stories behind the facts?

Encourage management to explore the nature of organizational issues. Which problems are well documented and can be solved by optimizing processes or applying best practices. Which problems elude organizational answers that have been answered by experts.

Note: Editorial published in CIO Connect, April 2010

The Chair of Emerging Economies and Technologies at the EMLyon focuses on how the interplay between innovative technologies and business models is transforming management teams, organizations and markets. I am publishing thereafter a pre-release of the first edition of CEET InFocus for your information and potential suggestions. Your comments are invaluable and would enable us to improve our newsletter has been designed by our Chair to foster conversation around our customer value propositions for students, faculty and business partners.

Should you want to be included in the distribution list of the CEET InFocus newsletter, please contact Professor Lee SCHLENKER, ChairEET

A Search Engine Optimisation (SEO) survival guide for marketing managers (part 2) – unabridged

note: this is part 2 of 2 in a series of articles on the subject of SEO and marketing, originally published at This piece is the unabridged version of the article.

10 steps for improving your SEO dramatically and simply

including a slideshare pictorial guide for SEO marketers (see bottom of article)

Important notice: it is reminded that this is not meant to be a comprehensive guide to SEO. All steps have been voluntarily simplified in order to help marketing managers, not to turn them into bespectacled anoraks. My method described here is simple, it is certainly not scientific, it is bound to make any SEO guru scream in dismay I’m sure, but I’ve tried it and it worked time and time again, so I believe there must be something good in it.

Step 1: define your SEO niche

Trying to be all things to all people is a bad thing in Marketing in general, but in web page optimisation it is a lethal mistake. First and foremost, one has to target a so-called SEO niche in order to be well positioned in search engines. Reaching number one rank is a nice to have but can rarely be achieved from day one. On the contrary, it is easier and more effective to aim at niches, one at a time for each page you want to index, and eventually, your ranking will improve.

1.       Target 3 keywords (or combination of). I don’t mean that one cannot index a page for more than 3 keywords, I have seen counterexamples. What I mean is

a.       It’s difficult to target more than 3 keywords from a resource viewpoint,

b.      If you want to be consistent, these keywords will have to be repeated all over your text, so imagine if you have 10 of them!

c.       Your website has probably more than one page so do use other pages to target other keywords, based on relevance (the more the keywords are repeated in the page the more relevant because it means that this page really is about that),

d.      Don’t try and spam search engines, their designers are really shrewd, so spamming a page with repeated keywords may sound very clever but I assure you it’s not plus your readers might not appreciate your style.

2.       Analyse popularity AND competition and focus on that KEI

a.       keyword popularity will tell you how much a keyword combination is sought after,

b.      competition will tell you how often your competitors have tried to use this combination of keywords for their own SEO,

c.       the right combination between a & b is called the Key Efficiency Indicator index (aka KEI), a very effective way of balancing the two factors,

d.      bringing realism using personal judgement is also advised. Some of the numbers given by some keyword generation tools (see last section about useful tools) will not make much sense unless you interpret them properly and eliminate irrelevant keywords. For instance, networks appears as if it were a relevant keyword for telcos but in fact it’s not because it’s too vague as it mostly refers to social networks. A simple search engine query will prove the point very quickly and therefore, the ambiguity can be removed by qualifying the keyword better (network security is more relevant for instance, etc.)

e.      each page can/must be indexed with a different strategy in mind. This is how you can ensure that different targets are reached from the same website.

note: “The Keyword Effectiveness Index (KEI) was developed by search engine guru Sumantra Roy. it compares the daily searches with the number of competing Web pages to pinpoint exactly which keywords are good enough so you can use them while optimizing your site.” (source: sitepoint)

Step 2: fine tune your page title

As said in our previous post about Internet content, good content shows in the title. Good SEO too, and this is rather obvious so I won’t expatiate.

Step 3: implement keywords in the URL

Adding your keywords to your URL is also very effective as it will improve the search engine friendliness of your website. It also means generic keywords. Business people are always obsessed with their brand – and this is natural to an extent – but Internet visitors aren’t forcibly. What you have to do is get them to associate your brand with the good content that you are providing. It’s just the same objective but it works the other way round.

Continue reading “A Search Engine Optimisation (SEO) survival guide for marketing managers (part 2) – unabridged”

Enterprise 2.0 fear factor: Overcoming risks, uncertainties and doubts

There are risks associated with adopting any new technology, and Enterprise 2.0 is no different. Enterprise 2.0 holds the promise of dramatically increasing business productivity, stimulating greater innovation, and creating tighter connections between employees, as well as with partners, suppliers and customers. While these technologies and other social networking softwares are facilitating knowledge sharing, accelerating team communications, fostering increased collaboration and online communities creation, many executives are recognising their value but worry about losing control of information, compromising sensitive data, opening their networks to security breaches or even exposing employees to time-killing “network noise”.

Liability for potentially illegal activity involving workers, risk of malware infections, bandwidth constraints and other drop-offs in employee productivity are obvious reasons why the “open social Internet” just goes against the instincts of many Chief Information Officers.

It is also true that employees using these systems for group collaboration, usually operate outside the approved IT applications, meaning they aren’t actually subject to enterprise policies governing compliance and information protection. It is obviously a challenge for any IT professional to give up control over the IT systems they depend on. As Enterprise 2.0 is decentralised and ad hoc, control is in the hands of users rather than the IT department …